diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2016-01-21 15:43:08 +0100 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2016-01-21 15:43:08 +0100 |
| commit | e2f231d05156dc382db32397e64f2df790a88a7b (patch) | |
| tree | 737b13e3a79427a7a50da6d445c40c1a9b06903d /lib | |
| parent | 2b4532c6b91dc38c5af8d703826a1fbf11134a6a (diff) | |
| parent | 88bc8634d2076b7392c9ec214e414c558a6584d6 (diff) | |
| download | nextcloud-server-e2f231d05156dc382db32397e64f2df790a88a7b.tar.gz nextcloud-server-e2f231d05156dc382db32397e64f2df790a88a7b.zip | |
Merge pull request #21761 from owncloud/share2_link
Share2 link
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/share20/defaultshareprovider.php | 35 | ||||
| -rw-r--r-- | lib/private/share20/ishareprovider.php | 8 | ||||
| -rw-r--r-- | lib/private/share20/manager.php | 40 |
3 files changed, 71 insertions, 12 deletions
diff --git a/lib/private/share20/defaultshareprovider.php b/lib/private/share20/defaultshareprovider.php index a5afe9ff06b..d47919d21a3 100644 --- a/lib/private/share20/defaultshareprovider.php +++ b/lib/private/share20/defaultshareprovider.php @@ -284,7 +284,11 @@ class DefaultShareProvider implements IShareProvider { throw new ShareNotFound(); } - $share = $this->createShare($data); + try { + $share = $this->createShare($data); + } catch (InvalidShare $e) { + throw new ShareNotFound(); + } return $share; } @@ -328,13 +332,34 @@ class DefaultShareProvider implements IShareProvider { } /** - * Get a share by token and if present verify the password + * Get a share by token * * @param string $token - * @param string $password - * @param Share + * @return IShare + * @throws ShareNotFound */ - public function getShareByToken($token, $password = null) { + public function getShareByToken($token) { + $qb = $this->dbConn->getQueryBuilder(); + + $cursor = $qb->select('*') + ->from('share') + ->where($qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_LINK))) + ->andWhere($qb->expr()->eq('token', $qb->createNamedParameter($token))) + ->execute(); + + $data = $cursor->fetch(); + + if ($data === false) { + throw new ShareNotFound(); + } + + try { + $share = $this->createShare($data); + } catch (InvalidShare $e) { + throw new ShareNotFound(); + } + + return $share; } /** diff --git a/lib/private/share20/ishareprovider.php b/lib/private/share20/ishareprovider.php index d1f82557a5f..81770a45874 100644 --- a/lib/private/share20/ishareprovider.php +++ b/lib/private/share20/ishareprovider.php @@ -103,11 +103,11 @@ interface IShareProvider { public function getSharedWithMe(IUser $user, $shareType = null); /** - * Get a share by token and if present verify the password + * Get a share by token * * @param string $token - * @param string $password - * @param Share + * @return IShare + * @throws ShareNotFound */ - public function getShareByToken($token, $password = null); + public function getShareByToken($token); } diff --git a/lib/private/share20/manager.php b/lib/private/share20/manager.php index 035026b47ea..2be8fb5174d 100644 --- a/lib/private/share20/manager.php +++ b/lib/private/share20/manager.php @@ -665,13 +665,47 @@ class Manager { * Get the share by token possible with password * * @param string $token - * @param string $password - * * @return Share * * @throws ShareNotFound */ - public function getShareByToken($token, $password=null) { + public function getShareByToken($token) { + $provider = $this->factory->getProviderForType(\OCP\Share::SHARE_TYPE_LINK); + + $share = $provider->getShareByToken($token); + + //TODO check if share expired + + return $share; + } + + /** + * Verify the password of a public share + * + * @param IShare $share + * @param string $password + * @return bool + */ + public function checkPassword(IShare $share, $password) { + if ($share->getShareType() !== \OCP\Share::SHARE_TYPE_LINK) { + //TODO maybe exception? + return false; + } + + if ($password === null || $share->getPassword() === null) { + return false; + } + + $newHash = ''; + if (!$this->hasher->verify($password, $share->getPassword(), $newHash)) { + return false; + } + + if (!empty($newHash)) { + //TODO update hash! + } + + return true; } /** |