From 84c2bffc25a67ff2a229771a4b044a06df6594d3 Mon Sep 17 00:00:00 2001 From: provokateurin Date: Tue, 10 Sep 2024 18:16:52 +0200 Subject: [PATCH] fix(settings): Fix config handling Signed-off-by: provokateurin --- lib/Controller/FolderController.php | 10 ++++++++++ package-lock.json | 30 +++++++++++++++++++++++++++++ package.json | 1 + src/settings/Api.ts | 21 ++++++++++++++++++++ 4 files changed, 62 insertions(+) diff --git a/lib/Controller/FolderController.php b/lib/Controller/FolderController.php index 61e4b4358..33c08720c 100644 --- a/lib/Controller/FolderController.php +++ b/lib/Controller/FolderController.php @@ -113,6 +113,7 @@ private function getRootFolderStorageId(): ?int { /** * @RequireGroupFolderAdmin * @NoAdminRequired + * @PasswordConfirmationRequired */ public function addFolder(string $mountpoint): DataResponse { $id = $this->manager->createFolder($mountpoint); @@ -122,6 +123,7 @@ public function addFolder(string $mountpoint): DataResponse { /** * @NoAdminRequired * @RequireGroupFolderAdmin + * @PasswordConfirmationRequired */ public function removeFolder(int $id): DataResponse { $response = $this->checkFolderExists($id); @@ -137,6 +139,7 @@ public function removeFolder(int $id): DataResponse { /** * @NoAdminRequired * @RequireGroupFolderAdmin + * @PasswordConfirmationRequired */ public function setMountPoint(int $id, string $mountPoint): DataResponse { $this->manager->setMountPoint($id, $mountPoint); @@ -146,6 +149,7 @@ public function setMountPoint(int $id, string $mountPoint): DataResponse { /** * @NoAdminRequired * @RequireGroupFolderAdmin + * @PasswordConfirmationRequired */ public function addGroup(int $id, string $group): DataResponse { $response = $this->checkFolderExists($id); @@ -159,6 +163,7 @@ public function addGroup(int $id, string $group): DataResponse { /** * @NoAdminRequired * @RequireGroupFolderAdmin + * @PasswordConfirmationRequired */ public function removeGroup(int $id, string $group): DataResponse { $response = $this->checkFolderExists($id); @@ -172,6 +177,7 @@ public function removeGroup(int $id, string $group): DataResponse { /** * @NoAdminRequired * @RequireGroupFolderAdmin + * @PasswordConfirmationRequired */ public function setPermissions(int $id, string $group, int $permissions): DataResponse { $response = $this->checkFolderExists($id); @@ -185,6 +191,7 @@ public function setPermissions(int $id, string $group, int $permissions): DataRe /** * @NoAdminRequired * @RequireGroupFolderAdmin + * @PasswordConfirmationRequired * @throws \OCP\DB\Exception */ public function setManageACL(int $id, string $mappingType, string $mappingId, bool $manageAcl): DataResponse { @@ -199,6 +206,7 @@ public function setManageACL(int $id, string $mappingType, string $mappingId, bo /** * @NoAdminRequired * @RequireGroupFolderAdmin + * @PasswordConfirmationRequired */ public function setQuota(int $id, int $quota): DataResponse { $response = $this->checkFolderExists($id); @@ -212,6 +220,7 @@ public function setQuota(int $id, int $quota): DataResponse { /** * @NoAdminRequired * @RequireGroupFolderAdmin + * @PasswordConfirmationRequired */ public function setACL(int $id, bool $acl): DataResponse { $response = $this->checkFolderExists($id); @@ -225,6 +234,7 @@ public function setACL(int $id, bool $acl): DataResponse { /** * @NoAdminRequired * @RequireGroupFolderAdmin + * @PasswordConfirmationRequired */ public function renameFolder(int $id, string $mountpoint): DataResponse { $response = $this->checkFolderExists($id); diff --git a/package-lock.json b/package-lock.json index 62f42447c..72e56d0ad 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10,6 +10,7 @@ "dependencies": { "@nextcloud/axios": "^2.0.0", "@nextcloud/event-bus": "^3.0.2", + "@nextcloud/password-confirmation": "4.0.4", "@nextcloud/router": "^2.0.0", "@nextcloud/typings": "^1.9.1", "@nextcloud/vue": "^7.3.0", @@ -2288,6 +2289,23 @@ "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, + "node_modules/@nextcloud/password-confirmation": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/@nextcloud/password-confirmation/-/password-confirmation-4.0.4.tgz", + "integrity": "sha512-CdCOWwKU4ejKv0uABn3dfigwPH+tZKUOA38MzZDM4YyL1q9TgKOK90mnrJBvz6EBnlleZEvKlX94jjwPfOdvKw==", + "license": "MIT", + "dependencies": { + "@nextcloud/axios": "^2.0.0", + "@nextcloud/l10n": "^1.6.0", + "@nextcloud/router": "^2.0.0", + "@nextcloud/vue": "^7.0.0-beta.5", + "vue": "^2.7.10" + }, + "engines": { + "node": "^16.0.0", + "npm": "^7.0.0 || ^8.0.0" + } + }, "node_modules/@nextcloud/router": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/@nextcloud/router/-/router-2.0.0.tgz", @@ -14631,6 +14649,18 @@ } } }, + "@nextcloud/password-confirmation": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/@nextcloud/password-confirmation/-/password-confirmation-4.0.4.tgz", + "integrity": "sha512-CdCOWwKU4ejKv0uABn3dfigwPH+tZKUOA38MzZDM4YyL1q9TgKOK90mnrJBvz6EBnlleZEvKlX94jjwPfOdvKw==", + "requires": { + "@nextcloud/axios": "^2.0.0", + "@nextcloud/l10n": "^1.6.0", + "@nextcloud/router": "^2.0.0", + "@nextcloud/vue": "^7.0.0-beta.5", + "vue": "^2.7.10" + } + }, "@nextcloud/router": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/@nextcloud/router/-/router-2.0.0.tgz", diff --git a/package.json b/package.json index 9c8c9f42c..f42987315 100644 --- a/package.json +++ b/package.json @@ -35,6 +35,7 @@ "dependencies": { "@nextcloud/axios": "^2.0.0", "@nextcloud/event-bus": "^3.0.2", + "@nextcloud/password-confirmation": "4.0.4", "@nextcloud/router": "^2.0.0", "@nextcloud/typings": "^1.9.1", "@nextcloud/vue": "^7.3.0", diff --git a/src/settings/Api.ts b/src/settings/Api.ts index 576de24d6..7897ea928 100644 --- a/src/settings/Api.ts +++ b/src/settings/Api.ts @@ -1,5 +1,6 @@ import axios from '@nextcloud/axios' import { generateUrl } from "@nextcloud/router"; +import { confirmPassword } from '@nextcloud/password-confirmation' // eslint-disable-next-line n/no-unpublished-import import type { OCSResponse } from '@nextcloud/typings/lib/ocs' @@ -59,6 +60,8 @@ export class Api { // Updates the list of groups that have been granted delegated admin or subadmin rights on groupfolders async updateDelegatedGroups(newGroups: Group[], classname: string): Promise { + await confirmPassword() + await axios.post(generateUrl('/apps/settings/') + '/settings/authorizedgroups/saveSettings', { newGroups, class: classname, @@ -66,27 +69,39 @@ export class Api { } async createFolder(mountPoint: string): Promise { + await confirmPassword() + const response = await axios.post>(this.getUrl('folders'), { mountpoint: mountPoint }) return response.data.ocs.data } async deleteFolder(id: number): Promise { + await confirmPassword() + await axios.delete(this.getUrl(`folders/${id}`)) } async addGroup(folderId: number, group: string): Promise { + await confirmPassword() + await axios.post(this.getUrl(`folders/${folderId}/groups`), { group }) } async removeGroup(folderId: number, group: string): Promise { + await confirmPassword() + await axios.delete(this.getUrl(`folders/${folderId}/groups/${group}`)) } async setPermissions(folderId: number, group: string, permissions: number): Promise { + await confirmPassword() + await axios.post(this.getUrl(`folders/${folderId}/groups/${group}`), { permissions }) } async setManageACL(folderId: number, type: string, id: string, manageACL: boolean): Promise { + await confirmPassword() + await axios.post(this.getUrl(`folders/${folderId}/manageACL`), { mappingType: type, mappingId: id, @@ -95,14 +110,20 @@ export class Api { } async setQuota(folderId: number, quota: number): Promise { + await confirmPassword() + await axios.post(this.getUrl(`folders/${folderId}/quota`), { quota }) } async setACL(folderId: number, acl: boolean): Promise { + await confirmPassword() + await axios.post(this.getUrl(`folders/${folderId}/acl`), { acl: acl ? 1 : 0 }) } async renameFolder(folderId: number, mountpoint: string): Promise { + await confirmPassword() + await axios.post(this.getUrl(`folders/${folderId}/mountpoint`), { mountpoint }) }