From 38a260e963abd04b75aff8d67a8cf7b3b20a9c67 Mon Sep 17 00:00:00 2001 From: Robin McCorkell Date: Thu, 17 Sep 2015 10:24:19 +0100 Subject: Revert "Implement more fine-grained external storage permissions model" This reverts commit 0b97a05e7bd631d66de1c2aee115113ada8a5f63. This reverts commit d2e3c17c0000bc0020f1ff641190452f370434de. This reverts commit cc88c5f4b84da57c425cbdb7dc8b391b1942b503. --- .../controller/globalstoragescontroller.php | 12 +- .../controller/storagescontroller.php | 13 +- .../controller/userstoragescontroller.php | 12 +- apps/files_external/lib/auth/authmechanism.php | 6 +- apps/files_external/lib/backend/backend.php | 6 +- apps/files_external/lib/backend/local.php | 2 +- apps/files_external/lib/backend/sftp_key.php | 2 - apps/files_external/lib/backend/smb_oc.php | 2 - apps/files_external/lib/permissionstrait.php | 164 --------------------- apps/files_external/lib/visibilitytrait.php | 136 +++++++++++++++++ apps/files_external/personal.php | 4 +- apps/files_external/service/backendservice.php | 20 +-- apps/files_external/settings.php | 8 +- apps/files_external/templates/settings.php | 2 +- .../tests/controller/storagescontrollertest.php | 16 +- .../controller/userstoragescontrollertest.php | 16 +- .../tests/service/backendservicetest.php | 6 +- 17 files changed, 190 insertions(+), 237 deletions(-) delete mode 100644 apps/files_external/lib/permissionstrait.php create mode 100644 apps/files_external/lib/visibilitytrait.php (limited to 'apps') diff --git a/apps/files_external/controller/globalstoragescontroller.php b/apps/files_external/controller/globalstoragescontroller.php index 7d97fdbb4f4..3686a6189b4 100644 --- a/apps/files_external/controller/globalstoragescontroller.php +++ b/apps/files_external/controller/globalstoragescontroller.php @@ -98,7 +98,7 @@ class GlobalStoragesController extends StoragesController { return $newStorage; } - $response = $this->validate($newStorage, BackendService::PERMISSION_CREATE); + $response = $this->validate($newStorage); if (!empty($response)) { return $response; } @@ -154,7 +154,7 @@ class GlobalStoragesController extends StoragesController { } $storage->setId($id); - $response = $this->validate($storage, BackendService::PERMISSION_MODIFY); + $response = $this->validate($storage); if (!empty($response)) { return $response; } @@ -180,12 +180,12 @@ class GlobalStoragesController extends StoragesController { } /** - * Get the user type for this controller, used in validation + * Get the visibility type for this controller, used in validation * - * @return string BackendService::USER_* constants + * @return string BackendService::VISIBILITY_* constants */ - protected function getUserType() { - return BackendService::USER_ADMIN; + protected function getVisibilityType() { + return BackendService::VISIBILITY_ADMIN; } diff --git a/apps/files_external/controller/storagescontroller.php b/apps/files_external/controller/storagescontroller.php index 46202c8ba4a..71055fd1b9c 100644 --- a/apps/files_external/controller/storagescontroller.php +++ b/apps/files_external/controller/storagescontroller.php @@ -125,11 +125,10 @@ abstract class StoragesController extends Controller { * Validate storage config * * @param StorageConfig $storage storage config - * @param int $permissionCheck permission to check * * @return DataResponse|null returns response in case of validation error */ - protected function validate(StorageConfig $storage, $permissionCheck = BackendService::PERMISSION_CREATE) { + protected function validate(StorageConfig $storage) { $mountPoint = $storage->getMountPoint(); if ($mountPoint === '' || $mountPoint === '/') { return new DataResponse( @@ -166,7 +165,7 @@ abstract class StoragesController extends Controller { ); } - if (!$backend->isPermitted($this->getUserType(), $permissionCheck)) { + if (!$backend->isVisibleFor($this->getVisibilityType())) { // not permitted to use backend return new DataResponse( array( @@ -177,7 +176,7 @@ abstract class StoragesController extends Controller { Http::STATUS_UNPROCESSABLE_ENTITY ); } - if (!$authMechanism->isPermitted($this->getUserType(), $permissionCheck)) { + if (!$authMechanism->isVisibleFor($this->getVisibilityType())) { // not permitted to use auth mechanism return new DataResponse( array( @@ -212,11 +211,11 @@ abstract class StoragesController extends Controller { } /** - * Get the user type for this controller, used in validation + * Get the visibility type for this controller, used in validation * - * @return string BackendService::USER_* constants + * @return string BackendService::VISIBILITY_* constants */ - abstract protected function getUserType(); + abstract protected function getVisibilityType(); /** * Check whether the given storage is available / valid. diff --git a/apps/files_external/controller/userstoragescontroller.php b/apps/files_external/controller/userstoragescontroller.php index 801c9ab0aae..fcbe692d79e 100644 --- a/apps/files_external/controller/userstoragescontroller.php +++ b/apps/files_external/controller/userstoragescontroller.php @@ -103,7 +103,7 @@ class UserStoragesController extends StoragesController { return $newStorage; } - $response = $this->validate($newStorage, BackendService::PERMISSION_CREATE); + $response = $this->validate($newStorage); if (!empty($response)) { return $response; } @@ -151,7 +151,7 @@ class UserStoragesController extends StoragesController { } $storage->setId($id); - $response = $this->validate($storage, BackendService::PERMISSION_MODIFY); + $response = $this->validate($storage); if (!empty($response)) { return $response; } @@ -188,12 +188,12 @@ class UserStoragesController extends StoragesController { } /** - * Get the user type for this controller, used in validation + * Get the visibility type for this controller, used in validation * - * @return string BackendService::USER_* constants + * @return string BackendService::VISIBILITY_* constants */ - protected function getUserType() { - return BackendService::USER_PERSONAL; + protected function getVisibilityType() { + return BackendService::VISIBILITY_PERSONAL; } } diff --git a/apps/files_external/lib/auth/authmechanism.php b/apps/files_external/lib/auth/authmechanism.php index ddc0c6a4dca..11d99bb330d 100644 --- a/apps/files_external/lib/auth/authmechanism.php +++ b/apps/files_external/lib/auth/authmechanism.php @@ -22,7 +22,7 @@ namespace OCA\Files_External\Lib\Auth; use \OCA\Files_External\Lib\StorageConfig; -use \OCA\Files_External\Lib\PermissionsTrait; +use \OCA\Files_External\Lib\VisibilityTrait; use \OCA\Files_External\Lib\IdentifierTrait; use \OCA\Files_External\Lib\FrontendDefinitionTrait; use \OCA\Files_External\Lib\StorageModifierTrait; @@ -40,7 +40,7 @@ use \OCA\Files_External\Lib\StorageModifierTrait; * scheme, which are provided from the authentication mechanism. * * This class uses the following traits: - * - PermissionsTrait + * - VisibilityTrait * Restrict usage to admin-only/none * - FrontendDefinitionTrait * Specify configuration parameters and other definitions @@ -58,7 +58,7 @@ class AuthMechanism implements \JsonSerializable { const SCHEME_PUBLICKEY = 'publickey'; const SCHEME_OPENSTACK = 'openstack'; - use PermissionsTrait; + use VisibilityTrait; use FrontendDefinitionTrait; use StorageModifierTrait; use IdentifierTrait; diff --git a/apps/files_external/lib/backend/backend.php b/apps/files_external/lib/backend/backend.php index 2a2add3ac59..90d5d38ed94 100644 --- a/apps/files_external/lib/backend/backend.php +++ b/apps/files_external/lib/backend/backend.php @@ -22,7 +22,7 @@ namespace OCA\Files_External\Lib\Backend; use \OCA\Files_External\Lib\StorageConfig; -use \OCA\Files_External\Lib\PermissionsTrait; +use \OCA\Files_External\Lib\VisibilityTrait; use \OCA\Files_External\Lib\FrontendDefinitionTrait; use \OCA\Files_External\Lib\PriorityTrait; use \OCA\Files_External\Lib\DependencyTrait; @@ -43,7 +43,7 @@ use \OCA\Files_External\Lib\Auth\AuthMechanism; * scheme, which are provided from the authentication mechanism. * * This class uses the following traits: - * - PermissionsTrait + * - VisibilityTrait * Restrict usage to admin-only/none * - FrontendDefinitionTrait * Specify configuration parameters and other definitions @@ -56,7 +56,7 @@ use \OCA\Files_External\Lib\Auth\AuthMechanism; */ class Backend implements \JsonSerializable { - use PermissionsTrait; + use VisibilityTrait; use FrontendDefinitionTrait; use PriorityTrait; use DependencyTrait; diff --git a/apps/files_external/lib/backend/local.php b/apps/files_external/lib/backend/local.php index a6635491b6e..a80b437fab7 100644 --- a/apps/files_external/lib/backend/local.php +++ b/apps/files_external/lib/backend/local.php @@ -39,7 +39,7 @@ class Local extends Backend { ->addParameters([ (new DefinitionParameter('datadir', $l->t('Location'))), ]) - ->setAllowedPermissions(BackendService::USER_PERSONAL, BackendService::PERMISSION_NONE) + ->setAllowedVisibility(BackendService::VISIBILITY_ADMIN) ->setPriority(BackendService::PRIORITY_DEFAULT + 50) ->addAuthScheme(AuthMechanism::SCHEME_NULL) ->setLegacyAuthMechanism($legacyAuth) diff --git a/apps/files_external/lib/backend/sftp_key.php b/apps/files_external/lib/backend/sftp_key.php index 6a75172026d..4a7f565eb19 100644 --- a/apps/files_external/lib/backend/sftp_key.php +++ b/apps/files_external/lib/backend/sftp_key.php @@ -40,8 +40,6 @@ class SFTP_Key extends Backend { (new DefinitionParameter('root', $l->t('Remote subfolder'))) ->setFlag(DefinitionParameter::FLAG_OPTIONAL), ]) - ->removeAllowedPermission(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE) - ->removeAllowedPermission(BackendService::USER_ADMIN, BackendService::PERMISSION_CREATE) ->addAuthScheme(AuthMechanism::SCHEME_PUBLICKEY) ->setLegacyAuthMechanism($legacyAuth) ; diff --git a/apps/files_external/lib/backend/smb_oc.php b/apps/files_external/lib/backend/smb_oc.php index d21b0ddaf42..a3f3a824040 100644 --- a/apps/files_external/lib/backend/smb_oc.php +++ b/apps/files_external/lib/backend/smb_oc.php @@ -51,8 +51,6 @@ class SMB_OC extends Backend { (new DefinitionParameter('root', $l->t('Remote subfolder'))) ->setFlag(DefinitionParameter::FLAG_OPTIONAL), ]) - ->removeAllowedPermission(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE) - ->removeAllowedPermission(BackendService::USER_ADMIN, BackendService::PERMISSION_CREATE) ->setPriority(BackendService::PRIORITY_DEFAULT - 10) ->addAuthScheme(AuthMechanism::SCHEME_PASSWORD) ->setLegacyAuthMechanism($legacyAuth) diff --git a/apps/files_external/lib/permissionstrait.php b/apps/files_external/lib/permissionstrait.php deleted file mode 100644 index 8509a01e422..00000000000 --- a/apps/files_external/lib/permissionstrait.php +++ /dev/null @@ -1,164 +0,0 @@ - - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_External\Lib; - -use \OCA\Files_External\Service\BackendService; - -/** - * Trait to implement backend and auth mechanism permissions - * - * For user type constants, see BackendService::USER_* - * For permission constants, see BackendService::PERMISSION_* - */ -trait PermissionsTrait { - - /** @var array [user type => permissions] */ - protected $permissions = [ - BackendService::USER_PERSONAL => BackendService::PERMISSION_DEFAULT, - BackendService::USER_ADMIN => BackendService::PERMISSION_DEFAULT, - ]; - - /** @var array [user type => allowed permissions] */ - protected $allowedPermissions = [ - BackendService::USER_PERSONAL => BackendService::PERMISSION_DEFAULT, - BackendService::USER_ADMIN => BackendService::PERMISSION_DEFAULT, - ]; - - /** - * @param string $userType - * @return int - */ - public function getPermissions($userType) { - if (isset($this->permissions[$userType])) { - return $this->permissions[$userType]; - } - return BackendService::PERMISSION_NONE; - } - - /** - * Check if the user type has permission - * - * @param string $userType - * @param int $permission - * @return bool - */ - public function isPermitted($userType, $permission) { - if ($this->getPermissions($userType) & $permission) { - return true; - } - return false; - } - - /** - * @param string $userType - * @param int $permissions - * @return self - */ - public function setPermissions($userType, $permissions) { - $this->permissions[$userType] = $permissions; - $this->allowedPermissions[$userType] = - $this->getAllowedPermissions($userType) | $permissions; - return $this; - } - - /** - * @param string $userType - * @param int $permission - * @return self - */ - public function addPermission($userType, $permission) { - return $this->setPermissions($userType, - $this->getPermissions($userType) | $permission - ); - } - - /** - * @param string $userType - * @param int $permission - * @return self - */ - public function removePermission($userType, $permission) { - return $this->setPermissions($userType, - $this->getPermissions($userType) & ~$permission - ); - } - - /** - * @param string $userType - * @return int - */ - public function getAllowedPermissions($userType) { - if (isset($this->allowedPermissions[$userType])) { - return $this->allowedPermissions[$userType]; - } - return BackendService::PERMISSION_NONE; - } - - /** - * Check if the user type has an allowed permission - * - * @param string $userType - * @param int $permission - * @return bool - */ - public function isAllowedPermitted($userType, $permission) { - if ($this->getAllowedPermissions($userType) & $permission) { - return true; - } - return false; - } - - /** - * @param string $userType - * @param int $permissions - * @return self - */ - public function setAllowedPermissions($userType, $permissions) { - $this->allowedPermissions[$userType] = $permissions; - $this->permissions[$userType] = - $this->getPermissions($userType) & $permissions; - return $this; - } - - /** - * @param string $userType - * @param int $permission - * @return self - */ - public function addAllowedPermission($userType, $permission) { - return $this->setAllowedPermissions($userType, - $this->getAllowedPermissions($userType) | $permission - ); - } - - /** - * @param string $userType - * @param int $permission - * @return self - */ - public function removeAllowedPermission($userType, $permission) { - return $this->setAllowedPermissions($userType, - $this->getAllowedPermissions($userType) & ~$permission - ); - } - -} diff --git a/apps/files_external/lib/visibilitytrait.php b/apps/files_external/lib/visibilitytrait.php new file mode 100644 index 00000000000..dfd2d323ca6 --- /dev/null +++ b/apps/files_external/lib/visibilitytrait.php @@ -0,0 +1,136 @@ + + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Files_External\Lib; + +use \OCA\Files_External\Service\BackendService; + +/** + * Trait to implement visibility mechanics for a configuration class + * + * The standard visibility defines which users/groups can use or see the + * object. The allowed visibility defines the maximum visibility allowed to be + * set on the object. The standard visibility is often set dynamically by + * stored configuration parameters that can be modified by the administrator, + * while the allowed visibility is set directly by the object and cannot be + * modified by the administrator. + */ +trait VisibilityTrait { + + /** @var int visibility */ + protected $visibility = BackendService::VISIBILITY_DEFAULT; + + /** @var int allowed visibilities */ + protected $allowedVisibility = BackendService::VISIBILITY_DEFAULT; + + /** + * @return int + */ + public function getVisibility() { + return $this->visibility; + } + + /** + * Check if the backend is visible for a user type + * + * @param int $visibility + * @return bool + */ + public function isVisibleFor($visibility) { + if ($this->visibility & $visibility) { + return true; + } + return false; + } + + /** + * @param int $visibility + * @return self + */ + public function setVisibility($visibility) { + $this->visibility = $visibility; + $this->allowedVisibility |= $visibility; + return $this; + } + + /** + * @param int $visibility + * @return self + */ + public function addVisibility($visibility) { + return $this->setVisibility($this->visibility | $visibility); + } + + /** + * @param int $visibility + * @return self + */ + public function removeVisibility($visibility) { + return $this->setVisibility($this->visibility & ~$visibility); + } + + /** + * @return int + */ + public function getAllowedVisibility() { + return $this->allowedVisibility; + } + + /** + * Check if the backend is allowed to be visible for a user type + * + * @param int $allowedVisibility + * @return bool + */ + public function isAllowedVisibleFor($allowedVisibility) { + if ($this->allowedVisibility & $allowedVisibility) { + return true; + } + return false; + } + + /** + * @param int $allowedVisibility + * @return self + */ + public function setAllowedVisibility($allowedVisibility) { + $this->allowedVisibility = $allowedVisibility; + $this->visibility &= $allowedVisibility; + return $this; + } + + /** + * @param int $allowedVisibility + * @return self + */ + public function addAllowedVisibility($allowedVisibility) { + return $this->setAllowedVisibility($this->allowedVisibility | $allowedVisibility); + } + + /** + * @param int $allowedVisibility + * @return self + */ + public function removeAllowedVisibility($allowedVisibility) { + return $this->setAllowedVisibility($this->allowedVisibility & ~$allowedVisibility); + } + +} diff --git a/apps/files_external/personal.php b/apps/files_external/personal.php index d47f983b357..efd23512ffe 100644 --- a/apps/files_external/personal.php +++ b/apps/files_external/personal.php @@ -35,10 +35,10 @@ OCP\Util::addScript('files_external', 'settings'); OCP\Util::addStyle('files_external', 'settings'); $backends = array_filter($backendService->getAvailableBackends(), function($backend) { - return $backend->isPermitted(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE); + return $backend->isVisibleFor(BackendService::VISIBILITY_PERSONAL); }); $authMechanisms = array_filter($backendService->getAuthMechanisms(), function($authMechanism) { - return $authMechanism->isPermitted(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE); + return $authMechanism->isVisibleFor(BackendService::VISIBILITY_PERSONAL); }); foreach ($backends as $backend) { if ($backend->getCustomJs()) { diff --git a/apps/files_external/service/backendservice.php b/apps/files_external/service/backendservice.php index 70cb9291660..1e90247b3e4 100644 --- a/apps/files_external/service/backendservice.php +++ b/apps/files_external/service/backendservice.php @@ -31,17 +31,13 @@ use \OCA\Files_External\Lib\Auth\AuthMechanism; */ class BackendService { - /** Permission constants for PermissionsTrait */ - const PERMISSION_NONE = 0; - const PERMISSION_MOUNT = 1; - const PERMISSION_CREATE = 2; - const PERMISSION_MODIFY = 4; + /** Visibility constants for VisibilityTrait */ + const VISIBILITY_NONE = 0; + const VISIBILITY_PERSONAL = 1; + const VISIBILITY_ADMIN = 2; + //const VISIBILITY_ALIENS = 4; - const PERMISSION_DEFAULT = 7; // MOUNT | CREATE | MODIFY - - /** User contants */ - const USER_ADMIN = 'admin'; - const USER_PERSONAL = 'personal'; + const VISIBILITY_DEFAULT = 3; // PERSONAL | ADMIN /** Priority constants for PriorityTrait */ const PRIORITY_DEFAULT = 100; @@ -85,7 +81,7 @@ class BackendService { */ public function registerBackend(Backend $backend) { if (!$this->isAllowedUserBackend($backend)) { - $backend->removePermission(self::USER_PERSONAL, self::PERMISSION_CREATE | self::PERMISSION_MOUNT); + $backend->removeVisibility(BackendService::VISIBILITY_PERSONAL); } foreach ($backend->getIdentifierAliases() as $alias) { $this->backends[$alias] = $backend; @@ -107,7 +103,7 @@ class BackendService { */ public function registerAuthMechanism(AuthMechanism $authMech) { if (!$this->isAllowedAuthMechanism($authMech)) { - $authMech->removePermission(self::USER_PERSONAL, self::PERMISSION_CREATE | self::PERMISSION_MOUNT); + $authMech->removeVisibility(BackendService::VISIBILITY_PERSONAL); } foreach ($authMech->getIdentifierAliases() as $alias) { $this->authMechanisms[$alias] = $authMech; diff --git a/apps/files_external/settings.php b/apps/files_external/settings.php index 840f1325fb5..5c920a1495b 100644 --- a/apps/files_external/settings.php +++ b/apps/files_external/settings.php @@ -42,10 +42,10 @@ OCP\Util::addStyle('files_external', 'settings'); \OC_Util::addVendorStyle('select2/select2'); $backends = array_filter($backendService->getAvailableBackends(), function($backend) { - return $backend->isPermitted(BackendService::USER_ADMIN, BackendService::PERMISSION_CREATE); + return $backend->isVisibleFor(BackendService::VISIBILITY_ADMIN); }); $authMechanisms = array_filter($backendService->getAuthMechanisms(), function($authMechanism) { - return $authMechanism->isPermitted(BackendService::USER_ADMIN, BackendService::PERMISSION_CREATE); + return $authMechanism->isVisibleFor(BackendService::VISIBILITY_ADMIN); }); foreach ($backends as $backend) { if ($backend->getCustomJs()) { @@ -59,9 +59,7 @@ foreach ($authMechanisms as $authMechanism) { } $userBackends = array_filter($backendService->getAvailableBackends(), function($backend) { - return $backend->isAllowedPermitted( - BackendService::USER_PERSONAL, BackendService::PERMISSION_MOUNT - ); + return $backend->isAllowedVisibleFor(BackendService::VISIBILITY_PERSONAL); }); $tmpl = new OCP\Template('files_external', 'settings'); diff --git a/apps/files_external/templates/settings.php b/apps/files_external/templates/settings.php index 7762ff60333..d8b07273028 100644 --- a/apps/files_external/templates/settings.php +++ b/apps/files_external/templates/settings.php @@ -197,7 +197,7 @@

class="hidden"> t('Allow users to mount the following external storage')); ?>
- isPermitted(BackendService::USER_PERSONAL, BackendService::PERMISSION_MOUNT)) print_unescaped(' checked="checked"'); ?> /> + isVisibleFor(BackendService::VISIBILITY_PERSONAL)) print_unescaped(' checked="checked"'); ?> />
diff --git a/apps/files_external/tests/controller/storagescontrollertest.php b/apps/files_external/tests/controller/storagescontrollertest.php index c43761f3bcb..5e1deb821f4 100644 --- a/apps/files_external/tests/controller/storagescontrollertest.php +++ b/apps/files_external/tests/controller/storagescontrollertest.php @@ -75,12 +75,12 @@ abstract class StoragesControllerTest extends \Test\TestCase { $authMech = $this->getAuthMechMock(); $authMech->method('validateStorage') ->willReturn(true); - $authMech->method('isPermitted') + $authMech->method('isVisibleFor') ->willReturn(true); $backend = $this->getBackendMock(); $backend->method('validateStorage') ->willReturn(true); - $backend->method('isPermitted') + $backend->method('isVisibleFor') ->willReturn(true); $storageConfig = new StorageConfig(1); @@ -116,12 +116,12 @@ abstract class StoragesControllerTest extends \Test\TestCase { $authMech = $this->getAuthMechMock(); $authMech->method('validateStorage') ->willReturn(true); - $authMech->method('isPermitted') + $authMech->method('isVisibleFor') ->willReturn(true); $backend = $this->getBackendMock(); $backend->method('validateStorage') ->willReturn(true); - $backend->method('isPermitted') + $backend->method('isVisibleFor') ->willReturn(true); $storageConfig = new StorageConfig(1); @@ -249,12 +249,12 @@ abstract class StoragesControllerTest extends \Test\TestCase { $authMech = $this->getAuthMechMock(); $authMech->method('validateStorage') ->willReturn(true); - $authMech->method('isPermitted') + $authMech->method('isVisibleFor') ->willReturn(true); $backend = $this->getBackendMock(); $backend->method('validateStorage') ->willReturn(true); - $backend->method('isPermitted') + $backend->method('isVisibleFor') ->willReturn(true); $storageConfig = new StorageConfig(255); @@ -338,13 +338,13 @@ abstract class StoragesControllerTest extends \Test\TestCase { $backend = $this->getBackendMock(); $backend->method('validateStorage') ->willReturn($backendValidate); - $backend->method('isPermitted') + $backend->method('isVisibleFor') ->willReturn(true); $authMech = $this->getAuthMechMock(); $authMech->method('validateStorage') ->will($this->returnValue($authMechValidate)); - $authMech->method('isPermitted') + $authMech->method('isVisibleFor') ->willReturn(true); $storageConfig = new StorageConfig(); diff --git a/apps/files_external/tests/controller/userstoragescontrollertest.php b/apps/files_external/tests/controller/userstoragescontrollertest.php index b61174b0797..9f1a8df8d2e 100644 --- a/apps/files_external/tests/controller/userstoragescontrollertest.php +++ b/apps/files_external/tests/controller/userstoragescontrollertest.php @@ -49,21 +49,15 @@ class UserStoragesControllerTest extends StoragesControllerTest { } public function testAddOrUpdateStorageDisallowedBackend() { - $backend1 = $this->getBackendMock(); - $backend1->expects($this->once()) - ->method('isPermitted') - ->with(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE) - ->willReturn(false); - $backend2 = $this->getBackendMock(); - $backend2->expects($this->once()) - ->method('isPermitted') - ->with(BackendService::USER_PERSONAL, BackendService::PERMISSION_MODIFY) + $backend = $this->getBackendMock(); + $backend->method('isVisibleFor') + ->with(BackendService::VISIBILITY_PERSONAL) ->willReturn(false); $authMech = $this->getAuthMechMock(); $storageConfig = new StorageConfig(1); $storageConfig->setMountPoint('mount'); - $storageConfig->setBackend($backend1); + $storageConfig->setBackend($backend); $storageConfig->setAuthMechanism($authMech); $storageConfig->setBackendOptions([]); @@ -88,8 +82,6 @@ class UserStoragesControllerTest extends StoragesControllerTest { $this->assertEquals(Http::STATUS_UNPROCESSABLE_ENTITY, $response->getStatus()); - $storageConfig->setBackend($backend2); - $response = $this->controller->update( 1, 'mount', diff --git a/apps/files_external/tests/service/backendservicetest.php b/apps/files_external/tests/service/backendservicetest.php index b37b5e9b466..414a9eee2ec 100644 --- a/apps/files_external/tests/service/backendservicetest.php +++ b/apps/files_external/tests/service/backendservicetest.php @@ -83,11 +83,11 @@ class BackendServiceTest extends \Test\TestCase { $backendAllowed = $this->getBackendMock('\User\Mount\Allowed'); $backendAllowed->expects($this->never()) - ->method('removePermission'); + ->method('removeVisibility'); $backendNotAllowed = $this->getBackendMock('\User\Mount\NotAllowed'); $backendNotAllowed->expects($this->once()) - ->method('removePermission') - ->with(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE | BackendService::PERMISSION_MOUNT); + ->method('removeVisibility') + ->with(BackendService::VISIBILITY_PERSONAL); $backendAlias = $this->getMockBuilder('\OCA\Files_External\Lib\Backend\Backend') ->disableOriginalConstructor() -- cgit v1.2.3 From 060d16961596b24a2d0cf9e30408482ce33cefe6 Mon Sep 17 00:00:00 2001 From: Robin McCorkell Date: Thu, 17 Sep 2015 16:40:56 +0100 Subject: Add deprecation mechanic to IdentifierTrait Deprecation allows a backend/auth mechanism to designate an object that it deprecates to, allowing clean transitions to updated codebases. --- apps/files_external/lib/auth/authmechanism.php | 2 ++ apps/files_external/lib/backend/backend.php | 1 + apps/files_external/lib/identifiertrait.php | 34 ++++++++++++++++++++++++++ 3 files changed, 37 insertions(+) (limited to 'apps') diff --git a/apps/files_external/lib/auth/authmechanism.php b/apps/files_external/lib/auth/authmechanism.php index 11d99bb330d..2ab34ed0105 100644 --- a/apps/files_external/lib/auth/authmechanism.php +++ b/apps/files_external/lib/auth/authmechanism.php @@ -92,6 +92,8 @@ class AuthMechanism implements \JsonSerializable { */ public function jsonSerialize() { $data = $this->jsonSerializeDefinition(); + $data += $this->jsonSerializeIdentifier(); + $data['scheme'] = $this->getScheme(); return $data; diff --git a/apps/files_external/lib/backend/backend.php b/apps/files_external/lib/backend/backend.php index 90d5d38ed94..68585cf377e 100644 --- a/apps/files_external/lib/backend/backend.php +++ b/apps/files_external/lib/backend/backend.php @@ -142,6 +142,7 @@ class Backend implements \JsonSerializable { */ public function jsonSerialize() { $data = $this->jsonSerializeDefinition(); + $data += $this->jsonSerializeIdentifier(); $data['backend'] = $data['name']; // legacy compat $data['priority'] = $this->getPriority(); diff --git a/apps/files_external/lib/identifiertrait.php b/apps/files_external/lib/identifiertrait.php index 139911580fc..7f36144e474 100644 --- a/apps/files_external/lib/identifiertrait.php +++ b/apps/files_external/lib/identifiertrait.php @@ -23,6 +23,7 @@ namespace OCA\Files_External\Lib; /** * Trait for objects requiring an identifier (and/or identifier aliases) + * Also supports deprecation to a different object, linking the objects */ trait IdentifierTrait { @@ -32,6 +33,9 @@ trait IdentifierTrait { /** @var string[] */ protected $identifierAliases = []; + /** @var IdentifierTrait */ + protected $deprecateTo = null; + /** * @return string */ @@ -65,4 +69,34 @@ trait IdentifierTrait { return $this; } + /** + * @return object|null + */ + public function getDeprecateTo() { + return $this->deprecateTo; + } + + /** + * @param object $destinationObject + * @return self + */ + public function deprecateTo($destinationObject) { + $this->deprecateTo = $destinationObject; + return $this; + } + + /** + * @return array + */ + public function jsonSerializeIdentifier() { + $data = [ + 'identifier' => $this->identifier, + 'identifierAliases' => $this->identifierAliases, + ]; + if ($this->deprecateTo) { + $data['deprecateTo'] = $this->deprecateTo->getIdentifier(); + } + return $data; + } + } -- cgit v1.2.3 From 2bef3ef34bc81737c1667187aa3b21ecf1442e03 Mon Sep 17 00:00:00 2001 From: Robin McCorkell Date: Thu, 17 Sep 2015 17:00:15 +0100 Subject: Hide deprecated backends in external storage GUI Selecting/deselecting the deprecate-to backends in the user mountable storages selection will also change the corresponding deprecated backend. --- apps/files_external/js/settings.js | 13 ++++++++++++- apps/files_external/templates/settings.php | 9 +++++++-- 2 files changed, 19 insertions(+), 3 deletions(-) (limited to 'apps') diff --git a/apps/files_external/js/settings.js b/apps/files_external/js/settings.js index 4319677f4f4..5da34c52193 100644 --- a/apps/files_external/js/settings.js +++ b/apps/files_external/js/settings.js @@ -1113,7 +1113,18 @@ $(document).ready(function() { $('input[name="allowUserMountingBackends\\[\\]"]').bind('change', function() { OC.msg.startSaving('#userMountingMsg'); - var userMountingBackends = $('input[name="allowUserMountingBackends\\[\\]"]:checked').map(function(){return $(this).val();}).get(); + + var userMountingBackends = $('input[name="allowUserMountingBackends\\[\\]"]:checked').map(function(){ + return $(this).val(); + }).get(); + var deprecatedBackends = $('input[name="allowUserMountingBackends\\[\\]"][data-deprecate-to]').map(function(){ + if ($.inArray($(this).data('deprecate-to'), userMountingBackends) !== -1) { + return $(this).val(); + } + return null; + }).get(); + userMountingBackends = userMountingBackends.concat(deprecatedBackends); + OC.AppConfig.setValue('files_external', 'user_mounting_backends', userMountingBackends.join()); OC.msg.finishedSaving('#userMountingMsg', {status: 'success', data: {message: t('files_external', 'Saved')}}); diff --git a/apps/files_external/templates/settings.php b/apps/files_external/templates/settings.php index d8b07273028..141994d0050 100644 --- a/apps/files_external/templates/settings.php +++ b/apps/files_external/templates/settings.php @@ -157,6 +157,7 @@ }); ?> + getDeprecateTo()) continue; // ignore deprecated backends ?> @@ -197,8 +198,12 @@

class="hidden"> t('Allow users to mount the following external storage')); ?>
- isVisibleFor(BackendService::VISIBILITY_PERSONAL)) print_unescaped(' checked="checked"'); ?> /> -
+ getDeprecateTo()): ?> + + + isVisibleFor(BackendService::VISIBILITY_PERSONAL)) print_unescaped(' checked="checked"'); ?> /> +
+

-- cgit v1.2.3 From 634c1c497c51f00ba5512dae69dfffaf6cf0e3e1 Mon Sep 17 00:00:00 2001 From: Robin McCorkell Date: Thu, 17 Sep 2015 17:01:55 +0100 Subject: Mark SMB_OC and SFTP_Key as deprecated backends --- apps/files_external/lib/backend/sftp_key.php | 6 ++++-- apps/files_external/lib/backend/smb_oc.php | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) (limited to 'apps') diff --git a/apps/files_external/lib/backend/sftp_key.php b/apps/files_external/lib/backend/sftp_key.php index 4a7f565eb19..13f45f1140c 100644 --- a/apps/files_external/lib/backend/sftp_key.php +++ b/apps/files_external/lib/backend/sftp_key.php @@ -27,14 +27,15 @@ use \OCA\Files_External\Lib\DefinitionParameter; use \OCA\Files_External\Lib\Auth\AuthMechanism; use \OCA\Files_External\Service\BackendService; use \OCA\Files_External\Lib\Auth\PublicKey\RSA; +use \OCA\Files_External\Lib\Backend\SFTP; class SFTP_Key extends Backend { - public function __construct(IL10N $l, RSA $legacyAuth) { + public function __construct(IL10N $l, RSA $legacyAuth, SFTP $sftpBackend) { $this ->setIdentifier('\OC\Files\Storage\SFTP_Key') ->setStorageClass('\OC\Files\Storage\SFTP') - ->setText($l->t('SFTP with secret key login [DEPRECATED]')) + ->setText($l->t('SFTP with secret key login')) ->addParameters([ (new DefinitionParameter('host', $l->t('Host'))), (new DefinitionParameter('root', $l->t('Remote subfolder'))) @@ -42,6 +43,7 @@ class SFTP_Key extends Backend { ]) ->addAuthScheme(AuthMechanism::SCHEME_PUBLICKEY) ->setLegacyAuthMechanism($legacyAuth) + ->deprecateTo($sftpBackend) ; } diff --git a/apps/files_external/lib/backend/smb_oc.php b/apps/files_external/lib/backend/smb_oc.php index a3f3a824040..9fc17400884 100644 --- a/apps/files_external/lib/backend/smb_oc.php +++ b/apps/files_external/lib/backend/smb_oc.php @@ -29,6 +29,7 @@ use \OCA\Files_External\Service\BackendService; use \OCA\Files_External\Lib\Auth\Password\SessionCredentials; use \OCA\Files_External\Lib\StorageConfig; use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill; +use \OCA\Files_External\Lib\Backend\SMB; /** * Deprecated SMB_OC class - use SMB with the password::sessioncredentials auth mechanism @@ -37,11 +38,11 @@ class SMB_OC extends Backend { use LegacyDependencyCheckPolyfill; - public function __construct(IL10N $l, SessionCredentials $legacyAuth) { + public function __construct(IL10N $l, SessionCredentials $legacyAuth, SMB $smbBackend) { $this ->setIdentifier('\OC\Files\Storage\SMB_OC') ->setStorageClass('\OC\Files\Storage\SMB') - ->setText($l->t('SMB / CIFS using OC login [DEPRECATED]')) + ->setText($l->t('SMB / CIFS using OC login')) ->addParameters([ (new DefinitionParameter('host', $l->t('Host'))), (new DefinitionParameter('username_as_share', $l->t('Username as share'))) @@ -54,6 +55,7 @@ class SMB_OC extends Backend { ->setPriority(BackendService::PRIORITY_DEFAULT - 10) ->addAuthScheme(AuthMechanism::SCHEME_PASSWORD) ->setLegacyAuthMechanism($legacyAuth) + ->deprecateTo($smbBackend) ; } -- cgit v1.2.3