summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoeland Jago Douma <rullzer@users.noreply.github.com>2019-11-28 20:49:42 +0100
committerGitHub <noreply@github.com>2019-11-28 20:49:42 +0100
commite5c95eed69a1d5e96b69147e4e7f6e40d21c8f9b (patch)
tree9ff9cc93aab5354763c9cc4ce4e0304f9a05458d
parent29bdaf735be1a5ae281c1945822d8881354ccbd3 (diff)
parent2d34274c8a3b2f85f2c6e1b18c8a06fbbacf932c (diff)
downloadnextcloud-server-e5c95eed69a1d5e96b69147e4e7f6e40d21c8f9b.tar.gz
nextcloud-server-e5c95eed69a1d5e96b69147e4e7f6e40d21c8f9b.zip
Merge pull request #18134 from nextcloud/enh/noid/flow-extend-scope
allow user flows when the acting user is legitimate, but not its owner
-rw-r--r--apps/workflowengine/lib/AppInfo/Application.php3
-rw-r--r--apps/workflowengine/lib/Entity/File.php160
-rw-r--r--apps/workflowengine/lib/Manager.php28
-rw-r--r--apps/workflowengine/lib/Service/RuleMatcher.php57
-rw-r--r--apps/workflowengine/tests/ManagerTest.php6
-rw-r--r--lib/composer/composer/autoload_classmap.php4
-rw-r--r--lib/composer/composer/autoload_static.php4
-rw-r--r--lib/public/WorkflowEngine/EntityContext/IDisplayName.php41
-rw-r--r--lib/public/WorkflowEngine/EntityContext/IDisplayText.php47
-rw-r--r--lib/public/WorkflowEngine/EntityContext/IIcon.php42
-rw-r--r--lib/public/WorkflowEngine/EntityContext/IUrl.php41
-rw-r--r--lib/public/WorkflowEngine/IEntity.php8
-rw-r--r--lib/public/WorkflowEngine/IRuleMatcher.php40
13 files changed, 449 insertions, 32 deletions
diff --git a/apps/workflowengine/lib/AppInfo/Application.php b/apps/workflowengine/lib/AppInfo/Application.php
index a654c87d2e7..933d0cb7544 100644
--- a/apps/workflowengine/lib/AppInfo/Application.php
+++ b/apps/workflowengine/lib/AppInfo/Application.php
@@ -98,6 +98,9 @@ class Application extends \OCP\AppFramework\App {
/** @var IOperation $operation */
$operation = $this->getContainer()->query($operationClass);
+ $ruleMatcher->setEntity($entity);
+ $ruleMatcher->setOperation($operation);
+
if ($event instanceof Event) {
$entity->prepareRuleMatcher($ruleMatcher, $eventName, $event);
$operation->onEvent($eventName, $event, $ruleMatcher);
diff --git a/apps/workflowengine/lib/Entity/File.php b/apps/workflowengine/lib/Entity/File.php
index a9d71d5f8c1..9c44a383d6c 100644
--- a/apps/workflowengine/lib/Entity/File.php
+++ b/apps/workflowengine/lib/Entity/File.php
@@ -24,19 +24,27 @@ declare(strict_types=1);
namespace OCA\WorkflowEngine\Entity;
-use OCA\WorkflowEngine\AppInfo\Application;
use OCP\EventDispatcher\Event;
+use OCP\EventDispatcher\GenericEvent;
use OCP\Files\IRootFolder;
+use OCP\Files\Node;
+use OCP\Files\NotFoundException;
use OCP\IL10N;
use OCP\ILogger;
use OCP\IURLGenerator;
+use OCP\IUserSession;
+use OCP\Share\IManager as ShareManager;
+use OCP\SystemTag\ISystemTag;
+use OCP\SystemTag\ISystemTagManager;
use OCP\SystemTag\MapperEvent;
+use OCP\WorkflowEngine\EntityContext\IDisplayText;
use OCP\WorkflowEngine\GenericEntityEvent;
use OCP\WorkflowEngine\IEntity;
use OCP\WorkflowEngine\IRuleMatcher;
-use Symfony\Component\EventDispatcher\GenericEvent;
-class File implements IEntity {
+class File implements IEntity, IDisplayText {
+
+ private const EVENT_NAMESPACE = '\OCP\Files::';
/** @var IL10N */
protected $l10n;
@@ -46,12 +54,34 @@ class File implements IEntity {
protected $root;
/** @var ILogger */
protected $logger;
+ /** @var string */
+ protected $eventName;
+ /** @var Event */
+ protected $event;
+ /** @var ShareManager */
+ private $shareManager;
+ /** @var IUserSession */
+ private $userSession;
+ /** @var ISystemTagManager */
+ private $tagManager;
+
- public function __construct(IL10N $l10n, IURLGenerator $urlGenerator, IRootFolder $root, ILogger $logger) {
+ public function __construct(
+ IL10N $l10n,
+ IURLGenerator $urlGenerator,
+ IRootFolder $root,
+ ILogger $logger,
+ ShareManager $shareManager,
+ IUserSession $userSession,
+ ISystemTagManager $tagManager
+ ) {
$this->l10n = $l10n;
$this->urlGenerator = $urlGenerator;
$this->root = $root;
$this->logger = $logger;
+ $this->shareManager = $shareManager;
+ $this->userSession = $userSession;
+ $this->tagManager = $tagManager;
}
public function getName(): string {
@@ -63,14 +93,13 @@ class File implements IEntity {
}
public function getEvents(): array {
- $namespace = '\OCP\Files::';
return [
- new GenericEntityEvent($this->l10n->t('File created'), $namespace . 'postCreate'),
- new GenericEntityEvent($this->l10n->t('File updated'), $namespace . 'postWrite'),
- new GenericEntityEvent($this->l10n->t('File renamed'), $namespace . 'postRename'),
- new GenericEntityEvent($this->l10n->t('File deleted'), $namespace . 'postDelete'),
- new GenericEntityEvent($this->l10n->t('File accessed'), $namespace . 'postTouch'),
- new GenericEntityEvent($this->l10n->t('File copied'), $namespace . 'postCopy'),
+ new GenericEntityEvent($this->l10n->t('File created'), self::EVENT_NAMESPACE . 'postCreate'),
+ new GenericEntityEvent($this->l10n->t('File updated'), self::EVENT_NAMESPACE . 'postWrite'),
+ new GenericEntityEvent($this->l10n->t('File renamed'), self::EVENT_NAMESPACE . 'postRename'),
+ new GenericEntityEvent($this->l10n->t('File deleted'), self::EVENT_NAMESPACE . 'postDelete'),
+ new GenericEntityEvent($this->l10n->t('File accessed'), self::EVENT_NAMESPACE . 'postTouch'),
+ new GenericEntityEvent($this->l10n->t('File copied'), self::EVENT_NAMESPACE . 'postCopy'),
new GenericEntityEvent($this->l10n->t('Tag assigned'), MapperEvent::EVENT_ASSIGN),
];
}
@@ -79,27 +108,104 @@ class File implements IEntity {
if (!$event instanceof GenericEvent && !$event instanceof MapperEvent) {
return;
}
- switch ($eventName) {
- case 'postCreate':
- case 'postWrite':
- case 'postDelete':
- case 'postTouch':
- $ruleMatcher->setEntitySubject($this, $event->getSubject());
- break;
- case 'postRename':
- case 'postCopy':
- $ruleMatcher->setEntitySubject($this, $event->getSubject()[1]);
- break;
+ $this->eventName = $eventName;
+ $this->event = $event;
+ try {
+ $node = $this->getNode();
+ $ruleMatcher->setEntitySubject($this, $node);
+ $ruleMatcher->setFileInfo($node->getStorage(), $node->getPath());
+ } catch (NotFoundException $e) {
+ // pass
+ }
+ }
+
+ public function isLegitimatedForUserId(string $uid): bool {
+ try {
+ $node = $this->getNode();
+ if($node->getOwner()->getUID() === $uid) {
+ return true;
+ }
+ $acl = $this->shareManager->getAccessList($node, true, true);
+ return array_key_exists($uid, $acl['users']);
+ } catch (NotFoundException $e) {
+ return false;
+ }
+ }
+
+ /**
+ * @throws NotFoundException
+ */
+ protected function getNode(): Node {
+ if (!$this->event instanceof GenericEvent && !$this->event instanceof MapperEvent) {
+ throw new NotFoundException();
+ }
+ switch ($this->eventName) {
+ case self::EVENT_NAMESPACE . 'postCreate':
+ case self::EVENT_NAMESPACE . 'postWrite':
+ case self::EVENT_NAMESPACE . 'postDelete':
+ case self::EVENT_NAMESPACE . 'postTouch':
+ return $this->event->getSubject();
+ case self::EVENT_NAMESPACE . 'postRename':
+ case self::EVENT_NAMESPACE . 'postCopy':
+ return $this->event->getSubject()[1];
case MapperEvent::EVENT_ASSIGN:
- if (!$event instanceof MapperEvent || $event->getObjectType() !== 'files') {
- break;
+ if (!$this->event instanceof MapperEvent || $this->event->getObjectType() !== 'files') {
+ throw new NotFoundException();
}
- $nodes = $this->root->getById((int)$event->getObjectId());
+ $nodes = $this->root->getById((int)$this->event->getObjectId());
if (is_array($nodes) && !empty($nodes)) {
- $node = array_shift($nodes);
- $ruleMatcher->setEntitySubject($this, $node);
+ return array_shift($nodes);
}
break;
}
+ throw new NotFoundException();
+ }
+
+ public function getDisplayText(int $verbosity = 0): string {
+ $user = $this->userSession->getUser();
+ try {
+ $node = $this->getNode();
+ } catch (NotFoundException $e) {
+ return '';
+ }
+
+ $options = [
+ $user ? $user->getDisplayName() : $this->t('Someone'),
+ $node->getName()
+ ];
+
+ switch ($this->eventName) {
+ case self::EVENT_NAMESPACE . 'postCreate':
+ return $this->l10n->t('%s created %s', $options);
+ case self::EVENT_NAMESPACE . 'postWrite':
+ return $this->l10n->t('%s modified %s', $options);
+ case self::EVENT_NAMESPACE . 'postDelete':
+ return $this->l10n->t('%s deleted %s', $options);
+ case self::EVENT_NAMESPACE . 'postTouch':
+ return $this->l10n->t('%s accessed %s', $options);
+ case self::EVENT_NAMESPACE . 'postRename':
+ return $this->l10n->t('%s renamed %s', $options);
+ case self::EVENT_NAMESPACE . 'postCopy':
+ return $this->l10n->t('%s copied %s', $options);
+ case MapperEvent::EVENT_ASSIGN:
+ $tagNames = [];
+ if($this->event instanceof MapperEvent) {
+ $tagIDs = $this->event->getTags();
+ $tagObjects = $this->tagManager->getTagsByIds($tagIDs);
+ foreach ($tagObjects as $systemTag) {
+ /** @var ISystemTag $systemTag */
+ if($systemTag->isUserVisible()) {
+ $tagNames[] = $systemTag->getName();
+ }
+ }
+ }
+ $filename = array_pop($options);
+ $tagString = implode(', ', $tagNames);
+ if($tagString === '') {
+ return '';
+ }
+ array_push($options, $tagString, $filename);
+ return $this->l10n->t('%s assigned %s to %s', $options);
+ }
}
}
diff --git a/apps/workflowengine/lib/Manager.php b/apps/workflowengine/lib/Manager.php
index 1c2c76a94c4..f97d77f5983 100644
--- a/apps/workflowengine/lib/Manager.php
+++ b/apps/workflowengine/lib/Manager.php
@@ -152,6 +152,32 @@ class Manager implements IManager {
return $operations;
}
+ public function getAllConfiguredScopesForOperation(string $operationClass): array {
+ static $scopesByOperation = [];
+ if (isset($scopesByOperation[$operationClass])) {
+ return $scopesByOperation[$operationClass];
+ }
+
+ $query = $this->connection->getQueryBuilder();
+
+ $query->selectDistinct('s.type')
+ ->addSelect('s.value')
+ ->from('flow_operations', 'o')
+ ->leftJoin('o', 'flow_operations_scope', 's', $query->expr()->eq('o.id', 's.operation_id'))
+ ->where($query->expr()->eq('o.class', $query->createParameter('operationClass')));
+
+ $query->setParameters(['operationClass' => $operationClass]);
+ $result = $query->execute();
+
+ $scopesByOperation[$operationClass] = [];
+ while ($row = $result->fetch()) {
+ $scope = new ScopeContext($row['type'], $row['value']);
+ $scopesByOperation[$operationClass][$scope->getHash()] = $scope;
+ }
+
+ return $scopesByOperation[$operationClass];
+ }
+
public function getAllOperations(ScopeContext $scopeContext): array {
if(isset($this->operations[$scopeContext->getHash()])) {
return $this->operations[$scopeContext->getHash()];
@@ -160,6 +186,8 @@ class Manager implements IManager {
$query = $this->connection->getQueryBuilder();
$query->select('o.*')
+ ->selectAlias('s.type', 'scope_type')
+ ->selectAlias('s.value', 'scope_actor_id')
->from('flow_operations', 'o')
->leftJoin('o', 'flow_operations_scope', 's', $query->expr()->eq('o.id', 's.operation_id'))
->where($query->expr()->eq('s.type', $query->createParameter('scope')));
diff --git a/apps/workflowengine/lib/Service/RuleMatcher.php b/apps/workflowengine/lib/Service/RuleMatcher.php
index 95c68b63370..16f0e486aaa 100644
--- a/apps/workflowengine/lib/Service/RuleMatcher.php
+++ b/apps/workflowengine/lib/Service/RuleMatcher.php
@@ -36,7 +36,9 @@ use OCP\WorkflowEngine\IEntity;
use OCP\WorkflowEngine\IEntityCheck;
use OCP\WorkflowEngine\IFileCheck;
use OCP\WorkflowEngine\IManager;
+use OCP\WorkflowEngine\IOperation;
use OCP\WorkflowEngine\IRuleMatcher;
+use RuntimeException;
class RuleMatcher implements IRuleMatcher {
@@ -52,8 +54,17 @@ class RuleMatcher implements IRuleMatcher {
protected $fileInfo = [];
/** @var IL10N */
protected $l;
-
- public function __construct(IUserSession $session, IServerContainer $container, IL10N $l, Manager $manager) {
+ /** @var IOperation */
+ protected $operation;
+ /** @var IEntity */
+ protected $entity;
+
+ public function __construct(
+ IUserSession $session,
+ IServerContainer $container,
+ IL10N $l,
+ Manager $manager
+ ) {
$this->session = $session;
$this->manager = $manager;
$this->container = $container;
@@ -65,11 +76,38 @@ class RuleMatcher implements IRuleMatcher {
$this->fileInfo['path'] = $path;
}
-
public function setEntitySubject(IEntity $entity, $subject): void {
$this->contexts[get_class($entity)] = [$entity, $subject];
}
+ public function setOperation(IOperation $operation): void {
+ if($this->operation !== null) {
+ throw new RuntimeException('This method must not be called more than once');
+ }
+ $this->operation = $operation;
+ }
+
+ public function setEntity(IEntity $entity): void {
+ if($this->entity !== null) {
+ throw new RuntimeException('This method must not be called more than once');
+ }
+ $this->entity = $entity;
+ }
+
+ public function getEntity(): IEntity {
+ if($this->entity === null) {
+ throw new \LogicException('Entity was not set yet');
+ }
+ return $this->entity;
+ }
+
+ public function getFlows(bool $returnFirstMatchingOperationOnly = true): array {
+ if(!$this->operation) {
+ throw new RuntimeException('Operation is not set');
+ }
+ return $this->getMatchingOperations(get_class($this->operation), $returnFirstMatchingOperationOnly);
+ }
+
public function getMatchingOperations(string $class, bool $returnFirstMatchingOperationOnly = true): array {
$scopes[] = new ScopeContext(IManager::SCOPE_ADMIN);
$user = $this->session->getUser();
@@ -82,6 +120,17 @@ class RuleMatcher implements IRuleMatcher {
$operations = array_merge($operations, $this->manager->getOperations($class, $scope));
}
+ $additionalScopes = $this->manager->getAllConfiguredScopesForOperation($class);
+ foreach ($additionalScopes as $hash => $scopeCandidate) {
+ /** @var ScopeContext $scopeCandidate */
+ if ($scopeCandidate->getScope() !== IManager::SCOPE_USER) {
+ continue;
+ }
+ if ($this->entity->isLegitimatedForUserId($scopeCandidate->getScopeId())) {
+ $operations = array_merge($operations, $this->manager->getOperations($class, $scopeCandidate));
+ }
+ }
+
$matches = [];
foreach ($operations as $operation) {
$checkIds = json_decode($operation['checks'], true);
@@ -117,7 +166,7 @@ class RuleMatcher implements IRuleMatcher {
if ($checkInstance instanceof IFileCheck) {
if (empty($this->fileInfo)) {
- throw new \RuntimeException('Must set file info before running the check');
+ throw new RuntimeException('Must set file info before running the check');
}
$checkInstance->setFileInfo($this->fileInfo['storage'], $this->fileInfo['path']);
} elseif ($checkInstance instanceof IEntityCheck) {
diff --git a/apps/workflowengine/tests/ManagerTest.php b/apps/workflowengine/tests/ManagerTest.php
index 0f142e642ed..82f1653ef25 100644
--- a/apps/workflowengine/tests/ManagerTest.php
+++ b/apps/workflowengine/tests/ManagerTest.php
@@ -33,6 +33,7 @@ use OCP\ILogger;
use OCP\IServerContainer;
use OCP\IURLGenerator;
use OCP\IUserSession;
+use OCP\SystemTag\ISystemTagManager;
use OCP\WorkflowEngine\ICheck;
use OCP\WorkflowEngine\IEntity;
use OCP\WorkflowEngine\IManager;
@@ -283,7 +284,10 @@ class ManagerTest extends TestCase {
$this->l,
$this->createMock(IURLGenerator::class),
$this->createMock(IRootFolder::class),
- $this->createMock(ILogger::class)
+ $this->createMock(ILogger::class),
+ $this->createMock(\OCP\Share\IManager::class),
+ $this->createMock(IUserSession::class),
+ $this->createMock(ISystemTagManager::class)
])
->setMethodsExcept(['getEvents'])
->getMock();
diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php
index 900a03a0f35..cd6b4ca1a85 100644
--- a/lib/composer/composer/autoload_classmap.php
+++ b/lib/composer/composer/autoload_classmap.php
@@ -452,6 +452,10 @@ return array(
'OCP\\User\\Backend\\ISetPasswordBackend' => $baseDir . '/lib/public/User/Backend/ISetPasswordBackend.php',
'OCP\\User\\Events\\PostLoginEvent' => $baseDir . '/lib/public/User/Events/PostLoginEvent.php',
'OCP\\Util' => $baseDir . '/lib/public/Util.php',
+ 'OCP\\WorkflowEngine\\EntityContext\\IDisplayName' => $baseDir . '/lib/public/WorkflowEngine/EntityContext/IDisplayName.php',
+ 'OCP\\WorkflowEngine\\EntityContext\\IDisplayText' => $baseDir . '/lib/public/WorkflowEngine/EntityContext/IDisplayText.php',
+ 'OCP\\WorkflowEngine\\EntityContext\\IIcon' => $baseDir . '/lib/public/WorkflowEngine/EntityContext/IIcon.php',
+ 'OCP\\WorkflowEngine\\EntityContext\\IUrl' => $baseDir . '/lib/public/WorkflowEngine/EntityContext/IUrl.php',
'OCP\\WorkflowEngine\\GenericEntityEvent' => $baseDir . '/lib/public/WorkflowEngine/GenericEntityEvent.php',
'OCP\\WorkflowEngine\\ICheck' => $baseDir . '/lib/public/WorkflowEngine/ICheck.php',
'OCP\\WorkflowEngine\\IComplexOperation' => $baseDir . '/lib/public/WorkflowEngine/IComplexOperation.php',
diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php
index 84532fabf5f..7fae2d92c37 100644
--- a/lib/composer/composer/autoload_static.php
+++ b/lib/composer/composer/autoload_static.php
@@ -481,6 +481,10 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
'OCP\\User\\Backend\\ISetPasswordBackend' => __DIR__ . '/../../..' . '/lib/public/User/Backend/ISetPasswordBackend.php',
'OCP\\User\\Events\\PostLoginEvent' => __DIR__ . '/../../..' . '/lib/public/User/Events/PostLoginEvent.php',
'OCP\\Util' => __DIR__ . '/../../..' . '/lib/public/Util.php',
+ 'OCP\\WorkflowEngine\\EntityContext\\IDisplayName' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/EntityContext/IDisplayName.php',
+ 'OCP\\WorkflowEngine\\EntityContext\\IDisplayText' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/EntityContext/IDisplayText.php',
+ 'OCP\\WorkflowEngine\\EntityContext\\IIcon' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/EntityContext/IIcon.php',
+ 'OCP\\WorkflowEngine\\EntityContext\\IUrl' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/EntityContext/IUrl.php',
'OCP\\WorkflowEngine\\GenericEntityEvent' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/GenericEntityEvent.php',
'OCP\\WorkflowEngine\\ICheck' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/ICheck.php',
'OCP\\WorkflowEngine\\IComplexOperation' => __DIR__ . '/../../..' . '/lib/public/WorkflowEngine/IComplexOperation.php',
diff --git a/lib/public/WorkflowEngine/EntityContext/IDisplayName.php b/lib/public/WorkflowEngine/EntityContext/IDisplayName.php
new file mode 100644
index 00000000000..eeaf7887d5a
--- /dev/null
+++ b/lib/public/WorkflowEngine/EntityContext/IDisplayName.php
@@ -0,0 +1,41 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019 Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCP\WorkflowEngine\EntityContext;
+
+/**
+ * Interface IDisplayName
+ *
+ * @package OCP\WorkflowEngine\EntityContext
+ *
+ * @since 18.0.0
+ */
+interface IDisplayName {
+ /**
+ * returns the end user facing name of the object related to the entity
+ *
+ * @since 18.0.0
+ */
+ public function getDisplayName(): string;
+}
diff --git a/lib/public/WorkflowEngine/EntityContext/IDisplayText.php b/lib/public/WorkflowEngine/EntityContext/IDisplayText.php
new file mode 100644
index 00000000000..5e74171883a
--- /dev/null
+++ b/lib/public/WorkflowEngine/EntityContext/IDisplayText.php
@@ -0,0 +1,47 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019 Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCP\WorkflowEngine\EntityContext;
+
+/**
+ * Interface IDisplayText
+ *
+ * @package OCP\WorkflowEngine\EntityContext
+ *
+ * @since 18.0.0
+ */
+interface IDisplayText {
+
+ /**
+ * returns translated text used for display to the end user. For instance,
+ * it can describe the event in a human readable way.
+ *
+ * The entity may react to a verbosity level that is provided. With the
+ * basic level, 0, it would return brief information, and more with higher
+ * numbers. All information shall be shown at a level of 3.
+ *
+ * @since 18.0.0
+ */
+ public function getDisplayText(int $verbosity = 0): string;
+}
diff --git a/lib/public/WorkflowEngine/EntityContext/IIcon.php b/lib/public/WorkflowEngine/EntityContext/IIcon.php
new file mode 100644
index 00000000000..cde340c9931
--- /dev/null
+++ b/lib/public/WorkflowEngine/EntityContext/IIcon.php
@@ -0,0 +1,42 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019 Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCP\WorkflowEngine\EntityContext;
+
+/**
+ * Interface IIcon
+ *
+ * @package OCP\WorkflowEngine\EntityContext
+ *
+ * @since 18.0.0
+ */
+interface IIcon {
+ /**
+ * returns a URL to an icon that is related to the entity, for instance
+ * a group icon for groups.
+ *
+ * @since 18.0.0
+ */
+ public function getIconUrl(): string;
+}
diff --git a/lib/public/WorkflowEngine/EntityContext/IUrl.php b/lib/public/WorkflowEngine/EntityContext/IUrl.php
new file mode 100644
index 00000000000..a847dfaad05
--- /dev/null
+++ b/lib/public/WorkflowEngine/EntityContext/IUrl.php
@@ -0,0 +1,41 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019 Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCP\WorkflowEngine\EntityContext;
+
+/**
+ * Interface IUrl
+ *
+ * @package OCP\WorkflowEngine\EntityContext
+ *
+ * @since 18.0.0
+ */
+interface IUrl {
+ /**
+ * returns a URL that is related to the entity, e.g. the link to a share
+ *
+ * @since 18.0.0
+ */
+ public function getUrl(): string;
+}
diff --git a/lib/public/WorkflowEngine/IEntity.php b/lib/public/WorkflowEngine/IEntity.php
index b8205600498..47e2f102199 100644
--- a/lib/public/WorkflowEngine/IEntity.php
+++ b/lib/public/WorkflowEngine/IEntity.php
@@ -74,4 +74,12 @@ interface IEntity {
*/
public function prepareRuleMatcher(IRuleMatcher $ruleMatcher, string $eventName, Event $event): void;
+ /**
+ * returns whether the provided user id is allowed to run a flow against
+ * the known context
+ *
+ * @since 18.0.0
+ */
+ public function isLegitimatedForUserId(string $userId): bool;
+
}
diff --git a/lib/public/WorkflowEngine/IRuleMatcher.php b/lib/public/WorkflowEngine/IRuleMatcher.php
index 5569800edb7..28abaa56137 100644
--- a/lib/public/WorkflowEngine/IRuleMatcher.php
+++ b/lib/public/WorkflowEngine/IRuleMatcher.php
@@ -24,6 +24,8 @@ declare(strict_types=1);
namespace OCP\WorkflowEngine;
+use RuntimeException;
+
/**
* Class IRuleMatcher
*
@@ -33,7 +35,45 @@ namespace OCP\WorkflowEngine;
*/
interface IRuleMatcher extends IFileCheck {
/**
+ * This method is left for backwards compatibility and easier porting of
+ * apps. Please use 'getFlows' instead (and setOperation if you implement
+ * an IComplexOperation).
+ *
* @since 18.0.0
+ * @deprecated 18.0.0
*/
public function getMatchingOperations(string $class, bool $returnFirstMatchingOperationOnly = true): array;
+
+ /**
+ * @throws RuntimeException
+ * @since 18.0.0
+ */
+ public function getFlows(bool $returnFirstMatchingOperationOnly = true): array;
+
+ /**
+ * this method can only be called once and is typically called by the
+ * Flow engine, unless for IComplexOperations.
+ *
+ * @throws RuntimeException
+ * @since 18.0.0
+ */
+ public function setOperation(IOperation $operation): void;
+
+ /**
+ * this method can only be called once and is typically called by the
+ * Flow engine, unless for IComplexOperations.
+ *
+ * @throws RuntimeException
+ * @since 18.0.0
+ */
+ public function setEntity(IEntity $entity): void;
+
+ /**
+ * returns the entity which might provide more information, depending on
+ * the interfaces it implements
+ *
+ * @return IEntity
+ * @since 18.0.0
+ */
+ public function getEntity(): IEntity;
}