Do not allow changing/adding scripts via the Web

It's just too dangerous for now. Signed-off-by: Joas Schilling <coding@schilljs.com>
7 years ago · 18aa82dabf
3 changed files with 15 additions and 79 deletions
--- a/appinfo/routes.php
+++ b/appinfo/routes.php
@ -348,7 +348,6 @@ return [
 		/**
 		 * Commands
 		 */
-		// TODO turn into a resource after https://github.com/nextcloud/server/pull/13714 is merged
 		[
 			'name' => 'Command#index',
 			'url' => '/api/{apiVersion}/command',
@ -357,23 +356,6 @@ return [
 				'apiVersion' => 'v1',
 			],
 		],
-		[
-			'name' => 'Command#create',
-			'url' => '/api/{apiVersion}/command',
-			'verb' => 'POST',
-			'requirements' => [
-				'apiVersion' => 'v1',
-			],
-		],
-		[
-			'name' => 'Command#show',
-			'url' => '/api/{apiVersion}/command/{id}',
-			'verb' => 'GET',
-			'requirements' => [
-				'apiVersion' => 'v1',
-				'id' => '^\d+$',
-			],
-		],
 		[
 			'name' => 'Command#update',
 			'url' => '/api/{apiVersion}/command/{id}',
@ -393,12 +375,5 @@ return [
 			],
 		],
 	],
-
-	/**
-	 * TODO Enable after https://github.com/nextcloud/server/pull/13714 is merged
-	'ocs-resources' => [
-		'Command' => ['url' => '/api/{apiVersion}/command', 'requirements' => ['apiVersion' => 'v1']],
-	],
-	*/
 ];

--- a/lib/Controller/CommandController.php
+++ b/lib/Controller/CommandController.php
@ -32,7 +32,6 @@ use OCP\IRequest;

 class CommandController extends OCSController {

-
 	/** @var CommandService */
 	protected $commandService;

@ -70,66 +69,15 @@ class CommandController extends OCSController {
 		return new DataResponse($result);
 	}

-	/**
-	 * @param string $cmd
-	 * @param string $name
-	 * @param string $script
-	 * @param int $response
-	 * @param int $enabled
-	 * @return DataResponse
-	 */
-	public function create(string $cmd, string $name, string $script, int $response, int $enabled): DataResponse {
-		try {
-			$command = $this->commandService->create('', $name, $cmd, $script, $response, $enabled);
-		} catch (\InvalidArgumentException $e) {
-			return new DataResponse(['error' => $e->getMessage()], Http::STATUS_BAD_REQUEST);
-		}
-
-		return new DataResponse([
-			'id' => $command->getId(),
-			'app' => $command->getApp(),
-			'name' => $command->getName(),
-			'pattern' => $command->getCommand(),
-			'script' => $command->getScript(),
-			'response' => $command->getResponse(),
-			'enabled' => $command->getEnabled(),
-		]);
-	}
-
-	/**
-	 * @param int $id
-	 * @return DataResponse
-	 */
-	public function show(int $id): DataResponse {
-		try {
-			$command = $this->commandService->findById($id);
-		} catch (DoesNotExistException $e) {
-			return new DataResponse([], Http::STATUS_NOT_FOUND);
-		}
-
-		return new DataResponse([
-			'id' => $command->getId(),
-			'app' => $command->getApp(),
-			'name' => $command->getName(),
-			'pattern' => $command->getCommand(),
-			'script' => $command->getScript(),
-			'response' => $command->getResponse(),
-			'enabled' => $command->getEnabled(),
-		]);
-	}
-
 	/**
 	 * @param int $id
-	 * @param string $cmd
-	 * @param string $name
-	 * @param string $script
 	 * @param int $response
 	 * @param int $enabled
 	 * @return DataResponse
 	 */
-	public function update(int $id, string $cmd, string $name, string $script, int $response, int $enabled): DataResponse {
+	public function update(int $id, int $response, int $enabled): DataResponse {
 		try {
-			$command = $this->commandService->update($id, $name,  $cmd, $script, $response, $enabled);
+			$command = $this->commandService->updateFromWeb($id, $response, $enabled);
 		} catch (DoesNotExistException $e) {
 			return new DataResponse([], Http::STATUS_NOT_FOUND);
 		} catch (\InvalidArgumentException $e) {
--- a/lib/Service/CommandService.php
+++ b/lib/Service/CommandService.php
@ -74,6 +74,19 @@ class CommandService {
 		return $this->mapper->insert($command);
 	}

+	/**
+	 * @param int $id
+	 * @param int $response
+	 * @param int $enabled
+	 * @return Command
+	 * @throws \InvalidArgumentException
+	 * @throws DoesNotExistException
+	 */
+	public function updateFromWeb(int $id, int $response, int $enabled): Command {
+		$command = $this->mapper->findById($id);
+		return $this->update($id, $command->getCommand(), $command->getName(), $command->getScript(), $response, $enabled);
+	}
+
 	/**
 	 * @param int $id
 	 * @param string $cmd