feat: Add new forbidden filename options to JS config for frontend va…

…lidation Signed-off-by: Ferdinand Thiessen <[email protected]>
nextcloud · Jul 3, 2024 · 1968b74 · 1968b74
1 parent 155c99a
commit 1968b74
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 9 deletions.
diff --git a/apps/files/lib/Capabilities.php b/apps/files/lib/Capabilities.php
@@ -7,28 +7,31 @@
  */
 namespace OCA\Files;
 
+use OC\Files\FilenameValidator;
 use OCP\Capabilities\ICapability;
-use OCP\IConfig;
 
 class Capabilities implements ICapability {
 
-	protected IConfig $config;
-
-	public function __construct(IConfig $config) {
-		$this->config = $config;
+	public function __construct(
+		protected FilenameValidator $filenameValidator,
+	) {
 	}
 
 	/**
 	 * Return this classes capabilities
 	 *
-	 * @return array{files: array{bigfilechunking: bool, blacklisted_files: array<mixed>, forbidden_filename_characters: array<string>}}
+	 * @return array{files: array{$comment: string, bigfilechunking: bool, blacklisted_files: array<mixed>, forbidden_filenames: list<string>, forbidden_filename_characters: list<string>, forbidden_filename_extensions: list<string>}}
 	 */
 	public function getCapabilities() {
 		return [
 			'files' => [
+				'$comment' => '"blacklisted_files" is deprecacted as of Nextcloud 30, use "forbidden_filenames" instead',
+				'blacklisted_files' => $this->filenameValidator->getForbiddenFilenames(),
+				'forbidden_filenames' => $this->filenameValidator->getForbiddenFilenames(),
+				'forbidden_filename_characters' => $this->filenameValidator->getForbiddenCharacters(),
+				'forbidden_filename_extensions' => $this->filenameValidator->getForbiddenExtensions(),
+
 				'bigfilechunking' => true,
-				'blacklisted_files' => (array)$this->config->getSystemValue('blacklisted_files', ['.htaccess']),
-				'forbidden_filename_characters' => \OCP\Util::getForbiddenFileNameChars(),
 			],
 		];
 	}

diff --git a/lib/private/Template/JSConfigHelper.php b/lib/private/Template/JSConfigHelper.php
@@ -10,6 +10,7 @@
 use bantu\IniGetWrapper\IniGetWrapper;
 use OC\Authentication\Token\IProvider;
 use OC\CapabilitiesManager;
+use OC\Files\FilenameValidator;
 use OC\Share\Share;
 use OCP\App\AppPathNotFoundException;
 use OCP\App\IAppManager;
@@ -51,6 +52,7 @@ public function __construct(
 		protected CapabilitiesManager  $capabilitiesManager,
 		protected IInitialStateService $initialStateService,
 		protected IProvider            $tokenProvider,
+		protected FilenameValidator   $filenameValidator,
 	) {
 	}
 
@@ -133,8 +135,13 @@ public function getConfig(): string {
 
 		$config = [
 			'auto_logout' => $this->config->getSystemValue('auto_logout', false),
+			/** @deprecated 30.0.0 */
 			'blacklist_files_regex' => FileInfo::BLACKLIST_FILES_REGEX,
-			'forbidden_filename_characters' => Util::getForbiddenFileNameChars(),
+
+			'forbidden_filenames' => $this->filenameValidator->getForbiddenFilenames(),
+			'forbidden_filename_characters' => $this->filenameValidator->getForbiddenCharacters(),
+			'forbidden_filename_extensions' => $this->filenameValidator->getForbiddenExtensions(),
+
 			'loglevel' => $this->config->getSystemValue('loglevel_frontend',
 				$this->config->getSystemValue('loglevel', ILogger::WARN)
 			),