Added app_api_system flag to "session" for SysApps (#248)

Signed-off-by: Alexander Piskun <[email protected]>
nextcloud · Mar 13, 2024 · d5235e1 · d5235e1
1 parent 390582d
commit d5235e1
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 5 deletions.
diff --git a/APPS.md b/APPS.md
@@ -2,6 +2,7 @@
 
 | Name                   | Language | Type        | Description                  | Link                                                             |
 |------------------------|----------|-------------|------------------------------|------------------------------------------------------------------|
+| SummarAI               | Python   | application | Talk chat summarize bot      | [GitHub](https://github.com/nextcloud/sumupbot)                  |
 | talk_bot_ai_example    | Python   | application | Talk Bot demonstration       | [GitHub](https://github.com/cloud-py-api/talk_bot_ai_example)    |	
 | to_gif_example         | Python   | application | Simple FileAction API demo   | [GitHub](https://github.com/cloud-py-api/to_gif_example)         |
 | upscaler_example       | Python   | application | Image UpScaler demonstration | [GitHub](https://github.com/cloud-py-api/upscaler_example)       |

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,11 +5,19 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
-## [2.3.0 - 2024-03-xx]
+## [2.3.0 - 2024-03-13]
+
+### Added
+
+- `app_api_system` session flag for Nextcloud server to bypass rate limits for system ExApps. #248
 
 ### Changed
 
-- ExAppProxy: adjusted how `headers` are passing from ExApp to client. # 
+- ExAppProxy: adjusted how `headers` are passing from ExApp to client. #246
+
+### Fixed
+
+- Declarative Settings API was merged into Nextcloud Server, adjusted AppAPI code. #247
 
 ## [2.2.0 - 2024-02-21]
 

diff --git a/appinfo/info.xml b/appinfo/info.xml
@@ -21,6 +21,7 @@ applications using a variety of programming languages, not limited to PHP, which
 - [upscaler_example](https://github.com/cloud-py-api/upscaler_example)
 - [image_to_text_example](https://github.com/cloud-py-api/file_to_text_example)
 - [ai_image_generator_bot](https://github.com/cloud-py-api/ai_image_generator_bot)
+- [SummarAI](https://github.com/nextcloud/sumupbot)
 
 _If you wish to develop an application, we will gladly help and assist you._
 
@@ -42,7 +43,7 @@ to join us in shaping a more versatile, stable, and secure app landscape.
 *Your insights, suggestions, and contributions are invaluable to us.*
 
 	]]></description>
-	<version>2.2.0</version>
+	<version>2.3.0</version>
 	<licence>agpl</licence>
 	<author mail="[email protected]" homepage="https://github.com/andrey18106">Andrey Borysenko</author>
 	<author mail="[email protected]" homepage="https://github.com/bigcat88">Alexander Piskun</author>

diff --git a/lib/Service/AppAPIService.php b/lib/Service/AppAPIService.php
@@ -239,7 +239,7 @@ public function validateExAppRequestToNC(IRequest $request, bool $isDav = false)
 					return false;
 				}
 			}
-			return $this->finalizeRequestToNC($userId, $request);
+			return $this->finalizeRequestToNC($userId, $request, $exApp->getIsSystem());
 		} else {
 			$this->logger->error(sprintf('Invalid signature for ExApp: %s and user: %s.', $exApp->getAppid(), $userId !== '' ? $userId : 'null'));
 			$this->throttler->registerAttempt(Application::APP_ID, $request->getRemoteAddress(), [
@@ -258,7 +258,7 @@ public function validateExAppRequestToNC(IRequest $request, bool $isDav = false)
 	 *  - updates ExApp last response time
 	 *
 	 */
-	private function finalizeRequestToNC(string $userId, IRequest $request): bool {
+	private function finalizeRequestToNC(string $userId, IRequest $request, int $isSystemApp): bool {
 		if ($userId !== '') {
 			$activeUser = $this->userManager->get($userId);
 			if ($activeUser === null) {
@@ -270,6 +270,10 @@ private function finalizeRequestToNC(string $userId, IRequest $request): bool {
 			$this->userSession->setUser(null);
 		}
 		$this->session->set('app_api', true);
+		if ($isSystemApp === 1) {
+			$this->session->set('app_api_system', true);
+		}
+
 		$this->throttler->resetDelay($request->getRemoteAddress(), Application::APP_ID, [
 			'appid' => $request->getHeader('EX-APP-ID'),
 			'userid' => $userId,