aboutsummaryrefslogtreecommitdiffstats
path: root/apps/files_sharing/api/sharees.php
diff options
context:
space:
mode:
Diffstat (limited to 'apps/files_sharing/api/sharees.php')
-rw-r--r--apps/files_sharing/api/sharees.php536
1 files changed, 0 insertions, 536 deletions
diff --git a/apps/files_sharing/api/sharees.php b/apps/files_sharing/api/sharees.php
deleted file mode 100644
index 4e005c5e26c..00000000000
--- a/apps/files_sharing/api/sharees.php
+++ /dev/null
@@ -1,536 +0,0 @@
-<?php
-/**
- * @author Björn Schießle <schiessle@owncloud.com>
- * @author Joas Schilling <nickvergessen@owncloud.com>
- * @author Roeland Jago Douma <rullzer@owncloud.com>
- * @author Thomas Müller <thomas.mueller@tmit.eu>
- *
- * @copyright Copyright (c) 2016, ownCloud, Inc.
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
-namespace OCA\Files_Sharing\API;
-
-use OCP\AppFramework\Http;
-use OCP\Contacts\IManager;
-use OCP\IGroup;
-use OCP\IGroupManager;
-use OCP\ILogger;
-use OCP\IRequest;
-use OCP\IUser;
-use OCP\IUserManager;
-use OCP\IConfig;
-use OCP\IUserSession;
-use OCP\IURLGenerator;
-use OCP\Share;
-
-class Sharees {
-
- /** @var IGroupManager */
- protected $groupManager;
-
- /** @var IUserManager */
- protected $userManager;
-
- /** @var IManager */
- protected $contactsManager;
-
- /** @var IConfig */
- protected $config;
-
- /** @var IUserSession */
- protected $userSession;
-
- /** @var IRequest */
- protected $request;
-
- /** @var IURLGenerator */
- protected $urlGenerator;
-
- /** @var ILogger */
- protected $logger;
-
- /** @var \OCP\Share\IManager */
- protected $shareManager;
-
- /** @var bool */
- protected $shareWithGroupOnly = false;
-
- /** @var bool */
- protected $shareeEnumeration = true;
-
- /** @var int */
- protected $offset = 0;
-
- /** @var int */
- protected $limit = 10;
-
- /** @var array */
- protected $result = [
- 'exact' => [
- 'users' => [],
- 'groups' => [],
- 'remotes' => [],
- ],
- 'users' => [],
- 'groups' => [],
- 'remotes' => [],
- ];
-
- protected $reachedEndFor = [];
-
- /**
- * @param IGroupManager $groupManager
- * @param IUserManager $userManager
- * @param IManager $contactsManager
- * @param IConfig $config
- * @param IUserSession $userSession
- * @param IURLGenerator $urlGenerator
- * @param IRequest $request
- * @param ILogger $logger
- * @param \OCP\Share\IManager $shareManager
- */
- public function __construct(IGroupManager $groupManager,
- IUserManager $userManager,
- IManager $contactsManager,
- IConfig $config,
- IUserSession $userSession,
- IURLGenerator $urlGenerator,
- IRequest $request,
- ILogger $logger,
- \OCP\Share\IManager $shareManager) {
- $this->groupManager = $groupManager;
- $this->userManager = $userManager;
- $this->contactsManager = $contactsManager;
- $this->config = $config;
- $this->userSession = $userSession;
- $this->urlGenerator = $urlGenerator;
- $this->request = $request;
- $this->logger = $logger;
- $this->shareManager = $shareManager;
- }
-
- /**
- * @param string $search
- */
- protected function getUsers($search) {
- $this->result['users'] = $this->result['exact']['users'] = $users = [];
-
- $userGroups = [];
- if ($this->shareWithGroupOnly) {
- // Search in all the groups this user is part of
- $userGroups = $this->groupManager->getUserGroupIds($this->userSession->getUser());
- foreach ($userGroups as $userGroup) {
- $usersTmp = $this->groupManager->displayNamesInGroup($userGroup, $search, $this->limit, $this->offset);
- foreach ($usersTmp as $uid => $userDisplayName) {
- $users[$uid] = $userDisplayName;
- }
- }
- } else {
- // Search in all users
- $usersTmp = $this->userManager->searchDisplayName($search, $this->limit, $this->offset);
-
- foreach ($usersTmp as $user) {
- $users[$user->getUID()] = $user->getDisplayName();
- }
- }
-
- if (!$this->shareeEnumeration || sizeof($users) < $this->limit) {
- $this->reachedEndFor[] = 'users';
- }
-
- $foundUserById = false;
- foreach ($users as $uid => $userDisplayName) {
- if (strtolower($uid) === strtolower($search) || strtolower($userDisplayName) === strtolower($search)) {
- if (strtolower($uid) === strtolower($search)) {
- $foundUserById = true;
- }
- $this->result['exact']['users'][] = [
- 'label' => $userDisplayName,
- 'value' => [
- 'shareType' => Share::SHARE_TYPE_USER,
- 'shareWith' => $uid,
- ],
- ];
- } else {
- $this->result['users'][] = [
- 'label' => $userDisplayName,
- 'value' => [
- 'shareType' => Share::SHARE_TYPE_USER,
- 'shareWith' => $uid,
- ],
- ];
- }
- }
-
- if ($this->offset === 0 && !$foundUserById) {
- // On page one we try if the search result has a direct hit on the
- // user id and if so, we add that to the exact match list
- $user = $this->userManager->get($search);
- if ($user instanceof IUser) {
- $addUser = true;
-
- if ($this->shareWithGroupOnly) {
- // Only add, if we have a common group
- $commonGroups = array_intersect($userGroups, $this->groupManager->getUserGroupIds($user));
- $addUser = !empty($commonGroups);
- }
-
- if ($addUser) {
- array_push($this->result['exact']['users'], [
- 'label' => $user->getDisplayName(),
- 'value' => [
- 'shareType' => Share::SHARE_TYPE_USER,
- 'shareWith' => $user->getUID(),
- ],
- ]);
- }
- }
- }
-
- if (!$this->shareeEnumeration) {
- $this->result['users'] = [];
- }
- }
-
- /**
- * @param string $search
- */
- protected function getGroups($search) {
- $this->result['groups'] = $this->result['exact']['groups'] = [];
-
- $groups = $this->groupManager->search($search, $this->limit, $this->offset);
- $groups = array_map(function (IGroup $group) { return $group->getGID(); }, $groups);
-
- if (!$this->shareeEnumeration || sizeof($groups) < $this->limit) {
- $this->reachedEndFor[] = 'groups';
- }
-
- $userGroups = [];
- if (!empty($groups) && $this->shareWithGroupOnly) {
- // Intersect all the groups that match with the groups this user is a member of
- $userGroups = $this->groupManager->getUserGroups($this->userSession->getUser());
- $userGroups = array_map(function (IGroup $group) { return $group->getGID(); }, $userGroups);
- $groups = array_intersect($groups, $userGroups);
- }
-
- foreach ($groups as $gid) {
- if (strtolower($gid) === strtolower($search)) {
- $this->result['exact']['groups'][] = [
- 'label' => $gid,
- 'value' => [
- 'shareType' => Share::SHARE_TYPE_GROUP,
- 'shareWith' => $gid,
- ],
- ];
- } else {
- $this->result['groups'][] = [
- 'label' => $gid,
- 'value' => [
- 'shareType' => Share::SHARE_TYPE_GROUP,
- 'shareWith' => $gid,
- ],
- ];
- }
- }
-
- if ($this->offset === 0 && empty($this->result['exact']['groups'])) {
- // On page one we try if the search result has a direct hit on the
- // user id and if so, we add that to the exact match list
- $group = $this->groupManager->get($search);
- if ($group instanceof IGroup && (!$this->shareWithGroupOnly || in_array($group->getGID(), $userGroups))) {
- array_push($this->result['exact']['groups'], [
- 'label' => $group->getGID(),
- 'value' => [
- 'shareType' => Share::SHARE_TYPE_GROUP,
- 'shareWith' => $group->getGID(),
- ],
- ]);
- }
- }
-
- if (!$this->shareeEnumeration) {
- $this->result['groups'] = [];
- }
- }
-
- /**
- * @param string $search
- * @return array possible sharees
- */
- protected function getRemote($search) {
- $this->result['remotes'] = [];
-
- // Search in contacts
- //@todo Pagination missing
- $addressBookContacts = $this->contactsManager->search($search, ['CLOUD', 'FN']);
- $foundRemoteById = false;
- foreach ($addressBookContacts as $contact) {
- if (isset($contact['isLocalSystemBook'])) {
- continue;
- }
- if (isset($contact['CLOUD'])) {
- $cloudIds = $contact['CLOUD'];
- if (!is_array($cloudIds)) {
- $cloudIds = [$cloudIds];
- }
- foreach ($cloudIds as $cloudId) {
- list(, $serverUrl) = $this->splitUserRemote($cloudId);
- if (strtolower($contact['FN']) === strtolower($search) || strtolower($cloudId) === strtolower($search)) {
- if (strtolower($cloudId) === strtolower($search)) {
- $foundRemoteById = true;
- }
- $this->result['exact']['remotes'][] = [
- 'label' => $contact['FN'],
- 'value' => [
- 'shareType' => Share::SHARE_TYPE_REMOTE,
- 'shareWith' => $cloudId,
- 'server' => $serverUrl,
- ],
- ];
- } else {
- $this->result['remotes'][] = [
- 'label' => $contact['FN'],
- 'value' => [
- 'shareType' => Share::SHARE_TYPE_REMOTE,
- 'shareWith' => $cloudId,
- 'server' => $serverUrl,
- ],
- ];
- }
- }
- }
- }
-
- if (!$this->shareeEnumeration) {
- $this->result['remotes'] = [];
- }
-
- if (!$foundRemoteById && substr_count($search, '@') >= 1 && substr_count($search, ' ') === 0 && $this->offset === 0) {
- $this->result['exact']['remotes'][] = [
- 'label' => $search,
- 'value' => [
- 'shareType' => Share::SHARE_TYPE_REMOTE,
- 'shareWith' => $search,
- ],
- ];
- }
-
- $this->reachedEndFor[] = 'remotes';
- }
-
- /**
- * split user and remote from federated cloud id
- *
- * @param string $address federated share address
- * @return array [user, remoteURL]
- * @throws \Exception
- */
- public function splitUserRemote($address) {
- if (strpos($address, '@') === false) {
- throw new \Exception('Invalid Federated Cloud ID');
- }
-
- // Find the first character that is not allowed in user names
- $id = str_replace('\\', '/', $address);
- $posSlash = strpos($id, '/');
- $posColon = strpos($id, ':');
-
- if ($posSlash === false && $posColon === false) {
- $invalidPos = strlen($id);
- } else if ($posSlash === false) {
- $invalidPos = $posColon;
- } else if ($posColon === false) {
- $invalidPos = $posSlash;
- } else {
- $invalidPos = min($posSlash, $posColon);
- }
-
- // Find the last @ before $invalidPos
- $pos = $lastAtPos = 0;
- while ($lastAtPos !== false && $lastAtPos <= $invalidPos) {
- $pos = $lastAtPos;
- $lastAtPos = strpos($id, '@', $pos + 1);
- }
-
- if ($pos !== false) {
- $user = substr($id, 0, $pos);
- $remote = substr($id, $pos + 1);
- $remote = $this->fixRemoteURL($remote);
- if (!empty($user) && !empty($remote)) {
- return array($user, $remote);
- }
- }
-
- throw new \Exception('Invalid Federated Cloud ID');
- }
-
- /**
- * Strips away a potential file names and trailing slashes:
- * - http://localhost
- * - http://localhost/
- * - http://localhost/index.php
- * - http://localhost/index.php/s/{shareToken}
- *
- * all return: http://localhost
- *
- * @param string $remote
- * @return string
- */
- protected function fixRemoteURL($remote) {
- $remote = str_replace('\\', '/', $remote);
- if ($fileNamePosition = strpos($remote, '/index.php')) {
- $remote = substr($remote, 0, $fileNamePosition);
- }
- $remote = rtrim($remote, '/');
-
- return $remote;
- }
-
- /**
- * @return \OC_OCS_Result
- */
- public function search() {
- $search = isset($_GET['search']) ? (string) $_GET['search'] : '';
- $itemType = isset($_GET['itemType']) ? (string) $_GET['itemType'] : null;
- $page = isset($_GET['page']) ? (int) $_GET['page'] : 1;
- $perPage = isset($_GET['perPage']) ? (int) $_GET['perPage'] : 200;
-
- if ($perPage <= 0) {
- return new \OC_OCS_Result(null, Http::STATUS_BAD_REQUEST, 'Invalid perPage argument');
- }
- if ($page <= 0) {
- return new \OC_OCS_Result(null, Http::STATUS_BAD_REQUEST, 'Invalid page');
- }
-
- $shareTypes = [
- Share::SHARE_TYPE_USER,
- ];
-
- if ($this->shareManager->allowGroupSharing()) {
- $shareTypes[] = Share::SHARE_TYPE_GROUP;
- }
-
- $shareTypes[] = Share::SHARE_TYPE_REMOTE;
-
- if (isset($_GET['shareType']) && is_array($_GET['shareType'])) {
- $shareTypes = array_intersect($shareTypes, $_GET['shareType']);
- sort($shareTypes);
-
- } else if (isset($_GET['shareType']) && is_numeric($_GET['shareType'])) {
- $shareTypes = array_intersect($shareTypes, [(int) $_GET['shareType']]);
- sort($shareTypes);
- }
-
- if (in_array(Share::SHARE_TYPE_REMOTE, $shareTypes) && !$this->isRemoteSharingAllowed($itemType)) {
- // Remove remote shares from type array, because it is not allowed.
- $shareTypes = array_diff($shareTypes, [Share::SHARE_TYPE_REMOTE]);
- }
-
- $this->shareWithGroupOnly = $this->config->getAppValue('core', 'shareapi_only_share_with_group_members', 'no') === 'yes';
- $this->shareeEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
- $this->limit = (int) $perPage;
- $this->offset = $perPage * ($page - 1);
-
- return $this->searchSharees($search, $itemType, $shareTypes, $page, $perPage);
- }
-
- /**
- * Method to get out the static call for better testing
- *
- * @param string $itemType
- * @return bool
- */
- protected function isRemoteSharingAllowed($itemType) {
- try {
- $backend = Share::getBackend($itemType);
- return $backend->isShareTypeAllowed(Share::SHARE_TYPE_REMOTE);
- } catch (\Exception $e) {
- return false;
- }
- }
-
- /**
- * Testable search function that does not need globals
- *
- * @param string $search
- * @param string $itemType
- * @param array $shareTypes
- * @param int $page
- * @param int $perPage
- * @return \OC_OCS_Result
- */
- protected function searchSharees($search, $itemType, array $shareTypes, $page, $perPage) {
- // Verify arguments
- if ($itemType === null) {
- return new \OC_OCS_Result(null, Http::STATUS_BAD_REQUEST, 'Missing itemType');
- }
-
- // Get users
- if (in_array(Share::SHARE_TYPE_USER, $shareTypes)) {
- $this->getUsers($search);
- }
-
- // Get groups
- if (in_array(Share::SHARE_TYPE_GROUP, $shareTypes)) {
- $this->getGroups($search);
- }
-
- // Get remote
- if (in_array(Share::SHARE_TYPE_REMOTE, $shareTypes)) {
- $this->getRemote($search);
- }
-
- $response = new \OC_OCS_Result($this->result);
- $response->setItemsPerPage($perPage);
-
- if (sizeof($this->reachedEndFor) < 3) {
- $response->addHeader('Link', $this->getPaginationLink($page, [
- 'search' => $search,
- 'itemType' => $itemType,
- 'shareType' => $shareTypes,
- 'perPage' => $perPage,
- ]));
- }
-
- return $response;
- }
-
- /**
- * Generates a bunch of pagination links for the current page
- *
- * @param int $page Current page
- * @param array $params Parameters for the URL
- * @return string
- */
- protected function getPaginationLink($page, array $params) {
- if ($this->isV2()) {
- $url = $this->urlGenerator->getAbsoluteURL('/ocs/v2.php/apps/files_sharing/api/v1/sharees') . '?';
- } else {
- $url = $this->urlGenerator->getAbsoluteURL('/ocs/v1.php/apps/files_sharing/api/v1/sharees') . '?';
- }
- $params['page'] = $page + 1;
- $link = '<' . $url . http_build_query($params) . '>; rel="next"';
-
- return $link;
- }
-
- /**
- * @return bool
- */
- protected function isV2() {
- return $this->request->getScriptName() === '/ocs/v2.php';
- }
-}