Allow admin configured mounts to use user configured global credentials

Signed-off-by: Robin Appelman <robin@icewind.nl>

3 files changed, 68 insertions, 2 deletions

diff --git a/apps/files_external/lib/AppInfo/Application.php b/apps/files_external/lib/AppInfo/Application.php
index 7a9325414d8..57ef28f2ae0 100644
--- a/apps/files_external/lib/AppInfo/Application.php
+++ b/apps/files_external/lib/AppInfo/Application.php
@@ -45,6 +45,7 @@ use OCA\Files_External\Lib\Auth\PublicKey\RSA;
 use OCA\Files_External\Lib\Auth\OAuth2\OAuth2;
 use OCA\Files_External\Lib\Auth\OAuth1\OAuth1;
 use OCA\Files_External\Lib\Auth\Password\GlobalAuth;
+use OCA\Files_External\Lib\Auth\Password\UserGlobalAuth;
 use OCA\Files_External\Lib\Auth\Password\UserProvided;
 use OCA\Files_External\Lib\Auth\Password\LoginCredentials;
 use OCA\Files_External\Lib\Auth\Password\SessionCredentials;
@@ -136,6 +137,7 @@ class Application extends App implements IBackendProvider, IAuthMechanismProvide
 			$container->query(LoginCredentials::class),
 			$container->query(UserProvided::class),
 			$container->query(GlobalAuth::class),
+			$container->query(UserGlobalAuth::class),
 
 			// AuthMechanism::SCHEME_OAUTH1 mechanisms
 			$container->query(OAuth1::class),
diff --git a/apps/files_external/lib/Lib/Auth/Password/UserGlobalAuth.php b/apps/files_external/lib/Lib/Auth/Password/UserGlobalAuth.php
new file mode 100644
index 00000000000..6326830f020
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/Password/UserGlobalAuth.php
@@ -0,0 +1,66 @@
+<?php declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019 Robin Appelman <robin@icewind.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth\Password;
+
+use OCA\Files_External\Service\BackendService;
+use OCP\IL10N;
+use OCP\IUser;
+use OCA\Files_External\Lib\Auth\AuthMechanism;
+use OCA\Files_External\Lib\StorageConfig;
+use OCP\Security\ICredentialsManager;
+use OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException;
+
+/**
+ * User provided Global Username and Password
+ */
+class UserGlobalAuth extends AuthMechanism {
+
+	private const CREDENTIALS_IDENTIFIER = 'password::global';
+
+	/** @var ICredentialsManager */
+	protected $credentialsManager;
+
+	public function __construct(IL10N $l, ICredentialsManager $credentialsManager) {
+		$this->credentialsManager = $credentialsManager;
+
+		$this
+			->setIdentifier('password::global::user')
+			->setVisibility(BackendService::VISIBILITY_ADMIN)
+			->setScheme(self::SCHEME_PASSWORD)
+			->setText($l->t('Global credentials, user entered'));
+	}
+
+	public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) {
+		if ($user === null) {
+			throw new InsufficientDataForMeaningfulAnswerException('No credentials saved');
+		}
+
+		$uid = $user->getUID();
+		$credentials = $this->credentialsManager->retrieve($uid, self::CREDENTIALS_IDENTIFIER);
+
+		if (is_array($credentials)) {
+			$storage->setBackendOption('user', $credentials['user']);
+			$storage->setBackendOption('password', $credentials['password']);
+		}
+	}
+
+}
diff --git a/apps/files_external/templates/settings.php b/apps/files_external/templates/settings.php
index 1d1fcee1d8a..f94900dccde 100644
--- a/apps/files_external/templates/settings.php
+++ b/apps/files_external/templates/settings.php
@@ -188,7 +188,6 @@
 	<?php endif; ?>
 </form>
 
-<?php if ($canCreateMounts): ?>
 <div class="followupsection">
 	<form autocomplete="false" action="#"
 		  id="global_credentials">
@@ -207,4 +206,3 @@
 		<input type="submit" value="<?php p($l->t('Save')) ?>"/>
 	</form>
 </div>
-<?php endif; ?>