Merge pull request #19487 from owncloud/split_share_middleware

Split files_sharing middelware
author: Thomas Müller <thomas.mueller@tmit.eu> 2015-10-05 10:57:11 +0200
committer: Thomas Müller <thomas.mueller@tmit.eu> 2015-10-05 10:57:11 +0200
commit: 710b7dd81c4c4cd84e0d3024fcdcc1bf150b5137 (patch)
tree: 37832821536e15f9dc108eb72963804e9d589ace /apps/files_sharing/lib
parent: 56c35da8d5bdbe1056cf79d81c3138a015c93e2f (diff)
parent: 3d2acb5003a4953d3f422b34f670d87c4afb11c9 (diff)
download: nextcloud-server-710b7dd81c4c4cd84e0d3024fcdcc1bf150b5137.tar.gz
nextcloud-server-710b7dd81c4c4cd84e0d3024fcdcc1bf150b5137.zip
4 files changed, 82 insertions, 18 deletions
diff --git a/apps/files_sharing/lib/controllers/externalsharescontroller.php b/apps/files_sharing/lib/controllers/externalsharescontroller.php
index 6eb9d3c13d9..1b8351da420 100644
--- a/apps/files_sharing/lib/controllers/externalsharescontroller.php
+++ b/apps/files_sharing/lib/controllers/externalsharescontroller.php
@@ -36,8 +36,6 @@ use OCP\AppFramework\Http\DataResponse;
  */
 class ExternalSharesController extends Controller {
 
-	/** @var bool */
-	private $incomingShareEnabled;
 	/** @var \OCA\Files_Sharing\External\Manager */
 	private $externalManager;
 	/** @var IClientService */
@@ -52,53 +50,44 @@ class ExternalSharesController extends Controller {
 	 */
 	public function __construct($appName,
 								IRequest $request,
-								$incomingShareEnabled,
 								\OCA\Files_Sharing\External\Manager $externalManager,
 								IClientService $clientService) {
 		parent::__construct($appName, $request);
-		$this->incomingShareEnabled = $incomingShareEnabled;
 		$this->externalManager = $externalManager;
 		$this->clientService = $clientService;
 	}
 
 	/**
 	 * @NoAdminRequired
+	 * @NoOutgoingFederatedSharingRequired
 	 *
 	 * @return JSONResponse
 	 */
 	public function index() {
-		$shares = [];
-		if ($this->incomingShareEnabled) {
-			$shares = $this->externalManager->getOpenShares();
-		}
-		return new JSONResponse($shares);
+		return new JSONResponse($this->externalManager->getOpenShares());
 	}
 
 	/**
 	 * @NoAdminRequired
+	 * @NoOutgoingFederatedSharingRequired
 	 *
 	 * @param int $id
 	 * @return JSONResponse
 	 */
 	public function create($id) {
-		if ($this->incomingShareEnabled) {
-			$this->externalManager->acceptShare($id);
-		}
-
+		$this->externalManager->acceptShare($id);
 		return new JSONResponse();
 	}
 
 	/**
 	 * @NoAdminRequired
+	 * @NoOutgoingFederatedSharingRequired
 	 *
 	 * @param $id
 	 * @return JSONResponse
 	 */
 	public function destroy($id) {
-		if ($this->incomingShareEnabled) {
-			$this->externalManager->declineShare($id);
-		}
-
+		$this->externalManager->declineShare($id);
 		return new JSONResponse();
 	}
 
@@ -127,6 +116,8 @@ class ExternalSharesController extends Controller {
 
 	/**
 	 * @PublicPage
+	 * @NoOutgoingFederatedSharingRequired
+	 * @NoIncomingFederatedSharingRequired
 	 *
 	 * @param string $remote
 	 * @return DataResponse
diff --git a/apps/files_sharing/lib/exceptions.php b/apps/files_sharing/lib/exceptions/brokenpath.php
index 71fe93f8e92..71fe93f8e92 100644
--- a/apps/files_sharing/lib/exceptions.php
+++ b/apps/files_sharing/lib/exceptions/brokenpath.php
diff --git a/apps/files_sharing/lib/exceptions/s2sexception.php b/apps/files_sharing/lib/exceptions/s2sexception.php
new file mode 100644
index 00000000000..7f5557f8cd3
--- /dev/null
+++ b/apps/files_sharing/lib/exceptions/s2sexception.php
@@ -0,0 +1,26 @@
+<?php
+/**
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_Sharing\Exceptions;
+
+/**
+ * S2S sharing not allowed
+ */
+class S2SException extends \Exception {
+}
diff --git a/apps/files_sharing/lib/middleware/sharingcheckmiddleware.php b/apps/files_sharing/lib/middleware/sharingcheckmiddleware.php
index 61dfd914d0b..942efc0483e 100644
--- a/apps/files_sharing/lib/middleware/sharingcheckmiddleware.php
+++ b/apps/files_sharing/lib/middleware/sharingcheckmiddleware.php
@@ -29,6 +29,9 @@ use OCP\AppFramework\Middleware;
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\Files\NotFoundException;
 use OCP\IConfig;
+use OCP\AppFramework\Utility\IControllerMethodReflector;
+use OCA\Files_Sharing\Exceptions\S2SException;
+use OCP\AppFramework\Http\JSONResponse;
 
 /**
  * Checks whether the "sharing check" is enabled
@@ -43,6 +46,8 @@ class SharingCheckMiddleware extends Middleware {
 	protected $config;
 	/** @var IAppManager */
 	protected $appManager;
+	/** @var IControllerMethodReflector */
+	protected $reflector;
 
 	/***
 	 * @param string $appName
@@ -51,10 +56,13 @@ class SharingCheckMiddleware extends Middleware {
 	 */
 	public function __construct($appName,
 								IConfig $config,
-								IAppManager $appManager) {
+								IAppManager $appManager,
+								IControllerMethodReflector $reflector
+								) {
 		$this->appName = $appName;
 		$this->config = $config;
 		$this->appManager = $appManager;
+		$this->reflector = $reflector;
 	}
 
 	/**
@@ -68,6 +76,14 @@ class SharingCheckMiddleware extends Middleware {
 		if(!$this->isSharingEnabled()) {
 			throw new NotFoundException('Sharing is disabled.');
 		}
+
+		if ($controller instanceof \OCA\Files_Sharing\Controllers\ExternalSharesController &&
+			!$this->externalSharesChecks()) {
+			throw new S2SException('Federated sharing not allowed');
+		} else if ($controller instanceof \OCA\Files_Sharing\Controllers\ShareController &&
+			!$this->isLinkSharingEnabled()) {
+			throw new NotFoundException('Link sharing is disabled');
+		}
 	}
 
 	/**
@@ -84,10 +100,33 @@ class SharingCheckMiddleware extends Middleware {
 			return new NotFoundResponse();
 		}
 
+		if (is_a($exception, '\OCA\Files_Sharing\Exceptions\S2SException')) {
+			return new JSONResponse($exception->getMessage(), 405);
+		}
+
 		throw $exception;
 	}
 
 	/**
+	 * Checks for externalshares controller
+	 * @return bool
+	 */
+	private function externalSharesChecks() {
+
+		if (!$this->reflector->hasAnnotation('NoIncomingFederatedSharingRequired') &&
+			$this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') !== 'yes') {
+			return false;
+		}
+
+		if (!$this->reflector->hasAnnotation('NoOutgoingFederatedSharingRequired') &&
+		    $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') !== 'yes') {
+			return false;
+		}
+
+		return true;
+	}
+
+	/**
 	 * Check whether sharing is enabled
 	 * @return bool
 	 */
@@ -98,6 +137,14 @@ class SharingCheckMiddleware extends Middleware {
 			return false;
 		}
 
+		return true;
+	}
+
+	/**
+	 * Check if link sharing is allowed
+	 * @return bool
+	 */
+	private function isLinkSharingEnabled() {
 		// Check if the shareAPI is enabled
 		if ($this->config->getAppValue('core', 'shareapi_enabled', 'yes') !== 'yes') {
 			return false;
author	Thomas Müller <thomas.mueller@tmit.eu>	2015-10-05 10:57:11 +0200
committer	Thomas Müller <thomas.mueller@tmit.eu>	2015-10-05 10:57:11 +0200
commit	710b7dd81c4c4cd84e0d3024fcdcc1bf150b5137 (patch)
tree	37832821536e15f9dc108eb72963804e9d589ace /apps/files_sharing/lib
parent	56c35da8d5bdbe1056cf79d81c3138a015c93e2f (diff)
parent	3d2acb5003a4953d3f422b34f670d87c4afb11c9 (diff)
download	nextcloud-server-710b7dd81c4c4cd84e0d3024fcdcc1bf150b5137.tar.gz nextcloud-server-710b7dd81c4c4cd84e0d3024fcdcc1bf150b5137.zip