mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 984 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
58699 Commits
379 Branches
Tree: 215aef3cbd
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '215aef3cbd'
${ noResults }
nextcloud/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php

RequestHandlerController.php 9.9KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296 
  1. <?php

  2. /**

  3.  * @copyright Copyright (c) 2018 Bjoern Schiessle <bjoern@schiessle.org>

  4.  *

  5.  * @author Bjoern Schiessle <bjoern@schiessle.org>

  6.  * @author Christoph Wurst <christoph@winzerhof-wurst.at>

  7.  * @author Roeland Jago Douma <roeland@famdouma.nl>

  8.  *

  9.  * @license GNU AGPL version 3 or any later version

  10.  *

  11.  * This program is free software: you can redistribute it and/or modify

  12.  * it under the terms of the GNU Affero General Public License as

  13.  * published by the Free Software Foundation, either version 3 of the

  14.  * License, or (at your option) any later version.

  15.  *

  16.  * This program is distributed in the hope that it will be useful,

  17.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  18.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

  19.  * GNU Affero General Public License for more details.

  20.  *

  21.  * You should have received a copy of the GNU Affero General Public License

  22.  * along with this program. If not, see <http://www.gnu.org/licenses/>.

  23.  *

  24.  */

  25. namespace OCA\CloudFederationAPI\Controller;

  26. 

  27. use OCA\CloudFederationAPI\Config;

  28. use OCP\AppFramework\Controller;

  29. use OCP\AppFramework\Http;

  30. use OCP\AppFramework\Http\JSONResponse;

  31. use OCP\Federation\Exceptions\ActionNotSupportedException;

  32. use OCP\Federation\Exceptions\AuthenticationFailedException;

  33. use OCP\Federation\Exceptions\BadRequestException;

  34. use OCP\Federation\Exceptions\ProviderCouldNotAddShareException;

  35. use OCP\Federation\Exceptions\ProviderDoesNotExistsException;

  36. use OCP\Federation\ICloudFederationFactory;

  37. use OCP\Federation\ICloudFederationProviderManager;

  38. use OCP\Federation\ICloudIdManager;

  39. use OCP\IGroupManager;

  40. use OCP\IRequest;

  41. use OCP\IURLGenerator;

  42. use OCP\IUserManager;

  43. use OCP\Share\Exceptions\ShareNotFound;

  44. use Psr\Log\LoggerInterface;

  45. 

  46. /**

  47.  * Class RequestHandlerController

  48.  *

  49.  * handle API between different Cloud instances

  50.  *

  51.  * @package OCA\CloudFederationAPI\Controller

  52.  */

  53. class RequestHandlerController extends Controller {

  54. 

  55. 	/** @var LoggerInterface */

  56. 	private $logger;

  57. 

  58. 	/** @var IUserManager */

  59. 	private $userManager;

  60. 

  61. 	/** @var IGroupManager */

  62. 	private $groupManager;

  63. 

  64. 	/** @var IURLGenerator */

  65. 	private $urlGenerator;

  66. 

  67. 	/** @var ICloudFederationProviderManager */

  68. 	private $cloudFederationProviderManager;

  69. 

  70. 	/** @var Config */

  71. 	private $config;

  72. 

  73. 	/** @var ICloudFederationFactory */

  74. 	private $factory;

  75. 

  76. 	/** @var ICloudIdManager */

  77. 	private $cloudIdManager;

  78. 

  79. 	public function __construct($appName,

  80. 								IRequest $request,

  81. 								LoggerInterface $logger,

  82. 								IUserManager $userManager,

  83. 								IGroupManager $groupManager,

  84. 								IURLGenerator $urlGenerator,

  85. 								ICloudFederationProviderManager $cloudFederationProviderManager,

  86. 								Config $config,

  87. 								ICloudFederationFactory $factory,

  88. 								ICloudIdManager $cloudIdManager

  89. 	) {

  90. 		parent::__construct($appName, $request);

  91. 

  92. 		$this->logger = $logger;

  93. 		$this->userManager = $userManager;

  94. 		$this->groupManager = $groupManager;

  95. 		$this->urlGenerator = $urlGenerator;

  96. 		$this->cloudFederationProviderManager = $cloudFederationProviderManager;

  97. 		$this->config = $config;

  98. 		$this->factory = $factory;

  99. 		$this->cloudIdManager = $cloudIdManager;

  100. 	}

  101. 

  102. 	/**

  103. 	 * add share

  104. 	 *

  105. 	 * @NoCSRFRequired

  106. 	 * @PublicPage

  107. 	 * @BruteForceProtection(action=receiveFederatedShare)

  108. 	 *

  109. 	 * @param string $shareWith

  110. 	 * @param string $name resource name (e.g. document.odt)

  111. 	 * @param string $description share description (optional)

  112. 	 * @param string $providerId resource UID on the provider side

  113. 	 * @param string $owner provider specific UID of the user who owns the resource

  114. 	 * @param string $ownerDisplayName display name of the user who shared the item

  115. 	 * @param string $sharedBy provider specific UID of the user who shared the resource

  116. 	 * @param string $sharedByDisplayName display name of the user who shared the resource

  117. 	 * @param array $protocol (e,.g. ['name' => 'webdav', 'options' => ['username' => 'john', 'permissions' => 31]])

  118. 	 * @param string $shareType ('group' or 'user' share)

  119. 	 * @param $resourceType ('file', 'calendar',...)

  120. 	 * @return Http\DataResponse|JSONResponse

  121. 	 *

  122. 	 * Example: curl -H "Content-Type: application/json" -X POST -d '{"shareWith":"admin1@serve1","name":"welcome server2.txt","description":"desc","providerId":"2","owner":"admin2@http://localhost/server2","ownerDisplayName":"admin2 display","shareType":"user","resourceType":"file","protocol":{"name":"webdav","options":{"sharedSecret":"secret","permissions":"webdav-property"}}}' http://localhost/server/index.php/ocm/shares

  123. 	 */

  124. 	public function addShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $protocol, $shareType, $resourceType) {

  125. 

  126. 		// check if all required parameters are set

  127. 		if ($shareWith === null ||

  128. 			$name === null ||

  129. 			$providerId === null ||

  130. 			$owner === null ||

  131. 			$resourceType === null ||

  132. 			$shareType === null ||

  133. 			!is_array($protocol) ||

  134. 			!isset($protocol['name']) ||

  135. 			!isset($protocol['options']) ||

  136. 			!is_array($protocol['options']) ||

  137. 			!isset($protocol['options']['sharedSecret'])

  138. 		) {

  139. 			return new JSONResponse(

  140. 				['message' => 'Missing arguments'],

  141. 				Http::STATUS_BAD_REQUEST

  142. 			);

  143. 		}

  144. 

  145. 		$supportedShareTypes = $this->config->getSupportedShareTypes($resourceType);

  146. 		if (!in_array($shareType, $supportedShareTypes)) {

  147. 			return new JSONResponse(

  148. 				['message' => 'Share type "' . $shareType . '" not implemented'],

  149. 				Http::STATUS_NOT_IMPLEMENTED

  150. 			);

  151. 		}

  152. 

  153. 		$cloudId = $this->cloudIdManager->resolveCloudId($shareWith);

  154. 		$shareWith = $cloudId->getUser();

  155. 

  156. 		if ($shareType === 'user') {

  157. 			$shareWith = $this->mapUid($shareWith);

  158. 

  159. 			if (!$this->userManager->userExists($shareWith)) {

  160. 				return new JSONResponse(

  161. 					['message' => 'User "' . $shareWith . '" does not exists at ' . $this->urlGenerator->getBaseUrl()],

  162. 					Http::STATUS_BAD_REQUEST

  163. 				);

  164. 			}

  165. 		}

  166. 

  167. 		if ($shareType === 'group') {

  168. 			if (!$this->groupManager->groupExists($shareWith)) {

  169. 				return new JSONResponse(

  170. 					['message' => 'Group "' . $shareWith . '" does not exists at ' . $this->urlGenerator->getBaseUrl()],

  171. 					Http::STATUS_BAD_REQUEST

  172. 				);

  173. 			}

  174. 		}

  175. 

  176. 		// if no explicit display name is given, we use the uid as display name

  177. 		$ownerDisplayName = $ownerDisplayName === null ? $owner : $ownerDisplayName;

  178. 		$sharedByDisplayName = $sharedByDisplayName === null ? $sharedBy : $sharedByDisplayName;

  179. 

  180. 		// sharedBy* parameter is optional, if nothing is set we assume that it is the same user as the owner

  181. 		if ($sharedBy === null) {

  182. 			$sharedBy = $owner;

  183. 			$sharedByDisplayName = $ownerDisplayName;

  184. 		}

  185. 

  186. 		try {

  187. 			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider($resourceType);

  188. 			$share = $this->factory->getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, '', $shareType, $resourceType);

  189. 			$share->setProtocol($protocol);

  190. 			$provider->shareReceived($share);

  191. 		} catch (ProviderDoesNotExistsException $e) {

  192. 			return new JSONResponse(

  193. 				['message' => $e->getMessage()],

  194. 				Http::STATUS_NOT_IMPLEMENTED

  195. 			);

  196. 		} catch (ProviderCouldNotAddShareException $e) {

  197. 			return new JSONResponse(

  198. 				['message' => $e->getMessage()],

  199. 				$e->getCode()

  200. 			);

  201. 		} catch (\Exception $e) {

  202. 			return new JSONResponse(

  203. 				['message' => 'Internal error at ' . $this->urlGenerator->getBaseUrl()],

  204. 				Http::STATUS_BAD_REQUEST

  205. 			);

  206. 		}

  207. 

  208. 		$user = $this->userManager->get($shareWith);

  209. 		$recipientDisplayName = '';

  210. 		if ($user) {

  211. 			$recipientDisplayName = $user->getDisplayName();

  212. 		}

  213. 

  214. 		return new JSONResponse(

  215. 			['recipientDisplayName' => $recipientDisplayName],

  216. 			Http::STATUS_CREATED);

  217. 	}

  218. 

  219. 	/**

  220. 	 * receive notification about existing share

  221. 	 *

  222. 	 * @NoCSRFRequired

  223. 	 * @PublicPage

  224. 	 * @BruteForceProtection(action=receiveFederatedShareNotification)

  225. 	 *

  226. 	 * @param string $notificationType (notification type, e.g. SHARE_ACCEPTED)

  227. 	 * @param string $resourceType (calendar, file, contact,...)

  228. 	 * @param string $providerId id of the share

  229. 	 * @param array $notification the actual payload of the notification

  230. 	 * @return JSONResponse

  231. 	 */

  232. 	public function receiveNotification($notificationType, $resourceType, $providerId, array $notification) {

  233. 

  234. 		// check if all required parameters are set

  235. 		if ($notificationType === null ||

  236. 			$resourceType === null ||

  237. 			$providerId === null ||

  238. 			!is_array($notification)

  239. 		) {

  240. 			return new JSONResponse(

  241. 				['message' => 'Missing arguments'],

  242. 				Http::STATUS_BAD_REQUEST

  243. 			);

  244. 		}

  245. 

  246. 		try {

  247. 			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider($resourceType);

  248. 			$result = $provider->notificationReceived($notificationType, $providerId, $notification);

  249. 		} catch (ProviderDoesNotExistsException $e) {

  250. 			return new JSONResponse(

  251. 				['message' => $e->getMessage()],

  252. 				Http::STATUS_BAD_REQUEST

  253. 			);

  254. 		} catch (ShareNotFound $e) {

  255. 			return new JSONResponse(

  256. 				['message' => $e->getMessage()],

  257. 				Http::STATUS_BAD_REQUEST

  258. 			);

  259. 		} catch (ActionNotSupportedException $e) {

  260. 			return new JSONResponse(

  261. 				['message' => $e->getMessage()],

  262. 				Http::STATUS_NOT_IMPLEMENTED

  263. 			);

  264. 		} catch (BadRequestException $e) {

  265. 			return new JSONResponse($e->getReturnMessage(), Http::STATUS_BAD_REQUEST);

  266. 		} catch (AuthenticationFailedException $e) {

  267. 			return new JSONResponse(["message" => "RESOURCE_NOT_FOUND"], Http::STATUS_FORBIDDEN);

  268. 		} catch (\Exception $e) {

  269. 			return new JSONResponse(

  270. 				['message' => 'Internal error at ' . $this->urlGenerator->getBaseUrl()],

  271. 				Http::STATUS_BAD_REQUEST

  272. 			);

  273. 		}

  274. 

  275. 		return new JSONResponse($result,Http::STATUS_CREATED);

  276. 	}

  277. 

  278. 	/**

  279. 	 * map login name to internal LDAP UID if a LDAP backend is in use

  280. 	 *

  281. 	 * @param string $uid

  282. 	 * @return string mixed

  283. 	 */

  284. 	private function mapUid($uid) {

  285. 		// FIXME this should be a method in the user management instead

  286. 		$this->logger->debug('shareWith before, ' . $uid, ['app' => $this->appName]);

  287. 		\OCP\Util::emitHook(

  288. 			'\OCA\Files_Sharing\API\Server2Server',

  289. 			'preLoginNameUsedAsUserName',

  290. 			['uid' => &$uid]

  291. 		);

  292. 		$this->logger->debug('shareWith after, ' . $uid, ['app' => $this->appName]);

  293. 

  294. 		return $uid;

  295. 	}

  296. }