diff --git a/docs/api/fileactionsmenu.rst b/docs/api/fileactionsmenu.rst new file mode 100644 index 00000000..47ff7fc6 --- /dev/null +++ b/docs/api/fileactionsmenu.rst @@ -0,0 +1,25 @@ +================ +File Action Menu +================ + +File Action Menu is a simple API for adding entry to the file actions menu. + +Usage +^^^^^ + +How to use FileActionMenu, known restrictions and limitations. + +Register +^^^^^^^^ + +How to register FileActionMenu + + +Unregister +^^^^^^^^^^ + + +Example +^^^^^^^ + +List video to gif and scaler examples diff --git a/docs/authentication.rst b/docs/authentication.rst index f484b195..4c7b14cd 100644 --- a/docs/authentication.rst +++ b/docs/authentication.rst @@ -99,6 +99,7 @@ Authentication flow in details Nextcloud->>+AppEcosystemV2: Validate request AppEcosystemV2-->>AppEcosystemV2: Check if ExApp exists and enabled AppEcosystemV2-->>Nextcloud: Reject if ExApp not exists or disabled + AppEcosystemV2-->>AppEcosystemV2: Check if ExApp version changed AppEcosystemV2-->>AppEcosystemV2: Validate AE-SIGN-TIME AppEcosystemV2-->>Nextcloud: Reject if sign time diff > 5 min AppEcosystemV2-->>AppEcosystemV2: Generate and validate AE-SIGNATURE diff --git a/lib/Db/ExAppMapper.php b/lib/Db/ExAppMapper.php index 55fe14bd..20a2a205 100644 --- a/lib/Db/ExAppMapper.php +++ b/lib/Db/ExAppMapper.php @@ -102,4 +102,16 @@ public function updateLastCheckTime(ExApp $exApp): int { $qb->expr()->eq('appid', $qb->createNamedParameter($exApp->getAppid())) )->executeStatement(); } + + /** + * @throws Exception + */ + public function updateExAppVersion(ExApp $exApp): int { + $qb = $this->db->getQueryBuilder(); + return $qb->update($this->tableName) + ->set('version', $qb->createNamedParameter($exApp->getVersion(), IQueryBuilder::PARAM_INT)) + ->where( + $qb->expr()->eq('appid', $qb->createNamedParameter($exApp->getAppid())) + )->executeStatement(); + } } diff --git a/lib/Service/AppEcosystemV2Service.php b/lib/Service/AppEcosystemV2Service.php index 757ee191..ad3776be 100644 --- a/lib/Service/AppEcosystemV2Service.php +++ b/lib/Service/AppEcosystemV2Service.php @@ -448,6 +448,7 @@ private function generateDataHash(string $data): string { /** * AppEcosystem authentication request validation for Nextcloud: * - checks if ExApp exists and is enabled + * - checks if ExApp version changed and updates it in database * - validates request sign time (if it's complies with set time window) * - builds and checks request signature * - checks if request data hash is valid @@ -467,6 +468,10 @@ public function validateExAppRequestToNC(IRequest $request, bool $isDav = false) return false; } + if (!$this->handleExAppVersionChange($request, $exApp)) { + return false; + } + $enabled = $exApp->getEnabled(); if (!$enabled) { $this->logger->error(sprintf('ExApp with appId %s is disabled (%s)', $request->getHeader('EX-APP-ID'), $enabled)); @@ -605,6 +610,36 @@ public function updateExAppLastCheckTime(ExApp &$exApp): void { } } + public function updateExAppVersion(ExApp $exApp): bool { + try { + return $this->exAppMapper->updateExAppVersion($exApp) === 1; + } catch (Exception $e) { + $this->logger->error(sprintf('Failed to update ExApp %s version to %s', $exApp->getAppid(), $exApp->getVersion()), ['exception' => $e]); + return false; + } + } + + /** + * Check if ExApp version changed and update it in database + * + * @param IRequest $request + * @param ExApp $exApp + * + * @return bool + */ + public function handleExAppVersionChange(IRequest $request, ExApp &$exApp): bool { + $requestExAppVersion = $request->getHeader('EX-APP-VERSION'); + $versionValid = $exApp->getVersion() === $requestExAppVersion; + if (!$versionValid) { + // Update ExApp version + $exApp->setVersion($requestExAppVersion); + if (!$this->updateExAppVersion($exApp)) { + return false; + } + } + return true; + } + public function getExAppsList(bool $extended = false): array { try { $exApps = $this->exAppMapper->findAll();