diff options
author | Roeland Jago Douma <roeland@famdouma.nl> | 2016-07-18 09:21:10 +0200 |
---|---|---|
committer | Roeland Jago Douma <roeland@famdouma.nl> | 2016-07-18 10:53:49 +0200 |
commit | ff541416394d8a8d0ef4246c11c62bda4988ebc7 (patch) | |
tree | 632ba7fd0d6b2e33f78bff5d914fcbf5ee7694f3 | |
parent | 5157c5a9c4b08518dc86e5755b991183f4323c43 (diff) | |
download | nextcloud-server-ff541416394d8a8d0ef4246c11c62bda4988ebc7.tar.gz nextcloud-server-ff541416394d8a8d0ef4246c11c62bda4988ebc7.zip |
Move SetupFromToken to ShareManager
-rw-r--r-- | apps/files_sharing/ajax/shareinfo.php | 13 | ||||
-rw-r--r-- | apps/files_sharing/lib/Helper.php | 88 |
2 files changed, 31 insertions, 70 deletions
diff --git a/apps/files_sharing/ajax/shareinfo.php b/apps/files_sharing/ajax/shareinfo.php index 31b8e00f496..b9b29022cc3 100644 --- a/apps/files_sharing/ajax/shareinfo.php +++ b/apps/files_sharing/ajax/shareinfo.php @@ -53,11 +53,12 @@ if (isset($_GET['dir'])) { $data = \OCA\Files_Sharing\Helper::setupFromToken($token, $relativePath, $password); -$linkItem = $data['linkItem']; +/** @var \OCP\Share\IShare $share */ +$share = $data['share']; // Load the files $path = $data['realPath']; -$isWritable = $linkItem['permissions'] & (\OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_CREATE); +$isWritable = $share->getPermissions() & (\OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_CREATE); if (!$isWritable) { \OC\Files\Filesystem::addStorageWrapper('readonly', function ($mountPoint, $storage) { return new \OC\Files\Storage\Wrapper\PermissionsMask(array('storage' => $storage, 'mask' => \OCP\Constants::PERMISSION_READ + \OCP\Constants::PERMISSION_SHARE)); @@ -67,10 +68,6 @@ if (!$isWritable) { $rootInfo = \OC\Files\Filesystem::getFileInfo($path); $rootView = new \OC\Files\View(''); -$shareManager = \OC::$server->getShareManager(); -$share = $shareManager->getShareByToken($token); -$sharePermissions= (int)$share->getPermissions(); - if($rootInfo === false || !($share->getPermissions() & \OCP\Constants::PERMISSION_READ)) { OCP\JSON::error(array('data' => 'Share is not readable.')); exit(); @@ -98,11 +95,11 @@ function getChildInfo($dir, $view, $sharePermissions) { $result = \OCA\Files\Helper::formatFileInfo($rootInfo); $result['mtime'] = $result['mtime'] / 1000; -$result['permissions'] = (int)$result['permissions'] & $sharePermissions; +$result['permissions'] = (int)$result['permissions'] & $share->getPermissions(); if ($rootInfo->getType() === 'dir') { - $result['children'] = getChildInfo($rootInfo, $rootView, $sharePermissions); + $result['children'] = getChildInfo($rootInfo, $rootView, $share->getPermissions()); } OCP\JSON::success(array('data' => $result)); diff --git a/apps/files_sharing/lib/Helper.php b/apps/files_sharing/lib/Helper.php index 2353a281b7e..67312ae97cd 100644 --- a/apps/files_sharing/lib/Helper.php +++ b/apps/files_sharing/lib/Helper.php @@ -31,6 +31,7 @@ namespace OCA\Files_Sharing; use OC\Files\Filesystem; use OC\Files\View; use OCP\Files\NotFoundException; +use OCP\Share\Exceptions\ShareNotFound; use OCP\User; class Helper { @@ -53,29 +54,23 @@ class Helper { public static function setupFromToken($token, $relativePath = null, $password = null) { \OC_User::setIncognitoMode(true); - $linkItem = \OCP\Share::getShareByToken($token, !$password); - if($linkItem === false || ($linkItem['item_type'] !== 'file' && $linkItem['item_type'] !== 'folder')) { + $shareManager = \OC::$server->getShareManager(); + + try { + $share = $shareManager->getShareByToken($token); + } catch (ShareNotFound $e) { \OC_Response::setStatus(404); \OCP\Util::writeLog('core-preview', 'Passed token parameter is not valid', \OCP\Util::DEBUG); exit; } - if(!isset($linkItem['uid_owner']) || !isset($linkItem['file_source'])) { - \OC_Response::setStatus(500); - \OCP\Util::writeLog('core-preview', 'Passed token seems to be valid, but it does not contain all necessary information . ("' . $token . '")', \OCP\Util::WARN); - exit; - } + \OCP\JSON::checkUserExists($share->getShareOwner()); + \OC_Util::tearDownFS(); + \OC_Util::setupFS($share->getShareOwner()); - $rootLinkItem = \OCP\Share::resolveReShare($linkItem); - $path = null; - if (isset($rootLinkItem['uid_owner'])) { - \OCP\JSON::checkUserExists($rootLinkItem['uid_owner']); - \OC_Util::tearDownFS(); - \OC_Util::setupFS($rootLinkItem['uid_owner']); - } try { - $path = Filesystem::getPath($linkItem['file_source']); + $path = Filesystem::getPath($share->getNodeId()); } catch (NotFoundException $e) { \OCP\Util::writeLog('share', 'could not resolve linkItem', \OCP\Util::DEBUG); \OC_Response::setStatus(404); @@ -83,15 +78,8 @@ class Helper { exit(); } - if (!isset($linkItem['item_type'])) { - \OCP\Util::writeLog('share', 'No item type set for share id: ' . $linkItem['id'], \OCP\Util::ERROR); - \OC_Response::setStatus(404); - \OCP\JSON::error(array('success' => false)); - exit(); - } - - if (isset($linkItem['share_with']) && (int)$linkItem['share_type'] === \OCP\Share::SHARE_TYPE_LINK) { - if (!self::authenticate($linkItem, $password)) { + if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK && $share->getPassword() !== null) { + if (!self::authenticate($share, $password)) { \OC_Response::setStatus(403); \OCP\JSON::error(array('success' => false)); exit(); @@ -105,7 +93,7 @@ class Helper { } return array( - 'linkItem' => $linkItem, + 'share' => $share, 'basePath' => $basePath, 'realPath' => $path ); @@ -114,53 +102,29 @@ class Helper { /** * Authenticate link item with the given password * or with the session if no password was given. - * @param array $linkItem link item array + * @param \OCP\Share\IShare $share * @param string $password optional password * * @return boolean true if authorized, false otherwise */ - public static function authenticate($linkItem, $password = null) { + public static function authenticate($share, $password = null) { + $shareManager = \OC::$server->getShareManager(); + if ($password !== null) { - if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_LINK) { - // Check Password - $newHash = ''; - if(\OC::$server->getHasher()->verify($password, $linkItem['share_with'], $newHash)) { - // Save item id in session for future requests - \OC::$server->getSession()->set('public_link_authenticated', (string) $linkItem['id']); - - /** - * FIXME: Migrate old hashes to new hash format - * Due to the fact that there is no reasonable functionality to update the password - * of an existing share no migration is yet performed there. - * The only possibility is to update the existing share which will result in a new - * share ID and is a major hack. - * - * In the future the migration should be performed once there is a proper method - * to update the share's password. (for example `$share->updatePassword($password)` - * - * @link https://github.com/owncloud/core/issues/10671 - */ - if(!empty($newHash)) { - - } - } else { - return false; + if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) { + if ($shareManager->checkPassword($share, $password)) { + \OC::$server->getSession()->set('public_link_authenticated', (string)$share->getId()); + return true; } - } else { - \OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type'] - .' for share id '.$linkItem['id'], \OCP\Util::ERROR); - return false; } - - } - else { + } else { // not authenticated ? - if ( ! \OC::$server->getSession()->exists('public_link_authenticated') - || \OC::$server->getSession()->get('public_link_authenticated') !== (string)$linkItem['id']) { - return false; + if (\OC::$server->getSession()->exists('public_link_authenticated') + && \OC::$server->getSession()->get('public_link_authenticated') !== (string)$share->getId()) { + return true; } } - return true; + return false; } public static function getSharesFromItem($target) { |