mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1010 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17693 Commits
412 Branches
Tree: e0dd69e4e6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e0dd69e4e6'
${ noResults }
nextcloud/apps/files_sharing/lib/helper.php

helper.php 5.4KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183 
  1. <?php

  2. 

  3. namespace OCA\Files_Sharing;

  4. 

  5. use OC_Config;

  6. use PasswordHash;

  7. 

  8. class Helper {

  9. 

  10. 	/**

  11. 	 * Sets up the filesystem and user for public sharing

  12. 	 * @param string $token string share token

  13. 	 * @param string $relativePath optional path relative to the share

  14. 	 * @param string $password optional password

  15. 	 */

  16. 	public static function setupFromToken($token, $relativePath = null, $password = null) {

  17. 		\OC_User::setIncognitoMode(true);

  18. 

  19. 		$linkItem = \OCP\Share::getShareByToken($token);

  20. 		if($linkItem === false || ($linkItem['item_type'] !== 'file' && $linkItem['item_type'] !== 'folder')) {

  21. 			\OC_Response::setStatus(404);

  22. 			\OC_Log::write('core-preview', 'Passed token parameter is not valid', \OC_Log::DEBUG);

  23. 			exit;

  24. 		}

  25. 

  26. 		if(!isset($linkItem['uid_owner']) || !isset($linkItem['file_source'])) {

  27. 			\OC_Response::setStatus(500);

  28. 			\OC_Log::write('core-preview', 'Passed token seems to be valid, but it does not contain all necessary information . ("' . $token . '")', \OC_Log::WARN);

  29. 			exit;

  30. 		}

  31. 

  32. 		$rootLinkItem = \OCP\Share::resolveReShare($linkItem);

  33. 		$path = null;

  34. 		if (isset($rootLinkItem['uid_owner'])) {

  35. 			\OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);

  36. 			\OC_Util::tearDownFS();

  37. 			\OC_Util::setupFS($rootLinkItem['uid_owner']);

  38. 			$path = \OC\Files\Filesystem::getPath($linkItem['file_source']);

  39. 		}

  40. 

  41. 		if ($path === null) {

  42. 			\OCP\Util::writeLog('share', 'could not resolve linkItem', \OCP\Util::DEBUG);

  43. 			\OC_Response::setStatus(404);

  44. 			\OCP\JSON::error(array('success' => false));

  45. 			exit();

  46. 		}

  47. 

  48. 		if (!isset($linkItem['item_type'])) {

  49. 			\OCP\Util::writeLog('share', 'No item type set for share id: ' . $linkItem['id'], \OCP\Util::ERROR);

  50. 			\OC_Response::setStatus(404);

  51. 			\OCP\JSON::error(array('success' => false));

  52. 			exit();

  53. 		}

  54. 

  55. 		if (isset($linkItem['share_with'])) {

  56. 			if (!self::authenticate($linkItem, $password)) {

  57. 				\OC_Response::setStatus(403);

  58. 				\OCP\JSON::error(array('success' => false));

  59. 				exit();

  60. 			}

  61. 		}

  62. 

  63. 		$basePath = $path;

  64. 

  65. 		if ($relativePath !== null && \OC\Files\Filesystem::isReadable($basePath . $relativePath)) {

  66. 			$path .= \OC\Files\Filesystem::normalizePath($relativePath);

  67. 		}

  68. 

  69. 		return array(

  70. 			'linkItem' => $linkItem,

  71. 			'basePath' => $basePath,

  72. 			'realPath' => $path

  73. 		);

  74. 	}

  75. 

  76. 	/**

  77. 	 * Authenticate link item with the given password

  78. 	 * or with the session if no password was given.

  79. 	 * @param array $linkItem link item array

  80. 	 * @param string $password optional password

  81. 	 *

  82. 	 * @return boolean true if authorized, false otherwise

  83. 	 */

  84. 	public static function authenticate($linkItem, $password) {

  85. 		if ($password !== null) {

  86. 			if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_LINK) {

  87. 				// Check Password

  88. 				$forcePortable = (CRYPT_BLOWFISH != 1);

  89. 				$hasher = new PasswordHash(8, $forcePortable);

  90. 				if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''),

  91. 											 $linkItem['share_with']))) {

  92. 					return false;

  93. 				} else {

  94. 					// Save item id in session for future requests

  95. 					\OC::$session->set('public_link_authenticated', $linkItem['id']);

  96. 				}

  97. 			} else {

  98. 				\OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type']

  99. 					.' for share id '.$linkItem['id'], \OCP\Util::ERROR);

  100. 				return false;

  101. 			}

  102. 

  103. 		}

  104. 		else {

  105. 			// not authenticated ?

  106. 			if ( ! \OC::$session->exists('public_link_authenticated')

  107. 				|| \OC::$session->get('public_link_authenticated') !== $linkItem['id']) {

  108. 				return false;

  109. 			}

  110. 		}

  111. 		return true;

  112. 	}

  113. 

  114. 	public static function getSharesFromItem($target) {

  115. 		$result = array();

  116. 		$owner = \OC\Files\Filesystem::getOwner($target);

  117. 		\OC\Files\Filesystem::initMountPoints($owner);

  118. 		$info = \OC\Files\Filesystem::getFileInfo($target);

  119. 		$ownerView = new \OC\Files\View('/'.$owner.'/files');

  120. 		if ( $owner != \OCP\User::getUser() ) {

  121. 			$path = $ownerView->getPath($info['fileid']);

  122. 		} else {

  123. 			$path = $target;

  124. 		}

  125. 

  126. 

  127. 		$ids = array();

  128. 		while ($path !== dirname($path)) {

  129. 			$info = $ownerView->getFileInfo($path);

  130. 			if ($info instanceof \OC\Files\FileInfo) {

  131. 				$ids[] = $info['fileid'];

  132. 			} else {

  133. 				\OCP\Util::writeLog('sharing', 'No fileinfo available for: ' . $path, \OCP\Util::WARN);

  134. 			}

  135. 			$path = dirname($path);

  136. 		}

  137. 

  138. 		if (!empty($ids)) {

  139. 

  140. 			$idList = array_chunk($ids, 99, true);

  141. 

  142. 			foreach ($idList as $subList) {

  143. 				$statement = "SELECT `share_with`, `share_type`, `file_target` FROM `*PREFIX*share` WHERE `file_source` IN (" . implode(',', $subList) . ") AND `share_type` IN (0, 1, 2)";

  144. 				$query = \OCP\DB::prepare($statement);

  145. 				$r = $query->execute();

  146. 				$result = array_merge($result, $r->fetchAll());

  147. 			}

  148. 		}

  149. 

  150. 		return $result;

  151. 	}

  152. 

  153. 	public static function getUidAndFilename($filename) {

  154. 		$uid = \OC\Files\Filesystem::getOwner($filename);

  155. 		\OC\Files\Filesystem::initMountPoints($uid);

  156. 		if ( $uid != \OCP\User::getUser() ) {

  157. 			$info = \OC\Files\Filesystem::getFileInfo($filename);

  158. 			$ownerView = new \OC\Files\View('/'.$uid.'/files');

  159. 			$filename = $ownerView->getPath($info['fileid']);

  160. 		}

  161. 		return array($uid, $filename);

  162. 	}

  163. 

  164. 	/**

  165. 	 * @brief Format a path to be relative to the /user/files/ directory

  166. 	 * @param string $path the absolute path

  167. 	 * @return string e.g. turns '/admin/files/test.txt' into 'test.txt'

  168. 	 */

  169. 	public static function stripUserFilesPath($path) {

  170. 		$trimmed = ltrim($path, '/');

  171. 		$split = explode('/', $trimmed);

  172. 

  173. 		// it is not a file relative to data/user/files

  174. 		if (count($split) < 3 || $split[1] !== 'files') {

  175. 			return false;

  176. 		}

  177. 

  178. 		$sliced = array_slice($split, 2);

  179. 		$relPath = implode('/', $sliced);

  180. 

  181. 		return $relPath;

  182. 	}

  183. }