From ab0ffeb6f4a23d54c613ebd5558cce6f460c6987 Mon Sep 17 00:00:00 2001 From: Josh Date: Sat, 5 Oct 2024 08:35:24 -0400 Subject: [PATCH 1/2] refactor: Replace security annotations with attributes in SettingsController Signed-off-by: Josh --- lib/Controller/SettingsController.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php index 9eca7958..90553e46 100644 --- a/lib/Controller/SettingsController.php +++ b/lib/Controller/SettingsController.php @@ -27,8 +27,10 @@ use OCA\LogReader\Constants; use OCA\LogReader\Service\SettingsService; +use OCA\LogReader\Settings\Admin; use OCP\AppFramework\ApiController; use OCP\AppFramework\Http; +use OCP\AppFramework\Http\Attribute\AuthorizedAdminSetting; use OCP\AppFramework\Http\JSONResponse; use OCP\IConfig; use OCP\IRequest; @@ -49,9 +51,8 @@ public function __construct( /** * Get the current app config - * - * @AuthorizedAdminSetting(settings=OCA\LogReader\Settings\Admin) */ + #[AuthorizedAdminSetting(settings: Admin::class)] public function getAppConfig(): JSONResponse { return new JSONResponse($this->settingsService->getAppSettings()); } @@ -62,8 +63,8 @@ public function getAppConfig(): JSONResponse { * @param string $settingsKey AppConfig Key to store * @param mixed $settingsValues Corresponding AppConfig Value * - * @AuthorizedAdminSetting(settings=OCA\LogReader\Settings\Admin) */ + #[AuthorizedAdminSetting(settings: Admin::class)] public function updateAppConfig(string $settingsKey, $settingsValue): JSONResponse { $this->logger->debug('Updating AppConfig: {settingsKey} => {settingsValue}', [ 'settingsKey' => $settingsKey, From 12504b6377f4dda97d6d74f5d5276eb062c428dd Mon Sep 17 00:00:00 2001 From: Josh Date: Sat, 5 Oct 2024 08:39:33 -0400 Subject: [PATCH 2/2] refactor: Replace security annotations with attributes in LogController Signed-off-by: Josh --- lib/Controller/LogController.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/Controller/LogController.php b/lib/Controller/LogController.php index 12e1f863..82049664 100644 --- a/lib/Controller/LogController.php +++ b/lib/Controller/LogController.php @@ -25,8 +25,10 @@ use OCA\LogReader\Log\LogIteratorFactory; use OCA\LogReader\Log\SearchFilter; use OCA\LogReader\Service\SettingsService; +use OCA\LogReader\Settings\Admin; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; +use OCP\AppFramework\Http\Attribute\AuthorizedAdminSetting; use OCP\AppFramework\Http\JSONResponse; use OCP\IRequest; use Psr\Log\LoggerInterface; @@ -48,12 +50,12 @@ public function __construct($appName, } /** - * @AuthorizedAdminSetting(settings=OCA\LogReader\Settings\Admin) * @param string $query * @param int $count * @param int $offset * @return JSONResponse */ + #[AuthorizedAdminSetting(settings: Admin::class)] public function get($query = '', $count = 50, $offset = 0): JSONResponse { $logType = $this->settingsService->getLoggingType(); // we only support web access when `log_type` is set to `file` (the default) @@ -86,7 +88,6 @@ private function getLastItem() { } /** - * @AuthorizedAdminSetting(settings=OCA\LogReader\Settings\Admin) * @brief Use to poll for new log messages since $lastReqId. * * @note There is a possible race condition, when the user loads the @@ -99,6 +100,7 @@ private function getLastItem() { * will work in some cases but not when there are more than 50 messages of that * request. */ + #[AuthorizedAdminSetting(settings: Admin::class)] public function poll(string $lastReqId): JSONResponse { $logType = $this->settingsService->getLoggingType(); // we only support web access when `log_type` is set to `file` (the default)