From 24f8b04908e8fa5aeb57e21d36a0a35992c1d561 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come.chilliet@nextcloud.com>
Date: Thu, 11 Jan 2024 14:57:25 +0100
Subject: [PATCH] Remove CSRF check from code integrity rescan
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Did not find a way to get a valid token from SetupCheck

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
---
 apps/settings/lib/Controller/CheckSetupController.php | 1 +
 apps/settings/lib/SetupChecks/CodeIntegrity.php       | 2 --
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/apps/settings/lib/Controller/CheckSetupController.php b/apps/settings/lib/Controller/CheckSetupController.php
index 7e865785522..eb6664c5e47 100644
--- a/apps/settings/lib/Controller/CheckSetupController.php
+++ b/apps/settings/lib/Controller/CheckSetupController.php
@@ -234,6 +234,7 @@ class CheckSetupController extends Controller {
 	}
 
 	/**
+	 * @NoCSRFRequired
 	 * @return RedirectResponse
 	 * @AuthorizedAdminSetting(settings=OCA\Settings\Settings\Admin\Overview)
 	 */
diff --git a/apps/settings/lib/SetupChecks/CodeIntegrity.php b/apps/settings/lib/SetupChecks/CodeIntegrity.php
index f5882be888f..20ecf5360b7 100644
--- a/apps/settings/lib/SetupChecks/CodeIntegrity.php
+++ b/apps/settings/lib/SetupChecks/CodeIntegrity.php
@@ -53,7 +53,6 @@ class CodeIntegrity implements ISetupCheck {
 		} elseif ($this->checker->hasPassedCheck()) {
 			return SetupResult::success($this->l10n->t('No altered files'));
 		} else {
-			// FIXME: If setup check can link to settings pages this should link to /settings/integrity/failed and /settings/integrity/rescan?requesttoken=TOKEN
 			return SetupResult::error(
 				$this->l10n->t('Some files have not passed the integrity check. {link1} {link2}'),
 				$this->urlGenerator->linkToDocs('admin-code-integrity'),
@@ -68,7 +67,6 @@ class CodeIntegrity implements ISetupCheck {
 						'type' => 'highlight',
 						'id' => 'rescanFailedIntegrityCheck',
 						'name' => 'Rescan…',
-						//, ['requesttoken' => '']?
 						'link' => $this->urlGenerator->linkToRoute('settings.CheckSetup.rescanFailedIntegrityCheck'),
 					],
 				],