feat: Use inline password confirmation in external storage settings

Signed-off-by: Louis Chemineau <[email protected]>

apps/files_external/lib/Controller/AjaxController.php

@@ -105,7 +105,7 @@ public function getSshKeys($keyLength = 1024) {
 	 * @return bool
 	 */
 	#[NoAdminRequired]
-	#[PasswordConfirmationRequired]
+	#[PasswordConfirmationRequired(strict: true)]
 	public function saveGlobalCredentials($uid, $user, $password) {
 		$currentUser = $this->userSession->getUser();
 		if ($currentUser === null) {

apps/files_external/lib/Controller/GlobalStoragesController.php

@@ -91,7 +91,7 @@ public function __construct(
 	 *
 	 * @return DataResponse
 	 */
-	#[PasswordConfirmationRequired]
+	#[PasswordConfirmationRequired(strict: true)]
 	public function create(
 		$mountPoint,
 		$backend,
@@ -157,7 +157,7 @@ public function create(
 	 *
 	 * @return DataResponse
 	 */
-	#[PasswordConfirmationRequired]
+	#[PasswordConfirmationRequired(strict: true)]
 	public function update(
 		$id,
 		$mountPoint,

apps/files_external/lib/Controller/StoragesController.php

@@ -323,7 +323,7 @@ public function show(int $id, $testOnly = true) {
 	 *
 	 * @return DataResponse
 	 */
-	#[PasswordConfirmationRequired]
+	#[PasswordConfirmationRequired(strict: true)]
 	public function destroy(int $id) {
 		try {
 			$this->service->removeStorage($id);

apps/files_external/lib/Controller/UserGlobalStoragesController.php

@@ -159,7 +159,7 @@ public function show($id, $testOnly = true) {
 	 * @return DataResponse
 	 */
 	#[NoAdminRequired]
-	#[PasswordConfirmationRequired]
+	#[PasswordConfirmationRequired(strict: true)]
 	public function update(
 		$id,
 		$backendOptions,

apps/files_external/lib/Controller/UserStoragesController.php

@@ -124,7 +124,7 @@ public function show(int $id, $testOnly = true) {
 	 * @return DataResponse
 	 */
 	#[NoAdminRequired]
-	#[PasswordConfirmationRequired]
+	#[PasswordConfirmationRequired(strict: true)]
 	public function create(
 		$mountPoint,
 		$backend,
@@ -180,7 +180,7 @@ public function create(
 	 * @return DataResponse
 	 */
 	#[NoAdminRequired]
-	#[PasswordConfirmationRequired]
+	#[PasswordConfirmationRequired(strict: true)]
 	public function update(
 		$id,
 		$mountPoint,
@@ -232,7 +232,7 @@ public function update(
 	 * {@inheritdoc}
 	 */
 	#[NoAdminRequired]
-	#[PasswordConfirmationRequired]
+	#[PasswordConfirmationRequired(strict: true)]
 	public function destroy(int $id) {
 		return parent::destroy($id);
 	}

apps/files_external/js/settings.js → apps/files_external/src/settings.js

@@ -8,7 +8,11 @@
  *
  */
 
-(function(){
+import axios from '@nextcloud/axios'
+import { t } from '@nextcloud/l10n'
+import { addPasswordConfirmationInterceptors, PwdConfirmationMode } from '@nextcloud/password-confirmation'
+
+addPasswordConfirmationInterceptors(axios)
 
 /**
  * Returns the selection of applicable users in the given configuration row
@@ -278,7 +282,7 @@ StorageConfig.prototype = {
 			url = OC.generateUrl(this._url + '/{id}', {id: this.id});
 		}
 
-		window.OC.PasswordConfirmation.requirePasswordConfirmation(() => this._save(method, url, options), options.error);
+		this._save(method, url, options);
 	},
 
 	/**
@@ -287,22 +291,20 @@ StorageConfig.prototype = {
 	 * @param {string} url 
 	 * @param {{success: Function, error: Function}} options 
 	 */
-	_save: function(method, url, options) {
-		self = this;
-
-		$.ajax({
-			type: method,
-			url: url,
-			contentType: 'application/json',
-			data: JSON.stringify(this.getData()),
-			success: function(result) {
-				self.id = result.id;
-				if (_.isFunction(options.success)) {
-					options.success(result);
-				}
-			},
-			error: options.error
-		});
+	_save: async function(method, url, options) {
+		try {
+			const response = await axios.request({
+				confirmPassword: PwdConfirmationMode.Strict,
+				method: method,
+				url: url,
+				data: this.getData(),
+			})
+			const result = response.data
+			this.id = result.id
+			options.success(result)
+		} catch (error) {
+			options.error(error)
+		}
 	},
 
 	/**
@@ -355,7 +357,7 @@ StorageConfig.prototype = {
 	 * @param {Function} [options.success] success callback
 	 * @param {Function} [options.error] error callback
 	 */
-	destroy: function(options) {
+	destroy: async function(options) {
 		if (!_.isNumber(this.id)) {
 			// the storage hasn't even been created => success
 			if (_.isFunction(options.success)) {
@@ -364,20 +366,16 @@ StorageConfig.prototype = {
 			return;
 		}
 
-		window.OC.PasswordConfirmation.requirePasswordConfirmation(() => this._destroy(options), options.error)
-	},
-
-	/**
-	 * Private implementation of the DELETE method called after password confirmation
-	 * @param {{ success: Function, error: Function }} options 
-	 */
-	_destroy: function(options) {
-		$.ajax({
-			type: 'DELETE',
-			url: OC.generateUrl(this._url + '/{id}', {id: this.id}),
-			success: options.success,
-			error: options.error
-		});
+		try {
+			await axios.request({
+				method: 'DELETE',
+				url: OC.generateUrl(this._url + '/{id}', {id: this.id}),
+				confirmPassword: PwdConfirmationMode.Strict,
+			})
+			options.success()
+		} catch (e) {
+			options.error(e)
+		}
 	},
 
 	/**
@@ -1490,38 +1488,32 @@ window.addEventListener('DOMContentLoaded', function() {
 			$allowUserMounting.trigger('change');
 
 		}
-	});
+	})
+
+	$('#global_credentials').on('submit', async function (event) {
+		event.preventDefault();
+		var $form = $(this);
+		var $submit = $form.find('[type=submit]');
+		$submit.val(t('files_external', 'Saving …'));
 
-	function _submitCredentials(success) {
 		var uid = $form.find('[name=uid]').val();
 		var user = $form.find('[name=username]').val();
 		var password = $form.find('[name=password]').val();
-		$.ajax({
-			type: 'POST',
-			contentType: 'application/json',
+		await axios.request({
+			method: 'POST',
 			data: JSON.stringify({
 				uid,
 				user,
 				password,
 			}),
-				url: OC.generateUrl('apps/files_external/globalcredentials'),
-				dataType: 'json',
-				success,
-		});
-	}
-
-	$('#global_credentials').on('submit', function() {
-		var $form = $(this);
-		var $submit = $form.find('[type=submit]');
-		$submit.val(t('files_external', 'Saving …'));
+			url: OC.generateUrl('apps/files_external/globalcredentials'),
+			confirmPassword: PwdConfirmationMode.Strict,
+		})
 
-		window.OC.PasswordConfirmation
-			.requirePasswordConfirmation(() => _submitCredentials(function() {
-				$submit.val(t('files_external', 'Saved'));
-				setTimeout(function(){
-					$submit.val(t('files_external', 'Save'));
-				}, 2500);
-			}));
+		$submit.val(t('files_external', 'Saved'));
+		setTimeout(function(){
+			$submit.val(t('files_external', 'Save'));
+		}, 2500);
 
 		return false;
 	});
@@ -1551,5 +1543,3 @@ OCA.Files_External.Settings = OCA.Files_External.Settings || {};
 OCA.Files_External.Settings.GlobalStorageConfig = GlobalStorageConfig;
 OCA.Files_External.Settings.UserStorageConfig = UserStorageConfig;
 OCA.Files_External.Settings.MountConfigListView = MountConfigListView;
-
-})();

apps/files_external/templates/settings.php

@@ -16,10 +16,8 @@
 $l->t("Once every direct access");
 $l->t('Read only');
 
-script('files_external', [
-	'settings',
-	'templates'
-]);
+\OCP\Util::addScript('files_external', 'settings');
+\OCP\Util::addScript('files_external', 'templates');
 style('files_external', 'settings');
 
 // load custom JS

lib/private/AppFramework/DependencyInjection/DIContainer.php

@@ -50,6 +50,7 @@
 use OC\Log\PsrLoggerAdapter;
 use OC\ServerContainer;
 use OC\Settings\AuthorizedGroupMapper;
+use OC\User\Manager as UserManager;
 use OCA\WorkflowEngine\Manager;
 use OCP\AppFramework\Http\IOutput;
 use OCP\AppFramework\IAppContainer;
@@ -278,6 +279,9 @@ public function __construct(string $appName, array $urlParams = [], ?ServerConta
 					$c->get(IUserSession::class),
 					$c->get(ITimeFactory::class),
 					$c->get(\OC\Authentication\Token\IProvider::class),
+					$c->get(LoggerInterface::class),
+					$c->get(IRequest::class),
+					$c->get(UserManager::class),
 				)
 			);
 			$dispatcher->registerMiddleware(