aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Share20
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/Share20')
-rw-r--r--lib/private/Share20/DefaultShareProvider.php2
-rw-r--r--lib/private/Share20/Exception/BackendError.php1
-rw-r--r--lib/private/Share20/Exception/InvalidShare.php1
-rw-r--r--lib/private/Share20/LegacyHooks.php7
-rw-r--r--lib/private/Share20/Manager.php70
-rw-r--r--lib/private/Share20/ProviderFactory.php6
-rw-r--r--lib/private/Share20/Share.php25
-rw-r--r--lib/private/Share20/ShareAttributes.php4
-rw-r--r--lib/private/Share20/ShareHelper.php1
9 files changed, 74 insertions, 43 deletions
diff --git a/lib/private/Share20/DefaultShareProvider.php b/lib/private/Share20/DefaultShareProvider.php
index e1eebe1e450..a2c0fd15eb4 100644
--- a/lib/private/Share20/DefaultShareProvider.php
+++ b/lib/private/Share20/DefaultShareProvider.php
@@ -284,7 +284,7 @@ class DefaultShareProvider implements IShareProviderWithNotification, IShareProv
->set('expiration', $qb->createNamedParameter($expirationDate, IQueryBuilder::PARAM_DATETIME_MUTABLE))
->set('note', $qb->createNamedParameter($share->getNote()))
->set('label', $qb->createNamedParameter($share->getLabel()))
- ->set('hide_download', $qb->createNamedParameter($share->getHideDownload() ? 1 : 0), IQueryBuilder::PARAM_INT)
+ ->set('hide_download', $qb->createNamedParameter($share->getHideDownload() ? 1 : 0, IQueryBuilder::PARAM_INT))
->executeStatement();
}
diff --git a/lib/private/Share20/Exception/BackendError.php b/lib/private/Share20/Exception/BackendError.php
index 60f7dcc1a17..b2585367727 100644
--- a/lib/private/Share20/Exception/BackendError.php
+++ b/lib/private/Share20/Exception/BackendError.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
diff --git a/lib/private/Share20/Exception/InvalidShare.php b/lib/private/Share20/Exception/InvalidShare.php
index 755efdfd2cc..8756455f9d2 100644
--- a/lib/private/Share20/Exception/InvalidShare.php
+++ b/lib/private/Share20/Exception/InvalidShare.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
diff --git a/lib/private/Share20/LegacyHooks.php b/lib/private/Share20/LegacyHooks.php
index 99c2b0a9a87..3bce0b9560a 100644
--- a/lib/private/Share20/LegacyHooks.php
+++ b/lib/private/Share20/LegacyHooks.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
@@ -69,9 +70,9 @@ class LegacyHooks {
// Prepare hook
$shareType = $share->getShareType();
$sharedWith = '';
- if ($shareType === IShare::TYPE_USER ||
- $shareType === IShare::TYPE_GROUP ||
- $shareType === IShare::TYPE_REMOTE) {
+ if ($shareType === IShare::TYPE_USER
+ || $shareType === IShare::TYPE_GROUP
+ || $shareType === IShare::TYPE_REMOTE) {
$sharedWith = $share->getSharedWith();
}
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php
index 2104c07593a..9bfa810b108 100644
--- a/lib/private/Share20/Manager.php
+++ b/lib/private/Share20/Manager.php
@@ -12,6 +12,7 @@ use OC\KnownUser\KnownUserService;
use OC\Share20\Exception\ProviderException;
use OCA\Files_Sharing\AppInfo\Application;
use OCA\Files_Sharing\SharedStorage;
+use OCA\ShareByMail\ShareByMailProvider;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\Files\File;
use OCP\Files\Folder;
@@ -182,8 +183,8 @@ class Manager implements IManager {
}
// Cannot share with yourself
- if ($share->getShareType() === IShare::TYPE_USER &&
- $share->getSharedWith() === $share->getSharedBy()) {
+ if ($share->getShareType() === IShare::TYPE_USER
+ && $share->getSharedWith() === $share->getSharedBy()) {
throw new \InvalidArgumentException($this->l->t('Cannot share with yourself'));
}
@@ -193,8 +194,8 @@ class Manager implements IManager {
}
// And it should be a file or a folder
- if (!($share->getNode() instanceof \OCP\Files\File) &&
- !($share->getNode() instanceof \OCP\Files\Folder)) {
+ if (!($share->getNode() instanceof \OCP\Files\File)
+ && !($share->getNode() instanceof \OCP\Files\Folder)) {
throw new \InvalidArgumentException($this->l->t('Shared path must be either a file or a folder'));
}
@@ -251,8 +252,8 @@ class Manager implements IManager {
// Link shares are allowed to have no read permissions to allow upload to hidden folders
$noReadPermissionRequired = $share->getShareType() === IShare::TYPE_LINK
|| $share->getShareType() === IShare::TYPE_EMAIL;
- if (!$noReadPermissionRequired &&
- ($share->getPermissions() & \OCP\Constants::PERMISSION_READ) === 0) {
+ if (!$noReadPermissionRequired
+ && ($share->getPermissions() & \OCP\Constants::PERMISSION_READ) === 0) {
throw new \InvalidArgumentException($this->l->t('Shares need at least read permissions'));
}
@@ -561,8 +562,8 @@ class Manager implements IManager {
}
// Check if public upload is allowed
- if ($share->getNodeType() === 'folder' && !$this->shareApiLinkAllowPublicUpload() &&
- ($share->getPermissions() & (\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE))) {
+ if ($share->getNodeType() === 'folder' && !$this->shareApiLinkAllowPublicUpload()
+ && ($share->getPermissions() & (\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE))) {
throw new \InvalidArgumentException($this->l->t('Public upload is not allowed'));
}
}
@@ -698,8 +699,8 @@ class Manager implements IManager {
}
// Cannot share with the owner
- if ($share->getShareType() === IShare::TYPE_USER &&
- $share->getSharedWith() === $share->getShareOwner()) {
+ if ($share->getShareType() === IShare::TYPE_USER
+ && $share->getSharedWith() === $share->getShareOwner()) {
throw new \InvalidArgumentException($this->l->t('Cannot share with the share owner'));
}
@@ -791,14 +792,14 @@ class Manager implements IManager {
}
// We can only change the recipient on user shares
- if ($share->getSharedWith() !== $originalShare->getSharedWith() &&
- $share->getShareType() !== IShare::TYPE_USER) {
+ if ($share->getSharedWith() !== $originalShare->getSharedWith()
+ && $share->getShareType() !== IShare::TYPE_USER) {
throw new \InvalidArgumentException($this->l->t('Can only update recipient on user shares'));
}
// Cannot share with the owner
- if ($share->getShareType() === IShare::TYPE_USER &&
- $share->getSharedWith() === $share->getShareOwner()) {
+ if ($share->getShareType() === IShare::TYPE_USER
+ && $share->getSharedWith() === $share->getShareOwner()) {
throw new \InvalidArgumentException($this->l->t('Cannot share with the share owner'));
}
@@ -869,6 +870,7 @@ class Manager implements IManager {
// Now update the share!
$provider = $this->factory->getProviderForType($share->getShareType());
if ($share->getShareType() === IShare::TYPE_EMAIL) {
+ /** @var ShareByMailProvider $provider */
$share = $provider->update($share, $plainTextPassword);
} else {
$share = $provider->update($share);
@@ -949,11 +951,11 @@ class Manager implements IManager {
* @return boolean whether the password was updated or not.
*/
private function updateSharePasswordIfNeeded(IShare $share, IShare $originalShare) {
- $passwordsAreDifferent = ($share->getPassword() !== $originalShare->getPassword()) &&
- (($share->getPassword() !== null && $originalShare->getPassword() === null) ||
- ($share->getPassword() === null && $originalShare->getPassword() !== null) ||
- ($share->getPassword() !== null && $originalShare->getPassword() !== null &&
- !$this->hasher->verify($share->getPassword(), $originalShare->getPassword())));
+ $passwordsAreDifferent = ($share->getPassword() !== $originalShare->getPassword())
+ && (($share->getPassword() !== null && $originalShare->getPassword() === null)
+ || ($share->getPassword() === null && $originalShare->getPassword() !== null)
+ || ($share->getPassword() !== null && $originalShare->getPassword() !== null
+ && !$this->hasher->verify($share->getPassword(), $originalShare->getPassword())));
// Password updated.
if ($passwordsAreDifferent) {
@@ -1237,9 +1239,9 @@ class Manager implements IManager {
* @inheritdoc
*/
public function getSharesBy($userId, $shareType, $path = null, $reshares = false, $limit = 50, $offset = 0, bool $onlyValid = true) {
- if ($path !== null &&
- !($path instanceof \OCP\Files\File) &&
- !($path instanceof \OCP\Files\Folder)) {
+ if ($path !== null
+ && !($path instanceof \OCP\Files\File)
+ && !($path instanceof \OCP\Files\Folder)) {
throw new \InvalidArgumentException($this->l->t('Invalid path'));
}
@@ -1798,8 +1800,8 @@ class Manager implements IManager {
* @return bool
*/
public function shareApiLinkDefaultExpireDateEnforced() {
- return $this->shareApiLinkDefaultExpireDate() &&
- $this->config->getAppValue('core', 'shareapi_enforce_expire_date', 'no') === 'yes';
+ return $this->shareApiLinkDefaultExpireDate()
+ && $this->config->getAppValue('core', 'shareapi_enforce_expire_date', 'no') === 'yes';
}
@@ -1836,8 +1838,8 @@ class Manager implements IManager {
* @return bool
*/
public function shareApiInternalDefaultExpireDateEnforced(): bool {
- return $this->shareApiInternalDefaultExpireDate() &&
- $this->config->getAppValue('core', 'shareapi_enforce_internal_expire_date', 'no') === 'yes';
+ return $this->shareApiInternalDefaultExpireDate()
+ && $this->config->getAppValue('core', 'shareapi_enforce_internal_expire_date', 'no') === 'yes';
}
/**
@@ -1846,8 +1848,8 @@ class Manager implements IManager {
* @return bool
*/
public function shareApiRemoteDefaultExpireDateEnforced(): bool {
- return $this->shareApiRemoteDefaultExpireDate() &&
- $this->config->getAppValue('core', 'shareapi_enforce_remote_expire_date', 'no') === 'yes';
+ return $this->shareApiRemoteDefaultExpireDate()
+ && $this->config->getAppValue('core', 'shareapi_enforce_remote_expire_date', 'no') === 'yes';
}
/**
@@ -1915,13 +1917,13 @@ class Manager implements IManager {
}
public function limitEnumerationToGroups(): bool {
- return $this->allowEnumeration() &&
- $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
+ return $this->allowEnumeration()
+ && $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
}
public function limitEnumerationToPhone(): bool {
- return $this->allowEnumeration() &&
- $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
+ return $this->allowEnumeration()
+ && $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
}
public function allowEnumerationFullMatch(): bool {
@@ -1940,6 +1942,10 @@ class Manager implements IManager {
return $this->appConfig->getValueBool('core', 'shareapi_allow_custom_tokens', false);
}
+ public function allowViewWithoutDownload(): bool {
+ return $this->appConfig->getValueBool('core', 'shareapi_allow_view_without_download', true);
+ }
+
public function currentUserCanEnumerateTargetUser(?IUser $currentUser, IUser $targetUser): bool {
if ($this->allowEnumerationFullMatch()) {
return true;
diff --git a/lib/private/Share20/ProviderFactory.php b/lib/private/Share20/ProviderFactory.php
index eba3f4f26f1..d920edfd90e 100644
--- a/lib/private/Share20/ProviderFactory.php
+++ b/lib/private/Share20/ProviderFactory.php
@@ -174,9 +174,9 @@ class ProviderFactory implements IProviderFactory {
public function getProviderForType($shareType) {
$provider = null;
- if ($shareType === IShare::TYPE_USER ||
- $shareType === IShare::TYPE_GROUP ||
- $shareType === IShare::TYPE_LINK
+ if ($shareType === IShare::TYPE_USER
+ || $shareType === IShare::TYPE_GROUP
+ || $shareType === IShare::TYPE_LINK
) {
$provider = $this->defaultShareProvider();
} elseif ($shareType === IShare::TYPE_REMOTE || $shareType === IShare::TYPE_REMOTE_GROUP) {
diff --git a/lib/private/Share20/Share.php b/lib/private/Share20/Share.php
index 466817efc9a..8caabb0898a 100644
--- a/lib/private/Share20/Share.php
+++ b/lib/private/Share20/Share.php
@@ -14,8 +14,10 @@ use OCP\Files\IRootFolder;
use OCP\Files\Node;
use OCP\Files\NotFoundException;
use OCP\IUserManager;
+use OCP\Server;
use OCP\Share\Exceptions\IllegalIDChangeException;
use OCP\Share\IAttributes;
+use OCP\Share\IManager;
use OCP\Share\IShare;
class Share implements IShare {
@@ -418,8 +420,8 @@ class Share implements IShare {
* @inheritdoc
*/
public function isExpired() {
- return $this->getExpirationDate() !== null &&
- $this->getExpirationDate() <= new \DateTime();
+ return $this->getExpirationDate() !== null
+ && $this->getExpirationDate() <= new \DateTime();
}
/**
@@ -622,4 +624,23 @@ class Share implements IShare {
public function getReminderSent(): bool {
return $this->reminderSent;
}
+
+ public function canSeeContent(): bool {
+ $shareManager = Server::get(IManager::class);
+
+ $allowViewWithoutDownload = $shareManager->allowViewWithoutDownload();
+ // If the share manager allows viewing without download, we can always see the content.
+ if ($allowViewWithoutDownload) {
+ return true;
+ }
+
+ // No "allow preview" header set, so we must check if
+ // the share has not explicitly disabled download permissions
+ $attributes = $this->getAttributes();
+ if ($attributes?->getAttribute('permissions', 'download') === false) {
+ return false;
+ }
+
+ return true;
+ }
}
diff --git a/lib/private/Share20/ShareAttributes.php b/lib/private/Share20/ShareAttributes.php
index 96da1e336e3..f90fbd9c6cd 100644
--- a/lib/private/Share20/ShareAttributes.php
+++ b/lib/private/Share20/ShareAttributes.php
@@ -32,8 +32,8 @@ class ShareAttributes implements IAttributes {
* @inheritdoc
*/
public function getAttribute(string $scope, string $key): mixed {
- if (\array_key_exists($scope, $this->attributes) &&
- \array_key_exists($key, $this->attributes[$scope])) {
+ if (\array_key_exists($scope, $this->attributes)
+ && \array_key_exists($key, $this->attributes[$scope])) {
return $this->attributes[$scope][$key];
}
return null;
diff --git a/lib/private/Share20/ShareHelper.php b/lib/private/Share20/ShareHelper.php
index d4a54f1d687..3f6bab98a7f 100644
--- a/lib/private/Share20/ShareHelper.php
+++ b/lib/private/Share20/ShareHelper.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later