disable user unmount

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>

apps/files_external/lib/Controller/GlobalStoragesController.php

@@ -28,50 +28,42 @@
 namespace OCA\Files_External\Controller;
 
 use OCA\Files_External\NotFoundException;
+use OCA\Files_External\Service\BackendService;
 use OCA\Files_External\Service\GlobalStoragesService;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\IConfig;
 use OCP\IGroupManager;
 use OCP\IL10N;
-use OCP\ILogger;
 use OCP\IRequest;
 use OCP\IUserSession;
+use Psr\Log\LoggerInterface;
 
 /**
  * Global storages controller
  */
 class GlobalStoragesController extends StoragesController {
-	/**
-	 * Creates a new global storages controller.
-	 *
-	 * @param string $AppName application name
-	 * @param IRequest $request request object
-	 * @param IL10N $l10n l10n service
-	 * @param GlobalStoragesService $globalStoragesService storage service
-	 * @param ILogger $logger
-	 * @param IUserSession $userSession
-	 * @param IGroupManager $groupManager
-	 * @param IConfig $config
-	 */
+
 	public function __construct(
-		$AppName,
+		string $appName,
 		IRequest $request,
 		IL10N $l10n,
 		GlobalStoragesService $globalStoragesService,
-		ILogger $logger,
+		LoggerInterface $logger,
 		IUserSession $userSession,
 		IGroupManager $groupManager,
+		BackendService $backendService,
 		IConfig $config
 	) {
 		parent::__construct(
-			$AppName,
+			$appName,
 			$request,
 			$l10n,
 			$globalStoragesService,
 			$logger,
 			$userSession,
 			$groupManager,
+			$backendService,
 			$config
 		);
 	}

apps/files_external/lib/Controller/StoragesController.php

@@ -34,6 +34,7 @@
 use OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException;
 use OCA\Files_External\Lib\StorageConfig;
 use OCA\Files_External\NotFoundException;
+use OCA\Files_External\Service\BackendService;
 use OCA\Files_External\Service\StoragesService;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
@@ -42,75 +43,27 @@
 use OCP\IConfig;
 use OCP\IGroupManager;
 use OCP\IL10N;
-use OCP\ILogger;
 use OCP\IRequest;
 use OCP\IUserSession;
+use Psr\Log\LoggerInterface;
 
 /**
  * Base class for storages controllers
  */
 abstract class StoragesController extends Controller {
 
-	/**
-	 * L10N service
-	 *
-	 * @var IL10N
-	 */
-	protected $l10n;
-
-	/**
-	 * Storages service
-	 *
-	 * @var StoragesService
-	 */
-	protected $service;
-
-	/**
-	 * @var ILogger
-	 */
-	protected $logger;
-
-	/**
-	 * @var IUserSession
-	 */
-	protected $userSession;
-
-	/**
-	 * @var IGroupManager
-	 */
-	protected $groupManager;
-
-	/**
-	 * @var IConfig
-	 */
-	protected $config;
-
-	/**
-	 * Creates a new storages controller.
-	 *
-	 * @param string $AppName application name
-	 * @param IRequest $request request object
-	 * @param IL10N $l10n l10n service
-	 * @param StoragesService $storagesService storage service
-	 * @param ILogger $logger
-	 */
 	public function __construct(
-		$AppName,
+		string $appName,
 		IRequest $request,
-		IL10N $l10n,
-		StoragesService $storagesService,
-		ILogger $logger,
-		IUserSession $userSession,
-		IGroupManager $groupManager,
-		IConfig $config
+		protected IL10N $l10n,
+		protected StoragesService $service,
+		protected LoggerInterface $logger,
+		protected IUserSession $userSession,
+		protected IGroupManager $groupManager,
+		protected BackendService $backendService,
+		protected IConfig $config
 	) {
-		parent::__construct($AppName, $request);
-		$this->l10n = $l10n;
-		$this->service = $storagesService;
-		$this->logger = $logger;
-		$this->userSession = $userSession;
-		$this->groupManager = $groupManager;
-		$this->config = $config;
+		parent::__construct($appName, $request);
 	}
 
 	/**
@@ -159,7 +112,7 @@ protected function createStorage(
 				$priority
 			);
 		} catch (\InvalidArgumentException $e) {
-			$this->logger->logException($e);
+			$this->logger->warning('Invalid backend or authentication mechanism class', ['exception' => $e]);
 			return new DataResponse(
 				[
 					'message' => $this->l10n->t('Invalid backend or authentication mechanism class')

apps/files_external/lib/Controller/UserGlobalStoragesController.php

@@ -33,49 +33,42 @@
 use OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException;
 use OCA\Files_External\Lib\StorageConfig;
 use OCA\Files_External\NotFoundException;
+use OCA\Files_External\Service\BackendService;
 use OCA\Files_External\Service\UserGlobalStoragesService;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\IConfig;
 use OCP\IGroupManager;
 use OCP\IL10N;
-use OCP\ILogger;
 use OCP\IRequest;
 use OCP\IUserSession;
+use Psr\Log\LoggerInterface;
 
 /**
  * User global storages controller
  */
 class UserGlobalStoragesController extends StoragesController {
-	/**
-	 * Creates a new user global storages controller.
-	 *
-	 * @param string $AppName application name
-	 * @param IRequest $request request object
-	 * @param IL10N $l10n l10n service
-	 * @param UserGlobalStoragesService $userGlobalStoragesService storage service
-	 * @param ILogger $logger
-	 * @param IUserSession $userSession
-	 * @param IGroupManager $groupManager
-	 */
+
 	public function __construct(
-		$AppName,
+		string $appName,
 		IRequest $request,
 		IL10N $l10n,
 		UserGlobalStoragesService $userGlobalStoragesService,
-		ILogger $logger,
+		LoggerInterface $logger,
 		IUserSession $userSession,
 		IGroupManager $groupManager,
+		BackendService $backendService,
 		IConfig $config
 	) {
 		parent::__construct(
-			$AppName,
+			$appName,
 			$request,
 			$l10n,
 			$userGlobalStoragesService,
 			$logger,
 			$userSession,
 			$groupManager,
+			$backendService,
 			$config
 		);
 	}

apps/files_external/lib/Controller/UserStoragesController.php

@@ -32,49 +32,42 @@
 use OCA\Files_External\Lib\Backend\Backend;
 use OCA\Files_External\Lib\StorageConfig;
 use OCA\Files_External\NotFoundException;
+use OCA\Files_External\Service\BackendService;
 use OCA\Files_External\Service\UserStoragesService;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\IConfig;
 use OCP\IGroupManager;
 use OCP\IL10N;
-use OCP\ILogger;
 use OCP\IRequest;
 use OCP\IUserSession;
+use Psr\Log\LoggerInterface;
 
 /**
  * User storages controller
  */
 class UserStoragesController extends StoragesController {
-	/**
-	 * Creates a new user storages controller.
-	 *
-	 * @param string $AppName application name
-	 * @param IRequest $request request object
-	 * @param IL10N $l10n l10n service
-	 * @param UserStoragesService $userStoragesService storage service
-	 * @param ILogger $logger
-	 * @param IUserSession $userSession
-	 * @param IGroupManager $groupManager
-	 */
+
 	public function __construct(
-		$AppName,
+		string $appName,
 		IRequest $request,
 		IL10N $l10n,
 		UserStoragesService $userStoragesService,
-		ILogger $logger,
+		LoggerInterface $logger,
 		IUserSession $userSession,
 		IGroupManager $groupManager,
+		BackendService $backendService,
 		IConfig $config
 	) {
 		parent::__construct(
-			$AppName,
+			$appName,
 			$request,
 			$l10n,
 			$userStoragesService,
 			$logger,
 			$userSession,
 			$groupManager,
+			$backendService,
 			$config
 		);
 	}
@@ -232,6 +225,17 @@ public function update(
 	 * {@inheritdoc}
 	 */
 	public function destroy($id) {
+		if (!$this->backendService->isUserUnmountingAllowed()) {
+			return new DataResponse(
+				[
+					'message' => $this->l10n->t(
+						'Insufficient right to disconnect this storage'
+					)
+				],
+				Http::STATUS_NOT_FOUND
+			);
+		}
+
 		return parent::destroy($id);
 	}
 }

apps/files_external/lib/Service/BackendService.php

@@ -28,7 +28,6 @@
 
 use OCA\Files_External\Config\IConfigHandler;
 use OCA\Files_External\Lib\Auth\AuthMechanism;
-
 use OCA\Files_External\Lib\Backend\Backend;
 use OCA\Files_External\Lib\Config\IAuthMechanismProvider;
 use OCA\Files_External\Lib\Config\IBackendProvider;
@@ -51,44 +50,42 @@ class BackendService {
 	/** Priority constants for PriorityTrait */
 	public const PRIORITY_DEFAULT = 100;
 
-	/** @var IConfig */
-	protected $config;
-
-	/** @var bool */
-	private $userMountingAllowed = true;
+	private bool $userMountingAllowed = true;
+	private bool $userUnmountingAllowed = true;
 
 	/** @var string[] */
-	private $userMountingBackends = [];
+	private array $userMountingBackends;
 
 	/** @var Backend[] */
-	private $backends = [];
+	private array $backends = [];
 
 	/** @var IBackendProvider[] */
-	private $backendProviders = [];
+	private array $backendProviders = [];
 
 	/** @var AuthMechanism[] */
-	private $authMechanisms = [];
+	private array $authMechanisms = [];
 
 	/** @var IAuthMechanismProvider[] */
-	private $authMechanismProviders = [];
+	private array $authMechanismProviders = [];
 
 	/** @var callable[] */
-	private $configHandlerLoaders = [];
+	private array $configHandlerLoaders = [];
 
-	private $configHandlers = [];
+	private array $configHandlers = [];
 
 	/**
 	 * @param IConfig $config
 	 */
 	public function __construct(
-		IConfig $config
+		protected IConfig $config
 	) {
-		$this->config = $config;
-
 		// Load config values
 		if ($this->config->getAppValue('files_external', 'allow_user_mounting', 'yes') !== 'yes') {
 			$this->userMountingAllowed = false;
 		}
+		if ($this->config->getAppValue('files_external', 'allow_user_unmounting', 'yes') !== 'yes') {
+			$this->userUnmountingAllowed = false;
+		}
 		$this->userMountingBackends = explode(',',
 			$this->config->getAppValue('files_external', 'user_mounting_backends', '')
 		);
@@ -275,10 +272,14 @@ public function getAuthMechanism($identifier) {
 	/**
 	 * @return bool
 	 */
-	public function isUserMountingAllowed() {
+	public function isUserMountingAllowed(): bool {
 		return $this->userMountingAllowed;
 	}
 
+	public function isUserUnmountingAllowed(): bool {
+		return $this->userUnmountingAllowed;
+	}
+
 	/**
 	 * Check a backend if a user is allowed to mount it
 	 *

apps/files_external/lib/Settings/Admin.php

@@ -68,6 +68,7 @@ public function getForm() {
 			'authMechanisms' => $this->backendService->getAuthMechanisms(),
 			'dependencies' => \OCA\Files_External\MountConfig::dependencyMessage($this->backendService->getBackends()),
 			'allowUserMounting' => $this->backendService->isUserMountingAllowed(),
+			'allowUserUnmounting' => $this->backendService->isUserUnmountingAllowed(),
 			'globalCredentials' => $this->globalAuth->getAuth(''),
 			'globalCredentialsUid' => '',
 		];

apps/files_external/lib/Settings/Personal.php

@@ -76,6 +76,7 @@ public function getForm() {
 			'authMechanisms' => $this->backendService->getAuthMechanisms(),
 			'dependencies' => \OCA\Files_External\MountConfig::dependencyMessage($this->backendService->getBackends()),
 			'allowUserMounting' => $this->backendService->isUserMountingAllowed(),
+			'allowUserUnmounting' => $this->backendService->isUserUnmountingAllowed(),
 			'globalCredentials' => $this->globalAuth->getAuth($uid),
 			'globalCredentialsUid' => $uid,
 		];