From 698ecbf308d1eae950138bff9edbb0d542c391d0 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 24 Nov 2014 15:31:52 +0100 Subject: OCS API for server-to-server sharing --- apps/files_sharing/api/local.php | 599 ++++++++++++++++++++++++++++ apps/files_sharing/api/server2server.php | 224 +++++++++++ apps/files_sharing/appinfo/app.php | 5 +- apps/files_sharing/appinfo/database.xml | 15 +- apps/files_sharing/appinfo/routes.php | 10 +- apps/files_sharing/appinfo/version | 2 +- apps/files_sharing/lib/activity.php | 165 ++++++++ apps/files_sharing/lib/api.php | 599 ---------------------------- apps/files_sharing/lib/external/manager.php | 12 +- apps/files_sharing/lib/helper.php | 24 ++ apps/files_sharing/tests/api.php | 60 +-- apps/files_sharing/tests/server2server.php | 102 +++++ 12 files changed, 1171 insertions(+), 646 deletions(-) create mode 100644 apps/files_sharing/api/local.php create mode 100644 apps/files_sharing/api/server2server.php create mode 100644 apps/files_sharing/lib/activity.php delete mode 100644 apps/files_sharing/lib/api.php create mode 100644 apps/files_sharing/tests/server2server.php (limited to 'apps/files_sharing') diff --git a/apps/files_sharing/api/local.php b/apps/files_sharing/api/local.php new file mode 100644 index 00000000000..d9291c29f61 --- /dev/null +++ b/apps/files_sharing/api/local.php @@ -0,0 +1,599 @@ +. + * + */ + +namespace OCA\Files_Sharing\API; + +class Local { + + /** + * get all shares + * + * @param array $params option 'file' to limit the result to a specific file/folder + * @return \OC_OCS_Result share information + */ + public static function getAllShares($params) { + if (isset($_GET['shared_with_me']) && $_GET['shared_with_me'] !== 'false') { + return self::getFilesSharedWithMe(); + } + // if a file is specified, get the share for this file + if (isset($_GET['path'])) { + $params['itemSource'] = self::getFileId($_GET['path']); + $params['path'] = $_GET['path']; + $params['itemType'] = self::getItemType($_GET['path']); + + if ( isset($_GET['reshares']) && $_GET['reshares'] !== 'false' ) { + $params['reshares'] = true; + } else { + $params['reshares'] = false; + } + + if (isset($_GET['subfiles']) && $_GET['subfiles'] !== 'false') { + return self::getSharesFromFolder($params); + } + return self::collectShares($params); + } + + $shares = \OCP\Share::getItemShared('file', null); + + if ($shares === false) { + return new \OC_OCS_Result(null, 404, 'could not get shares'); + } else { + foreach ($shares as &$share) { + if ($share['item_type'] === 'file' && isset($share['path'])) { + $share['mimetype'] = \OC_Helper::getFileNameMimeType($share['path']); + if (\OC::$server->getPreviewManager()->isMimeSupported($share['mimetype'])) { + $share['isPreviewAvailable'] = true; + } + } + } + return new \OC_OCS_Result($shares); + } + + } + + /** + * get share information for a given share + * + * @param array $params which contains a 'id' + * @return \OC_OCS_Result share information + */ + public static function getShare($params) { + + $s = self::getShareFromId($params['id']); + $params['itemSource'] = $s['file_source']; + $params['itemType'] = $s['item_type']; + $params['specificShare'] = true; + + return self::collectShares($params); + } + + /** + * collect all share information, either of a specific share or all + * shares for a given path + * @param array $params + * @return \OC_OCS_Result + */ + private static function collectShares($params) { + + $itemSource = $params['itemSource']; + $itemType = $params['itemType']; + $getSpecificShare = isset($params['specificShare']) ? $params['specificShare'] : false; + + if ($itemSource !== null) { + $shares = \OCP\Share::getItemShared($itemType, $itemSource); + $receivedFrom = \OCP\Share::getItemSharedWithBySource($itemType, $itemSource); + // if a specific share was specified only return this one + if ($getSpecificShare === true) { + foreach ($shares as $share) { + if ($share['id'] === (int) $params['id']) { + $shares = array('element' => $share); + break; + } + } + } else { + $path = $params['path']; + foreach ($shares as $key => $share) { + $shares[$key]['path'] = $path; + } + } + + + // include also reshares in the lists. This means that the result + // will contain every user with access to the file. + if (isset($params['reshares']) && $params['reshares'] === true) { + $shares = self::addReshares($shares, $itemSource); + } + + if ($receivedFrom) { + foreach ($shares as $key => $share) { + $shares[$key]['received_from'] = $receivedFrom['uid_owner']; + $shares[$key]['received_from_displayname'] = \OCP\User::getDisplayName($receivedFrom['uid_owner']); + } + } + } else { + $shares = null; + } + + if ($shares === null || empty($shares)) { + return new \OC_OCS_Result(null, 404, 'share doesn\'t exist'); + } else { + return new \OC_OCS_Result($shares); + } + } + + /** + * add reshares to a array of shares + * @param array $shares array of shares + * @param int $itemSource item source ID + * @return array new shares array which includes reshares + */ + private static function addReshares($shares, $itemSource) { + + // if there are no shares than there are also no reshares + $firstShare = reset($shares); + if ($firstShare) { + $path = $firstShare['path']; + } else { + return $shares; + } + + $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `file_source`, `path` , `*PREFIX*share`.`permissions`, `stime`, `expiration`, `token`, `storage`, `mail_send`, `mail_send`'; + $getReshares = \OC_DB::prepare('SELECT ' . $select . ' FROM `*PREFIX*share` INNER JOIN `*PREFIX*filecache` ON `file_source` = `*PREFIX*filecache`.`fileid` WHERE `*PREFIX*share`.`file_source` = ? AND `*PREFIX*share`.`item_type` IN (\'file\', \'folder\') AND `uid_owner` != ?'); + $reshares = $getReshares->execute(array($itemSource, \OCP\User::getUser()))->fetchAll(); + + foreach ($reshares as $key => $reshare) { + if (isset($reshare['share_with']) && $reshare['share_with'] !== '') { + $reshares[$key]['share_with_displayname'] = \OCP\User::getDisplayName($reshare['share_with']); + } + // add correct path to the result + $reshares[$key]['path'] = $path; + } + + return array_merge($shares, $reshares); + } + + /** + * get share from all files in a given folder (non-recursive) + * @param array $params contains 'path' to the folder + * @return \OC_OCS_Result + */ + private static function getSharesFromFolder($params) { + $path = $params['path']; + $view = new \OC\Files\View('/'.\OCP\User::getUser().'/files'); + + if(!$view->is_dir($path)) { + return new \OC_OCS_Result(null, 400, "not a directory"); + } + + $content = $view->getDirectoryContent($path); + + $result = array(); + foreach ($content as $file) { + // workaround because folders are named 'dir' in this context + $itemType = $file['type'] === 'file' ? 'file' : 'folder'; + $share = \OCP\Share::getItemShared($itemType, $file['fileid']); + if($share) { + $receivedFrom = \OCP\Share::getItemSharedWithBySource($itemType, $file['fileid']); + reset($share); + $key = key($share); + if ($receivedFrom) { + $share[$key]['received_from'] = $receivedFrom['uid_owner']; + $share[$key]['received_from_displayname'] = \OCP\User::getDisplayName($receivedFrom['uid_owner']); + } + $result = array_merge($result, $share); + } + } + + return new \OC_OCS_Result($result); + } + + /** + * get files shared with the user + * @return \OC_OCS_Result + */ + private static function getFilesSharedWithMe() { + try { + $shares = \OCP\Share::getItemsSharedWith('file'); + foreach ($shares as &$share) { + if ($share['item_type'] === 'file') { + $share['mimetype'] = \OC_Helper::getFileNameMimeType($share['file_target']); + if (\OC::$server->getPreviewManager()->isMimeSupported($share['mimetype'])) { + $share['isPreviewAvailable'] = true; + } + } + } + $result = new \OC_OCS_Result($shares); + } catch (\Exception $e) { + $result = new \OC_OCS_Result(null, 403, $e->getMessage()); + } + + return $result; + + } + + /** + * create a new share + * @param array $params + * @return \OC_OCS_Result + */ + public static function createShare($params) { + + $path = isset($_POST['path']) ? $_POST['path'] : null; + + if($path === null) { + return new \OC_OCS_Result(null, 400, "please specify a file or folder path"); + } + $itemSource = self::getFileId($path); + $itemType = self::getItemType($path); + + if($itemSource === null) { + return new \OC_OCS_Result(null, 404, "wrong path, file/folder doesn't exist."); + } + + $shareWith = isset($_POST['shareWith']) ? $_POST['shareWith'] : null; + $shareType = isset($_POST['shareType']) ? (int)$_POST['shareType'] : null; + + switch($shareType) { + case \OCP\Share::SHARE_TYPE_USER: + $permissions = isset($_POST['permissions']) ? (int)$_POST['permissions'] : 31; + break; + case \OCP\Share::SHARE_TYPE_GROUP: + $permissions = isset($_POST['permissions']) ? (int)$_POST['permissions'] : 31; + break; + case \OCP\Share::SHARE_TYPE_LINK: + //allow password protection + $shareWith = isset($_POST['password']) ? $_POST['password'] : null; + //check public link share + $publicUploadEnabled = \OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes'); + if(isset($_POST['publicUpload']) && $publicUploadEnabled !== 'yes') { + return new \OC_OCS_Result(null, 403, "public upload disabled by the administrator"); + } + $publicUpload = isset($_POST['publicUpload']) ? $_POST['publicUpload'] : 'false'; + // read, create, update (7) if public upload is enabled or + // read (1) if public upload is disabled + $permissions = $publicUpload === 'true' ? 7 : 1; + break; + default: + return new \OC_OCS_Result(null, 400, "unknown share type"); + } + + try { + $token = \OCP\Share::shareItem( + $itemType, + $itemSource, + $shareType, + $shareWith, + $permissions + ); + } catch (\Exception $e) { + return new \OC_OCS_Result(null, 403, $e->getMessage()); + } + + if ($token) { + $data = array(); + $data['id'] = 'unknown'; + $shares = \OCP\Share::getItemShared($itemType, $itemSource); + if(is_string($token)) { //public link share + foreach ($shares as $share) { + if ($share['token'] === $token) { + $data['id'] = $share['id']; + break; + } + } + $url = \OCP\Util::linkToPublic('files&t='.$token); + $data['url'] = $url; // '&' gets encoded to $amp; + $data['token'] = $token; + + } else { + foreach ($shares as $share) { + if ($share['share_with'] === $shareWith && $share['share_type'] === $shareType) { + $data['id'] = $share['id']; + break; + } + } + } + return new \OC_OCS_Result($data); + } else { + return new \OC_OCS_Result(null, 404, "couldn't share file"); + } + } + + /** + * update shares, e.g. password, permissions, etc + * @param array $params shareId 'id' and the parameter we want to update + * currently supported: permissions, password, publicUpload + * @return \OC_OCS_Result + */ + public static function updateShare($params) { + + $share = self::getShareFromId($params['id']); + + if(!isset($share['file_source'])) { + return new \OC_OCS_Result(null, 404, "wrong share Id, share doesn't exist."); + } + + try { + if(isset($params['_put']['permissions'])) { + return self::updatePermissions($share, $params); + } elseif (isset($params['_put']['password'])) { + return self::updatePassword($share, $params); + } elseif (isset($params['_put']['publicUpload'])) { + return self::updatePublicUpload($share, $params); + } elseif (isset($params['_put']['expireDate'])) { + return self::updateExpireDate($share, $params); + } + } catch (\Exception $e) { + + return new \OC_OCS_Result(null, 400, $e->getMessage()); + } + + return new \OC_OCS_Result(null, 400, "Wrong or no update parameter given"); + + } + + /** + * update permissions for a share + * @param array $share information about the share + * @param array $params contains 'permissions' + * @return \OC_OCS_Result + */ + private static function updatePermissions($share, $params) { + + $itemSource = $share['item_source']; + $itemType = $share['item_type']; + $shareWith = $share['share_with']; + $shareType = $share['share_type']; + $permissions = isset($params['_put']['permissions']) ? (int)$params['_put']['permissions'] : null; + + $publicUploadStatus = \OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes'); + $publicUploadEnabled = ($publicUploadStatus === 'yes') ? true : false; + + + // only change permissions for public shares if public upload is enabled + // and we want to set permissions to 1 (read only) or 7 (allow upload) + if ( (int)$shareType === \OCP\Share::SHARE_TYPE_LINK ) { + if ($publicUploadEnabled === false || ($permissions !== 7 && $permissions !== 1)) { + return new \OC_OCS_Result(null, 400, "can't change permission for public link share"); + } + } + + try { + $return = \OCP\Share::setPermissions( + $itemType, + $itemSource, + $shareType, + $shareWith, + $permissions + ); + } catch (\Exception $e) { + return new \OC_OCS_Result(null, 404, $e->getMessage()); + } + + if ($return) { + return new \OC_OCS_Result(); + } else { + return new \OC_OCS_Result(null, 404, "couldn't set permissions"); + } + } + + /** + * enable/disable public upload + * @param array $share information about the share + * @param array $params contains 'publicUpload' which can be 'yes' or 'no' + * @return \OC_OCS_Result + */ + private static function updatePublicUpload($share, $params) { + + $publicUploadEnabled = \OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes'); + if($publicUploadEnabled !== 'yes') { + return new \OC_OCS_Result(null, 403, "public upload disabled by the administrator"); + } + + if ($share['item_type'] !== 'folder' || + (int)$share['share_type'] !== \OCP\Share::SHARE_TYPE_LINK ) { + return new \OC_OCS_Result(null, 400, "public upload is only possible for public shared folders"); + } + + // read, create, update (7) if public upload is enabled or + // read (1) if public upload is disabled + $params['_put']['permissions'] = $params['_put']['publicUpload'] === 'true' ? 7 : 1; + + return self::updatePermissions($share, $params); + + } + + /** + * set expire date for public link share + * @param array $share information about the share + * @param array $params contains 'expireDate' which needs to be a well formated date string, e.g DD-MM-YYYY + * @return \OC_OCS_Result + */ + private static function updateExpireDate($share, $params) { + // only public links can have a expire date + if ((int)$share['share_type'] !== \OCP\Share::SHARE_TYPE_LINK ) { + return new \OC_OCS_Result(null, 400, "expire date only exists for public link shares"); + } + + try { + $expireDateSet = \OCP\Share::setExpirationDate($share['item_type'], $share['item_source'], $params['_put']['expireDate'], (int)$share['stime']); + $result = ($expireDateSet) ? new \OC_OCS_Result() : new \OC_OCS_Result(null, 404, "couldn't set expire date"); + } catch (\Exception $e) { + $result = new \OC_OCS_Result(null, 404, $e->getMessage()); + } + + return $result; + + } + + /** + * update password for public link share + * @param array $share information about the share + * @param array $params 'password' + * @return \OC_OCS_Result + */ + private static function updatePassword($share, $params) { + + $itemSource = $share['item_source']; + $itemType = $share['item_type']; + + if( (int)$share['share_type'] !== \OCP\Share::SHARE_TYPE_LINK) { + return new \OC_OCS_Result(null, 400, "password protection is only supported for public shares"); + } + + $shareWith = isset($params['_put']['password']) ? $params['_put']['password'] : null; + + if($shareWith === '') { + $shareWith = null; + } + + $items = \OCP\Share::getItemShared($itemType, $itemSource); + + $checkExists = false; + foreach ($items as $item) { + if($item['share_type'] === \OCP\Share::SHARE_TYPE_LINK) { + $checkExists = true; + $permissions = $item['permissions']; + } + } + + if (!$checkExists) { + return new \OC_OCS_Result(null, 404, "share doesn't exists, can't change password"); + } + + try { + $result = \OCP\Share::shareItem( + $itemType, + $itemSource, + \OCP\Share::SHARE_TYPE_LINK, + $shareWith, + $permissions + ); + } catch (\Exception $e) { + return new \OC_OCS_Result(null, 403, $e->getMessage()); + } + + if($result) { + return new \OC_OCS_Result(); + } + + return new \OC_OCS_Result(null, 404, "couldn't set password"); + } + + /** + * unshare a file/folder + * @param array $params contains the shareID 'id' which should be unshared + * @return \OC_OCS_Result + */ + public static function deleteShare($params) { + + $share = self::getShareFromId($params['id']); + $fileSource = isset($share['file_source']) ? $share['file_source'] : null; + $itemType = isset($share['item_type']) ? $share['item_type'] : null;; + + if($fileSource === null) { + return new \OC_OCS_Result(null, 404, "wrong share ID, share doesn't exist."); + } + + $shareWith = isset($share['share_with']) ? $share['share_with'] : null; + $shareType = isset($share['share_type']) ? (int)$share['share_type'] : null; + + if( $shareType === \OCP\Share::SHARE_TYPE_LINK) { + $shareWith = null; + } + + try { + $return = \OCP\Share::unshare( + $itemType, + $fileSource, + $shareType, + $shareWith); + } catch (\Exception $e) { + return new \OC_OCS_Result(null, 404, $e->getMessage()); + } + + if ($return) { + return new \OC_OCS_Result(); + } else { + $msg = "Unshare Failed"; + return new \OC_OCS_Result(null, 404, $msg); + } + } + + /** + * get file ID from a given path + * @param string $path + * @return string fileID or null + */ + private static function getFileId($path) { + + $view = new \OC\Files\View('/'.\OCP\User::getUser().'/files'); + $fileId = null; + $fileInfo = $view->getFileInfo($path); + if ($fileInfo) { + $fileId = $fileInfo['fileid']; + } + + return $fileId; + } + + /** + * get itemType + * @param string $path + * @return string type 'file', 'folder' or null of file/folder doesn't exists + */ + private static function getItemType($path) { + $view = new \OC\Files\View('/'.\OCP\User::getUser().'/files'); + $itemType = null; + + if ($view->is_dir($path)) { + $itemType = "folder"; + } elseif ($view->is_file($path)) { + $itemType = "file"; + } + + return $itemType; + } + + /** + * get some information from a given share + * @param int $shareID + * @return array with: item_source, share_type, share_with, item_type, permissions + */ + private static function getShareFromId($shareID) { + $sql = 'SELECT `file_source`, `item_source`, `share_type`, `share_with`, `item_type`, `permissions`, `stime` FROM `*PREFIX*share` WHERE `id` = ?'; + $args = array($shareID); + $query = \OCP\DB::prepare($sql); + $result = $query->execute($args); + + if (\OCP\DB::isError($result)) { + \OCP\Util::writeLog('files_sharing', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); + return null; + } + if ($share = $result->fetchRow()) { + return $share; + } + + return null; + + } + +} diff --git a/apps/files_sharing/api/server2server.php b/apps/files_sharing/api/server2server.php new file mode 100644 index 00000000000..2949e2dd09c --- /dev/null +++ b/apps/files_sharing/api/server2server.php @@ -0,0 +1,224 @@ + + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see . + * + */ + +namespace OCA\Files_Sharing\API; + +class Server2Server { + + /** + * create a new share + * + * @param array $params + * @return \OC_OCS_Result + */ + public function createShare($params) { + + if (!$this->isS2SEnabled(true)) { + return \OC_OCS_Result(null, 503, 'Server does not support server-to-server sharing'); + } + + $remote = isset($_POST['remote']) ? $_POST['remote'] : null; + $token = isset($_POST['token']) ? $_POST['token'] : null; + $name = isset($_POST['name']) ? $_POST['name'] : null; + $owner = isset($_POST['owner']) ? $_POST['owner'] : null; + $shareWith = isset($_POST['shareWith']) ? $_POST['shareWith'] : null; + $remoteId = isset($_POST['remote_id']) ? (int)$_POST['remote_id'] : null; + + if ($remote && $token && $name && $owner && $remoteId && $shareWith) { + + if(!\OCP\Util::isValidFileName($name)) { + return new \OC_OCS_Result(null, 400, 'The mountpoint name contains invalid characters.'); + } + + if (!\OCP\User::userExists($shareWith)) { + return new \OC_OCS_Result(null, 400, 'User does not exists'); + } + + \OC_Util::setupFS($shareWith); + + $mountPoint = \OC\Files\Filesystem::normalizePath('/' . $name); + $name = \OCP\Files::buildNotExistingFileName('/', $name); + + try { + \OCA\Files_Sharing\Helper::addServer2ServerShare($remote, $token, $name, $mountPoint, $owner, $shareWith, '', $remoteId); + + \OC::$server->getActivityManager()->publishActivity( + 'files_sharing', \OCA\Files_Sharing\Activity::SUBJECT_REMOTE_SHARE_RECEIVED, array($owner), '', array(), + '', '', $shareWith, \OCA\Files_Sharing\Activity::TYPE_REMOTE_SHARE, \OCA\Files_Sharing\Activity::PRIORITY_LOW); + + return new \OC_OCS_Result(); + } catch (\Exception $e) { + return new \OC_OCS_Result(null, 500, 'server can not add remote share, ' . $e->getMessage()); + } + } + + return new \OC_OCS_Result(null, 400, 'server can not add remote share, missing parameter'); + } + + /** + * accept server-to-server share + * + * @param array $params + * @return \OC_OCS_Result + */ + public function acceptShare($params) { + + if (!$this->isS2SEnabled()) { + return \OC_OCS_Result(null, 503, 'Server does not support server-to-server sharing'); + } + + $id = $params['id']; + $token = isset($_POST['token']) ? $_POST['token'] : null; + $share = self::getShare($id, $token); + + if ($share) { + list($file, $link) = self::getFile($share['uid_owner'], $share['file_source']); + + \OC::$server->getActivityManager()->publishActivity( + 'files_sharing', \OCA\Files_Sharing\Activity::SUBJECT_REMOTE_SHARE_ACCEPTED, array($share['share_with'], basename($file)), '', array(), + $file, $link, $share['uid_owner'], \OCA\Files_Sharing\Activity::TYPE_REMOTE_SHARE, \OCA\Files_Sharing\Activity::PRIORITY_LOW); + } + + return new \OC_OCS_Result(); + } + + /** + * decline server-to-server share + * + * @param array $params + * @return \OC_OCS_Result + */ + public function declineShare($params) { + + if (!$this->isS2SEnabled()) { + return \OC_OCS_Result(null, 503, 'Server does not support server-to-server sharing'); + } + + $id = $params['id']; + $token = isset($_POST['token']) ? $_POST['token'] : null; + + $share = $this->getShare($id, $token); + + if ($share) { + // userId must be set to the user who unshares + \OCP\Share::unshare($share['item_type'], $share['item_source'], $share['share_type'], null, $share['uid_owner']); + + list($file, $link) = $this->getFile($share['uid_owner'], $share['file_source']); + + \OC::$server->getActivityManager()->publishActivity( + 'files_sharing', \OCA\Files_Sharing\Activity::SUBJECT_REMOTE_SHARE_DECLINED, array($share['share_with'], basename($file)), '', array(), + $file, $link, $share['uid_owner'], \OCA\Files_Sharing\Activity::TYPE_REMOTE_SHARE, \OCA\Files_Sharing\Activity::PRIORITY_LOW); + } + + return new \OC_OCS_Result(); + } + + /** + * remove server-to-server share if it was unshared by the owner + * + * @param array $params + * @return \OC_OCS_Result + */ + public function unshare($params) { + + if (!$this->isS2SEnabled()) { + return \OC_OCS_Result(null, 503, 'Server does not support server-to-server sharing'); + } + + $id = $params['id']; + $token = isset($_POST['token']) ? $_POST['token'] : null; + + $query = \OCP\DB::prepare('SELECT * FROM `*PREFIX*share_external` WHERE `remote_id` = ? AND `share_token` = ?'); + $query->execute(array($id, $token)); + $share = $query->fetchRow(); + + if ($token && $id && !empty($share)) { + + $owner = $share['owner'] . '@' . $share['remote']; + $mountpoint = $share['mountpoint']; + $user = $share['user']; + + $query = \OCP\DB::prepare('DELETE FROM `*PREFIX*share_external` WHERE `remote_id` = ? AND `share_token` = ?'); + $query->execute(array($id, $token)); + + \OC::$server->getActivityManager()->publishActivity( + 'files_sharing', \OCA\Files_Sharing\Activity::SUBJECT_REMOTE_SHARE_DECLINED, array($owner, $mountpoint), '', array(), + '', '', $user, \OCA\Files_Sharing\Activity::TYPE_REMOTE_SHARE, \OCA\Files_Sharing\Activity::PRIORITY_MEDIUM); + } + + return new \OC_OCS_Result(); + } + + /** + * get share + * + * @param int $id + * @param string $token + * @return array + */ + private function getShare($id, $token) { + $query = \OCP\DB::prepare('SELECT * FROM `*PREFIX*share` WHERE `id` = ? AND `token` = ? AND `share_type` = ?'); + $query->execute(array($id, $token, \OCP\Share::SHARE_TYPE_REMOTE)); + $share = $query->fetchRow(); + + return $share; + } + + /** + * get file + * + * @param string $user + * @param int $fileSource + * @return array with internal path of the file and a absolute link to it + */ + private function getFile($user, $fileSource) { + \OC_Util::setupFS($user); + + $file = \OC\Files\Filesystem::getPath($fileSource); + $args = \OC\Files\Filesystem::is_dir($file) ? array('dir' => $file) : array('dir' => dirname($file), 'scrollto' => $file); + $link = \OCP\Util::linkToAbsolute('files', 'index.php', $args); + + return array($file, $link); + + } + + /** + * check if server-to-server sharing is enabled + * + * @param bool $incoming + * @return bool + */ + private function isS2SEnabled($incoming = false) { + + $result = \OCP\App::isEnabled('files_sharing'); + + if ($incoming) { + $result = $result && \OCA\Files_Sharing\Helper::isIncomingServer2serverShareEnabled(); + } else { + $result = $result && \OCA\Files_Sharing\Helper::isOutgoingServer2serverShareEnabled(); + } + + return $result; + } + +} diff --git a/apps/files_sharing/appinfo/app.php b/apps/files_sharing/appinfo/app.php index a01f8d98c7d..329afa07519 100644 --- a/apps/files_sharing/appinfo/app.php +++ b/apps/files_sharing/appinfo/app.php @@ -8,7 +8,6 @@ OC::$CLASSPATH['OC\Files\Cache\Shared_Cache'] = 'files_sharing/lib/cache.php'; OC::$CLASSPATH['OC\Files\Cache\Shared_Permissions'] = 'files_sharing/lib/permissions.php'; OC::$CLASSPATH['OC\Files\Cache\Shared_Updater'] = 'files_sharing/lib/updater.php'; OC::$CLASSPATH['OC\Files\Cache\Shared_Watcher'] = 'files_sharing/lib/watcher.php'; -OC::$CLASSPATH['OCA\Files\Share\Api'] = 'files_sharing/lib/api.php'; OC::$CLASSPATH['OCA\Files\Share\Maintainer'] = 'files_sharing/lib/maintainer.php'; OC::$CLASSPATH['OCA\Files\Share\Proxy'] = 'files_sharing/lib/proxy.php'; @@ -28,6 +27,10 @@ OCP\Util::addScript('files_sharing', 'external'); OC_FileProxy::register(new OCA\Files\Share\Proxy()); +\OC::$server->getActivityManager()->registerExtension(function() { + return new \OCA\Files_Sharing\Activity(); +}); + $config = \OC::$server->getConfig(); if ($config->getAppValue('core', 'shareapi_enabled', 'yes') === 'yes') { diff --git a/apps/files_sharing/appinfo/database.xml b/apps/files_sharing/appinfo/database.xml index 73d64c527b7..38718ab0773 100644 --- a/apps/files_sharing/appinfo/database.xml +++ b/apps/files_sharing/appinfo/database.xml @@ -22,6 +22,12 @@ 512 Url of the remove owncloud instance + + remote_id + integer + true + 4 + share_token text @@ -32,7 +38,7 @@ password text - true + false 64 Optional password for the public share @@ -71,6 +77,13 @@ 32 md5 hash of the mountpoint + + accepted + integer + 0 + true + 4 + sh_external_user diff --git a/apps/files_sharing/appinfo/routes.php b/apps/files_sharing/appinfo/routes.php index 68f33d94995..41bdf554fc5 100644 --- a/apps/files_sharing/appinfo/routes.php +++ b/apps/files_sharing/appinfo/routes.php @@ -22,25 +22,25 @@ $this->create('sharing_external_test_remote', '/testremote') OC_API::register('get', '/apps/files_sharing/api/v1/shares', - array('\OCA\Files\Share\Api', 'getAllShares'), + array('\OCA\Files_Sharing\API\Local', 'getAllShares'), 'files_sharing'); OC_API::register('post', '/apps/files_sharing/api/v1/shares', - array('\OCA\Files\Share\Api', 'createShare'), + array('\OCA\Files_Sharing\API\Local', 'createShare'), 'files_sharing'); OC_API::register('get', '/apps/files_sharing/api/v1/shares/{id}', - array('\OCA\Files\Share\Api', 'getShare'), + array('\OCA\Files_Sharing\API\Local', 'getShare'), 'files_sharing'); OC_API::register('put', '/apps/files_sharing/api/v1/shares/{id}', - array('\OCA\Files\Share\Api', 'updateShare'), + array('\OCA\Files_Sharing\API\Local', 'updateShare'), 'files_sharing'); OC_API::register('delete', '/apps/files_sharing/api/v1/shares/{id}', - array('\OCA\Files\Share\Api', 'deleteShare'), + array('\OCA\Files_Sharing\API\Local', 'deleteShare'), 'files_sharing'); diff --git a/apps/files_sharing/appinfo/version b/apps/files_sharing/appinfo/version index be14282b7ff..7d8568351b4 100644 --- a/apps/files_sharing/appinfo/version +++ b/apps/files_sharing/appinfo/version @@ -1 +1 @@ -0.5.3 +0.5.4 diff --git a/apps/files_sharing/lib/activity.php b/apps/files_sharing/lib/activity.php new file mode 100644 index 00000000000..0f7e8ab9b63 --- /dev/null +++ b/apps/files_sharing/lib/activity.php @@ -0,0 +1,165 @@ + + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see . + */ + +namespace OCA\Files_Sharing; + +class Activity implements \OCP\Activity\IExtension { + + const TYPE_REMOTE_SHARE = 'remote_share'; + const SUBJECT_REMOTE_SHARE_RECEIVED = 'remote_share_received'; + const SUBJECT_REMOTE_SHARE_ACCEPTED = 'remote_share_accepted'; + const SUBJECT_REMOTE_SHARE_DECLINED = 'remote_share_declined'; + const SUBJECT_REMOTE_SHARE_UNSHARED = 'remote_share_unshared'; + + /** + * The extension can return an array of additional notification types. + * If no additional types are to be added false is to be returned + * + * @param string $languageCode + * @return array|false + */ + public function getNotificationTypes($languageCode) { + $l = \OC::$server->getL10N('files_sharing', $languageCode); + return array(self::TYPE_REMOTE_SHARE => $l->t('A file or folder was shared from another server')); + } + + /** + * The extension can filter the types based on the filter if required. + * In case no filter is to be applied false is to be returned unchanged. + * + * @param array $types + * @param string $filter + * @return array|false + */ + public function filterNotificationTypes($types, $filter) { + return $types; + } + + /** + * For a given method additional types to be displayed in the settings can be returned. + * In case no additional types are to be added false is to be returned. + * + * @param string $method + * @return array|false + */ + public function getDefaultTypes($method) { + if ($method === 'stream') { + return array(self::TYPE_REMOTE_SHARE); + } + + return false; + } + + /** + * The extension can translate a given message to the requested languages. + * If no translation is available false is to be returned. + * + * @param string $app + * @param string $text + * @param array $params + * @param boolean $stripPath + * @param boolean $highlightParams + * @param string $languageCode + * @return string|false + */ + public function translate($app, $text, $params, $stripPath, $highlightParams, $languageCode) { + + $l = \OC::$server->getL10N('files_sharing', $languageCode); + + if (!$text) { + return ''; + } + + if ($app === 'files_sharing') { + switch ($text) { + case self::SUBJECT_REMOTE_SHARE_RECEIVED: + return $l->t('You received a new remote share from %s', $params)->__toString(); + case self::SUBJECT_REMOTE_SHARE_ACCEPTED: + return $l->t('%1$s accepted remote share %2$s', $params)->__toString(); + case self::SUBJECT_REMOTE_SHARE_DECLINED: + return $l->t('%1$s declined remote share %2$s', $params)->__toString(); + case self::SUBJECT_REMOTE_SHARE_UNSHARED: + return $l->t('%1$s unshared %2$s', $params)->__toString(); + } + } + } + + /** + * A string naming the css class for the icon to be used can be returned. + * If no icon is known for the given type false is to be returned. + * + * @param string $type + * @return string|false + */ + public function getTypeIcon($type) { + return 'icon-share'; + } + + /** + * The extension can define the parameter grouping by returning the index as integer. + * In case no grouping is required false is to be returned. + * + * @param array $activity + * @return integer|false + */ + public function getGroupParameter($activity) { + return false; + } + + /** + * The extension can define additional navigation entries. The array returned has to contain two keys 'top' + * and 'apps' which hold arrays with the relevant entries. + * If no further entries are to be added false is no be returned. + * + * @return array|false + */ + public function getNavigation() { + return false; + } + + /** + * The extension can check if a customer filter (given by a query string like filter=abc) is valid or not. + * + * @param string $filterValue + * @return boolean + */ + public function isFilterValid($filterValue) { + return false; + } + + /** + * For a given filter the extension can specify the sql query conditions including parameters for that query. + * In case the extension does not know the filter false is to be returned. + * The query condition and the parameters are to be returned as array with two elements. + * E.g. return array('`app` = ? and `message` like ?', array('mail', 'ownCloud%')); + * + * @param string $filter + * @return array|false + */ + public function getQueryForFilter($filter) { + if ($filter === 'shares') { + return array('`app` = ? and `type` = ?', array('files_sharing', self::TYPE_REMOTE_SHARE)); + } + return false; + } + +} diff --git a/apps/files_sharing/lib/api.php b/apps/files_sharing/lib/api.php deleted file mode 100644 index 8556036f118..00000000000 --- a/apps/files_sharing/lib/api.php +++ /dev/null @@ -1,599 +0,0 @@ -. - * - */ - -namespace OCA\Files\Share; - -class Api { - - /** - * get all shares - * - * @param array $params option 'file' to limit the result to a specific file/folder - * @return \OC_OCS_Result share information - */ - public static function getAllShares($params) { - if (isset($_GET['shared_with_me']) && $_GET['shared_with_me'] !== 'false') { - return self::getFilesSharedWithMe(); - } - // if a file is specified, get the share for this file - if (isset($_GET['path'])) { - $params['itemSource'] = self::getFileId($_GET['path']); - $params['path'] = $_GET['path']; - $params['itemType'] = self::getItemType($_GET['path']); - - if ( isset($_GET['reshares']) && $_GET['reshares'] !== 'false' ) { - $params['reshares'] = true; - } else { - $params['reshares'] = false; - } - - if (isset($_GET['subfiles']) && $_GET['subfiles'] !== 'false') { - return self::getSharesFromFolder($params); - } - return self::collectShares($params); - } - - $shares = \OCP\Share::getItemShared('file', null); - - if ($shares === false) { - return new \OC_OCS_Result(null, 404, 'could not get shares'); - } else { - foreach ($shares as &$share) { - if ($share['item_type'] === 'file' && isset($share['path'])) { - $share['mimetype'] = \OC_Helper::getFileNameMimeType($share['path']); - if (\OC::$server->getPreviewManager()->isMimeSupported($share['mimetype'])) { - $share['isPreviewAvailable'] = true; - } - } - } - return new \OC_OCS_Result($shares); - } - - } - - /** - * get share information for a given share - * - * @param array $params which contains a 'id' - * @return \OC_OCS_Result share information - */ - public static function getShare($params) { - - $s = self::getShareFromId($params['id']); - $params['itemSource'] = $s['file_source']; - $params['itemType'] = $s['item_type']; - $params['specificShare'] = true; - - return self::collectShares($params); - } - - /** - * collect all share information, either of a specific share or all - * shares for a given path - * @param array $params - * @return \OC_OCS_Result - */ - private static function collectShares($params) { - - $itemSource = $params['itemSource']; - $itemType = $params['itemType']; - $getSpecificShare = isset($params['specificShare']) ? $params['specificShare'] : false; - - if ($itemSource !== null) { - $shares = \OCP\Share::getItemShared($itemType, $itemSource); - $receivedFrom = \OCP\Share::getItemSharedWithBySource($itemType, $itemSource); - // if a specific share was specified only return this one - if ($getSpecificShare === true) { - foreach ($shares as $share) { - if ($share['id'] === (int) $params['id']) { - $shares = array('element' => $share); - break; - } - } - } else { - $path = $params['path']; - foreach ($shares as $key => $share) { - $shares[$key]['path'] = $path; - } - } - - - // include also reshares in the lists. This means that the result - // will contain every user with access to the file. - if (isset($params['reshares']) && $params['reshares'] === true) { - $shares = self::addReshares($shares, $itemSource); - } - - if ($receivedFrom) { - foreach ($shares as $key => $share) { - $shares[$key]['received_from'] = $receivedFrom['uid_owner']; - $shares[$key]['received_from_displayname'] = \OCP\User::getDisplayName($receivedFrom['uid_owner']); - } - } - } else { - $shares = null; - } - - if ($shares === null || empty($shares)) { - return new \OC_OCS_Result(null, 404, 'share doesn\'t exist'); - } else { - return new \OC_OCS_Result($shares); - } - } - - /** - * add reshares to a array of shares - * @param array $shares array of shares - * @param int $itemSource item source ID - * @return array new shares array which includes reshares - */ - private static function addReshares($shares, $itemSource) { - - // if there are no shares than there are also no reshares - $firstShare = reset($shares); - if ($firstShare) { - $path = $firstShare['path']; - } else { - return $shares; - } - - $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `file_source`, `path` , `*PREFIX*share`.`permissions`, `stime`, `expiration`, `token`, `storage`, `mail_send`, `mail_send`'; - $getReshares = \OC_DB::prepare('SELECT ' . $select . ' FROM `*PREFIX*share` INNER JOIN `*PREFIX*filecache` ON `file_source` = `*PREFIX*filecache`.`fileid` WHERE `*PREFIX*share`.`file_source` = ? AND `*PREFIX*share`.`item_type` IN (\'file\', \'folder\') AND `uid_owner` != ?'); - $reshares = $getReshares->execute(array($itemSource, \OCP\User::getUser()))->fetchAll(); - - foreach ($reshares as $key => $reshare) { - if (isset($reshare['share_with']) && $reshare['share_with'] !== '') { - $reshares[$key]['share_with_displayname'] = \OCP\User::getDisplayName($reshare['share_with']); - } - // add correct path to the result - $reshares[$key]['path'] = $path; - } - - return array_merge($shares, $reshares); - } - - /** - * get share from all files in a given folder (non-recursive) - * @param array $params contains 'path' to the folder - * @return \OC_OCS_Result - */ - private static function getSharesFromFolder($params) { - $path = $params['path']; - $view = new \OC\Files\View('/'.\OCP\User::getUser().'/files'); - - if(!$view->is_dir($path)) { - return new \OC_OCS_Result(null, 400, "not a directory"); - } - - $content = $view->getDirectoryContent($path); - - $result = array(); - foreach ($content as $file) { - // workaround because folders are named 'dir' in this context - $itemType = $file['type'] === 'file' ? 'file' : 'folder'; - $share = \OCP\Share::getItemShared($itemType, $file['fileid']); - if($share) { - $receivedFrom = \OCP\Share::getItemSharedWithBySource($itemType, $file['fileid']); - reset($share); - $key = key($share); - if ($receivedFrom) { - $share[$key]['received_from'] = $receivedFrom['uid_owner']; - $share[$key]['received_from_displayname'] = \OCP\User::getDisplayName($receivedFrom['uid_owner']); - } - $result = array_merge($result, $share); - } - } - - return new \OC_OCS_Result($result); - } - - /** - * get files shared with the user - * @return \OC_OCS_Result - */ - private static function getFilesSharedWithMe() { - try { - $shares = \OCP\Share::getItemsSharedWith('file'); - foreach ($shares as &$share) { - if ($share['item_type'] === 'file') { - $share['mimetype'] = \OC_Helper::getFileNameMimeType($share['file_target']); - if (\OC::$server->getPreviewManager()->isMimeSupported($share['mimetype'])) { - $share['isPreviewAvailable'] = true; - } - } - } - $result = new \OC_OCS_Result($shares); - } catch (\Exception $e) { - $result = new \OC_OCS_Result(null, 403, $e->getMessage()); - } - - return $result; - - } - - /** - * create a new share - * @param array $params - * @return \OC_OCS_Result - */ - public static function createShare($params) { - - $path = isset($_POST['path']) ? $_POST['path'] : null; - - if($path === null) { - return new \OC_OCS_Result(null, 400, "please specify a file or folder path"); - } - $itemSource = self::getFileId($path); - $itemType = self::getItemType($path); - - if($itemSource === null) { - return new \OC_OCS_Result(null, 404, "wrong path, file/folder doesn't exist."); - } - - $shareWith = isset($_POST['shareWith']) ? $_POST['shareWith'] : null; - $shareType = isset($_POST['shareType']) ? (int)$_POST['shareType'] : null; - - switch($shareType) { - case \OCP\Share::SHARE_TYPE_USER: - $permissions = isset($_POST['permissions']) ? (int)$_POST['permissions'] : 31; - break; - case \OCP\Share::SHARE_TYPE_GROUP: - $permissions = isset($_POST['permissions']) ? (int)$_POST['permissions'] : 31; - break; - case \OCP\Share::SHARE_TYPE_LINK: - //allow password protection - $shareWith = isset($_POST['password']) ? $_POST['password'] : null; - //check public link share - $publicUploadEnabled = \OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes'); - if(isset($_POST['publicUpload']) && $publicUploadEnabled !== 'yes') { - return new \OC_OCS_Result(null, 403, "public upload disabled by the administrator"); - } - $publicUpload = isset($_POST['publicUpload']) ? $_POST['publicUpload'] : 'false'; - // read, create, update (7) if public upload is enabled or - // read (1) if public upload is disabled - $permissions = $publicUpload === 'true' ? 7 : 1; - break; - default: - return new \OC_OCS_Result(null, 400, "unknown share type"); - } - - try { - $token = \OCP\Share::shareItem( - $itemType, - $itemSource, - $shareType, - $shareWith, - $permissions - ); - } catch (\Exception $e) { - return new \OC_OCS_Result(null, 403, $e->getMessage()); - } - - if ($token) { - $data = array(); - $data['id'] = 'unknown'; - $shares = \OCP\Share::getItemShared($itemType, $itemSource); - if(is_string($token)) { //public link share - foreach ($shares as $share) { - if ($share['token'] === $token) { - $data['id'] = $share['id']; - break; - } - } - $url = \OCP\Util::linkToPublic('files&t='.$token); - $data['url'] = $url; // '&' gets encoded to $amp; - $data['token'] = $token; - - } else { - foreach ($shares as $share) { - if ($share['share_with'] === $shareWith && $share['share_type'] === $shareType) { - $data['id'] = $share['id']; - break; - } - } - } - return new \OC_OCS_Result($data); - } else { - return new \OC_OCS_Result(null, 404, "couldn't share file"); - } - } - - /** - * update shares, e.g. password, permissions, etc - * @param array $params shareId 'id' and the parameter we want to update - * currently supported: permissions, password, publicUpload - * @return \OC_OCS_Result - */ - public static function updateShare($params) { - - $share = self::getShareFromId($params['id']); - - if(!isset($share['file_source'])) { - return new \OC_OCS_Result(null, 404, "wrong share Id, share doesn't exist."); - } - - try { - if(isset($params['_put']['permissions'])) { - return self::updatePermissions($share, $params); - } elseif (isset($params['_put']['password'])) { - return self::updatePassword($share, $params); - } elseif (isset($params['_put']['publicUpload'])) { - return self::updatePublicUpload($share, $params); - } elseif (isset($params['_put']['expireDate'])) { - return self::updateExpireDate($share, $params); - } - } catch (\Exception $e) { - - return new \OC_OCS_Result(null, 400, $e->getMessage()); - } - - return new \OC_OCS_Result(null, 400, "Wrong or no update parameter given"); - - } - - /** - * update permissions for a share - * @param array $share information about the share - * @param array $params contains 'permissions' - * @return \OC_OCS_Result - */ - private static function updatePermissions($share, $params) { - - $itemSource = $share['item_source']; - $itemType = $share['item_type']; - $shareWith = $share['share_with']; - $shareType = $share['share_type']; - $permissions = isset($params['_put']['permissions']) ? (int)$params['_put']['permissions'] : null; - - $publicUploadStatus = \OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes'); - $publicUploadEnabled = ($publicUploadStatus === 'yes') ? true : false; - - - // only change permissions for public shares if public upload is enabled - // and we want to set permissions to 1 (read only) or 7 (allow upload) - if ( (int)$shareType === \OCP\Share::SHARE_TYPE_LINK ) { - if ($publicUploadEnabled === false || ($permissions !== 7 && $permissions !== 1)) { - return new \OC_OCS_Result(null, 400, "can't change permission for public link share"); - } - } - - try { - $return = \OCP\Share::setPermissions( - $itemType, - $itemSource, - $shareType, - $shareWith, - $permissions - ); - } catch (\Exception $e) { - return new \OC_OCS_Result(null, 404, $e->getMessage()); - } - - if ($return) { - return new \OC_OCS_Result(); - } else { - return new \OC_OCS_Result(null, 404, "couldn't set permissions"); - } - } - - /** - * enable/disable public upload - * @param array $share information about the share - * @param array $params contains 'publicUpload' which can be 'yes' or 'no' - * @return \OC_OCS_Result - */ - private static function updatePublicUpload($share, $params) { - - $publicUploadEnabled = \OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes'); - if($publicUploadEnabled !== 'yes') { - return new \OC_OCS_Result(null, 403, "public upload disabled by the administrator"); - } - - if ($share['item_type'] !== 'folder' || - (int)$share['share_type'] !== \OCP\Share::SHARE_TYPE_LINK ) { - return new \OC_OCS_Result(null, 400, "public upload is only possible for public shared folders"); - } - - // read, create, update (7) if public upload is enabled or - // read (1) if public upload is disabled - $params['_put']['permissions'] = $params['_put']['publicUpload'] === 'true' ? 7 : 1; - - return self::updatePermissions($share, $params); - - } - - /** - * set expire date for public link share - * @param array $share information about the share - * @param array $params contains 'expireDate' which needs to be a well formated date string, e.g DD-MM-YYYY - * @return \OC_OCS_Result - */ - private static function updateExpireDate($share, $params) { - // only public links can have a expire date - if ((int)$share['share_type'] !== \OCP\Share::SHARE_TYPE_LINK ) { - return new \OC_OCS_Result(null, 400, "expire date only exists for public link shares"); - } - - try { - $expireDateSet = \OCP\Share::setExpirationDate($share['item_type'], $share['item_source'], $params['_put']['expireDate'], (int)$share['stime']); - $result = ($expireDateSet) ? new \OC_OCS_Result() : new \OC_OCS_Result(null, 404, "couldn't set expire date"); - } catch (\Exception $e) { - $result = new \OC_OCS_Result(null, 404, $e->getMessage()); - } - - return $result; - - } - - /** - * update password for public link share - * @param array $share information about the share - * @param array $params 'password' - * @return \OC_OCS_Result - */ - private static function updatePassword($share, $params) { - - $itemSource = $share['item_source']; - $itemType = $share['item_type']; - - if( (int)$share['share_type'] !== \OCP\Share::SHARE_TYPE_LINK) { - return new \OC_OCS_Result(null, 400, "password protection is only supported for public shares"); - } - - $shareWith = isset($params['_put']['password']) ? $params['_put']['password'] : null; - - if($shareWith === '') { - $shareWith = null; - } - - $items = \OCP\Share::getItemShared($itemType, $itemSource); - - $checkExists = false; - foreach ($items as $item) { - if($item['share_type'] === \OCP\Share::SHARE_TYPE_LINK) { - $checkExists = true; - $permissions = $item['permissions']; - } - } - - if (!$checkExists) { - return new \OC_OCS_Result(null, 404, "share doesn't exists, can't change password"); - } - - try { - $result = \OCP\Share::shareItem( - $itemType, - $itemSource, - \OCP\Share::SHARE_TYPE_LINK, - $shareWith, - $permissions - ); - } catch (\Exception $e) { - return new \OC_OCS_Result(null, 403, $e->getMessage()); - } - - if($result) { - return new \OC_OCS_Result(); - } - - return new \OC_OCS_Result(null, 404, "couldn't set password"); - } - - /** - * unshare a file/folder - * @param array $params contains the shareID 'id' which should be unshared - * @return \OC_OCS_Result - */ - public static function deleteShare($params) { - - $share = self::getShareFromId($params['id']); - $fileSource = isset($share['file_source']) ? $share['file_source'] : null; - $itemType = isset($share['item_type']) ? $share['item_type'] : null;; - - if($fileSource === null) { - return new \OC_OCS_Result(null, 404, "wrong share ID, share doesn't exist."); - } - - $shareWith = isset($share['share_with']) ? $share['share_with'] : null; - $shareType = isset($share['share_type']) ? (int)$share['share_type'] : null; - - if( $shareType === \OCP\Share::SHARE_TYPE_LINK) { - $shareWith = null; - } - - try { - $return = \OCP\Share::unshare( - $itemType, - $fileSource, - $shareType, - $shareWith); - } catch (\Exception $e) { - return new \OC_OCS_Result(null, 404, $e->getMessage()); - } - - if ($return) { - return new \OC_OCS_Result(); - } else { - $msg = "Unshare Failed"; - return new \OC_OCS_Result(null, 404, $msg); - } - } - - /** - * get file ID from a given path - * @param string $path - * @return string fileID or null - */ - private static function getFileId($path) { - - $view = new \OC\Files\View('/'.\OCP\User::getUser().'/files'); - $fileId = null; - $fileInfo = $view->getFileInfo($path); - if ($fileInfo) { - $fileId = $fileInfo['fileid']; - } - - return $fileId; - } - - /** - * get itemType - * @param string $path - * @return string type 'file', 'folder' or null of file/folder doesn't exists - */ - private static function getItemType($path) { - $view = new \OC\Files\View('/'.\OCP\User::getUser().'/files'); - $itemType = null; - - if ($view->is_dir($path)) { - $itemType = "folder"; - } elseif ($view->is_file($path)) { - $itemType = "file"; - } - - return $itemType; - } - - /** - * get some information from a given share - * @param int $shareID - * @return array with: item_source, share_type, share_with, item_type, permissions - */ - private static function getShareFromId($shareID) { - $sql = 'SELECT `file_source`, `item_source`, `share_type`, `share_with`, `item_type`, `permissions`, `stime` FROM `*PREFIX*share` WHERE `id` = ?'; - $args = array($shareID); - $query = \OCP\DB::prepare($sql); - $result = $query->execute($args); - - if (\OCP\DB::isError($result)) { - \OCP\Util::writeLog('files_sharing', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); - return null; - } - if ($share = $result->fetchRow()) { - return $share; - } - - return null; - - } - -} diff --git a/apps/files_sharing/lib/external/manager.php b/apps/files_sharing/lib/external/manager.php index 8176302a86a..3b5483a5108 100644 --- a/apps/files_sharing/lib/external/manager.php +++ b/apps/files_sharing/lib/external/manager.php @@ -50,14 +50,8 @@ class Manager { public function addShare($remote, $token, $password, $name, $owner) { $user = $this->userSession->getUser(); if ($user) { - $query = $this->connection->prepare(' - INSERT INTO `*PREFIX*share_external` - (`remote`, `share_token`, `password`, `name`, `owner`, `user`, `mountpoint`, `mountpoint_hash`) - VALUES (?, ?, ?, ?, ?, ?, ?, ?) - '); $mountPoint = Filesystem::normalizePath('/' . $name); - $hash = md5($mountPoint); - $query->execute(array($remote, $token, $password, $name, $owner, $user->getUID(), $mountPoint, $hash)); + \OCA\Files_Sharing\Helper::addServer2ServerShare($remote, $token, $name, $mountPoint, $owner, $user->getUID(), $password, -1, true); $options = array( 'remote' => $remote, @@ -81,9 +75,9 @@ class Manager { $query = $this->connection->prepare(' SELECT `remote`, `share_token`, `password`, `mountpoint`, `owner` FROM `*PREFIX*share_external` - WHERE `user` = ? + WHERE `user` = ? AND `accepted` = ? '); - $query->execute(array($user->getUID())); + $query->execute(array($user->getUID(), 1)); while ($row = $query->fetch()) { $row['manager'] = $this; diff --git a/apps/files_sharing/lib/helper.php b/apps/files_sharing/lib/helper.php index f7204a8db8f..c83debe952f 100644 --- a/apps/files_sharing/lib/helper.php +++ b/apps/files_sharing/lib/helper.php @@ -20,6 +20,30 @@ class Helper { \OCP\Util::connectHook('OCP\Share', 'post_unshareFromSelf', '\OC\Files\Cache\Shared_Updater', 'postUnshareFromSelfHook'); } + /** + * add server-to-server share to database + * + * @param string $remote + * @param string $token + * @param string $name + * @param string $mountPoint + * @param string $owner + * @param string $user + * @param string $password + * @param int $remoteId + * @param bool $accepted + */ + public static function addServer2ServerShare($remote, $token, $name, $mountPoint, $owner, $user, $password='', $remoteId=-1, $accepted = false) { + $accepted = $accepted ? 1 : 0; + $query = \OCP\DB::prepare(' + INSERT INTO `*PREFIX*share_external` + (`remote`, `share_token`, `password`, `name`, `owner`, `user`, `mountpoint`, `mountpoint_hash`, `accepted`, `remote_id`) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?) + '); + $hash = md5($mountPoint); + $query->execute(array($remote, $token, $password, $name, $owner, $user, $mountPoint, $hash, $accepted, $remoteId)); + } + /** * Sets up the filesystem and user for public sharing * @param string $token string share token diff --git a/apps/files_sharing/tests/api.php b/apps/files_sharing/tests/api.php index 1259197423b..dd6de15010f 100644 --- a/apps/files_sharing/tests/api.php +++ b/apps/files_sharing/tests/api.php @@ -76,7 +76,7 @@ class Test_Files_Sharing_Api extends TestCase { $_POST['shareWith'] = \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2; $_POST['shareType'] = \OCP\Share::SHARE_TYPE_USER; - $result = Share\Api::createShare(array()); + $result = \OCA\Files_Sharing\API\Local::createShare(array()); $this->assertTrue($result->succeeded()); $data = $result->getData(); @@ -93,7 +93,7 @@ class Test_Files_Sharing_Api extends TestCase { $_POST['path'] = $this->folder; $_POST['shareType'] = \OCP\Share::SHARE_TYPE_LINK; - $result = Share\Api::createShare(array()); + $result = \OCA\Files_Sharing\API\Local::createShare(array()); // check if API call was successful $this->assertTrue($result->succeeded()); @@ -129,7 +129,7 @@ class Test_Files_Sharing_Api extends TestCase { $_POST['shareType'] = \OCP\Share::SHARE_TYPE_LINK; - $result = Share\Api::createShare(array()); + $result = \OCA\Files_Sharing\API\Local::createShare(array()); $this->assertFalse($result->succeeded()); @@ -138,7 +138,7 @@ class Test_Files_Sharing_Api extends TestCase { $_POST['shareType'] = \OCP\Share::SHARE_TYPE_LINK; $_POST['password'] = ''; - $result = Share\Api::createShare(array()); + $result = \OCA\Files_Sharing\API\Local::createShare(array()); $this->assertFalse($result->succeeded()); // share with password should succeed @@ -146,7 +146,7 @@ class Test_Files_Sharing_Api extends TestCase { $_POST['shareType'] = \OCP\Share::SHARE_TYPE_LINK; $_POST['password'] = 'foo'; - $result = Share\Api::createShare(array()); + $result = \OCA\Files_Sharing\API\Local::createShare(array()); $this->assertTrue($result->succeeded()); $data = $result->getData(); @@ -157,7 +157,7 @@ class Test_Files_Sharing_Api extends TestCase { $params['_put'] = array(); $params['_put']['password'] = 'bar'; - $result = Share\Api::updateShare($params); + $result = \OCA\Files_Sharing\API\Local::updateShare($params); $this->assertTrue($result->succeeded()); // removing password should fail @@ -166,7 +166,7 @@ class Test_Files_Sharing_Api extends TestCase { $params['_put'] = array(); $params['_put']['password'] = ''; - $result = Share\Api::updateShare($params); + $result = \OCA\Files_Sharing\API\Local::updateShare($params); $this->assertFalse($result->succeeded()); // cleanup @@ -187,7 +187,7 @@ class Test_Files_Sharing_Api extends TestCase { $_POST['shareWith'] = \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2; $_POST['shareType'] = \OCP\Share::SHARE_TYPE_USER; - $result = Share\Api::createShare(array()); + $result = \OCA\Files_Sharing\API\Local::createShare(array()); $this->assertTrue($result->succeeded()); $data = $result->getData(); @@ -213,7 +213,7 @@ class Test_Files_Sharing_Api extends TestCase { $_POST['shareWith'] = \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2; $_POST['shareType'] = \OCP\Share::SHARE_TYPE_USER; - $result = Share\Api::createShare(array()); + $result = \OCA\Files_Sharing\API\Local::createShare(array()); $this->assertTrue($result->succeeded()); $data = $result->getData(); @@ -238,7 +238,7 @@ class Test_Files_Sharing_Api extends TestCase { $_POST['shareWith'] = \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2; $_POST['shareType'] = \OCP\Share::SHARE_TYPE_USER; - $result = Share\Api::createShare(array()); + $result = \OCA\Files_Sharing\API\Local::createShare(array()); $this->assertFalse($result->succeeded()); @@ -259,7 +259,7 @@ class Test_Files_Sharing_Api extends TestCase { \OCP\Share::shareItem('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2, 31); - $result = Share\Api::getAllShares(array()); + $result = \OCA\Files_Sharing\API\Local::getAllShares(array()); $this->assertTrue($result->succeeded()); @@ -286,7 +286,7 @@ class Test_Files_Sharing_Api extends TestCase { $_GET['path'] = $this->filename; - $result = Share\Api::getAllShares(array()); + $result = \OCA\Files_Sharing\API\Local::getAllShares(array()); $this->assertTrue($result->succeeded()); @@ -323,7 +323,7 @@ class Test_Files_Sharing_Api extends TestCase { $_GET['path'] = $this->filename; - $result = Share\Api::getAllShares(array()); + $result = \OCA\Files_Sharing\API\Local::getAllShares(array()); $this->assertTrue($result->succeeded()); @@ -333,7 +333,7 @@ class Test_Files_Sharing_Api extends TestCase { // now also ask for the reshares $_GET['reshares'] = 'true'; - $result = Share\Api::getAllShares(array()); + $result = \OCA\Files_Sharing\API\Local::getAllShares(array()); $this->assertTrue($result->succeeded()); @@ -378,7 +378,7 @@ class Test_Files_Sharing_Api extends TestCase { // call getShare() with share ID $params = array('id' => $share['id']); - $result = Share\Api::getShare($params); + $result = \OCA\Files_Sharing\API\Local::getShare($params); $this->assertTrue($result->succeeded()); @@ -413,7 +413,7 @@ class Test_Files_Sharing_Api extends TestCase { $_GET['path'] = $this->folder; $_GET['subfiles'] = 'true'; - $result = Share\Api::getAllShares(array()); + $result = \OCA\Files_Sharing\API\Local::getAllShares(array()); $this->assertTrue($result->succeeded()); @@ -470,7 +470,7 @@ class Test_Files_Sharing_Api extends TestCase { $_GET['path'] = $value['query']; $_GET['subfiles'] = 'true'; - $result = Share\Api::getAllShares(array()); + $result = \OCA\Files_Sharing\API\Local::getAllShares(array()); $this->assertTrue($result->succeeded()); @@ -521,7 +521,7 @@ class Test_Files_Sharing_Api extends TestCase { $_GET['path'] = '/'; $_GET['subfiles'] = 'true'; - $result = Share\Api::getAllShares(array()); + $result = \OCA\Files_Sharing\API\Local::getAllShares(array()); $this->assertTrue($result->succeeded()); @@ -583,7 +583,7 @@ class Test_Files_Sharing_Api extends TestCase { $_GET['path'] = '/'; $_GET['subfiles'] = 'true'; - $result = Share\Api::getAllShares(array()); + $result = \OCA\Files_Sharing\API\Local::getAllShares(array()); $this->assertTrue($result->succeeded()); @@ -652,7 +652,7 @@ class Test_Files_Sharing_Api extends TestCase { $expectedPath1 = $this->subfolder; $_GET['path'] = $expectedPath1; - $result1 = Share\Api::getAllShares(array()); + $result1 = \OCA\Files_Sharing\API\Local::getAllShares(array()); $this->assertTrue($result1->succeeded()); @@ -664,7 +664,7 @@ class Test_Files_Sharing_Api extends TestCase { $expectedPath2 = $this->folder . $this->subfolder; $_GET['path'] = $expectedPath2; - $result2 = Share\Api::getAllShares(array()); + $result2 = \OCA\Files_Sharing\API\Local::getAllShares(array()); $this->assertTrue($result2->succeeded()); @@ -734,7 +734,7 @@ class Test_Files_Sharing_Api extends TestCase { $_GET['path'] = '/'; $_GET['subfiles'] = 'true'; - $result = Share\Api::getAllShares(array()); + $result = \OCA\Files_Sharing\API\Local::getAllShares(array()); $this->assertTrue($result->succeeded()); @@ -771,7 +771,7 @@ class Test_Files_Sharing_Api extends TestCase { $params = array('id' => 0); - $result = Share\Api::getShare($params); + $result = \OCA\Files_Sharing\API\Local::getShare($params); $this->assertEquals(404, $result->getStatusCode()); $meta = $result->getMeta(); @@ -831,7 +831,7 @@ class Test_Files_Sharing_Api extends TestCase { $params['_put'] = array(); $params['_put']['permissions'] = 1; - $result = Share\Api::updateShare($params); + $result = \OCA\Files_Sharing\API\Local::updateShare($params); $meta = $result->getMeta(); $this->assertTrue($result->succeeded(), $meta['message']); @@ -859,7 +859,7 @@ class Test_Files_Sharing_Api extends TestCase { $params['_put'] = array(); $params['_put']['password'] = 'foo'; - $result = Share\Api::updateShare($params); + $result = \OCA\Files_Sharing\API\Local::updateShare($params); $this->assertTrue($result->succeeded()); @@ -919,7 +919,7 @@ class Test_Files_Sharing_Api extends TestCase { $params['_put'] = array(); $params['_put']['publicUpload'] = 'true'; - $result = Share\Api::updateShare($params); + $result = \OCA\Files_Sharing\API\Local::updateShare($params); $this->assertTrue($result->succeeded()); @@ -977,7 +977,7 @@ class Test_Files_Sharing_Api extends TestCase { $params['_put'] = array(); $params['_put']['expireDate'] = $dateWithinRange->format('Y-m-d'); - $result = Share\Api::updateShare($params); + $result = \OCA\Files_Sharing\API\Local::updateShare($params); $this->assertTrue($result->succeeded()); @@ -995,7 +995,7 @@ class Test_Files_Sharing_Api extends TestCase { $params['_put'] = array(); $params['_put']['expireDate'] = $dateOutOfRange->format('Y-m-d'); - $result = Share\Api::updateShare($params); + $result = \OCA\Files_Sharing\API\Local::updateShare($params); $this->assertFalse($result->succeeded()); @@ -1033,7 +1033,7 @@ class Test_Files_Sharing_Api extends TestCase { $this->assertEquals(2, count($items)); foreach ($items as $item) { - $result = Share\Api::deleteShare(array('id' => $item['id'])); + $result = \OCA\Files_Sharing\API\Local::deleteShare(array('id' => $item['id'])); $this->assertTrue($result->succeeded()); } @@ -1072,7 +1072,7 @@ class Test_Files_Sharing_Api extends TestCase { $this->assertEquals(1, count($items)); $item = reset($items); - $result3 = Share\Api::deleteShare(array('id' => $item['id'])); + $result3 = \OCA\Files_Sharing\API\Local::deleteShare(array('id' => $item['id'])); $this->assertTrue($result3->succeeded()); diff --git a/apps/files_sharing/tests/server2server.php b/apps/files_sharing/tests/server2server.php new file mode 100644 index 00000000000..7aec0c4951f --- /dev/null +++ b/apps/files_sharing/tests/server2server.php @@ -0,0 +1,102 @@ + + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see . + * + */ + +use OCA\Files_Sharing\Tests\TestCase; + +/** + * Class Test_Files_Sharing_Api + */ +class Test_Files_Sharing_S2S_OCS_API extends TestCase { + + const TEST_FOLDER_NAME = '/folder_share_api_test'; + + private $s2s; + + protected function setUp() { + parent::setUp(); + + self::loginHelper(self::TEST_FILES_SHARING_API_USER1); + \OCP\Share::registerBackend('test', 'Test_Share_Backend'); + + $this->s2s = new \OCA\Files_Sharing\API\Server2Server(); + } + + protected function tearDown() { + $query = \OCP\DB::prepare('DELETE FROM `*PREFIX*share_external`'); + $query->execute(); + + parent::tearDown(); + } + + /** + * @medium + */ + function testCreateShare() { + // simulate a post request + $_POST['remote'] = 'localhost'; + $_POST['token'] = 'token'; + $_POST['name'] = 'name'; + $_POST['owner'] = 'owner'; + $_POST['shareWith'] = self::TEST_FILES_SHARING_API_USER2; + $_POST['remote_id'] = 1; + + $result = $this->s2s->createShare(null); + + $this->assertTrue($result->succeeded()); + + $query = \OCP\DB::prepare('SELECT * FROM `*PREFIX*share_external` WHERE `remote_id` = ?'); + $result = $query->execute(array('1')); + $data = $result->fetchRow(); + + $this->assertSame('localhost', $data['remote']); + $this->assertSame('token', $data['share_token']); + $this->assertSame('/name', $data['name']); + $this->assertSame('owner', $data['owner']); + $this->assertSame(self::TEST_FILES_SHARING_API_USER2, $data['user']); + $this->assertSame(1, (int)$data['remote_id']); + $this->assertSame(0, (int)$data['accepted']); + } + + + function testDeclineShare() { + $dummy = \OCP\DB::prepare(' + INSERT INTO `*PREFIX*share` + (`share_type`, `uid_owner`, `item_type`, `item_source`, `item_target`, `file_source`, `file_target`, `permissions`, `stime`, `token`) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?) + '); + $dummy->execute(array(\OCP\Share::SHARE_TYPE_REMOTE, self::TEST_FILES_SHARING_API_USER1, 'test', '1', '/1', '1', '/test.txt', '1', time(), 'token')); + + $verify = \OCP\DB::prepare('SELECT * FROM `*PREFIX*share`'); + $result = $verify->execute(); + $data = $result->fetchAll(); + $this->assertSame(1, count($data)); + + $_POST['token'] = 'token'; + $this->s2s->declineShare(array('id' => $data[0]['id'])); + + $verify = \OCP\DB::prepare('SELECT * FROM `*PREFIX*share`'); + $result = $verify->execute(); + $data = $result->fetchAll(); + $this->assertEmpty($data); + } +} -- cgit v1.2.3