summaryrefslogtreecommitdiffstats
path: root/apps/files_external
diff options
context:
space:
mode:
authorRobin McCorkell <rmccorkell@owncloud.com>2015-09-17 10:24:19 +0100
committerThomas Müller <thomas.mueller@tmit.eu>2015-09-23 12:10:02 +0200
commit38a260e963abd04b75aff8d67a8cf7b3b20a9c67 (patch)
treeeb118da0cdd9819657efa8fbf58c6c754c4cf19c /apps/files_external
parentee649d58c5f82ee209ddc1812c1a896da53de707 (diff)
downloadnextcloud-server-38a260e963abd04b75aff8d67a8cf7b3b20a9c67.tar.gz
nextcloud-server-38a260e963abd04b75aff8d67a8cf7b3b20a9c67.zip
Revert "Implement more fine-grained external storage permissions model"
This reverts commit 0b97a05e7bd631d66de1c2aee115113ada8a5f63. This reverts commit d2e3c17c0000bc0020f1ff641190452f370434de. This reverts commit cc88c5f4b84da57c425cbdb7dc8b391b1942b503.
Diffstat (limited to 'apps/files_external')
-rw-r--r--apps/files_external/controller/globalstoragescontroller.php12
-rw-r--r--apps/files_external/controller/storagescontroller.php13
-rw-r--r--apps/files_external/controller/userstoragescontroller.php12
-rw-r--r--apps/files_external/lib/auth/authmechanism.php6
-rw-r--r--apps/files_external/lib/backend/backend.php6
-rw-r--r--apps/files_external/lib/backend/local.php2
-rw-r--r--apps/files_external/lib/backend/sftp_key.php2
-rw-r--r--apps/files_external/lib/backend/smb_oc.php2
-rw-r--r--apps/files_external/lib/permissionstrait.php164
-rw-r--r--apps/files_external/lib/visibilitytrait.php136
-rw-r--r--apps/files_external/personal.php4
-rw-r--r--apps/files_external/service/backendservice.php20
-rw-r--r--apps/files_external/settings.php8
-rw-r--r--apps/files_external/templates/settings.php2
-rw-r--r--apps/files_external/tests/controller/storagescontrollertest.php16
-rw-r--r--apps/files_external/tests/controller/userstoragescontrollertest.php16
-rw-r--r--apps/files_external/tests/service/backendservicetest.php6
17 files changed, 190 insertions, 237 deletions
diff --git a/apps/files_external/controller/globalstoragescontroller.php b/apps/files_external/controller/globalstoragescontroller.php
index 7d97fdbb4f4..3686a6189b4 100644
--- a/apps/files_external/controller/globalstoragescontroller.php
+++ b/apps/files_external/controller/globalstoragescontroller.php
@@ -98,7 +98,7 @@ class GlobalStoragesController extends StoragesController {
return $newStorage;
}
- $response = $this->validate($newStorage, BackendService::PERMISSION_CREATE);
+ $response = $this->validate($newStorage);
if (!empty($response)) {
return $response;
}
@@ -154,7 +154,7 @@ class GlobalStoragesController extends StoragesController {
}
$storage->setId($id);
- $response = $this->validate($storage, BackendService::PERMISSION_MODIFY);
+ $response = $this->validate($storage);
if (!empty($response)) {
return $response;
}
@@ -180,12 +180,12 @@ class GlobalStoragesController extends StoragesController {
}
/**
- * Get the user type for this controller, used in validation
+ * Get the visibility type for this controller, used in validation
*
- * @return string BackendService::USER_* constants
+ * @return string BackendService::VISIBILITY_* constants
*/
- protected function getUserType() {
- return BackendService::USER_ADMIN;
+ protected function getVisibilityType() {
+ return BackendService::VISIBILITY_ADMIN;
}
diff --git a/apps/files_external/controller/storagescontroller.php b/apps/files_external/controller/storagescontroller.php
index 46202c8ba4a..71055fd1b9c 100644
--- a/apps/files_external/controller/storagescontroller.php
+++ b/apps/files_external/controller/storagescontroller.php
@@ -125,11 +125,10 @@ abstract class StoragesController extends Controller {
* Validate storage config
*
* @param StorageConfig $storage storage config
- * @param int $permissionCheck permission to check
*
* @return DataResponse|null returns response in case of validation error
*/
- protected function validate(StorageConfig $storage, $permissionCheck = BackendService::PERMISSION_CREATE) {
+ protected function validate(StorageConfig $storage) {
$mountPoint = $storage->getMountPoint();
if ($mountPoint === '' || $mountPoint === '/') {
return new DataResponse(
@@ -166,7 +165,7 @@ abstract class StoragesController extends Controller {
);
}
- if (!$backend->isPermitted($this->getUserType(), $permissionCheck)) {
+ if (!$backend->isVisibleFor($this->getVisibilityType())) {
// not permitted to use backend
return new DataResponse(
array(
@@ -177,7 +176,7 @@ abstract class StoragesController extends Controller {
Http::STATUS_UNPROCESSABLE_ENTITY
);
}
- if (!$authMechanism->isPermitted($this->getUserType(), $permissionCheck)) {
+ if (!$authMechanism->isVisibleFor($this->getVisibilityType())) {
// not permitted to use auth mechanism
return new DataResponse(
array(
@@ -212,11 +211,11 @@ abstract class StoragesController extends Controller {
}
/**
- * Get the user type for this controller, used in validation
+ * Get the visibility type for this controller, used in validation
*
- * @return string BackendService::USER_* constants
+ * @return string BackendService::VISIBILITY_* constants
*/
- abstract protected function getUserType();
+ abstract protected function getVisibilityType();
/**
* Check whether the given storage is available / valid.
diff --git a/apps/files_external/controller/userstoragescontroller.php b/apps/files_external/controller/userstoragescontroller.php
index 801c9ab0aae..fcbe692d79e 100644
--- a/apps/files_external/controller/userstoragescontroller.php
+++ b/apps/files_external/controller/userstoragescontroller.php
@@ -103,7 +103,7 @@ class UserStoragesController extends StoragesController {
return $newStorage;
}
- $response = $this->validate($newStorage, BackendService::PERMISSION_CREATE);
+ $response = $this->validate($newStorage);
if (!empty($response)) {
return $response;
}
@@ -151,7 +151,7 @@ class UserStoragesController extends StoragesController {
}
$storage->setId($id);
- $response = $this->validate($storage, BackendService::PERMISSION_MODIFY);
+ $response = $this->validate($storage);
if (!empty($response)) {
return $response;
}
@@ -188,12 +188,12 @@ class UserStoragesController extends StoragesController {
}
/**
- * Get the user type for this controller, used in validation
+ * Get the visibility type for this controller, used in validation
*
- * @return string BackendService::USER_* constants
+ * @return string BackendService::VISIBILITY_* constants
*/
- protected function getUserType() {
- return BackendService::USER_PERSONAL;
+ protected function getVisibilityType() {
+ return BackendService::VISIBILITY_PERSONAL;
}
}
diff --git a/apps/files_external/lib/auth/authmechanism.php b/apps/files_external/lib/auth/authmechanism.php
index ddc0c6a4dca..11d99bb330d 100644
--- a/apps/files_external/lib/auth/authmechanism.php
+++ b/apps/files_external/lib/auth/authmechanism.php
@@ -22,7 +22,7 @@
namespace OCA\Files_External\Lib\Auth;
use \OCA\Files_External\Lib\StorageConfig;
-use \OCA\Files_External\Lib\PermissionsTrait;
+use \OCA\Files_External\Lib\VisibilityTrait;
use \OCA\Files_External\Lib\IdentifierTrait;
use \OCA\Files_External\Lib\FrontendDefinitionTrait;
use \OCA\Files_External\Lib\StorageModifierTrait;
@@ -40,7 +40,7 @@ use \OCA\Files_External\Lib\StorageModifierTrait;
* scheme, which are provided from the authentication mechanism.
*
* This class uses the following traits:
- * - PermissionsTrait
+ * - VisibilityTrait
* Restrict usage to admin-only/none
* - FrontendDefinitionTrait
* Specify configuration parameters and other definitions
@@ -58,7 +58,7 @@ class AuthMechanism implements \JsonSerializable {
const SCHEME_PUBLICKEY = 'publickey';
const SCHEME_OPENSTACK = 'openstack';
- use PermissionsTrait;
+ use VisibilityTrait;
use FrontendDefinitionTrait;
use StorageModifierTrait;
use IdentifierTrait;
diff --git a/apps/files_external/lib/backend/backend.php b/apps/files_external/lib/backend/backend.php
index 2a2add3ac59..90d5d38ed94 100644
--- a/apps/files_external/lib/backend/backend.php
+++ b/apps/files_external/lib/backend/backend.php
@@ -22,7 +22,7 @@
namespace OCA\Files_External\Lib\Backend;
use \OCA\Files_External\Lib\StorageConfig;
-use \OCA\Files_External\Lib\PermissionsTrait;
+use \OCA\Files_External\Lib\VisibilityTrait;
use \OCA\Files_External\Lib\FrontendDefinitionTrait;
use \OCA\Files_External\Lib\PriorityTrait;
use \OCA\Files_External\Lib\DependencyTrait;
@@ -43,7 +43,7 @@ use \OCA\Files_External\Lib\Auth\AuthMechanism;
* scheme, which are provided from the authentication mechanism.
*
* This class uses the following traits:
- * - PermissionsTrait
+ * - VisibilityTrait
* Restrict usage to admin-only/none
* - FrontendDefinitionTrait
* Specify configuration parameters and other definitions
@@ -56,7 +56,7 @@ use \OCA\Files_External\Lib\Auth\AuthMechanism;
*/
class Backend implements \JsonSerializable {
- use PermissionsTrait;
+ use VisibilityTrait;
use FrontendDefinitionTrait;
use PriorityTrait;
use DependencyTrait;
diff --git a/apps/files_external/lib/backend/local.php b/apps/files_external/lib/backend/local.php
index a6635491b6e..a80b437fab7 100644
--- a/apps/files_external/lib/backend/local.php
+++ b/apps/files_external/lib/backend/local.php
@@ -39,7 +39,7 @@ class Local extends Backend {
->addParameters([
(new DefinitionParameter('datadir', $l->t('Location'))),
])
- ->setAllowedPermissions(BackendService::USER_PERSONAL, BackendService::PERMISSION_NONE)
+ ->setAllowedVisibility(BackendService::VISIBILITY_ADMIN)
->setPriority(BackendService::PRIORITY_DEFAULT + 50)
->addAuthScheme(AuthMechanism::SCHEME_NULL)
->setLegacyAuthMechanism($legacyAuth)
diff --git a/apps/files_external/lib/backend/sftp_key.php b/apps/files_external/lib/backend/sftp_key.php
index 6a75172026d..4a7f565eb19 100644
--- a/apps/files_external/lib/backend/sftp_key.php
+++ b/apps/files_external/lib/backend/sftp_key.php
@@ -40,8 +40,6 @@ class SFTP_Key extends Backend {
(new DefinitionParameter('root', $l->t('Remote subfolder')))
->setFlag(DefinitionParameter::FLAG_OPTIONAL),
])
- ->removeAllowedPermission(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE)
- ->removeAllowedPermission(BackendService::USER_ADMIN, BackendService::PERMISSION_CREATE)
->addAuthScheme(AuthMechanism::SCHEME_PUBLICKEY)
->setLegacyAuthMechanism($legacyAuth)
;
diff --git a/apps/files_external/lib/backend/smb_oc.php b/apps/files_external/lib/backend/smb_oc.php
index d21b0ddaf42..a3f3a824040 100644
--- a/apps/files_external/lib/backend/smb_oc.php
+++ b/apps/files_external/lib/backend/smb_oc.php
@@ -51,8 +51,6 @@ class SMB_OC extends Backend {
(new DefinitionParameter('root', $l->t('Remote subfolder')))
->setFlag(DefinitionParameter::FLAG_OPTIONAL),
])
- ->removeAllowedPermission(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE)
- ->removeAllowedPermission(BackendService::USER_ADMIN, BackendService::PERMISSION_CREATE)
->setPriority(BackendService::PRIORITY_DEFAULT - 10)
->addAuthScheme(AuthMechanism::SCHEME_PASSWORD)
->setLegacyAuthMechanism($legacyAuth)
diff --git a/apps/files_external/lib/permissionstrait.php b/apps/files_external/lib/permissionstrait.php
deleted file mode 100644
index 8509a01e422..00000000000
--- a/apps/files_external/lib/permissionstrait.php
+++ /dev/null
@@ -1,164 +0,0 @@
-<?php
-/**
- * @author Robin McCorkell <rmccorkell@karoshi.org.uk>
- *
- * @copyright Copyright (c) 2015, ownCloud, Inc.
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
-
-namespace OCA\Files_External\Lib;
-
-use \OCA\Files_External\Service\BackendService;
-
-/**
- * Trait to implement backend and auth mechanism permissions
- *
- * For user type constants, see BackendService::USER_*
- * For permission constants, see BackendService::PERMISSION_*
- */
-trait PermissionsTrait {
-
- /** @var array [user type => permissions] */
- protected $permissions = [
- BackendService::USER_PERSONAL => BackendService::PERMISSION_DEFAULT,
- BackendService::USER_ADMIN => BackendService::PERMISSION_DEFAULT,
- ];
-
- /** @var array [user type => allowed permissions] */
- protected $allowedPermissions = [
- BackendService::USER_PERSONAL => BackendService::PERMISSION_DEFAULT,
- BackendService::USER_ADMIN => BackendService::PERMISSION_DEFAULT,
- ];
-
- /**
- * @param string $userType
- * @return int
- */
- public function getPermissions($userType) {
- if (isset($this->permissions[$userType])) {
- return $this->permissions[$userType];
- }
- return BackendService::PERMISSION_NONE;
- }
-
- /**
- * Check if the user type has permission
- *
- * @param string $userType
- * @param int $permission
- * @return bool
- */
- public function isPermitted($userType, $permission) {
- if ($this->getPermissions($userType) & $permission) {
- return true;
- }
- return false;
- }
-
- /**
- * @param string $userType
- * @param int $permissions
- * @return self
- */
- public function setPermissions($userType, $permissions) {
- $this->permissions[$userType] = $permissions;
- $this->allowedPermissions[$userType] =
- $this->getAllowedPermissions($userType) | $permissions;
- return $this;
- }
-
- /**
- * @param string $userType
- * @param int $permission
- * @return self
- */
- public function addPermission($userType, $permission) {
- return $this->setPermissions($userType,
- $this->getPermissions($userType) | $permission
- );
- }
-
- /**
- * @param string $userType
- * @param int $permission
- * @return self
- */
- public function removePermission($userType, $permission) {
- return $this->setPermissions($userType,
- $this->getPermissions($userType) & ~$permission
- );
- }
-
- /**
- * @param string $userType
- * @return int
- */
- public function getAllowedPermissions($userType) {
- if (isset($this->allowedPermissions[$userType])) {
- return $this->allowedPermissions[$userType];
- }
- return BackendService::PERMISSION_NONE;
- }
-
- /**
- * Check if the user type has an allowed permission
- *
- * @param string $userType
- * @param int $permission
- * @return bool
- */
- public function isAllowedPermitted($userType, $permission) {
- if ($this->getAllowedPermissions($userType) & $permission) {
- return true;
- }
- return false;
- }
-
- /**
- * @param string $userType
- * @param int $permissions
- * @return self
- */
- public function setAllowedPermissions($userType, $permissions) {
- $this->allowedPermissions[$userType] = $permissions;
- $this->permissions[$userType] =
- $this->getPermissions($userType) & $permissions;
- return $this;
- }
-
- /**
- * @param string $userType
- * @param int $permission
- * @return self
- */
- public function addAllowedPermission($userType, $permission) {
- return $this->setAllowedPermissions($userType,
- $this->getAllowedPermissions($userType) | $permission
- );
- }
-
- /**
- * @param string $userType
- * @param int $permission
- * @return self
- */
- public function removeAllowedPermission($userType, $permission) {
- return $this->setAllowedPermissions($userType,
- $this->getAllowedPermissions($userType) & ~$permission
- );
- }
-
-}
diff --git a/apps/files_external/lib/visibilitytrait.php b/apps/files_external/lib/visibilitytrait.php
new file mode 100644
index 00000000000..dfd2d323ca6
--- /dev/null
+++ b/apps/files_external/lib/visibilitytrait.php
@@ -0,0 +1,136 @@
+<?php
+/**
+ * @author Robin McCorkell <rmccorkell@karoshi.org.uk>
+ *
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib;
+
+use \OCA\Files_External\Service\BackendService;
+
+/**
+ * Trait to implement visibility mechanics for a configuration class
+ *
+ * The standard visibility defines which users/groups can use or see the
+ * object. The allowed visibility defines the maximum visibility allowed to be
+ * set on the object. The standard visibility is often set dynamically by
+ * stored configuration parameters that can be modified by the administrator,
+ * while the allowed visibility is set directly by the object and cannot be
+ * modified by the administrator.
+ */
+trait VisibilityTrait {
+
+ /** @var int visibility */
+ protected $visibility = BackendService::VISIBILITY_DEFAULT;
+
+ /** @var int allowed visibilities */
+ protected $allowedVisibility = BackendService::VISIBILITY_DEFAULT;
+
+ /**
+ * @return int
+ */
+ public function getVisibility() {
+ return $this->visibility;
+ }
+
+ /**
+ * Check if the backend is visible for a user type
+ *
+ * @param int $visibility
+ * @return bool
+ */
+ public function isVisibleFor($visibility) {
+ if ($this->visibility & $visibility) {
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * @param int $visibility
+ * @return self
+ */
+ public function setVisibility($visibility) {
+ $this->visibility = $visibility;
+ $this->allowedVisibility |= $visibility;
+ return $this;
+ }
+
+ /**
+ * @param int $visibility
+ * @return self
+ */
+ public function addVisibility($visibility) {
+ return $this->setVisibility($this->visibility | $visibility);
+ }
+
+ /**
+ * @param int $visibility
+ * @return self
+ */
+ public function removeVisibility($visibility) {
+ return $this->setVisibility($this->visibility & ~$visibility);
+ }
+
+ /**
+ * @return int
+ */
+ public function getAllowedVisibility() {
+ return $this->allowedVisibility;
+ }
+
+ /**
+ * Check if the backend is allowed to be visible for a user type
+ *
+ * @param int $allowedVisibility
+ * @return bool
+ */
+ public function isAllowedVisibleFor($allowedVisibility) {
+ if ($this->allowedVisibility & $allowedVisibility) {
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * @param int $allowedVisibility
+ * @return self
+ */
+ public function setAllowedVisibility($allowedVisibility) {
+ $this->allowedVisibility = $allowedVisibility;
+ $this->visibility &= $allowedVisibility;
+ return $this;
+ }
+
+ /**
+ * @param int $allowedVisibility
+ * @return self
+ */
+ public function addAllowedVisibility($allowedVisibility) {
+ return $this->setAllowedVisibility($this->allowedVisibility | $allowedVisibility);
+ }
+
+ /**
+ * @param int $allowedVisibility
+ * @return self
+ */
+ public function removeAllowedVisibility($allowedVisibility) {
+ return $this->setAllowedVisibility($this->allowedVisibility & ~$allowedVisibility);
+ }
+
+}
diff --git a/apps/files_external/personal.php b/apps/files_external/personal.php
index d47f983b357..efd23512ffe 100644
--- a/apps/files_external/personal.php
+++ b/apps/files_external/personal.php
@@ -35,10 +35,10 @@ OCP\Util::addScript('files_external', 'settings');
OCP\Util::addStyle('files_external', 'settings');
$backends = array_filter($backendService->getAvailableBackends(), function($backend) {
- return $backend->isPermitted(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE);
+ return $backend->isVisibleFor(BackendService::VISIBILITY_PERSONAL);
});
$authMechanisms = array_filter($backendService->getAuthMechanisms(), function($authMechanism) {
- return $authMechanism->isPermitted(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE);
+ return $authMechanism->isVisibleFor(BackendService::VISIBILITY_PERSONAL);
});
foreach ($backends as $backend) {
if ($backend->getCustomJs()) {
diff --git a/apps/files_external/service/backendservice.php b/apps/files_external/service/backendservice.php
index 70cb9291660..1e90247b3e4 100644
--- a/apps/files_external/service/backendservice.php
+++ b/apps/files_external/service/backendservice.php
@@ -31,17 +31,13 @@ use \OCA\Files_External\Lib\Auth\AuthMechanism;
*/
class BackendService {
- /** Permission constants for PermissionsTrait */
- const PERMISSION_NONE = 0;
- const PERMISSION_MOUNT = 1;
- const PERMISSION_CREATE = 2;
- const PERMISSION_MODIFY = 4;
+ /** Visibility constants for VisibilityTrait */
+ const VISIBILITY_NONE = 0;
+ const VISIBILITY_PERSONAL = 1;
+ const VISIBILITY_ADMIN = 2;
+ //const VISIBILITY_ALIENS = 4;
- const PERMISSION_DEFAULT = 7; // MOUNT | CREATE | MODIFY
-
- /** User contants */
- const USER_ADMIN = 'admin';
- const USER_PERSONAL = 'personal';
+ const VISIBILITY_DEFAULT = 3; // PERSONAL | ADMIN
/** Priority constants for PriorityTrait */
const PRIORITY_DEFAULT = 100;
@@ -85,7 +81,7 @@ class BackendService {
*/
public function registerBackend(Backend $backend) {
if (!$this->isAllowedUserBackend($backend)) {
- $backend->removePermission(self::USER_PERSONAL, self::PERMISSION_CREATE | self::PERMISSION_MOUNT);
+ $backend->removeVisibility(BackendService::VISIBILITY_PERSONAL);
}
foreach ($backend->getIdentifierAliases() as $alias) {
$this->backends[$alias] = $backend;
@@ -107,7 +103,7 @@ class BackendService {
*/
public function registerAuthMechanism(AuthMechanism $authMech) {
if (!$this->isAllowedAuthMechanism($authMech)) {
- $authMech->removePermission(self::USER_PERSONAL, self::PERMISSION_CREATE | self::PERMISSION_MOUNT);
+ $authMech->removeVisibility(BackendService::VISIBILITY_PERSONAL);
}
foreach ($authMech->getIdentifierAliases() as $alias) {
$this->authMechanisms[$alias] = $authMech;
diff --git a/apps/files_external/settings.php b/apps/files_external/settings.php
index 840f1325fb5..5c920a1495b 100644
--- a/apps/files_external/settings.php
+++ b/apps/files_external/settings.php
@@ -42,10 +42,10 @@ OCP\Util::addStyle('files_external', 'settings');
\OC_Util::addVendorStyle('select2/select2');
$backends = array_filter($backendService->getAvailableBackends(), function($backend) {
- return $backend->isPermitted(BackendService::USER_ADMIN, BackendService::PERMISSION_CREATE);
+ return $backend->isVisibleFor(BackendService::VISIBILITY_ADMIN);
});
$authMechanisms = array_filter($backendService->getAuthMechanisms(), function($authMechanism) {
- return $authMechanism->isPermitted(BackendService::USER_ADMIN, BackendService::PERMISSION_CREATE);
+ return $authMechanism->isVisibleFor(BackendService::VISIBILITY_ADMIN);
});
foreach ($backends as $backend) {
if ($backend->getCustomJs()) {
@@ -59,9 +59,7 @@ foreach ($authMechanisms as $authMechanism) {
}
$userBackends = array_filter($backendService->getAvailableBackends(), function($backend) {
- return $backend->isAllowedPermitted(
- BackendService::USER_PERSONAL, BackendService::PERMISSION_MOUNT
- );
+ return $backend->isAllowedVisibleFor(BackendService::VISIBILITY_PERSONAL);
});
$tmpl = new OCP\Template('files_external', 'settings');
diff --git a/apps/files_external/templates/settings.php b/apps/files_external/templates/settings.php
index 7762ff60333..d8b07273028 100644
--- a/apps/files_external/templates/settings.php
+++ b/apps/files_external/templates/settings.php
@@ -197,7 +197,7 @@
<p id="userMountingBackends"<?php if ($_['allowUserMounting'] != 'yes'): ?> class="hidden"<?php endif; ?>>
<?php p($l->t('Allow users to mount the following external storage')); ?><br />
<?php $i = 0; foreach ($_['userBackends'] as $backend): ?>
- <input type="checkbox" id="allowUserMountingBackends<?php p($i); ?>" name="allowUserMountingBackends[]" value="<?php p($backend->getIdentifier()); ?>" <?php if ($backend->isPermitted(BackendService::USER_PERSONAL, BackendService::PERMISSION_MOUNT)) print_unescaped(' checked="checked"'); ?> />
+ <input type="checkbox" id="allowUserMountingBackends<?php p($i); ?>" name="allowUserMountingBackends[]" value="<?php p($backend->getIdentifier()); ?>" <?php if ($backend->isVisibleFor(BackendService::VISIBILITY_PERSONAL)) print_unescaped(' checked="checked"'); ?> />
<label for="allowUserMountingBackends<?php p($i); ?>"><?php p($backend->getText()); ?></label> <br />
<?php $i++; ?>
<?php endforeach; ?>
diff --git a/apps/files_external/tests/controller/storagescontrollertest.php b/apps/files_external/tests/controller/storagescontrollertest.php
index c43761f3bcb..5e1deb821f4 100644
--- a/apps/files_external/tests/controller/storagescontrollertest.php
+++ b/apps/files_external/tests/controller/storagescontrollertest.php
@@ -75,12 +75,12 @@ abstract class StoragesControllerTest extends \Test\TestCase {
$authMech = $this->getAuthMechMock();
$authMech->method('validateStorage')
->willReturn(true);
- $authMech->method('isPermitted')
+ $authMech->method('isVisibleFor')
->willReturn(true);
$backend = $this->getBackendMock();
$backend->method('validateStorage')
->willReturn(true);
- $backend->method('isPermitted')
+ $backend->method('isVisibleFor')
->willReturn(true);
$storageConfig = new StorageConfig(1);
@@ -116,12 +116,12 @@ abstract class StoragesControllerTest extends \Test\TestCase {
$authMech = $this->getAuthMechMock();
$authMech->method('validateStorage')
->willReturn(true);
- $authMech->method('isPermitted')
+ $authMech->method('isVisibleFor')
->willReturn(true);
$backend = $this->getBackendMock();
$backend->method('validateStorage')
->willReturn(true);
- $backend->method('isPermitted')
+ $backend->method('isVisibleFor')
->willReturn(true);
$storageConfig = new StorageConfig(1);
@@ -249,12 +249,12 @@ abstract class StoragesControllerTest extends \Test\TestCase {
$authMech = $this->getAuthMechMock();
$authMech->method('validateStorage')
->willReturn(true);
- $authMech->method('isPermitted')
+ $authMech->method('isVisibleFor')
->willReturn(true);
$backend = $this->getBackendMock();
$backend->method('validateStorage')
->willReturn(true);
- $backend->method('isPermitted')
+ $backend->method('isVisibleFor')
->willReturn(true);
$storageConfig = new StorageConfig(255);
@@ -338,13 +338,13 @@ abstract class StoragesControllerTest extends \Test\TestCase {
$backend = $this->getBackendMock();
$backend->method('validateStorage')
->willReturn($backendValidate);
- $backend->method('isPermitted')
+ $backend->method('isVisibleFor')
->willReturn(true);
$authMech = $this->getAuthMechMock();
$authMech->method('validateStorage')
->will($this->returnValue($authMechValidate));
- $authMech->method('isPermitted')
+ $authMech->method('isVisibleFor')
->willReturn(true);
$storageConfig = new StorageConfig();
diff --git a/apps/files_external/tests/controller/userstoragescontrollertest.php b/apps/files_external/tests/controller/userstoragescontrollertest.php
index b61174b0797..9f1a8df8d2e 100644
--- a/apps/files_external/tests/controller/userstoragescontrollertest.php
+++ b/apps/files_external/tests/controller/userstoragescontrollertest.php
@@ -49,21 +49,15 @@ class UserStoragesControllerTest extends StoragesControllerTest {
}
public function testAddOrUpdateStorageDisallowedBackend() {
- $backend1 = $this->getBackendMock();
- $backend1->expects($this->once())
- ->method('isPermitted')
- ->with(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE)
- ->willReturn(false);
- $backend2 = $this->getBackendMock();
- $backend2->expects($this->once())
- ->method('isPermitted')
- ->with(BackendService::USER_PERSONAL, BackendService::PERMISSION_MODIFY)
+ $backend = $this->getBackendMock();
+ $backend->method('isVisibleFor')
+ ->with(BackendService::VISIBILITY_PERSONAL)
->willReturn(false);
$authMech = $this->getAuthMechMock();
$storageConfig = new StorageConfig(1);
$storageConfig->setMountPoint('mount');
- $storageConfig->setBackend($backend1);
+ $storageConfig->setBackend($backend);
$storageConfig->setAuthMechanism($authMech);
$storageConfig->setBackendOptions([]);
@@ -88,8 +82,6 @@ class UserStoragesControllerTest extends StoragesControllerTest {
$this->assertEquals(Http::STATUS_UNPROCESSABLE_ENTITY, $response->getStatus());
- $storageConfig->setBackend($backend2);
-
$response = $this->controller->update(
1,
'mount',
diff --git a/apps/files_external/tests/service/backendservicetest.php b/apps/files_external/tests/service/backendservicetest.php
index b37b5e9b466..414a9eee2ec 100644
--- a/apps/files_external/tests/service/backendservicetest.php
+++ b/apps/files_external/tests/service/backendservicetest.php
@@ -83,11 +83,11 @@ class BackendServiceTest extends \Test\TestCase {
$backendAllowed = $this->getBackendMock('\User\Mount\Allowed');
$backendAllowed->expects($this->never())
- ->method('removePermission');
+ ->method('removeVisibility');
$backendNotAllowed = $this->getBackendMock('\User\Mount\NotAllowed');
$backendNotAllowed->expects($this->once())
- ->method('removePermission')
- ->with(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE | BackendService::PERMISSION_MOUNT);
+ ->method('removeVisibility')
+ ->with(BackendService::VISIBILITY_PERSONAL);
$backendAlias = $this->getMockBuilder('\OCA\Files_External\Lib\Backend\Backend')
->disableOriginalConstructor()