upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-16 10:30:10 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

Merge pull request #54690 from nextcloud/fix/taskprocessing-no-anonymous-use

Browse source 
fix(TaskProcessingApiController): Don't allow anonymous access anymore
This commit is contained in:
Marcel Klehr 2025-08-28 13:15:28 +02:00 committed by GitHub
commit c8a12a54fd
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 294 additions and 63 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
core/Controller/TaskProcessingApiController.php
View file

@ -13,12 +13,10 @@ namespace OC\Core\Controller;
use OC\Core\ResponseDefinitions;
use OC\Files\SimpleFS\SimpleFile;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\Attribute\AnonRateLimit;
use OCP\AppFramework\Http\Attribute\ApiRoute;
use OCP\AppFramework\Http\Attribute\ExAppRequired;
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
use OCP\AppFramework\Http\Attribute\PublicPage;
use OCP\AppFramework\Http\Attribute\UserRateLimit;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\Http\StreamResponse;
@ -67,7 +65,7 @@ class TaskProcessingApiController extends OCSController {
*
* 200: Task types returned
*/
#[PublicPage]
#[NoAdminRequired]
#[ApiRoute(verb: 'GET', url: '/tasktypes', root: '/taskprocessing')]
public function taskTypes(): DataResponse {
/** @var array<string, CoreTaskProcessingTaskType> $taskTypes */
@ -157,9 +155,8 @@ class TaskProcessingApiController extends OCSController {
* 412: Scheduling task is not possible
* 401: Cannot schedule task because it references files in its input that the user doesn't have access to
*/
#[PublicPage]
#[UserRateLimit(limit: 20, period: 120)]
#[AnonRateLimit(limit: 5, period: 120)]
#[NoAdminRequired]
#[ApiRoute(verb: 'POST', url: '/schedule', root: '/taskprocessing')]
public function schedule(
array $input, string $type, string $appId, string $customId = '',
@ -200,7 +197,7 @@ class TaskProcessingApiController extends OCSController {
* 200: Task returned
* 404: Task not found
*/
#[PublicPage]
#[NoAdminRequired]
#[ApiRoute(verb: 'GET', url: '/task/{id}', root: '/taskprocessing')]
public function getTask(int $id): DataResponse {
try {

116
core/openapi-full.json
View file

@ -4761,7 +4761,6 @@
"task_processing_api"
],
"security": [
{},
{
"bearer_auth": []
},
@ -4822,6 +4821,34 @@
}
}
}
},
"401": {
"description": "Current user is not logged in",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
}
}
}
}
@ -4834,7 +4861,6 @@
"task_processing_api"
],
"security": [
{},
{
"bearer_auth": []
},
@ -5061,35 +5087,60 @@
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"anyOf": [
{
"type": "object",
"required": [
"meta",
"data"
"ocs"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {
"ocs": {
"type": "object",
"required": [
"message"
"meta",
"data"
],
"properties": {
"message": {
"type": "string"
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {
"type": "object",
"required": [
"message"
],
"properties": {
"message": {
"type": "string"
}
}
}
}
}
}
},
{
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
]
}
}
}
@ -5106,7 +5157,6 @@
"task_processing_api"
],
"security": [
{},
{
"bearer_auth": []
},
@ -5250,6 +5300,34 @@
}
}
}
},
"401": {
"description": "Current user is not logged in",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
}
}
}
},

116
core/openapi.json
View file

@ -4761,7 +4761,6 @@
"task_processing_api"
],
"security": [
{},
{
"bearer_auth": []
},
@ -4822,6 +4821,34 @@
}
}
}
},
"401": {
"description": "Current user is not logged in",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
}
}
}
}
@ -4834,7 +4861,6 @@
"task_processing_api"
],
"security": [
{},
{
"bearer_auth": []
},
@ -5061,35 +5087,60 @@
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"anyOf": [
{
"type": "object",
"required": [
"meta",
"data"
"ocs"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {
"ocs": {
"type": "object",
"required": [
"message"
"meta",
"data"
],
"properties": {
"message": {
"type": "string"
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {
"type": "object",
"required": [
"message"
],
"properties": {
"message": {
"type": "string"
}
}
}
}
}
}
},
{
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
]
}
}
}
@ -5106,7 +5157,6 @@
"task_processing_api"
],
"security": [
{},
{
"bearer_auth": []
},
@ -5250,6 +5300,34 @@
}
}
}
},
"401": {
"description": "Current user is not logged in",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
}
}
}
},

116
openapi.json
View file

@ -8273,7 +8273,6 @@
"core/task_processing_api"
],
"security": [
{},
{
"bearer_auth": []
},
@ -8334,6 +8333,34 @@
}
}
}
},
"401": {
"description": "Current user is not logged in",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
}
}
}
}
@ -8346,7 +8373,6 @@
"core/task_processing_api"
],
"security": [
{},
{
"bearer_auth": []
},
@ -8573,35 +8599,60 @@
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"anyOf": [
{
"type": "object",
"required": [
"meta",
"data"
"ocs"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {
"ocs": {
"type": "object",
"required": [
"message"
"meta",
"data"
],
"properties": {
"message": {
"type": "string"
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {
"type": "object",
"required": [
"message"
],
"properties": {
"message": {
"type": "string"
}
}
}
}
}
}
},
{
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
]
}
}
}
@ -8618,7 +8669,6 @@
"core/task_processing_api"
],
"security": [
{},
{
"bearer_auth": []
},
@ -8762,6 +8812,34 @@
}
}
}
},
"401": {
"description": "Current user is not logged in",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
}
}
}
},