summaryrefslogtreecommitdiffstats
path: root/apps/federatedfilesharing/lib/FederatedShareProvider.php
diff options
context:
space:
mode:
Diffstat (limited to 'apps/federatedfilesharing/lib/FederatedShareProvider.php')
-rw-r--r--apps/federatedfilesharing/lib/FederatedShareProvider.php632
1 files changed, 632 insertions, 0 deletions
diff --git a/apps/federatedfilesharing/lib/FederatedShareProvider.php b/apps/federatedfilesharing/lib/FederatedShareProvider.php
new file mode 100644
index 00000000000..d014a6219a3
--- /dev/null
+++ b/apps/federatedfilesharing/lib/FederatedShareProvider.php
@@ -0,0 +1,632 @@
+<?php
+/**
+ * @author Björn Schießle <schiessle@owncloud.com>
+ * @author Roeland Jago Douma <rullzer@owncloud.com>
+ * @author Thomas Müller <thomas.mueller@tmit.eu>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\FederatedFileSharing;
+
+use OC\Share20\Share;
+use OCP\Files\IRootFolder;
+use OCP\IAppConfig;
+use OCP\IConfig;
+use OCP\IL10N;
+use OCP\ILogger;
+use OCP\Share\IShare;
+use OCP\Share\IShareProvider;
+use OC\Share20\Exception\InvalidShare;
+use OCP\Share\Exceptions\ShareNotFound;
+use OCP\Files\NotFoundException;
+use OCP\IDBConnection;
+use OCP\Files\Node;
+
+/**
+ * Class FederatedShareProvider
+ *
+ * @package OCA\FederatedFileSharing
+ */
+class FederatedShareProvider implements IShareProvider {
+
+ const SHARE_TYPE_REMOTE = 6;
+
+ /** @var IDBConnection */
+ private $dbConnection;
+
+ /** @var AddressHandler */
+ private $addressHandler;
+
+ /** @var Notifications */
+ private $notifications;
+
+ /** @var TokenHandler */
+ private $tokenHandler;
+
+ /** @var IL10N */
+ private $l;
+
+ /** @var ILogger */
+ private $logger;
+
+ /** @var IRootFolder */
+ private $rootFolder;
+
+ /** @var IConfig */
+ private $config;
+
+ /**
+ * DefaultShareProvider constructor.
+ *
+ * @param IDBConnection $connection
+ * @param AddressHandler $addressHandler
+ * @param Notifications $notifications
+ * @param TokenHandler $tokenHandler
+ * @param IL10N $l10n
+ * @param ILogger $logger
+ * @param IRootFolder $rootFolder
+ * @param IConfig $config
+ */
+ public function __construct(
+ IDBConnection $connection,
+ AddressHandler $addressHandler,
+ Notifications $notifications,
+ TokenHandler $tokenHandler,
+ IL10N $l10n,
+ ILogger $logger,
+ IRootFolder $rootFolder,
+ IConfig $config
+ ) {
+ $this->dbConnection = $connection;
+ $this->addressHandler = $addressHandler;
+ $this->notifications = $notifications;
+ $this->tokenHandler = $tokenHandler;
+ $this->l = $l10n;
+ $this->logger = $logger;
+ $this->rootFolder = $rootFolder;
+ $this->config = $config;
+ }
+
+ /**
+ * Return the identifier of this provider.
+ *
+ * @return string Containing only [a-zA-Z0-9]
+ */
+ public function identifier() {
+ return 'ocFederatedSharing';
+ }
+
+ /**
+ * Share a path
+ *
+ * @param IShare $share
+ * @return IShare The share object
+ * @throws ShareNotFound
+ * @throws \Exception
+ */
+ public function create(IShare $share) {
+
+ $shareWith = $share->getSharedWith();
+ $itemSource = $share->getNodeId();
+ $itemType = $share->getNodeType();
+ $uidOwner = $share->getShareOwner();
+ $permissions = $share->getPermissions();
+ $sharedBy = $share->getSharedBy();
+
+ /*
+ * Check if file is not already shared with the remote user
+ */
+ $alreadyShared = $this->getSharedWith($shareWith, self::SHARE_TYPE_REMOTE, $share->getNode(), 1, 0);
+ if (!empty($alreadyShared)) {
+ $message = 'Sharing %s failed, because this item is already shared with %s';
+ $message_t = $this->l->t('Sharing %s failed, because this item is already shared with %s', array($share->getNode()->getName(), $shareWith));
+ $this->logger->debug(sprintf($message, $share->getNode()->getName(), $shareWith), ['app' => 'Federated File Sharing']);
+ throw new \Exception($message_t);
+ }
+
+
+ // don't allow federated shares if source and target server are the same
+ list($user, $remote) = $this->addressHandler->splitUserRemote($shareWith);
+ $currentServer = $this->addressHandler->generateRemoteURL();
+ $currentUser = $sharedBy;
+ if ($this->addressHandler->compareAddresses($user, $remote, $currentUser, $currentServer)) {
+ $message = 'Not allowed to create a federated share with the same user.';
+ $message_t = $this->l->t('Not allowed to create a federated share with the same user');
+ $this->logger->debug($message, ['app' => 'Federated File Sharing']);
+ throw new \Exception($message_t);
+ }
+
+ $token = $this->tokenHandler->generateToken();
+
+ $shareWith = $user . '@' . $remote;
+
+ $shareId = $this->addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $uidOwner, $permissions, $token);
+
+ $send = $this->notifications->sendRemoteShare(
+ $token,
+ $shareWith,
+ $share->getNode()->getName(),
+ $shareId,
+ $share->getSharedBy()
+ );
+
+ $data = $this->getRawShare($shareId);
+ $share = $this->createShare($data);
+
+ if ($send === false) {
+ $this->delete($share);
+ $message_t = $this->l->t('Sharing %s failed, could not find %s, maybe the server is currently unreachable.',
+ [$share->getNode()->getName(), $shareWith]);
+ throw new \Exception($message_t);
+ }
+
+ return $share;
+ }
+
+ /**
+ * add share to the database and return the ID
+ *
+ * @param int $itemSource
+ * @param string $itemType
+ * @param string $shareWith
+ * @param string $sharedBy
+ * @param string $uidOwner
+ * @param int $permissions
+ * @param string $token
+ * @return int
+ */
+ private function addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $uidOwner, $permissions, $token) {
+ $qb = $this->dbConnection->getQueryBuilder();
+ $qb->insert('share')
+ ->setValue('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE))
+ ->setValue('item_type', $qb->createNamedParameter($itemType))
+ ->setValue('item_source', $qb->createNamedParameter($itemSource))
+ ->setValue('file_source', $qb->createNamedParameter($itemSource))
+ ->setValue('share_with', $qb->createNamedParameter($shareWith))
+ ->setValue('uid_owner', $qb->createNamedParameter($uidOwner))
+ ->setValue('uid_initiator', $qb->createNamedParameter($sharedBy))
+ ->setValue('permissions', $qb->createNamedParameter($permissions))
+ ->setValue('token', $qb->createNamedParameter($token))
+ ->setValue('stime', $qb->createNamedParameter(time()));
+
+ /*
+ * Added to fix https://github.com/owncloud/core/issues/22215
+ * Can be removed once we get rid of ajax/share.php
+ */
+ $qb->setValue('file_target', $qb->createNamedParameter(''));
+
+ $qb->execute();
+ $id = $qb->getLastInsertId();
+
+ return (int)$id;
+ }
+
+ /**
+ * Update a share
+ *
+ * @param IShare $share
+ * @return IShare The share object
+ */
+ public function update(IShare $share) {
+ /*
+ * We allow updating the permissions of federated shares
+ */
+ $qb = $this->dbConnection->getQueryBuilder();
+ $qb->update('share')
+ ->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))
+ ->set('permissions', $qb->createNamedParameter($share->getPermissions()))
+ ->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))
+ ->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))
+ ->execute();
+
+ return $share;
+ }
+
+ /**
+ * @inheritdoc
+ */
+ public function move(IShare $share, $recipient) {
+ /*
+ * This function does nothing yet as it is just for outgoing
+ * federated shares.
+ */
+ return $share;
+ }
+
+ /**
+ * Get all children of this share
+ *
+ * @param IShare $parent
+ * @return IShare[]
+ */
+ public function getChildren(IShare $parent) {
+ $children = [];
+
+ $qb = $this->dbConnection->getQueryBuilder();
+ $qb->select('*')
+ ->from('share')
+ ->where($qb->expr()->eq('parent', $qb->createNamedParameter($parent->getId())))
+ ->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
+ ->orderBy('id');
+
+ $cursor = $qb->execute();
+ while($data = $cursor->fetch()) {
+ $children[] = $this->createShare($data);
+ }
+ $cursor->closeCursor();
+
+ return $children;
+ }
+
+ /**
+ * Delete a share
+ *
+ * @param IShare $share
+ */
+ public function delete(IShare $share) {
+ $qb = $this->dbConnection->getQueryBuilder();
+ $qb->delete('share')
+ ->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())));
+ $qb->execute();
+
+ list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedWith());
+ $this->notifications->sendRemoteUnShare($remote, $share->getId(), $share->getToken());
+ }
+
+ /**
+ * @inheritdoc
+ */
+ public function deleteFromSelf(IShare $share, $recipient) {
+ // nothing to do here. Technically deleteFromSelf in the context of federated
+ // shares is a umount of a external storage. This is handled here
+ // apps/files_sharing/lib/external/manager.php
+ // TODO move this code over to this app
+ return;
+ }
+
+ /**
+ * @inheritdoc
+ */
+ public function getSharesBy($userId, $shareType, $node, $reshares, $limit, $offset) {
+ $qb = $this->dbConnection->getQueryBuilder();
+ $qb->select('*')
+ ->from('share');
+
+ $qb->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
+
+ /**
+ * Reshares for this user are shares where they are the owner.
+ */
+ if ($reshares === false) {
+ //Special case for old shares created via the web UI
+ $or1 = $qb->expr()->andX(
+ $qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
+ $qb->expr()->isNull('uid_initiator')
+ );
+
+ $qb->andWhere(
+ $qb->expr()->orX(
+ $qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId)),
+ $or1
+ )
+ );
+ } else {
+ $qb->andWhere(
+ $qb->expr()->orX(
+ $qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
+ $qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId))
+ )
+ );
+ }
+
+ if ($node !== null) {
+ $qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
+ }
+
+ if ($limit !== -1) {
+ $qb->setMaxResults($limit);
+ }
+
+ $qb->setFirstResult($offset);
+ $qb->orderBy('id');
+
+ $cursor = $qb->execute();
+ $shares = [];
+ while($data = $cursor->fetch()) {
+ $shares[] = $this->createShare($data);
+ }
+ $cursor->closeCursor();
+
+ return $shares;
+ }
+
+ /**
+ * @inheritdoc
+ */
+ public function getShareById($id, $recipientId = null) {
+ $qb = $this->dbConnection->getQueryBuilder();
+
+ $qb->select('*')
+ ->from('share')
+ ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
+ ->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
+
+ $cursor = $qb->execute();
+ $data = $cursor->fetch();
+ $cursor->closeCursor();
+
+ if ($data === false) {
+ throw new ShareNotFound();
+ }
+
+ try {
+ $share = $this->createShare($data);
+ } catch (InvalidShare $e) {
+ throw new ShareNotFound();
+ }
+
+ return $share;
+ }
+
+ /**
+ * Get shares for a given path
+ *
+ * @param \OCP\Files\Node $path
+ * @return IShare[]
+ */
+ public function getSharesByPath(Node $path) {
+ $qb = $this->dbConnection->getQueryBuilder();
+
+ $cursor = $qb->select('*')
+ ->from('share')
+ ->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($path->getId())))
+ ->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
+ ->execute();
+
+ $shares = [];
+ while($data = $cursor->fetch()) {
+ $shares[] = $this->createShare($data);
+ }
+ $cursor->closeCursor();
+
+ return $shares;
+ }
+
+ /**
+ * @inheritdoc
+ */
+ public function getSharedWith($userId, $shareType, $node, $limit, $offset) {
+ /** @var IShare[] $shares */
+ $shares = [];
+
+ //Get shares directly with this user
+ $qb = $this->dbConnection->getQueryBuilder();
+ $qb->select('*')
+ ->from('share');
+
+ // Order by id
+ $qb->orderBy('id');
+
+ // Set limit and offset
+ if ($limit !== -1) {
+ $qb->setMaxResults($limit);
+ }
+ $qb->setFirstResult($offset);
+
+ $qb->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
+ $qb->andWhere($qb->expr()->eq('share_with', $qb->createNamedParameter($userId)));
+
+ // Filter by node if provided
+ if ($node !== null) {
+ $qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
+ }
+
+ $cursor = $qb->execute();
+
+ while($data = $cursor->fetch()) {
+ $shares[] = $this->createShare($data);
+ }
+ $cursor->closeCursor();
+
+
+ return $shares;
+ }
+
+ /**
+ * Get a share by token
+ *
+ * @param string $token
+ * @return IShare
+ * @throws ShareNotFound
+ */
+ public function getShareByToken($token) {
+ $qb = $this->dbConnection->getQueryBuilder();
+
+ $cursor = $qb->select('*')
+ ->from('share')
+ ->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
+ ->andWhere($qb->expr()->eq('token', $qb->createNamedParameter($token)))
+ ->execute();
+
+ $data = $cursor->fetch();
+
+ if ($data === false) {
+ throw new ShareNotFound();
+ }
+
+ try {
+ $share = $this->createShare($data);
+ } catch (InvalidShare $e) {
+ throw new ShareNotFound();
+ }
+
+ return $share;
+ }
+
+ /**
+ * get database row of a give share
+ *
+ * @param $id
+ * @return array
+ * @throws ShareNotFound
+ */
+ private function getRawShare($id) {
+
+ // Now fetch the inserted share and create a complete share object
+ $qb = $this->dbConnection->getQueryBuilder();
+ $qb->select('*')
+ ->from('share')
+ ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)));
+
+ $cursor = $qb->execute();
+ $data = $cursor->fetch();
+ $cursor->closeCursor();
+
+ if ($data === false) {
+ throw new ShareNotFound;
+ }
+
+ return $data;
+ }
+
+ /**
+ * Create a share object from an database row
+ *
+ * @param array $data
+ * @return IShare
+ * @throws InvalidShare
+ * @throws ShareNotFound
+ */
+ private function createShare($data) {
+
+ $share = new Share($this->rootFolder);
+ $share->setId((int)$data['id'])
+ ->setShareType((int)$data['share_type'])
+ ->setPermissions((int)$data['permissions'])
+ ->setTarget($data['file_target'])
+ ->setMailSend((bool)$data['mail_send'])
+ ->setToken($data['token']);
+
+ $shareTime = new \DateTime();
+ $shareTime->setTimestamp((int)$data['stime']);
+ $share->setShareTime($shareTime);
+ $share->setSharedWith($data['share_with']);
+
+ if ($data['uid_initiator'] !== null) {
+ $share->setShareOwner($data['uid_owner']);
+ $share->setSharedBy($data['uid_initiator']);
+ } else {
+ //OLD SHARE
+ $share->setSharedBy($data['uid_owner']);
+ $path = $this->getNode($share->getSharedBy(), (int)$data['file_source']);
+
+ $owner = $path->getOwner();
+ $share->setShareOwner($owner->getUID());
+ }
+
+ $share->setNodeId((int)$data['file_source']);
+ $share->setNodeType($data['item_type']);
+
+ $share->setProviderId($this->identifier());
+
+ return $share;
+ }
+
+ /**
+ * Get the node with file $id for $user
+ *
+ * @param string $userId
+ * @param int $id
+ * @return \OCP\Files\File|\OCP\Files\Folder
+ * @throws InvalidShare
+ */
+ private function getNode($userId, $id) {
+ try {
+ $userFolder = $this->rootFolder->getUserFolder($userId);
+ } catch (NotFoundException $e) {
+ throw new InvalidShare();
+ }
+
+ $nodes = $userFolder->getById($id);
+
+ if (empty($nodes)) {
+ throw new InvalidShare();
+ }
+
+ return $nodes[0];
+ }
+
+ /**
+ * A user is deleted from the system
+ * So clean up the relevant shares.
+ *
+ * @param string $uid
+ * @param int $shareType
+ */
+ public function userDeleted($uid, $shareType) {
+ //TODO: probabaly a good idea to send unshare info to remote servers
+
+ $qb = $this->dbConnection->getQueryBuilder();
+
+ $qb->delete('share')
+ ->where($qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE)))
+ ->andWhere($qb->expr()->eq('uid_owner', $qb->createNamedParameter($uid)))
+ ->execute();
+ }
+
+ /**
+ * This provider does not handle groups
+ *
+ * @param string $gid
+ */
+ public function groupDeleted($gid) {
+ // We don't handle groups here
+ return;
+ }
+
+ /**
+ * This provider does not handle groups
+ *
+ * @param string $uid
+ * @param string $gid
+ */
+ public function userDeletedFromGroup($uid, $gid) {
+ // We don't handle groups here
+ return;
+ }
+
+ /**
+ * check if users from other ownCloud instances are allowed to mount public links share by this instance
+ *
+ * @return bool
+ */
+ public function isOutgoingServer2serverShareEnabled() {
+ $result = $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes');
+ return ($result === 'yes') ? true : false;
+ }
+
+ /**
+ * check if users are allowed to mount public links from other ownClouds
+ *
+ * @return bool
+ */
+ public function isIncomingServer2serverShareEnabled() {
+ $result = $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes');
+ return ($result === 'yes') ? true : false;
+ }
+}