summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMorris Jobke <hey@morrisjobke.de>2021-05-21 15:35:39 +0200
committerGitHub <noreply@github.com>2021-05-21 15:35:39 +0200
commitf1dbabd9109c08e62d6f82124c63201c96ad2203 (patch)
treeea6b862c1fa97ec5ad03895c120268bd25d1d35e
parentb1ad3faf14140e3c85a7eec1dade88cd551cc747 (diff)
parent8d7fae8fae054eaa08635fea3ba092196c6f8b84 (diff)
downloadnextcloud-server-f1dbabd9109c08e62d6f82124c63201c96ad2203.tar.gz
nextcloud-server-f1dbabd9109c08e62d6f82124c63201c96ad2203.zip
Merge pull request #26727 from nextcloud/group-exclude-link-share
Add option to exclude groups from creating link shares
-rw-r--r--apps/files/lib/Controller/ViewController.php9
-rw-r--r--apps/files/list.php6
-rw-r--r--apps/files/tests/Controller/ViewControllerTest.php7
-rw-r--r--apps/files_sharing/lib/AppInfo/Application.php20
-rw-r--r--apps/files_sharing/lib/Capabilities.php38
-rw-r--r--apps/files_sharing/tests/CapabilitiesTest.php37
-rw-r--r--apps/settings/js/admin.js2
-rw-r--r--apps/settings/lib/Settings/Admin/Sharing.php4
-rw-r--r--apps/settings/templates/settings/admin/sharing.php10
-rw-r--r--apps/settings/tests/Settings/Admin/SharingTest.php6
-rw-r--r--lib/private/Server.php3
-rw-r--r--lib/private/Share20/Manager.php120
-rw-r--r--lib/private/legacy/OC_Util.php40
-rw-r--r--lib/public/Share/IManager.php48
-rw-r--r--tests/lib/Share20/ManagerTest.php33
-rw-r--r--tests/lib/UtilTest.php49
16 files changed, 253 insertions, 179 deletions
diff --git a/apps/files/lib/Controller/ViewController.php b/apps/files/lib/Controller/ViewController.php
index efaf2dc602f..b055f9a38b5 100644
--- a/apps/files/lib/Controller/ViewController.php
+++ b/apps/files/lib/Controller/ViewController.php
@@ -55,6 +55,7 @@ use OCP\IL10N;
use OCP\IRequest;
use OCP\IURLGenerator;
use OCP\IUserSession;
+use OCP\Share\IManager;
/**
* Class ViewController
@@ -86,6 +87,8 @@ class ViewController extends Controller {
private $initialState;
/** @var ITemplateManager */
private $templateManager;
+ /** @var IManager */
+ private $shareManager;
public function __construct(string $appName,
IRequest $request,
@@ -98,7 +101,8 @@ class ViewController extends Controller {
IRootFolder $rootFolder,
Helper $activityHelper,
IInitialState $initialState,
- ITemplateManager $templateManager
+ ITemplateManager $templateManager,
+ IManager $shareManager
) {
parent::__construct($appName, $request);
$this->appName = $appName;
@@ -113,6 +117,7 @@ class ViewController extends Controller {
$this->activityHelper = $activityHelper;
$this->initialState = $initialState;
$this->templateManager = $templateManager;
+ $this->shareManager = $shareManager;
}
/**
@@ -302,7 +307,7 @@ class ViewController extends Controller {
$params['owner'] = $storageInfo['owner'] ?? '';
$params['ownerDisplayName'] = $storageInfo['ownerDisplayName'] ?? '';
$params['isPublic'] = false;
- $params['allowShareWithLink'] = $this->config->getAppValue('core', 'shareapi_allow_links', 'yes');
+ $params['allowShareWithLink'] = $this->shareManager->shareApiAllowLinks() ? 'yes' : 'no';
$params['defaultFileSorting'] = $this->config->getUserValue($user, 'files', 'file_sorting', 'name');
$params['defaultFileSortingDirection'] = $this->config->getUserValue($user, 'files', 'file_sorting_direction', 'asc');
$params['showgridview'] = $this->config->getUserValue($user, 'files', 'show_grid', false);
diff --git a/apps/files/list.php b/apps/files/list.php
index 52d736516c9..308d149c873 100644
--- a/apps/files/list.php
+++ b/apps/files/list.php
@@ -22,10 +22,14 @@
*
*/
+use OCP\Share\IManager;
+
$config = \OC::$server->getConfig();
$userSession = \OC::$server->getUserSession();
// TODO: move this to the generated config.js
-$publicUploadEnabled = $config->getAppValue('core', 'shareapi_allow_public_upload', 'yes');
+/** @var IManager $shareManager */
+$shareManager = \OC::$server->get(IManager::class);
+$publicUploadEnabled = $shareManager->shareApiLinkAllowPublicUpload() ? 'yes' : 'no';;
$showgridview = $config->getUserValue($userSession->getUser()->getUID(), 'files', 'show_grid', false);
$isIE = OC_Util::isIe();
diff --git a/apps/files/tests/Controller/ViewControllerTest.php b/apps/files/tests/Controller/ViewControllerTest.php
index bc233599e34..3453914b27a 100644
--- a/apps/files/tests/Controller/ViewControllerTest.php
+++ b/apps/files/tests/Controller/ViewControllerTest.php
@@ -48,6 +48,7 @@ use OCP\IRequest;
use OCP\IURLGenerator;
use OCP\IUser;
use OCP\IUserSession;
+use OCP\Share\IManager;
use OCP\Template;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Test\TestCase;
@@ -84,6 +85,8 @@ class ViewControllerTest extends TestCase {
private $initialState;
/** @var ITemplateManager|\PHPUnit\Framework\MockObject\MockObject */
private $templateManager;
+ /** @var IManager|\PHPUnit\Framework\MockObject\MockObject */
+ private $shareManager;
protected function setUp(): void {
parent::setUp();
@@ -105,6 +108,7 @@ class ViewControllerTest extends TestCase {
$this->activityHelper = $this->createMock(Helper::class);
$this->initialState = $this->createMock(IInitialState::class);
$this->templateManager = $this->createMock(ITemplateManager::class);
+ $this->shareManager = $this->createMock(IManager::class);
$this->viewController = $this->getMockBuilder('\OCA\Files\Controller\ViewController')
->setConstructorArgs([
'files',
@@ -119,6 +123,7 @@ class ViewControllerTest extends TestCase {
$this->activityHelper,
$this->initialState,
$this->templateManager,
+ $this->shareManager,
])
->setMethods([
'getStorageInfo',
@@ -153,6 +158,8 @@ class ViewControllerTest extends TestCase {
->expects($this->any())
->method('getAppValue')
->willReturnArgument(2);
+ $this->shareManager->method('shareApiAllowLinks')
+ ->willReturn(true);
$nav = new Template('files', 'appnavigation');
$nav->assign('usage_relative', 123);
diff --git a/apps/files_sharing/lib/AppInfo/Application.php b/apps/files_sharing/lib/AppInfo/Application.php
index 078a0a5f59d..213e441cdb8 100644
--- a/apps/files_sharing/lib/AppInfo/Application.php
+++ b/apps/files_sharing/lib/AppInfo/Application.php
@@ -56,7 +56,9 @@ use OCP\Group\Events\UserAddedEvent;
use OCP\IDBConnection;
use OCP\IGroup;
use OCP\IServerContainer;
+use OCP\IUserSession;
use OCP\Share\Events\ShareCreatedEvent;
+use OCP\Share\IManager;
use OCP\Util;
use Psr\Container\ContainerInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
@@ -166,20 +168,24 @@ class Application extends App {
}
protected function setupSharingMenus() {
- $config = \OC::$server->getConfig();
+ /** @var IManager $shareManager */
+ $shareManager = \OC::$server->get(IManager::class);
- if ($config->getAppValue('core', 'shareapi_enabled', 'yes') !== 'yes' || !class_exists('\OCA\Files\App')) {
+ if (!$shareManager->shareApiEnabled() || !class_exists('\OCA\Files\App')) {
return;
}
// show_Quick_Access stored as string
- \OCA\Files\App::getNavigationManager()->add(function () {
- $config = \OC::$server->getConfig();
+ \OCA\Files\App::getNavigationManager()->add(function () use ($shareManager) {
$l = \OC::$server->getL10N('files_sharing');
+ /** @var IUserSession $userSession */
+ $userSession = \OC::$server->get(IUserSession::class);
+ $user = $userSession->getUser();
+ $userId = $user ? $user->getUID() : null;
$sharingSublistArray = [];
- if (\OCP\Util::isSharingDisabledForUser() === false) {
+ if ($shareManager->sharingDisabledForUser($userId) === false) {
$sharingSublistArray[] = [
'id' => 'sharingout',
'appname' => 'files_sharing',
@@ -197,9 +203,9 @@ class Application extends App {
'name' => $l->t('Shared with you'),
];
- if (\OCP\Util::isSharingDisabledForUser() === false) {
+ if ($shareManager->sharingDisabledForUser($userId) === false) {
// Check if sharing by link is enabled
- if ($config->getAppValue('core', 'shareapi_allow_links', 'yes') === 'yes') {
+ if ($shareManager->shareApiAllowLinks()) {
$sharingSublistArray[] = [
'id' => 'sharinglinks',
'appname' => 'files_sharing',
diff --git a/apps/files_sharing/lib/Capabilities.php b/apps/files_sharing/lib/Capabilities.php
index 5a0b9d7e71d..dca32d123f4 100644
--- a/apps/files_sharing/lib/Capabilities.php
+++ b/apps/files_sharing/lib/Capabilities.php
@@ -28,6 +28,7 @@ namespace OCA\Files_Sharing;
use OCP\Capabilities\ICapability;
use OCP\Constants;
use OCP\IConfig;
+use OCP\Share\IManager;
/**
* Class Capabilities
@@ -38,9 +39,12 @@ class Capabilities implements ICapability {
/** @var IConfig */
private $config;
+ /** @var IManager */
+ private $shareManager;
- public function __construct(IConfig $config) {
+ public function __construct(IConfig $config, IManager $shareManager) {
$this->config = $config;
+ $this->shareManager = $shareManager;
}
/**
@@ -51,7 +55,7 @@ class Capabilities implements ICapability {
public function getCapabilities() {
$res = [];
- if ($this->config->getAppValue('core', 'shareapi_enabled', 'yes') !== 'yes') {
+ if (!$this->shareManager->shareApiEnabled()) {
$res['api_enabled'] = false;
$res['public'] = ['enabled' => false];
$res['user'] = ['send_mail' => false];
@@ -60,10 +64,10 @@ class Capabilities implements ICapability {
$res['api_enabled'] = true;
$public = [];
- $public['enabled'] = $this->config->getAppValue('core', 'shareapi_allow_links', 'yes') === 'yes';
+ $public['enabled'] = $this->shareManager->shareApiAllowLinks();
if ($public['enabled']) {
$public['password'] = [];
- $public['password']['enforced'] = ($this->config->getAppValue('core', 'shareapi_enforce_links_password', 'no') === 'yes');
+ $public['password']['enforced'] = $this->shareManager->shareApiLinkEnforcePassword();
if ($public['password']['enforced']) {
$public['password']['askForOptionalPassword'] = false;
@@ -73,28 +77,28 @@ class Capabilities implements ICapability {
$public['expire_date'] = [];
$public['multiple_links'] = true;
- $public['expire_date']['enabled'] = $this->config->getAppValue('core', 'shareapi_default_expire_date', 'no') === 'yes';
+ $public['expire_date']['enabled'] = $this->shareManager->shareApiLinkDefaultExpireDate();
if ($public['expire_date']['enabled']) {
- $public['expire_date']['days'] = $this->config->getAppValue('core', 'shareapi_expire_after_n_days', '7');
- $public['expire_date']['enforced'] = $this->config->getAppValue('core', 'shareapi_enforce_expire_date', 'no') === 'yes';
+ $public['expire_date']['days'] = $this->shareManager->shareApiLinkDefaultExpireDays();
+ $public['expire_date']['enforced'] = $this->shareManager->shareApiLinkDefaultExpireDateEnforced();
}
$public['expire_date_internal'] = [];
- $public['expire_date_internal']['enabled'] = $this->config->getAppValue('core', 'shareapi_default_internal_expire_date', 'no') === 'yes';
+ $public['expire_date_internal']['enabled'] = $this->shareManager->shareApiInternalDefaultExpireDate();
if ($public['expire_date_internal']['enabled']) {
- $public['expire_date_internal']['days'] = $this->config->getAppValue('core', 'shareapi_internal_expire_after_n_days', '7');
- $public['expire_date_internal']['enforced'] = $this->config->getAppValue('core', 'shareapi_enforce_internal_expire_date', 'no') === 'yes';
+ $public['expire_date_internal']['days'] = $this->shareManager->shareApiInternalDefaultExpireDays();
+ $public['expire_date_internal']['enforced'] = $this->shareManager->shareApiInternalDefaultExpireDateEnforced();
}
$public['expire_date_remote'] = [];
- $public['expire_date_remote']['enabled'] = $this->config->getAppValue('core', 'shareapi_default_remote_expire_date', 'no') === 'yes';
+ $public['expire_date_remote']['enabled'] = $this->shareManager->shareApiRemoteDefaultExpireDate();
if ($public['expire_date_remote']['enabled']) {
- $public['expire_date_remote']['days'] = $this->config->getAppValue('core', 'shareapi_remote_expire_after_n_days', '7');
- $public['expire_date_remote']['enforced'] = $this->config->getAppValue('core', 'shareapi_enforce_remote_expire_date', 'no') === 'yes';
+ $public['expire_date_remote']['days'] = $this->shareManager->shareApiRemoteDefaultExpireDays();
+ $public['expire_date_remote']['enforced'] = $this->shareManager->shareApiRemoteDefaultExpireDateEnforced();
}
$public['send_mail'] = $this->config->getAppValue('core', 'shareapi_allow_public_notification', 'no') === 'yes';
- $public['upload'] = $this->config->getAppValue('core', 'shareapi_allow_public_upload', 'yes') === 'yes';
+ $public['upload'] = $this->shareManager->shareApiLinkAllowPublicUpload();
$public['upload_files_drop'] = $public['upload'];
}
$res['public'] = $public;
@@ -106,17 +110,17 @@ class Capabilities implements ICapability {
// deprecated in favour of 'group', but we need to keep it for now
// in order to stay compatible with older clients
- $res['group_sharing'] = $this->config->getAppValue('core', 'shareapi_allow_group_sharing', 'yes') === 'yes';
+ $res['group_sharing'] = $this->shareManager->allowGroupSharing();
$res['group'] = [];
- $res['group']['enabled'] = $this->config->getAppValue('core', 'shareapi_allow_group_sharing', 'yes') === 'yes';
+ $res['group']['enabled'] = $this->shareManager->allowGroupSharing();
$res['group']['expire_date']['enabled'] = true;
$res['default_permissions'] = (int)$this->config->getAppValue('core', 'shareapi_default_permissions', Constants::PERMISSION_ALL);
}
//Federated sharing
$res['federation'] = [
- 'outgoing' => $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'yes',
+ 'outgoing' => $this->shareManager->outgoingServer2ServerSharesAllowed(),
'incoming' => $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') === 'yes',
// old bogus one, expire_date was not working before, keeping for compatibility
'expire_date' => ['enabled' => true],
diff --git a/apps/files_sharing/tests/CapabilitiesTest.php b/apps/files_sharing/tests/CapabilitiesTest.php
index fbe8c832c1d..7f019603e32 100644
--- a/apps/files_sharing/tests/CapabilitiesTest.php
+++ b/apps/files_sharing/tests/CapabilitiesTest.php
@@ -27,8 +27,24 @@
namespace OCA\Files_Sharing\Tests;
+use OC\Share20\Manager;
use OCA\Files_Sharing\Capabilities;
+use OCP\EventDispatcher\IEventDispatcher;
+use OCP\Files\IRootFolder;
+use OCP\Files\Mount\IMountManager;
use OCP\IConfig;
+use OCP\IGroupManager;
+use OCP\IL10N;
+use OCP\ILogger;
+use OCP\IURLGenerator;
+use OCP\IUserManager;
+use OCP\IUserSession;
+use OCP\L10N\IFactory;
+use OCP\Mail\IMailer;
+use OCP\Security\IHasher;
+use OCP\Security\ISecureRandom;
+use OCP\Share\IProviderFactory;
+use Symfony\Component\EventDispatcher\EventDispatcherInterface;
/**
* Class CapabilitiesTest
@@ -60,7 +76,26 @@ class CapabilitiesTest extends \Test\TestCase {
private function getResults(array $map) {
$config = $this->getMockBuilder(IConfig::class)->disableOriginalConstructor()->getMock();
$config->method('getAppValue')->willReturnMap($map);
- $cap = new Capabilities($config);
+ $shareManager = new Manager(
+ $this->createMock(ILogger::class),
+ $config,
+ $this->createMock(ISecureRandom::class),
+ $this->createMock(IHasher::class),
+ $this->createMock(IMountManager::class),
+ $this->createMock(IGroupManager::class),
+ $this->createMock(IL10N::class),
+ $this->createMock(IFactory::class),
+ $this->createMock(IProviderFactory::class),
+ $this->createMock(IUserManager::class),
+ $this->createMock(IRootFolder::class),
+ $this->createMock(EventDispatcherInterface::class),
+ $this->createMock(IMailer::class),
+ $this->createMock(IURLGenerator::class),
+ $this->createMock(\OC_Defaults::class),
+ $this->createMock(IEventDispatcher::class),
+ $this->createMock(IUserSession::class)
+ );
+ $cap = new Capabilities($config, $shareManager);
$result = $this->getFilesSharingPart($cap->getCapabilities());
return $result;
}
diff --git a/apps/settings/js/admin.js b/apps/settings/js/admin.js
index 271d13b43d0..f749c9e132c 100644
--- a/apps/settings/js/admin.js
+++ b/apps/settings/js/admin.js
@@ -1,5 +1,5 @@
window.addEventListener('DOMContentLoaded', function(){
- $('#excludedGroups').each(function (index, element) {
+ $('#excludedGroups,#linksExcludedGroups').each(function (index, element) {
OC.Settings.setupGroupsSelect($(element));
$(element).change(function(ev) {
var groups = ev.val || [];
diff --git a/apps/settings/lib/Settings/Admin/Sharing.php b/apps/settings/lib/Settings/Admin/Sharing.php
index 7eb9649a1aa..8d759b4ae85 100644
--- a/apps/settings/lib/Settings/Admin/Sharing.php
+++ b/apps/settings/lib/Settings/Admin/Sharing.php
@@ -64,11 +64,15 @@ class Sharing implements ISettings {
$excludedGroups = $this->config->getAppValue('core', 'shareapi_exclude_groups_list', '');
$excludeGroupsList = !is_null(json_decode($excludedGroups))
? implode('|', json_decode($excludedGroups, true)) : '';
+ $linksExcludedGroups = $this->config->getAppValue('core', 'shareapi_allow_links_exclude_groups', '');
+ $linksExcludeGroupsList = !is_null(json_decode($linksExcludedGroups))
+ ? implode('|', json_decode($linksExcludedGroups, true)) : '';
$parameters = [
// Built-In Sharing
'allowGroupSharing' => $this->config->getAppValue('core', 'shareapi_allow_group_sharing', 'yes'),
'allowLinks' => $this->config->getAppValue('core', 'shareapi_allow_links', 'yes'),
+ 'allowLinksExcludeGroups' => $linksExcludeGroupsList,
'allowPublicUpload' => $this->config->getAppValue('core', 'shareapi_allow_public_upload', 'yes'),
'allowResharing' => $this->config->getAppValue('core', 'shareapi_allow_resharing', 'yes'),
'allowShareDialogUserEnumeration' => $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes'),
diff --git a/apps/settings/templates/settings/admin/sharing.php b/apps/settings/templates/settings/admin/sharing.php
index 4bb2ddca7d9..9b562cface6 100644
--- a/apps/settings/templates/settings/admin/sharing.php
+++ b/apps/settings/templates/settings/admin/sharing.php
@@ -138,6 +138,14 @@
<p class="<?php if ($_['shareAPIEnabled'] === 'no') {
p('hidden');
}?>">
+ <p class="indent">
+ <?php p($l->t('Exclude groups from creating link shares:'));?>
+ </p>
+ <p id="selectLinksExcludedGroups" class="indent <?php if ($_['allowLinks'] === 'no') {
+ p('hidden');
+} ?>">
+ <input name="shareapi_allow_links_exclude_groups" type="hidden" id="linksExcludedGroups" value="<?php p($_['allowLinksExcludeGroups']) ?>" style="width: 400px" class="noJSAutoUpdate"/>
+ </p>
<input type="checkbox" name="shareapi_allow_resharing" id="allowResharing" class="checkbox"
value="1" <?php if ($_['allowResharing'] === 'yes') {
print_unescaped('checked="checked"');
@@ -176,7 +184,7 @@
} ?>">
<input name="shareapi_exclude_groups_list" type="hidden" id="excludedGroups" value="<?php p($_['shareExcludedGroupsList']) ?>" style="width: 400px" class="noJSAutoUpdate"/>
<br />
- <em><?php p($l->t('These groups will still be able to receive shares, but not to initiate them.')); ?></em>
+ <em><?php p($l->t('These groups will still be able to receive shares, but not to initiate them.')); ?></em>
</p>
<p class="<?php if ($_['shareAPIEnabled'] === 'no') {
diff --git a/apps/settings/tests/Settings/Admin/SharingTest.php b/apps/settings/tests/Settings/Admin/SharingTest.php
index 041c4f1717a..2703eddcd5c 100644
--- a/apps/settings/tests/Settings/Admin/SharingTest.php
+++ b/apps/settings/tests/Settings/Admin/SharingTest.php
@@ -90,6 +90,8 @@ class SharingTest extends TestCase {
['core', 'shareapi_remote_expire_after_n_days', '7', '7'],
['core', 'shareapi_enforce_remote_expire_date', 'no', 'no'],
]);
+ $this->shareManager->method('shareWithGroupMembersOnly')
+ ->willReturn(false);
$expected = new TemplateResponse(
'settings',
@@ -121,6 +123,7 @@ class SharingTest extends TestCase {
'shareDefaultRemoteExpireDateSet' => 'no',
'shareRemoteExpireAfterNDays' => '7',
'shareRemoteEnforceExpireDate' => 'no',
+ 'allowLinksExcludeGroups' => '',
],
''
);
@@ -156,6 +159,8 @@ class SharingTest extends TestCase {
['core', 'shareapi_remote_expire_after_n_days', '7', '7'],
['core', 'shareapi_enforce_remote_expire_date', 'no', 'no'],
]);
+ $this->shareManager->method('shareWithGroupMembersOnly')
+ ->willReturn(false);
$expected = new TemplateResponse(
'settings',
@@ -187,6 +192,7 @@ class SharingTest extends TestCase {
'shareDefaultRemoteExpireDateSet' => 'no',
'shareRemoteExpireAfterNDays' => '7',
'shareRemoteEnforceExpireDate' => 'no',
+ 'allowLinksExcludeGroups' => '',
],
''
);
diff --git a/lib/private/Server.php b/lib/private/Server.php
index f7eaf9f3591..9047a7c454d 100644
--- a/lib/private/Server.php
+++ b/lib/private/Server.php
@@ -1234,7 +1234,8 @@ class Server extends ServerContainer implements IServerContainer {
$c->get(IMailer::class),
$c->get(IURLGenerator::class),
$c->get('ThemingDefaults'),
- $c->get(IEventDispatcher::class)
+ $c->get(IEventDispatcher::class),
+ $c->get(IUserSession::class)
);
return $manager;
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php
index 983653b7661..5cb51dd0ad5 100644
--- a/lib/private/Share20/Manager.php
+++ b/lib/private/Share20/Manager.php
@@ -57,6 +57,7 @@ use OCP\ILogger;
use OCP\IURLGenerator;
use OCP\IUser;
use OCP\IUserManager;
+use OCP\IUserSession;
use OCP\L10N\IFactory;
use OCP\Mail\IMailer;
use OCP\Security\Events\ValidatePasswordPolicyEvent;
@@ -104,8 +105,6 @@ class Manager implements IManager {
private $sharingDisabledForUsersCache;
/** @var EventDispatcherInterface */
private $legacyDispatcher;
- /** @var LegacyHooks */
- private $legacyHooks;
/** @var IMailer */
private $mailer;
/** @var IURLGenerator */
@@ -114,44 +113,26 @@ class Manager implements IManager {
private $defaults;
/** @var IEventDispatcher */
private $dispatcher;
+ private $userSession;
-
- /**
- * Manager constructor.
- *
- * @param ILogger $logger
- * @param IConfig $config
- * @param ISecureRandom $secureRandom
- * @param IHasher $hasher
- * @param IMountManager $mountManager
- * @param IGroupManager $groupManager
- * @param IL10N $l
- * @param IFactory $l10nFactory
- * @param IProviderFactory $factory
- * @param IUserManager $userManager
- * @param IRootFolder $rootFolder
- * @param EventDispatcherInterface $eventDispatcher
- * @param IMailer $mailer
- * @param IURLGenerator $urlGenerator
- * @param \OC_Defaults $defaults
- */
public function __construct(
- ILogger $logger,
- IConfig $config,
- ISecureRandom $secureRandom,
- IHasher $hasher,
- IMountManager $mountManager,
- IGroupManager $groupManager,
- IL10N $l,
- IFactory $l10nFactory,
- IProviderFactory $factory,
- IUserManager $userManager,
- IRootFolder $rootFolder,
- EventDispatcherInterface $legacyDispatcher,
- IMailer $mailer,
- IURLGenerator $urlGenerator,
- \OC_Defaults $defaults,
- IEventDispatcher $dispatcher
+ ILogger $logger,
+ IConfig $config,
+ ISecureRandom $secureRandom,
+ IHasher $hasher,
+ IMountManager $mountManager,
+ IGroupManager $groupManager,
+ IL10N $l,
+ IFactory $l10nFactory,
+ IProviderFactory $factory,
+ IUserManager $userManager,
+ IRootFolder $rootFolder,
+ EventDispatcherInterface $legacyDispatcher,
+ IMailer $mailer,
+ IURLGenerator $urlGenerator,
+ \OC_Defaults $defaults,
+ IEventDispatcher $dispatcher,
+ IUserSession $userSession
) {
$this->logger = $logger;
$this->config = $config;
@@ -166,11 +147,11 @@ class Manager implements IManager {
$this->rootFolder = $rootFolder;
$this->legacyDispatcher = $legacyDispatcher;
$this->sharingDisabledForUsersCache = new CappedMemoryCache();
- $this->legacyHooks = new LegacyHooks($this->legacyDispatcher);
$this->mailer = $mailer;
$this->urlGenerator = $urlGenerator;
$this->defaults = $defaults;
$this->dispatcher = $dispatcher;
+ $this->userSession = $userSession;
}
/**
@@ -274,7 +255,7 @@ class Manager implements IManager {
// And it should be a file or a folder
if (!($share->getNode() instanceof \OCP\Files\File) &&
- !($share->getNode() instanceof \OCP\Files\Folder)) {
+ !($share->getNode() instanceof \OCP\Files\Folder)) {
throw new \InvalidArgumentException('Path should be either a file or a folder');
}
@@ -422,13 +403,13 @@ class Manager implements IManager {
}
if ($fullId === null && $expirationDate === null && $defaultExpireDate) {
$expirationDate = new \DateTime();
- $expirationDate->setTime(0,0,0);
+ $expirationDate->setTime(0, 0, 0);
$days = (int)$this->config->getAppValue('core', $configProp, (string)$defaultExpireDays);
if ($days > $defaultExpireDays) {
$days = $defaultExpireDays;
}
- $expirationDate->add(new \DateInterval('P'.$days.'D'));
+ $expirationDate->add(new \DateInterval('P' . $days . 'D'));
}
// If we enforce the expiration date check that is does not exceed
@@ -498,13 +479,13 @@ class Manager implements IManager {
if ($fullId === null && $expirationDate === null && $this->shareApiLinkDefaultExpireDate()) {
$expirationDate = new \DateTime();
- $expirationDate->setTime(0,0,0);
+ $expirationDate->setTime(0, 0, 0);
$days = (int)$this->config->getAppValue('core', 'link_defaultExpDays', $this->shareApiLinkDefaultExpireDays());
if ($days > $this->shareApiLinkDefaultExpireDays()) {
$days = $this->shareApiLinkDefaultExpireDays();
}
- $expirationDate->add(new \DateInterval('P'.$days.'D'));
+ $expirationDate->add(new \DateInterval('P' . $days . 'D'));
}
// If we enforce the expiration date check that is does not exceed
@@ -553,8 +534,8 @@ class Manager implements IManager {
$sharedWith = $this->userManager->get($share->getSharedWith());
// Verify we can share with this user
$groups = array_intersect(
- $this->groupManager->getUserGroupIds($sharedBy),
- $this->groupManager->getUserGroupIds($sharedWith)
+ $this->groupManager->getUserGroupIds($sharedBy),
+ $this->groupManager->getUserGroupIds($sharedWith)
);
if (empty($groups)) {
$message_t = $this->l->t('Sharing is only allowed with group members');
@@ -919,7 +900,7 @@ class Manager implements IManager {
'%1$s via %2$s',
[
$initiatorDisplayName,
- $instanceName
+ $instanceName,
]
);
$message->setFrom([\OCP\Util::getDefaultEmailAddress($instanceName) => $senderName]);
@@ -1102,7 +1083,7 @@ class Manager implements IManager {
* @since 9.0.0
*/
public function acceptShare(IShare $share, string $recipientId): IShare {
- [$providerId, ] = $this->splitFullId($share->getFullId());
+ [$providerId,] = $this->splitFullId($share->getFullId());
$provider = $this->factory->getProvider($providerId);
if (!method_exists($provider, 'acceptShare')) {
@@ -1127,10 +1108,10 @@ class Manager implements IManager {
*/
private function updateSharePasswordIfNeeded(IShare $share, IShare $originalShare) {
$passwordsAreDifferent = ($share->getPassword() !== $originalShare->getPassword()) &&
- (($share->getPassword() !== null && $originalShare->getPassword() === null) ||
- ($share->getPassword() === null && $originalShare->getPassword() !== null) ||
- ($share->getPassword() !== null && $originalShare->getPassword() !== null &&
- !$this->hasher->verify($share->getPassword(), $originalShare->getPassword())));
+ (($share->getPassword() !== null && $originalShare->getPassword() === null) ||
+ ($share->getPassword() === null && $originalShare->getPassword() !== null) ||
+ ($share->getPassword() !== null && $originalShare->getPassword() !== null &&
+ !$this->hasher->verify($share->getPassword(), $originalShare->getPassword())));
// Password updated.
if ($passwordsAreDifferent) {
@@ -1225,7 +1206,7 @@ class Manager implements IManager {
* @param string $recipientId
*/
public function deleteFromSelf(IShare $share, $recipientId) {
- [$providerId, ] = $this->splitFullId($share->getFullId());
+ [$providerId,] = $this->splitFullId($share->getFullId());
$provider = $this->factory->getProvider($providerId);
$provider->deleteFromSelf($share, $recipientId);
@@ -1234,7 +1215,7 @@ class Manager implements IManager {
}
public function restoreShare(IShare $share, string $recipientId): IShare {
- [$providerId, ] = $this->splitFullId($share->getFullId());
+ [$providerId,] = $this->splitFullId($share->getFullId());
$provider = $this->factory->getProvider($providerId);
return $provider->restore($share, $recipientId);
@@ -1264,7 +1245,7 @@ class Manager implements IManager {
}
}
- [$providerId, ] = $this->splitFullId($share->getFullId());
+ [$providerId,] = $this->splitFullId($share->getFullId());
$provider = $this->factory->getProvider($providerId);
return $provider->move($share, $recipientId);
@@ -1291,8 +1272,8 @@ class Manager implements IManager {
*/
public function getSharesBy($userId, $shareType, $path = null, $reshares = false, $limit = 50, $offset = 0) {
if ($path !== null &&
- !($path instanceof \OCP\Files\File) &&
- !($path instanceof \OCP\Files\Folder)) {
+ !($path instanceof \OCP\Files\File) &&
+ !($path instanceof \OCP\Files\Folder)) {
throw new \InvalidArgumentException('invalid path');
}
@@ -1533,8 +1514,8 @@ class Manager implements IManager {
*/
public function checkPassword(IShare $share, $password) {
$passwordProtected = $share->getShareType() !== IShare::TYPE_LINK
- || $share->getShareType() !== IShare::TYPE_EMAIL
- || $share->getShareType() !== IShare::TYPE_CIRCLE;
+ || $share->getShareType() !== IShare::TYPE_EMAIL
+ || $share->getShareType() !== IShare::TYPE_CIRCLE;
if (!$passwordProtected) {
//TODO maybe exception?
return false;
@@ -1756,7 +1737,20 @@ class Manager implements IManager {
* @return bool
*/
public function shareApiAllowLinks() {
- return $this->config->getAppValue('core', 'shareapi_allow_links', 'yes') === 'yes';
+ if ($this->config->getAppValue('core', 'shareapi_allow_links', 'yes') !== 'yes') {
+ return false;
+ }
+
+ $user = $this->userSession->getUser();
+ if ($user) {
+ $excludedGroups = json_decode($this->config->getAppValue('core', 'shareapi_allow_links_exclude_groups', '[]'));
+ if ($excludedGroups) {
+ $userGroups = $this->groupManager->getUserGroupIds($user);
+ return !(bool)array_intersect($excludedGroups, $userGroups);
+ }
+ }
+
+ return true;
}
/**
@@ -1780,6 +1774,7 @@ class Manager implements IManager {
/**
* Is default link expire date enforced
*`
+ *
* @return bool
*/
public function shareApiLinkDefaultExpireDateEnforced() {
@@ -1790,6 +1785,7 @@ class Manager implements IManager {
/**
* Number of default link expire days
+ *
* @return int
*/
public function shareApiLinkDefaultExpireDays() {
@@ -1836,6 +1832,7 @@ class Manager implements IManager {
/**
* Number of default expire days
+ *
* @return int
*/
public function shareApiInternalDefaultExpireDays(): int {
@@ -1844,6 +1841,7 @@ class Manager implements IManager {
/**
* Number of default expire days for remote shares
+ *
* @return int
*/
public function shareApiRemoteDefaultExpireDays(): int {
@@ -1861,6 +1859,7 @@ class Manager implements IManager {
/**
* check if user can only share with group members
+ *
* @return bool
*/
public function shareWithGroupMembersOnly() {
@@ -1869,6 +1868,7 @@ class Manager implements IManager {
/**
* Check if users can share with groups
+ *
* @return bool
*/
public function allowGroupSharing() {
diff --git a/lib/private/legacy/OC_Util.php b/lib/private/legacy/OC_Util.php
index 63eaf303759..c9e19221f95 100644
--- a/lib/private/legacy/OC_Util.php
+++ b/lib/private/legacy/OC_Util.php
@@ -72,6 +72,7 @@ use OCP\IGroupManager;
use OCP\ILogger;
use OCP\IUser;
use OCP\IUserSession;
+use OCP\Share\IManager;
use Psr\Log\LoggerInterface;
class OC_Util {
@@ -336,8 +337,9 @@ class OC_Util {
* @suppress PhanDeprecatedFunction
*/
public static function isPublicLinkPasswordRequired() {
- $enforcePassword = \OC::$server->getConfig()->getAppValue('core', 'shareapi_enforce_links_password', 'no');
- return $enforcePassword === 'yes';
+ /** @var IManager $shareManager */
+ $shareManager = \OC::$server->get(IManager::class);
+ return $shareManager->shareApiLinkEnforcePassword();
}
/**
@@ -348,25 +350,10 @@ class OC_Util {
* @return bool
*/
public static function isSharingDisabledForUser(IConfig $config, IGroupManager $groupManager, $user) {
- if ($config->getAppValue('core', 'shareapi_exclude_groups', 'no') === 'yes') {
- $groupsList = $config->getAppValue('core', 'shareapi_exclude_groups_list', '');
- $excludedGroups = json_decode($groupsList);
- if (is_null($excludedGroups)) {
- $excludedGroups = explode(',', $groupsList);
- $newValue = json_encode($excludedGroups);
- $config->setAppValue('core', 'shareapi_exclude_groups_list', $newValue);
- }
- $usersGroups = $groupManager->getUserGroupIds($user);
- if (!empty($usersGroups)) {
- $remainingGroups = array_diff($usersGroups, $excludedGroups);
- // if the user is only in groups which are disabled for sharing then
- // sharing is also disabled for the user
- if (empty($remainingGroups)) {
- return true;
- }
- }
- }
- return false;
+ /** @var IManager $shareManager */
+ $shareManager = \OC::$server->get(IManager::class);
+ $userId = $user ? $user->getUID() : null;
+ return $shareManager->sharingDisabledForUser($userId);
}
/**
@@ -376,14 +363,9 @@ class OC_Util {
* @suppress PhanDeprecatedFunction
*/
public static function isDefaultExpireDateEnforced() {
- $isDefaultExpireDateEnabled = \OC::$server->getConfig()->getAppValue('core', 'shareapi_default_expire_date', 'no');
- $enforceDefaultExpireDate = false;
- if ($isDefaultExpireDateEnabled === 'yes') {
- $value = \OC::$server->getConfig()->getAppValue('core', 'shareapi_enforce_expire_date', 'no');
- $enforceDefaultExpireDate = $value === 'yes';
- }
-
- return $enforceDefaultExpireDate;
+ /** @var IManager $shareManager */
+ $shareManager = \OC::$server->get(IManager::class);
+ return $shareManager->shareApiLinkDefaultExpireDateEnforced();
}
/**
diff --git a/lib/public/Share/IManager.php b/lib/public/Share/IManager.php
index 606e6429918..66b4de9c4e5 100644
--- a/lib/public/Share/IManager.php
+++ b/lib/public/Share/IManager.php
@@ -347,6 +347,54 @@ interface IManager {
public function shareApiLinkDefaultExpireDays();
/**
+ * Is default internal expire date enabled
+ *
+ * @return bool
+ * @since 22.0.0
+ */
+ public function shareApiInternalDefaultExpireDate(): bool;
+
+ /**
+ * Is default remote expire date enabled
+ *
+ * @return bool
+ * @since 22.0.0
+ */
+ public function shareApiRemoteDefaultExpireDate(): bool;
+
+ /**
+ * Is default expire date enforced
+ *
+ * @return bool
+ * @since 22.0.0
+ */
+ public function shareApiInternalDefaultExpireDateEnforced(): bool;
+
+ /**
+ * Is default expire date enforced for remote shares
+ *
+ * @return bool
+ * @since 22.0.0
+ */
+ public function shareApiRemoteDefaultExpireDateEnforced(): bool;
+
+ /**
+ * Number of default expire days
+ *
+ * @return int
+ * @since 22.0.0
+ */
+ public function shareApiInternalDefaultExpireDays(): int;
+
+ /**
+ * Number of default expire days for remote shares
+ *
+ * @return int
+ * @since 22.0.0
+ */
+ public function shareApiRemoteDefaultExpireDays(): int;
+
+ /**
* Allow public upload on link shares
*
* @return bool
diff --git a/tests/lib/Share20/ManagerTest.php b/tests/lib/Share20/ManagerTest.php
index d5094341eeb..117adc95186 100644
--- a/tests/lib/Share20/ManagerTest.php
+++ b/tests/lib/Share20/ManagerTest.php
@@ -45,6 +45,7 @@ use OCP\IServerContainer;
use OCP\IURLGenerator;
use OCP\IUser;
use OCP\IUserManager;
+use OCP\IUserSession;
use OCP\L10N\IFactory;
use OCP\Mail\IMailer;
use OCP\Security\Events\ValidatePasswordPolicyEvent;
@@ -104,6 +105,7 @@ class ManagerTest extends \Test\TestCase {
protected $urlGenerator;
/** @var \OC_Defaults|MockObject */
protected $defaults;
+ protected $userSession;
protected function setUp(): void {
$this->logger = $this->createMock(ILogger::class);
@@ -119,6 +121,7 @@ class ManagerTest extends \Test\TestCase {
$this->urlGenerator = $this->createMock(IURLGenerator::class);
$this->defaults = $this->createMock(\OC_Defaults::class);
$this->dispatcher = $this->createMock(IEventDispatcher::class);
+ $this->userSession = $this->createMock(IUserSession::class);
$this->l10nFactory = $this->createMock(IFactory::class);
$this->l = $this->createMock(IL10N::class);
@@ -149,7 +152,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
- $this->dispatcher
+ $this->dispatcher,
+ $this->userSession
);
$this->defaultProvider = $this->createMock(DefaultShareProvider::class);
@@ -178,7 +182,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
- $this->dispatcher
+ $this->dispatcher,
+ $this->userSession
]);
}
@@ -2690,7 +2695,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
- $this->dispatcher
+ $this->dispatcher,
+ $this->userSession
);
$share = $this->createMock(IShare::class);
@@ -2734,7 +2740,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
- $this->dispatcher
+ $this->dispatcher,
+ $this->userSession
);
$share = $this->createMock(IShare::class);
@@ -2785,7 +2792,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
- $this->dispatcher
+ $this->dispatcher,
+ $this->userSession
);
$share = $this->createMock(IShare::class);
@@ -4123,7 +4131,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
- $this->dispatcher
+ $this->dispatcher,
+ $this->userSession
);
$this->assertSame($expected,
$manager->shareProviderExists($shareType)
@@ -4156,7 +4165,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
- $this->dispatcher
+ $this->dispatcher,
+ $this->userSession
);
$factory->setProvider($this->defaultProvider);
@@ -4220,7 +4230,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
- $this->dispatcher
+ $this->dispatcher,
+ $this->userSession
);
$factory->setProvider($this->defaultProvider);
@@ -4336,7 +4347,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
- $this->dispatcher
+ $this->dispatcher,
+ $this->userSession
);
$factory->setProvider($this->defaultProvider);
@@ -4461,7 +4473,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
- $this->dispatcher
+ $this->dispatcher,
+ $this->userSession
);
$factory->setProvider($this->defaultProvider);
diff --git a/tests/lib/UtilTest.php b/tests/lib/UtilTest.php
index 6e25ce16e75..e21a5323b1b 100644
--- a/tests/lib/UtilTest.php
+++ b/tests/lib/UtilTest.php
@@ -10,8 +10,6 @@ namespace Test;
use OC_Util;
use OCP\App\IAppManager;
-use OCP\IConfig;
-use OCP\IUser;
/**
* Class UtilTest
@@ -172,53 +170,6 @@ class UtilTest extends \Test\TestCase {
}
/**
- * @dataProvider dataProviderForTestIsSharingDisabledForUser
- * @param array $groups existing groups
- * @param array $membership groups the user belong to
- * @param array $excludedGroups groups which should be excluded from sharing
- * @param bool $expected expected result
- */
- public function testIsSharingDisabledForUser($groups, $membership, $excludedGroups, $expected) {
- $config = $this->getMockBuilder(IConfig::class)->disableOriginalConstructor()->getMock();
- $groupManager = $this->getMockBuilder('OCP\IGroupManager')->disableOriginalConstructor()->getMock();
- $user = $this->getMockBuilder(IUser::class)->disableOriginalConstructor()->getMock();
-
- $config
- ->expects($this->at(0))
- ->method('getAppValue')
- ->with('core', 'shareapi_exclude_groups', 'no')
- ->willReturn('yes');
- $config
- ->expects($this->at(1))
- ->method('getAppValue')
- ->with('core', 'shareapi_exclude_groups_list')
- ->willReturn(json_encode($excludedGroups));
-
- $groupManager
- ->expects($this->at(0))
- ->method('getUserGroupIds')
- ->with($user)
- ->willReturn($membership);
-
- $result = \OC_Util::isSharingDisabledForUser($config, $groupManager, $user);
-
- $this->assertSame($expected, $result);
- }
-
- public function dataProviderForTestIsSharingDisabledForUser() {
- return [
- // existing groups, groups the user belong to, groups excluded from sharing, expected result
- [['g1', 'g2', 'g3'], [], ['g1'], false],
- [['g1', 'g2', 'g3'], [], [], false],
- [['g1', 'g2', 'g3'], ['g2'], ['g1'], false],
- [['g1', 'g2', 'g3'], ['g2'], [], false],
- [['g1', 'g2', 'g3'], ['g1', 'g2'], ['g1'], false],
- [['g1', 'g2', 'g3'], ['g1', 'g2'], ['g1', 'g2'], true],
- [['g1', 'g2', 'g3'], ['g1', 'g2'], ['g1', 'g2', 'g3'], true],
- ];
- }
-
- /**
* Test default apps
*
* @dataProvider defaultAppsProvider