Merge pull request #15139 from nextcloud/backport/15129/stable15

Backport/15129/stable15

Author: MorrisJobke

core/Application.php

@@ -28,6 +28,7 @@
 
 namespace OC\Core;
 
+use OC\Core\Notification\RemoveLinkSharesNotifier;
 use OC\DB\MissingIndexInformation;
 use OC\DB\SchemaWrapper;
 use OCP\AppFramework\App;
@@ -54,6 +55,18 @@ public function __construct() {
 		$server = $container->getServer();
 		$eventDispatcher = $server->getEventDispatcher();
 
+		$notificationManager = $server->getNotificationManager();
+		$notificationManager->registerNotifier(function() use ($server) {
+			return new RemoveLinkSharesNotifier(
+				$server->getL10NFactory()
+			);
+		},  function() use ($server) {
+			return [
+				'id' => 'core',
+				'name' => 'core',
+			];
+		});
+
 		$eventDispatcher->addListener(IDBConnection::CHECK_MISSING_INDEXES_EVENT,
 			function(GenericEvent $event) use ($container) {
 				/** @var MissingIndexInformation $subject */

core/Notification/RemoveLinkSharesNotifier.php

@@ -0,0 +1,55 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Core\Notification;
+
+use OCP\L10N\IFactory;
+use OCP\Notification\INotification;
+use OCP\Notification\INotifier;
+
+class RemoveLinkSharesNotifier implements INotifier {
+	/** @var IFactory */
+	private $l10nFactory;
+
+	public function __construct(IFactory $factory) {
+		$this->l10nFactory = $factory;
+	}
+
+	public function prepare(INotification $notification, $languageCode): INotification {
+		if($notification->getApp() !== 'core') {
+			throw new \InvalidArgumentException();
+		}
+		$l = $this->l10nFactory->get('core', $languageCode);
+
+		if ($notification->getSubject() === 'repair_exposing_links') {
+			$notification->setParsedSubject($l->t('Some of your link shares have been removed'));
+			$notification->setParsedMessage($l->t('Due to a security bug we had to remove some of your link shares. Please see the link for more information.'));
+			$notification->setLink('https://nextcloud.com/security/advisory/?id=NC-SA-2019-003');
+			return $notification;
+		}
+
+		throw new \InvalidArgumentException('Invalid subject');
+	}
+
+}

lib/composer/composer/autoload_classmap.php

@@ -677,6 +677,7 @@
     'OC\\Core\\Migrations\\Version15000Date20180926101451' => $baseDir . '/core/Migrations/Version15000Date20180926101451.php',
     'OC\\Core\\Migrations\\Version15000Date20181015062942' => $baseDir . '/core/Migrations/Version15000Date20181015062942.php',
     'OC\\Core\\Migrations\\Version15000Date20181029084625' => $baseDir . '/core/Migrations/Version15000Date20181029084625.php',
+    'OC\\Core\\Notification\\RemoveLinkSharesNotifier' => $baseDir . '/core/Notification/RemoveLinkSharesNotifier.php',
     'OC\\DB\\Adapter' => $baseDir . '/lib/private/DB/Adapter.php',
     'OC\\DB\\AdapterMySQL' => $baseDir . '/lib/private/DB/AdapterMySQL.php',
     'OC\\DB\\AdapterOCI8' => $baseDir . '/lib/private/DB/AdapterOCI8.php',
@@ -976,6 +977,7 @@
     'OC\\Repair\\OldGroupMembershipShares' => $baseDir . '/lib/private/Repair/OldGroupMembershipShares.php',
     'OC\\Repair\\Owncloud\\DropAccountTermsTable' => $baseDir . '/lib/private/Repair/Owncloud/DropAccountTermsTable.php',
     'OC\\Repair\\Owncloud\\SaveAccountsTableData' => $baseDir . '/lib/private/Repair/Owncloud/SaveAccountsTableData.php',
+    'OC\\Repair\\RemoveLinkShares' => $baseDir . '/lib/private/Repair/RemoveLinkShares.php',
     'OC\\Repair\\RemoveRootShares' => $baseDir . '/lib/private/Repair/RemoveRootShares.php',
     'OC\\Repair\\RepairInvalidShares' => $baseDir . '/lib/private/Repair/RepairInvalidShares.php',
     'OC\\Repair\\RepairMimeTypes' => $baseDir . '/lib/private/Repair/RepairMimeTypes.php',

lib/composer/composer/autoload_static.php

@@ -707,6 +707,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
         'OC\\Core\\Migrations\\Version15000Date20180926101451' => __DIR__ . '/../../..' . '/core/Migrations/Version15000Date20180926101451.php',
         'OC\\Core\\Migrations\\Version15000Date20181015062942' => __DIR__ . '/../../..' . '/core/Migrations/Version15000Date20181015062942.php',
         'OC\\Core\\Migrations\\Version15000Date20181029084625' => __DIR__ . '/../../..' . '/core/Migrations/Version15000Date20181029084625.php',
+        'OC\\Core\\Notification\\RemoveLinkSharesNotifier' => __DIR__ . '/../../..' . '/core/Notification/RemoveLinkSharesNotifier.php',
         'OC\\DB\\Adapter' => __DIR__ . '/../../..' . '/lib/private/DB/Adapter.php',
         'OC\\DB\\AdapterMySQL' => __DIR__ . '/../../..' . '/lib/private/DB/AdapterMySQL.php',
         'OC\\DB\\AdapterOCI8' => __DIR__ . '/../../..' . '/lib/private/DB/AdapterOCI8.php',
@@ -1006,6 +1007,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
         'OC\\Repair\\OldGroupMembershipShares' => __DIR__ . '/../../..' . '/lib/private/Repair/OldGroupMembershipShares.php',
         'OC\\Repair\\Owncloud\\DropAccountTermsTable' => __DIR__ . '/../../..' . '/lib/private/Repair/Owncloud/DropAccountTermsTable.php',
         'OC\\Repair\\Owncloud\\SaveAccountsTableData' => __DIR__ . '/../../..' . '/lib/private/Repair/Owncloud/SaveAccountsTableData.php',
+        'OC\\Repair\\RemoveLinkShares' => __DIR__ . '/../../..' . '/lib/private/Repair/RemoveLinkShares.php',
         'OC\\Repair\\RemoveRootShares' => __DIR__ . '/../../..' . '/lib/private/Repair/RemoveRootShares.php',
         'OC\\Repair\\RepairInvalidShares' => __DIR__ . '/../../..' . '/lib/private/Repair/RepairInvalidShares.php',
         'OC\\Repair\\RepairMimeTypes' => __DIR__ . '/../../..' . '/lib/private/Repair/RepairMimeTypes.php',

lib/private/DB/QueryBuilder/QueryBuilder.php

@@ -1170,6 +1170,10 @@ public function getLastInsertId() {
 	 * @return string
 	 */
 	public function getTableName($table) {
+		if ($table instanceof IQueryFunction) {
+			return (string) $table;
+		}
+
 		$table = $this->prefixTableName($table);
 		return $this->helper->quoteColumnName($table);
 	}

lib/private/Repair.php

@@ -49,13 +49,16 @@
 use OC\Repair\OldGroupMembershipShares;
 use OC\Repair\Owncloud\DropAccountTermsTable;
 use OC\Repair\Owncloud\SaveAccountsTableData;
+use OC\Repair\RemoveLinkShares;
 use OC\Repair\RemoveRootShares;
 use OC\Repair\RepairInvalidShares;
 use OC\Repair\RepairMimeTypes;
 use OC\Repair\SqliteAutoincrement;
 use OC\Template\JSCombiner;
 use OC\Template\SCSSCacher;
 use Symfony\Component\EventDispatcher\EventDispatcher;
+use OCP\AppFramework\Utility\ITimeFactory;
+use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 use Symfony\Component\EventDispatcher\GenericEvent;
 
 class Repair implements IOutput {
@@ -147,7 +150,8 @@ public static function getRepairSteps() {
 			new AddPreviewBackgroundCleanupJob(\OC::$server->getJobList()),
 			new AddCleanupUpdaterBackupsJob(\OC::$server->getJobList()),
 			new RepairPendingCronJobs(\OC::$server->getDatabaseConnection(), \OC::$server->getConfig()),
-			new SetVcardDatabaseUID(\OC::$server->getDatabaseConnection(), \OC::$server->getConfig(), \OC::$server->getLogger())
+			new SetVcardDatabaseUID(\OC::$server->getDatabaseConnection(), \OC::$server->getConfig(), \OC::$server->getLogger()),
+			new RemoveLinkShares(\OC::$server->getDatabaseConnection(), \OC::$server->getConfig(), \OC::$server->getGroupManager(), \OC::$server->getNotificationManager(), \OC::$server->query(ITimeFactory::class)),
 		];
 	}
 

lib/private/Repair/RemoveLinkShares.php

@@ -0,0 +1,236 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Repair;
+
+use Doctrine\DBAL\Driver\Statement;
+use OCP\AppFramework\Utility\ITimeFactory;
+use OCP\DB\QueryBuilder\IQueryBuilder;
+use OCP\IConfig;
+use OCP\IDBConnection;
+use OCP\IGroupManager;
+use OCP\Migration\IOutput;
+use OCP\Migration\IRepairStep;
+use OCP\Notification\IManager;
+
+class RemoveLinkShares implements IRepairStep {
+	/** @var IDBConnection */
+	private $connection;
+	/** @var IConfig */
+	private $config;
+	/** @var string[] */
+	private $userToNotify = [];
+	/** @var IGroupManager */
+	private $groupManager;
+	/** @var IManager */
+	private $notificationManager;
+	/** @var ITimeFactory */
+	private $timeFactory;
+
+	public function __construct(IDBConnection $connection,
+								IConfig $config,
+								IGroupManager $groupManager,
+								IManager $notificationManager,
+								ITimeFactory $timeFactory) {
+		$this->connection = $connection;
+		$this->config = $config;
+		$this->groupManager = $groupManager;
+		$this->notificationManager = $notificationManager;
+		$this->timeFactory = $timeFactory;
+	}
+
+
+	public function getName(): string {
+		return 'Remove potentially over exposing share links';
+	}
+
+	private function shouldRun(): bool {
+		$versionFromBeforeUpdate = $this->config->getSystemValue('version', '0.0.0');
+
+		if (version_compare($versionFromBeforeUpdate, '14.0.11', '<')) {
+			return true;
+		}
+		if (version_compare($versionFromBeforeUpdate, '15.0.8', '<')) {
+			return true;
+		}
+		if (version_compare($versionFromBeforeUpdate, '16.0.0', '<=')) {
+			return true;
+		}
+
+		return false;
+	}
+
+	/**
+	 * Delete the share
+	 *
+	 * @param int $id
+	 */
+	private function deleteShare(int $id) {
+		$qb = $this->connection->getQueryBuilder();
+		$qb->delete('share')
+			->where($qb->expr()->eq('id', $qb->createNamedParameter($id)));
+		$qb->execute();
+	}
+
+	/**
+	 * Get the total of affected shares
+	 *
+	 * @return int
+	 */
+	private function getTotal(): int {
+		$subSubQuery = $this->connection->getQueryBuilder();
+		$subSubQuery->select('*')
+			->from('share')
+			->where($subSubQuery->expr()->isNotNull('parent'))
+			->andWhere($subSubQuery->expr()->eq('share_type', $subSubQuery->expr()->literal(3, IQueryBuilder::PARAM_INT)));
+
+		$subQuery = $this->connection->getQueryBuilder();
+		$subQuery->select('s1.id')
+			->from($subQuery->createFunction('(' . $subSubQuery->getSQL() . ')'), 's1')
+			->join(
+				's1', 'share', 's2',
+				$subQuery->expr()->eq('s1.parent', 's2.id')
+			)
+			->where($subQuery->expr()->orX(
+				$subQuery->expr()->eq('s2.share_type', $subQuery->expr()->literal(1, IQueryBuilder::PARAM_INT)),
+				$subQuery->expr()->eq('s2.share_type', $subQuery->expr()->literal(2, IQueryBuilder::PARAM_INT))
+			))
+			->andWhere($subQuery->expr()->eq('s1.item_source', 's2.item_source'));
+
+		$query = $this->connection->getQueryBuilder();
+		$query->select($query->func()->count('*', 'total'))
+			->from('share')
+			->where($query->expr()->in('id', $query->createFunction('(' . $subQuery->getSQL() . ')')));
+
+		$result = $query->execute();
+		$data = $result->fetch();
+		$result->closeCursor();
+
+		return (int) $data['total'];
+	}
+
+	/**
+	 * Get the cursor to fetch all the shares
+	 *
+	 * @return \Doctrine\DBAL\Driver\Statement
+	 */
+	private function getShares(): Statement {
+		$subQuery = $this->connection->getQueryBuilder();
+		$subQuery->select('*')
+			->from('share')
+			->where($subQuery->expr()->isNotNull('parent'))
+			->andWhere($subQuery->expr()->eq('share_type', $subQuery->expr()->literal(3, IQueryBuilder::PARAM_INT)));
+
+		$query = $this->connection->getQueryBuilder();
+		$query->select('s1.id', 's1.uid_owner', 's1.uid_initiator')
+			->from($query->createFunction('(' . $subQuery->getSQL() . ')'), 's1')
+			->join(
+				's1', 'share', 's2',
+				$query->expr()->eq('s1.parent', 's2.id')
+			)
+			->where($query->expr()->orX(
+				$query->expr()->eq('s2.share_type', $query->expr()->literal(1, IQueryBuilder::PARAM_INT)),
+				$query->expr()->eq('s2.share_type', $query->expr()->literal(2, IQueryBuilder::PARAM_INT))
+			))
+			->andWhere($query->expr()->eq('s1.item_source', 's2.item_source'));
+		return $query->execute();
+	}
+
+	/**
+	 * Process a single share
+	 *
+	 * @param array $data
+	 */
+	private function processShare(array $data) {
+		$id = $data['id'];
+
+		$this->addToNotify($data['uid_owner']);
+		$this->addToNotify($data['uid_initiator']);
+
+		$this->deleteShare((int)$id);
+	}
+
+	/**
+	 * Update list of users to notify
+	 *
+	 * @param string $uid
+	 */
+	private function addToNotify(string $uid) {
+		if (!isset($this->userToNotify[$uid])) {
+			$this->userToNotify[$uid] = true;
+		}
+	}
+
+	/**
+	 * Send all notifications
+	 */
+	private function sendNotification() {
+		$time = $this->timeFactory->getDateTime();
+
+		$notification = $this->notificationManager->createNotification();
+		$notification->setApp('core')
+			->setDateTime($time)
+			->setObject('repair', 'exposing_links')
+			->setSubject('repair_exposing_links', []);
+
+		$users = array_keys($this->userToNotify);
+		foreach ($users as $user) {
+			$notification->setUser($user);
+			$this->notificationManager->notify($notification);
+		}
+	}
+
+	private function repair(IOutput $output) {
+		$total = $this->getTotal();
+		$output->startProgress($total);
+
+		$shareCursor = $this->getShares();
+		while($data = $shareCursor->fetch()) {
+			$this->processShare($data);
+			$output->advance();
+		}
+		$output->finishProgress();
+		$shareCursor->closeCursor();
+
+		// Notifiy all admins
+		$adminGroup = $this->groupManager->get('admin');
+		$adminUsers = $adminGroup->getUsers();
+		foreach ($adminUsers as $user) {
+			$this->addToNotify($user->getUID());
+		}
+
+		$output->info('Sending notifications to admins and affected users');
+		$this->sendNotification();
+	}
+
+	public function run(IOutput $output) {
+		if ($this->shouldRun()) {
+			$output->info('Removing potentially over exposing link shares');
+			$this->repair($output);
+			$output->info('Removed potentially over exposing link shares');
+		} else {
+			$output->info('No need to remove link shares.');
+		}
+	}
+}

version.php

@@ -29,7 +29,7 @@
 // between betas, final and RCs. This is _not_ the public version number. Reset minor/patchlevel
 // when updating major/minor version number.
 
-$OC_Version = array(15, 0, 7, 0);
+$OC_Version = array(15, 0, 7, 1);
 
 // The human readable string
 $OC_VersionString = '15.0.7';