diff options
author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2019-11-28 20:49:42 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-11-28 20:49:42 +0100 |
commit | e5c95eed69a1d5e96b69147e4e7f6e40d21c8f9b (patch) | |
tree | 9ff9cc93aab5354763c9cc4ce4e0304f9a05458d | |
parent | 29bdaf735be1a5ae281c1945822d8881354ccbd3 (diff) | |
parent | 2d34274c8a3b2f85f2c6e1b18c8a06fbbacf932c (diff) | |
download | nextcloud-server-e5c95eed69a1d5e96b69147e4e7f6e40d21c8f9b.tar.gz nextcloud-server-e5c95eed69a1d5e96b69147e4e7f6e40d21c8f9b.zip |
Merge pull request #18134 from nextcloud/enh/noid/flow-extend-scope
allow user flows when the acting user is legitimate, but not its owner
-rw-r--r-- | apps/workflowengine/lib/AppInfo/Application.php | 3 | ||||
-rw-r--r-- | apps/workflowengine/lib/Entity/File.php | 160 | ||||
-rw-r--r-- | apps/workflowengine/lib/Manager.php | 28 | ||||
-rw-r--r-- | apps/workflowengine/lib/Service/RuleMatcher.php | 57 | ||||
-rw-r--r-- | apps/workflowengine/tests/ManagerTest.php | 6 | ||||
-rw-r--r-- | lib/composer/composer/autoload_classmap.php | 4 | ||||
-rw-r--r-- | lib/composer/composer/autoload_static.php | 4 | ||||
-rw-r--r-- | lib/public/WorkflowEngine/EntityContext/IDisplayName.php | 41 | ||||
-rw-r--r-- | lib/public/WorkflowEngine/EntityContext/IDisplayText.php | 47 | ||||
-rw-r--r-- | lib/public/WorkflowEngine/EntityContext/IIcon.php | 42 | ||||
-rw-r--r-- | lib/public/WorkflowEngine/EntityContext/IUrl.php | 41 | ||||
-rw-r--r-- | lib/public/WorkflowEngine/IEntity.php | 8 | ||||
-rw-r--r-- | lib/public/WorkflowEngine/IRuleMatcher.php | 40 |
13 files changed, 449 insertions, 32 deletions
diff --git a/apps/workflowengine/lib/AppInfo/Application.php b/apps/workflowengine/lib/AppInfo/Application.php index a654c87d2e7..933d0cb7544 100644 --- a/apps/workflowengine/lib/AppInfo/Application.php +++ b/apps/workflowengine/lib/AppInfo/Application.php @@ -98,6 +98,9 @@ class Application extends \OCP\AppFramework\App { /** @var IOperation $operation */ $operation = $this->getContainer()->query($operationClass); + $ruleMatcher->setEntity($entity); + $ruleMatcher->setOperation($operation); + if ($event instanceof Event) { $entity->prepareRuleMatcher($ruleMatcher, $eventName, $event); $operation->onEvent($eventName, $event, $ruleMatcher); diff --git a/apps/workflowengine/lib/Entity/File.php b/apps/workflowengine/lib/Entity/File.php index a9d71d5f8c1..9c44a383d6c 100644 --- a/apps/workflowengine/lib/Entity/File.php +++ b/apps/workflowengine/lib/Entity/File.php @@ -24,19 +24,27 @@ declare(strict_types=1); namespace OCA\WorkflowEngine\Entity; -use OCA\WorkflowEngine\AppInfo\Application; use OCP\EventDispatcher\Event; +use OCP\EventDispatcher\GenericEvent; use OCP\Files\IRootFolder; +use OCP\Files\Node; +use OCP\Files\NotFoundException; use OCP\IL10N; use OCP\ILogger; use OCP\IURLGenerator; +use OCP\IUserSession; +use OCP\Share\IManager as ShareManager; +use OCP\SystemTag\ISystemTag; +use OCP\SystemTag\ISystemTagManager; use OCP\SystemTag\MapperEvent; +use OCP\WorkflowEngine\EntityContext\IDisplayText; use OCP\WorkflowEngine\GenericEntityEvent; use OCP\WorkflowEngine\IEntity; use OCP\WorkflowEngine\IRuleMatcher; -use Symfony\Component\EventDispatcher\GenericEvent; -class File implements IEntity { +class File implements IEntity, IDisplayText { + + private const EVENT_NAMESPACE = '\OCP\Files::'; /** @var IL10N */ protected $l10n; @@ -46,12 +54,34 @@ class File implements IEntity { protected $root; /** @var ILogger */ protected $logger; + /** @var string */ + protected $eventName; + /** @var Event */ + protected $event; + /** @var ShareManager */ + private $shareManager; + /** @var IUserSession */ + private $userSession; + /** @var ISystemTagManager */ + private $tagManager; + - public function __construct(IL10N $l10n, IURLGenerator $urlGenerator, IRootFolder $root, ILogger $logger) { + public function __construct( + IL10N $l10n, + IURLGenerator $urlGenerator, + IRootFolder $root, + ILogger $logger, + ShareManager $shareManager, + IUserSession $userSession, + ISystemTagManager $tagManager + ) { $this->l10n = $l10n; $this->urlGenerator = $urlGenerator; $this->root = $root; $this->logger = $logger; + $this->shareManager = $shareManager; + $this->userSession = $userSession; + $this->tagManager = $tagManager; } public function getName(): string { @@ -63,14 +93,13 @@ class File implements IEntity { } public function getEvents(): array { - $namespace = '\OCP\Files::'; return [ - new GenericEntityEvent($this->l10n->t('File created'), $namespace . 'postCreate'), - new GenericEntityEvent($this->l10n->t('File updated'), $namespace . 'postWrite'), - new GenericEntityEvent($this->l10n->t('File renamed'), $namespace . 'postRename'), - new GenericEntityEvent($this->l10n->t('File deleted'), $namespace . 'postDelete'), - new GenericEntityEvent($this->l10n->t('File accessed'), $namespace . 'postTouch'), - new GenericEntityEvent($this->l10n->t('File copied'), $namespace . 'postCopy'), + new GenericEntityEvent($this->l10n->t('File created'), self::EVENT_NAMESPACE . 'postCreate'), + new GenericEntityEvent($this->l10n->t('File updated'), self::EVENT_NAMESPACE . 'postWrite'), + new GenericEntityEvent($this->l10n->t('File renamed'), self::EVENT_NAMESPACE . 'postRename'), + new GenericEntityEvent($this->l10n->t('File deleted'), self::EVENT_NAMESPACE . 'postDelete'), + new GenericEntityEvent($this->l10n->t('File accessed'), self::EVENT_NAMESPACE . 'postTouch'), + new GenericEntityEvent($this->l10n->t('File copied'), self::EVENT_NAMESPACE . 'postCopy'), new GenericEntityEvent($this->l10n->t('Tag assigned'), MapperEvent::EVENT_ASSIGN), ]; } @@ -79,27 +108,104 @@ class File implements IEntity { if (!$event instanceof GenericEvent && !$event instanceof MapperEvent) { return; } - switch ($eventName) { - case 'postCreate': - case 'postWrite': - case 'postDelete': - case 'postTouch': - $ruleMatcher->setEntitySubject($this, $event->getSubject()); - break; - case 'postRename': - case 'postCopy': - $ruleMatcher->setEntitySubject($this, $event->getSubject()[1]); - break; + $this->eventName = $eventName; + $this->event = $event; + try { + $node = $this->getNode(); + $ruleMatcher->setEntitySubject($this, $node); + $ruleMatcher->setFileInfo($node->getStorage(), $node->getPath()); + } catch (NotFoundException $e) { + // pass + } + } + + public function isLegitimatedForUserId(string $uid): bool { + try { + $node = $this->getNode(); + if($node->getOwner()->getUID() === $uid) { + return true; + } + $acl = $this->shareManager->getAccessList($node, true, true); + return array_key_exists($uid, $acl['users']); + } catch (NotFoundException $e) { + return false; + } + } + + /** + * @throws NotFoundException + */ + protected function getNode(): Node { + if (!$this->event instanceof GenericEvent && !$this->event instanceof MapperEvent) { + throw new NotFoundException(); + } + switch ($this->eventName) { + case self::EVENT_NAMESPACE . 'postCreate': + case self::EVENT_NAMESPACE . 'postWrite': + case self::EVENT_NAMESPACE . 'postDelete': + case self::EVENT_NAMESPACE . 'postTouch': + return $this->event->getSubject(); + case self::EVENT_NAMESPACE . 'postRename': + case self::EVENT_NAMESPACE . 'postCopy': + return $this->event->getSubject()[1]; case MapperEvent::EVENT_ASSIGN: - if (!$event instanceof MapperEvent || $event->getObjectType() !== 'files') { - break; + if (!$this->event instanceof MapperEvent || $this->event->getObjectType() !== 'files') { + throw new NotFoundException(); } - $nodes = $this->root->getById((int)$event->getObjectId()); + $nodes = $this->root->getById((int)$this->event->getObjectId()); if (is_array($nodes) && !empty($nodes)) { - $node = array_shift($nodes); - $ruleMatcher->setEntitySubject($this, $node); + return array_shift($nodes); } break; } + throw new NotFoundException(); + } + + public function getDisplayText(int $verbosity = 0): string { + $user = $this->userSession->getUser(); + try { + $node = $this->getNode(); + } catch (NotFoundException $e) { + return ''; + } + + $options = [ + $user ? $user->getDisplayName() : $this->t('Someone'), + $node->getName() + ]; + + switch ($this->eventName) { + case self::EVENT_NAMESPACE . 'postCreate': + return $this->l10n->t('%s created %s', $options); + case self::EVENT_NAMESPACE . 'postWrite': + return $this->l10n->t('%s modified %s', $options); + case self::EVENT_NAMESPACE . 'postDelete': + return $this->l10n->t('%s deleted %s', $options); + case self::EVENT_NAMESPACE . 'postTouch': + return $this->l10n->t('%s accessed %s', $options); + case self::EVENT_NAMESPACE . 'postRename': + return $this->l10n->t('%s renamed %s', $options); + case self::EVENT_NAMESPACE . 'postCopy': + return $this->l10n->t('%s copied %s', $options); + case MapperEvent::EVENT_ASSIGN: + $tagNames = []; + if($this->event instanceof MapperEvent) { + $tagIDs = $this->event->getTags(); + $tagObjects = $this->tagManager->getTagsByIds($tagIDs); + foreach ($tagObjects as $systemTag) { + /** @var ISystemTag $systemTag */ + if($systemTag->isUserVisible()) { + $tagNames[] = $systemTag->getName(); + } + } + } + $filename = array_pop($options); + $tagString = implode(', ', $tagNames); + if($tagString === '') { + return ''; + } + array_push($options, $tagString, $filename); + return $this->l10n->t('%s assigned %s to %s', $options); + } } } diff --git a/apps/workflowengine/lib/Manager.php b/apps/workflowengine/lib/Manager.php index 1c2c76a94c4..f97d77f5983 100644 --- a/apps/workflowengine/lib/Manager.php +++ b/apps/workflowengine/lib/Manager.php @@ -152,6 +152,32 @@ class Manager implements IManager { return $operations; } + public function getAllConfiguredScopesForOperation(string $operationClass): array { + static $scopesByOperation = []; + if (isset($scopesByOperation[$operationClass])) { + return $scopesByOperation[$operationClass]; + } + + $query = $this->connection->getQueryBuilder(); + + $query->selectDistinct('s.type') + ->addSelect('s.value') + ->from('flow_operations', 'o') + ->leftJoin('o', 'flow_operations_scope', 's', $query->expr()->eq('o.id', 's.operation_id')) + ->where($query->expr()->eq('o.class', $query->createParameter('operationClass'))); + + $query->setParameters(['operationClass' => $operationClass]); + $result = $query->execute(); + + $scopesByOperation[$operationClass] = []; + while ($row = $result->fetch()) { + $scope = new ScopeContext($row['type'], $row['value']); + $scopesByOperation[$operationClass][$scope->getHash()] = $scope; + } + + return $scopesByOperation[$operationClass]; + } + public function getAllOperations(ScopeContext $scopeContext): array { if(isset($this->operations[$scopeContext->getHash()])) { return $this->operations[$scopeContext->getHash()]; @@ -160,6 +186,8 @@ class Manager implements IManager { $query = $this->connection->getQueryBuilder(); $query->select('o.*') + ->selectAlias('s.type', 'scope_type') + ->selectAlias('s.value', 'scope_actor_id') ->from('flow_operations', 'o') ->leftJoin('o', 'flow_operations_scope', 's', $query->expr()->eq('o.id', 's.operation_id')) ->where($query->expr()->eq('s.type', $query->createParameter('scope'))); diff --git a/apps/workflowengine/lib/Service/RuleMatcher.php b/apps/workflowengine/lib/Service/RuleMatcher.php index 95c68b63370..16f0e486aaa 100644 --- a/apps/workflowengine/lib/Service/RuleMatcher.php +++ b/apps/workflowengine/lib/Service/RuleMatcher.php @@ -36,7 +36,9 @@ use OCP\WorkflowEngine\IEntity; use OCP\WorkflowEngine\IEntityCheck; use OCP\WorkflowEngine\IFileCheck; use OCP\WorkflowEngine\IManager; +use OCP\WorkflowEngine\IOperation; use OCP\WorkflowEngine\IRuleMatcher; +use RuntimeException; class RuleMatcher implements IRuleMatcher { @@ -52,8 +54,17 @@ class RuleMatcher implements IRuleMatcher { protected $fileInfo = []; /** @var IL10N */ protected $l; - - public function __construct(IUserSession $session, IServerContainer $container, IL10N $l, Manager $manager) { + /** @var IOperation */ + protected $operation; + /** @var IEntity */ + protected $entity; + + public function __construct( + IUserSession $session, + IServerContainer $container, + IL10N $l, + Manager $manager + ) { $this->session = $session; $this->manager = $manager; $this->container = $container; @@ -65,11 +76,38 @@ class RuleMatcher implements IRuleMatcher { $this->fileInfo['path'] = $path; } - public function setEntitySubject(IEntity $entity, $subject): void { $this->contexts[get_class($entity)] = [$entity, $subject]; } + public function setOperation(IOperation $operation): void { + if($this->operation !== null) { + throw new RuntimeException('This method must not be called more than once'); + } + $this->operation = $operation; + } + + public function setEntity(IEntity $entity): void { + if($this->entity !== null) { + throw new RuntimeException('This method must not be called more than once'); + } + $this->entity = $entity; + } + + public function getEntity(): IEntity { + if($this->entity === null) { + throw new \LogicException('Entity was not set yet'); + } + return $this->entity; + } + + public function getFlows(bool $returnFirstMatchingOperationOnly = true): array { + if(!$this->operation) { + throw new RuntimeException('Operation is not set'); + } + return $this->getMatchingOperations(get_class($this->operation), $returnFirstMatchingOperationOnly); + } + public function getMatchingOperations(string $class, bool $returnFirstMatchingOperationOnly = true): array { $scopes[] = new ScopeContext(IManager::SCOPE_ADMIN); $user = $this->session->getUser(); @@ -82,6 +120,17 @@ class RuleMatcher implements IRuleMatcher { $operations = array_merge($operations, $this->manager->getOperations($class, $scope)); } + $additionalScopes = $this->manager->getAllConfiguredScopesForOperation($class); + foreach ($additionalScopes as $hash => $scopeCandidate) { + /** @var ScopeContext $scopeCandidate */ + if ($scopeCandidate->getScope() !== IManager::SCOPE_USER) { + continue; + } + if ($this->entity->isLegitimatedForUserId($scopeCandidate->getScopeId())) { + $operations = array_merge($operations, $this->manager->getOperations($class, $scopeCandidate)); + } + } + $matches = []; foreach ($operations as $operation) { $checkIds = json_decode($operation['checks'], true); @@ -117,7 +166,7 @@ class RuleMatcher implements IRuleMatcher { if ($checkInstance instanceof IFileCheck) { if (empty($this->fileInfo)) { - throw new \RuntimeException('Must set file info before running the check'); + throw new RuntimeException('Must set file info before running the check'); } $checkInstance->setFileInfo($this->fileInfo['storage'], $this->fileInfo['path']); } elseif ($checkInstance instanceof IEntityCheck) { diff --git a/apps/workflowengine/tests/ManagerTest.php b/apps/workflowengine/tests/ManagerTest.php index 0f142e642ed..82f1653ef25 100644 --- a/apps/workflowengine/tests/ManagerTest.php +++ b/apps/workflowengine/tests/ManagerTest.php @@ -33,6 +33,7 @@ use OCP\ILogger; use OCP\IServerContainer; use OCP\IURLGenerator; use OCP\IUserSession; +use OCP\SystemTag\ISystemTagManager; use OCP\WorkflowEngine\ICheck; use OCP\WorkflowEngine\IEntity; use OCP\WorkflowEngine\IManager; @@ -283,7 +284,10 @@ class ManagerTest extends TestCase { $this->l, $this->createMock(IURLGenerator::class), $this->createMock(IRootFolder::class), - $this->createMock(ILogger::class) + $this->createMock(ILogger::class), + $this->createMock(\OCP\Share\IManager::class), + $this->createMock(IUserSession::class), + $this->createMock(ISystemTagManager::class) ]) ->setMethodsExcept(['getEvents']) ->getMock(); diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php index 900a03a0f35..cd6b4ca1a85 100644 --- a/lib/composer/composer/autoload_classmap.php +++ b/lib/composer/composer/autoload_classmap.php @@ -452,6 +452,10 @@ return array( 'OCP\\User\\Backend\\ISetPasswordBackend' => $baseDir . '/lib/public/User/Backend/ISetPasswordBackend.php', 'OCP\\User\\Events\\PostLoginEvent' => $baseDir . '/lib/public/User/Events/PostLoginEvent.php', 'OCP\\Util' => $baseDir . '/lib/public/Util.php', + 'OCP\\WorkflowEngine\\EntityContext\\IDisplayName' => $baseDir . '/lib/public/WorkflowEngine/EntityContext/IDisplayName.php', + 'OCP\\WorkflowEngine\\EntityContext\\IDisplayText' => $baseDir . '/lib/public/WorkflowEngine/EntityContext/IDisplayText.php', + 'OCP\\WorkflowEngine\\EntityContext\\IIcon' => $baseDir . '/lib/public/WorkflowEngine/EntityContext/IIcon.php', + 'OCP\\WorkflowEngine\\EntityContext\\IUrl' => $baseDir . '/lib/public/WorkflowEngine/EntityContext/IUrl.php', 'OCP\\WorkflowEngine\\GenericEntityEvent' => $baseDir . '/lib/public/WorkflowEngine/GenericEntityEvent.php', 'OCP\\WorkflowEngine\\ICheck' => $baseDir . '/lib/public/WorkflowEngine/ICheck.php', 'OCP\\WorkflowEngine\\IComplexOperation' => $baseDir . '/lib/public/WorkflowEngine/IComplexOperation.php', diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php index 84532fabf5f..7fae2d92c37 100644 --- a/lib/composer/composer/autoload_static.php +++ b/lib/composer/composer/autoload_static.php @@ -481,6 +481,10 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OCP\\User\\Backend\\ISetPasswordBackend' => __DIR__ . '/../../..' . '/lib/public/User/Backend/ISetPasswordBackend.php', 'OCP\\User\\Events\\PostLoginEvent' => __DIR__ . '/../../..' . '/lib/public/User/Events/PostLoginEvent.php', 'OCP\\Util' => __DIR__ . '/../../..' . '/lib/public/Util.php', + 'OCP\\WorkflowEngine\\EntityContext\\IDisplayName' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/EntityContext/IDisplayName.php', + 'OCP\\WorkflowEngine\\EntityContext\\IDisplayText' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/EntityContext/IDisplayText.php', + 'OCP\\WorkflowEngine\\EntityContext\\IIcon' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/EntityContext/IIcon.php', + 'OCP\\WorkflowEngine\\EntityContext\\IUrl' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/EntityContext/IUrl.php', 'OCP\\WorkflowEngine\\GenericEntityEvent' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/GenericEntityEvent.php', 'OCP\\WorkflowEngine\\ICheck' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/ICheck.php', 'OCP\\WorkflowEngine\\IComplexOperation' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/IComplexOperation.php', diff --git a/lib/public/WorkflowEngine/EntityContext/IDisplayName.php b/lib/public/WorkflowEngine/EntityContext/IDisplayName.php new file mode 100644 index 00000000000..eeaf7887d5a --- /dev/null +++ b/lib/public/WorkflowEngine/EntityContext/IDisplayName.php @@ -0,0 +1,41 @@ +<?php +declare(strict_types=1); +/** + * @copyright Copyright (c) 2019 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCP\WorkflowEngine\EntityContext; + +/** + * Interface IDisplayName + * + * @package OCP\WorkflowEngine\EntityContext + * + * @since 18.0.0 + */ +interface IDisplayName { + /** + * returns the end user facing name of the object related to the entity + * + * @since 18.0.0 + */ + public function getDisplayName(): string; +} diff --git a/lib/public/WorkflowEngine/EntityContext/IDisplayText.php b/lib/public/WorkflowEngine/EntityContext/IDisplayText.php new file mode 100644 index 00000000000..5e74171883a --- /dev/null +++ b/lib/public/WorkflowEngine/EntityContext/IDisplayText.php @@ -0,0 +1,47 @@ +<?php +declare(strict_types=1); +/** + * @copyright Copyright (c) 2019 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCP\WorkflowEngine\EntityContext; + +/** + * Interface IDisplayText + * + * @package OCP\WorkflowEngine\EntityContext + * + * @since 18.0.0 + */ +interface IDisplayText { + + /** + * returns translated text used for display to the end user. For instance, + * it can describe the event in a human readable way. + * + * The entity may react to a verbosity level that is provided. With the + * basic level, 0, it would return brief information, and more with higher + * numbers. All information shall be shown at a level of 3. + * + * @since 18.0.0 + */ + public function getDisplayText(int $verbosity = 0): string; +} diff --git a/lib/public/WorkflowEngine/EntityContext/IIcon.php b/lib/public/WorkflowEngine/EntityContext/IIcon.php new file mode 100644 index 00000000000..cde340c9931 --- /dev/null +++ b/lib/public/WorkflowEngine/EntityContext/IIcon.php @@ -0,0 +1,42 @@ +<?php +declare(strict_types=1); +/** + * @copyright Copyright (c) 2019 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCP\WorkflowEngine\EntityContext; + +/** + * Interface IIcon + * + * @package OCP\WorkflowEngine\EntityContext + * + * @since 18.0.0 + */ +interface IIcon { + /** + * returns a URL to an icon that is related to the entity, for instance + * a group icon for groups. + * + * @since 18.0.0 + */ + public function getIconUrl(): string; +} diff --git a/lib/public/WorkflowEngine/EntityContext/IUrl.php b/lib/public/WorkflowEngine/EntityContext/IUrl.php new file mode 100644 index 00000000000..a847dfaad05 --- /dev/null +++ b/lib/public/WorkflowEngine/EntityContext/IUrl.php @@ -0,0 +1,41 @@ +<?php +declare(strict_types=1); +/** + * @copyright Copyright (c) 2019 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCP\WorkflowEngine\EntityContext; + +/** + * Interface IUrl + * + * @package OCP\WorkflowEngine\EntityContext + * + * @since 18.0.0 + */ +interface IUrl { + /** + * returns a URL that is related to the entity, e.g. the link to a share + * + * @since 18.0.0 + */ + public function getUrl(): string; +} diff --git a/lib/public/WorkflowEngine/IEntity.php b/lib/public/WorkflowEngine/IEntity.php index b8205600498..47e2f102199 100644 --- a/lib/public/WorkflowEngine/IEntity.php +++ b/lib/public/WorkflowEngine/IEntity.php @@ -74,4 +74,12 @@ interface IEntity { */ public function prepareRuleMatcher(IRuleMatcher $ruleMatcher, string $eventName, Event $event): void; + /** + * returns whether the provided user id is allowed to run a flow against + * the known context + * + * @since 18.0.0 + */ + public function isLegitimatedForUserId(string $userId): bool; + } diff --git a/lib/public/WorkflowEngine/IRuleMatcher.php b/lib/public/WorkflowEngine/IRuleMatcher.php index 5569800edb7..28abaa56137 100644 --- a/lib/public/WorkflowEngine/IRuleMatcher.php +++ b/lib/public/WorkflowEngine/IRuleMatcher.php @@ -24,6 +24,8 @@ declare(strict_types=1); namespace OCP\WorkflowEngine; +use RuntimeException; + /** * Class IRuleMatcher * @@ -33,7 +35,45 @@ namespace OCP\WorkflowEngine; */ interface IRuleMatcher extends IFileCheck { /** + * This method is left for backwards compatibility and easier porting of + * apps. Please use 'getFlows' instead (and setOperation if you implement + * an IComplexOperation). + * * @since 18.0.0 + * @deprecated 18.0.0 */ public function getMatchingOperations(string $class, bool $returnFirstMatchingOperationOnly = true): array; + + /** + * @throws RuntimeException + * @since 18.0.0 + */ + public function getFlows(bool $returnFirstMatchingOperationOnly = true): array; + + /** + * this method can only be called once and is typically called by the + * Flow engine, unless for IComplexOperations. + * + * @throws RuntimeException + * @since 18.0.0 + */ + public function setOperation(IOperation $operation): void; + + /** + * this method can only be called once and is typically called by the + * Flow engine, unless for IComplexOperations. + * + * @throws RuntimeException + * @since 18.0.0 + */ + public function setEntity(IEntity $entity): void; + + /** + * returns the entity which might provide more information, depending on + * the interfaces it implements + * + * @return IEntity + * @since 18.0.0 + */ + public function getEntity(): IEntity; } |