aboutsummaryrefslogtreecommitdiffstats
path: root/apps/files_sharing/lib/Controller
diff options
context:
space:
mode:
Diffstat (limited to 'apps/files_sharing/lib/Controller')
-rw-r--r--apps/files_sharing/lib/Controller/DeletedShareAPIController.php2
-rw-r--r--apps/files_sharing/lib/Controller/ShareAPIController.php49
-rw-r--r--apps/files_sharing/lib/Controller/ShareesAPIController.php11
3 files changed, 50 insertions, 12 deletions
diff --git a/apps/files_sharing/lib/Controller/DeletedShareAPIController.php b/apps/files_sharing/lib/Controller/DeletedShareAPIController.php
index 8d93afa4e04..fcd33bd88e6 100644
--- a/apps/files_sharing/lib/Controller/DeletedShareAPIController.php
+++ b/apps/files_sharing/lib/Controller/DeletedShareAPIController.php
@@ -38,7 +38,7 @@ class DeletedShareAPIController extends OCSController {
string $appName,
IRequest $request,
private ShareManager $shareManager,
- private string $userId,
+ private ?string $userId,
private IUserManager $userManager,
private IGroupManager $groupManager,
private IRootFolder $rootFolder,
diff --git a/apps/files_sharing/lib/Controller/ShareAPIController.php b/apps/files_sharing/lib/Controller/ShareAPIController.php
index 6e796ed7f21..d2412dd78c2 100644
--- a/apps/files_sharing/lib/Controller/ShareAPIController.php
+++ b/apps/files_sharing/lib/Controller/ShareAPIController.php
@@ -21,6 +21,7 @@ use OCA\Files_Sharing\SharedStorage;
use OCA\GlobalSiteSelector\Service\SlaveService;
use OCP\App\IAppManager;
use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\ApiRoute;
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
use OCP\AppFramework\Http\Attribute\UserRateLimit;
use OCP\AppFramework\Http\DataResponse;
@@ -52,6 +53,7 @@ use OCP\Lock\LockedException;
use OCP\Mail\IMailer;
use OCP\Server;
use OCP\Share\Exceptions\ShareNotFound;
+use OCP\Share\Exceptions\ShareTokenException;
use OCP\Share\IManager;
use OCP\Share\IProviderFactory;
use OCP\Share\IShare;
@@ -1167,6 +1169,7 @@ class ShareAPIController extends OCSController {
* Considering the share already exists, no mail will be send after the share is updated.
* You will have to use the sendMail action to send the mail.
* @param string|null $shareWith New recipient for email shares
+ * @param string|null $token New token
* @return DataResponse<Http::STATUS_OK, Files_SharingShare, array{}>
* @throws OCSBadRequestException Share could not be updated because the requested changes are invalid
* @throws OCSForbiddenException Missing permissions to update the share
@@ -1187,6 +1190,7 @@ class ShareAPIController extends OCSController {
?string $hideDownload = null,
?string $attributes = null,
?string $sendMail = null,
+ ?string $token = null,
): DataResponse {
try {
$share = $this->getShareById($id);
@@ -1214,7 +1218,8 @@ class ShareAPIController extends OCSController {
$label === null &&
$hideDownload === null &&
$attributes === null &&
- $sendMail === null
+ $sendMail === null &&
+ $token === null
) {
throw new OCSBadRequestException($this->l->t('Wrong or no update parameter given'));
}
@@ -1327,6 +1332,16 @@ class ShareAPIController extends OCSController {
} elseif ($sendPasswordByTalk !== null) {
$share->setSendPasswordByTalk(false);
}
+
+ if ($token !== null) {
+ if (!$this->shareManager->allowCustomTokens()) {
+ throw new OCSForbiddenException($this->l->t('Custom share link tokens have been disabled by the administrator'));
+ }
+ if (!$this->validateToken($token)) {
+ throw new OCSBadRequestException($this->l->t('Tokens must contain at least 1 character and may only contain letters, numbers, or a hyphen'));
+ }
+ $share->setToken($token);
+ }
}
// NOT A LINK SHARE
@@ -1360,6 +1375,16 @@ class ShareAPIController extends OCSController {
return new DataResponse($this->formatShare($share));
}
+ private function validateToken(string $token): bool {
+ if (mb_strlen($token) === 0) {
+ return false;
+ }
+ if (!preg_match('/^[a-z0-9-]+$/i', $token)) {
+ return false;
+ }
+ return true;
+ }
+
/**
* Get all shares that are still pending
*
@@ -2155,4 +2180,26 @@ class ShareAPIController extends OCSController {
throw new OCSNotFoundException($this->l->t('Wrong share ID, share does not exist'));
}
}
+
+ /**
+ * Get a unique share token
+ *
+ * @throws OCSException Failed to generate a unique token
+ *
+ * @return DataResponse<Http::STATUS_OK, array{token: string}, array{}>
+ *
+ * 200: Token generated successfully
+ */
+ #[ApiRoute(verb: 'GET', url: '/api/v1/token')]
+ #[NoAdminRequired]
+ public function generateToken(): DataResponse {
+ try {
+ $token = $this->shareManager->generateToken();
+ return new DataResponse([
+ 'token' => $token,
+ ]);
+ } catch (ShareTokenException $e) {
+ throw new OCSException($this->l->t('Failed to generate a unique token'));
+ }
+ }
}
diff --git a/apps/files_sharing/lib/Controller/ShareesAPIController.php b/apps/files_sharing/lib/Controller/ShareesAPIController.php
index 3a04dda72a1..9a9e94a7ee2 100644
--- a/apps/files_sharing/lib/Controller/ShareesAPIController.php
+++ b/apps/files_sharing/lib/Controller/ShareesAPIController.php
@@ -66,19 +66,10 @@ class ShareesAPIController extends OCSController {
protected $reachedEndFor = [];
- /**
- * @param string $UserId
- * @param string $appName
- * @param IRequest $request
- * @param IConfig $config
- * @param IURLGenerator $urlGenerator
- * @param IManager $shareManager
- * @param ISearch $collaboratorSearch
- */
public function __construct(
string $appName,
IRequest $request,
- protected string $userId,
+ protected ?string $userId,
protected IConfig $config,
protected IURLGenerator $urlGenerator,
protected IManager $shareManager,
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-01 06:20:15 +0000