diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2015-04-08 14:44:17 +0200 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2015-04-08 14:44:17 +0200 |
| commit | 103d451459efe539f13e0bebf968cf94c322ec0e (patch) | |
| tree | 5ed22f078da852d709ed65c3bc3304ac8547ca5f /lib/private/share | |
| parent | d01a2acbcf2aa0dbea56bc1ad7cb855dfabdd746 (diff) | |
| parent | 3b1f0e60194aea021433031bd62b3173b912d712 (diff) | |
| download | nextcloud-server-103d451459efe539f13e0bebf968cf94c322ec0e.tar.gz nextcloud-server-103d451459efe539f13e0bebf968cf94c322ec0e.zip | |
Merge pull request #14987 from rullzer/ocs_password_fix2
OCS Fixes to allow setting of password without removing additional settings
Diffstat (limited to 'lib/private/share')
| -rw-r--r-- | lib/private/share/share.php | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/lib/private/share/share.php b/lib/private/share/share.php index 98c612d5eb6..e624e8da451 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -37,6 +37,10 @@ namespace OC\Share; +use OCP\IUserSession; +use OC\DB\Connection; +use OCP\IConfig; + /** * This class provides the ability for apps to share their content between users. * Apps must create a backend class that implements OCP\Share_Backend and register it with this class. @@ -1151,6 +1155,78 @@ class Share extends \OC\Share\Constants { } /** + * Retrieve the owner of a connection + * + * @param Connection $connection + * @param int $shareId + * @throws \Exception + * @return string uid of share owner + */ + private static function getShareOwner(Connection $connection, $shareId) { + $qb = $connection->createQueryBuilder(); + + $qb->select('`uid_owner`') + ->from('`*PREFIX*share`') + ->where('`id` = :shareId') + ->setParameter(':shareId', $shareId); + $result = $qb->execute(); + $result = $result->fetch(); + + if (empty($result)) { + throw new \Exception('Share not found'); + } + + return $result['uid_owner']; + } + + /** + * Set expiration date for a share + * + * @param IUserSession $userSession + * @param Connection $connection + * @param IConfig $config + * @param int $shareId + * @param string $password + * @throws \Exception + * @return boolean + */ + public static function setPassword(IUserSession $userSession, + Connection $connection, + IConfig $config, + $shareId, $password) { + $user = $userSession->getUser(); + if (is_null($user)) { + throw new \Exception("User not logged in"); + } + + $uid = self::getShareOwner($connection, $shareId); + + if ($uid !== $user->getUID()) { + throw new \Exception('Cannot update share of a different user'); + } + + if ($password === '') { + $password = null; + } + + //If passwords are enforced the password can't be null + if (self::enforcePassword($config) && is_null($password)) { + throw new \Exception('Cannot remove password'); + } + + $qb = $connection->createQueryBuilder(); + $qb->update('`*PREFIX*share`') + ->set('`share_with`', ':pass') + ->where('`id` = :shareId') + ->setParameter(':pass', is_null($password) ? 'NULL' : $qb->expr()->literal(\OC::$server->getHasher()->hash($password))) + ->setParameter(':shareId', $shareId); + + $qb->execute(); + + return true; + } + + /** * Checks whether a share has expired, calls unshareItem() if yes. * @param array $item Share data (usually database row) * @return boolean True if item was expired, false otherwise. @@ -2429,4 +2505,12 @@ class Share extends \OC\Share\Constants { return false; } + /** + * @param IConfig $config + * @return bool + */ + public static function enforcePassword(IConfig $config) { + $enforcePassword = $config->getAppValue('core', 'shareapi_enforce_links_password', 'no'); + return ($enforcePassword === "yes") ? true : false; + } } |