diff options
| -rw-r--r-- | apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php | 2 | ||||
| -rw-r--r-- | apps/files_sharing/lib/AppInfo/Application.php | 2 | ||||
| -rw-r--r-- | apps/files_sharing/lib/External/Manager.php | 107 | ||||
| -rw-r--r-- | apps/files_sharing/lib/Hooks.php | 2 |
4 files changed, 98 insertions, 15 deletions
diff --git a/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php b/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php index 67866fa169c..1f46c6b677d 100644 --- a/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php +++ b/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php @@ -228,6 +228,8 @@ class CloudFederationProviderFiles implements ICloudFederationProvider { \OC::$server->query(\OCP\OCS\IDiscoveryService::class), \OC::$server->getCloudFederationProviderManager(), \OC::$server->getCloudFederationFactory(), + \OC::$server->getGroupManager(), + \OC::$server->getUserManager(), $shareWith ); diff --git a/apps/files_sharing/lib/AppInfo/Application.php b/apps/files_sharing/lib/AppInfo/Application.php index e6ab4eb2cf1..a7d4755fbf0 100644 --- a/apps/files_sharing/lib/AppInfo/Application.php +++ b/apps/files_sharing/lib/AppInfo/Application.php @@ -105,6 +105,8 @@ class Application extends App { $server->query(\OCP\OCS\IDiscoveryService::class), $server->getCloudFederationProviderManager(), $server->getCloudFederationFactory(), + $server->getGroupManager(), + $server->getUserManager(), $uid ); }); diff --git a/apps/files_sharing/lib/External/Manager.php b/apps/files_sharing/lib/External/Manager.php index 4875e7e26ce..7b3e77771c3 100644 --- a/apps/files_sharing/lib/External/Manager.php +++ b/apps/files_sharing/lib/External/Manager.php @@ -39,6 +39,8 @@ use OCP\Files; use OCP\Files\Storage\IStorageFactory; use OCP\Http\Client\IClientService; use OCP\IDBConnection; +use OCP\IGroupManager; +use OCP\IUserManager; use OCP\Notification\IManager; use OCP\OCS\IDiscoveryService; use OCP\Share; @@ -87,6 +89,12 @@ class Manager { /** @var ICloudFederationFactory */ private $cloudFederationFactory; + /** @var IGroupManager */ + private $groupManager; + + /** @var IUserManager */ + private $userManager; + /** * @param IDBConnection $connection * @param \OC\Files\Mount\Manager $mountManager @@ -96,6 +104,8 @@ class Manager { * @param IDiscoveryService $discoveryService * @param ICloudFederationProviderManager $cloudFederationProviderManager * @param ICloudFederationFactory $cloudFederationFactory + * @param IGroupManager $groupManager + * @param IUserManager $userManager * @param string $uid */ public function __construct(IDBConnection $connection, @@ -106,6 +116,8 @@ class Manager { IDiscoveryService $discoveryService, ICloudFederationProviderManager $cloudFederationProviderManager, ICloudFederationFactory $cloudFederationFactory, + IGroupManager $groupManager, + IUserManager $userManager, $uid) { $this->connection = $connection; $this->mountManager = $mountManager; @@ -116,6 +128,8 @@ class Manager { $this->discoveryService = $discoveryService; $this->cloudFederationProviderManager = $cloudFederationProviderManager; $this->cloudFederationFactory = $cloudFederationFactory; + $this->groupManager = $groupManager; + $this->userManager = $userManager; } /** @@ -176,12 +190,7 @@ class Manager { $mountPoint = Filesystem::normalizePath('/' . $mountPoint); $hash = md5($mountPoint); - $query = $this->connection->prepare(' - INSERT INTO `*PREFIX*share_external` - (`remote`, `share_token`, `password`, `name`, `owner`, `user`, `mountpoint`, `mountpoint_hash`, `accepted`, `remote_id`, `parent`, `share_type`) - VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) - '); - $query->execute(array($remote, $token, $password, $name, $owner, $user, $mountPoint, $hash, $accepted, $remoteId, $parent, $shareType)); + $this->writeShareToDb($remote, $token, $password, $name, $owner, $user, $mountPoint, $hash, $accepted, $remoteId, $parent, $shareType); $options = array( 'remote' => $remote, @@ -194,6 +203,32 @@ class Manager { } /** + * write remote share to the database + * + * @param $remote + * @param $token + * @param $password + * @param $name + * @param $owner + * @param $user + * @param $mountPoint + * @param $hash + * @param $accepted + * @param $remoteId + * @param $parent + * @param $shareType + * @return bool + */ + private function writeShareToDb($remote, $token, $password, $name, $owner, $user, $mountPoint, $hash, $accepted, $remoteId, $parent, $shareType) { + $query = $this->connection->prepare(' + INSERT INTO `*PREFIX*share_external` + (`remote`, `share_token`, `password`, `name`, `owner`, `user`, `mountpoint`, `mountpoint_hash`, `accepted`, `remote_id`, `parent`, `share_type`) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) + '); + return $query->execute(array($remote, $token, $password, $name, $owner, $user, $mountPoint, $hash, $accepted, $remoteId, $parent, $shareType)); + } + + /** * get share * * @param int $id share id @@ -201,12 +236,27 @@ class Manager { */ public function getShare($id) { $getShare = $this->connection->prepare(' - SELECT `id`, `remote`, `remote_id`, `share_token`, `name`, `owner`, `user`, `mountpoint`, `accepted` + SELECT `id`, `remote`, `remote_id`, `share_token`, `name`, `owner`, `user`, `mountpoint`, `accepted`, `parent`, `share_type`, `password`, `mountpoint_hash` FROM `*PREFIX*share_external` - WHERE `id` = ? AND `user` = ?'); - $result = $getShare->execute(array($id, $this->uid)); + WHERE `id` = ?'); + $result = $getShare->execute(array($id)); + + $share = $result ? $getShare->fetch() : []; + + $validShare = is_array($share) && isset($share['share_type']) && isset($share['user']); + + // check if the user is allowed to access it + if ($validShare && (int)$share['share_type'] === Share::SHARE_TYPE_USER && $share['user'] === $this->uid) { + return $share; + } else if ($validShare && (int)$share['share_type'] === Share::SHARE_TYPE_GROUP) { + $user = $this->userManager->get($this->uid); + if ($this->groupManager->get($share['user'])->inGroup($user)) { + return $share; + } + } + + return false; - return $result ? $getShare->fetch() : false; } /** @@ -227,7 +277,7 @@ class Manager { $mountPoint = Filesystem::normalizePath($mountPoint); $hash = md5($mountPoint); - if($share['share_type'] === \OCP\Share::SHARE_TYPE_USER) { + if($share['share_type'] === Share::SHARE_TYPE_USER) { $acceptShare = $this->connection->prepare(' UPDATE `*PREFIX*share_external` SET `accepted` = ?, @@ -236,6 +286,17 @@ class Manager { WHERE `id` = ? AND `user` = ?'); $updated = $acceptShare->execute(array(1, $mountPoint, $hash, $id, $this->uid)); } else { + $result = $this->writeShareToDb( + $share['remote'], + $share['share_token'], + $share['password'], + $share['name'], + $share['owner'], + $this->uid, + $mountPoint, $hash, 1, + $share['remote_id'], + $id, + $share['share_type']); // TODO group share, add additional row for the user who accepted it } if ($updated === true) { @@ -260,18 +321,34 @@ class Manager { public function declineShare($id) { $share = $this->getShare($id); + $result = false; - if ($share) { + if ($share && (int)$share['share_type'] === Share::SHARE_TYPE_USER) { $removeShare = $this->connection->prepare(' DELETE FROM `*PREFIX*share_external` WHERE `id` = ? AND `user` = ?'); $removeShare->execute(array($id, $this->uid)); $this->sendFeedbackToRemote($share['remote'], $share['share_token'], $share['remote_id'], 'decline'); $this->processNotification($id); - return true; + $result = true; + } else if ($share && (int)$share['share_type'] === Share::SHARE_TYPE_GROUP) { + $result = $this->writeShareToDb( + $share['remote'], + $share['share_token'], + $share['password'], + $share['name'], + $share['owner'], + $this->uid, + $share['mountpoint'], + $share['mountpoint_hash'], + 0, + $share['remote_id'], + $id, + $share['share_type']); + $this->processNotification($id); } - return false; + return $result; } /** @@ -305,7 +382,7 @@ class Manager { $federationEndpoints = $this->discoveryService->discover($remote, 'FEDERATED_SHARING'); $endpoint = isset($federationEndpoints['share']) ? $federationEndpoints['share'] : '/ocs/v2.php/cloud/shares'; - $url = rtrim($remote, '/') . $endpoint . '/' . $remoteId . '/' . $feedback . '?format=' . \OCP\Share::RESPONSE_FORMAT; + $url = rtrim($remote, '/') . $endpoint . '/' . $remoteId . '/' . $feedback . '?format=' . Share::RESPONSE_FORMAT; $fields = array('token' => $token); $client = $this->clientService->newClient(); diff --git a/apps/files_sharing/lib/Hooks.php b/apps/files_sharing/lib/Hooks.php index cd66fd7702e..99e876eaaf0 100644 --- a/apps/files_sharing/lib/Hooks.php +++ b/apps/files_sharing/lib/Hooks.php @@ -42,6 +42,8 @@ class Hooks { \OC::$server->query(\OCP\OCS\IDiscoveryService::class), \OC::$server->getCloudFederationProviderManager(), \OC::$server->getCloudFederationFactory(), + \OC::$server->getGroupManager(), + \OC::$server->getUserManager(), $params['uid']); $manager->removeUserShares($params['uid']); |