summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBjoern Schiessle <bjoern@schiessle.org>2018-06-05 19:43:57 +0200
committerBjoern Schiessle <bjoern@schiessle.org>2018-07-02 11:29:29 +0200
commited415726d35b019ef085330ee8573d00415bb771 (patch)
tree42305c8e152ddf38e19074a6c59b1216b81a64cc
parent2bb1956c1f69ea7159e65d49ed0cc2a127749be6 (diff)
downloadnextcloud-server-ed415726d35b019ef085330ee8573d00415bb771.tar.gz
nextcloud-server-ed415726d35b019ef085330ee8573d00415bb771.zip
send RESHARE_CHANGE_PERMISSION message
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
-rw-r--r--apps/federatedfilesharing/lib/Controller/RequestHandlerController.php77
-rw-r--r--apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php82
2 files changed, 114 insertions, 45 deletions
diff --git a/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php b/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php
index 30330accddf..653c41c3ba0 100644
--- a/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php
+++ b/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php
@@ -40,6 +40,8 @@ use OCP\AppFramework\OCS\OCSForbiddenException;
use OCP\AppFramework\OCS\OCSNotFoundException;
use OCP\AppFramework\OCSController;
use OCP\Constants;
+use OCP\Federation\Exceptions\AuthenticationFailedException;
+use OCP\Federation\Exceptions\BadRequestException;
use OCP\Federation\Exceptions\ProviderCouldNotAddShareException;
use OCP\Federation\Exceptions\ProviderDoesNotExistsException;
use OCP\Federation\Exceptions\ShareNotFoundException;
@@ -365,11 +367,9 @@ class RequestHandlerController extends OCSController {
$token = $this->request->getParam('token');
- $notification = $this->cloudFederationFactory->getCloudFederationNotification();
- $notification->setMessage(['sharedSecret' => $token]);
-
try {
$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
+ $notification = ['sharedSecret' => $token];
$provider->notificationReceived('RESHARE_UNDO', $id, $notification);
return new Http\DataResponse();
} catch (\Exception $e) {
@@ -402,28 +402,6 @@ class RequestHandlerController extends OCSController {
}
/**
- * get file
- *
- * @param string $user
- * @param int $fileSource
- * @return array with internal path of the file and a absolute link to it
- */
- private function getFile($user, $fileSource) {
- \OC_Util::setupFS($user);
-
- try {
- $file = \OC\Files\Filesystem::getPath($fileSource);
- } catch (NotFoundException $e) {
- $file = null;
- }
- $args = \OC\Files\Filesystem::is_dir($file) ? array('dir' => $file) : array('dir' => dirname($file), 'scrollto' => $file);
- $link = \OCP\Util::linkToAbsolute('files', 'index.php', $args);
-
- return array($file, $link);
-
- }
-
- /**
* check if server-to-server sharing is enabled
*
* @param bool $incoming
@@ -454,19 +432,15 @@ class RequestHandlerController extends OCSController {
*/
public function updatePermissions($id) {
$token = $this->request->getParam('token', null);
- $permissions = $this->request->getParam('permissions', null);
+ $ncPermissions = $this->request->getParam('permissions', null);
try {
- $share = $this->federatedShareProvider->getShareById($id);
- } catch (Share\Exceptions\ShareNotFound $e) {
- throw new OCSBadRequestException();
- }
-
- $validPermission = ctype_digit($permissions);
- $validToken = $this->verifyShare($share, $token);
- if ($validPermission && $validToken) {
- $this->updatePermissionsInDatabase($share, (int)$permissions);
- } else {
+ $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
+ $ocmPermissions = $this->ncPermissions2ocmPermissions((int)$ncPermissions);
+ $notification = ['sharedSecret' => $token, 'permission' => $ocmPermissions];
+ $provider->notificationReceived('RESHARE_CHANGE_PERMISSION', $id, $notification);
+ } catch (\Exception $e) {
+ $this->logger->debug($e->getMessage());
throw new OCSBadRequestException();
}
@@ -474,17 +448,30 @@ class RequestHandlerController extends OCSController {
}
/**
- * update permissions in database
+ * translate Nextcloud permissions to OCM Permissions
*
- * @param IShare $share
- * @param int $permissions
+ * @param $ncPermissions
+ * @return array
*/
- protected function updatePermissionsInDatabase(IShare $share, $permissions) {
- $query = $this->connection->getQueryBuilder();
- $query->update('share')
- ->where($query->expr()->eq('id', $query->createNamedParameter($share->getId())))
- ->set('permissions', $query->createNamedParameter($permissions))
- ->execute();
+ protected function ncPermissions2ocmPermissions($ncPermissions) {
+
+ $ocmPermissions = [];
+
+ if ($ncPermissions & Constants::PERMISSION_SHARE) {
+ $ocmPermissions[] = 'share';
+ }
+
+ if ($ncPermissions & Constants::PERMISSION_READ) {
+ $ocmPermissions[] = 'read';
+ }
+
+ if (($ncPermissions & Constants::PERMISSION_CREATE) ||
+ ($ncPermissions & Constants::PERMISSION_UPDATE)) {
+ $ocmPermissions[] = 'write';
+ }
+
+ return $ocmPermissions;
+
}
/**
diff --git a/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php b/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php
index cc14d35a3d0..0f28abc9451 100644
--- a/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php
+++ b/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php
@@ -21,6 +21,7 @@
namespace OCA\FederatedFileSharing\OCM;
+use function GuzzleHttp\default_ca_bundle;
use OC\AppFramework\Http;
use OC\Files\Filesystem;
use OCA\Files_Sharing\Activity\Providers\RemoteShares;
@@ -288,6 +289,8 @@ class CloudFederationProviderFiles implements ICloudFederationProvider {
return $this->reshareRequested($providerId, $notification);
case 'RESHARE_UNDO':
return $this->undoReshare($providerId, $notification);
+ case 'RESHARE_CHANGE_PERMISSION':
+ return $this->updateResharePermissions($providerId, $notification);
}
@@ -602,6 +605,85 @@ class CloudFederationProviderFiles implements ICloudFederationProvider {
}
/**
+ * update permission of a re-share so that the share dialog shows the right
+ * permission if the owner or the sender changes the permission
+ *
+ * @param string $id
+ * @param array $notification
+ * @return array
+ * @throws AuthenticationFailedException
+ * @throws BadRequestException
+ * @throws ShareNotFoundException
+ */
+ protected function updateResharePermissions($id, $notification) {
+
+ if (!isset($notification['sharedSecret'])) {
+ throw new BadRequestException(['sharedSecret']);
+ }
+ $token = $notification['sharedSecret'];
+
+ if (!isset($notification['permission'])) {
+ throw new BadRequestException(['permission']);
+ }
+ $ocmPermissions = $notification['permission'];
+
+ $share = $this->federatedShareProvider->getShareById($id);
+
+ $ncPermission = $this->ocmPermissions2ncPermissions($ocmPermissions);
+
+ $this->verifyShare($share, $token);
+ $this->updatePermissionsInDatabase($share, $ncPermission);
+
+ return [];
+ }
+
+ /**
+ * translate OCM Permissions to Nextcloud permissions
+ *
+ * @param $ocmPermissions
+ * @return int
+ * @throws BadRequestException
+ */
+ protected function ocmPermissions2ncPermissions($ocmPermissions) {
+ error_log("ocm permissions: " . json_encode($ocmPermissions));
+ $ncPermissions = 0;
+ foreach($ocmPermissions as $permission) {
+ switch (strtolower($permission)) {
+ case 'read':
+ $ncPermissions += Constants::PERMISSION_READ;
+ break;
+ case 'write':
+ $ncPermissions += Constants::PERMISSION_CREATE + Constants::PERMISSION_UPDATE;
+ break;
+ case 'share':
+ $ncPermissions += Constants::PERMISSION_SHARE;
+ break;
+ default:
+ throw new BadRequestException(['permission']);
+ }
+
+ error_log("new permissions: " . $ncPermissions);
+ }
+
+ return $ncPermissions;
+ }
+
+ /**
+ * update permissions in database
+ *
+ * @param IShare $share
+ * @param int $permissions
+ */
+ protected function updatePermissionsInDatabase(IShare $share, $permissions) {
+ $query = $this->connection->getQueryBuilder();
+ $query->update('share')
+ ->where($query->expr()->eq('id', $query->createNamedParameter($share->getId())))
+ ->set('permissions', $query->createNamedParameter($permissions))
+ ->execute();
+ }
+
+
+ /**
* get file
*
* @param string $user