diff options
author | Bjoern Schiessle <bjoern@schiessle.org> | 2017-03-28 14:39:38 +0200 |
---|---|---|
committer | Bjoern Schiessle <bjoern@schiessle.org> | 2017-04-03 10:29:32 +0200 |
commit | c191173d5914f77ebac425e315d2b962077bd654 (patch) | |
tree | 221b0239404581c081ed9c79cb82b3fbf15923a3 /apps/sharebymail/lib/ShareByMailProvider.php | |
parent | c6613ee8fcfd19a74bcd4652187c51a642a1fc4c (diff) | |
download | nextcloud-server-c191173d5914f77ebac425e315d2b962077bd654.tar.gz nextcloud-server-c191173d5914f77ebac425e315d2b962077bd654.zip |
allow password protected mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
Diffstat (limited to 'apps/sharebymail/lib/ShareByMailProvider.php')
-rw-r--r-- | apps/sharebymail/lib/ShareByMailProvider.php | 83 |
1 files changed, 72 insertions, 11 deletions
diff --git a/apps/sharebymail/lib/ShareByMailProvider.php b/apps/sharebymail/lib/ShareByMailProvider.php index 86f2a8fd49a..f49a4d07eb9 100644 --- a/apps/sharebymail/lib/ShareByMailProvider.php +++ b/apps/sharebymail/lib/ShareByMailProvider.php @@ -275,10 +275,10 @@ class ShareByMailProvider implements IShareProvider { protected function createMailBody($template, $filename, $link, $owner, $initiator) { $mailBodyTemplate = new Template('sharebymail', $template, ''); - $mailBodyTemplate->assign ('filename', $filename); + $mailBodyTemplate->assign ('filename', \OCP\Util::sanitizeHTML($filename)); $mailBodyTemplate->assign ('link', $link); - $mailBodyTemplate->assign ('owner', $owner); - $mailBodyTemplate->assign ('initiator', $initiator); + $mailBodyTemplate->assign ('owner', \OCP\Util::sanitizeHTML($owner)); + $mailBodyTemplate->assign ('initiator', \OCP\Util::sanitizeHTML($initiator)); $mailBodyTemplate->assign ('onBehalfOf', $initiator !== $owner); $mailBody = $mailBodyTemplate->fetchPage(); @@ -291,6 +291,55 @@ class ShareByMailProvider implements IShareProvider { } /** + * send password to recipient of a mail share + * + * @param string $filename + * @param string $initiator + * @param string $shareWith + */ + protected function sendPassword($filename, $initiator, $shareWith, $password) { + $initiatorUser = $this->userManager->get($initiator); + $initiatorDisplayName = ($initiatorUser instanceof IUser) ? $initiatorUser->getDisplayName() : $initiator; + $subject = (string)$this->l->t('Password to access »%s« shared to you by %s', [$filename, $initiatorDisplayName]); + + $message = $this->mailer->createMessage(); + $htmlBody = $this->createMailBodyToSendPassword('mailpassword', $filename, $initiatorDisplayName, $password); + $textBody = $this->createMailBodyToSendPassword('altmailpassword', $filename,$initiatorDisplayName, $password); + $message->setTo([$shareWith]); + $message->setSubject($subject); + $message->setBody($textBody, 'text/plain'); + $message->setHtmlBody($htmlBody); + $this->mailer->send($message); + + } + + /** + * create mail body to send password to recipient + * + * @param string $filename + * @param string $initiator + * @param string $password + * @return string plain text mail + * @throws HintException + */ + protected function createMailBodyToSendPassword($template, $filename, $initiator, $password) { + + $mailBodyTemplate = new Template('sharebymail', $template, ''); + $mailBodyTemplate->assign ('filename', \OCP\Util::sanitizeHTML($filename)); + $mailBodyTemplate->assign ('password', \OCP\Util::sanitizeHTML($password)); + $mailBodyTemplate->assign ('initiator', \OCP\Util::sanitizeHTML($initiator)); + $mailBody = $mailBodyTemplate->fetchPage(); + + if (is_string($mailBody)) { + return $mailBody; + } + + throw new HintException('Failed to create the E-mail', + $this->l->t('Failed to create the E-mail')); + } + + + /** * generate share token * * @return string @@ -368,19 +417,30 @@ class ShareByMailProvider implements IShareProvider { * Update a share * * @param IShare $share + * @param string|null $plainTextPassword * @return IShare The share object */ - public function update(IShare $share) { + public function update(IShare $share, $plainTextPassword = null) { + + $originalShare = $this->getShareById($share->getId()); + + // a real password was given + $validPassword = $plainTextPassword !== null && $plainTextPassword !== ''; + + if($validPassword && $originalShare->getPassword() !== $share->getPassword()) { + $this->sendPassword($share->getNode()->getName(), $share->getSharedBy(), $share->getSharedWith(), $plainTextPassword); + } /* - * We allow updating the permissions of mail shares + * We allow updating the permissions and password of mail shares */ $qb = $this->dbConnection->getQueryBuilder(); - $qb->update('share') - ->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId()))) - ->set('permissions', $qb->createNamedParameter($share->getPermissions())) - ->set('uid_owner', $qb->createNamedParameter($share->getShareOwner())) - ->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy())) - ->execute(); + $qb->update('share') + ->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId()))) + ->set('permissions', $qb->createNamedParameter($share->getPermissions())) + ->set('uid_owner', $qb->createNamedParameter($share->getShareOwner())) + ->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy())) + ->set('password', $qb->createNamedParameter($share->getPassword())) + ->execute(); return $share; } @@ -625,6 +685,7 @@ class ShareByMailProvider implements IShareProvider { $shareTime->setTimestamp((int)$data['stime']); $share->setShareTime($shareTime); $share->setSharedWith($data['share_with']); + $share->setPassword($data['password']); if ($data['uid_initiator'] !== null) { $share->setShareOwner($data['uid_owner']); |