diff options
Diffstat (limited to 'apps/files_sharing/lib')
| -rw-r--r-- | apps/files_sharing/lib/controllers/externalsharescontroller.php | 25 | ||||
| -rw-r--r-- | apps/files_sharing/lib/exceptions/brokenpath.php (renamed from apps/files_sharing/lib/exceptions.php) | 0 | ||||
| -rw-r--r-- | apps/files_sharing/lib/exceptions/s2sexception.php | 26 | ||||
| -rw-r--r-- | apps/files_sharing/lib/middleware/sharingcheckmiddleware.php | 38 |
4 files changed, 69 insertions, 20 deletions
diff --git a/apps/files_sharing/lib/controllers/externalsharescontroller.php b/apps/files_sharing/lib/controllers/externalsharescontroller.php index 6eb9d3c13d9..1b8351da420 100644 --- a/apps/files_sharing/lib/controllers/externalsharescontroller.php +++ b/apps/files_sharing/lib/controllers/externalsharescontroller.php @@ -36,8 +36,6 @@ use OCP\AppFramework\Http\DataResponse; */ class ExternalSharesController extends Controller { - /** @var bool */ - private $incomingShareEnabled; /** @var \OCA\Files_Sharing\External\Manager */ private $externalManager; /** @var IClientService */ @@ -52,53 +50,44 @@ class ExternalSharesController extends Controller { */ public function __construct($appName, IRequest $request, - $incomingShareEnabled, \OCA\Files_Sharing\External\Manager $externalManager, IClientService $clientService) { parent::__construct($appName, $request); - $this->incomingShareEnabled = $incomingShareEnabled; $this->externalManager = $externalManager; $this->clientService = $clientService; } /** * @NoAdminRequired + * @NoOutgoingFederatedSharingRequired * * @return JSONResponse */ public function index() { - $shares = []; - if ($this->incomingShareEnabled) { - $shares = $this->externalManager->getOpenShares(); - } - return new JSONResponse($shares); + return new JSONResponse($this->externalManager->getOpenShares()); } /** * @NoAdminRequired + * @NoOutgoingFederatedSharingRequired * * @param int $id * @return JSONResponse */ public function create($id) { - if ($this->incomingShareEnabled) { - $this->externalManager->acceptShare($id); - } - + $this->externalManager->acceptShare($id); return new JSONResponse(); } /** * @NoAdminRequired + * @NoOutgoingFederatedSharingRequired * * @param $id * @return JSONResponse */ public function destroy($id) { - if ($this->incomingShareEnabled) { - $this->externalManager->declineShare($id); - } - + $this->externalManager->declineShare($id); return new JSONResponse(); } @@ -127,6 +116,8 @@ class ExternalSharesController extends Controller { /** * @PublicPage + * @NoOutgoingFederatedSharingRequired + * @NoIncomingFederatedSharingRequired * * @param string $remote * @return DataResponse diff --git a/apps/files_sharing/lib/exceptions.php b/apps/files_sharing/lib/exceptions/brokenpath.php index 71fe93f8e92..71fe93f8e92 100644 --- a/apps/files_sharing/lib/exceptions.php +++ b/apps/files_sharing/lib/exceptions/brokenpath.php diff --git a/apps/files_sharing/lib/exceptions/s2sexception.php b/apps/files_sharing/lib/exceptions/s2sexception.php new file mode 100644 index 00000000000..7f5557f8cd3 --- /dev/null +++ b/apps/files_sharing/lib/exceptions/s2sexception.php @@ -0,0 +1,26 @@ +<?php +/** + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_Sharing\Exceptions; + +/** + * S2S sharing not allowed + */ +class S2SException extends \Exception { +} diff --git a/apps/files_sharing/lib/middleware/sharingcheckmiddleware.php b/apps/files_sharing/lib/middleware/sharingcheckmiddleware.php index f51399b76a8..942efc0483e 100644 --- a/apps/files_sharing/lib/middleware/sharingcheckmiddleware.php +++ b/apps/files_sharing/lib/middleware/sharingcheckmiddleware.php @@ -29,6 +29,9 @@ use OCP\AppFramework\Middleware; use OCP\AppFramework\Http\TemplateResponse; use OCP\Files\NotFoundException; use OCP\IConfig; +use OCP\AppFramework\Utility\IControllerMethodReflector; +use OCA\Files_Sharing\Exceptions\S2SException; +use OCP\AppFramework\Http\JSONResponse; /** * Checks whether the "sharing check" is enabled @@ -43,6 +46,8 @@ class SharingCheckMiddleware extends Middleware { protected $config; /** @var IAppManager */ protected $appManager; + /** @var IControllerMethodReflector */ + protected $reflector; /*** * @param string $appName @@ -51,10 +56,13 @@ class SharingCheckMiddleware extends Middleware { */ public function __construct($appName, IConfig $config, - IAppManager $appManager) { + IAppManager $appManager, + IControllerMethodReflector $reflector + ) { $this->appName = $appName; $this->config = $config; $this->appManager = $appManager; + $this->reflector = $reflector; } /** @@ -69,8 +77,9 @@ class SharingCheckMiddleware extends Middleware { throw new NotFoundException('Sharing is disabled.'); } - if ($controller instanceof \OCA\Files_Sharing\Controllers\ExternalSharesController) { - //TODO: Proper checks + if ($controller instanceof \OCA\Files_Sharing\Controllers\ExternalSharesController && + !$this->externalSharesChecks()) { + throw new S2SException('Federated sharing not allowed'); } else if ($controller instanceof \OCA\Files_Sharing\Controllers\ShareController && !$this->isLinkSharingEnabled()) { throw new NotFoundException('Link sharing is disabled'); @@ -91,10 +100,33 @@ class SharingCheckMiddleware extends Middleware { return new NotFoundResponse(); } + if (is_a($exception, '\OCA\Files_Sharing\Exceptions\S2SException')) { + return new JSONResponse($exception->getMessage(), 405); + } + throw $exception; } /** + * Checks for externalshares controller + * @return bool + */ + private function externalSharesChecks() { + + if (!$this->reflector->hasAnnotation('NoIncomingFederatedSharingRequired') && + $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') !== 'yes') { + return false; + } + + if (!$this->reflector->hasAnnotation('NoOutgoingFederatedSharingRequired') && + $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') !== 'yes') { + return false; + } + + return true; + } + + /** * Check whether sharing is enabled * @return bool */ |