diff --git a/apps/user_ldap/lib/Controller/ConfigAPIController.php b/apps/user_ldap/lib/Controller/ConfigAPIController.php index a2f821dbbda97..83c97d05fc116 100644 --- a/apps/user_ldap/lib/Controller/ConfigAPIController.php +++ b/apps/user_ldap/lib/Controller/ConfigAPIController.php @@ -11,7 +11,9 @@ use OCA\User_LDAP\Configuration; use OCA\User_LDAP\ConnectionFactory; use OCA\User_LDAP\Helper; +use OCA\User_LDAP\Settings\Admin; use OCP\AppFramework\Http; +use OCP\AppFramework\Http\Attribute\AuthorizedAdminSetting; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSBadRequestException; use OCP\AppFramework\OCS\OCSException; @@ -46,12 +48,12 @@ public function __construct( /** * Create a new (empty) configuration and return the resulting prefix * - * @AuthorizedAdminSetting(settings=OCA\User_LDAP\Settings\Admin) * @return DataResponse * @throws OCSException * * 200: Config created successfully */ + #[AuthorizedAdminSetting(Admin::class)] public function create() { try { $configPrefix = $this->ldapHelper->getNextServerConfigurationPrefix(); @@ -68,7 +70,6 @@ public function create() { /** * Delete a LDAP configuration * - * @AuthorizedAdminSetting(settings=OCA\User_LDAP\Settings\Admin) * @param string $configID ID of the config * @return DataResponse, array{}> * @throws OCSException @@ -76,6 +77,7 @@ public function create() { * * 200: Config deleted successfully */ + #[AuthorizedAdminSetting(Admin::class)] public function delete($configID) { try { $this->ensureConfigIDExists($configID); @@ -95,7 +97,6 @@ public function delete($configID) { /** * Modify a configuration * - * @AuthorizedAdminSetting(settings=OCA\User_LDAP\Settings\Admin) * @param string $configID ID of the config * @param array $configData New config * @return DataResponse, array{}> @@ -105,6 +106,7 @@ public function delete($configID) { * * 200: Config returned */ + #[AuthorizedAdminSetting(Admin::class)] public function modify($configID, $configData) { try { $this->ensureConfigIDExists($configID); @@ -200,7 +202,6 @@ public function modify($configID, $configData) { * * * - * @AuthorizedAdminSetting(settings=OCA\User_LDAP\Settings\Admin) * @param string $configID ID of the config * @param bool $showPassword Whether to show the password * @return DataResponse, array{}> @@ -209,6 +210,7 @@ public function modify($configID, $configData) { * * 200: Config returned */ + #[AuthorizedAdminSetting(Admin::class)] public function show($configID, $showPassword = false) { try { $this->ensureConfigIDExists($configID); @@ -237,10 +239,10 @@ public function show($configID, $showPassword = false) { /** * If the given config ID is not available, an exception is thrown * - * @AuthorizedAdminSetting(settings=OCA\User_LDAP\Settings\Admin) * @param string $configID * @throws OCSNotFoundException */ + #[AuthorizedAdminSetting(Admin::class)] private function ensureConfigIDExists($configID): void { $prefixes = $this->ldapHelper->getServerConfigurationPrefixes(); if (!in_array($configID, $prefixes, true)) { diff --git a/apps/user_ldap/lib/Controller/RenewPasswordController.php b/apps/user_ldap/lib/Controller/RenewPasswordController.php index 92b2876dc3fae..574e85b4fde57 100644 --- a/apps/user_ldap/lib/Controller/RenewPasswordController.php +++ b/apps/user_ldap/lib/Controller/RenewPasswordController.php @@ -6,7 +6,10 @@ namespace OCA\User_LDAP\Controller; use OCP\AppFramework\Controller; +use OCP\AppFramework\Http\Attribute\NoCSRFRequired; use OCP\AppFramework\Http\Attribute\OpenAPI; +use OCP\AppFramework\Http\Attribute\PublicPage; +use OCP\AppFramework\Http\Attribute\UseSession; use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\Http\TemplateResponse; use OCP\HintException; @@ -49,24 +52,22 @@ public function __construct($appName, IRequest $request, IUserManager $userManag } /** - * @PublicPage - * @NoCSRFRequired - * * @return RedirectResponse */ + #[PublicPage] + #[NoCSRFRequired] public function cancel() { return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')); } /** - * @PublicPage - * @NoCSRFRequired - * @UseSession - * * @param string $user * * @return TemplateResponse|RedirectResponse */ + #[PublicPage] + #[NoCSRFRequired] + #[UseSession] public function showRenewPasswordForm($user) { if ($this->config->getUserValue($user, 'user_ldap', 'needsPasswordReset') !== 'true') { return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')); @@ -102,15 +103,14 @@ public function showRenewPasswordForm($user) { } /** - * @PublicPage - * @UseSession - * * @param string $user * @param string $oldPassword * @param string $newPassword * * @return RedirectResponse */ + #[PublicPage] + #[UseSession] public function tryRenewPassword($user, $oldPassword, $newPassword) { if ($this->config->getUserValue($user, 'user_ldap', 'needsPasswordReset') !== 'true') { return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')); @@ -146,12 +146,11 @@ public function tryRenewPassword($user, $oldPassword, $newPassword) { } /** - * @PublicPage - * @NoCSRFRequired - * @UseSession - * * @return RedirectResponse */ + #[PublicPage] + #[NoCSRFRequired] + #[UseSession] public function showLoginFormInvalidPassword($user) { $args = !is_null($user) ? ['user' => $user] : []; $this->session->set('loginMessages', [