sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #48373 from nextcloud/fix/788/add-password-confirmation-required-to-user-storage-create 

fix: add PasswordConfirmationRequired to create user storages endpoint
pull/48756/head
yemkareems 2024-10-17 11:10:19 +07:00 committed by GitHub
parent d4dffc1566 1e13776a87
commit de9f5c4ec6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
apps/files_external/js/settings.js
Unescape Escape View File

@ -267,7 +267,6 @@ StorageConfig.prototype = {
* @param {Function} [options.error] error callback
*/
save: function(options) {
var self = this;
var url = OC.generateUrl(this._url);
var method = 'POST';
if (_.isNumber(this.id)) {
@ -275,6 +274,18 @@ StorageConfig.prototype = {
url = OC.generateUrl(this._url + '/{id}', {id: this.id});
}
window.OC.PasswordConfirmation.requirePasswordConfirmation(() => this._save(method, url, options), options.error);
},
/**
* Private implementation of the save function (called after potential password confirmation)
* @param {string} method
* @param {string} url
* @param {{success: Function, error: Function}} options
*/
_save: function(method, url, options) {
self = this;
$.ajax({
type: method,
url: url,
@ -348,6 +359,15 @@ StorageConfig.prototype = {
}
return;
}
window.OC.PasswordConfirmation.requirePasswordConfirmation(() => this._destroy(options), options.error)
},
/**
* Private implementation of the DELETE method called after password confirmation
* @param {{ success: Function, error: Function }} options
*/
_destroy: function(options) {
$.ajax({
type: 'DELETE',
url: OC.generateUrl(this._url + '/{id}', {id: this.id}),

4
apps/files_external/lib/Controller/UserStoragesController.php
Unescape Escape View File

@ -13,6 +13,7 @@ use OCA\Files_External\NotFoundException;
use OCA\Files_External\Service\UserStoragesService;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
use OCP\AppFramework\Http\DataResponse;
use OCP\IConfig;
use OCP\IGroupManager;
@ -99,6 +100,7 @@ class UserStoragesController extends StoragesController {
* @return DataResponse
*/
#[NoAdminRequired]
#[PasswordConfirmationRequired]
public function create(
$mountPoint,
$backend,
@ -154,6 +156,7 @@ class UserStoragesController extends StoragesController {
* @return DataResponse
*/
#[NoAdminRequired]
#[PasswordConfirmationRequired]
public function update(
$id,
$mountPoint,
@ -205,6 +208,7 @@ class UserStoragesController extends StoragesController {
* {@inheritdoc}
*/
#[NoAdminRequired]
#[PasswordConfirmationRequired]
public function destroy($id) {
return parent::destroy($id);
}