123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146 |
- <?php
- /**
- * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com>
- * This file is licensed under the Affero General Public License version 3 or
- * later.
- * See the COPYING-README file.
- */
- namespace OC\Security;
- use OC\Files\Filesystem;
- use OCP\ICertificateManager;
- /**
- * Manage trusted certificates for users
- */
- class CertificateManager implements ICertificateManager {
- /**
- * @var string
- */
- protected $uid;
- /**
- * @var \OC\Files\View
- */
- protected $view;
- /**
- * @param string $uid
- * @param \OC\Files\View $view relative zu data/
- */
- public function __construct($uid, \OC\Files\View $view) {
- $this->uid = $uid;
- $this->view = $view;
- }
- /**
- * Returns all certificates trusted by the user
- *
- * @return \OCP\ICertificate[]
- */
- public function listCertificates() {
- $path = $this->getPathToCertificates() . 'uploads/';
- if (!$this->view->is_dir($path)) {
- return array();
- }
- $result = array();
- $handle = $this->view->opendir($path);
- if (!is_resource($handle)) {
- return array();
- }
- while (false !== ($file = readdir($handle))) {
- if ($file != '.' && $file != '..') {
- try {
- $result[] = new Certificate($this->view->file_get_contents($path . $file), $file);
- } catch(\Exception $e) {}
- }
- }
- closedir($handle);
- return $result;
- }
- /**
- * create the certificate bundle of all trusted certificated
- */
- protected function createCertificateBundle() {
- $path = $this->getPathToCertificates();
- $certs = $this->listCertificates();
- $fh_certs = $this->view->fopen($path . '/rootcerts.crt', 'w');
- foreach ($certs as $cert) {
- $file = $path . '/uploads/' . $cert->getName();
- $data = $this->view->file_get_contents($file);
- if (strpos($data, 'BEGIN CERTIFICATE')) {
- fwrite($fh_certs, $data);
- fwrite($fh_certs, "\r\n");
- }
- }
- fclose($fh_certs);
- }
- /**
- * Save the certificate and re-generate the certificate bundle
- *
- * @param string $certificate the certificate data
- * @param string $name the filename for the certificate
- * @return \OCP\ICertificate|void|bool
- * @throws \Exception If the certificate could not get added
- */
- public function addCertificate($certificate, $name) {
- if (!Filesystem::isValidPath($name) or Filesystem::isFileBlacklisted($name)) {
- return false;
- }
- $dir = $this->getPathToCertificates() . 'uploads/';
- if (!$this->view->file_exists($dir)) {
- $this->view->mkdir($dir);
- }
- try {
- $file = $dir . $name;
- $certificateObject = new Certificate($certificate, $name);
- $this->view->file_put_contents($file, $certificate);
- $this->createCertificateBundle();
- return $certificateObject;
- } catch (\Exception $e) {
- throw $e;
- }
- }
- /**
- * Remove the certificate and re-generate the certificate bundle
- *
- * @param string $name
- * @return bool
- */
- public function removeCertificate($name) {
- if (!Filesystem::isValidPath($name)) {
- return false;
- }
- $path = $this->getPathToCertificates() . 'uploads/';
- if ($this->view->file_exists($path . $name)) {
- $this->view->unlink($path . $name);
- $this->createCertificateBundle();
- }
- return true;
- }
- /**
- * Get the path to the certificate bundle for this user
- *
- * @return string
- */
- public function getCertificateBundle() {
- return $this->getPathToCertificates() . 'rootcerts.crt';
- }
- private function getPathToCertificates() {
- $path = is_null($this->uid) ? '/files_external/' : '/' . $this->uid . '/files_external/';
- return $path;
- }
- }
|