Makes share temporary passwords' expiration time configurable via a s…

…ystem value. This commit is part of #31005 Signed-off-by: Cyrille Bollu <cyrpub@bollu.be>
nextcloud · Mar 6, 2022 · 71ae5a0 · 71ae5a0
1 parent a63016b
commit 71ae5a0
Show file tree

Hide file tree

Showing 2 changed files with 62 additions and 26 deletions.
diff --git a/apps/files_sharing/lib/BackgroundJob/ResetExpiredPasswordsJob.php b/apps/files_sharing/lib/BackgroundJob/ResetExpiredPasswordsJob.php
@@ -22,13 +22,18 @@
 
 use \OCP\AppFramework\Utility\ITimeFactory;
 use \OCP\BackgroundJob\TimedJob;
+use \OCP\DB\QueryBuilder\IQueryBuilder;
 use \OCP\EventDispatcher\IEventDispatcher;
+use \OCP\IConfig;
 use \OCP\IDBConnection;
 use \OCP\Security\IHasher;
 use \OCP\Security\ISecureRandom;
 
 class ResetExpiredPasswordsJob extends TimedJob {
 
+ /** @var IConfig */
+ private $config;
+
  /** @var IDBConnection */
  private $connection;
 
@@ -41,11 +46,12 @@ class ResetExpiredPasswordsJob extends TimedJob {
  /** @var ISecureRandom */
  private $secureRandom;
 
- public function __construct(IDBConnection $connection, IEventDispatcher $eventDispatcher,
+ public function __construct(IConfig $config, IDBConnection $connection, IEventDispatcher $eventDispatcher,
  IHasher $hasher, ISecureRandom $secureRandom, ITimeFactory $time) {
 
  parent::__construct($time);
 
+ $this->config = $config;
  $this->connection = $connection;
  $this->eventDispatcher = $eventDispatcher;
  $this->hasher = $hasher;
@@ -63,7 +69,7 @@ protected function run($argument) {
  // I THINK SO, BECAUSE EVERYTHING HAPPENS ON THE SERVER, HENCE ON THE SAME TZ
  $qb->select('id')
  ->from('share')
- ->where($qb->expr()->lte('password_expiration_time', $qb->createNamedParameter((new \DateTime())->format('Y-m-d H:i:s'))));
+ ->where($qb->expr()->lte('password_expiration_time', $qb->createNamedParameter((new \DateTime())->format('Y-m-d H:i:s'), IQueryBuilder::PARAM_DATE)));
 
  $result = $qb->execute();
  while ($row = $result->fetch()) {
@@ -73,12 +79,28 @@ protected function run($argument) {
  $this->eventDispatcher->dispatchTyped($event);
  $password = $event->getPassword() ?? $this->hasher->hash($this->secureRandom->generate(20));
 
- // Updates share password and expiration time
- $qb->update('share')
- ->where($qb->expr()->eq('id', $qb->createNamedParameter($row['id'])))
- ->set('password', $qb->createNamedParameter($password))
- ->set('password_expiration_time', $qb->createNamedParameter((new \DateTime())->add(new \DateInterval('P1D'))->format('Y-m-d H:i:s')))
- ->execute();
+ // Gets password expiration interval. Default to 15 minutes
+ $expirationInterval = $this->config->getSystemValue('share_temporary_password_expiration_interval');
+ if ($expirationInterval === '') {
+ $expirationInterval = 'P0DT15M';
+ }
+
+ // Computes new password expiration time.
+ $now = new \DateTime();
+ try {
+ $expirationTime = $now->add(new \DateInterval($expirationInterval));
+ } catch (\Exception $e) {
+ // Catches invalid format for system value 'share_temporary_password_expiration_interval'
+ $expirationTime = $now->add(new \DateInterval('P0DT15M'));
+ } finally {
+
+ // Updates share password and expiration time
+ $qb->update('share')
+ ->where($qb->expr()->eq('id', $qb->createNamedParameter($row['id'])))
+ ->set('password', $qb->createNamedParameter($password))
+ ->set('password_expiration_time', $qb->createNamedParameter($expirationTime->format('Y-m-d H:i:s'), IQueryBuilder::PARAM_DATE))
+ ->execute();
+ }
  }
 
  }

diff --git a/apps/sharebymail/lib/ShareByMailProvider.php b/apps/sharebymail/lib/ShareByMailProvider.php
@@ -745,29 +745,43 @@ public function update(IShare $share, $plainTextPassword = null, bool $sendEmail
  }
  }
 
+ // Gets password expiration interval. Defaults to 15 minutes.
+ $expirationInterval = $this->config->getSystemValue('share_temporary_password_expiration_interval');
+ if ($expirationInterval === '') {
+ $expirationInterval = 'P0DT15M';
+ }
+
  /*
  * We allow updating the permissions and password of mail shares
  */
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->update('share')
- ->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))
- ->set('permissions', $qb->createNamedParameter($share->getPermissions()))
- ->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))
- ->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))
- ->set('password', $qb->createNamedParameter($share->getPassword()))
- ->set('password_expiration_time', $qb->createNamedParameter((new \DateTime())->add(new \DateInterval('P1D')), IQueryBuilder::PARAM_DATE))
- ->set('label', $qb->createNamedParameter($share->getLabel()))
- ->set('password_by_talk', $qb->createNamedParameter($share->getSendPasswordByTalk(), IQueryBuilder::PARAM_BOOL))
- ->set('expiration', $qb->createNamedParameter($share->getExpirationDate(), IQueryBuilder::PARAM_DATE))
- ->set('note', $qb->createNamedParameter($share->getNote()))
- ->set('hide_download', $qb->createNamedParameter((int)$share->getHideDownload(), IQueryBuilder::PARAM_INT))
- ->executeStatement();
+ $now = new \DateTime();
+ try {
+ $expirationTime = $now->add(new \DateInterval($expirationInterval));
+ } catch (\Exception $e) {
+ // Catches invalid format for system value 'share_temporary_password_expiration_interval'
+ $expirationTime = $now->add(new \DateInterval('P0DT15M'));
+ } finally {
+ $qb = $this->dbConnection->getQueryBuilder();
+ $qb->update('share')
+ ->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))
+ ->set('permissions', $qb->createNamedParameter($share->getPermissions()))
+ ->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))
+ ->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))
+ ->set('password', $qb->createNamedParameter($share->getPassword()))
+ ->set('password_expiration_time', $qb->createNamedParameter($expirationTime->format('Y-m-d H:i:s'), IQueryBuilder::PARAM_DATE))
+ ->set('label', $qb->createNamedParameter($share->getLabel()))
+ ->set('password_by_talk', $qb->createNamedParameter($share->getSendPasswordByTalk(), IQueryBuilder::PARAM_BOOL))
+ ->set('expiration', $qb->createNamedParameter($share->getExpirationDate(), IQueryBuilder::PARAM_DATE))
+ ->set('note', $qb->createNamedParameter($share->getNote()))
+ ->set('hide_download', $qb->createNamedParameter((int)$share->getHideDownload(), IQueryBuilder::PARAM_INT))
+ ->executeStatement();
+
+ if ($originalShare->getNote() !== $share->getNote() && $share->getNote() !== '') {
+ $this->sendNote($share);
+ }
 
- if ($originalShare->getNote() !== $share->getNote() && $share->getNote() !== '') {
- $this->sendNote($share);
+ return $share;
  }
-
- return $share;
  }
 
  /**