plugins-nextcloud-mirror/spreed
1
0
Fork 0
mirror of https://github.com/nextcloud/spreed.git synced 2025-12-18 05:20:50 +01:00
Code Projects Releases Activity

techdebt(controllers): Migrate Talk annotations to attributes

Browse source 
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling 2023-04-24 16:17:11 +02:00
parent b2b0bdfba9
commit f39a4299ab
No known key found for this signature in database
GPG key ID: 74434EFE0D2E2205
20 changed files with 450 additions and 305 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
lib/Controller/AvatarController.php
View file

@ -27,6 +27,8 @@ declare(strict_types=1);
namespace OCA\Talk\Controller;
use InvalidArgumentException;
use OCA\Talk\Middleware\Attribute\RequireModeratorParticipant;
use OCA\Talk\Middleware\Attribute\RequireParticipant;
use OCA\Talk\Service\AvatarService;
use OCA\Talk\Service\RoomFormatter;
use OCP\AppFramework\Http;
@ -53,8 +55,8 @@ class AvatarController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireModeratorParticipant
*/
#[RequireModeratorParticipant]
public function uploadAvatar(): DataResponse {
try {
$file = $this->request->getUploadedFile('file');
@ -79,8 +81,8 @@ class AvatarController extends AEnvironmentAwareController {
/**
* @PublicPage
* @NoCSRFRequired
* @RequireParticipant
*/
#[RequireParticipant]
public function getAvatar(bool $darkTheme = false): Response {
$file = $this->avatarService->getAvatar($this->getRoom(), $this->userSession->getUser(), $darkTheme);
@ -94,16 +96,16 @@ class AvatarController extends AEnvironmentAwareController {
/**
* @PublicPage
* @NoCSRFRequired
* @RequireParticipant
*/
#[RequireParticipant]
public function getAvatarDark(): Response {
return $this->getAvatar(true);
}
/**
* @PublicPage
* @RequireModeratorParticipant
*/
#[RequireModeratorParticipant]
public function deleteAvatar(): DataResponse {
$this->avatarService->deleteAvatar($this->getRoom());
return new DataResponse($this->roomFormatter->formatRoom(

25
lib/Controller/BreakoutRoomController.php
View file

@ -27,6 +27,8 @@ namespace OCA\Talk\Controller;
use InvalidArgumentException;
use OCA\Talk\Exceptions\ParticipantNotFoundException;
use OCA\Talk\Middleware\Attribute\RequireLoggedInModeratorParticipant;
use OCA\Talk\Middleware\Attribute\RequireLoggedInParticipant;
use OCA\Talk\Service\BreakoutRoomService;
use OCA\Talk\Service\ParticipantService;
use OCA\Talk\Service\RoomFormatter;
@ -49,13 +51,8 @@ class BreakoutRoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*
* @param int $mode
* @param int $amount
* @param string $attendeeMap
* @return DataResponse
*/
#[RequireLoggedInModeratorParticipant]
public function configureBreakoutRooms(int $mode, int $amount, string $attendeeMap = '[]'): DataResponse {
try {
$rooms = $this->breakoutRoomService->setupBreakoutRooms($this->room, $mode, $amount, $attendeeMap);
@ -69,8 +66,8 @@ class BreakoutRoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*/
#[RequireLoggedInModeratorParticipant]
public function removeBreakoutRooms(): DataResponse {
$this->breakoutRoomService->removeBreakoutRooms($this->room);
@ -84,8 +81,8 @@ class BreakoutRoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*/
#[RequireLoggedInModeratorParticipant]
public function broadcastChatMessage(string $message): DataResponse {
try {
$rooms = $this->breakoutRoomService->broadcastChatMessage($this->room, $this->participant, $message);
@ -100,8 +97,8 @@ class BreakoutRoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*/
#[RequireLoggedInModeratorParticipant]
public function applyAttendeeMap(string $attendeeMap): DataResponse {
try {
$rooms = $this->breakoutRoomService->applyAttendeeMap($this->room, $attendeeMap);
@ -114,8 +111,8 @@ class BreakoutRoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInParticipant
*/
#[RequireLoggedInParticipant]
public function requestAssistance(): DataResponse {
try {
$this->breakoutRoomService->requestAssistance($this->room);
@ -133,8 +130,8 @@ class BreakoutRoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInParticipant
*/
#[RequireLoggedInParticipant]
public function resetRequestForAssistance(): DataResponse {
try {
$this->breakoutRoomService->resetRequestForAssistance($this->room);
@ -152,8 +149,8 @@ class BreakoutRoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*/
#[RequireLoggedInModeratorParticipant]
public function startBreakoutRooms(): DataResponse {
try {
$rooms = $this->breakoutRoomService->startBreakoutRooms($this->room);
@ -167,8 +164,8 @@ class BreakoutRoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*/
#[RequireLoggedInModeratorParticipant]
public function stopBreakoutRooms(): DataResponse {
try {
$rooms = $this->breakoutRoomService->stopBreakoutRooms($this->room);
@ -182,8 +179,8 @@ class BreakoutRoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInParticipant
*/
#[RequireLoggedInParticipant]
public function switchBreakoutRoom(string $target): DataResponse {
try {
$room = $this->breakoutRoomService->switchBreakoutRoom($this->room, $this->participant, $target);

36
lib/Controller/CallController.php
View file

@ -28,6 +28,10 @@ declare(strict_types=1);
namespace OCA\Talk\Controller;
use OCA\Talk\Middleware\Attribute\RequireCallEnabled;
use OCA\Talk\Middleware\Attribute\RequireModeratorOrNoLobby;
use OCA\Talk\Middleware\Attribute\RequireParticipant;
use OCA\Talk\Middleware\Attribute\RequirePermission;
use OCA\Talk\Middleware\Attribute\RequireReadWriteConversation;
use OCA\Talk\Model\Attendee;
use OCA\Talk\Model\Session;
use OCA\Talk\Participant;
@ -62,13 +66,11 @@ class CallController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireReadWriteConversation
* @RequireModeratorOrNoLobby
*
* @return DataResponse
*/
#[RequireCallEnabled]
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
#[RequireReadWriteConversation]
public function getPeersForCall(): DataResponse {
$timeout = $this->timeFactory->getTime() - Session::SESSION_TIMEOUT;
$result = [];
@ -104,15 +106,11 @@ class CallController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireReadWriteConversation
* @RequireModeratorOrNoLobby
*
* @param int|null $flags
* @param int|null $forcePermissions
* @return DataResponse
*/
#[RequireCallEnabled]
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
#[RequireReadWriteConversation]
public function joinCall(?int $flags = null, ?int $forcePermissions = null, bool $silent = false): DataResponse {
$this->participantService->ensureOneToOneRoomIsFilled($this->room);
@ -137,13 +135,10 @@ class CallController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequirePermissions(permissions=call-start)
*
* @param int $attendeeId
* @return DataResponse
*/
#[RequireCallEnabled]
#[RequireParticipant]
#[RequirePermission(permission: RequirePermission::START_CALL)]
public function ringAttendee(int $attendeeId): DataResponse {
if ($this->room->getCallFlag() === Participant::FLAG_DISCONNECTED) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);
@ -162,11 +157,8 @@ class CallController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
*
* @param int flags
* @return DataResponse
*/
#[RequireParticipant]
public function updateCallFlags(int $flags): DataResponse {
$session = $this->participant->getSession();
if (!$session instanceof Session) {
@ -184,11 +176,11 @@ class CallController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
*
* @param bool $all whether to also terminate the call for all participants
* @return DataResponse
*/
#[RequireParticipant]
public function leaveCall(bool $all = false): DataResponse {
$session = $this->participant->getSession();
if (!$session instanceof Session) {

86
lib/Controller/ChatController.php
View file

@ -31,6 +31,11 @@ use OCA\Talk\Chat\MessageParser;
use OCA\Talk\Chat\ReactionManager;
use OCA\Talk\GuestManager;
use OCA\Talk\MatterbridgeManager;
use OCA\Talk\Middleware\Attribute\RequireModeratorOrNoLobby;
use OCA\Talk\Middleware\Attribute\RequireModeratorParticipant;
use OCA\Talk\Middleware\Attribute\RequireParticipant;
use OCA\Talk\Middleware\Attribute\RequirePermission;
use OCA\Talk\Middleware\Attribute\RequireReadWriteConversation;
use OCA\Talk\Model\Attachment;
use OCA\Talk\Model\Attendee;
use OCA\Talk\Model\Message;
@ -188,10 +193,6 @@ class ChatController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireReadWriteConversation
* @RequirePermissions(permissions=chat)
* @RequireModeratorOrNoLobby
*
* Sends a new chat message to the given room.
*
@ -207,6 +208,10 @@ class ChatController extends AEnvironmentAwareController {
* "404 Not found" if the room or session for a guest user was not
* found".
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
#[RequirePermission(permission: RequirePermission::CHAT)]
#[RequireReadWriteConversation]
public function sendMessage(string $message, string $actorDisplayName = '', string $referenceId = '', int $replyTo = 0, bool $silent = false): DataResponse {
[$actorType, $actorId] = $this->getActorInfo($actorDisplayName);
if (!$actorId) {
@ -245,10 +250,6 @@ class ChatController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireReadWriteConversation
* @RequirePermissions(permissions=chat)
* @RequireModeratorOrNoLobby
*
* Sends a rich-object to the given room.
*
@ -264,6 +265,10 @@ class ChatController extends AEnvironmentAwareController {
* "404 Not found" if the room or session for a guest user was not
* found".
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
#[RequirePermission(permission: RequirePermission::CHAT)]
#[RequireReadWriteConversation]
public function shareObjectToChat(string $objectType, string $objectId, string $metaData = '', string $actorDisplayName = '', string $referenceId = ''): DataResponse {
[$actorType, $actorId] = $this->getActorInfo($actorDisplayName);
if (!$actorId) {
@ -345,8 +350,6 @@ class ChatController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireModeratorOrNoLobby
*
* Receives chat messages from the given room.
*
@ -374,7 +377,7 @@ class ChatController extends AEnvironmentAwareController {
* will be 0, yet the status will still be 200. Also note that
* `X-Chat-Last-Given` may reference a message not visible and thus not
* returned, but it should be used nevertheless as the $lastKnownMessageId
* for the follow up query.
* for the follow-up query.
*
* @param int $lookIntoFuture Polling for new messages (1) or getting the history of the chat (0)
* @param int $limit Number of chat messages to receive (100 by default, 200 at most)
@ -395,6 +398,8 @@ class ChatController extends AEnvironmentAwareController {
* 'actorDisplayName', 'timestamp' (in seconds and UTC timezone) and
* 'message'.
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
public function receiveMessages(int $lookIntoFuture,
int $limit = 100,
int $lastKnownMessageId = 0,
@ -591,13 +596,13 @@ class ChatController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireModeratorOrNoLobby
*
* @param int $messageId The focused message which should be in the "middle" of the returned context
* @param int $limit Number of chat messages to receive in both directions (50 by default, 100 at most, might return 201 messages)
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
public function getMessageContext(
int $messageId,
int $limit = 50): DataResponse {
@ -657,14 +662,11 @@ class ChatController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireParticipant
* @RequireReadWriteConversation
* @RequirePermissions(permissions=chat)
* @RequireModeratorOrNoLobby
*
* @param int $messageId
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
#[RequirePermission(permission: RequirePermission::CHAT)]
#[RequireReadWriteConversation]
public function deleteMessage(int $messageId): DataResponse {
try {
$message = $this->chatManager->getComment($this->room, (string) $messageId);
@ -730,11 +732,9 @@ class ChatController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireModeratorParticipant
* @RequireReadWriteConversation
*
* @return DataResponse
*/
#[RequireModeratorParticipant]
#[RequireReadWriteConversation]
public function clearHistory(): DataResponse {
$attendee = $this->participant->getAttendee();
if (!$this->participant->hasModeratorPermissions(false)
@ -767,11 +767,8 @@ class ChatController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireParticipant
*
* @param int $lastReadMessage
* @return DataResponse
*/
#[RequireParticipant]
public function setReadMarker(int $lastReadMessage): DataResponse {
$this->participantService->updateLastReadMessage($this->participant, $lastReadMessage);
$response = new DataResponse();
@ -783,10 +780,8 @@ class ChatController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireParticipant
*
* @return DataResponse
*/
#[RequireParticipant]
public function markUnread(): DataResponse {
$message = $this->room->getLastMessage();
$unreadId = 0;
@ -811,12 +806,9 @@ class ChatController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireModeratorOrNoLobby
*
* @param int $limit
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
public function getObjectsSharedInRoomOverview(int $limit = 7): DataResponse {
$limit = min(20, $limit);
@ -859,14 +851,9 @@ class ChatController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireModeratorOrNoLobby
*
* @param string $objectType
* @param int $lastKnownMessageId
* @param int $limit
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
public function getObjectsSharedInRoom(string $objectType, int $lastKnownMessageId = 0, int $limit = 100): DataResponse {
$offset = max(0, $lastKnownMessageId);
$limit = min(200, $limit);
@ -915,16 +902,11 @@ class ChatController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireReadWriteConversation
* @RequirePermissions(permissions=chat)
* @RequireModeratorOrNoLobby
*
* @param string $search
* @param int $limit
* @param bool $includeStatus
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
#[RequirePermission(permission: RequirePermission::CHAT)]
#[RequireReadWriteConversation]
public function mentions(string $search, int $limit = 20, bool $includeStatus = false): DataResponse {
$this->searchPlugin->setContext([
'itemType' => 'chat',

6
lib/Controller/GuestController.php
View file

@ -25,6 +25,7 @@ declare(strict_types=1);
namespace OCA\Talk\Controller;
use OCA\Talk\GuestManager;
use OCA\Talk\Middleware\Attribute\RequireParticipant;
use OCA\Talk\Participant;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\DataResponse;
@ -45,11 +46,8 @@ class GuestController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
*
* @param string $displayName
* @return DataResponse
*/
#[RequireParticipant]
public function setDisplayName(string $displayName): DataResponse {
$participant = $this->getParticipant();
if (!$participant instanceof Participant) {

19
lib/Controller/MatterbridgeController.php
View file

@ -28,6 +28,7 @@ namespace OCA\Talk\Controller;
use OCA\Talk\Exceptions\ImpossibleToKillException;
use OCA\Talk\Manager;
use OCA\Talk\MatterbridgeManager;
use OCA\Talk\Middleware\Attribute\RequireLoggedInModeratorParticipant;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\DataResponse;
use OCP\IRequest;
@ -54,10 +55,8 @@ class MatterbridgeController extends AEnvironmentAwareController {
* Get bridge information of one room
*
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*
* @return DataResponse
*/
#[RequireLoggedInModeratorParticipant]
public function getBridgeOfRoom(): DataResponse {
$pid = $this->bridgeManager->checkBridge($this->room);
$logContent = $this->bridgeManager->getBridgeLog($this->room);
@ -71,10 +70,8 @@ class MatterbridgeController extends AEnvironmentAwareController {
* Get bridge process information
*
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*
* @return DataResponse
*/
#[RequireLoggedInModeratorParticipant]
public function getBridgeProcessState(): DataResponse {
$state = $this->bridgeManager->getBridgeProcessState($this->room);
return new DataResponse($state);
@ -84,12 +81,8 @@ class MatterbridgeController extends AEnvironmentAwareController {
* Edit bridge information of one room
*
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*
* @param bool $enabled
* @param array $parts
* @return DataResponse
*/
#[RequireLoggedInModeratorParticipant]
public function editBridgeOfRoom(bool $enabled, array $parts = []): DataResponse {
try {
$state = $this->bridgeManager->editBridgeOfRoom($this->room, $this->userId, $enabled, $parts);
@ -103,10 +96,8 @@ class MatterbridgeController extends AEnvironmentAwareController {
* Delete bridge of one room
*
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*
* @return DataResponse
*/
#[RequireLoggedInModeratorParticipant]
public function deleteBridgeOfRoom(): DataResponse {
try {
$success = $this->bridgeManager->deleteBridgeOfRoom($this->room);

36
lib/Controller/PollController.php
View file

@ -28,6 +28,10 @@ namespace OCA\Talk\Controller;
use OCA\Talk\Chat\ChatManager;
use OCA\Talk\Exceptions\WrongPermissionsException;
use OCA\Talk\Middleware\Attribute\RequireModeratorOrNoLobby;
use OCA\Talk\Middleware\Attribute\RequireParticipant;
use OCA\Talk\Middleware\Attribute\RequirePermission;
use OCA\Talk\Middleware\Attribute\RequireReadWriteConversation;
use OCA\Talk\Model\Poll;
use OCA\Talk\Model\Vote;
use OCA\Talk\Room;
@ -67,17 +71,11 @@ class PollController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireReadWriteConversation
* @RequirePermissions(permissions=chat)
* @RequireModeratorOrNoLobby
*
* @param string $question
* @param array $options
* @param int $resultMode
* @param int $maxVotes
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
#[RequirePermission(permission: RequirePermission::CHAT)]
#[RequireReadWriteConversation]
public function createPoll(string $question, array $options, int $resultMode, int $maxVotes): DataResponse {
if ($this->room->getType() !== Room::TYPE_GROUP
&& $this->room->getType() !== Room::TYPE_PUBLIC) {
@ -125,12 +123,9 @@ class PollController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireModeratorOrNoLobby
*
* @param int $pollId
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
public function showPoll(int $pollId): DataResponse {
try {
$poll = $this->pollService->getPoll($this->room->getId(), $pollId);
@ -149,13 +144,13 @@ class PollController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireModeratorOrNoLobby
*
* @param int $pollId
* @param int[] $optionIds
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
public function votePoll(int $pollId, array $optionIds = []): DataResponse {
try {
$poll = $this->pollService->getPoll($this->room->getId(), $pollId);
@ -197,12 +192,9 @@ class PollController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireModeratorOrNoLobby
*
* @param int $pollId
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
public function closePoll(int $pollId): DataResponse {
try {
$poll = $this->pollService->getPoll($this->room->getId(), $pollId);

36
lib/Controller/ReactionController.php
View file

@ -29,6 +29,10 @@ use OCA\Talk\Chat\ReactionManager;
use OCA\Talk\Exceptions\ReactionAlreadyExistsException;
use OCA\Talk\Exceptions\ReactionNotSupportedException;
use OCA\Talk\Exceptions\ReactionOutOfContextException;
use OCA\Talk\Middleware\Attribute\RequireModeratorOrNoLobby;
use OCA\Talk\Middleware\Attribute\RequireParticipant;
use OCA\Talk\Middleware\Attribute\RequirePermission;
use OCA\Talk\Middleware\Attribute\RequireReadWriteConversation;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\DataResponse;
use OCP\Comments\NotFoundException;
@ -48,15 +52,11 @@ class ReactionController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireReadWriteConversation
* @RequirePermissions(permissions=chat)
* @RequireModeratorOrNoLobby
*
* @param int $messageId for reaction
* @param string $reaction the reaction emoji
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
#[RequirePermission(permission: RequirePermission::CHAT)]
#[RequireReadWriteConversation]
public function react(int $messageId, string $reaction): DataResponse {
try {
$this->reactionManager->addReactionMessage(
@ -79,15 +79,11 @@ class ReactionController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireReadWriteConversation
* @RequirePermissions(permissions=chat)
* @RequireModeratorOrNoLobby
*
* @param int $messageId for reaction
* @param string $reaction the reaction emoji
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
#[RequirePermission(permission: RequirePermission::CHAT)]
#[RequireReadWriteConversation]
public function delete(int $messageId, string $reaction): DataResponse {
try {
$this->reactionManager->deleteReactionMessage(
@ -108,13 +104,9 @@ class ReactionController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireModeratorOrNoLobby
*
* @param int $messageId for reaction
* @param string|null $reaction the reaction emoji
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
public function getReactions(int $messageId, ?string $reaction): DataResponse {
try {
// Verify that messageId is part of the room

13
lib/Controller/RecordingController.php
View file

@ -31,6 +31,9 @@ use OCA\Talk\Config;
use OCA\Talk\Exceptions\ParticipantNotFoundException;
use OCA\Talk\Exceptions\RoomNotFoundException;
use OCA\Talk\Manager;
use OCA\Talk\Middleware\Attribute\RequireLoggedInModeratorParticipant;
use OCA\Talk\Middleware\Attribute\RequireModeratorParticipant;
use OCA\Talk\Middleware\Attribute\RequireRoom;
use OCA\Talk\Room;
use OCA\Talk\Service\ParticipantService;
use OCA\Talk\Service\RecordingService;
@ -266,8 +269,8 @@ class RecordingController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*/
#[RequireLoggedInModeratorParticipant]
public function start(int $status): DataResponse {
try {
$this->recordingService->start($this->room, $status, $this->userId, $this->participant);
@ -279,8 +282,8 @@ class RecordingController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*/
#[RequireLoggedInModeratorParticipant]
public function stop(): DataResponse {
try {
$this->recordingService->stop($this->room, $this->participant);
@ -292,9 +295,9 @@ class RecordingController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireRoom
*/
#[BruteForceProtection(action: 'talkRecordingSecret')]
#[RequireRoom]
public function store(string $owner): DataResponse {
$data = $this->room->getToken();
if (!$this->validateBackendRequest($data)) {
@ -320,8 +323,8 @@ class RecordingController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireModeratorParticipant
*/
#[RequireModeratorParticipant]
public function notificationDismiss(int $timestamp): DataResponse {
try {
$this->recordingService->notificationDismiss(
@ -337,8 +340,8 @@ class RecordingController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireModeratorParticipant
*/
#[RequireModeratorParticipant]
public function shareToChat(int $fileId, int $timestamp): DataResponse {
try {
$this->recordingService->shareToChat(

149
lib/Controller/RoomController.php
View file

@ -38,6 +38,12 @@ use OCA\Talk\Exceptions\UnauthorizedException;
use OCA\Talk\GuestManager;
use OCA\Talk\Manager;
use OCA\Talk\MatterbridgeManager;
use OCA\Talk\Middleware\Attribute\RequireLoggedInModeratorParticipant;
use OCA\Talk\Middleware\Attribute\RequireLoggedInParticipant;
use OCA\Talk\Middleware\Attribute\RequireModeratorOrNoLobby;
use OCA\Talk\Middleware\Attribute\RequireModeratorParticipant;
use OCA\Talk\Middleware\Attribute\RequireParticipant;
use OCA\Talk\Middleware\Attribute\RequireRoom;
use OCA\Talk\Model\Attendee;
use OCA\Talk\Model\BreakoutRoom;
use OCA\Talk\Model\Session;
@ -284,11 +290,9 @@ class RoomController extends AEnvironmentAwareController {
* Get all (for moderators and in case of "free selection) or the assigned breakout room
*
* @NoAdminRequired
* @RequireLoggedInParticipant
*
* @return DataResponse
*/
#[BruteForceProtection(action: 'talkRoomToken')]
#[RequireLoggedInParticipant]
public function getBreakoutRooms(): DataResponse {
try {
$rooms = $this->breakoutRoomService->getBreakoutRooms($this->room, $this->participant);
@ -614,10 +618,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInParticipant
*
* @return DataResponse
*/
#[RequireLoggedInParticipant]
public function addToFavorites(): DataResponse {
$this->participantService->updateFavoriteStatus($this->participant, true);
return new DataResponse([]);
@ -625,10 +627,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInParticipant
*
* @return DataResponse
*/
#[RequireLoggedInParticipant]
public function removeFromFavorites(): DataResponse {
$this->participantService->updateFavoriteStatus($this->participant, false);
return new DataResponse([]);
@ -636,11 +636,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInParticipant
*
* @param int $level
* @return DataResponse
*/
#[RequireLoggedInParticipant]
public function setNotificationLevel(int $level): DataResponse {
try {
$this->participantService->updateNotificationLevel($this->participant, $level);
@ -653,11 +650,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInParticipant
*
* @param int $level
* @return DataResponse
*/
#[RequireLoggedInParticipant]
public function setNotificationCalls(int $level): DataResponse {
try {
$this->participantService->updateNotificationCalls($this->participant, $level);
@ -670,11 +664,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireModeratorParticipant
*
* @param string $roomName
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function renameRoom(string $roomName): DataResponse {
if ($this->room->getType() === Room::TYPE_ONE_TO_ONE || $this->room->getType() === Room::TYPE_ONE_TO_ONE_FORMER) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);
@ -692,11 +683,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireModeratorParticipant
*
* @param string $description
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function setDescription(string $description): DataResponse {
if ($this->room->getType() === Room::TYPE_ONE_TO_ONE || $this->room->getType() === Room::TYPE_ONE_TO_ONE_FORMER) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);
@ -713,10 +701,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireModeratorParticipant
*
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function deleteRoom(): DataResponse {
if ($this->room->getType() === Room::TYPE_ONE_TO_ONE || $this->room->getType() === Room::TYPE_ONE_TO_ONE_FORMER) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);
@ -729,12 +715,9 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireModeratorOrNoLobby
*
* @param bool $includeStatus
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
public function getParticipants(bool $includeStatus = false): DataResponse {
if ($this->participant->getAttendee()->getParticipantType() === Participant::GUEST) {
return new DataResponse([], Http::STATUS_FORBIDDEN);
@ -747,12 +730,9 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireParticipant
* @RequireModeratorOrNoLobby
*
* @param bool $includeStatus
* @return DataResponse
*/
#[RequireModeratorOrNoLobby]
#[RequireParticipant]
public function getBreakoutRoomParticipants(bool $includeStatus = false): DataResponse {
if ($this->participant->getAttendee()->getParticipantType() === Participant::GUEST) {
return new DataResponse([], Http::STATUS_FORBIDDEN);
@ -903,12 +883,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*
* @param string $newParticipant
* @param string $source
* @return DataResponse
*/
#[RequireLoggedInModeratorParticipant]
public function addParticipantToRoom(string $newParticipant, string $source = 'users'): DataResponse {
if ($this->room->getType() === Room::TYPE_ONE_TO_ONE
|| $this->room->getType() === Room::TYPE_ONE_TO_ONE_FORMER
@ -1054,10 +1030,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInParticipant
*
* @return DataResponse
*/
#[RequireLoggedInParticipant]
public function removeSelfFromRoom(): DataResponse {
return $this->removeSelfFromRoomLogic($this->room, $this->participant);
}
@ -1095,11 +1069,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireModeratorParticipant
*
* @param int $attendeeId
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function removeAttendeeFromRoom(int $attendeeId): DataResponse {
try {
$targetParticipant = $this->participantService->getParticipantByAttendeeId($this->room, $attendeeId);
@ -1130,10 +1101,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*
* @return DataResponse
*/
#[RequireLoggedInModeratorParticipant]
public function makePublic(): DataResponse {
if (!$this->roomService->setType($this->room, Room::TYPE_PUBLIC)) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);
@ -1144,10 +1113,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireLoggedInModeratorParticipant
*
* @return DataResponse
*/
#[RequireLoggedInModeratorParticipant]
public function makePrivate(): DataResponse {
if (!$this->roomService->setType($this->room, Room::TYPE_GROUP)) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);
@ -1158,11 +1125,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireModeratorParticipant
*
* @param int $state
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function setReadOnly(int $state): DataResponse {
if (!$this->roomService->setReadOnly($this->room, $state)) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);
@ -1182,11 +1146,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireModeratorParticipant
*
* @param int $scope
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function setListable(int $scope): DataResponse {
if (!$this->roomService->setListable($this->room, $scope)) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);
@ -1197,11 +1158,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireModeratorParticipant
*
* @param string $password
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function setPassword(string $password): DataResponse {
if ($this->room->getType() !== Room::TYPE_PUBLIC) {
return new DataResponse([], Http::STATUS_FORBIDDEN);
@ -1305,12 +1263,9 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireRoom
*
* @param string $pin
* @return DataResponse
*/
#[BruteForceProtection(action: 'talkSipBridgeSecret')]
#[RequireRoom]
public function getParticipantByDialInPin(string $pin): DataResponse {
try {
if (!$this->validateSIPBridgeRequest($this->room->getToken())) {
@ -1335,11 +1290,9 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireRoom
*
* @return DataResponse
*/
#[BruteForceProtection(action: 'talkSipBridgeSecret')]
#[RequireRoom]
public function createGuestByDialIn(): DataResponse {
try {
if (!$this->validateSIPBridgeRequest($this->room->getToken())) {
@ -1385,22 +1338,16 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireModeratorParticipant
*
* @param int $attendeeId
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function promoteModerator(int $attendeeId): DataResponse {
return $this->changeParticipantType($attendeeId, true);
}
/**
* @PublicPage
* @RequireModeratorParticipant
*
* @param int $attendeeId
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function demoteModerator(int $attendeeId): DataResponse {
return $this->changeParticipantType($attendeeId, false);
}
@ -1461,11 +1408,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireModeratorParticipant
*
* @param int $permissions
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function setPermissions(string $mode, int $permissions): DataResponse {
if (!$this->roomService->setPermissions($this->room, $mode, Attendee::PERMISSIONS_MODIFY_SET, $permissions, true)) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);
@ -1476,13 +1420,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireModeratorParticipant
*
* @param int $attendeeId
* @param string $method
* @param int $permissions
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function setAttendeePermissions(int $attendeeId, string $method, int $permissions): DataResponse {
try {
$targetParticipant = $this->participantService->getParticipantByAttendeeId($this->room, $attendeeId);
@ -1505,12 +1444,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireModeratorParticipant
*
* @param string $method
* @param int $permissions
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function setAllAttendeesPermissions(string $method, int $permissions): DataResponse {
if (!$this->roomService->setPermissions($this->room, 'call', $method, $permissions, false)) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);
@ -1521,12 +1456,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireModeratorParticipant
*
* @param int $state
* @param int|null $timer
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function setLobby(int $state, ?int $timer = null): DataResponse {
$timerDateTime = null;
if ($timer !== null && $timer > 0) {
@ -1563,11 +1494,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireModeratorParticipant
*
* @param int $state
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function setSIPEnabled(int $state): DataResponse {
$user = $this->userManager->get($this->userId);
if (!$user instanceof IUser) {
@ -1591,11 +1519,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @NoAdminRequired
* @RequireModeratorParticipant
*
* @param int|null $attendeeId attendee id
* @return DataResponse
*/
#[RequireModeratorParticipant]
public function resendInvitations(?int $attendeeId): DataResponse {
$participants = [];
@ -1622,8 +1547,8 @@ class RoomController extends AEnvironmentAwareController {
/**
* @PublicPage
* @RequireModeratorParticipant
*/
#[RequireModeratorParticipant]
public function setMessageExpiration(int $seconds): DataResponse {
if ($seconds < 0) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);

32
lib/Middleware/Attribute/RequireLoggedInModeratorParticipant.php Normal file
View file

@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2023 Joas Schilling <coding@schilljs.com>
*
* @author Joas Schilling <coding@schilljs.com>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace OCA\Talk\Middleware\Attribute;
use Attribute;
#[Attribute(Attribute::TARGET_METHOD)]
class RequireLoggedInModeratorParticipant extends RequireModeratorParticipant {
}

32
lib/Middleware/Attribute/RequireLoggedInParticipant.php Normal file
View file

@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2023 Joas Schilling <coding@schilljs.com>
*
* @author Joas Schilling <coding@schilljs.com>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace OCA\Talk\Middleware\Attribute;
use Attribute;
#[Attribute(Attribute::TARGET_METHOD)]
class RequireLoggedInParticipant extends RequireParticipant {
}

32
lib/Middleware/Attribute/RequireModeratorOrNoLobby.php Normal file
View file

@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2023 Joas Schilling <coding@schilljs.com>
*
* @author Joas Schilling <coding@schilljs.com>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace OCA\Talk\Middleware\Attribute;
use Attribute;
#[Attribute(Attribute::TARGET_METHOD)]
class RequireModeratorOrNoLobby extends RequireRoom {
}

32
lib/Middleware/Attribute/RequireModeratorParticipant.php Normal file
View file

@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2023 Joas Schilling <coding@schilljs.com>
*
* @author Joas Schilling <coding@schilljs.com>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace OCA\Talk\Middleware\Attribute;
use Attribute;
#[Attribute(Attribute::TARGET_METHOD)]
class RequireModeratorParticipant extends RequireParticipant {
}

32
lib/Middleware/Attribute/RequireParticipant.php Normal file
View file

@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2023 Joas Schilling <coding@schilljs.com>
*
* @author Joas Schilling <coding@schilljs.com>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace OCA\Talk\Middleware\Attribute;
use Attribute;
#[Attribute(Attribute::TARGET_METHOD)]
class RequireParticipant extends RequireRoom {
}

44
lib/Middleware/Attribute/RequirePermission.php Normal file
View file

@ -0,0 +1,44 @@
<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2023 Joas Schilling <coding@schilljs.com>
*
* @author Joas Schilling <coding@schilljs.com>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace OCA\Talk\Middleware\Attribute;
use Attribute;
#[Attribute(Attribute::TARGET_METHOD | Attribute::IS_REPEATABLE)]
class RequirePermission {
public const CHAT = 'chat';
public const START_CALL = 'call-start';
public function __construct(
protected string $permission
) {
}
public function getPermission(): string {
return $this->permission;
}
}

32
lib/Middleware/Attribute/RequireReadWriteConversation.php Normal file
View file

@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2023 Joas Schilling <coding@schilljs.com>
*
* @author Joas Schilling <coding@schilljs.com>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace OCA\Talk\Middleware\Attribute;
use Attribute;
#[Attribute(Attribute::TARGET_METHOD)]
class RequireReadWriteConversation extends RequireRoom {
}

32
lib/Middleware/Attribute/RequireRoom.php Normal file
View file

@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2023 Joas Schilling <coding@schilljs.com>
*
* @author Joas Schilling <coding@schilljs.com>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace OCA\Talk\Middleware\Attribute;
use Attribute;
#[Attribute(Attribute::TARGET_METHOD)]
class RequireRoom {
}

62
lib/Middleware/InjectionMiddleware.php
View file

@ -28,6 +28,14 @@ use OCA\Talk\Exceptions\ParticipantNotFoundException;
use OCA\Talk\Exceptions\PermissionsException;
use OCA\Talk\Exceptions\RoomNotFoundException;
use OCA\Talk\Manager;
use OCA\Talk\Middleware\Attribute\RequireLoggedInModeratorParticipant;
use OCA\Talk\Middleware\Attribute\RequireLoggedInParticipant;
use OCA\Talk\Middleware\Attribute\RequireModeratorOrNoLobby;
use OCA\Talk\Middleware\Attribute\RequireModeratorParticipant;
use OCA\Talk\Middleware\Attribute\RequireParticipant;
use OCA\Talk\Middleware\Attribute\RequirePermission;
use OCA\Talk\Middleware\Attribute\RequireReadWriteConversation;
use OCA\Talk\Middleware\Attribute\RequireRoom;
use OCA\Talk\Middleware\Exceptions\LobbyException;
use OCA\Talk\Middleware\Exceptions\NotAModeratorException;
use OCA\Talk\Middleware\Exceptions\ReadOnlyException;
@ -45,13 +53,11 @@ use OCP\AppFramework\Http\Response;
use OCP\AppFramework\Middleware;
use OCP\AppFramework\OCS\OCSException;
use OCP\AppFramework\OCSController;
use OCP\AppFramework\Utility\IControllerMethodReflector;
use OCP\IRequest;
use OCP\Security\Bruteforce\IThrottler;
class InjectionMiddleware extends Middleware {
protected IRequest $request;
protected IControllerMethodReflector $reflector;
protected ParticipantService $participantService;
protected TalkSession $talkSession;
protected Manager $manager;
@ -60,7 +66,6 @@ class InjectionMiddleware extends Middleware {
public function __construct(
IRequest $request,
IControllerMethodReflector $reflector,
ParticipantService $participantService,
TalkSession $talkSession,
Manager $manager,
@ -68,7 +73,6 @@ class InjectionMiddleware extends Middleware {
?string $userId,
) {
$this->request = $request;
$this->reflector = $reflector;
$this->participantService = $participantService;
$this->talkSession = $talkSession;
$this->manager = $manager;
@ -79,51 +83,58 @@ class InjectionMiddleware extends Middleware {
/**
* @param Controller $controller
* @param string $methodName
* @throws RoomNotFoundException
* @throws ParticipantNotFoundException
* @throws NotAModeratorException
* @throws ReadOnlyException
* @throws LobbyException
* @throws NotAModeratorException
* @throws ParticipantNotFoundException
* @throws PermissionsException
* @throws ReadOnlyException
* @throws RoomNotFoundException
*/
public function beforeController($controller, $methodName): void {
public function beforeController(Controller $controller, string $methodName): void {
if (!$controller instanceof AEnvironmentAwareController) {
return;
}
$reflectionMethod = new \ReflectionMethod($controller, $methodName);
$apiVersion = $this->request->getParam('apiVersion');
$controller->setAPIVersion((int) substr($apiVersion, 1));
if ($this->reflector->hasAnnotation('RequireLoggedInParticipant')) {
if (!empty($reflectionMethod->getAttributes(RequireLoggedInParticipant::class))) {
$this->getLoggedIn($controller, false);
}
if ($this->reflector->hasAnnotation('RequireLoggedInModeratorParticipant')) {
if (!empty($reflectionMethod->getAttributes(RequireLoggedInModeratorParticipant::class))) {
$this->getLoggedIn($controller, true);
}
if ($this->reflector->hasAnnotation('RequireParticipant')) {
if (!empty($reflectionMethod->getAttributes(RequireParticipant::class))) {
$this->getLoggedInOrGuest($controller, false);
}
if ($this->reflector->hasAnnotation('RequireModeratorParticipant')) {
if (!empty($reflectionMethod->getAttributes(RequireModeratorParticipant::class))) {
$this->getLoggedInOrGuest($controller, true);
}
if ($this->reflector->hasAnnotation('RequireRoom')) {
if (!empty($reflectionMethod->getAttributes(RequireRoom::class))) {
$this->getRoom($controller);
}
if ($this->reflector->hasAnnotation('RequireReadWriteConversation')) {
if (!empty($reflectionMethod->getAttributes(RequireReadWriteConversation::class))) {
$this->checkReadOnlyState($controller);
}
if ($this->reflector->hasAnnotation('RequireModeratorOrNoLobby')) {
if (!empty($reflectionMethod->getAttributes(RequireModeratorOrNoLobby::class))) {
$this->checkLobbyState($controller);
}
$requiredPermissions = $this->reflector->getAnnotationParameter('RequirePermissions', 'permissions');
$requiredPermissions = $reflectionMethod->getAttributes(RequirePermission::class);
if ($requiredPermissions) {
$this->checkPermissions($controller, $requiredPermissions);
foreach ($requiredPermissions as $attribute) {
/** @var RequirePermission $requirement */
$requirement = $attribute->newInstance();
$this->checkPermission($controller, $requirement->getPermission());
}
}
}
@ -212,20 +223,17 @@ class InjectionMiddleware extends Middleware {
* @param AEnvironmentAwareController $controller
* @throws PermissionsException
*/
protected function checkPermissions(AEnvironmentAwareController $controller, string $permissions): void {
$textPermissions = explode(',', $permissions);
protected function checkPermission(AEnvironmentAwareController $controller, string $permission): void {
$participant = $controller->getParticipant();
if (!$participant instanceof Participant) {
throw new PermissionsException();
}
foreach ($textPermissions as $textPermission) {
if ($textPermission === 'chat' && !($participant->getPermissions() & Attendee::PERMISSIONS_CHAT)) {
throw new PermissionsException();
}
if ($textPermission === 'call-start' && !($participant->getPermissions() & Attendee::PERMISSIONS_CALL_START)) {
throw new PermissionsException();
}
if ($permission === RequirePermission::CHAT && !($participant->getPermissions() & Attendee::PERMISSIONS_CHAT)) {
throw new PermissionsException();
}
if ($permission === RequirePermission::START_CALL && !($participant->getPermissions() & Attendee::PERMISSIONS_CALL_START)) {
throw new PermissionsException();
}
}

9
tests/psalm-baseline.xml
View file

@ -202,14 +202,9 @@
<code>IToken</code>
</UndefinedClass>
</file>
<file src="lib/Middleware/InjectionMiddleware.php">
<UndefinedInterfaceMethod>
<code>getAnnotationParameter</code>
</UndefinedInterfaceMethod>
</file>
<file src="lib/Migration/Version2001Date20170707115443.php">
<InvalidArrayAccess>
<code><![CDATA[$return['num_rooms']]]></code>
<code>$return['num_rooms']</code>
</InvalidArrayAccess>
</file>
<file src="lib/Notification/Notifier.php">
@ -243,7 +238,7 @@
</file>
<file src="lib/Share/Listener.php">
<InvalidArgument>
<code><![CDATA[[self::class, 'listenPreShare']]]></code>
<code>[self::class, 'listenPreShare']</code>
</InvalidArgument>
<UndefinedClass>
<code><![CDATA[$event->getView()]]></code>