Skip to content

Commit

Permalink
Merge pull request #5981 from nextcloud/backport/5979/stable29
Browse files Browse the repository at this point in the history
[stable29] fix(attachments): Don't require document session for getting attachments
  • Loading branch information
mejo- authored Jul 2, 2024
2 parents 2c2e063 + cfa91a7 commit f8f3f7b
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 10 deletions.
8 changes: 4 additions & 4 deletions lib/Controller/AttachmentController.php
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ public function __construct(
#[PublicPage]
#[RequireDocumentSessionOrUserOrShareToken]
public function getAttachmentList(?string $shareToken = null): DataResponse {
$documentId = $this->getDocument()->getId();
$documentId = $this->getDocumentId();
try {
$session = $this->getSession();
} catch (InvalidSessionException) {
Expand Down Expand Up @@ -195,7 +195,7 @@ private function getUploadedFile(string $key): array {
#[RequireDocumentSessionOrUserOrShareToken]
public function getImageFile(string $imageFileName, ?string $shareToken = null,
int $preferRawImage = 0): DataResponse|DataDownloadResponse {
$documentId = $this->getDocument()->getId();
$documentId = $this->getDocumentId();

try {
if ($shareToken) {
Expand Down Expand Up @@ -229,7 +229,7 @@ public function getImageFile(string $imageFileName, ?string $shareToken = null,
#[NoCSRFRequired]
#[RequireDocumentSessionOrUserOrShareToken]
public function getMediaFile(string $mediaFileName, ?string $shareToken = null): DataResponse|DataDownloadResponse {
$documentId = $this->getDocument()->getId();
$documentId = $this->getDocumentId();

try {
if ($shareToken) {
Expand Down Expand Up @@ -260,7 +260,7 @@ public function getMediaFile(string $mediaFileName, ?string $shareToken = null):
#[NoCSRFRequired]
#[RequireDocumentSessionOrUserOrShareToken]
public function getMediaFilePreview(string $mediaFileName, ?string $shareToken = null) {
$documentId = $this->getDocument()->getId();
$documentId = $this->getDocumentId();

try {
if ($shareToken) {
Expand Down
2 changes: 2 additions & 0 deletions lib/Controller/ISessionAwareController.php
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@
interface ISessionAwareController {
public function getSession(): Session;
public function setSession(Session $session): void;
public function getDocumentId(): int;
public function setDocumentId(int $documentId): void;
public function getDocument(): Document;
public function setDocument(Document $document): void;
public function getUserId(): string;
Expand Down
25 changes: 25 additions & 0 deletions lib/Controller/TSessionAwareController.php
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,18 @@

trait TSessionAwareController {
private ?Session $textSession = null;
private ?int $documentId = null;
private ?Document $document = null;
private ?string $userId = null;

public function setSession(?Session $session): void {
$this->textSession = $session;
}

public function setDocumentId(int $documentId): void {
$this->documentId = $documentId;
}

public function setDocument(?Document $document): void {
$this->document = $document;
}
Expand All @@ -25,6 +30,9 @@ public function setUserId(?string $userId): void {
$this->userId = $userId;
}

/**
* @throws InvalidSessionException
*/
public function getSession(): Session {
if ($this->textSession === null) {
throw new InvalidSessionException();
Expand All @@ -33,6 +41,20 @@ public function getSession(): Session {
return $this->textSession;
}

/**
* @throws InvalidSessionException
*/
public function getDocumentId(): int {
if ($this->documentId === null) {
throw new InvalidSessionException();
}

return $this->documentId;
}

/**
* @throws InvalidSessionException
*/
public function getDocument(): Document {
if ($this->document === null) {
throw new InvalidSessionException();
Expand All @@ -41,6 +63,9 @@ public function getDocument(): Document {
return $this->document;
}

/**
* @throws InvalidSessionException
*/
public function getUserId(): string {
if ($this->userId === null) {
throw new InvalidSessionException();
Expand Down
8 changes: 2 additions & 6 deletions lib/Middleware/SessionMiddleware.php
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,7 @@ private function assertDocumentSession(ISessionAwareController $controller): voi
}

$controller->setSession($session);
$controller->setDocumentId($documentId);
$controller->setDocument($document);
if (!$shareToken) {
$controller->setUserId($session->getUserId());
Expand Down Expand Up @@ -133,12 +134,7 @@ private function assertUserOrShareToken(ISessionAwareController $controller): vo
throw new InvalidSessionException();
}

$document = $this->documentService->getDocument($documentId);
if (!$document) {
throw new InvalidSessionException();
}

$controller->setDocument($document);
$controller->setDocumentId($documentId);
}

public function afterException($controller, $methodName, \Exception $exception): JSONResponse|Response {
Expand Down

0 comments on commit f8f3f7b

Please sign in to comment.