diff options
Diffstat (limited to 'apps/files_sharing/ajax')
| -rw-r--r-- | apps/files_sharing/ajax/external.php | 147 | ||||
| -rw-r--r-- | apps/files_sharing/ajax/publicpreview.php | 118 | ||||
| -rw-r--r-- | apps/files_sharing/ajax/shareinfo.php | 90 |
3 files changed, 0 insertions, 355 deletions
diff --git a/apps/files_sharing/ajax/external.php b/apps/files_sharing/ajax/external.php deleted file mode 100644 index 76f9d5d7668..00000000000 --- a/apps/files_sharing/ajax/external.php +++ /dev/null @@ -1,147 +0,0 @@ -<?php -/** - * @author Björn Schießle <schiessle@owncloud.com> - * @author Joas Schilling <nickvergessen@owncloud.com> - * @author Lukas Reschke <lukas@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Robin Appelman <icewind@owncloud.com> - * @author Roeland Jago Douma <rullzer@owncloud.com> - * @author Vincent Petry <pvince81@owncloud.com> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -OCP\JSON::callCheck(); -OCP\JSON::checkLoggedIn(); -OCP\JSON::checkAppEnabled('files_sharing'); - -$l = \OC::$server->getL10N('files_sharing'); - -// check if server admin allows to mount public links from other servers -if (OCA\Files_Sharing\Helper::isIncomingServer2serverShareEnabled() === false) { - \OCP\JSON::error(array('data' => array('message' => $l->t('Server to server sharing is not enabled on this server')))); - exit(); -} - -$token = $_POST['token']; -$remote = $_POST['remote']; -$owner = $_POST['owner']; -$ownerDisplayName = $_POST['ownerDisplayName']; -$name = $_POST['name']; -$password = $_POST['password']; - -// Check for invalid name -if(!\OCP\Util::isValidFileName($name)) { - \OCP\JSON::error(array('data' => array('message' => $l->t('The mountpoint name contains invalid characters.')))); - exit(); -} - -$currentUser = \OC::$server->getUserSession()->getUser()->getUID(); -$currentServer = \OC::$server->getURLGenerator()->getAbsoluteURL('/'); -if (\OC\Share\Helper::isSameUserOnSameServer($owner, $remote, $currentUser, $currentServer )) { - \OCP\JSON::error(array('data' => array('message' => $l->t('Not allowed to create a federated share with the same user server')))); - exit(); -} - -$discoveryManager = new \OCA\FederatedFileSharing\DiscoveryManager( - \OC::$server->getMemCacheFactory(), - \OC::$server->getHTTPClientService() -); -$externalManager = new \OCA\Files_Sharing\External\Manager( - \OC::$server->getDatabaseConnection(), - \OC\Files\Filesystem::getMountManager(), - \OC\Files\Filesystem::getLoader(), - \OC::$server->getHTTPHelper(), - \OC::$server->getNotificationManager(), - $discoveryManager, - \OC::$server->getUserSession()->getUser()->getUID() -); - -// check for ssl cert -if (substr($remote, 0, 5) === 'https') { - try { - \OC::$server->getHTTPClientService()->newClient()->get($remote)->getBody(); - } catch (\Exception $e) { - \OCP\JSON::error(array('data' => array('message' => $l->t('Invalid or untrusted SSL certificate')))); - exit; - } -} - -$mount = $externalManager->addShare($remote, $token, $password, $name, $ownerDisplayName, true); - -/** - * @var \OCA\Files_Sharing\External\Storage $storage - */ -$storage = $mount->getStorage(); -try { - // check if storage exists - $storage->checkStorageAvailability(); -} catch (\OCP\Files\StorageInvalidException $e) { - // note: checkStorageAvailability will already remove the invalid share - \OCP\Util::writeLog( - 'files_sharing', - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), - \OCP\Util::DEBUG - ); - \OCP\JSON::error( - array( - 'data' => array( - 'message' => $l->t('Could not authenticate to remote share, password might be wrong') - ) - ) - ); - exit(); -} catch (\Exception $e) { - \OCP\Util::writeLog( - 'files_sharing', - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), - \OCP\Util::DEBUG - ); - $externalManager->removeShare($mount->getMountPoint()); - \OCP\JSON::error(array('data' => array('message' => $l->t('Storage not valid')))); - exit(); -} -$result = $storage->file_exists(''); -if ($result) { - try { - $storage->getScanner()->scanAll(); - \OCP\JSON::success(); - } catch (\OCP\Files\StorageInvalidException $e) { - \OCP\Util::writeLog( - 'files_sharing', - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), - \OCP\Util::DEBUG - ); - \OCP\JSON::error(array('data' => array('message' => $l->t('Storage not valid')))); - } catch (\Exception $e) { - \OCP\Util::writeLog( - 'files_sharing', - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), - \OCP\Util::DEBUG - ); - \OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t add remote share')))); - } -} else { - $externalManager->removeShare($mount->getMountPoint()); - \OCP\Util::writeLog( - 'files_sharing', - 'Couldn\'t add remote share', - \OCP\Util::DEBUG - ); - \OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t add remote share')))); -} - diff --git a/apps/files_sharing/ajax/publicpreview.php b/apps/files_sharing/ajax/publicpreview.php deleted file mode 100644 index ac48ee01913..00000000000 --- a/apps/files_sharing/ajax/publicpreview.php +++ /dev/null @@ -1,118 +0,0 @@ -<?php -/** - * @author Björn Schießle <schiessle@owncloud.com> - * @author Georg Ehrke <georg@owncloud.com> - * @author Lukas Reschke <lukas@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Roeland Jago Douma <rullzer@owncloud.com> - * @author Thomas Müller <thomas.mueller@tmit.eu> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -OCP\JSON::checkAppEnabled('files_sharing'); - -\OC_User::setIncognitoMode(true); - -$file = array_key_exists('file', $_GET) ? (string) $_GET['file'] : ''; -$maxX = array_key_exists('x', $_GET) ? (int) $_GET['x'] : '32'; -$maxY = array_key_exists('y', $_GET) ? (int) $_GET['y'] : '32'; -$scalingUp = array_key_exists('scalingup', $_GET) ? (bool) $_GET['scalingup'] : true; -$token = array_key_exists('t', $_GET) ? (string) $_GET['t'] : ''; -$keepAspect = array_key_exists('a', $_GET) ? true : false; - -if($token === ''){ - \OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST); - \OCP\Util::writeLog('core-preview', 'No token parameter was passed', \OCP\Util::DEBUG); - exit; -} - -$linkedItem = \OCP\Share::getShareByToken($token); -if($linkedItem === false || ($linkedItem['item_type'] !== 'file' && $linkedItem['item_type'] !== 'folder')) { - \OC_Response::setStatus(\OC_Response::STATUS_NOT_FOUND); - \OCP\Util::writeLog('core-preview', 'Passed token parameter is not valid', \OCP\Util::DEBUG); - exit; -} - -if(!isset($linkedItem['uid_owner']) || !isset($linkedItem['file_source'])) { - \OC_Response::setStatus(\OC_Response::STATUS_INTERNAL_SERVER_ERROR); - \OCP\Util::writeLog('core-preview', 'Passed token seems to be valid, but it does not contain all necessary information . ("' . $token . '")', \OCP\Util::WARN); - exit; -} - -$rootLinkItem = OCP\Share::resolveReShare($linkedItem); -$userId = $rootLinkItem['uid_owner']; - -OCP\JSON::checkUserExists($rootLinkItem['uid_owner']); -\OC_Util::setupFS($userId); -\OC\Files\Filesystem::initMountPoints($userId); -$view = new \OC\Files\View('/' . $userId . '/files'); - -$pathId = $linkedItem['file_source']; -$path = $view->getPath($pathId); - -if($path === null) { - \OC_Response::setStatus(\OC_Response::STATUS_NOT_FOUND); - \OCP\Util::writeLog('core-preview', 'Could not resolve file for shared item', \OCP\Util::WARN); - exit; -} - -$pathInfo = $view->getFileInfo($path); -$sharedFile = null; - -if($linkedItem['item_type'] === 'folder') { - $isValid = \OC\Files\Filesystem::isValidPath($file); - if(!$isValid) { - \OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST); - \OCP\Util::writeLog('core-preview', 'Passed filename is not valid, might be malicious (file:"' . $file . '";ip:"' . \OC::$server->getRequest()->getRemoteAddress() . '")', \OCP\Util::WARN); - exit; - } - $sharedFile = \OC\Files\Filesystem::normalizePath($file); -} - -if($linkedItem['item_type'] === 'file') { - $parent = $pathInfo['parent']; - $path = $view->getPath($parent); - $sharedFile = $pathInfo['name']; -} - -$path = \OC\Files\Filesystem::normalizePath($path, false); -if(substr($path, 0, 1) === '/') { - $path = substr($path, 1); -} - -if($maxX === 0 || $maxY === 0) { - \OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST); - \OCP\Util::writeLog('core-preview', 'x and/or y set to 0', \OCP\Util::DEBUG); - exit; -} - -$root = 'files/' . $path; - -try{ - $preview = new \OC\Preview($userId, $root); - $preview->setFile($sharedFile); - $preview->setMaxX($maxX); - $preview->setMaxY($maxY); - $preview->setScalingUp($scalingUp); - $preview->setKeepAspect($keepAspect); - - $preview->showPreview(); -} catch (\Exception $e) { - \OC_Response::setStatus(\OC_Response::STATUS_INTERNAL_SERVER_ERROR); - \OCP\Util::writeLog('core', $e->getmessage(), \OCP\Util::DEBUG); -} diff --git a/apps/files_sharing/ajax/shareinfo.php b/apps/files_sharing/ajax/shareinfo.php deleted file mode 100644 index e531e84ebbc..00000000000 --- a/apps/files_sharing/ajax/shareinfo.php +++ /dev/null @@ -1,90 +0,0 @@ -<?php -/** - * @author Joas Schilling <nickvergessen@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Robin Appelman <icewind@owncloud.com> - * @author Vincent Petry <pvince81@owncloud.com> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -OCP\JSON::checkAppEnabled('files_sharing'); - -if (!isset($_GET['t'])) { - \OC_Response::setStatus(400); //400 Bad Request - exit; -} - -if (OCA\Files_Sharing\Helper::isOutgoingServer2serverShareEnabled() === false) { - \OC_Response::setStatus(404); // 404 not found - exit; -} - -$token = $_GET['t']; - -$password = null; -if (isset($_POST['password'])) { - $password = $_POST['password']; -} - -$relativePath = null; -if (isset($_GET['dir'])) { - $relativePath = $_GET['dir']; -} - -$data = \OCA\Files_Sharing\Helper::setupFromToken($token, $relativePath, $password); - -$linkItem = $data['linkItem']; -// Load the files -$path = $data['realPath']; - -$isWritable = $linkItem['permissions'] & (\OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_CREATE); -if (!$isWritable) { - \OC\Files\Filesystem::addStorageWrapper('readonly', function ($mountPoint, $storage) { - return new \OC\Files\Storage\Wrapper\PermissionsMask(array('storage' => $storage, 'mask' => \OCP\Constants::PERMISSION_READ + \OCP\Constants::PERMISSION_SHARE)); - }); -} - -$rootInfo = \OC\Files\Filesystem::getFileInfo($path); -$rootView = new \OC\Files\View(''); - -/** - * @param \OCP\Files\FileInfo $dir - * @param \OC\Files\View $view - * @return array - */ -function getChildInfo($dir, $view) { - $children = $view->getDirectoryContent($dir->getPath()); - $result = array(); - foreach ($children as $child) { - $formated = \OCA\Files\Helper::formatFileInfo($child); - if ($child->getType() === 'dir') { - $formated['children'] = getChildInfo($child, $view); - } - $formated['mtime'] = $formated['mtime'] / 1000; - $result[] = $formated; - } - return $result; -} - -$result = \OCA\Files\Helper::formatFileInfo($rootInfo); -$result['mtime'] = $result['mtime'] / 1000; -if ($rootInfo->getType() === 'dir') { - $result['children'] = getChildInfo($rootInfo, $rootView); -} - -OCP\JSON::success(array('data' => $result)); |