chore(api): allow to call AdminSettingsController without CSRF token

appinfo/info.xml

@@ -5,7 +5,7 @@
     <name>Custom Properties</name>
     <summary>Files app plugin to add custom properties to files and folders</summary>
     <description>Files app plugin to add custom properties to files and folders</description>
-    <version>1.0.0</version>
+    <version>1.0.1</version>
     <licence>agpl</licence>
     <author mail="nextcloud@stekoe.de">SteKoe</author>
     <namespace>CustomProperties</namespace>

build.sh

@@ -38,12 +38,11 @@ signSource() {
 
   rm -rf customproperties/.git customproperties/src
 
-  cid=$(docker run -d -v `pwd`/customproperties:/app -v ~/.nextcloud/certificates/:/nextcloud/certificates/ nextcloud)
+  cid=$(docker run -d -v $(pwd)/customproperties:/app -v ~/.nextcloud/certificates/:/nextcloud/certificates/ nextcloud)
   echo "Sign sources using container '$cid'..."
 
   echo "Waiting for NextCloud to be initialized..."
-  until docker logs $cid 2>&1 | grep "Initializing finished" > /dev/null; 
-  do 
+  until docker logs $cid 2>&1 | grep "Initializing finished" >/dev/null; do
     sleep 1
     echo "Waiting..."
   done
@@ -53,16 +52,16 @@ signSource() {
   docker exec -i $cid /bin/bash -c "chmod -R +w /app" || true
   docker exec -i $cid php occ integrity:sign-app --privateKey=/nextcloud/certificates/customproperties.key --certificate=/nextcloud/certificates/customproperties.crt --path=/app || true
   echo "Tidy up..."
-  docker rm -f $cid > /dev/null
+  docker rm -f $cid >/dev/null
 }
 
 buildArchive() {
   echo "Build archive..."
   (tar -czf customproperties.tar.gz \
-      --exclude=./src/node_modules/ \
-      --exclude=./.git/ \
-      --exclude=./src/ \
-      customproperties/)
+    --exclude=./src/node_modules/ \
+    --exclude=./.git/ \
+    --exclude=./src/ \
+    customproperties/)
 }
 
 createSignature() {

lib/AppInfo/Application.php

@@ -3,28 +3,30 @@
 namespace OCA\CustomProperties\AppInfo;
 
 use OCP\AppFramework\App;
-use OCP\EventDispatcher\IEventDispatcher;
+use OCP\AppFramework\QueryException;
 use OCP\Util;
 
-class Application extends App {
-	const APP_NAME = 'customproperties';
+class Application extends App
+{
+    const APP_NAME = 'customproperties';
 
-	/**
-	 * Application constructor.
-	 *
-	 * @param array $params
-	 * @throws \OCP\AppFramework\QueryException
-	 */
-	public function __construct(array $params = []) {
-		parent::__construct(self::APP_NAME, $params);
+    /**
+     * Application constructor.
+     *
+     * @param array $params
+     * @throws QueryException
+     */
+    public function __construct(array $params = [])
+    {
+        parent::__construct(self::APP_NAME, $params);
 
-		$container = $this->getContainer();
-		$server = $container->getServer();
-		$eventDispatcher = $server->getEventDispatcher();
+        $container = $this->getContainer();
+        $server = $container->getServer();
+        $eventDispatcher = $server->getEventDispatcher();
 
-		$eventDispatcher->addListener('OCA\Files::loadAdditionalScripts', function () {
-			Util::addStyle('customproperties', 'sidebartab');
-			Util::addScript('customproperties', 'sidebartab');
-		});
-	}
+        $eventDispatcher->addListener('OCA\Files::loadAdditionalScripts', function () {
+            Util::addStyle('customproperties', 'sidebartab');
+            Util::addScript('customproperties', 'sidebartab');
+        });
+    }
 }

lib/Controller/AdminSettingsController.php

@@ -8,44 +8,52 @@
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\IRequest;
 
-class AdminSettingsController extends Controller {
-
-	/**
-	 * @var CustomPropertiesMapper
-	 */
-	private $customPropertiesMapper;
-
-	public function __construct($AppName, IRequest $request, CustomPropertiesMapper $customPropertiesMapper) {
-		parent::__construct($AppName, $request);
-		$this->customPropertiesMapper = $customPropertiesMapper;
-	}
-
-	/**
-	 * @return JSONResponse
-	 */
-	public function index() :JSONResponse {
-		$res = $this->customPropertiesMapper->findAll();
-		return new JSONResponse($res);
-	}
-
-	/**
-	 * @param string $propertylabel
-	 * @return CustomProperty
-	 */
-	public function create(string $propertylabel) : CustomProperty {
-		$customProperty = new CustomProperty();
-		$customProperty->setPropertylabel($propertylabel);
-		$customProperty->setPropertyname(CustomProperty::createSlug($propertylabel));
-		return $this->customPropertiesMapper->insert($customProperty);
-	}
-
-	/**
-	 * @param int $id
-	 * @return CustomProperty
-	 */
-	public function delete(int $id) : CustomProperty {
-		$customProperty = $this->customPropertiesMapper->findById($id);
-		return $this->customPropertiesMapper->delete($customProperty);
-	}
+class AdminSettingsController extends Controller
+{
+
+    /**
+     * @var CustomPropertiesMapper
+     */
+    private $customPropertiesMapper;
+
+    public function __construct($AppName, IRequest $request, CustomPropertiesMapper $customPropertiesMapper)
+    {
+        parent::__construct($AppName, $request);
+        $this->customPropertiesMapper = $customPropertiesMapper;
+    }
+
+    /**
+     * @NoCSRFRequired
+     * @return JSONResponse
+     */
+    public function index(): JSONResponse
+    {
+        $res = $this->customPropertiesMapper->findAll();
+        return new JSONResponse($res);
+    }
+
+    /**
+     * @NoCSRFRequired
+     * @param string $propertylabel
+     * @return CustomProperty
+     */
+    public function create(string $propertylabel): CustomProperty
+    {
+        $customProperty = new CustomProperty();
+        $customProperty->setPropertylabel($propertylabel);
+        $customProperty->setPropertyname(CustomProperty::createSlug($propertylabel));
+        return $this->customPropertiesMapper->insert($customProperty);
+    }
+
+    /**
+     * @NoCSRFRequired
+     * @param int $id
+     * @return CustomProperty
+     */
+    public function delete(int $id): CustomProperty
+    {
+        $customProperty = $this->customPropertiesMapper->findById($id);
+        return $this->customPropertiesMapper->delete($customProperty);
+    }
 
 }

lib/Controller/CustomPropertiesController.php

@@ -3,78 +3,80 @@
 namespace OCA\CustomProperties\Controller;
 
 use Exception;
-use OC\Files\Filesystem;
 use OCA\CustomProperties\Db\CustomPropertiesMapper;
 use OCA\CustomProperties\Db\PropertiesMapper;
 use OCA\CustomProperties\Db\Property;
 use OCA\CustomProperties\Service\PropertyService;
 use OCP\AppFramework\Controller;
-use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\ILogger;
 use OCP\IRequest;
-use function Aws\map;
 
-class CustomPropertiesController extends Controller {
-	const NS_PREFIX = "{http://owncloud.org/ns}";
+class CustomPropertiesController extends Controller
+{
+    const NS_PREFIX = "{http://owncloud.org/ns}";
 
-	/**
-	 * @var PropertyService
-	 */
-	private $propertyService;
-	/**
-	 * @var CustomPropertiesMapper
-	 */
-	private $customPropertiesMapper;
-	/**
-	 * @var PropertiesMapper
-	 */
-	private $propertiesMapper;
-	/**
-	 * @var ILogger
-	 */
-	private $logger;
-	private $userId;
+    /**
+     * @var PropertyService
+     */
+    private $propertyService;
+    /**
+     * @var CustomPropertiesMapper
+     */
+    private $customPropertiesMapper;
+    /**
+     * @var PropertiesMapper
+     */
+    private $propertiesMapper;
+    /**
+     * @var ILogger
+     */
+    private $logger;
+    private $userId;
 
-	public function __construct($AppName, IRequest $request, PropertyService $propertyService, CustomPropertiesMapper $customPropertiesMapper, PropertiesMapper $propertiesMapper, ILogger $logger, $UserId) {
-		parent::__construct($AppName, $request);
-		$this->propertyService = $propertyService;
-		$this->customPropertiesMapper = $customPropertiesMapper;
-		$this->propertiesMapper = $propertiesMapper;
-		$this->logger = $logger;
-		$this->userId = $UserId;
-	}
+    public function __construct($AppName, IRequest $request, PropertyService $propertyService, CustomPropertiesMapper $customPropertiesMapper, PropertiesMapper $propertiesMapper, ILogger $logger, $UserId)
+    {
+        parent::__construct($AppName, $request);
+        $this->propertyService = $propertyService;
+        $this->customPropertiesMapper = $customPropertiesMapper;
+        $this->propertiesMapper = $propertiesMapper;
+        $this->logger = $logger;
+        $this->userId = $UserId;
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @NoCSRFRequired
-	 * @param string $path
-	 * @param string $name
-	 * @return JSONResponse
-	 */
-	public function index(string $path, string $name): JSONResponse {
-		$res = $this->propertyService->getProperties($this->userId, $path, $name);
-		return new JSONResponse($res);
-	}
+    /**
+     * @NoAdminRequired
+     * @NoCSRFRequired
+     * @param string $path
+     * @param string $name
+     * @return JSONResponse
+     */
+    public function index(string $path, string $name): JSONResponse
+    {
+        $res = $this->propertyService->getProperties($this->userId, $path, $name);
+        return new JSONResponse($res);
+    }
 
-	/**
-	 * @NoAdminRequired
-	 */
-	public function update(string $propertypath, string $propertyname, string $propertyvalue): Property {
-		$propertyname = CustomPropertiesController::NS_PREFIX . $propertyname;
+    /**
+     * @NoAdminRequired
+     * @NoCSRFRequired
+     */
+    public function update(string $propertypath, string $propertyname, string $propertyvalue): Property
+    {
+        $propertyname = CustomPropertiesController::NS_PREFIX . $propertyname;
 
-		try {
-			$res = $this->propertiesMapper->findByPathAndName($propertypath, $propertyname, $this->userId);
-			$res->setPropertyvalue($propertyvalue);
-			return $this->propertiesMapper->update($res);
-		} catch (Exception $exception) {
-			$property = new Property();
-			$property->setUserid($this->userId);
-			$property->setPropertypath($propertypath);
-			$property->setPropertyname($propertyname);
-			$property->setPropertyvalue($propertyvalue);
+        try {
+            $res = $this->propertiesMapper->findByPathAndName($propertypath, $propertyname, $this->userId);
+            $res->setPropertyvalue($propertyvalue);
+            return $this->propertiesMapper->update($res);
+        } catch (Exception $exception) {
+            $property = new Property();
+            $property->setUserid($this->userId);
+            $property->setPropertypath($propertypath);
+            $property->setPropertyname($propertyname);
+            $property->setPropertyvalue($propertyvalue);
 
-			return $this->propertiesMapper->insert($property);
-		}
-	}
+            return $this->propertiesMapper->insert($property);
+        }
+    }
 }