From 28d7206e5cab68eb4b4a012574ee26275e2c74d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=B4me=20Chilliet?= Date: Tue, 19 Nov 2024 11:38:29 +0100 Subject: [PATCH 1/3] fix(files_sharing): Do not wrap password policy exception into a generic one MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Let the controller access the HintException and show the error to the user. Signed-off-by: Côme Chilliet --- lib/private/Share20/Manager.php | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 4dadcdbfcd7f4..ea338937e2a72 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -99,7 +99,7 @@ private function splitFullId($id) { * Verify if a password meets all requirements * * @param string $password - * @throws \Exception + * @throws HintException */ protected function verifyPassword($password) { if ($password === null) { @@ -112,11 +112,7 @@ protected function verifyPassword($password) { } // Let others verify the password - try { - $this->dispatcher->dispatchTyped(new ValidatePasswordPolicyEvent($password)); - } catch (HintException $e) { - throw new \Exception($e->getHint()); - } + $this->dispatcher->dispatchTyped(new ValidatePasswordPolicyEvent($password)); } /** From 17007f6b8dae214355c164b274915413628cb5d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=B4me=20Chilliet?= Date: Tue, 10 Dec 2024 15:27:38 +0100 Subject: [PATCH 2/3] fix(shares): Wrap exceptions from password validation to set code to 400 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This fixes a regression that bad password returned 403 instead of 400 because of previous changes. Signed-off-by: Côme Chilliet --- lib/private/Share20/Manager.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index ea338937e2a72..219f3d86380a5 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -112,7 +112,12 @@ protected function verifyPassword($password) { } // Let others verify the password - $this->dispatcher->dispatchTyped(new ValidatePasswordPolicyEvent($password)); + try { + $this->dispatcher->dispatchTyped(new ValidatePasswordPolicyEvent($password)); + } catch (HintException $e) { + /* Wrap in a 400 bad request error */ + throw new HintException($e->getMessage(), $e->getHint(), 400, $e); + } } /** @@ -780,7 +785,7 @@ public function createShare(IShare $share) { * @param IShare $share * @return IShare The share object * @throws \InvalidArgumentException - * @throws GenericShareException + * @throws HintException */ public function updateShare(IShare $share, bool $onlyValid = true) { $expirationDateUpdated = false; From 365ff40929bd5eab458f88efb18f31a8207722e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=B4me=20Chilliet?= Date: Tue, 10 Dec 2024 15:59:29 +0100 Subject: [PATCH 3/3] fix(tests): Adapt ManagerTest to change in Exception class used MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Côme Chilliet --- tests/lib/Share20/ManagerTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/lib/Share20/ManagerTest.php b/tests/lib/Share20/ManagerTest.php index 79a88f9af9efd..091a79e6d40a7 100644 --- a/tests/lib/Share20/ManagerTest.php +++ b/tests/lib/Share20/ManagerTest.php @@ -798,7 +798,7 @@ public function testVerifyPasswordHookFails(): void { $this->assertInstanceOf(ValidatePasswordPolicyEvent::class, $event); /** @var ValidatePasswordPolicyEvent $event */ $this->assertSame('password', $event->getPassword()); - throw new HintException('message', 'password not accepted'); + throw new HintException('password not accepted'); } );