throw hooks when accessing a link share

1 files changed, 55 insertions, 2 deletions

diff --git a/apps/files_sharing/lib/controllers/sharecontroller.php b/apps/files_sharing/lib/controllers/sharecontroller.php
index bbe68096b52..b30509405a5 100644
--- a/apps/files_sharing/lib/controllers/sharecontroller.php
+++ b/apps/files_sharing/lib/controllers/sharecontroller.php
@@ -177,6 +177,7 @@ class ShareController extends Controller {
 			if ($this->shareManager->checkPassword($share, $password)) {
 				$this->session->set('public_link_authenticated', (string)$share->getId());
 			} else {
+				$this->emitAccessShareHook($share, 403, 'Wrong password');
 				return false;
 			}
 		} else {
@@ -190,6 +191,45 @@ class ShareController extends Controller {
 	}
 
 	/**
+	 * throws hooks when a share is attempted to be accessed
+	 *
+	 * @param \OC\Share20\Share|string $share the Share instance if available,
+	 * otherwise token
+	 * @param int $errorCode
+	 * @param string $errorMessage
+	 * @throws NotFoundException
+	 * @throws OC\HintException
+	 * @throws OC\ServerNotAvailableException
+	 */
+	protected function emitAccessShareHook($share, $errorCode = 200, $errorMessage = '') {
+		$itemType = $itemSource = $uidOwner = '';
+		$token = $share;
+		$exception = null;
+		if($share instanceof \OC\Share20\Share) {
+			try {
+				$token = $share->getToken();
+				$uidOwner = $share->getSharedBy();
+				$itemType = $share->getNode() instanceof \OCP\Files\File ? 'file' : 'folder';
+				$itemSource = $share->getNode()->getId();
+			} catch (\Exception $e) {
+				// we log what we know and pass on the exception afterwards
+				$exception = $e;
+			}
+		}
+		\OC_Hook::emit('OCP\Share', 'share_link_access', [
+			'itemType' => $itemType,
+			'itemSource' => $itemSource,
+			'uidOwner' => $uidOwner,
+			'token' => $token,
+			'errorCode' => $errorCode,
+			'errorMessage' => $errorMessage,
+		]);
+		if(!is_null($exception)) {
+			throw $exception;
+		}
+	}
+
+	/**
 	 * @PublicPage
 	 * @NoCSRFRequired
 	 *
@@ -205,6 +245,7 @@ class ShareController extends Controller {
 		try {
 			$share = $this->shareManager->getShareByToken($token);
 		} catch (ShareNotFound $e) {
+			$this->emitAccessShareHook($token, 404, 'Share not found');
 			return new NotFoundResponse();
 		}
 
@@ -215,8 +256,14 @@ class ShareController extends Controller {
 		}
 
 		// We can't get the path of a file share
-		if ($share->getNode() instanceof \OCP\Files\File && $path !== '') {
-			throw new NotFoundException();
+		try {
+			if ($share->getNode() instanceof \OCP\Files\File && $path !== '') {
+				$this->emitAccessShareHook($share, 404, 'Share not found');
+				throw new NotFoundException();
+			}
+		} catch (\Exception $e) {
+			$this->emitAccessShareHook($share, 404, 'Share not found');
+			throw $e;
 		}
 
 		$rootFolder = null;
@@ -227,6 +274,7 @@ class ShareController extends Controller {
 			try {
 				$path = $rootFolder->get($path);
 			} catch (\OCP\Files\NotFoundException $e) {
+				$this->emitAccessShareHook($share, 404, 'Share not found');
 				throw new NotFoundException();
 			}
 		}
@@ -287,6 +335,8 @@ class ShareController extends Controller {
 		$response = new TemplateResponse($this->appName, 'public', $shareTmpl, 'base');
 		$response->setContentSecurityPolicy($csp);
 
+		$this->emitAccessShareHook($share);
+
 		return $response;
 	}
 
@@ -344,6 +394,7 @@ class ShareController extends Controller {
 				try {
 					$node = $node->get($path);
 				} catch (NotFoundException $e) {
+					$this->emitAccessShareHook($share, 404, 'Share not found');
 					return new NotFoundResponse();
 				}
 			}
@@ -409,6 +460,8 @@ class ShareController extends Controller {
 			setcookie('ocDownloadStarted', $downloadStartSecret, time() + 20, '/');
 		}
 
+		$this->emitAccessShareHook($share);
+
 		// download selected files
 		if (!is_null($files)) {
 			// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well