Merge branch 'master' into jtr-refactor-remote-php

Signed-off-by: Josh <josh.t.richards@gmail.com>
chore: drop unused IConfig from remote.php
2025-08-18 12:28:16 -04:00 · 2025-08-18 12:00:08 -04:00 · 2025-08-18 11:59:32 -04:00 · 2025-08-18 11:33:20 -04:00 · 2025-08-18 11:30:02 -04:00 · 2025-08-18 11:20:16 -04:00
3 changed files with 128 additions and 127 deletions
--- a/build/psalm-baseline.xml
+++ b/build/psalm-baseline.xml
@@ -4415,15 +4415,4 @@
      <code><![CDATA[getRequest]]></code>
    </DeprecatedMethod>
  </file>
-  <file src="public.php">
-    <DeprecatedMethod>
-      <code><![CDATA[getAppValue]]></code>
-    </DeprecatedMethod>
-  </file>
-  <file src="remote.php">
-    <DeprecatedMethod>
-      <code><![CDATA[exec]]></code>
-      <code><![CDATA[getAppValue]]></code>
-    </DeprecatedMethod>
-  </file>
-</files>
+</files>
--- a/public.php
+++ b/public.php
@@ -2,8 +2,6 @@

 declare(strict_types=1);

-use OC\ServiceUnavailableException;
-
 /**
 * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
 * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -12,24 +10,28 @@ use OC\ServiceUnavailableException;

 require_once __DIR__ . '/lib/versioncheck.php';

+use OC\ServiceUnavailableException;
 use OCP\App\IAppManager;
-use OCP\IConfig;
 use OCP\IRequest;
 use OCP\Server;
 use OCP\Template\ITemplateManager;
 use OCP\Util;
 use Psr\Log\LoggerInterface;

+/**
+ * Resolve the requested public.php service to a handler.
+ *
+ * @param string $service
+ * @return string (empty if no matches)
+ */
 function resolveService(string $service): string {
-	$services = [
+	$publicServices = [
 		'webdav' => 'dav/appinfo/v1/publicwebdav.php',
 		'dav' => 'dav/appinfo/v2/publicremote.php',
 	];
-	if (isset($services[$service])) {
-		return $services[$service];
-	}
-
-	return Server::get(IConfig::class)->getAppValue('core', 'remote_' . $service);
+	
+	$file = $publicServices[$service] ?? '';
+	return $file;
 }

 try {
@@ -69,10 +71,10 @@ try {
 	$file = ltrim($file, '/');
 	$parts = explode('/', $file, 2);
 	$app = $parts[0];
+	\OC::$REQUESTEDAPP = $app;

 	// Load all required applications
 	$appManager = Server::get(IAppManager::class);
-	\OC::$REQUESTEDAPP = $app;
 	$appManager->loadApps(['authentication']);
 	$appManager->loadApps(['extended_authentication']);
 	$appManager->loadApps(['filesystem', 'logging']);
@@ -93,11 +95,11 @@ try {
 	if ($ex instanceof ServiceUnavailableException) {
 		$status = 503;
 	}
-	//show the user a detailed error page
+	// Show the user a detailed error page
 	Server::get(LoggerInterface::class)->error($ex->getMessage(), ['app' => 'public', 'exception' => $ex]);
 	Server::get(ITemplateManager::class)->printExceptionErrorPage($ex, $status);
 } catch (Error $ex) {
-	//show the user a detailed error page
+	// Show the user a detailed error page
 	Server::get(LoggerInterface::class)->error($ex->getMessage(), ['app' => 'public', 'exception' => $ex]);
 	Server::get(ITemplateManager::class)->printExceptionErrorPage($ex, 500);
 }
--- a/remote.php
+++ b/remote.php
@@ -1,8 +1,6 @@
 <?php

-use OC\ServiceUnavailableException;
-use OCP\IConfig;
-use OCP\Util;
+declare(strict_types=1);

 /**
 * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
@@ -11,13 +9,99 @@ use OCP\Util;
 */
 require_once __DIR__ . '/lib/versioncheck.php';

+use OC\ServiceUnavailableException;
 use OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin;
 use OCP\App\IAppManager;
 use OCP\IRequest;
+use OCP\Server;
 use OCP\Template\ITemplateManager;
+use OCP\Util;
 use Psr\Log\LoggerInterface;
+use Sabre\DAV\Exception\NotFound;
 use Sabre\DAV\Exception\ServiceUnavailable;
-use Sabre\DAV\Server;
+
+/**
+ * Resolve the requested remote.php service to a handler.
+ *
+ * @param string $service
+ * @return string (empty if no matches)
+ */
+function resolveService(string $service): string {
+	$remoteServices = [
+		'webdav' => 'dav/appinfo/v1/webdav.php',
+		'dav' => 'dav/appinfo/v2/remote.php',
+		'caldav' => 'dav/appinfo/v1/caldav.php',
+		'calendar' => 'dav/appinfo/v1/caldav.php',
+		'carddav' => 'dav/appinfo/v1/carddav.php',
+		'contacts' => 'dav/appinfo/v1/carddav.php',
+		'files' => 'dav/appinfo/v1/webdav.php',
+		'direct' => 'dav/appinfo/v2/direct.php',
+	];
+	
+	$file = $remoteServices[$service] ?? '';
+	return $file;
+}
+
+try {
+	require_once __DIR__ . '/lib/base.php';
+
+	// All resources served via the DAV endpoint should have the strictest possible
+	// policy. Exempted from this is the SabreDAV browser plugin which overwrites
+	// this policy with a softer one if debug mode is enabled.
+	header("Content-Security-Policy: default-src 'none';");
+
+	// Check if Nextcloud is in maintenance mode
+	if (Util::needUpgrade()) {
+		// since the behavior of apps or remotes are unpredictable during
+		// an upgrade, return a 503 directly
+		throw new RemoteException('Service unavailable', 503);
+	}
+
+	$request = Server::get(IRequest::class);
+	$pathInfo = $request->getPathInfo();
+	if ($pathInfo === false || $pathInfo === '') {
+		throw new RemoteException('Path not found', 404);
+	}
+
+	// Extract the service from the path
+	if (!$pos = strpos($pathInfo, '/', 1)) {
+		$pos = strlen($pathInfo);
+	}
+	$service = substr($pathInfo, 1, $pos - 1);
+
+	// Resolve the service to a file
+	$file = resolveService($service);
+	if (!$file) {
+		throw new RemoteException('Path not found', 404);
+	}
+
+	// Extract the app from the service file
+	$file = ltrim($file, '/');
+	$parts = explode('/', $file, 2);
+	$app = $parts[0];
+	\OC::$REQUESTEDAPP = $app;
+
+	// Load all required applications
+	$appManager = Server::get(IAppManager::class);
+	$appManager->loadApps(['authentication']);
+	$appManager->loadApps(['extended_authentication']);
+	$appManager->loadApps(['filesystem', 'logging']);
+
+	// Check if the app is enabled
+	if (!$appManager->isEnabledForUser($app)) {
+		throw new RemoteException('App not installed: ' . $app, 503); // or maybe 404?
+	}
+
+	// Load the app
+	$appManager->loadApp($app);
+
+	$baseuri = OC::$WEBROOT . '/remote.php/' . $service . '/';
+	require_once $file;
+} catch (Exception $ex) {
+	handleException($ex);
+} catch (Error $e) {
+	handleException($e);
+}

 /**
 * Class RemoteException
@@ -29,15 +113,22 @@ class RemoteException extends \Exception {

 function handleException(Exception|Error $e): void {
 	try {
-		$request = \OCP\Server::get(IRequest::class);
-		// in case the request content type is text/xml - we assume it's a WebDAV request
-		$isXmlContentType = strpos($request->getHeader('Content-Type'), 'text/xml');
-		if ($isXmlContentType === 0) {
-			// fire up a simple server to properly process the exception
-			$server = new Server();
+		// Assume XML requests are a DAV request
+		$contentType = Server::get(IRequest::class)->getHeader('Content-Type');
+		if (
+			str_contains($contentType, 'application/xml')
+			|| str_contains($contentType, 'text/xml')
+		) {
+			// Fire up a simple DAV server to properly process the exception
+			$server = new \Sabre\DAV\Server();
 			if (!($e instanceof RemoteException)) {
 				// we shall not log on RemoteException
-				$server->addPlugin(new ExceptionLoggerPlugin('webdav', \OCP\Server::get(LoggerInterface::class)));
+				$server->addPlugin(
+					new ExceptionLoggerPlugin(
+						'webdav',
+						Server::get(LoggerInterface::class)
+					)
+				);
 			}
 			$server->on('beforeMethod:*', function () use ($e): void {
 				if ($e instanceof RemoteException) {
@@ -45,112 +136,31 @@ function handleException(Exception|Error $e): void {
 						case 503:
 							throw new ServiceUnavailable($e->getMessage());
 						case 404:
-							throw new \Sabre\DAV\Exception\NotFound($e->getMessage());
+							throw new NotFound($e->getMessage());
 					}
 				}
 				$class = get_class($e);
 				$msg = $e->getMessage();
 				throw new ServiceUnavailable("$class: $msg");
 			});
-			$server->exec();
-		} else {
+			$server->start();
+		} else { // Assume it was interactive
 			$statusCode = 500;
 			if ($e instanceof ServiceUnavailableException) {
 				$statusCode = 503;
 			}
 			if ($e instanceof RemoteException) {
+				// Show the user a detailed error page
+				Server::get(ITemplateManager::class)->printErrorPage($e->getMessage(), '', $e->getCode());
 				// we shall not log on RemoteException
-				\OCP\Server::get(ITemplateManager::class)->printErrorPage($e->getMessage(), '', $e->getCode());
 			} else {
-				\OCP\Server::get(LoggerInterface::class)->error($e->getMessage(), ['app' => 'remote','exception' => $e]);
-				\OCP\Server::get(ITemplateManager::class)->printExceptionErrorPage($e, $statusCode);
+				// Show the user a detailed error page
+				Server::get(LoggerInterface::class)->error($e->getMessage(), ['app' => 'remote','exception' => $e]);
+				Server::get(ITemplateManager::class)->printExceptionErrorPage($e, $statusCode);
 			}
 		}
-	} catch (\Exception $e) {
-		\OCP\Server::get(ITemplateManager::class)->printExceptionErrorPage($e, 500);
+	} catch (\Exception $e) { // Something went very wrong; do the best we can
+		// Show the user a detailed error page
+		Server::get(ITemplateManager::class)->printExceptionErrorPage($e, 500);
 	}
 }
-
-/**
- * @param string $service
- * @return string
- */
-function resolveService($service) {
-	$services = [
-		'webdav' => 'dav/appinfo/v1/webdav.php',
-		'dav' => 'dav/appinfo/v2/remote.php',
-		'caldav' => 'dav/appinfo/v1/caldav.php',
-		'calendar' => 'dav/appinfo/v1/caldav.php',
-		'carddav' => 'dav/appinfo/v1/carddav.php',
-		'contacts' => 'dav/appinfo/v1/carddav.php',
-		'files' => 'dav/appinfo/v1/webdav.php',
-		'direct' => 'dav/appinfo/v2/direct.php',
-	];
-	if (isset($services[$service])) {
-		return $services[$service];
-	}
-
-	return \OCP\Server::get(IConfig::class)->getAppValue('core', 'remote_' . $service);
-}
-
-try {
-	require_once __DIR__ . '/lib/base.php';
-
-	// All resources served via the DAV endpoint should have the strictest possible
-	// policy. Exempted from this is the SabreDAV browser plugin which overwrites
-	// this policy with a softer one if debug mode is enabled.
-	header("Content-Security-Policy: default-src 'none';");
-
-	if (Util::needUpgrade()) {
-		// since the behavior of apps or remotes are unpredictable during
-		// an upgrade, return a 503 directly
-		throw new RemoteException('Service unavailable', 503);
-	}
-
-	$request = \OCP\Server::get(IRequest::class);
-	$pathInfo = $request->getPathInfo();
-	if ($pathInfo === false || $pathInfo === '') {
-		throw new RemoteException('Path not found', 404);
-	}
-	if (!$pos = strpos($pathInfo, '/', 1)) {
-		$pos = strlen($pathInfo);
-	}
-	$service = substr($pathInfo, 1, $pos - 1);
-
-	$file = resolveService($service);
-
-	if (is_null($file)) {
-		throw new RemoteException('Path not found', 404);
-	}
-
-	$file = ltrim($file, '/');
-
-	$parts = explode('/', $file, 2);
-	$app = $parts[0];
-
-	// Load all required applications
-	\OC::$REQUESTEDAPP = $app;
-	$appManager = \OCP\Server::get(IAppManager::class);
-	$appManager->loadApps(['authentication']);
-	$appManager->loadApps(['extended_authentication']);
-	$appManager->loadApps(['filesystem', 'logging']);
-
-	switch ($app) {
-		case 'core':
-			$file = OC::$SERVERROOT . '/' . $file;
-			break;
-		default:
-			if (!$appManager->isEnabledForUser($app)) {
-				throw new RemoteException('App not installed: ' . $app);
-			}
-			$appManager->loadApp($app);
-			$file = $appManager->getAppPath($app) . '/' . ($parts[1] ?? '');
-			break;
-	}
-	$baseuri = OC::$WEBROOT . '/remote.php/' . $service . '/';
-	require_once $file;
-} catch (Exception $ex) {
-	handleException($ex);
-} catch (Error $e) {
-	handleException($e);
-}
Author	SHA1	Message	Date
Josh	1238f6da4a	Merge branch 'master' into jtr-refactor-remote-php Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-18 12:28:16 -04:00
Josh	02affcb1cb	chore: drop unused IConfig from remote.php Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-18 12:00:08 -04:00
Josh	5eff9e30c3	chore: unify public.php with updated remote.php Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-18 11:59:32 -04:00
Josh	c1fbf195a1	chore: Update psalm-baseline.xml Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-18 11:33:20 -04:00
Josh	b930082426	fix: fixup for lint Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-18 11:30:02 -04:00
Josh	7dbe1dfa81	chore: drop unused remote_ dynamic resolver Endpoints are all hardcoded since `7bdde98617` and were formally deprecated within info.xml in nextcloud/appstore#156. Follow-up PR will clean-up references elsewhere. Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-18 11:20:16 -04:00
Josh	ccc7584b88	chore: re-organize remote.php Whatever is settled on here will likely get ported to /public.php as well. Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-13 14:45:37 -04:00
Josh	aa09853b26	chore: fixup remote.php Co-authored-by: Daniel <mail@danielkesselberg.de> Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-13 14:11:18 -04:00
Josh	ac40a35e7c	fix(DAV): Handle application/xml in remote properly Also: - fix: Handle if service doesn't resolve properly - fix: Return a 503 (rather than 200) if app is not enabled/installed Other than that, some general refactoring. To ease review and for general comparison, compare to `public.php`. Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-06-26 13:25:27 -04:00