send RESHARE_CHANGE_PERMISSION message

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>

2 files changed, 114 insertions, 45 deletions

diff --git a/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php b/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php
index 30330accddf..653c41c3ba0 100644
--- a/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php
+++ b/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php
@@ -40,6 +40,8 @@ use OCP\AppFramework\OCS\OCSForbiddenException;
 use OCP\AppFramework\OCS\OCSNotFoundException;
 use OCP\AppFramework\OCSController;
 use OCP\Constants;
+use OCP\Federation\Exceptions\AuthenticationFailedException;
+use OCP\Federation\Exceptions\BadRequestException;
 use OCP\Federation\Exceptions\ProviderCouldNotAddShareException;
 use OCP\Federation\Exceptions\ProviderDoesNotExistsException;
 use OCP\Federation\Exceptions\ShareNotFoundException;
@@ -365,11 +367,9 @@ class RequestHandlerController extends OCSController {
 
 		$token = $this->request->getParam('token');
 
-		$notification = $this->cloudFederationFactory->getCloudFederationNotification();
-		$notification->setMessage(['sharedSecret' => $token]);
-
 		try {
 			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
+			$notification = ['sharedSecret' => $token];
 			$provider->notificationReceived('RESHARE_UNDO', $id, $notification);
 			return new Http\DataResponse();
 		} catch (\Exception $e) {
@@ -402,28 +402,6 @@ class RequestHandlerController extends OCSController {
 	}
 
 	/**
-	 * get file
-	 *
-	 * @param string $user
-	 * @param int $fileSource
-	 * @return array with internal path of the file and a absolute link to it
-	 */
-	private function getFile($user, $fileSource) {
-		\OC_Util::setupFS($user);
-
-		try {
-			$file = \OC\Files\Filesystem::getPath($fileSource);
-		} catch (NotFoundException $e) {
-			$file = null;
-		}
-		$args = \OC\Files\Filesystem::is_dir($file) ? array('dir' => $file) : array('dir' => dirname($file), 'scrollto' => $file);
-		$link = \OCP\Util::linkToAbsolute('files', 'index.php', $args);
-
-		return array($file, $link);
-
-	}
-
-	/**
 	 * check if server-to-server sharing is enabled
 	 *
 	 * @param bool $incoming
@@ -454,19 +432,15 @@ class RequestHandlerController extends OCSController {
 	 */
 	public function updatePermissions($id) {
 		$token = $this->request->getParam('token', null);
-		$permissions = $this->request->getParam('permissions', null);
+		$ncPermissions = $this->request->getParam('permissions', null);
 
 		try {
-			$share = $this->federatedShareProvider->getShareById($id);
-		} catch (Share\Exceptions\ShareNotFound $e) {
-			throw new OCSBadRequestException();
-		}
-
-		$validPermission = ctype_digit($permissions);
-		$validToken = $this->verifyShare($share, $token);
-		if ($validPermission && $validToken) {
-			$this->updatePermissionsInDatabase($share, (int)$permissions);
-		} else {
+			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
+			$ocmPermissions = $this->ncPermissions2ocmPermissions((int)$ncPermissions);
+			$notification = ['sharedSecret' => $token, 'permission' => $ocmPermissions];
+			$provider->notificationReceived('RESHARE_CHANGE_PERMISSION', $id, $notification);
+		} catch (\Exception $e) {
+			$this->logger->debug($e->getMessage());
 			throw new OCSBadRequestException();
 		}
 
@@ -474,17 +448,30 @@ class RequestHandlerController extends OCSController {
 	}
 
 	/**
-	 * update permissions in database
+	 * translate Nextcloud permissions to OCM Permissions
 	 *
-	 * @param IShare $share
-	 * @param int $permissions
+	 * @param $ncPermissions
+	 * @return array
 	 */
-	protected function updatePermissionsInDatabase(IShare $share, $permissions) {
-		$query = $this->connection->getQueryBuilder();
-		$query->update('share')
-			->where($query->expr()->eq('id', $query->createNamedParameter($share->getId())))
-			->set('permissions', $query->createNamedParameter($permissions))
-			->execute();
+	protected function ncPermissions2ocmPermissions($ncPermissions) {
+
+		$ocmPermissions = [];
+
+		if ($ncPermissions & Constants::PERMISSION_SHARE) {
+			$ocmPermissions[] = 'share';
+		}
+
+		if ($ncPermissions & Constants::PERMISSION_READ) {
+			$ocmPermissions[] = 'read';
+		}
+
+		if (($ncPermissions & Constants::PERMISSION_CREATE) ||
+			($ncPermissions & Constants::PERMISSION_UPDATE)) {
+			$ocmPermissions[] = 'write';
+		}
+
+		return $ocmPermissions;
+
 	}
 
 	/**
diff --git a/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php b/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php
index cc14d35a3d0..0f28abc9451 100644
--- a/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php
+++ b/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php
@@ -21,6 +21,7 @@
 
 namespace OCA\FederatedFileSharing\OCM;
 
+use function GuzzleHttp\default_ca_bundle;
 use OC\AppFramework\Http;
 use OC\Files\Filesystem;
 use OCA\Files_Sharing\Activity\Providers\RemoteShares;
@@ -288,6 +289,8 @@ class CloudFederationProviderFiles implements ICloudFederationProvider {
 				return $this->reshareRequested($providerId, $notification);
 			case 'RESHARE_UNDO':
 				return $this->undoReshare($providerId, $notification);
+			case 'RESHARE_CHANGE_PERMISSION':
+				return $this->updateResharePermissions($providerId, $notification);
 		}
 
 
@@ -602,6 +605,85 @@ class CloudFederationProviderFiles implements ICloudFederationProvider {
 	}
 
 	/**
+	 * update permission of a re-share so that the share dialog shows the right
+	 * permission if the owner or the sender changes the permission
+	 *
+	 * @param string $id
+	 * @param array $notification
+	 * @return array
+	 * @throws AuthenticationFailedException
+	 * @throws BadRequestException
+	 * @throws ShareNotFoundException
+	 */
+	protected function updateResharePermissions($id, $notification) {
+
+		if (!isset($notification['sharedSecret'])) {
+			throw new BadRequestException(['sharedSecret']);
+		}
+		$token = $notification['sharedSecret'];
+
+		if (!isset($notification['permission'])) {
+			throw new BadRequestException(['permission']);
+		}
+		$ocmPermissions = $notification['permission'];
+
+		$share = $this->federatedShareProvider->getShareById($id);
+
+		$ncPermission = $this->ocmPermissions2ncPermissions($ocmPermissions);
+
+		$this->verifyShare($share, $token);
+		$this->updatePermissionsInDatabase($share, $ncPermission);
+
+		return [];
+	}
+
+	/**
+	 * translate OCM Permissions to Nextcloud permissions
+	 *
+	 * @param $ocmPermissions
+	 * @return int
+	 * @throws BadRequestException
+	 */
+	protected function ocmPermissions2ncPermissions($ocmPermissions) {
+		error_log("ocm permissions: " . json_encode($ocmPermissions));
+		$ncPermissions = 0;
+		foreach($ocmPermissions as $permission) {
+			switch (strtolower($permission)) {
+				case 'read':
+					$ncPermissions += Constants::PERMISSION_READ;
+					break;
+				case 'write':
+					$ncPermissions += Constants::PERMISSION_CREATE + Constants::PERMISSION_UPDATE;
+					break;
+				case 'share':
+					$ncPermissions += Constants::PERMISSION_SHARE;
+					break;
+				default:
+					throw new BadRequestException(['permission']);
+			}
+
+			error_log("new permissions: " . $ncPermissions);
+		}
+
+		return $ncPermissions;
+	}
+
+	/**
+	 * update permissions in database
+	 *
+	 * @param IShare $share
+	 * @param int $permissions
+	 */
+	protected function updatePermissionsInDatabase(IShare $share, $permissions) {
+		$query = $this->connection->getQueryBuilder();
+		$query->update('share')
+			->where($query->expr()->eq('id', $query->createNamedParameter($share->getId())))
+			->set('permissions', $query->createNamedParameter($permissions))
+			->execute();
+	}
+
+
+	/**
 	 * get file
 	 *
 	 * @param string $user