aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Share20
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/Share20')
-rw-r--r--lib/private/Share20/Exception/BackendError.php1
-rw-r--r--lib/private/Share20/Exception/InvalidShare.php1
-rw-r--r--lib/private/Share20/LegacyHooks.php7
-rw-r--r--lib/private/Share20/Manager.php68
-rw-r--r--lib/private/Share20/ProviderFactory.php6
-rw-r--r--lib/private/Share20/Share.php25
-rw-r--r--lib/private/Share20/ShareAttributes.php4
-rw-r--r--lib/private/Share20/ShareHelper.php1
8 files changed, 71 insertions, 42 deletions
diff --git a/lib/private/Share20/Exception/BackendError.php b/lib/private/Share20/Exception/BackendError.php
index 60f7dcc1a17..b2585367727 100644
--- a/lib/private/Share20/Exception/BackendError.php
+++ b/lib/private/Share20/Exception/BackendError.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
diff --git a/lib/private/Share20/Exception/InvalidShare.php b/lib/private/Share20/Exception/InvalidShare.php
index 755efdfd2cc..8756455f9d2 100644
--- a/lib/private/Share20/Exception/InvalidShare.php
+++ b/lib/private/Share20/Exception/InvalidShare.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
diff --git a/lib/private/Share20/LegacyHooks.php b/lib/private/Share20/LegacyHooks.php
index 99c2b0a9a87..3bce0b9560a 100644
--- a/lib/private/Share20/LegacyHooks.php
+++ b/lib/private/Share20/LegacyHooks.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
@@ -69,9 +70,9 @@ class LegacyHooks {
// Prepare hook
$shareType = $share->getShareType();
$sharedWith = '';
- if ($shareType === IShare::TYPE_USER ||
- $shareType === IShare::TYPE_GROUP ||
- $shareType === IShare::TYPE_REMOTE) {
+ if ($shareType === IShare::TYPE_USER
+ || $shareType === IShare::TYPE_GROUP
+ || $shareType === IShare::TYPE_REMOTE) {
$sharedWith = $share->getSharedWith();
}
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php
index 2104c07593a..01664c6a0a3 100644
--- a/lib/private/Share20/Manager.php
+++ b/lib/private/Share20/Manager.php
@@ -182,8 +182,8 @@ class Manager implements IManager {
}
// Cannot share with yourself
- if ($share->getShareType() === IShare::TYPE_USER &&
- $share->getSharedWith() === $share->getSharedBy()) {
+ if ($share->getShareType() === IShare::TYPE_USER
+ && $share->getSharedWith() === $share->getSharedBy()) {
throw new \InvalidArgumentException($this->l->t('Cannot share with yourself'));
}
@@ -193,8 +193,8 @@ class Manager implements IManager {
}
// And it should be a file or a folder
- if (!($share->getNode() instanceof \OCP\Files\File) &&
- !($share->getNode() instanceof \OCP\Files\Folder)) {
+ if (!($share->getNode() instanceof \OCP\Files\File)
+ && !($share->getNode() instanceof \OCP\Files\Folder)) {
throw new \InvalidArgumentException($this->l->t('Shared path must be either a file or a folder'));
}
@@ -251,8 +251,8 @@ class Manager implements IManager {
// Link shares are allowed to have no read permissions to allow upload to hidden folders
$noReadPermissionRequired = $share->getShareType() === IShare::TYPE_LINK
|| $share->getShareType() === IShare::TYPE_EMAIL;
- if (!$noReadPermissionRequired &&
- ($share->getPermissions() & \OCP\Constants::PERMISSION_READ) === 0) {
+ if (!$noReadPermissionRequired
+ && ($share->getPermissions() & \OCP\Constants::PERMISSION_READ) === 0) {
throw new \InvalidArgumentException($this->l->t('Shares need at least read permissions'));
}
@@ -561,8 +561,8 @@ class Manager implements IManager {
}
// Check if public upload is allowed
- if ($share->getNodeType() === 'folder' && !$this->shareApiLinkAllowPublicUpload() &&
- ($share->getPermissions() & (\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE))) {
+ if ($share->getNodeType() === 'folder' && !$this->shareApiLinkAllowPublicUpload()
+ && ($share->getPermissions() & (\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE))) {
throw new \InvalidArgumentException($this->l->t('Public upload is not allowed'));
}
}
@@ -698,8 +698,8 @@ class Manager implements IManager {
}
// Cannot share with the owner
- if ($share->getShareType() === IShare::TYPE_USER &&
- $share->getSharedWith() === $share->getShareOwner()) {
+ if ($share->getShareType() === IShare::TYPE_USER
+ && $share->getSharedWith() === $share->getShareOwner()) {
throw new \InvalidArgumentException($this->l->t('Cannot share with the share owner'));
}
@@ -791,14 +791,14 @@ class Manager implements IManager {
}
// We can only change the recipient on user shares
- if ($share->getSharedWith() !== $originalShare->getSharedWith() &&
- $share->getShareType() !== IShare::TYPE_USER) {
+ if ($share->getSharedWith() !== $originalShare->getSharedWith()
+ && $share->getShareType() !== IShare::TYPE_USER) {
throw new \InvalidArgumentException($this->l->t('Can only update recipient on user shares'));
}
// Cannot share with the owner
- if ($share->getShareType() === IShare::TYPE_USER &&
- $share->getSharedWith() === $share->getShareOwner()) {
+ if ($share->getShareType() === IShare::TYPE_USER
+ && $share->getSharedWith() === $share->getShareOwner()) {
throw new \InvalidArgumentException($this->l->t('Cannot share with the share owner'));
}
@@ -949,11 +949,11 @@ class Manager implements IManager {
* @return boolean whether the password was updated or not.
*/
private function updateSharePasswordIfNeeded(IShare $share, IShare $originalShare) {
- $passwordsAreDifferent = ($share->getPassword() !== $originalShare->getPassword()) &&
- (($share->getPassword() !== null && $originalShare->getPassword() === null) ||
- ($share->getPassword() === null && $originalShare->getPassword() !== null) ||
- ($share->getPassword() !== null && $originalShare->getPassword() !== null &&
- !$this->hasher->verify($share->getPassword(), $originalShare->getPassword())));
+ $passwordsAreDifferent = ($share->getPassword() !== $originalShare->getPassword())
+ && (($share->getPassword() !== null && $originalShare->getPassword() === null)
+ || ($share->getPassword() === null && $originalShare->getPassword() !== null)
+ || ($share->getPassword() !== null && $originalShare->getPassword() !== null
+ && !$this->hasher->verify($share->getPassword(), $originalShare->getPassword())));
// Password updated.
if ($passwordsAreDifferent) {
@@ -1237,9 +1237,9 @@ class Manager implements IManager {
* @inheritdoc
*/
public function getSharesBy($userId, $shareType, $path = null, $reshares = false, $limit = 50, $offset = 0, bool $onlyValid = true) {
- if ($path !== null &&
- !($path instanceof \OCP\Files\File) &&
- !($path instanceof \OCP\Files\Folder)) {
+ if ($path !== null
+ && !($path instanceof \OCP\Files\File)
+ && !($path instanceof \OCP\Files\Folder)) {
throw new \InvalidArgumentException($this->l->t('Invalid path'));
}
@@ -1798,8 +1798,8 @@ class Manager implements IManager {
* @return bool
*/
public function shareApiLinkDefaultExpireDateEnforced() {
- return $this->shareApiLinkDefaultExpireDate() &&
- $this->config->getAppValue('core', 'shareapi_enforce_expire_date', 'no') === 'yes';
+ return $this->shareApiLinkDefaultExpireDate()
+ && $this->config->getAppValue('core', 'shareapi_enforce_expire_date', 'no') === 'yes';
}
@@ -1836,8 +1836,8 @@ class Manager implements IManager {
* @return bool
*/
public function shareApiInternalDefaultExpireDateEnforced(): bool {
- return $this->shareApiInternalDefaultExpireDate() &&
- $this->config->getAppValue('core', 'shareapi_enforce_internal_expire_date', 'no') === 'yes';
+ return $this->shareApiInternalDefaultExpireDate()
+ && $this->config->getAppValue('core', 'shareapi_enforce_internal_expire_date', 'no') === 'yes';
}
/**
@@ -1846,8 +1846,8 @@ class Manager implements IManager {
* @return bool
*/
public function shareApiRemoteDefaultExpireDateEnforced(): bool {
- return $this->shareApiRemoteDefaultExpireDate() &&
- $this->config->getAppValue('core', 'shareapi_enforce_remote_expire_date', 'no') === 'yes';
+ return $this->shareApiRemoteDefaultExpireDate()
+ && $this->config->getAppValue('core', 'shareapi_enforce_remote_expire_date', 'no') === 'yes';
}
/**
@@ -1915,13 +1915,13 @@ class Manager implements IManager {
}
public function limitEnumerationToGroups(): bool {
- return $this->allowEnumeration() &&
- $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
+ return $this->allowEnumeration()
+ && $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
}
public function limitEnumerationToPhone(): bool {
- return $this->allowEnumeration() &&
- $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
+ return $this->allowEnumeration()
+ && $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
}
public function allowEnumerationFullMatch(): bool {
@@ -1940,6 +1940,10 @@ class Manager implements IManager {
return $this->appConfig->getValueBool('core', 'shareapi_allow_custom_tokens', false);
}
+ public function allowViewWithoutDownload(): bool {
+ return $this->appConfig->getValueBool('core', 'shareapi_allow_view_without_download', true);
+ }
+
public function currentUserCanEnumerateTargetUser(?IUser $currentUser, IUser $targetUser): bool {
if ($this->allowEnumerationFullMatch()) {
return true;
diff --git a/lib/private/Share20/ProviderFactory.php b/lib/private/Share20/ProviderFactory.php
index eba3f4f26f1..d920edfd90e 100644
--- a/lib/private/Share20/ProviderFactory.php
+++ b/lib/private/Share20/ProviderFactory.php
@@ -174,9 +174,9 @@ class ProviderFactory implements IProviderFactory {
public function getProviderForType($shareType) {
$provider = null;
- if ($shareType === IShare::TYPE_USER ||
- $shareType === IShare::TYPE_GROUP ||
- $shareType === IShare::TYPE_LINK
+ if ($shareType === IShare::TYPE_USER
+ || $shareType === IShare::TYPE_GROUP
+ || $shareType === IShare::TYPE_LINK
) {
$provider = $this->defaultShareProvider();
} elseif ($shareType === IShare::TYPE_REMOTE || $shareType === IShare::TYPE_REMOTE_GROUP) {
diff --git a/lib/private/Share20/Share.php b/lib/private/Share20/Share.php
index 466817efc9a..8caabb0898a 100644
--- a/lib/private/Share20/Share.php
+++ b/lib/private/Share20/Share.php
@@ -14,8 +14,10 @@ use OCP\Files\IRootFolder;
use OCP\Files\Node;
use OCP\Files\NotFoundException;
use OCP\IUserManager;
+use OCP\Server;
use OCP\Share\Exceptions\IllegalIDChangeException;
use OCP\Share\IAttributes;
+use OCP\Share\IManager;
use OCP\Share\IShare;
class Share implements IShare {
@@ -418,8 +420,8 @@ class Share implements IShare {
* @inheritdoc
*/
public function isExpired() {
- return $this->getExpirationDate() !== null &&
- $this->getExpirationDate() <= new \DateTime();
+ return $this->getExpirationDate() !== null
+ && $this->getExpirationDate() <= new \DateTime();
}
/**
@@ -622,4 +624,23 @@ class Share implements IShare {
public function getReminderSent(): bool {
return $this->reminderSent;
}
+
+ public function canSeeContent(): bool {
+ $shareManager = Server::get(IManager::class);
+
+ $allowViewWithoutDownload = $shareManager->allowViewWithoutDownload();
+ // If the share manager allows viewing without download, we can always see the content.
+ if ($allowViewWithoutDownload) {
+ return true;
+ }
+
+ // No "allow preview" header set, so we must check if
+ // the share has not explicitly disabled download permissions
+ $attributes = $this->getAttributes();
+ if ($attributes?->getAttribute('permissions', 'download') === false) {
+ return false;
+ }
+
+ return true;
+ }
}
diff --git a/lib/private/Share20/ShareAttributes.php b/lib/private/Share20/ShareAttributes.php
index 96da1e336e3..f90fbd9c6cd 100644
--- a/lib/private/Share20/ShareAttributes.php
+++ b/lib/private/Share20/ShareAttributes.php
@@ -32,8 +32,8 @@ class ShareAttributes implements IAttributes {
* @inheritdoc
*/
public function getAttribute(string $scope, string $key): mixed {
- if (\array_key_exists($scope, $this->attributes) &&
- \array_key_exists($key, $this->attributes[$scope])) {
+ if (\array_key_exists($scope, $this->attributes)
+ && \array_key_exists($key, $this->attributes[$scope])) {
return $this->attributes[$scope][$key];
}
return null;
diff --git a/lib/private/Share20/ShareHelper.php b/lib/private/Share20/ShareHelper.php
index d4a54f1d687..3f6bab98a7f 100644
--- a/lib/private/Share20/ShareHelper.php
+++ b/lib/private/Share20/ShareHelper.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later