diff options
Diffstat (limited to 'apps/files_sharing/lib/Controller/ShareInfoController.php')
| -rw-r--r-- | apps/files_sharing/lib/Controller/ShareInfoController.php | 135 |
1 files changed, 69 insertions, 66 deletions
diff --git a/apps/files_sharing/lib/Controller/ShareInfoController.php b/apps/files_sharing/lib/Controller/ShareInfoController.php index 28bfcd12c24..b7e79aec830 100644 --- a/apps/files_sharing/lib/Controller/ShareInfoController.php +++ b/apps/files_sharing/lib/Controller/ShareInfoController.php @@ -1,46 +1,33 @@ <?php + /** - * - * - * @author Morris Jobke <hey@morrisjobke.de> - * @author Roeland Jago Douma <roeland@famdouma.nl> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * + * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later */ namespace OCA\Files_Sharing\Controller; use OCA\Files_External\NotFoundException; +use OCA\Files_Sharing\ResponseDefinitions; use OCP\AppFramework\ApiController; use OCP\AppFramework\Http; +use OCP\AppFramework\Http\Attribute\BruteForceProtection; +use OCP\AppFramework\Http\Attribute\NoCSRFRequired; +use OCP\AppFramework\Http\Attribute\OpenAPI; +use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Http\JSONResponse; use OCP\Constants; use OCP\Files\File; use OCP\Files\Folder; use OCP\Files\Node; -use OCP\ILogger; use OCP\IRequest; use OCP\Share\Exceptions\ShareNotFound; use OCP\Share\IManager; +/** + * @psalm-import-type Files_SharingShareInfo from ResponseDefinitions + */ class ShareInfoController extends ApiController { - /** @var IManager */ - private $shareManager; - /** * ShareInfoController constructor. * @@ -48,82 +35,107 @@ class ShareInfoController extends ApiController { * @param IRequest $request * @param IManager $shareManager */ - public function __construct($appName, - IRequest $request, - IManager $shareManager) { + public function __construct( + string $appName, + IRequest $request, + private IManager $shareManager, + ) { parent::__construct($appName, $request); - - $this->shareManager = $shareManager; } /** - * @PublicPage - * @NoCSRFRequired + * Get the info about a share + * + * @param string $t Token of the share + * @param string|null $password Password of the share + * @param string|null $dir Subdirectory to get info about + * @param int $depth Maximum depth to get info about + * @return JSONResponse<Http::STATUS_OK, Files_SharingShareInfo, array{}>|JSONResponse<Http::STATUS_FORBIDDEN|Http::STATUS_NOT_FOUND, list<empty>, array{}> * - * @param string $t - * @param null $password - * @param null $dir - * @return JSONResponse - * @throws ShareNotFound + * 200: Share info returned + * 403: Getting share info is not allowed + * 404: Share not found */ - public function info($t, $password = null, $dir = null) { + #[PublicPage] + #[NoCSRFRequired] + #[BruteForceProtection(action: 'shareinfo')] + #[OpenAPI(scope: OpenAPI::SCOPE_DEFAULT)] + public function info(string $t, ?string $password = null, ?string $dir = null, int $depth = -1): JSONResponse { try { $share = $this->shareManager->getShareByToken($t); } catch (ShareNotFound $e) { - return new JSONResponse([], Http::STATUS_NOT_FOUND); + $response = new JSONResponse([], Http::STATUS_NOT_FOUND); + $response->throttle(['token' => $t]); + return $response; } if ($share->getPassword() && !$this->shareManager->checkPassword($share, $password)) { - return new JSONResponse([], Http::STATUS_FORBIDDEN); + $response = new JSONResponse([], Http::STATUS_FORBIDDEN); + $response->throttle(['token' => $t]); + return $response; } if (!($share->getPermissions() & Constants::PERMISSION_READ)) { - return new JSONResponse([], Http::STATUS_FORBIDDEN); - } - - $isWritable = $share->getPermissions() & (\OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_CREATE); - if (!$isWritable) { - $this->addROWrapper(); + $response = new JSONResponse([], Http::STATUS_FORBIDDEN); + $response->throttle(['token' => $t]); + return $response; } + $permissionMask = $share->getPermissions(); $node = $share->getNode(); if ($dir !== null && $node instanceof Folder) { try { $node = $node->get($dir); } catch (NotFoundException $e) { - } } - return new JSONResponse($this->parseNode($node)); + return new JSONResponse($this->parseNode($node, $permissionMask, $depth)); } - private function parseNode(Node $node) { + /** + * @return Files_SharingShareInfo + */ + private function parseNode(Node $node, int $permissionMask, int $depth): array { if ($node instanceof File) { - return $this->parseFile($node); + return $this->parseFile($node, $permissionMask); } - return $this->parseFolder($node); + /** @var Folder $node */ + return $this->parseFolder($node, $permissionMask, $depth); } - private function parseFile(File $file) { - return $this->format($file); + /** + * @return Files_SharingShareInfo + */ + private function parseFile(File $file, int $permissionMask): array { + return $this->format($file, $permissionMask); } - private function parseFolder(Folder $folder) { - $data = $this->format($folder); + /** + * @return Files_SharingShareInfo + */ + private function parseFolder(Folder $folder, int $permissionMask, int $depth): array { + $data = $this->format($folder, $permissionMask); + + if ($depth === 0) { + return $data; + } $data['children'] = []; $nodes = $folder->getDirectoryListing(); foreach ($nodes as $node) { - $data['children'][] = $this->parseNode($node); + $data['children'][] = $this->parseNode($node, $permissionMask, $depth <= -1 ? -1 : $depth - 1); } return $data; } - private function format(Node $node) { + /** + * @return Files_SharingShareInfo + */ + private function format(Node $node, int $permissionMask): array { $entry = []; $entry['id'] = $node->getId(); @@ -131,7 +143,7 @@ class ShareInfoController extends ApiController { $entry['mtime'] = $node->getMTime(); $entry['name'] = $node->getName(); - $entry['permissions'] = $node->getPermissions(); + $entry['permissions'] = $node->getPermissions() & $permissionMask; $entry['mimetype'] = $node->getMimetype(); $entry['size'] = $node->getSize(); $entry['type'] = $node->getType(); @@ -139,13 +151,4 @@ class ShareInfoController extends ApiController { return $entry; } - - protected function addROWrapper() { - // FIXME: should not add storage wrappers outside of preSetup, need to find a better way - $previousLog = \OC\Files\Filesystem::logWarningWhenAddingStorageWrapper(false); - \OC\Files\Filesystem::addStorageWrapper('readonly', function ($mountPoint, $storage) { - return new \OC\Files\Storage\Wrapper\PermissionsMask(array('storage' => $storage, 'mask' => \OCP\Constants::PERMISSION_READ + \OCP\Constants::PERMISSION_SHARE)); - }); - \OC\Files\Filesystem::logWarningWhenAddingStorageWrapper($previousLog); - } } |