Next step in server-to-server sharing next generation, see #12285

Beside some small improvements and bug fixes this will probably the final state for OC8.

To test this you need to set up two ownCloud instances. Let's say:

URL: myPC/firstOwnCloud user: user1
URL: myPC/secondOwnCloud user: user2
Now user1 can share a file with user2 by entering the username and the URL to the second ownCloud to the share-drop-down, in this case "user2@myPC/secondOwnCloud".

The next time user2 login he will get a notification that he received a server-to-server share with the option to accept/decline it. If he accept it the share will be mounted. In both cases a event will be send back to user1 and add a notification to the activity stream that the share was accepted/declined.

If user1 decides to unshare the file again from user2 the share will automatically be removed from the second ownCloud server and user2 will see a notification in his activity stream that user1@myPC/firstOwnCloud has unshared the file/folder from him.

3 files changed, 99 insertions, 21 deletions

diff --git a/apps/files_encryption/lib/hooks.php b/apps/files_encryption/lib/hooks.php
index bddfb7b2544..7ddde0a3112 100644
--- a/apps/files_encryption/lib/hooks.php
+++ b/apps/files_encryption/lib/hooks.php
@@ -25,8 +25,6 @@
 

 namespace OCA\Files_Encryption;

 

-use OC\Files\Filesystem;

-

 /**

  * Class for hook specific logic

  */

@@ -364,15 +362,16 @@ class Hooks {
 		if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') {

 

 			$view = new \OC\Files\View('/');

-			$userId = \OCP\User::getUser();

+			$userId = $params['uidOwner'];

+			$userView = new \OC\Files\View('/' . $userId . '/files');

 			$util = new Util($view, $userId);

-			$path = \OC\Files\Filesystem::getPath($params['fileSource']);

+			$path = $userView->getPath($params['fileSource']);

 

 			// for group shares get a list of the group members

 			if ($params['shareType'] === \OCP\Share::SHARE_TYPE_GROUP) {

 				$userIds = \OC_Group::usersInGroup($params['shareWith']);

 			} else {

-				if ($params['shareType'] === \OCP\Share::SHARE_TYPE_LINK) {

+				if ($params['shareType'] === \OCP\Share::SHARE_TYPE_LINK || $params['shareType'] === \OCP\Share::SHARE_TYPE_REMOTE) {

 					$userIds = array($util->getPublicShareKeyId());

 				} else {

 					$userIds = array($params['shareWith']);

@@ -619,8 +618,8 @@ class Hooks {
 

 		// check if the user still has access to the file, otherwise delete share key

 		$sharingUsers = \OCP\Share::getUsersSharingFile($path, $user);

-		if (!in_array(\OCP\User::getUser(), $sharingUsers['users'])) {

-			Keymanager::delShareKey($view, array(\OCP\User::getUser()), $keyPath, $owner, $ownerPath);

+		if (!in_array($user, $sharingUsers['users'])) {

+			Keymanager::delShareKey($view, array($user), $keyPath, $owner, $ownerPath);

 		}

 	}

 

diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index ad6948b95a6..4aaf7aa2571 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -1207,13 +1207,7 @@ class Util {
 
 		// handle public access
 		if ($this->isPublic) {
-			$filename = $path;
-			$fileOwnerUid = $this->userId;
-
-			return array(
-				$fileOwnerUid,
-				$filename
-			);
+			return array($this->userId, $path);
 		} else {
 
 			// Check that UID is valid
diff --git a/apps/files_encryption/tests/share.php b/apps/files_encryption/tests/share.php
index 9c53c73aafa..d29e6a191c8 100755
--- a/apps/files_encryption/tests/share.php
+++ b/apps/files_encryption/tests/share.php
@@ -115,6 +115,91 @@ class Share extends TestCase {
 		parent::tearDownAfterClass();
 	}
 
+	/**
+	 * @medium
+	 */
+	function testDeclineServer2ServerShare() {
+
+		$config = $this->getMockBuilder('\OCP\IConfig')
+				->disableOriginalConstructor()->getMock();
+		$certificateManager = $this->getMock('\OCP\ICertificateManager');
+		$httpHelperMock = $this->getMockBuilder('\OC\HTTPHelper')
+				->setConstructorArgs(array($config, $certificateManager))
+				->getMock();
+		$httpHelperMock->expects($this->once())->method('post')->with($this->anything())->will($this->returnValue(true));
+
+		self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1);
+
+		// save file with content
+		$cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/'  . $this->filename, $this->dataShort);
+
+		// test that data was successfully written
+		$this->assertTrue(is_int($cryptedFile));
+
+		// get the file info from previous created file
+		$fileInfo = $this->view->getFileInfo(
+			'/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename);
+
+
+		// share the file
+		$token = \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_LINK, '', \OCP\Constants::PERMISSION_ALL);
+		$this->assertTrue(is_string($token));
+
+		$publicShareKeyId = \OC::$server->getConfig()->getAppValue('files_encryption', 'publicShareKeyId');
+
+		// check if share key for public exists
+		$this->assertTrue($this->view->file_exists(
+			'/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
+			. $this->filename . '/' . $publicShareKeyId . '.shareKey'));
+
+		// manipulate share
+		$query = \OC::$server->getDatabaseConnection()->prepare('UPDATE `*PREFIX*share` SET `share_type` = ?, `share_with` = ? WHERE `token`=?');
+		$this->assertTrue($query->execute(array(\OCP\Share::SHARE_TYPE_REMOTE, 'foo@bar', $token)));
+
+		// check if share key not exists
+		$this->assertTrue($this->view->file_exists(
+			'/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
+			. $this->filename . '/' . $publicShareKeyId . '.shareKey'));
+
+
+		$query = \OC::$server->getDatabaseConnection()->prepare('SELECT * FROM `*PREFIX*share` WHERE `token`=?');
+		$query->execute(array($token));
+
+		$share = $query->fetch();
+
+		$this->registerHttpHelper($httpHelperMock);
+		$_POST['token'] = $token;
+		$s2s = new \OCA\Files_Sharing\API\Server2Server();
+		$s2s->declineShare(array('id' => $share['id']));
+		$this->restoreHttpHelper();
+
+		$this->assertFalse($this->view->file_exists(
+			'/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
+			. $this->filename . '/' . $publicShareKeyId . '.shareKey'));
+
+	}
+
+
+	/**
+	 * Register an http helper mock for testing purposes.
+	 * @param $httpHelper http helper mock
+	 */
+	private function registerHttpHelper($httpHelper) {
+		$this->oldHttpHelper = \OC::$server->query('HTTPHelper');
+		\OC::$server->registerService('HTTPHelper', function ($c) use ($httpHelper) {
+			return $httpHelper;
+		});
+	}
+
+	/**
+	 * Restore the original http helper
+	 */
+	private function restoreHttpHelper() {
+		$oldHttpHelper = $this->oldHttpHelper;
+		\OC::$server->registerService('HTTPHelper', function ($c) use ($oldHttpHelper) {
+			return $oldHttpHelper;
+		});
+	}
 
 	/**
 	 * @medium
@@ -285,7 +370,7 @@ class Share extends TestCase {
 
 		// save file with content
 		$cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/'  . $this->folder1 . $this->subfolder . $this->subsubfolder . '/'
-										 . $this->filename, $this->dataShort);
+			. $this->filename, $this->dataShort);
 
 		// test that data was successfully written
 		$this->assertTrue(is_int($cryptedFile));
@@ -677,7 +762,7 @@ class Share extends TestCase {
 		// save file with content
 		$cryptedFile1 = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort);
 		$cryptedFile2 = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/'
-										  . $this->filename, $this->dataShort);
+			. $this->filename, $this->dataShort);
 
 		// test that data was successfully written
 		$this->assertTrue(is_int($cryptedFile1));
@@ -784,7 +869,7 @@ class Share extends TestCase {
 		// save file with content
 		$cryptedFile1 = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER2. '/files/' . $this->filename, $this->dataShort);
 		$cryptedFile2 = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/'
-										  . $this->filename, $this->dataShort);
+			. $this->filename, $this->dataShort);
 
 		// test that data was successfully written
 		$this->assertTrue(is_int($cryptedFile1));
@@ -925,8 +1010,8 @@ class Share extends TestCase {
 
 		// remove share file
 		$this->view->unlink('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
-							. $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3
-							. '.shareKey');
+			. $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3
+			. '.shareKey');
 
 		// re-enable the file proxy
 		\OC_FileProxy::$enabled = $proxyStatus;
@@ -990,7 +1075,7 @@ class Share extends TestCase {
 
 		// move the file to a subfolder
 		$this->view->rename('/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename,
-				'/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->folder1 . $this->filename);
+			'/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->folder1 . $this->filename);
 
 		// check if we can read the moved file
 		$retrievedRenamedFile = $this->view->file_get_contents(
@@ -1122,4 +1207,4 @@ class Share extends TestCase {
 		\OC\Files\Filesystem::unlink($folder);
 	}
 
-}
+}
\ No newline at end of file