nextcloud / server

apps/federatedfilesharing/lib/Controller/RequestHandlerController.php

Indentation +427 added lines, -427 removed lines

@@ -52,431 +52,431 @@
 
 class RequestHandlerController extends OCSController {
 
-	/** @var FederatedShareProvider */
-	private $federatedShareProvider;
-
-	/** @var IDBConnection */
-	private $connection;
-
-	/** @var Share\IManager */
-	private $shareManager;
-
-	/** @var Notifications */
-	private $notifications;
-
-	/** @var AddressHandler */
-	private $addressHandler;
-
-	/** @var  IUserManager */
-	private $userManager;
-
-	/** @var string */
-	private $shareTable = 'share';
-
-	/** @var ICloudIdManager */
-	private $cloudIdManager;
-
-	/** @var ILogger */
-	private $logger;
-
-	/** @var ICloudFederationFactory */
-	private $cloudFederationFactory;
-
-	/** @var ICloudFederationProviderManager */
-	private $cloudFederationProviderManager;
-
-	/**
-	 * Server2Server constructor.
-	 *
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param FederatedShareProvider $federatedShareProvider
-	 * @param IDBConnection $connection
-	 * @param Share\IManager $shareManager
-	 * @param Notifications $notifications
-	 * @param AddressHandler $addressHandler
-	 * @param IUserManager $userManager
-	 * @param ICloudIdManager $cloudIdManager
-	 * @param ILogger $logger
-	 * @param ICloudFederationFactory $cloudFederationFactory
-	 * @param ICloudFederationProviderManager $cloudFederationProviderManager
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								FederatedShareProvider $federatedShareProvider,
-								IDBConnection $connection,
-								Share\IManager $shareManager,
-								Notifications $notifications,
-								AddressHandler $addressHandler,
-								IUserManager $userManager,
-								ICloudIdManager $cloudIdManager,
-								ILogger $logger,
-								ICloudFederationFactory $cloudFederationFactory,
-								ICloudFederationProviderManager $cloudFederationProviderManager
-	) {
-		parent::__construct($appName, $request);
-
-		$this->federatedShareProvider = $federatedShareProvider;
-		$this->connection = $connection;
-		$this->shareManager = $shareManager;
-		$this->notifications = $notifications;
-		$this->addressHandler = $addressHandler;
-		$this->userManager = $userManager;
-		$this->cloudIdManager = $cloudIdManager;
-		$this->logger = $logger;
-		$this->cloudFederationFactory = $cloudFederationFactory;
-		$this->cloudFederationProviderManager = $cloudFederationProviderManager;
-	}
-
-	/**
-	 * @NoCSRFRequired
-	 * @PublicPage
-	 *
-	 * create a new share
-	 *
-	 * @return Http\DataResponse
-	 * @throws OCSException
-	 */
-	public function createShare() {
-
-		$remote = isset($_POST['remote']) ? $_POST['remote'] : null;
-		$token = isset($_POST['token']) ? $_POST['token'] : null;
-		$name = isset($_POST['name']) ? $_POST['name'] : null;
-		$owner = isset($_POST['owner']) ? $_POST['owner'] : null;
-		$sharedBy = isset($_POST['sharedBy']) ? $_POST['sharedBy'] : null;
-		$shareWith = isset($_POST['shareWith']) ? $_POST['shareWith'] : null;
-		$remoteId = isset($_POST['remoteId']) ? (int)$_POST['remoteId'] : null;
-		$sharedByFederatedId = isset($_POST['sharedByFederatedId']) ? $_POST['sharedByFederatedId'] : null;
-		$ownerFederatedId = isset($_POST['ownerFederatedId']) ? $_POST['ownerFederatedId'] : null;
-
-		if ($ownerFederatedId === null) {
-			$ownerFederatedId = $this->cloudIdManager->getCloudId($owner, $this->cleanupRemote($remote))->getId();
-		}
-		// if the owner of the share and the initiator are the same user
-		// we also complete the federated share ID for the initiator
-		if ($sharedByFederatedId === null && $owner === $sharedBy) {
-			$sharedByFederatedId = $ownerFederatedId;
-		}
-
-		$share = $this->cloudFederationFactory->getCloudFederationShare(
-			$shareWith,
-			$name,
-			'',
-			$remoteId,
-			$ownerFederatedId,
-			$owner,
-			$sharedByFederatedId,
-			$sharedBy,
-			$token,
-			'user',
-			'file'
-		);
-
-		try {
-			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
-			$provider->shareReceived($share);
-		} catch (ProviderDoesNotExistsException $e) {
-			throw new OCSException('Server does not support federated cloud sharing', 503);
-		} catch (ProviderCouldNotAddShareException $e) {
-			throw new OCSException($e->getMessage(), 400);
-		} catch (\Exception $e) {
-			throw new OCSException('internal server error, was not able to add share from ' . $remote, 500);
-		}
-
-		return new Http\DataResponse();
-	}
-
-	/**
-	 * @NoCSRFRequired
-	 * @PublicPage
-	 *
-	 * create re-share on behalf of another user
-	 *
-	 * @param int $id
-	 * @return Http\DataResponse
-	 * @throws OCSBadRequestException
-	 * @throws OCSException
-	 * @throws OCSForbiddenException
-	 */
-	public function reShare($id) {
-
-		$token = $this->request->getParam('token', null);
-		$shareWith = $this->request->getParam('shareWith', null);
-		$permission = (int)$this->request->getParam('permission', null);
-		$remoteId = (int)$this->request->getParam('remoteId', null);
-
-		if ($id === null ||
-			$token === null ||
-			$shareWith === null ||
-			$permission === null ||
-			$remoteId === null
-		) {
-			throw new OCSBadRequestException();
-		}
-
-		$notification = [
-			'sharedSecret' => $token,
-			'shareWith' => $shareWith,
-			'senderId' => $remoteId,
-			'message' => 'Recipient of a share ask the owner to reshare the file'
-		];
-
-		try {
-			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
-			list($newToken, $localId) = $provider->notificationReceived('REQUEST_RESHARE', $id, $notification);
-			return new Http\DataResponse([
-				'token' => $newToken,
-				'remoteId' => $localId
-			]);
-		} catch (ProviderDoesNotExistsException $e) {
-			throw new OCSException('Server does not support federated cloud sharing', 503);
-		} catch (ShareNotFound $e) {
-			$this->logger->debug('Share not found: ' . $e->getMessage());
-		} catch (\Exception $e) {
-			$this->logger->debug('internal server error, can not process notification: ' . $e->getMessage());
-		}
-
-		throw new OCSBadRequestException();
-	}
-
-
-	/**
-	 * @NoCSRFRequired
-	 * @PublicPage
-	 *
-	 * accept server-to-server share
-	 *
-	 * @param int $id
-	 * @return Http\DataResponse
-	 * @throws OCSException
-	 * @throws ShareNotFound
-	 * @throws \OC\HintException
-	 */
-	public function acceptShare($id) {
-
-		$token = isset($_POST['token']) ? $_POST['token'] : null;
-
-		$notification = [
-			'sharedSecret' => $token,
-			'message' => 'Recipient accept the share'
-		];
-
-		try {
-			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
-			$provider->notificationReceived('SHARE_ACCEPTED', $id, $notification);
-		} catch (ProviderDoesNotExistsException $e) {
-			throw new OCSException('Server does not support federated cloud sharing', 503);
-		} catch (ShareNotFound $e) {
-			$this->logger->debug('Share not found: ' . $e->getMessage());
-		} catch (\Exception $e) {
-			$this->logger->debug('internal server error, can not process notification: ' . $e->getMessage());
-		}
-
-		return new Http\DataResponse();
-	}
-
-	/**
-	 * @NoCSRFRequired
-	 * @PublicPage
-	 *
-	 * decline server-to-server share
-	 *
-	 * @param int $id
-	 * @return Http\DataResponse
-	 * @throws OCSException
-	 */
-	public function declineShare($id) {
-
-		$token = isset($_POST['token']) ? $_POST['token'] : null;
-
-		$notification = [
-			'sharedSecret' => $token,
-			'message' => 'Recipient declined the share'
-		];
-
-		try {
-			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
-			$provider->notificationReceived('SHARE_DECLINED', $id, $notification);
-		} catch (ProviderDoesNotExistsException $e) {
-			throw new OCSException('Server does not support federated cloud sharing', 503);
-		} catch (ShareNotFound $e) {
-			$this->logger->debug('Share not found: ' . $e->getMessage());
-		} catch (\Exception $e) {
-			$this->logger->debug('internal server error, can not process notification: ' . $e->getMessage());
-		}
-
-		return new Http\DataResponse();
-	}
-
-	/**
-	 * @NoCSRFRequired
-	 * @PublicPage
-	 *
-	 * remove server-to-server share if it was unshared by the owner
-	 *
-	 * @param int $id
-	 * @return Http\DataResponse
-	 * @throws OCSException
-	 */
-	public function unshare($id) {
-
-		if (!$this->isS2SEnabled()) {
-			throw new OCSException('Server does not support federated cloud sharing', 503);
-		}
-
-		$token = isset($_POST['token']) ? $_POST['token'] : null;
-
-		try {
-			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
-			$notification = ['sharedSecret' => $token];
-			$provider->notificationReceived('SHARE_UNSHARED', $id, $notification);
-		} catch (\Exception $e) {
-			$this->logger->debug('processing unshare notification failed: ' . $e->getMessage());
-		}
-
-		return new Http\DataResponse();
-	}
-
-	private function cleanupRemote($remote) {
-		$remote = substr($remote, strpos($remote, '://') + 3);
-
-		return rtrim($remote, '/');
-	}
-
-
-	/**
-	 * @NoCSRFRequired
-	 * @PublicPage
-	 *
-	 * federated share was revoked, either by the owner or the re-sharer
-	 *
-	 * @param int $id
-	 * @return Http\DataResponse
-	 * @throws OCSBadRequestException
-	 */
-	public function revoke($id) {
-
-		$token = $this->request->getParam('token');
-
-		try {
-			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
-			$notification = ['sharedSecret' => $token];
-			$provider->notificationReceived('RESHARE_UNDO', $id, $notification);
-			return new Http\DataResponse();
-		} catch (\Exception $e) {
-			throw new OCSBadRequestException();
-		}
-
-	}
-
-	/**
-	 * check if server-to-server sharing is enabled
-	 *
-	 * @param bool $incoming
-	 * @return bool
-	 */
-	private function isS2SEnabled($incoming = false) {
-
-		$result = \OCP\App::isEnabled('files_sharing');
-
-		if ($incoming) {
-			$result = $result && $this->federatedShareProvider->isIncomingServer2serverShareEnabled();
-		} else {
-			$result = $result && $this->federatedShareProvider->isOutgoingServer2serverShareEnabled();
-		}
-
-		return $result;
-	}
-
-	/**
-	 * @NoCSRFRequired
-	 * @PublicPage
-	 *
-	 * update share information to keep federated re-shares in sync
-	 *
-	 * @param int $id
-	 * @return Http\DataResponse
-	 * @throws OCSBadRequestException
-	 */
-	public function updatePermissions($id) {
-		$token = $this->request->getParam('token', null);
-		$ncPermissions = $this->request->getParam('permissions', null);
-
-		try {
-			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
-			$ocmPermissions = $this->ncPermissions2ocmPermissions((int)$ncPermissions);
-			$notification = ['sharedSecret' => $token, 'permission' => $ocmPermissions];
-			$provider->notificationReceived('RESHARE_CHANGE_PERMISSION', $id, $notification);
-		} catch (\Exception $e) {
-			$this->logger->debug($e->getMessage());
-			throw new OCSBadRequestException();
-		}
-
-		return new Http\DataResponse();
-	}
-
-	/**
-	 * translate Nextcloud permissions to OCM Permissions
-	 *
-	 * @param $ncPermissions
-	 * @return array
-	 */
-	protected function ncPermissions2ocmPermissions($ncPermissions) {
-
-		$ocmPermissions = [];
-
-		if ($ncPermissions & Constants::PERMISSION_SHARE) {
-			$ocmPermissions[] = 'share';
-		}
-
-		if ($ncPermissions & Constants::PERMISSION_READ) {
-			$ocmPermissions[] = 'read';
-		}
-
-		if (($ncPermissions & Constants::PERMISSION_CREATE) ||
-			($ncPermissions & Constants::PERMISSION_UPDATE)) {
-			$ocmPermissions[] = 'write';
-		}
-
-		return $ocmPermissions;
-
-	}
-
-	/**
-	 * @NoCSRFRequired
-	 * @PublicPage
-	 *
-	 * change the owner of a server-to-server share
-	 *
-	 * @param int $id
-	 * @return Http\DataResponse
-	 * @throws \InvalidArgumentException
-	 * @throws OCSException
-	 */
-	public function move($id) {
-
-		if (!$this->isS2SEnabled()) {
-			throw new OCSException('Server does not support federated cloud sharing', 503);
-		}
-
-		$token = $this->request->getParam('token');
-		$remote = $this->request->getParam('remote');
-		$newRemoteId = $this->request->getParam('remote_id', $id);
-		$cloudId = $this->cloudIdManager->resolveCloudId($remote);
-
-		$qb = $this->connection->getQueryBuilder();
-		$query = $qb->update('share_external')
-			->set('remote', $qb->createNamedParameter($cloudId->getRemote()))
-			->set('owner', $qb->createNamedParameter($cloudId->getUser()))
-			->set('remote_id', $qb->createNamedParameter($newRemoteId))
-			->where($qb->expr()->eq('remote_id', $qb->createNamedParameter($id)))
-			->andWhere($qb->expr()->eq('share_token', $qb->createNamedParameter($token)));
-		$affected = $query->execute();
-
-		if ($affected > 0) {
-			return new Http\DataResponse(['remote' => $cloudId->getRemote(), 'owner' => $cloudId->getUser()]);
-		} else {
-			throw new OCSBadRequestException('Share not found or token invalid');
-		}
-	}
+    /** @var FederatedShareProvider */
+    private $federatedShareProvider;
+
+    /** @var IDBConnection */
+    private $connection;
+
+    /** @var Share\IManager */
+    private $shareManager;
+
+    /** @var Notifications */
+    private $notifications;
+
+    /** @var AddressHandler */
+    private $addressHandler;
+
+    /** @var  IUserManager */
+    private $userManager;
+
+    /** @var string */
+    private $shareTable = 'share';
+
+    /** @var ICloudIdManager */
+    private $cloudIdManager;
+
+    /** @var ILogger */
+    private $logger;
+
+    /** @var ICloudFederationFactory */
+    private $cloudFederationFactory;
+
+    /** @var ICloudFederationProviderManager */
+    private $cloudFederationProviderManager;
+
+    /**
+     * Server2Server constructor.
+     *
+     * @param string $appName
+     * @param IRequest $request
+     * @param FederatedShareProvider $federatedShareProvider
+     * @param IDBConnection $connection
+     * @param Share\IManager $shareManager
+     * @param Notifications $notifications
+     * @param AddressHandler $addressHandler
+     * @param IUserManager $userManager
+     * @param ICloudIdManager $cloudIdManager
+     * @param ILogger $logger
+     * @param ICloudFederationFactory $cloudFederationFactory
+     * @param ICloudFederationProviderManager $cloudFederationProviderManager
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                FederatedShareProvider $federatedShareProvider,
+                                IDBConnection $connection,
+                                Share\IManager $shareManager,
+                                Notifications $notifications,
+                                AddressHandler $addressHandler,
+                                IUserManager $userManager,
+                                ICloudIdManager $cloudIdManager,
+                                ILogger $logger,
+                                ICloudFederationFactory $cloudFederationFactory,
+                                ICloudFederationProviderManager $cloudFederationProviderManager
+    ) {
+        parent::__construct($appName, $request);
+
+        $this->federatedShareProvider = $federatedShareProvider;
+        $this->connection = $connection;
+        $this->shareManager = $shareManager;
+        $this->notifications = $notifications;
+        $this->addressHandler = $addressHandler;
+        $this->userManager = $userManager;
+        $this->cloudIdManager = $cloudIdManager;
+        $this->logger = $logger;
+        $this->cloudFederationFactory = $cloudFederationFactory;
+        $this->cloudFederationProviderManager = $cloudFederationProviderManager;
+    }
+
+    /**
+     * @NoCSRFRequired
+     * @PublicPage
+     *
+     * create a new share
+     *
+     * @return Http\DataResponse
+     * @throws OCSException
+     */
+    public function createShare() {
+
+        $remote = isset($_POST['remote']) ? $_POST['remote'] : null;
+        $token = isset($_POST['token']) ? $_POST['token'] : null;
+        $name = isset($_POST['name']) ? $_POST['name'] : null;
+        $owner = isset($_POST['owner']) ? $_POST['owner'] : null;
+        $sharedBy = isset($_POST['sharedBy']) ? $_POST['sharedBy'] : null;
+        $shareWith = isset($_POST['shareWith']) ? $_POST['shareWith'] : null;
+        $remoteId = isset($_POST['remoteId']) ? (int)$_POST['remoteId'] : null;
+        $sharedByFederatedId = isset($_POST['sharedByFederatedId']) ? $_POST['sharedByFederatedId'] : null;
+        $ownerFederatedId = isset($_POST['ownerFederatedId']) ? $_POST['ownerFederatedId'] : null;
+
+        if ($ownerFederatedId === null) {
+            $ownerFederatedId = $this->cloudIdManager->getCloudId($owner, $this->cleanupRemote($remote))->getId();
+        }
+        // if the owner of the share and the initiator are the same user
+        // we also complete the federated share ID for the initiator
+        if ($sharedByFederatedId === null && $owner === $sharedBy) {
+            $sharedByFederatedId = $ownerFederatedId;
+        }
+
+        $share = $this->cloudFederationFactory->getCloudFederationShare(
+            $shareWith,
+            $name,
+            '',
+            $remoteId,
+            $ownerFederatedId,
+            $owner,
+            $sharedByFederatedId,
+            $sharedBy,
+            $token,
+            'user',
+            'file'
+        );
+
+        try {
+            $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
+            $provider->shareReceived($share);
+        } catch (ProviderDoesNotExistsException $e) {
+            throw new OCSException('Server does not support federated cloud sharing', 503);
+        } catch (ProviderCouldNotAddShareException $e) {
+            throw new OCSException($e->getMessage(), 400);
+        } catch (\Exception $e) {
+            throw new OCSException('internal server error, was not able to add share from ' . $remote, 500);
+        }
+
+        return new Http\DataResponse();
+    }
+
+    /**
+     * @NoCSRFRequired
+     * @PublicPage
+     *
+     * create re-share on behalf of another user
+     *
+     * @param int $id
+     * @return Http\DataResponse
+     * @throws OCSBadRequestException
+     * @throws OCSException
+     * @throws OCSForbiddenException
+     */
+    public function reShare($id) {
+
+        $token = $this->request->getParam('token', null);
+        $shareWith = $this->request->getParam('shareWith', null);
+        $permission = (int)$this->request->getParam('permission', null);
+        $remoteId = (int)$this->request->getParam('remoteId', null);
+
+        if ($id === null ||
+            $token === null ||
+            $shareWith === null ||
+            $permission === null ||
+            $remoteId === null
+        ) {
+            throw new OCSBadRequestException();
+        }
+
+        $notification = [
+            'sharedSecret' => $token,
+            'shareWith' => $shareWith,
+            'senderId' => $remoteId,
+            'message' => 'Recipient of a share ask the owner to reshare the file'
+        ];
+
+        try {
+            $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
+            list($newToken, $localId) = $provider->notificationReceived('REQUEST_RESHARE', $id, $notification);
+            return new Http\DataResponse([
+                'token' => $newToken,
+                'remoteId' => $localId
+            ]);
+        } catch (ProviderDoesNotExistsException $e) {
+            throw new OCSException('Server does not support federated cloud sharing', 503);
+        } catch (ShareNotFound $e) {
+            $this->logger->debug('Share not found: ' . $e->getMessage());
+        } catch (\Exception $e) {
+            $this->logger->debug('internal server error, can not process notification: ' . $e->getMessage());
+        }
+
+        throw new OCSBadRequestException();
+    }
+
+
+    /**
+     * @NoCSRFRequired
+     * @PublicPage
+     *
+     * accept server-to-server share
+     *
+     * @param int $id
+     * @return Http\DataResponse
+     * @throws OCSException
+     * @throws ShareNotFound
+     * @throws \OC\HintException
+     */
+    public function acceptShare($id) {
+
+        $token = isset($_POST['token']) ? $_POST['token'] : null;
+
+        $notification = [
+            'sharedSecret' => $token,
+            'message' => 'Recipient accept the share'
+        ];
+
+        try {
+            $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
+            $provider->notificationReceived('SHARE_ACCEPTED', $id, $notification);
+        } catch (ProviderDoesNotExistsException $e) {
+            throw new OCSException('Server does not support federated cloud sharing', 503);
+        } catch (ShareNotFound $e) {
+            $this->logger->debug('Share not found: ' . $e->getMessage());
+        } catch (\Exception $e) {
+            $this->logger->debug('internal server error, can not process notification: ' . $e->getMessage());
+        }
+
+        return new Http\DataResponse();
+    }
+
+    /**
+     * @NoCSRFRequired
+     * @PublicPage
+     *
+     * decline server-to-server share
+     *
+     * @param int $id
+     * @return Http\DataResponse
+     * @throws OCSException
+     */
+    public function declineShare($id) {
+
+        $token = isset($_POST['token']) ? $_POST['token'] : null;
+
+        $notification = [
+            'sharedSecret' => $token,
+            'message' => 'Recipient declined the share'
+        ];
+
+        try {
+            $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
+            $provider->notificationReceived('SHARE_DECLINED', $id, $notification);
+        } catch (ProviderDoesNotExistsException $e) {
+            throw new OCSException('Server does not support federated cloud sharing', 503);
+        } catch (ShareNotFound $e) {
+            $this->logger->debug('Share not found: ' . $e->getMessage());
+        } catch (\Exception $e) {
+            $this->logger->debug('internal server error, can not process notification: ' . $e->getMessage());
+        }
+
+        return new Http\DataResponse();
+    }
+
+    /**
+     * @NoCSRFRequired
+     * @PublicPage
+     *
+     * remove server-to-server share if it was unshared by the owner
+     *
+     * @param int $id
+     * @return Http\DataResponse
+     * @throws OCSException
+     */
+    public function unshare($id) {
+
+        if (!$this->isS2SEnabled()) {
+            throw new OCSException('Server does not support federated cloud sharing', 503);
+        }
+
+        $token = isset($_POST['token']) ? $_POST['token'] : null;
+
+        try {
+            $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
+            $notification = ['sharedSecret' => $token];
+            $provider->notificationReceived('SHARE_UNSHARED', $id, $notification);
+        } catch (\Exception $e) {
+            $this->logger->debug('processing unshare notification failed: ' . $e->getMessage());
+        }
+
+        return new Http\DataResponse();
+    }
+
+    private function cleanupRemote($remote) {
+        $remote = substr($remote, strpos($remote, '://') + 3);
+
+        return rtrim($remote, '/');
+    }
+
+
+    /**
+     * @NoCSRFRequired
+     * @PublicPage
+     *
+     * federated share was revoked, either by the owner or the re-sharer
+     *
+     * @param int $id
+     * @return Http\DataResponse
+     * @throws OCSBadRequestException
+     */
+    public function revoke($id) {
+
+        $token = $this->request->getParam('token');
+
+        try {
+            $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
+            $notification = ['sharedSecret' => $token];
+            $provider->notificationReceived('RESHARE_UNDO', $id, $notification);
+            return new Http\DataResponse();
+        } catch (\Exception $e) {
+            throw new OCSBadRequestException();
+        }
+
+    }
+
+    /**
+     * check if server-to-server sharing is enabled
+     *
+     * @param bool $incoming
+     * @return bool
+     */
+    private function isS2SEnabled($incoming = false) {
+
+        $result = \OCP\App::isEnabled('files_sharing');
+
+        if ($incoming) {
+            $result = $result && $this->federatedShareProvider->isIncomingServer2serverShareEnabled();
+        } else {
+            $result = $result && $this->federatedShareProvider->isOutgoingServer2serverShareEnabled();
+        }
+
+        return $result;
+    }
+
+    /**
+     * @NoCSRFRequired
+     * @PublicPage
+     *
+     * update share information to keep federated re-shares in sync
+     *
+     * @param int $id
+     * @return Http\DataResponse
+     * @throws OCSBadRequestException
+     */
+    public function updatePermissions($id) {
+        $token = $this->request->getParam('token', null);
+        $ncPermissions = $this->request->getParam('permissions', null);
+
+        try {
+            $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
+            $ocmPermissions = $this->ncPermissions2ocmPermissions((int)$ncPermissions);
+            $notification = ['sharedSecret' => $token, 'permission' => $ocmPermissions];
+            $provider->notificationReceived('RESHARE_CHANGE_PERMISSION', $id, $notification);
+        } catch (\Exception $e) {
+            $this->logger->debug($e->getMessage());
+            throw new OCSBadRequestException();
+        }
+
+        return new Http\DataResponse();
+    }
+
+    /**
+     * translate Nextcloud permissions to OCM Permissions
+     *
+     * @param $ncPermissions
+     * @return array
+     */
+    protected function ncPermissions2ocmPermissions($ncPermissions) {
+
+        $ocmPermissions = [];
+
+        if ($ncPermissions & Constants::PERMISSION_SHARE) {
+            $ocmPermissions[] = 'share';
+        }
+
+        if ($ncPermissions & Constants::PERMISSION_READ) {
+            $ocmPermissions[] = 'read';
+        }
+
+        if (($ncPermissions & Constants::PERMISSION_CREATE) ||
+            ($ncPermissions & Constants::PERMISSION_UPDATE)) {
+            $ocmPermissions[] = 'write';
+        }
+
+        return $ocmPermissions;
+
+    }
+
+    /**
+     * @NoCSRFRequired
+     * @PublicPage
+     *
+     * change the owner of a server-to-server share
+     *
+     * @param int $id
+     * @return Http\DataResponse
+     * @throws \InvalidArgumentException
+     * @throws OCSException
+     */
+    public function move($id) {
+
+        if (!$this->isS2SEnabled()) {
+            throw new OCSException('Server does not support federated cloud sharing', 503);
+        }
+
+        $token = $this->request->getParam('token');
+        $remote = $this->request->getParam('remote');
+        $newRemoteId = $this->request->getParam('remote_id', $id);
+        $cloudId = $this->cloudIdManager->resolveCloudId($remote);
+
+        $qb = $this->connection->getQueryBuilder();
+        $query = $qb->update('share_external')
+            ->set('remote', $qb->createNamedParameter($cloudId->getRemote()))
+            ->set('owner', $qb->createNamedParameter($cloudId->getUser()))
+            ->set('remote_id', $qb->createNamedParameter($newRemoteId))
+            ->where($qb->expr()->eq('remote_id', $qb->createNamedParameter($id)))
+            ->andWhere($qb->expr()->eq('share_token', $qb->createNamedParameter($token)));
+        $affected = $query->execute();
+
+        if ($affected > 0) {
+            return new Http\DataResponse(['remote' => $cloudId->getRemote(), 'owner' => $cloudId->getUser()]);
+        } else {
+            throw new OCSBadRequestException('Share not found or token invalid');
+        }
+    }
 }

apps/cloud_federation_api/lib/Config.php

Indentation +22 added lines, -22 removed lines

@@ -34,33 +34,33 @@
  */
 class Config {
 
-	/** @var IGsConfig  */
-	private $gsConfig;
+    /** @var IGsConfig  */
+    private $gsConfig;
 
-	/** @var IConfig */
-	private $config;
+    /** @var IConfig */
+    private $config;
 
-	public function __construct(IGsConfig $globalScaleConfig, IConfig $config) {
-		$this->gsConfig = $globalScaleConfig;
-		$this->config = $config;
-	}
+    public function __construct(IGsConfig $globalScaleConfig, IConfig $config) {
+        $this->gsConfig = $globalScaleConfig;
+        $this->config = $config;
+    }
 
-	public function incomingRequestsEnabled() {
-		if ($this->gsConfig->onlyInternalFederation()) {
-			return false;
-		}
-		$result = $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes');
-		return ($result === 'yes');
-	}
+    public function incomingRequestsEnabled() {
+        if ($this->gsConfig->onlyInternalFederation()) {
+            return false;
+        }
+        $result = $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes');
+        return ($result === 'yes');
+    }
 
-	public function outgoingRequestsEnabled() {
+    public function outgoingRequestsEnabled() {
 
-		if ($this->gsConfig->onlyInternalFederation()) {
-			return false;
-		}
-		$result = $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes');
-		return ($result === 'yes');
+        if ($this->gsConfig->onlyInternalFederation()) {
+            return false;
+        }
+        $result = $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes');
+        return ($result === 'yes');
 
-	}
+    }
 
 }

apps/cloud_federation_api/lib/Controller/RequestHandlerController.php

Indentation +233 added lines, -233 removed lines

@@ -51,238 +51,238 @@
  */
 class RequestHandlerController extends Controller {
 
-	/** @var ILogger */
-	private $logger;
-
-	/** @var IUserManager */
-	private $userManager;
-
-	/** @var IURLGenerator */
-	private $urlGenerator;
-
-	/** @var ICloudFederationProviderManager */
-	private $cloudFederationProviderManager;
-
-	/** @var Config */
-	private $config;
-
-	/** @var ICloudFederationFactory */
-	private $factory;
-
-	/** @var ICloudIdManager */
-	private $cloudIdManager;
-
-	public function __construct($appName,
-								IRequest $request,
-								ILogger $logger,
-								IUserManager $userManager,
-								IURLGenerator $urlGenerator,
-								ICloudFederationProviderManager $cloudFederationProviderManager,
-								Config $config,
-								ICloudFederationFactory $factory,
-								ICloudIdManager $cloudIdManager
-	) {
-		parent::__construct($appName, $request);
-
-		$this->logger = $logger;
-		$this->userManager = $userManager;
-		$this->urlGenerator = $urlGenerator;
-		$this->cloudFederationProviderManager = $cloudFederationProviderManager;
-		$this->config = $config;
-		$this->factory = $factory;
-		$this->cloudIdManager = $cloudIdManager;
-	}
-
-	/**
-	 * add share
-	 *
-	 * @NoCSRFRequired
-	 * @PublicPage
-	 * @BruteForceProtection(action=receiveFederatedShare)
-	 *
-	 * @param string $shareWith
-	 * @param string $name resource name (e.g. document.odt)
-	 * @param string $description share description (optional)
-	 * @param string $providerId resource UID on the provider side
-	 * @param string $owner provider specific UID of the user who owns the resource
-	 * @param string $ownerDisplayName display name of the user who shared the item
-	 * @param string $sharedBy provider specific UID of the user who shared the resource
-	 * @param string $sharedByDisplayName display name of the user who shared the resource
-	 * @param array $protocol (e,.g. ['name' => 'webdav', 'options' => ['username' => 'john', 'permissions' => 31]])
-	 * @param string $shareType ('group' or 'user' share)
-	 * @param $resourceType ('file', 'calendar',...)
-	 * @return Http\DataResponse|JSONResponse
-	 *
-	 * Example: curl -H "Content-Type: application/json" -X POST -d '{"shareWith":"admin1@serve1","name":"welcome server2.txt","description":"desc","providerId":"2","owner":"admin2@http://localhost/server2","ownerDisplayName":"admin2 display","shareType":"user","resourceType":"file","protocol":{"name":"webdav","options":{"sharedSecret":"secret","permissions":"webdav-property"}}}' http://localhost/server/index.php/ocm/shares
-	 */
-	public function addShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $protocol, $shareType, $resourceType) {
-
-		if (!$this->config->incomingRequestsEnabled()) {
-			return new JSONResponse(
-				['message' => 'This server doesn\'t support outgoing federated shares'],
-			Http::STATUS_NOT_IMPLEMENTED
-			);
-		}
-
-		// check if all required parameters are set
-		if ($shareWith === null ||
-			$name === null ||
-			$providerId === null ||
-			$owner === null ||
-			$resourceType === null ||
-			$shareType === null ||
-			!is_array($protocol) ||
-			!isset($protocol['name']) ||
-			!isset ($protocol['options']) ||
-			!is_array($protocol['options']) ||
-			!isset($protocol['options']['sharedSecret'])
-		) {
-			return new JSONResponse(
-				['message' => 'Missing arguments'],
-				Http::STATUS_BAD_REQUEST
-			);
-		}
-
-		$cloudId = $this->cloudIdManager->resolveCloudId($shareWith);
-		$shareWithLocalId = $cloudId->getUser();
-		$shareWith = $this->mapUid($shareWithLocalId);
-
-		if (!$this->userManager->userExists($shareWith)) {
-			return new JSONResponse(
-				['message' => 'User "' . $shareWith . '" does not exists at ' . $this->urlGenerator->getBaseUrl()],
-				Http::STATUS_BAD_REQUEST
-			);
-		}
-
-		// if no explicit display name is given, we use the uid as display name
-		$ownerDisplayName = $ownerDisplayName === null ? $owner : $ownerDisplayName;
-		$sharedByDisplayName = $sharedByDisplayName === null ? $sharedBy : $sharedByDisplayName;
-
-		// sharedBy* parameter is optional, if nothing is set we assume that it is the same user as the owner
-		if ($sharedBy === null) {
-			$sharedBy = $owner;
-			$sharedByDisplayName = $ownerDisplayName;
-		}
-
-		try {
-			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider($resourceType);
-			$share = $this->factory->getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, '', $shareType, $resourceType);
-			$share->setProtocol($protocol);
-			$id = $provider->shareReceived($share);
-		} catch (ProviderDoesNotExistsException $e) {
-			return new JSONResponse(
-				['message' => $e->getMessage()],
-				Http::STATUS_NOT_IMPLEMENTED
-			);
-		} catch (ProviderCouldNotAddShareException $e) {
-			return new JSONResponse(
-				['message' => $e->getMessage()],
-				$e->getCode()
-			);
-		} catch (\Exception $e) {
-			return new JSONResponse(
-				['message' => 'Internal error at ' . $this->urlGenerator->getBaseUrl()],
-				Http::STATUS_BAD_REQUEST
-			);
-		}
-
-		$user = $this->userManager->get($shareWithLocalId);
-		$recipientDisplayName = '';
-		if($user) {
-			$recipientDisplayName = $user->getDisplayName();
-		}
-
-		return new JSONResponse(
-			['recipientDisplayName' => $recipientDisplayName],
-			Http::STATUS_CREATED);
-
-	}
-
-	/**
-	 * receive notification about existing share
-	 *
-	 * @NoCSRFRequired
-	 * @PublicPage
-	 * @BruteForceProtection(action=receiveFederatedShareNotification)
-	 *
-	 * @param string $notificationType (notification type, e.g. SHARE_ACCEPTED)
-	 * @param string $resourceType (calendar, file, contact,...)
-	 * @param string $providerId id of the share
-	 * @param array $notification the actual payload of the notification
-	 * @return JSONResponse
-	 */
-	public function receiveNotification($notificationType, $resourceType, $providerId, array $notification) {
-		if (!$this->config->incomingRequestsEnabled()) {
-			return new JSONResponse(
-				['message' => 'This server doesn\'t support outgoing federated shares'],
-				Http::STATUS_NOT_IMPLEMENTED
-			);
-		}
-
-		// check if all required parameters are set
-		if ($notificationType === null ||
-			$resourceType === null ||
-			$providerId === null ||
-			!is_array($notification)
-		) {
-			return new JSONResponse(
-				['message' => 'Missing arguments'],
-				Http::STATUS_BAD_REQUEST
-			);
-		}
-
-		try {
-			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider($resourceType);
-			$result = $provider->notificationReceived($notificationType, $providerId, $notification);
-		} catch (ProviderDoesNotExistsException $e) {
-			return new JSONResponse(
-				['message' => $e->getMessage()],
-				Http::STATUS_BAD_REQUEST
-			);
-		} catch (ShareNotFound $e) {
-			return new JSONResponse(
-				['message' => $e->getMessage()],
-				Http::STATUS_BAD_REQUEST
-			);
-		} catch (ActionNotSupportedException $e) {
-			return new JSONResponse(
-				['message' => $e->getMessage()],
-				Http::STATUS_NOT_IMPLEMENTED
-			);
-		} catch (BadRequestException $e) {
-			return new JSONResponse($e->getReturnMessage(), Http::STATUS_BAD_REQUEST);
-		} catch (AuthenticationFailedException $e) {
-			return new JSONResponse(["message" => "RESOURCE_NOT_FOUND"], Http::STATUS_FORBIDDEN);
-		}
-		catch (\Exception $e) {
-			return new JSONResponse(
-				['message' => 'Internal error at ' . $this->urlGenerator->getBaseUrl()],
-				Http::STATUS_BAD_REQUEST
-			);
-		}
-
-		return new JSONResponse($result,Http::STATUS_CREATED);
-
-	}
-
-	/**
-	 * map login name to internal LDAP UID if a LDAP backend is in use
-	 *
-	 * @param string $uid
-	 * @return string mixed
-	 */
-	private function mapUid($uid) {
-		\OC::$server->getURLGenerator()->linkToDocs('key');
-		// FIXME this should be a method in the user management instead
-		$this->logger->debug('shareWith before, ' . $uid, ['app' => $this->appName]);
-		\OCP\Util::emitHook(
-			'\OCA\Files_Sharing\API\Server2Server',
-			'preLoginNameUsedAsUserName',
-			array('uid' => &$uid)
-		);
-		$this->logger->debug('shareWith after, ' . $uid, ['app' => $this->appName]);
-
-		return $uid;
-	}
+    /** @var ILogger */
+    private $logger;
+
+    /** @var IUserManager */
+    private $userManager;
+
+    /** @var IURLGenerator */
+    private $urlGenerator;
+
+    /** @var ICloudFederationProviderManager */
+    private $cloudFederationProviderManager;
+
+    /** @var Config */
+    private $config;
+
+    /** @var ICloudFederationFactory */
+    private $factory;
+
+    /** @var ICloudIdManager */
+    private $cloudIdManager;
+
+    public function __construct($appName,
+                                IRequest $request,
+                                ILogger $logger,
+                                IUserManager $userManager,
+                                IURLGenerator $urlGenerator,
+                                ICloudFederationProviderManager $cloudFederationProviderManager,
+                                Config $config,
+                                ICloudFederationFactory $factory,
+                                ICloudIdManager $cloudIdManager
+    ) {
+        parent::__construct($appName, $request);
+
+        $this->logger = $logger;
+        $this->userManager = $userManager;
+        $this->urlGenerator = $urlGenerator;
+        $this->cloudFederationProviderManager = $cloudFederationProviderManager;
+        $this->config = $config;
+        $this->factory = $factory;
+        $this->cloudIdManager = $cloudIdManager;
+    }
+
+    /**
+     * add share
+     *
+     * @NoCSRFRequired
+     * @PublicPage
+     * @BruteForceProtection(action=receiveFederatedShare)
+     *
+     * @param string $shareWith
+     * @param string $name resource name (e.g. document.odt)
+     * @param string $description share description (optional)
+     * @param string $providerId resource UID on the provider side
+     * @param string $owner provider specific UID of the user who owns the resource
+     * @param string $ownerDisplayName display name of the user who shared the item
+     * @param string $sharedBy provider specific UID of the user who shared the resource
+     * @param string $sharedByDisplayName display name of the user who shared the resource
+     * @param array $protocol (e,.g. ['name' => 'webdav', 'options' => ['username' => 'john', 'permissions' => 31]])
+     * @param string $shareType ('group' or 'user' share)
+     * @param $resourceType ('file', 'calendar',...)
+     * @return Http\DataResponse|JSONResponse
+     *
+     * Example: curl -H "Content-Type: application/json" -X POST -d '{"shareWith":"admin1@serve1","name":"welcome server2.txt","description":"desc","providerId":"2","owner":"admin2@http://localhost/server2","ownerDisplayName":"admin2 display","shareType":"user","resourceType":"file","protocol":{"name":"webdav","options":{"sharedSecret":"secret","permissions":"webdav-property"}}}' http://localhost/server/index.php/ocm/shares
+     */
+    public function addShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $protocol, $shareType, $resourceType) {
+
+        if (!$this->config->incomingRequestsEnabled()) {
+            return new JSONResponse(
+                ['message' => 'This server doesn\'t support outgoing federated shares'],
+            Http::STATUS_NOT_IMPLEMENTED
+            );
+        }
+
+        // check if all required parameters are set
+        if ($shareWith === null ||
+            $name === null ||
+            $providerId === null ||
+            $owner === null ||
+            $resourceType === null ||
+            $shareType === null ||
+            !is_array($protocol) ||
+            !isset($protocol['name']) ||
+            !isset ($protocol['options']) ||
+            !is_array($protocol['options']) ||
+            !isset($protocol['options']['sharedSecret'])
+        ) {
+            return new JSONResponse(
+                ['message' => 'Missing arguments'],
+                Http::STATUS_BAD_REQUEST
+            );
+        }
+
+        $cloudId = $this->cloudIdManager->resolveCloudId($shareWith);
+        $shareWithLocalId = $cloudId->getUser();
+        $shareWith = $this->mapUid($shareWithLocalId);
+
+        if (!$this->userManager->userExists($shareWith)) {
+            return new JSONResponse(
+                ['message' => 'User "' . $shareWith . '" does not exists at ' . $this->urlGenerator->getBaseUrl()],
+                Http::STATUS_BAD_REQUEST
+            );
+        }
+
+        // if no explicit display name is given, we use the uid as display name
+        $ownerDisplayName = $ownerDisplayName === null ? $owner : $ownerDisplayName;
+        $sharedByDisplayName = $sharedByDisplayName === null ? $sharedBy : $sharedByDisplayName;
+
+        // sharedBy* parameter is optional, if nothing is set we assume that it is the same user as the owner
+        if ($sharedBy === null) {
+            $sharedBy = $owner;
+            $sharedByDisplayName = $ownerDisplayName;
+        }
+
+        try {
+            $provider = $this->cloudFederationProviderManager->getCloudFederationProvider($resourceType);
+            $share = $this->factory->getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, '', $shareType, $resourceType);
+            $share->setProtocol($protocol);
+            $id = $provider->shareReceived($share);
+        } catch (ProviderDoesNotExistsException $e) {
+            return new JSONResponse(
+                ['message' => $e->getMessage()],
+                Http::STATUS_NOT_IMPLEMENTED
+            );
+        } catch (ProviderCouldNotAddShareException $e) {
+            return new JSONResponse(
+                ['message' => $e->getMessage()],
+                $e->getCode()
+            );
+        } catch (\Exception $e) {
+            return new JSONResponse(
+                ['message' => 'Internal error at ' . $this->urlGenerator->getBaseUrl()],
+                Http::STATUS_BAD_REQUEST
+            );
+        }
+
+        $user = $this->userManager->get($shareWithLocalId);
+        $recipientDisplayName = '';
+        if($user) {
+            $recipientDisplayName = $user->getDisplayName();
+        }
+
+        return new JSONResponse(
+            ['recipientDisplayName' => $recipientDisplayName],
+            Http::STATUS_CREATED);
+
+    }
+
+    /**
+     * receive notification about existing share
+     *
+     * @NoCSRFRequired
+     * @PublicPage
+     * @BruteForceProtection(action=receiveFederatedShareNotification)
+     *
+     * @param string $notificationType (notification type, e.g. SHARE_ACCEPTED)
+     * @param string $resourceType (calendar, file, contact,...)
+     * @param string $providerId id of the share
+     * @param array $notification the actual payload of the notification
+     * @return JSONResponse
+     */
+    public function receiveNotification($notificationType, $resourceType, $providerId, array $notification) {
+        if (!$this->config->incomingRequestsEnabled()) {
+            return new JSONResponse(
+                ['message' => 'This server doesn\'t support outgoing federated shares'],
+                Http::STATUS_NOT_IMPLEMENTED
+            );
+        }
+
+        // check if all required parameters are set
+        if ($notificationType === null ||
+            $resourceType === null ||
+            $providerId === null ||
+            !is_array($notification)
+        ) {
+            return new JSONResponse(
+                ['message' => 'Missing arguments'],
+                Http::STATUS_BAD_REQUEST
+            );
+        }
+
+        try {
+            $provider = $this->cloudFederationProviderManager->getCloudFederationProvider($resourceType);
+            $result = $provider->notificationReceived($notificationType, $providerId, $notification);
+        } catch (ProviderDoesNotExistsException $e) {
+            return new JSONResponse(
+                ['message' => $e->getMessage()],
+                Http::STATUS_BAD_REQUEST
+            );
+        } catch (ShareNotFound $e) {
+            return new JSONResponse(
+                ['message' => $e->getMessage()],
+                Http::STATUS_BAD_REQUEST
+            );
+        } catch (ActionNotSupportedException $e) {
+            return new JSONResponse(
+                ['message' => $e->getMessage()],
+                Http::STATUS_NOT_IMPLEMENTED
+            );
+        } catch (BadRequestException $e) {
+            return new JSONResponse($e->getReturnMessage(), Http::STATUS_BAD_REQUEST);
+        } catch (AuthenticationFailedException $e) {
+            return new JSONResponse(["message" => "RESOURCE_NOT_FOUND"], Http::STATUS_FORBIDDEN);
+        }
+        catch (\Exception $e) {
+            return new JSONResponse(
+                ['message' => 'Internal error at ' . $this->urlGenerator->getBaseUrl()],
+                Http::STATUS_BAD_REQUEST
+            );
+        }
+
+        return new JSONResponse($result,Http::STATUS_CREATED);
+
+    }
+
+    /**
+     * map login name to internal LDAP UID if a LDAP backend is in use
+     *
+     * @param string $uid
+     * @return string mixed
+     */
+    private function mapUid($uid) {
+        \OC::$server->getURLGenerator()->linkToDocs('key');
+        // FIXME this should be a method in the user management instead
+        $this->logger->debug('shareWith before, ' . $uid, ['app' => $this->appName]);
+        \OCP\Util::emitHook(
+            '\OCA\Files_Sharing\API\Server2Server',
+            'preLoginNameUsedAsUserName',
+            array('uid' => &$uid)
+        );
+        $this->logger->debug('shareWith after, ' . $uid, ['app' => $this->appName]);
+
+        return $uid;
+    }
 
 }

apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php

Indentation +712 added lines, -712 removed lines

@@ -50,718 +50,718 @@
 
 class CloudFederationProviderFiles implements ICloudFederationProvider {
 
-	/** @var IAppManager */
-	private $appManager;
-
-	/** @var FederatedShareProvider */
-	private $federatedShareProvider;
-
-	/** @var AddressHandler */
-	private $addressHandler;
-
-	/** @var ILogger */
-	private $logger;
-
-	/** @var IUserManager */
-	private $userManager;
-
-	/** @var ICloudIdManager */
-	private $cloudIdManager;
-
-	/** @var IActivityManager */
-	private $activityManager;
-
-	/** @var INotificationManager */
-	private $notificationManager;
-
-	/** @var IURLGenerator */
-	private $urlGenerator;
-
-	/** @var ICloudFederationFactory */
-	private $cloudFederationFactory;
-
-	/** @var ICloudFederationProviderManager */
-	private $cloudFederationProviderManager;
-
-	/** @var IDBConnection */
-	private $connection;
-
-	/**
-	 * CloudFederationProvider constructor.
-	 *
-	 * @param IAppManager $appManager
-	 * @param FederatedShareProvider $federatedShareProvider
-	 * @param AddressHandler $addressHandler
-	 * @param ILogger $logger
-	 * @param IUserManager $userManager
-	 * @param ICloudIdManager $cloudIdManager
-	 * @param IActivityManager $activityManager
-	 * @param INotificationManager $notificationManager
-	 * @param IURLGenerator $urlGenerator
-	 * @param ICloudFederationFactory $cloudFederationFactory
-	 * @param ICloudFederationProviderManager $cloudFederationProviderManager
-	 * @param IDBConnection $connection
-	 */
-	public function __construct(IAppManager $appManager,
-								FederatedShareProvider $federatedShareProvider,
-								AddressHandler $addressHandler,
-								ILogger $logger,
-								IUserManager $userManager,
-								ICloudIdManager $cloudIdManager,
-								IActivityManager $activityManager,
-								INotificationManager $notificationManager,
-								IURLGenerator $urlGenerator,
-								ICloudFederationFactory $cloudFederationFactory,
-								ICloudFederationProviderManager $cloudFederationProviderManager,
-								IDBConnection $connection
-	) {
-		$this->appManager = $appManager;
-		$this->federatedShareProvider = $federatedShareProvider;
-		$this->addressHandler = $addressHandler;
-		$this->logger = $logger;
-		$this->userManager = $userManager;
-		$this->cloudIdManager = $cloudIdManager;
-		$this->activityManager = $activityManager;
-		$this->notificationManager = $notificationManager;
-		$this->urlGenerator = $urlGenerator;
-		$this->cloudFederationFactory = $cloudFederationFactory;
-		$this->cloudFederationProviderManager = $cloudFederationProviderManager;
-		$this->connection = $connection;
-	}
-
-
-
-	/**
-	 * @return string
-	 */
-	public function getShareType() {
-		return 'file';
-	}
-
-	/**
-	 * share received from another server
-	 *
-	 * @param ICloudFederationShare $share
-	 * @return string provider specific unique ID of the share
-	 *
-	 * @throws ProviderCouldNotAddShareException
-	 * @throws \OCP\AppFramework\QueryException
-	 * @throws \OC\HintException
-	 * @since 14.0.0
-	 */
-	public function shareReceived(ICloudFederationShare $share) {
-
-		if (!$this->isS2SEnabled(true)) {
-			throw new ProviderCouldNotAddShareException('Server does not support federated cloud sharing', '', Http::STATUS_SERVICE_UNAVAILABLE);
-		}
-
-		$protocol = $share->getProtocol();
-		if ($protocol['name'] !== 'webdav') {
-			throw new ProviderCouldNotAddShareException('Unsupported protocol for data exchange.', '', Http::STATUS_NOT_IMPLEMENTED);
-		}
-
-		list($ownerUid, $remote) = $this->addressHandler->splitUserRemote($share->getOwner());
-		// for backward compatibility make sure that the remote url stored in the
-		// database ends with a trailing slash
-		if (substr($remote, -1) !== '/') {
-			$remote = $remote . '/';
-		}
-
-		$token = $share->getShareSecret();
-		$name = $share->getResourceName();
-		$owner = $share->getOwnerDisplayName();
-		$sharedBy = $share->getSharedByDisplayName();
-		$shareWith = $share->getShareWith();
-		$remoteId = $share->getProviderId();
-		$sharedByFederatedId = $share->getSharedBy();
-		$ownerFederatedId = $share->getOwner();
-
-		// if no explicit information about the person who created the share was send
-		// we assume that the share comes from the owner
-		if ($sharedByFederatedId === null) {
-			$sharedBy = $owner;
-			$sharedByFederatedId = $ownerFederatedId;
-		}
-
-		if ($remote && $token && $name && $owner && $remoteId && $shareWith) {
-
-			if (!Util::isValidFileName($name)) {
-				throw new ProviderCouldNotAddShareException('The mountpoint name contains invalid characters.', '', Http::STATUS_BAD_REQUEST);
-			}
-
-			// FIXME this should be a method in the user management instead
-			$this->logger->debug('shareWith before, ' . $shareWith, ['app' => 'files_sharing']);
-			Util::emitHook(
-				'\OCA\Files_Sharing\API\Server2Server',
-				'preLoginNameUsedAsUserName',
-				array('uid' => &$shareWith)
-			);
-			$this->logger->debug('shareWith after, ' . $shareWith, ['app' => 'files_sharing']);
-
-			if (!$this->userManager->userExists($shareWith)) {
-				throw new ProviderCouldNotAddShareException('User does not exists', '',Http::STATUS_BAD_REQUEST);
-			}
-
-			\OC_Util::setupFS($shareWith);
-
-			$externalManager = new \OCA\Files_Sharing\External\Manager(
-				\OC::$server->getDatabaseConnection(),
-				Filesystem::getMountManager(),
-				Filesystem::getLoader(),
-				\OC::$server->getHTTPClientService(),
-				\OC::$server->getNotificationManager(),
-				\OC::$server->query(\OCP\OCS\IDiscoveryService::class),
-				\OC::$server->getCloudFederationProviderManager(),
-				\OC::$server->getCloudFederationFactory(),
-				$shareWith
-			);
-
-			try {
-				$externalManager->addShare($remote, $token, '', $name, $owner, false, $shareWith, $remoteId);
-				$shareId = \OC::$server->getDatabaseConnection()->lastInsertId('*PREFIX*share_external');
-
-				$event = $this->activityManager->generateEvent();
-				$event->setApp('files_sharing')
-					->setType('remote_share')
-					->setSubject(RemoteShares::SUBJECT_REMOTE_SHARE_RECEIVED, [$ownerFederatedId, trim($name, '/')])
-					->setAffectedUser($shareWith)
-					->setObject('remote_share', (int)$shareId, $name);
-				\OC::$server->getActivityManager()->publish($event);
-
-				$notification = $this->notificationManager->createNotification();
-				$notification->setApp('files_sharing')
-					->setUser($shareWith)
-					->setDateTime(new \DateTime())
-					->setObject('remote_share', $shareId)
-					->setSubject('remote_share', [$ownerFederatedId, $sharedByFederatedId, trim($name, '/')]);
-
-				$declineAction = $notification->createAction();
-				$declineAction->setLabel('decline')
-					->setLink($this->urlGenerator->getAbsoluteURL($this->urlGenerator->linkTo('', 'ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending/' . $shareId)), 'DELETE');
-				$notification->addAction($declineAction);
-
-				$acceptAction = $notification->createAction();
-				$acceptAction->setLabel('accept')
-					->setLink($this->urlGenerator->getAbsoluteURL($this->urlGenerator->linkTo('', 'ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending/' . $shareId)), 'POST');
-				$notification->addAction($acceptAction);
-
-				$this->notificationManager->notify($notification);
-
-				return $shareId;
-			} catch (\Exception $e) {
-				$this->logger->logException($e, [
-					'message' => 'Server can not add remote share.',
-					'level' => ILogger::ERROR,
-					'app' => 'files_sharing'
-				]);
-				throw new ProviderCouldNotAddShareException('internal server error, was not able to add share from ' . $remote, '', HTTP::STATUS_INTERNAL_SERVER_ERROR);
-			}
-		}
-
-		throw new ProviderCouldNotAddShareException('server can not add remote share, missing parameter', '', HTTP::STATUS_BAD_REQUEST);
-
-	}
-
-	/**
-	 * notification received from another server
-	 *
-	 * @param string $notificationType (e.g. SHARE_ACCEPTED)
-	 * @param string $providerId id of the share
-	 * @param array $notification payload of the notification
-	 * @return array data send back to the sender
-	 *
-	 * @throws ActionNotSupportedException
-	 * @throws AuthenticationFailedException
-	 * @throws BadRequestException
-	 * @throws \OC\HintException
-	 * @since 14.0.0
-	 */
-	public function notificationReceived($notificationType, $providerId, array $notification) {
-
-		switch ($notificationType) {
-			case 'SHARE_ACCEPTED':
-				return $this->shareAccepted($providerId, $notification);
-			case 'SHARE_DECLINED':
-				return $this->shareDeclined($providerId, $notification);
-			case 'SHARE_UNSHARED':
-				return $this->unshare($providerId, $notification);
-			case 'REQUEST_RESHARE':
-				return $this->reshareRequested($providerId, $notification);
-			case 'RESHARE_UNDO':
-				return $this->undoReshare($providerId, $notification);
-			case 'RESHARE_CHANGE_PERMISSION':
-				return $this->updateResharePermissions($providerId, $notification);
-		}
-
-
-		throw new BadRequestException([$notificationType]);
-	}
-
-	/**
-	 * process notification that the recipient accepted a share
-	 *
-	 * @param string $id
-	 * @param array $notification
-	 * @return array
-	 * @throws ActionNotSupportedException
-	 * @throws AuthenticationFailedException
-	 * @throws BadRequestException
-	 * @throws \OC\HintException
-	 */
-	private function shareAccepted($id, array $notification) {
-
-		if (!$this->isS2SEnabled()) {
-			throw new ActionNotSupportedException('Server does not support federated cloud sharing');
-		}
-
-		if (!isset($notification['sharedSecret'])) {
-			throw new BadRequestException(['sharedSecret']);
-		}
-
-		$token = $notification['sharedSecret'];
-
-		$share = $this->federatedShareProvider->getShareById($id);
-
-		$this->verifyShare($share, $token);
-		$this->executeAcceptShare($share);
-		if ($share->getShareOwner() !== $share->getSharedBy()) {
-			list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
-			$remoteId = $this->federatedShareProvider->getRemoteId($share);
-			$notification = $this->cloudFederationFactory->getCloudFederationNotification();
-			$notification->setMessage(
-				'SHARE_ACCEPTED',
-				'file',
-				$remoteId,
-				[
-					'sharedSecret' => $token,
-					'message' => 'Recipient accepted the re-share'
-				]
-
-			);
-			$this->cloudFederationProviderManager->sendNotification($remote, $notification);
-
-		}
-
-		return [];
-	}
-
-	/**
-	 * @param IShare $share
-	 * @throws ShareNotFound
-	 */
-	protected function executeAcceptShare(IShare $share) {
-		try {
-			$fileId = (int)$share->getNode()->getId();
-			list($file, $link) = $this->getFile($this->getCorrectUid($share), $fileId);
-		} catch (\Exception $e) {
-			throw new ShareNotFound();
-		}
-
-		$event = $this->activityManager->generateEvent();
-		$event->setApp('files_sharing')
-			->setType('remote_share')
-			->setAffectedUser($this->getCorrectUid($share))
-			->setSubject(RemoteShares::SUBJECT_REMOTE_SHARE_ACCEPTED, [$share->getSharedWith(), [$fileId => $file]])
-			->setObject('files', $fileId, $file)
-			->setLink($link);
-		$this->activityManager->publish($event);
-	}
-
-	/**
-	 * process notification that the recipient declined a share
-	 *
-	 * @param string $id
-	 * @param array $notification
-	 * @return array
-	 * @throws ActionNotSupportedException
-	 * @throws AuthenticationFailedException
-	 * @throws BadRequestException
-	 * @throws ShareNotFound
-	 * @throws \OC\HintException
-	 *
-	 */
-	protected function shareDeclined($id, array $notification) {
-
-		if (!$this->isS2SEnabled()) {
-			throw new ActionNotSupportedException('Server does not support federated cloud sharing');
-		}
-
-		if (!isset($notification['sharedSecret'])) {
-			throw new BadRequestException(['sharedSecret']);
-		}
-
-		$token = $notification['sharedSecret'];
-
-		$share = $this->federatedShareProvider->getShareById($id);
-
-		$this->verifyShare($share, $token);
-
-		if ($share->getShareOwner() !== $share->getSharedBy()) {
-			list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
-			$remoteId = $this->federatedShareProvider->getRemoteId($share);
-			$notification = $this->cloudFederationFactory->getCloudFederationNotification();
-			$notification->setMessage(
-				'SHARE_DECLINED',
-				'file',
-				$remoteId,
-				[
-					'sharedSecret' => $token,
-					'message' => 'Recipient declined the re-share'
-				]
-
-			);
-			$this->cloudFederationProviderManager->sendNotification($remote, $notification);
-		}
-
-		$this->executeDeclineShare($share);
-
-		return [];
-
-	}
-
-	/**
-	 * delete declined share and create a activity
-	 *
-	 * @param IShare $share
-	 * @throws ShareNotFound
-	 */
-	protected function executeDeclineShare(IShare $share) {
-		$this->federatedShareProvider->removeShareFromTable($share);
-
-		try {
-			$fileId = (int)$share->getNode()->getId();
-			list($file, $link) = $this->getFile($this->getCorrectUid($share), $fileId);
-		} catch (\Exception $e) {
-			throw new ShareNotFound();
-		}
-
-		$event = $this->activityManager->generateEvent();
-		$event->setApp('files_sharing')
-			->setType('remote_share')
-			->setAffectedUser($this->getCorrectUid($share))
-			->setSubject(RemoteShares::SUBJECT_REMOTE_SHARE_DECLINED, [$share->getSharedWith(), [$fileId => $file]])
-			->setObject('files', $fileId, $file)
-			->setLink($link);
-		$this->activityManager->publish($event);
-
-	}
-
-	/**
-	 * received the notification that the owner unshared a file from you
-	 *
-	 * @param string $id
-	 * @param array $notification
-	 * @return array
-	 * @throws AuthenticationFailedException
-	 * @throws BadRequestException
-	 */
-	private function undoReshare($id, array $notification) {
-		if (!isset($notification['sharedSecret'])) {
-			throw new BadRequestException(['sharedSecret']);
-		}
-		$token = $notification['sharedSecret'];
-
-		$share = $this->federatedShareProvider->getShareById($id);
-
-		$this->verifyShare($share, $token);
-		$this->federatedShareProvider->removeShareFromTable($share);
-		return [];
-	}
-
-	/**
-	 * unshare file from self
-	 *
-	 * @param string $id
-	 * @param array $notification
-	 * @return array
-	 * @throws ActionNotSupportedException
-	 * @throws BadRequestException
-	 */
-	private function unshare($id, array $notification) {
-
-		if (!$this->isS2SEnabled(true)) {
-			throw new ActionNotSupportedException("incoming shares disabled!");
-		}
-
-		if (!isset($notification['sharedSecret'])) {
-			throw new BadRequestException(['sharedSecret']);
-		}
-		$token = $notification['sharedSecret'];
-
-		$qb = $this->connection->getQueryBuilder();
-		$qb->select('*')
-			->from('share_external')
-			->where(
-				$qb->expr()->andX(
-					$qb->expr()->eq('remote_id', $qb->createNamedParameter($id)),
-					$qb->expr()->eq('share_token', $qb->createNamedParameter($token))
-				)
-			);
-
-		$result = $qb->execute();
-		$share = $result->fetch();
-		$result->closeCursor();
-
-		if ($token && $id && !empty($share)) {
-
-			$remote = $this->cleanupRemote($share['remote']);
-
-			$owner = $this->cloudIdManager->getCloudId($share['owner'], $remote);
-			$mountpoint = $share['mountpoint'];
-			$user = $share['user'];
-
-			$qb = $this->connection->getQueryBuilder();
-			$qb->delete('share_external')
-				->where(
-					$qb->expr()->andX(
-						$qb->expr()->eq('remote_id', $qb->createNamedParameter($id)),
-						$qb->expr()->eq('share_token', $qb->createNamedParameter($token))
-					)
-				);
-
-			$qb->execute();
-
-			if ($share['accepted']) {
-				$path = trim($mountpoint, '/');
-			} else {
-				$path = trim($share['name'], '/');
-			}
-
-			$notification = $this->notificationManager->createNotification();
-			$notification->setApp('files_sharing')
-				->setUser($share['user'])
-				->setObject('remote_share', (int)$share['id']);
-			$this->notificationManager->markProcessed($notification);
-
-			$event = $this->activityManager->generateEvent();
-			$event->setApp('files_sharing')
-				->setType('remote_share')
-				->setSubject(RemoteShares::SUBJECT_REMOTE_SHARE_UNSHARED, [$owner->getId(), $path])
-				->setAffectedUser($user)
-				->setObject('remote_share', (int)$share['id'], $path);
-			\OC::$server->getActivityManager()->publish($event);
-		}
-
-		return [];
-	}
-
-	private function cleanupRemote($remote) {
-		$remote = substr($remote, strpos($remote, '://') + 3);
-
-		return rtrim($remote, '/');
-	}
-
-	/**
-	 * recipient of a share request to re-share the file with another user
-	 *
-	 * @param string $id
-	 * @param array $notification
-	 * @return array
-	 * @throws AuthenticationFailedException
-	 * @throws BadRequestException
-	 * @throws ProviderCouldNotAddShareException
-	 * @throws ShareNotFound
-	 */
-	protected function reshareRequested($id, array $notification) {
-
-		if (!isset($notification['sharedSecret'])) {
-			throw new BadRequestException(['sharedSecret']);
-		}
-		$token = $notification['sharedSecret'];
-
-		if (!isset($notification['shareWith'])) {
-			throw new BadRequestException(['shareWith']);
-		}
-		$shareWith = $notification['shareWith'];
-
-		if (!isset($notification['senderId'])) {
-			throw new BadRequestException(['senderId']);
-		}
-		$senderId = $notification['senderId'];
-
-		$share = $this->federatedShareProvider->getShareById($id);
-		// don't allow to share a file back to the owner
-		try {
-			list($user, $remote) = $this->addressHandler->splitUserRemote($shareWith);
-			$owner = $share->getShareOwner();
-			$currentServer = $this->addressHandler->generateRemoteURL();
-			if ($this->addressHandler->compareAddresses($user, $remote, $owner, $currentServer)) {
-				throw new ProviderCouldNotAddShareException('Resharing back to the owner is not allowed: ' . $id);
-			}
-		} catch (\Exception $e) {
-			throw new ProviderCouldNotAddShareException($e->getMessage());
-		}
-
-		$this->verifyShare($share, $token);
-
-		// check if re-sharing is allowed
-		if ($share->getPermissions() & Constants::PERMISSION_SHARE) {
-			// the recipient of the initial share is now the initiator for the re-share
-			$share->setSharedBy($share->getSharedWith());
-			$share->setSharedWith($shareWith);
-			$result = $this->federatedShareProvider->create($share);
-			$this->federatedShareProvider->storeRemoteId((int)$result->getId(), $senderId);
-			return ['token' => $result->getToken(), 'providerId' => $result->getId()];
-		} else {
-			throw new ProviderCouldNotAddShareException('resharing not allowed for share: ' . $id);
-		}
-
-	}
-
-	/**
-	 * update permission of a re-share so that the share dialog shows the right
-	 * permission if the owner or the sender changes the permission
-	 *
-	 * @param string $id
-	 * @param array $notification
-	 * @return array
-	 * @throws AuthenticationFailedException
-	 * @throws BadRequestException
-	 */
-	protected function updateResharePermissions($id, array $notification) {
-
-		if (!isset($notification['sharedSecret'])) {
-			throw new BadRequestException(['sharedSecret']);
-		}
-		$token = $notification['sharedSecret'];
-
-		if (!isset($notification['permission'])) {
-			throw new BadRequestException(['permission']);
-		}
-		$ocmPermissions = $notification['permission'];
-
-		$share = $this->federatedShareProvider->getShareById($id);
-
-		$ncPermission = $this->ocmPermissions2ncPermissions($ocmPermissions);
-
-		$this->verifyShare($share, $token);
-		$this->updatePermissionsInDatabase($share, $ncPermission);
-
-		return [];
-	}
-
-	/**
-	 * translate OCM Permissions to Nextcloud permissions
-	 *
-	 * @param array $ocmPermissions
-	 * @return int
-	 * @throws BadRequestException
-	 */
-	protected function ocmPermissions2ncPermissions(array $ocmPermissions) {
-		$ncPermissions = 0;
-		foreach($ocmPermissions as $permission) {
-			switch (strtolower($permission)) {
-				case 'read':
-					$ncPermissions += Constants::PERMISSION_READ;
-					break;
-				case 'write':
-					$ncPermissions += Constants::PERMISSION_CREATE + Constants::PERMISSION_UPDATE;
-					break;
-				case 'share':
-					$ncPermissions += Constants::PERMISSION_SHARE;
-					break;
-				default:
-					throw new BadRequestException(['permission']);
-			}
-
-			error_log("new permissions: " . $ncPermissions);
-		}
-
-		return $ncPermissions;
-	}
-
-	/**
-	 * update permissions in database
-	 *
-	 * @param IShare $share
-	 * @param int $permissions
-	 */
-	protected function updatePermissionsInDatabase(IShare $share, $permissions) {
-		$query = $this->connection->getQueryBuilder();
-		$query->update('share')
-			->where($query->expr()->eq('id', $query->createNamedParameter($share->getId())))
-			->set('permissions', $query->createNamedParameter($permissions))
-			->execute();
-	}
-
-
-	/**
-	 * get file
-	 *
-	 * @param string $user
-	 * @param int $fileSource
-	 * @return array with internal path of the file and a absolute link to it
-	 */
-	private function getFile($user, $fileSource) {
-		\OC_Util::setupFS($user);
-
-		try {
-			$file = Filesystem::getPath($fileSource);
-		} catch (NotFoundException $e) {
-			$file = null;
-		}
-		$args = Filesystem::is_dir($file) ? array('dir' => $file) : array('dir' => dirname($file), 'scrollto' => $file);
-		$link = Util::linkToAbsolute('files', 'index.php', $args);
-
-		return [$file, $link];
-
-	}
-
-	/**
-	 * check if we are the initiator or the owner of a re-share and return the correct UID
-	 *
-	 * @param IShare $share
-	 * @return string
-	 */
-	protected function getCorrectUid(IShare $share) {
-		if ($this->userManager->userExists($share->getShareOwner())) {
-			return $share->getShareOwner();
-		}
-
-		return $share->getSharedBy();
-	}
-
-
-
-	/**
-	 * check if we got the right share
-	 *
-	 * @param IShare $share
-	 * @param string $token
-	 * @return bool
-	 * @throws AuthenticationFailedException
-	 */
-	protected function verifyShare(IShare $share, $token) {
-		if (
-			$share->getShareType() === FederatedShareProvider::SHARE_TYPE_REMOTE &&
-			$share->getToken() === $token
-		) {
-			return true;
-		}
-
-		throw new AuthenticationFailedException();
-	}
-
-
-
-	/**
-	 * check if server-to-server sharing is enabled
-	 *
-	 * @param bool $incoming
-	 * @return bool
-	 */
-	private function isS2SEnabled($incoming = false) {
-
-		$result = $this->appManager->isEnabledForUser('files_sharing');
-
-		if ($incoming) {
-			$result = $result && $this->federatedShareProvider->isIncomingServer2serverShareEnabled();
-		} else {
-			$result = $result && $this->federatedShareProvider->isOutgoingServer2serverShareEnabled();
-		}
-
-		return $result;
-	}
+    /** @var IAppManager */
+    private $appManager;
+
+    /** @var FederatedShareProvider */
+    private $federatedShareProvider;
+
+    /** @var AddressHandler */
+    private $addressHandler;
+
+    /** @var ILogger */
+    private $logger;
+
+    /** @var IUserManager */
+    private $userManager;
+
+    /** @var ICloudIdManager */
+    private $cloudIdManager;
+
+    /** @var IActivityManager */
+    private $activityManager;
+
+    /** @var INotificationManager */
+    private $notificationManager;
+
+    /** @var IURLGenerator */
+    private $urlGenerator;
+
+    /** @var ICloudFederationFactory */
+    private $cloudFederationFactory;
+
+    /** @var ICloudFederationProviderManager */
+    private $cloudFederationProviderManager;
+
+    /** @var IDBConnection */
+    private $connection;
+
+    /**
+     * CloudFederationProvider constructor.
+     *
+     * @param IAppManager $appManager
+     * @param FederatedShareProvider $federatedShareProvider
+     * @param AddressHandler $addressHandler
+     * @param ILogger $logger
+     * @param IUserManager $userManager
+     * @param ICloudIdManager $cloudIdManager
+     * @param IActivityManager $activityManager
+     * @param INotificationManager $notificationManager
+     * @param IURLGenerator $urlGenerator
+     * @param ICloudFederationFactory $cloudFederationFactory
+     * @param ICloudFederationProviderManager $cloudFederationProviderManager
+     * @param IDBConnection $connection
+     */
+    public function __construct(IAppManager $appManager,
+                                FederatedShareProvider $federatedShareProvider,
+                                AddressHandler $addressHandler,
+                                ILogger $logger,
+                                IUserManager $userManager,
+                                ICloudIdManager $cloudIdManager,
+                                IActivityManager $activityManager,
+                                INotificationManager $notificationManager,
+                                IURLGenerator $urlGenerator,
+                                ICloudFederationFactory $cloudFederationFactory,
+                                ICloudFederationProviderManager $cloudFederationProviderManager,
+                                IDBConnection $connection
+    ) {
+        $this->appManager = $appManager;
+        $this->federatedShareProvider = $federatedShareProvider;
+        $this->addressHandler = $addressHandler;
+        $this->logger = $logger;
+        $this->userManager = $userManager;
+        $this->cloudIdManager = $cloudIdManager;
+        $this->activityManager = $activityManager;
+        $this->notificationManager = $notificationManager;
+        $this->urlGenerator = $urlGenerator;
+        $this->cloudFederationFactory = $cloudFederationFactory;
+        $this->cloudFederationProviderManager = $cloudFederationProviderManager;
+        $this->connection = $connection;
+    }
+
+
+
+    /**
+     * @return string
+     */
+    public function getShareType() {
+        return 'file';
+    }
+
+    /**
+     * share received from another server
+     *
+     * @param ICloudFederationShare $share
+     * @return string provider specific unique ID of the share
+     *
+     * @throws ProviderCouldNotAddShareException
+     * @throws \OCP\AppFramework\QueryException
+     * @throws \OC\HintException
+     * @since 14.0.0
+     */
+    public function shareReceived(ICloudFederationShare $share) {
+
+        if (!$this->isS2SEnabled(true)) {
+            throw new ProviderCouldNotAddShareException('Server does not support federated cloud sharing', '', Http::STATUS_SERVICE_UNAVAILABLE);
+        }
+
+        $protocol = $share->getProtocol();
+        if ($protocol['name'] !== 'webdav') {
+            throw new ProviderCouldNotAddShareException('Unsupported protocol for data exchange.', '', Http::STATUS_NOT_IMPLEMENTED);
+        }
+
+        list($ownerUid, $remote) = $this->addressHandler->splitUserRemote($share->getOwner());
+        // for backward compatibility make sure that the remote url stored in the
+        // database ends with a trailing slash
+        if (substr($remote, -1) !== '/') {
+            $remote = $remote . '/';
+        }
+
+        $token = $share->getShareSecret();
+        $name = $share->getResourceName();
+        $owner = $share->getOwnerDisplayName();
+        $sharedBy = $share->getSharedByDisplayName();
+        $shareWith = $share->getShareWith();
+        $remoteId = $share->getProviderId();
+        $sharedByFederatedId = $share->getSharedBy();
+        $ownerFederatedId = $share->getOwner();
+
+        // if no explicit information about the person who created the share was send
+        // we assume that the share comes from the owner
+        if ($sharedByFederatedId === null) {
+            $sharedBy = $owner;
+            $sharedByFederatedId = $ownerFederatedId;
+        }
+
+        if ($remote && $token && $name && $owner && $remoteId && $shareWith) {
+
+            if (!Util::isValidFileName($name)) {
+                throw new ProviderCouldNotAddShareException('The mountpoint name contains invalid characters.', '', Http::STATUS_BAD_REQUEST);
+            }
+
+            // FIXME this should be a method in the user management instead
+            $this->logger->debug('shareWith before, ' . $shareWith, ['app' => 'files_sharing']);
+            Util::emitHook(
+                '\OCA\Files_Sharing\API\Server2Server',
+                'preLoginNameUsedAsUserName',
+                array('uid' => &$shareWith)
+            );
+            $this->logger->debug('shareWith after, ' . $shareWith, ['app' => 'files_sharing']);
+
+            if (!$this->userManager->userExists($shareWith)) {
+                throw new ProviderCouldNotAddShareException('User does not exists', '',Http::STATUS_BAD_REQUEST);
+            }
+
+            \OC_Util::setupFS($shareWith);
+
+            $externalManager = new \OCA\Files_Sharing\External\Manager(
+                \OC::$server->getDatabaseConnection(),
+                Filesystem::getMountManager(),
+                Filesystem::getLoader(),
+                \OC::$server->getHTTPClientService(),
+                \OC::$server->getNotificationManager(),
+                \OC::$server->query(\OCP\OCS\IDiscoveryService::class),
+                \OC::$server->getCloudFederationProviderManager(),
+                \OC::$server->getCloudFederationFactory(),
+                $shareWith
+            );
+
+            try {
+                $externalManager->addShare($remote, $token, '', $name, $owner, false, $shareWith, $remoteId);
+                $shareId = \OC::$server->getDatabaseConnection()->lastInsertId('*PREFIX*share_external');
+
+                $event = $this->activityManager->generateEvent();
+                $event->setApp('files_sharing')
+                    ->setType('remote_share')
+                    ->setSubject(RemoteShares::SUBJECT_REMOTE_SHARE_RECEIVED, [$ownerFederatedId, trim($name, '/')])
+                    ->setAffectedUser($shareWith)
+                    ->setObject('remote_share', (int)$shareId, $name);
+                \OC::$server->getActivityManager()->publish($event);
+
+                $notification = $this->notificationManager->createNotification();
+                $notification->setApp('files_sharing')
+                    ->setUser($shareWith)
+                    ->setDateTime(new \DateTime())
+                    ->setObject('remote_share', $shareId)
+                    ->setSubject('remote_share', [$ownerFederatedId, $sharedByFederatedId, trim($name, '/')]);
+
+                $declineAction = $notification->createAction();
+                $declineAction->setLabel('decline')
+                    ->setLink($this->urlGenerator->getAbsoluteURL($this->urlGenerator->linkTo('', 'ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending/' . $shareId)), 'DELETE');
+                $notification->addAction($declineAction);
+
+                $acceptAction = $notification->createAction();
+                $acceptAction->setLabel('accept')
+                    ->setLink($this->urlGenerator->getAbsoluteURL($this->urlGenerator->linkTo('', 'ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending/' . $shareId)), 'POST');
+                $notification->addAction($acceptAction);
+
+                $this->notificationManager->notify($notification);
+
+                return $shareId;
+            } catch (\Exception $e) {
+                $this->logger->logException($e, [
+                    'message' => 'Server can not add remote share.',
+                    'level' => ILogger::ERROR,
+                    'app' => 'files_sharing'
+                ]);
+                throw new ProviderCouldNotAddShareException('internal server error, was not able to add share from ' . $remote, '', HTTP::STATUS_INTERNAL_SERVER_ERROR);
+            }
+        }
+
+        throw new ProviderCouldNotAddShareException('server can not add remote share, missing parameter', '', HTTP::STATUS_BAD_REQUEST);
+
+    }
+
+    /**
+     * notification received from another server
+     *
+     * @param string $notificationType (e.g. SHARE_ACCEPTED)
+     * @param string $providerId id of the share
+     * @param array $notification payload of the notification
+     * @return array data send back to the sender
+     *
+     * @throws ActionNotSupportedException
+     * @throws AuthenticationFailedException
+     * @throws BadRequestException
+     * @throws \OC\HintException
+     * @since 14.0.0
+     */
+    public function notificationReceived($notificationType, $providerId, array $notification) {
+
+        switch ($notificationType) {
+            case 'SHARE_ACCEPTED':
+                return $this->shareAccepted($providerId, $notification);
+            case 'SHARE_DECLINED':
+                return $this->shareDeclined($providerId, $notification);
+            case 'SHARE_UNSHARED':
+                return $this->unshare($providerId, $notification);
+            case 'REQUEST_RESHARE':
+                return $this->reshareRequested($providerId, $notification);
+            case 'RESHARE_UNDO':
+                return $this->undoReshare($providerId, $notification);
+            case 'RESHARE_CHANGE_PERMISSION':
+                return $this->updateResharePermissions($providerId, $notification);
+        }
+
+
+        throw new BadRequestException([$notificationType]);
+    }
+
+    /**
+     * process notification that the recipient accepted a share
+     *
+     * @param string $id
+     * @param array $notification
+     * @return array
+     * @throws ActionNotSupportedException
+     * @throws AuthenticationFailedException
+     * @throws BadRequestException
+     * @throws \OC\HintException
+     */
+    private function shareAccepted($id, array $notification) {
+
+        if (!$this->isS2SEnabled()) {
+            throw new ActionNotSupportedException('Server does not support federated cloud sharing');
+        }
+
+        if (!isset($notification['sharedSecret'])) {
+            throw new BadRequestException(['sharedSecret']);
+        }
+
+        $token = $notification['sharedSecret'];
+
+        $share = $this->federatedShareProvider->getShareById($id);
+
+        $this->verifyShare($share, $token);
+        $this->executeAcceptShare($share);
+        if ($share->getShareOwner() !== $share->getSharedBy()) {
+            list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
+            $remoteId = $this->federatedShareProvider->getRemoteId($share);
+            $notification = $this->cloudFederationFactory->getCloudFederationNotification();
+            $notification->setMessage(
+                'SHARE_ACCEPTED',
+                'file',
+                $remoteId,
+                [
+                    'sharedSecret' => $token,
+                    'message' => 'Recipient accepted the re-share'
+                ]
+
+            );
+            $this->cloudFederationProviderManager->sendNotification($remote, $notification);
+
+        }
+
+        return [];
+    }
+
+    /**
+     * @param IShare $share
+     * @throws ShareNotFound
+     */
+    protected function executeAcceptShare(IShare $share) {
+        try {
+            $fileId = (int)$share->getNode()->getId();
+            list($file, $link) = $this->getFile($this->getCorrectUid($share), $fileId);
+        } catch (\Exception $e) {
+            throw new ShareNotFound();
+        }
+
+        $event = $this->activityManager->generateEvent();
+        $event->setApp('files_sharing')
+            ->setType('remote_share')
+            ->setAffectedUser($this->getCorrectUid($share))
+            ->setSubject(RemoteShares::SUBJECT_REMOTE_SHARE_ACCEPTED, [$share->getSharedWith(), [$fileId => $file]])
+            ->setObject('files', $fileId, $file)
+            ->setLink($link);
+        $this->activityManager->publish($event);
+    }
+
+    /**
+     * process notification that the recipient declined a share
+     *
+     * @param string $id
+     * @param array $notification
+     * @return array
+     * @throws ActionNotSupportedException
+     * @throws AuthenticationFailedException
+     * @throws BadRequestException
+     * @throws ShareNotFound
+     * @throws \OC\HintException
+     *
+     */
+    protected function shareDeclined($id, array $notification) {
+
+        if (!$this->isS2SEnabled()) {
+            throw new ActionNotSupportedException('Server does not support federated cloud sharing');
+        }
+
+        if (!isset($notification['sharedSecret'])) {
+            throw new BadRequestException(['sharedSecret']);
+        }
+
+        $token = $notification['sharedSecret'];
+
+        $share = $this->federatedShareProvider->getShareById($id);
+
+        $this->verifyShare($share, $token);
+
+        if ($share->getShareOwner() !== $share->getSharedBy()) {
+            list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
+            $remoteId = $this->federatedShareProvider->getRemoteId($share);
+            $notification = $this->cloudFederationFactory->getCloudFederationNotification();
+            $notification->setMessage(
+                'SHARE_DECLINED',
+                'file',
+                $remoteId,
+                [
+                    'sharedSecret' => $token,
+                    'message' => 'Recipient declined the re-share'
+                ]
+
+            );
+            $this->cloudFederationProviderManager->sendNotification($remote, $notification);
+        }
+
+        $this->executeDeclineShare($share);
+
+        return [];
+
+    }
+
+    /**
+     * delete declined share and create a activity
+     *
+     * @param IShare $share
+     * @throws ShareNotFound
+     */
+    protected function executeDeclineShare(IShare $share) {
+        $this->federatedShareProvider->removeShareFromTable($share);
+
+        try {
+            $fileId = (int)$share->getNode()->getId();
+            list($file, $link) = $this->getFile($this->getCorrectUid($share), $fileId);
+        } catch (\Exception $e) {
+            throw new ShareNotFound();
+        }
+
+        $event = $this->activityManager->generateEvent();
+        $event->setApp('files_sharing')
+            ->setType('remote_share')
+            ->setAffectedUser($this->getCorrectUid($share))
+            ->setSubject(RemoteShares::SUBJECT_REMOTE_SHARE_DECLINED, [$share->getSharedWith(), [$fileId => $file]])
+            ->setObject('files', $fileId, $file)
+            ->setLink($link);
+        $this->activityManager->publish($event);
+
+    }
+
+    /**
+     * received the notification that the owner unshared a file from you
+     *
+     * @param string $id
+     * @param array $notification
+     * @return array
+     * @throws AuthenticationFailedException
+     * @throws BadRequestException
+     */
+    private function undoReshare($id, array $notification) {
+        if (!isset($notification['sharedSecret'])) {
+            throw new BadRequestException(['sharedSecret']);
+        }
+        $token = $notification['sharedSecret'];
+
+        $share = $this->federatedShareProvider->getShareById($id);
+
+        $this->verifyShare($share, $token);
+        $this->federatedShareProvider->removeShareFromTable($share);
+        return [];
+    }
+
+    /**
+     * unshare file from self
+     *
+     * @param string $id
+     * @param array $notification
+     * @return array
+     * @throws ActionNotSupportedException
+     * @throws BadRequestException
+     */
+    private function unshare($id, array $notification) {
+
+        if (!$this->isS2SEnabled(true)) {
+            throw new ActionNotSupportedException("incoming shares disabled!");
+        }
+
+        if (!isset($notification['sharedSecret'])) {
+            throw new BadRequestException(['sharedSecret']);
+        }
+        $token = $notification['sharedSecret'];
+
+        $qb = $this->connection->getQueryBuilder();
+        $qb->select('*')
+            ->from('share_external')
+            ->where(
+                $qb->expr()->andX(
+                    $qb->expr()->eq('remote_id', $qb->createNamedParameter($id)),
+                    $qb->expr()->eq('share_token', $qb->createNamedParameter($token))
+                )
+            );
+
+        $result = $qb->execute();
+        $share = $result->fetch();
+        $result->closeCursor();
+
+        if ($token && $id && !empty($share)) {
+
+            $remote = $this->cleanupRemote($share['remote']);
+
+            $owner = $this->cloudIdManager->getCloudId($share['owner'], $remote);
+            $mountpoint = $share['mountpoint'];
+            $user = $share['user'];
+
+            $qb = $this->connection->getQueryBuilder();
+            $qb->delete('share_external')
+                ->where(
+                    $qb->expr()->andX(
+                        $qb->expr()->eq('remote_id', $qb->createNamedParameter($id)),
+                        $qb->expr()->eq('share_token', $qb->createNamedParameter($token))
+                    )
+                );
+
+            $qb->execute();
+
+            if ($share['accepted']) {
+                $path = trim($mountpoint, '/');
+            } else {
+                $path = trim($share['name'], '/');
+            }
+
+            $notification = $this->notificationManager->createNotification();
+            $notification->setApp('files_sharing')
+                ->setUser($share['user'])
+                ->setObject('remote_share', (int)$share['id']);
+            $this->notificationManager->markProcessed($notification);
+
+            $event = $this->activityManager->generateEvent();
+            $event->setApp('files_sharing')
+                ->setType('remote_share')
+                ->setSubject(RemoteShares::SUBJECT_REMOTE_SHARE_UNSHARED, [$owner->getId(), $path])
+                ->setAffectedUser($user)
+                ->setObject('remote_share', (int)$share['id'], $path);
+            \OC::$server->getActivityManager()->publish($event);
+        }
+
+        return [];
+    }
+
+    private function cleanupRemote($remote) {
+        $remote = substr($remote, strpos($remote, '://') + 3);
+
+        return rtrim($remote, '/');
+    }
+
+    /**
+     * recipient of a share request to re-share the file with another user
+     *
+     * @param string $id
+     * @param array $notification
+     * @return array
+     * @throws AuthenticationFailedException
+     * @throws BadRequestException
+     * @throws ProviderCouldNotAddShareException
+     * @throws ShareNotFound
+     */
+    protected function reshareRequested($id, array $notification) {
+
+        if (!isset($notification['sharedSecret'])) {
+            throw new BadRequestException(['sharedSecret']);
+        }
+        $token = $notification['sharedSecret'];
+
+        if (!isset($notification['shareWith'])) {
+            throw new BadRequestException(['shareWith']);
+        }
+        $shareWith = $notification['shareWith'];
+
+        if (!isset($notification['senderId'])) {
+            throw new BadRequestException(['senderId']);
+        }
+        $senderId = $notification['senderId'];
+
+        $share = $this->federatedShareProvider->getShareById($id);
+        // don't allow to share a file back to the owner
+        try {
+            list($user, $remote) = $this->addressHandler->splitUserRemote($shareWith);
+            $owner = $share->getShareOwner();
+            $currentServer = $this->addressHandler->generateRemoteURL();
+            if ($this->addressHandler->compareAddresses($user, $remote, $owner, $currentServer)) {
+                throw new ProviderCouldNotAddShareException('Resharing back to the owner is not allowed: ' . $id);
+            }
+        } catch (\Exception $e) {
+            throw new ProviderCouldNotAddShareException($e->getMessage());
+        }
+
+        $this->verifyShare($share, $token);
+
+        // check if re-sharing is allowed
+        if ($share->getPermissions() & Constants::PERMISSION_SHARE) {
+            // the recipient of the initial share is now the initiator for the re-share
+            $share->setSharedBy($share->getSharedWith());
+            $share->setSharedWith($shareWith);
+            $result = $this->federatedShareProvider->create($share);
+            $this->federatedShareProvider->storeRemoteId((int)$result->getId(), $senderId);
+            return ['token' => $result->getToken(), 'providerId' => $result->getId()];
+        } else {
+            throw new ProviderCouldNotAddShareException('resharing not allowed for share: ' . $id);
+        }
+
+    }
+
+    /**
+     * update permission of a re-share so that the share dialog shows the right
+     * permission if the owner or the sender changes the permission
+     *
+     * @param string $id
+     * @param array $notification
+     * @return array
+     * @throws AuthenticationFailedException
+     * @throws BadRequestException
+     */
+    protected function updateResharePermissions($id, array $notification) {
+
+        if (!isset($notification['sharedSecret'])) {
+            throw new BadRequestException(['sharedSecret']);
+        }
+        $token = $notification['sharedSecret'];
+
+        if (!isset($notification['permission'])) {
+            throw new BadRequestException(['permission']);
+        }
+        $ocmPermissions = $notification['permission'];
+
+        $share = $this->federatedShareProvider->getShareById($id);
+
+        $ncPermission = $this->ocmPermissions2ncPermissions($ocmPermissions);
+
+        $this->verifyShare($share, $token);
+        $this->updatePermissionsInDatabase($share, $ncPermission);
+
+        return [];
+    }
+
+    /**
+     * translate OCM Permissions to Nextcloud permissions
+     *
+     * @param array $ocmPermissions
+     * @return int
+     * @throws BadRequestException
+     */
+    protected function ocmPermissions2ncPermissions(array $ocmPermissions) {
+        $ncPermissions = 0;
+        foreach($ocmPermissions as $permission) {
+            switch (strtolower($permission)) {
+                case 'read':
+                    $ncPermissions += Constants::PERMISSION_READ;
+                    break;
+                case 'write':
+                    $ncPermissions += Constants::PERMISSION_CREATE + Constants::PERMISSION_UPDATE;
+                    break;
+                case 'share':
+                    $ncPermissions += Constants::PERMISSION_SHARE;
+                    break;
+                default:
+                    throw new BadRequestException(['permission']);
+            }
+
+            error_log("new permissions: " . $ncPermissions);
+        }
+
+        return $ncPermissions;
+    }
+
+    /**
+     * update permissions in database
+     *
+     * @param IShare $share
+     * @param int $permissions
+     */
+    protected function updatePermissionsInDatabase(IShare $share, $permissions) {
+        $query = $this->connection->getQueryBuilder();
+        $query->update('share')
+            ->where($query->expr()->eq('id', $query->createNamedParameter($share->getId())))
+            ->set('permissions', $query->createNamedParameter($permissions))
+            ->execute();
+    }
+
+
+    /**
+     * get file
+     *
+     * @param string $user
+     * @param int $fileSource
+     * @return array with internal path of the file and a absolute link to it
+     */
+    private function getFile($user, $fileSource) {
+        \OC_Util::setupFS($user);
+
+        try {
+            $file = Filesystem::getPath($fileSource);
+        } catch (NotFoundException $e) {
+            $file = null;
+        }
+        $args = Filesystem::is_dir($file) ? array('dir' => $file) : array('dir' => dirname($file), 'scrollto' => $file);
+        $link = Util::linkToAbsolute('files', 'index.php', $args);
+
+        return [$file, $link];
+
+    }
+
+    /**
+     * check if we are the initiator or the owner of a re-share and return the correct UID
+     *
+     * @param IShare $share
+     * @return string
+     */
+    protected function getCorrectUid(IShare $share) {
+        if ($this->userManager->userExists($share->getShareOwner())) {
+            return $share->getShareOwner();
+        }
+
+        return $share->getSharedBy();
+    }
+
+
+
+    /**
+     * check if we got the right share
+     *
+     * @param IShare $share
+     * @param string $token
+     * @return bool
+     * @throws AuthenticationFailedException
+     */
+    protected function verifyShare(IShare $share, $token) {
+        if (
+            $share->getShareType() === FederatedShareProvider::SHARE_TYPE_REMOTE &&
+            $share->getToken() === $token
+        ) {
+            return true;
+        }
+
+        throw new AuthenticationFailedException();
+    }
+
+
+
+    /**
+     * check if server-to-server sharing is enabled
+     *
+     * @param bool $incoming
+     * @return bool
+     */
+    private function isS2SEnabled($incoming = false) {
+
+        $result = $this->appManager->isEnabledForUser('files_sharing');
+
+        if ($incoming) {
+            $result = $result && $this->federatedShareProvider->isIncomingServer2serverShareEnabled();
+        } else {
+            $result = $result && $this->federatedShareProvider->isOutgoingServer2serverShareEnabled();
+        }
+
+        return $result;
+    }
 
 
 }