diff --git a/core/Controller/AppPasswordController.php b/core/Controller/AppPasswordController.php index 90020330ea19e..a080ce05ad4a1 100644 --- a/core/Controller/AppPasswordController.php +++ b/core/Controller/AppPasswordController.php @@ -102,6 +102,7 @@ public function getAppPassword(): DataResponse { /** * @NoAdminRequired + * @throws OCSForbiddenException */ public function deleteAppPassword(): DataResponse { if (!$this->session->exists('app_password')) { @@ -122,6 +123,7 @@ public function deleteAppPassword(): DataResponse { /** * @NoAdminRequired + * @throws OCSForbiddenException */ public function rotateAppPassword(): DataResponse { if (!$this->session->exists('app_password')) { diff --git a/core/Controller/AvatarController.php b/core/Controller/AvatarController.php index ba1792af7089b..8340a04b3f23f 100644 --- a/core/Controller/AvatarController.php +++ b/core/Controller/AvatarController.php @@ -31,6 +31,8 @@ namespace OC\Core\Controller; use OC\AppFramework\Utility\TimeFactory; +use OC\Files\Filesystem; +use OC\NotSquareException; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataDisplayResponse; @@ -38,9 +40,11 @@ use OCP\AppFramework\Http\JSONResponse; use OCP\Files\File; use OCP\Files\IRootFolder; +use OCP\Files\NotPermittedException; use OCP\IAvatarManager; use OCP\ICache; use OCP\IL10N; +use OCP\Image; use OCP\IRequest; use OCP\IUserManager; use Psr\Log\LoggerInterface; @@ -74,7 +78,7 @@ public function __construct( * * @return JSONResponse|FileDisplayResponse */ - public function getAvatarDark(string $userId, int $size) { + public function getAvatarDark(string $userId, int $size): FileDisplayResponse|JSONResponse { if ($size <= 64) { if ($size !== 64) { $this->logger->debug('Avatar requested in deprecated size ' . $size); @@ -113,7 +117,7 @@ public function getAvatarDark(string $userId, int $size) { * * @return JSONResponse|FileDisplayResponse */ - public function getAvatar(string $userId, int $size) { + public function getAvatar(string $userId, int $size): FileDisplayResponse|JSONResponse { if ($size <= 64) { if ($size !== 64) { $this->logger->debug('Avatar requested in deprecated size ' . $size); @@ -173,7 +177,7 @@ public function postAvatar(?string $path = null): JSONResponse { try { $content = $node->getContent(); - } catch (\OCP\Files\NotPermittedException $e) { + } catch (NotPermittedException $e) { return new JSONResponse( ['data' => ['message' => $this->l10n->t('The selected file cannot be read.')]], Http::STATUS_BAD_REQUEST @@ -183,7 +187,7 @@ public function postAvatar(?string $path = null): JSONResponse { if ( $files['error'][0] === 0 && is_uploaded_file($files['tmp_name'][0]) && - !\OC\Files\Filesystem::isFileBlacklisted($files['tmp_name'][0]) + !Filesystem::isFileBlacklisted($files['tmp_name'][0]) ) { if ($files['size'][0] > 20 * 1024 * 1024) { return new JSONResponse( @@ -221,7 +225,7 @@ public function postAvatar(?string $path = null): JSONResponse { } try { - $image = new \OCP\Image(); + $image = new Image(); $image->loadFromData($content); $image->readExif($content); $image->fixOrientation(); @@ -284,7 +288,7 @@ public function deleteAvatar(): JSONResponse { * * @return JSONResponse|DataDisplayResponse */ - public function getTmpAvatar() { + public function getTmpAvatar(): JSONResponse|DataDisplayResponse { $tmpAvatar = $this->cache->get('tmpAvatar'); if (is_null($tmpAvatar)) { return new JSONResponse(['data' => [ @@ -293,7 +297,7 @@ public function getTmpAvatar() { Http::STATUS_NOT_FOUND); } - $image = new \OCP\Image(); + $image = new Image(); $image->loadFromData($tmpAvatar); $resp = new DataDisplayResponse( @@ -329,7 +333,7 @@ public function postCroppedAvatar(?array $crop = null): JSONResponse { Http::STATUS_BAD_REQUEST); } - $image = new \OCP\Image(); + $image = new Image(); $image->loadFromData($tmpAvatar); $image->crop($crop['x'], $crop['y'], (int)round($crop['w']), (int)round($crop['h'])); try { @@ -338,7 +342,7 @@ public function postCroppedAvatar(?array $crop = null): JSONResponse { // Clean up $this->cache->remove('tmpAvatar'); return new JSONResponse(['status' => 'success']); - } catch (\OC\NotSquareException $e) { + } catch (NotSquareException $e) { return new JSONResponse(['data' => ['message' => $this->l10n->t('Crop is not square')]], Http::STATUS_BAD_REQUEST); } catch (\Exception $e) { diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php index 082d5b3f92ebb..4b57f8e3186fa 100644 --- a/core/Controller/ClientFlowLoginController.php +++ b/core/Controller/ClientFlowLoginController.php @@ -39,11 +39,14 @@ use OCA\OAuth2\Db\AccessToken; use OCA\OAuth2\Db\AccessTokenMapper; use OCA\OAuth2\Db\ClientMapper; +use OCA\OAuth2\Exceptions\ClientNotFoundException; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\Attribute\UseSession; +use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\Http\Response; use OCP\AppFramework\Http\StandaloneTemplateResponse; +use OCP\DB\Exception; use OCP\Defaults; use OCP\EventDispatcher\IEventDispatcher; use OCP\IL10N; @@ -224,11 +227,12 @@ public function grantPage(string $stateToken = '', /** * @NoAdminRequired * - * @return Http\RedirectResponse|Response + * @throws ClientNotFoundException + * @throws Exception */ #[UseSession] public function generateAppPassword(string $stateToken, - string $clientIdentifier = '') { + string $clientIdentifier = ''): Response|StandaloneTemplateResponse|RedirectResponse { if (!$this->isValidToken($stateToken)) { $this->session->remove(self::STATE_NAME); return $this->stateTokenForbiddenResponse(); diff --git a/core/Controller/ClientFlowLoginV2Controller.php b/core/Controller/ClientFlowLoginV2Controller.php index 8a21148f5895f..65426ef0fa11f 100644 --- a/core/Controller/ClientFlowLoginV2Controller.php +++ b/core/Controller/ClientFlowLoginV2Controller.php @@ -28,6 +28,7 @@ namespace OC\Core\Controller; use OC\Authentication\Exceptions\InvalidTokenException; +use OC\Authentication\Token\IProvider; use OC\Core\Db\LoginFlowV2; use OC\Core\Exception\LoginFlowV2NotFoundException; use OC\Core\Service\LoginFlowV2Service; @@ -170,7 +171,7 @@ public function grantPage(?string $stateToken): StandaloneTemplateResponse { /** * @PublicPage */ - public function apptokenRedirect(?string $stateToken, string $user, string $password) { + public function apptokenRedirect(?string $stateToken, string $user, string $password): StandaloneTemplateResponse { if ($stateToken === null) { return $this->stateTokenMissingResponse(); } @@ -192,7 +193,7 @@ public function apptokenRedirect(?string $stateToken, string $user, string $pass $this->session->remove(self::STATE_NAME); try { - $token = \OC::$server->get(\OC\Authentication\Token\IProvider::class)->getToken($password); + $token = \OC::$server->get(IProvider::class)->getToken($password); if ($token->getLoginName() !== $user) { throw new InvalidTokenException('login name does not match'); } diff --git a/core/Controller/ContactsMenuController.php b/core/Controller/ContactsMenuController.php index 7b8f2e50aa54a..7c88bbdeba806 100644 --- a/core/Controller/ContactsMenuController.php +++ b/core/Controller/ContactsMenuController.php @@ -54,10 +54,9 @@ public function index(?string $filter = null): array { /** * @NoAdminRequired * - * @return JSONResponse|\JsonSerializable * @throws Exception */ - public function findOne(int $shareType, string $shareWith) { + public function findOne(int $shareType, string $shareWith): JSONResponse|\JsonSerializable { $contact = $this->manager->findOne($this->userSession->getUser(), $shareType, $shareWith); if ($contact) { diff --git a/core/Controller/CssController.php b/core/Controller/CssController.php index 7aec5850aea5a..f6b77b32df3d8 100644 --- a/core/Controller/CssController.php +++ b/core/Controller/CssController.php @@ -66,7 +66,7 @@ public function __construct( * @param string $appName css folder name * @return FileDisplayResponse|NotFoundResponse */ - public function getCss(string $fileName, string $appName): Response { + public function getCss(string $fileName, string $appName): FileDisplayResponse|NotFoundResponse { try { $folder = $this->appData->getFolder($appName); $gzip = false; diff --git a/core/Controller/GuestAvatarController.php b/core/Controller/GuestAvatarController.php index 6f06451b796a7..b84c83a9aa597 100644 --- a/core/Controller/GuestAvatarController.php +++ b/core/Controller/GuestAvatarController.php @@ -25,6 +25,7 @@ use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\FileDisplayResponse; +use OCP\AppFramework\Http\Response; use OCP\IAvatarManager; use OCP\IRequest; use Psr\Log\LoggerInterface; @@ -53,9 +54,10 @@ public function __construct( * * @param string $guestName The guest name, e.g. "Albert" * @param string $size The desired avatar size, e.g. 64 for 64x64px - * @return FileDisplayResponse|Http\Response + * @param bool|null $darkTheme + * @return FileDisplayResponse|Response */ - public function getAvatar(string $guestName, string $size, ?bool $darkTheme = false) { + public function getAvatar(string $guestName, string $size, ?bool $darkTheme = false): Response|FileDisplayResponse { $size = (int) $size; $darkTheme = $darkTheme ?? false; @@ -98,7 +100,7 @@ public function getAvatar(string $guestName, string $size, ?bool $darkTheme = fa * @PublicPage * @NoCSRFRequired */ - public function getAvatarDark(string $guestName, string $size) { + public function getAvatarDark(string $guestName, string $size): Response|FileDisplayResponse { return $this->getAvatar($guestName, $size, true); } } diff --git a/core/Controller/JsController.php b/core/Controller/JsController.php index 0ad78d5f87f0c..a8b9f1f5d1447 100644 --- a/core/Controller/JsController.php +++ b/core/Controller/JsController.php @@ -66,7 +66,7 @@ public function __construct( * @param string $appName js folder name * @return FileDisplayResponse|NotFoundResponse */ - public function getJs(string $fileName, string $appName): Response { + public function getJs(string $fileName, string $appName): FileDisplayResponse|NotFoundResponse { try { $folder = $this->appData->getFolder($appName); $gzip = false; diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 1bee366b00fbe..6788443d4b545 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -86,7 +86,7 @@ public function __construct( * @return RedirectResponse */ #[UseSession] - public function logout() { + public function logout(): RedirectResponse { $loginToken = $this->request->getCookie('nc_token'); if (!is_null($loginToken)) { $this->config->deleteUserValue($this->userSession->getUser()->getUID(), 'login_token', $loginToken); @@ -113,8 +113,8 @@ public function logout() { * @PublicPage * @NoCSRFRequired * - * @param string $user - * @param string $redirect_url + * @param string|null $user + * @param string|null $redirect_url * * @return TemplateResponse|RedirectResponse */ @@ -196,7 +196,7 @@ public function showLoginForm(string $user = null, string $redirect_url = null): /** * Sets the password reset state * - * @param string $username + * @param string|null $username */ private function setPasswordResetInitialState(?string $username): void { if ($username !== null && $username !== '') { @@ -263,8 +263,6 @@ private function generateRedirect(?string $redirectUrl): RedirectResponse { * @PublicPage * @NoCSRFRequired * @BruteForceProtection(action=login) - * - * @return RedirectResponse */ #[UseSession] public function tryLogin(Chain $loginChain, @@ -327,7 +325,7 @@ public function tryLogin(Chain $loginChain, * @return RedirectResponse */ private function createLoginFailedResponse( - $user, $originalUser, $redirect_url, string $loginMessage) { + string $user, string $originalUser, string $redirect_url, string $loginMessage): RedirectResponse { // Read current user and append if possible we need to // return the unmodified user otherwise we will leak the login name $args = $user !== null ? ['user' => $originalUser, 'direct' => 1] : []; diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php index 7de93b7107a4a..ed3628273c008 100644 --- a/core/Controller/LostController.php +++ b/core/Controller/LostController.php @@ -60,6 +60,7 @@ use OC\Core\Exception\ResetPasswordException; use OC\Security\RateLimiting\Exception\RateLimitExceededException; use OC\Security\RateLimiting\Limiter; +use OCP\Util; use Psr\Log\LoggerInterface; use function array_filter; use function count; @@ -176,7 +177,7 @@ public function email(string $user): JSONResponse { $user = trim($user); - \OCP\Util::emitHook( + Util::emitHook( '\OCA\Files_Sharing\API\Server2Server', 'preLoginNameUsedAsUserName', ['uid' => &$user] @@ -252,7 +253,6 @@ public function setPassword(string $token, string $userId, string $password, boo /** * @throws ResetPasswordException - * @throws \OCP\PreConditionNotMetException */ protected function sendEmail(string $input): void { $user = $this->findUserByIdOrMail($input); diff --git a/core/Controller/PreviewController.php b/core/Controller/PreviewController.php index 38373e2d14776..0e44f458afa27 100644 --- a/core/Controller/PreviewController.php +++ b/core/Controller/PreviewController.php @@ -27,15 +27,19 @@ */ namespace OC\Core\Controller; +use OC\User\NoUserException; use OCA\Files_Sharing\SharedStorage; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\FileDisplayResponse; +use OCP\AppFramework\Http\Response; use OCP\Files\File; +use OCP\Files\InvalidPathException; use OCP\Files\IRootFolder; use OCP\Files\Node; use OCP\Files\NotFoundException; +use OCP\Files\NotPermittedException; use OCP\IPreview; use OCP\IRequest; @@ -54,7 +58,9 @@ public function __construct( * @NoAdminRequired * @NoCSRFRequired * - * @return DataResponse|FileDisplayResponse + * @return Response + * @throws NotPermittedException + * @throws NoUserException */ public function getPreview( string $file = '', @@ -80,8 +86,6 @@ public function getPreview( /** * @NoAdminRequired * @NoCSRFRequired - * - * @return DataResponse|FileDisplayResponse */ public function getPreviewByFileId( int $fileId = -1, @@ -89,7 +93,7 @@ public function getPreviewByFileId( int $y = 32, bool $a = false, bool $forceIcon = true, - string $mode = 'fill') { + string $mode = 'fill'): DataResponse|FileDisplayResponse { if ($fileId === -1 || $x === 0 || $y === 0) { return new DataResponse([], Http::STATUS_BAD_REQUEST); } @@ -106,9 +110,6 @@ public function getPreviewByFileId( return $this->fetchPreview($node, $x, $y, $a, $forceIcon, $mode); } - /** - * @return DataResponse|FileDisplayResponse - */ private function fetchPreview( Node $node, int $x, diff --git a/core/Controller/ProfileApiController.php b/core/Controller/ProfileApiController.php index e66d4f21c2bf6..c503327e0e8c7 100644 --- a/core/Controller/ProfileApiController.php +++ b/core/Controller/ProfileApiController.php @@ -32,6 +32,7 @@ use OCP\AppFramework\OCS\OCSForbiddenException; use OCP\AppFramework\OCS\OCSNotFoundException; use OCP\AppFramework\OCSController; +use OCP\DB\Exception; use OCP\IRequest; use OCP\IUserManager; use OCP\IUserSession; diff --git a/core/Controller/SetupController.php b/core/Controller/SetupController.php index 69c3b2f2a2394..16a085c7c0196 100644 --- a/core/Controller/SetupController.php +++ b/core/Controller/SetupController.php @@ -78,7 +78,7 @@ public function run(array $post): void { } } - private function displaySetupForbidden() { + private function displaySetupForbidden(): void { \OC_Template::printGuestPage('', 'installation_forbidden'); } diff --git a/core/Controller/TwoFactorChallengeController.php b/core/Controller/TwoFactorChallengeController.php index 40b100c41bdab..6080ce52bba4c 100644 --- a/core/Controller/TwoFactorChallengeController.php +++ b/core/Controller/TwoFactorChallengeController.php @@ -57,7 +57,7 @@ public function __construct( /** * @return string */ - protected function getLogoutUrl() { + protected function getLogoutUrl(): string { return OC_User::getLogoutUrl($this->urlGenerator); } @@ -86,7 +86,7 @@ private function splitProvidersAndBackupCodes(array $providers): array { * @param string $redirect_url * @return StandaloneTemplateResponse */ - public function selectChallenge($redirect_url) { + public function selectChallenge($redirect_url): StandaloneTemplateResponse { $user = $this->userSession->getUser(); $providerSet = $this->twoFactorManager->getProviderSet($user); $allProviders = $providerSet->getProviders(); @@ -114,7 +114,7 @@ public function selectChallenge($redirect_url) { * @return StandaloneTemplateResponse|RedirectResponse */ #[UseSession] - public function showChallenge($challengeProviderId, $redirect_url) { + public function showChallenge(string $challengeProviderId, string $redirect_url): StandaloneTemplateResponse|RedirectResponse { $user = $this->userSession->getUser(); $providerSet = $this->twoFactorManager->getProviderSet($user); $provider = $providerSet->getProvider($challengeProviderId); @@ -164,11 +164,11 @@ public function showChallenge($challengeProviderId, $redirect_url) { * * @param string $challengeProviderId * @param string $challenge - * @param string $redirect_url + * @param string|null $redirect_url * @return RedirectResponse */ #[UseSession] - public function solveChallenge($challengeProviderId, $challenge, $redirect_url = null) { + public function solveChallenge(string $challengeProviderId, string $challenge, ?string $redirect_url = null): RedirectResponse { $user = $this->userSession->getUser(); $provider = $this->twoFactorManager->getProvider($user, $challengeProviderId); if (is_null($provider)) { @@ -221,7 +221,7 @@ public function setupProviders(): StandaloneTemplateResponse { * @NoAdminRequired * @NoCSRFRequired */ - public function setupProvider(string $providerId) { + public function setupProvider(string $providerId): StandaloneTemplateResponse|RedirectResponse { $user = $this->userSession->getUser(); $providers = $this->twoFactorManager->getLoginSetupProviders($user); @@ -254,7 +254,7 @@ public function setupProvider(string $providerId) { * * @todo handle the extreme edge case of an invalid provider ID and redirect to the provider selection page */ - public function confirmProviderSetup(string $providerId) { + public function confirmProviderSetup(string $providerId): RedirectResponse { return new RedirectResponse($this->urlGenerator->linkToRoute( 'core.TwoFactorChallenge.showChallenge', [ diff --git a/core/Controller/UnifiedSearchController.php b/core/Controller/UnifiedSearchController.php index 7e73ac8100fd1..313be45f51489 100644 --- a/core/Controller/UnifiedSearchController.php +++ b/core/Controller/UnifiedSearchController.php @@ -116,7 +116,7 @@ protected function getRouteInformation(string $url): array { // Optionally strip webroot from URL. Required for route matching on setups // with Nextcloud in a webserver subfolder (webroot). $webroot = $this->urlGenerator->getWebroot(); - if ($webroot !== '' && substr($urlPath, 0, strlen($webroot)) === $webroot) { + if ($webroot !== '' && str_starts_with($urlPath, $webroot)) { $urlPath = substr($urlPath, strlen($webroot)); } @@ -125,7 +125,7 @@ protected function getRouteInformation(string $url): array { // contacts.PageController.index => contacts.Page.index $route = $parameters['caller']; - if (substr($route[1], -10) === 'Controller') { + if (str_ends_with($route[1], 'Controller')) { $route[1] = substr($route[1], 0, -10); } $routeStr = implode('.', $route); diff --git a/core/Controller/UserController.php b/core/Controller/UserController.php index f8dbc1af02700..f8076cfb3f6c3 100644 --- a/core/Controller/UserController.php +++ b/core/Controller/UserController.php @@ -47,7 +47,7 @@ public function __construct( * * @return JSONResponse */ - public function getDisplayNames($users) { + public function getDisplayNames(array $users): JSONResponse { $result = []; foreach ($users as $user) { diff --git a/core/Controller/WellKnownController.php b/core/Controller/WellKnownController.php index 2e317ae01b5d9..cf8f660a97f65 100644 --- a/core/Controller/WellKnownController.php +++ b/core/Controller/WellKnownController.php @@ -43,8 +43,6 @@ public function __construct( /** * @PublicPage * @NoCSRFRequired - * - * @return Response */ public function handle(string $service): Response { $response = $this->requestManager->process(