aboutsummaryrefslogtreecommitdiffstats
path: root/apps/federatedfilesharing
diff options
context:
space:
mode:
authorBjoern Schiessle <bjoern@schiessle.org>2016-07-12 14:03:29 +0200
committerBjoern Schiessle <bjoern@schiessle.org>2016-07-14 16:39:48 +0200
commit33a685bc41628e1236015bd79cc8f82b9cb6cabf (patch)
treebe3b1a6cd391db7f48e1111b4b96960e9ce53c3a /apps/federatedfilesharing
parent1394b0afb9b1d3d7c8952faea85873e731ccb801 (diff)
downloadnextcloud-server-33a685bc41628e1236015bd79cc8f82b9cb6cabf.tar.gz
nextcloud-server-33a685bc41628e1236015bd79cc8f82b9cb6cabf.zip
continue to accept the URL of the remote server instead of the federated cloud id
Diffstat (limited to 'apps/federatedfilesharing')
-rw-r--r--apps/federatedfilesharing/lib/Controller/SaveToOwnCloudController.php40
-rw-r--r--apps/federatedfilesharing/tests/Controller/SaveToOwnCloudControllerTest.php16
2 files changed, 44 insertions, 12 deletions
diff --git a/apps/federatedfilesharing/lib/Controller/SaveToOwnCloudController.php b/apps/federatedfilesharing/lib/Controller/SaveToOwnCloudController.php
index a20806e6abb..2318d21afb5 100644
--- a/apps/federatedfilesharing/lib/Controller/SaveToOwnCloudController.php
+++ b/apps/federatedfilesharing/lib/Controller/SaveToOwnCloudController.php
@@ -29,6 +29,7 @@ use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\JSONResponse;
use OCP\IRequest;
+use OCP\ISession;
use OCP\Share\IManager;
class SaveToOwnCloudController extends Controller {
@@ -42,16 +43,32 @@ class SaveToOwnCloudController extends Controller {
/** @var IManager */
private $shareManager;
+ /** @var ISession */
+ private $session;
+
+ /**
+ * SaveToOwnCloudController constructor.
+ *
+ * @param string $appName
+ * @param IRequest $request
+ * @param FederatedShareProvider $federatedShareProvider
+ * @param IManager $shareManager
+ * @param AddressHandler $addressHandler
+ * @param ISession $session
+ */
public function __construct($appName,
- IRequest $request,
- FederatedShareProvider $federatedShareProvider,
- IManager $shareManager,
- AddressHandler $addressHandler) {
+ IRequest $request,
+ FederatedShareProvider $federatedShareProvider,
+ IManager $shareManager,
+ AddressHandler $addressHandler,
+ ISession $session
+ ) {
parent::__construct($appName, $request);
$this->federatedShareProvider = $federatedShareProvider;
$this->shareManager = $shareManager;
$this->addressHandler = $addressHandler;
+ $this->session = $session;
}
/**
@@ -63,9 +80,10 @@ class SaveToOwnCloudController extends Controller {
*
* @param string $shareWith
* @param string $token
+ * @param string $password
* @return JSONResponse
*/
- public function saveToOwnCloud($shareWith, $token) {
+ public function saveToOwnCloud($shareWith, $token, $password = '') {
try {
list(, $server) = $this->addressHandler->splitUserRemote($shareWith);
@@ -74,6 +92,14 @@ class SaveToOwnCloudController extends Controller {
return new JSONResponse(['message' => $e->getHint()], Http::STATUS_BAD_REQUEST);
}
+ // make sure that user is authenticated in case of a password protected link
+ $storedPassword = $share->getPassword();
+ $authenticated = $this->session->get('public_link_authenticated') === $share->getId() ||
+ $this->shareManager->checkPassword($share, $password);
+ if (!empty($storedPassword) && !$authenticated ) {
+ return new JSONResponse(['message' => 'No permission to access the share'], Http::STATUS_BAD_REQUEST);
+ }
+
$share->setSharedWith($shareWith);
try {
@@ -81,8 +107,8 @@ class SaveToOwnCloudController extends Controller {
} catch (\Exception $e) {
return new JSONResponse(['message' => $e->getMessage()], Http::STATUS_BAD_REQUEST);
}
-
+
return new JSONResponse(['remoteUrl' => $server]);
}
-
+
}
diff --git a/apps/federatedfilesharing/tests/Controller/SaveToOwnCloudControllerTest.php b/apps/federatedfilesharing/tests/Controller/SaveToOwnCloudControllerTest.php
index 24bc18d5644..9189ac76601 100644
--- a/apps/federatedfilesharing/tests/Controller/SaveToOwnCloudControllerTest.php
+++ b/apps/federatedfilesharing/tests/Controller/SaveToOwnCloudControllerTest.php
@@ -28,6 +28,7 @@ use OCA\FederatedFileSharing\Controller\SaveToOwnCloudController;
use OCA\FederatedFileSharing\FederatedShareProvider;
use OCP\AppFramework\Http;
use OCP\Files\IRootFolder;
+use OCP\ISession;
use OCP\IUserManager;
use OCP\Share;
use OCP\Share\IManager;
@@ -56,6 +57,9 @@ class SaveToOwnCloudControllerTest extends \Test\TestCase {
/** @var IUserManager | \PHPUnit_Framework_MockObject_MockObject */
private $userManager;
+ /** @var ISession | \PHPUnit_Framework_MockObject_MockObject */
+ private $session;
+
/** @var IShare */
private $share;
@@ -71,12 +75,14 @@ class SaveToOwnCloudControllerTest extends \Test\TestCase {
$this->rootFolder = $this->getMock('OCP\Files\IRootFolder');
$this->userManager = $this->getMock('OCP\IUserManager');
$this->share = new \OC\Share20\Share($this->rootFolder, $this->userManager);
+ $this->session = $this->getMock('OCP\ISession');
$this->controller = new SaveToOwnCloudController(
'federatedfilesharing', $this->request,
$this->federatedShareProvider,
$this->shareManager,
- $this->addressHandler
+ $this->addressHandler,
+ $this->session
);
}
@@ -101,9 +107,9 @@ class SaveToOwnCloudControllerTest extends \Test\TestCase {
throw new HintException($expectedReturnData, $expectedReturnData);
}
);
-
+
$share = $this->share;
-
+
$this->shareManager->expects($this->any())->method('getShareByToken')
->with($token)
->willReturnCallback(
@@ -114,7 +120,7 @@ class SaveToOwnCloudControllerTest extends \Test\TestCase {
throw new HintException($expectedReturnData, $expectedReturnData);
}
);
-
+
$this->federatedShareProvider->expects($this->any())->method('create')
->with($share)
->willReturnCallback(
@@ -141,7 +147,7 @@ class SaveToOwnCloudControllerTest extends \Test\TestCase {
$this->assertSame($expectedReturnData, $result->getData()['remoteUrl']);
}
-
+
}
public function dataTestSaveToOwnCloud() {