Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>tags/v14.0.0beta1
@@ -33,6 +33,7 @@ | |||
namespace OCA\DAV\Connector\Sabre; | |||
use OC\AppFramework\Http\Request; | |||
use OCP\Constants; | |||
use OCP\Files\ForbiddenException; | |||
use OCP\IPreview; | |||
use Sabre\DAV\Exception\Forbidden; | |||
@@ -57,6 +58,7 @@ class FilesPlugin extends ServerPlugin { | |||
const INTERNAL_FILEID_PROPERTYNAME = '{http://owncloud.org/ns}fileid'; | |||
const PERMISSIONS_PROPERTYNAME = '{http://owncloud.org/ns}permissions'; | |||
const SHARE_PERMISSIONS_PROPERTYNAME = '{http://open-collaboration-services.org/ns}share-permissions'; | |||
const OCM_SHARE_PERMISSIONS_PROPERTYNAME = '{http://open-cloud-mesh.org/ns}share-permissions'; | |||
const DOWNLOADURL_PROPERTYNAME = '{http://owncloud.org/ns}downloadURL'; | |||
const SIZE_PROPERTYNAME = '{http://owncloud.org/ns}size'; | |||
const GETETAG_PROPERTYNAME = '{DAV:}getetag'; | |||
@@ -149,6 +151,7 @@ class FilesPlugin extends ServerPlugin { | |||
$server->protectedProperties[] = self::INTERNAL_FILEID_PROPERTYNAME; | |||
$server->protectedProperties[] = self::PERMISSIONS_PROPERTYNAME; | |||
$server->protectedProperties[] = self::SHARE_PERMISSIONS_PROPERTYNAME; | |||
$server->protectedProperties[] = self::OCM_SHARE_PERMISSIONS_PROPERTYNAME; | |||
$server->protectedProperties[] = self::SIZE_PROPERTYNAME; | |||
$server->protectedProperties[] = self::DOWNLOADURL_PROPERTYNAME; | |||
$server->protectedProperties[] = self::OWNER_ID_PROPERTYNAME; | |||
@@ -318,6 +321,14 @@ class FilesPlugin extends ServerPlugin { | |||
); | |||
}); | |||
$propFind->handle(self::OCM_SHARE_PERMISSIONS_PROPERTYNAME, function() use ($node, $httpRequest) { | |||
$ncPermissions = $node->getSharePermissions( | |||
$httpRequest->getRawServerValue('PHP_AUTH_USER') | |||
); | |||
$ocmPermissions = $this->ncPermissions2ocmPermissions($ncPermissions); | |||
return json_encode($ocmPermissions); | |||
}); | |||
$propFind->handle(self::GETETAG_PROPERTYNAME, function() use ($node) { | |||
return $node->getETag(); | |||
}); | |||
@@ -394,6 +405,33 @@ class FilesPlugin extends ServerPlugin { | |||
} | |||
} | |||
/** | |||
* translate Nextcloud permissions to OCM Permissions | |||
* | |||
* @param $ncPermissions | |||
* @return array | |||
*/ | |||
protected function ncPermissions2ocmPermissions($ncPermissions) { | |||
$ocmPermissions = []; | |||
if ($ncPermissions & Constants::PERMISSION_SHARE) { | |||
$ocmPermissions[] = 'share'; | |||
} | |||
if ($ncPermissions & Constants::PERMISSION_READ) { | |||
$ocmPermissions[] = 'read'; | |||
} | |||
if (($ncPermissions & Constants::PERMISSION_CREATE) || | |||
($ncPermissions & Constants::PERMISSION_UPDATE)) { | |||
$ocmPermissions[] = 'write'; | |||
} | |||
return $ocmPermissions; | |||
} | |||
/** | |||
* Update ownCloud-specific properties | |||
* |
@@ -36,6 +36,7 @@ use OC\Files\Storage\DAV; | |||
use OC\ForbiddenException; | |||
use OCA\Files_Sharing\ISharedStorage; | |||
use OCP\AppFramework\Http; | |||
use OCP\Constants; | |||
use OCP\Federation\ICloudId; | |||
use OCP\Files\NotFoundException; | |||
use OCP\Files\StorageInvalidException; | |||
@@ -347,20 +348,20 @@ class Storage extends DAV implements ISharedStorage { | |||
if (\OCP\Util::isSharingDisabledForUser() || !\OC\Share\Share::isResharingAllowed()) { | |||
return false; | |||
} | |||
return ($this->getPermissions($path) & \OCP\Constants::PERMISSION_SHARE); | |||
return ($this->getPermissions($path) & Constants::PERMISSION_SHARE); | |||
} | |||
public function getPermissions($path) { | |||
$response = $this->propfind($path); | |||
// old federated sharing permissions | |||
if (isset($response['{http://open-collaboration-services.org/ns}share-permissions'])) { | |||
$permissions = $response['{http://open-collaboration-services.org/ns}share-permissions']; | |||
} else if (isset($response['{http://open-cloud-mesh.org/ns}share-permissions'])) { | |||
// permissions provided by the OCM API | |||
$permissions = $this->ocmPermissions2ncPermissions($response['{http://open-collaboration-services.org/ns}share-permissions']); | |||
} else { | |||
// use default permission if remote server doesn't provide the share permissions | |||
if ($this->is_dir($path)) { | |||
$permissions = \OCP\Constants::PERMISSION_ALL; | |||
} else { | |||
$permissions = \OCP\Constants::PERMISSION_ALL & ~\OCP\Constants::PERMISSION_CREATE; | |||
} | |||
$permissions = $this->getDefaultPermissions($path); | |||
} | |||
return $permissions; | |||
@@ -369,4 +370,53 @@ class Storage extends DAV implements ISharedStorage { | |||
public function needsPartFile() { | |||
return false; | |||
} | |||
/** | |||
* translate OCM Permissions to Nextcloud permissions | |||
* | |||
* @param string $ocmPermissions json encoded OCM permissions | |||
* @param string $path path to file | |||
* @return int | |||
*/ | |||
protected function ocmPermissions2ncPermissions($ocmPermissions, $path) { | |||
try { | |||
$ocmPermissions = json_decode($ocmPermissions); | |||
$ncPermissions = 0; | |||
foreach($ocmPermissions as $permission) { | |||
switch (strtolower($permission)) { | |||
case 'read': | |||
$ncPermissions += Constants::PERMISSION_READ; | |||
break; | |||
case 'write': | |||
$ncPermissions += Constants::PERMISSION_CREATE + Constants::PERMISSION_UPDATE; | |||
break; | |||
case 'share': | |||
$ncPermissions += Constants::PERMISSION_SHARE; | |||
break; | |||
default: | |||
throw new \Exception(); | |||
} | |||
} | |||
} catch (\Exception $e) { | |||
$ncPermissions = $this->getDefaultPermissions($path); | |||
} | |||
return $ncPermissions; | |||
} | |||
/** | |||
* calculate default permissions in case no permissions are provided | |||
* | |||
* @param $path | |||
* @return int | |||
*/ | |||
protected function getDefaultPermissions($path) { | |||
if ($this->is_dir($path)) { | |||
$permissions = Constants::PERMISSION_ALL; | |||
} else { | |||
$permissions = Constants::PERMISSION_ALL & ~Constants::PERMISSION_CREATE; | |||
} | |||
return $permissions; | |||
} | |||
} |
@@ -78,7 +78,7 @@ class CloudFederationShare implements ICloudFederationShare { | |||
'name' => 'webdav', | |||
'options' => [ | |||
'sharedSecret' => $sharedSecret, | |||
'permissions' => '{http://open-collaboration-services.org/ns}share-permissions' | |||
'permissions' => '{http://open-cloud-mesh.org/ns}share-permissions' | |||
] | |||
]); | |||
$this->setShareType($shareType); |