nextcloud /
server
@@ -32,21 +32,21 @@ |
||
| 32 | 32 | use Sabre\CardDAV\Backend\BackendInterface; |
| 33 | 33 | |
| 34 | 34 | class SystemAddressbook extends AddressBook { |
| 35 | - /** @var IConfig */ |
|
| 36 | - private $config; |
|
| 37 | - |
|
| 38 | - public function __construct(BackendInterface $carddavBackend, array $addressBookInfo, IL10N $l10n, IConfig $config) { |
|
| 39 | - parent::__construct($carddavBackend, $addressBookInfo, $l10n); |
|
| 40 | - $this->config = $config; |
|
| 41 | - } |
|
| 42 | - |
|
| 43 | - public function getChildren() { |
|
| 44 | - $shareEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes'; |
|
| 45 | - $restrictShareEnumeration = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes'; |
|
| 46 | - if (!$shareEnumeration || ($shareEnumeration && $restrictShareEnumeration)) { |
|
| 47 | - return []; |
|
| 48 | - } |
|
| 49 | - |
|
| 50 | - return parent::getChildren(); |
|
| 51 | - } |
|
| 35 | + /** @var IConfig */ |
|
| 36 | + private $config; |
|
| 37 | + |
|
| 38 | + public function __construct(BackendInterface $carddavBackend, array $addressBookInfo, IL10N $l10n, IConfig $config) { |
|
| 39 | + parent::__construct($carddavBackend, $addressBookInfo, $l10n); |
|
| 40 | + $this->config = $config; |
|
| 41 | + } |
|
| 42 | + |
|
| 43 | + public function getChildren() { |
|
| 44 | + $shareEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes'; |
|
| 45 | + $restrictShareEnumeration = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes'; |
|
| 46 | + if (!$shareEnumeration || ($shareEnumeration && $restrictShareEnumeration)) { |
|
| 47 | + return []; |
|
| 48 | + } |
|
| 49 | + |
|
| 50 | + return parent::getChildren(); |
|
| 51 | + } |
|
| 52 | 52 | } |
@@ -39,228 +39,228 @@ |
||
| 39 | 39 | |
| 40 | 40 | class ContactsStore implements IContactsStore { |
| 41 | 41 | |
| 42 | - /** @var IManager */ |
|
| 43 | - private $contactsManager; |
|
| 44 | - |
|
| 45 | - /** @var IConfig */ |
|
| 46 | - private $config; |
|
| 47 | - |
|
| 48 | - /** @var IUserManager */ |
|
| 49 | - private $userManager; |
|
| 50 | - |
|
| 51 | - /** @var IGroupManager */ |
|
| 52 | - private $groupManager; |
|
| 53 | - |
|
| 54 | - /** |
|
| 55 | - * @param IManager $contactsManager |
|
| 56 | - * @param IConfig $config |
|
| 57 | - * @param IUserManager $userManager |
|
| 58 | - * @param IGroupManager $groupManager |
|
| 59 | - */ |
|
| 60 | - public function __construct(IManager $contactsManager, |
|
| 61 | - IConfig $config, |
|
| 62 | - IUserManager $userManager, |
|
| 63 | - IGroupManager $groupManager) { |
|
| 64 | - $this->contactsManager = $contactsManager; |
|
| 65 | - $this->config = $config; |
|
| 66 | - $this->userManager = $userManager; |
|
| 67 | - $this->groupManager = $groupManager; |
|
| 68 | - } |
|
| 69 | - |
|
| 70 | - /** |
|
| 71 | - * @param IUser $user |
|
| 72 | - * @param string|null $filter |
|
| 73 | - * @return IEntry[] |
|
| 74 | - */ |
|
| 75 | - public function getContacts(IUser $user, $filter) { |
|
| 76 | - $allContacts = $this->contactsManager->search($filter ?: '', [ |
|
| 77 | - 'FN', |
|
| 78 | - 'EMAIL' |
|
| 79 | - ]); |
|
| 80 | - |
|
| 81 | - $entries = array_map(function(array $contact) { |
|
| 82 | - return $this->contactArrayToEntry($contact); |
|
| 83 | - }, $allContacts); |
|
| 84 | - return $this->filterContacts( |
|
| 85 | - $user, |
|
| 86 | - $entries, |
|
| 87 | - $filter |
|
| 88 | - ); |
|
| 89 | - } |
|
| 90 | - |
|
| 91 | - /** |
|
| 92 | - * Filters the contacts. Applies 3 filters: |
|
| 93 | - * 1. filter the current user |
|
| 94 | - * 2. if the `shareapi_allow_share_dialog_user_enumeration` config option is |
|
| 95 | - * enabled it will filter all local users |
|
| 96 | - * 3. if the `shareapi_exclude_groups` config option is enabled and the |
|
| 97 | - * current user is in an excluded group it will filter all local users. |
|
| 98 | - * 4. if the `shareapi_only_share_with_group_members` config option is |
|
| 99 | - * enabled it will filter all users which doens't have a common group |
|
| 100 | - * with the current user. |
|
| 101 | - * |
|
| 102 | - * @param IUser $self |
|
| 103 | - * @param Entry[] $entries |
|
| 104 | - * @param string $filter |
|
| 105 | - * @return Entry[] the filtered contacts |
|
| 106 | - */ |
|
| 107 | - private function filterContacts(IUser $self, |
|
| 108 | - array $entries, |
|
| 109 | - $filter) { |
|
| 110 | - $disallowEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') !== 'yes'; |
|
| 111 | - $restrictEnumeration = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes'; |
|
| 112 | - $excludedGroups = $this->config->getAppValue('core', 'shareapi_exclude_groups', 'no') === 'yes'; |
|
| 113 | - |
|
| 114 | - // whether to filter out local users |
|
| 115 | - $skipLocal = false; |
|
| 116 | - // whether to filter out all users which doesn't have the same group as the current user |
|
| 117 | - $ownGroupsOnly = $this->config->getAppValue('core', 'shareapi_only_share_with_group_members', 'no') === 'yes' || $restrictEnumeration; |
|
| 118 | - |
|
| 119 | - $selfGroups = $this->groupManager->getUserGroupIds($self); |
|
| 120 | - |
|
| 121 | - if ($excludedGroups) { |
|
| 122 | - $excludedGroups = $this->config->getAppValue('core', 'shareapi_exclude_groups_list', ''); |
|
| 123 | - $decodedExcludeGroups = json_decode($excludedGroups, true); |
|
| 124 | - $excludeGroupsList = ($decodedExcludeGroups !== null) ? $decodedExcludeGroups : []; |
|
| 125 | - |
|
| 126 | - if (count(array_intersect($excludeGroupsList, $selfGroups)) !== 0) { |
|
| 127 | - // a group of the current user is excluded -> filter all local users |
|
| 128 | - $skipLocal = true; |
|
| 129 | - } |
|
| 130 | - } |
|
| 131 | - |
|
| 132 | - $selfUID = $self->getUID(); |
|
| 133 | - |
|
| 134 | - return array_values(array_filter($entries, function(IEntry $entry) use ($self, $skipLocal, $ownGroupsOnly, $selfGroups, $selfUID, $disallowEnumeration, $filter) { |
|
| 135 | - if ($skipLocal && $entry->getProperty('isLocalSystemBook') === true) { |
|
| 136 | - return false; |
|
| 137 | - } |
|
| 138 | - |
|
| 139 | - // Prevent enumerating local users |
|
| 140 | - if($disallowEnumeration && $entry->getProperty('isLocalSystemBook')) { |
|
| 141 | - $filterUser = true; |
|
| 142 | - |
|
| 143 | - $mailAddresses = $entry->getEMailAddresses(); |
|
| 144 | - foreach($mailAddresses as $mailAddress) { |
|
| 145 | - if($mailAddress === $filter) { |
|
| 146 | - $filterUser = false; |
|
| 147 | - break; |
|
| 148 | - } |
|
| 149 | - } |
|
| 150 | - |
|
| 151 | - if($entry->getProperty('UID') && $entry->getProperty('UID') === $filter) { |
|
| 152 | - $filterUser = false; |
|
| 153 | - } |
|
| 154 | - |
|
| 155 | - if($filterUser) { |
|
| 156 | - return false; |
|
| 157 | - } |
|
| 158 | - } |
|
| 159 | - |
|
| 160 | - if ($ownGroupsOnly && $entry->getProperty('isLocalSystemBook') === true) { |
|
| 161 | - $uid = $this->userManager->get($entry->getProperty('UID')); |
|
| 162 | - |
|
| 163 | - if ($uid === null) { |
|
| 164 | - return false; |
|
| 165 | - } |
|
| 166 | - |
|
| 167 | - $contactGroups = $this->groupManager->getUserGroupIds($uid); |
|
| 168 | - if (count(array_intersect($contactGroups, $selfGroups)) === 0) { |
|
| 169 | - // no groups in common, so shouldn't see the contact |
|
| 170 | - return false; |
|
| 171 | - } |
|
| 172 | - } |
|
| 173 | - |
|
| 174 | - return $entry->getProperty('UID') !== $selfUID; |
|
| 175 | - })); |
|
| 176 | - } |
|
| 177 | - |
|
| 178 | - /** |
|
| 179 | - * @param IUser $user |
|
| 180 | - * @param integer $shareType |
|
| 181 | - * @param string $shareWith |
|
| 182 | - * @return IEntry|null |
|
| 183 | - */ |
|
| 184 | - public function findOne(IUser $user, $shareType, $shareWith) { |
|
| 185 | - switch($shareType) { |
|
| 186 | - case 0: |
|
| 187 | - case 6: |
|
| 188 | - $filter = ['UID']; |
|
| 189 | - break; |
|
| 190 | - case 4: |
|
| 191 | - $filter = ['EMAIL']; |
|
| 192 | - break; |
|
| 193 | - default: |
|
| 194 | - return null; |
|
| 195 | - } |
|
| 196 | - |
|
| 197 | - $userId = $user->getUID(); |
|
| 198 | - $allContacts = $this->contactsManager->search($shareWith, $filter); |
|
| 199 | - $contacts = array_filter($allContacts, function($contact) use ($userId) { |
|
| 200 | - return $contact['UID'] !== $userId; |
|
| 201 | - }); |
|
| 202 | - $match = null; |
|
| 203 | - |
|
| 204 | - foreach ($contacts as $contact) { |
|
| 205 | - if ($shareType === 4 && isset($contact['EMAIL'])) { |
|
| 206 | - if (in_array($shareWith, $contact['EMAIL'])) { |
|
| 207 | - $match = $contact; |
|
| 208 | - break; |
|
| 209 | - } |
|
| 210 | - } |
|
| 211 | - if ($shareType === 0 || $shareType === 6) { |
|
| 212 | - $isLocal = $contact['isLocalSystemBook'] ?? false; |
|
| 213 | - if ($contact['UID'] === $shareWith && $isLocal === true) { |
|
| 214 | - $match = $contact; |
|
| 215 | - break; |
|
| 216 | - } |
|
| 217 | - } |
|
| 218 | - } |
|
| 219 | - |
|
| 220 | - if ($match) { |
|
| 221 | - $match = $this->filterContacts($user, [$this->contactArrayToEntry($match)], $shareWith); |
|
| 222 | - if (count($match) === 1) { |
|
| 223 | - $match = $match[0]; |
|
| 224 | - } else { |
|
| 225 | - $match = null; |
|
| 226 | - } |
|
| 227 | - |
|
| 228 | - } |
|
| 229 | - |
|
| 230 | - return $match; |
|
| 231 | - } |
|
| 232 | - |
|
| 233 | - /** |
|
| 234 | - * @param array $contact |
|
| 235 | - * @return Entry |
|
| 236 | - */ |
|
| 237 | - private function contactArrayToEntry(array $contact) { |
|
| 238 | - $entry = new Entry(); |
|
| 239 | - |
|
| 240 | - if (isset($contact['id'])) { |
|
| 241 | - $entry->setId($contact['id']); |
|
| 242 | - } |
|
| 243 | - |
|
| 244 | - if (isset($contact['FN'])) { |
|
| 245 | - $entry->setFullName($contact['FN']); |
|
| 246 | - } |
|
| 247 | - |
|
| 248 | - $avatarPrefix = "VALUE=uri:"; |
|
| 249 | - if (isset($contact['PHOTO']) && strpos($contact['PHOTO'], $avatarPrefix) === 0) { |
|
| 250 | - $entry->setAvatar(substr($contact['PHOTO'], strlen($avatarPrefix))); |
|
| 251 | - } |
|
| 252 | - |
|
| 253 | - if (isset($contact['EMAIL'])) { |
|
| 254 | - foreach ($contact['EMAIL'] as $email) { |
|
| 255 | - $entry->addEMailAddress($email); |
|
| 256 | - } |
|
| 257 | - } |
|
| 258 | - |
|
| 259 | - // Attach all other properties to the entry too because some |
|
| 260 | - // providers might make use of it. |
|
| 261 | - $entry->setProperties($contact); |
|
| 262 | - |
|
| 263 | - return $entry; |
|
| 264 | - } |
|
| 42 | + /** @var IManager */ |
|
| 43 | + private $contactsManager; |
|
| 44 | + |
|
| 45 | + /** @var IConfig */ |
|
| 46 | + private $config; |
|
| 47 | + |
|
| 48 | + /** @var IUserManager */ |
|
| 49 | + private $userManager; |
|
| 50 | + |
|
| 51 | + /** @var IGroupManager */ |
|
| 52 | + private $groupManager; |
|
| 53 | + |
|
| 54 | + /** |
|
| 55 | + * @param IManager $contactsManager |
|
| 56 | + * @param IConfig $config |
|
| 57 | + * @param IUserManager $userManager |
|
| 58 | + * @param IGroupManager $groupManager |
|
| 59 | + */ |
|
| 60 | + public function __construct(IManager $contactsManager, |
|
| 61 | + IConfig $config, |
|
| 62 | + IUserManager $userManager, |
|
| 63 | + IGroupManager $groupManager) { |
|
| 64 | + $this->contactsManager = $contactsManager; |
|
| 65 | + $this->config = $config; |
|
| 66 | + $this->userManager = $userManager; |
|
| 67 | + $this->groupManager = $groupManager; |
|
| 68 | + } |
|
| 69 | + |
|
| 70 | + /** |
|
| 71 | + * @param IUser $user |
|
| 72 | + * @param string|null $filter |
|
| 73 | + * @return IEntry[] |
|
| 74 | + */ |
|
| 75 | + public function getContacts(IUser $user, $filter) { |
|
| 76 | + $allContacts = $this->contactsManager->search($filter ?: '', [ |
|
| 77 | + 'FN', |
|
| 78 | + 'EMAIL' |
|
| 79 | + ]); |
|
| 80 | + |
|
| 81 | + $entries = array_map(function(array $contact) { |
|
| 82 | + return $this->contactArrayToEntry($contact); |
|
| 83 | + }, $allContacts); |
|
| 84 | + return $this->filterContacts( |
|
| 85 | + $user, |
|
| 86 | + $entries, |
|
| 87 | + $filter |
|
| 88 | + ); |
|
| 89 | + } |
|
| 90 | + |
|
| 91 | + /** |
|
| 92 | + * Filters the contacts. Applies 3 filters: |
|
| 93 | + * 1. filter the current user |
|
| 94 | + * 2. if the `shareapi_allow_share_dialog_user_enumeration` config option is |
|
| 95 | + * enabled it will filter all local users |
|
| 96 | + * 3. if the `shareapi_exclude_groups` config option is enabled and the |
|
| 97 | + * current user is in an excluded group it will filter all local users. |
|
| 98 | + * 4. if the `shareapi_only_share_with_group_members` config option is |
|
| 99 | + * enabled it will filter all users which doens't have a common group |
|
| 100 | + * with the current user. |
|
| 101 | + * |
|
| 102 | + * @param IUser $self |
|
| 103 | + * @param Entry[] $entries |
|
| 104 | + * @param string $filter |
|
| 105 | + * @return Entry[] the filtered contacts |
|
| 106 | + */ |
|
| 107 | + private function filterContacts(IUser $self, |
|
| 108 | + array $entries, |
|
| 109 | + $filter) { |
|
| 110 | + $disallowEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') !== 'yes'; |
|
| 111 | + $restrictEnumeration = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes'; |
|
| 112 | + $excludedGroups = $this->config->getAppValue('core', 'shareapi_exclude_groups', 'no') === 'yes'; |
|
| 113 | + |
|
| 114 | + // whether to filter out local users |
|
| 115 | + $skipLocal = false; |
|
| 116 | + // whether to filter out all users which doesn't have the same group as the current user |
|
| 117 | + $ownGroupsOnly = $this->config->getAppValue('core', 'shareapi_only_share_with_group_members', 'no') === 'yes' || $restrictEnumeration; |
|
| 118 | + |
|
| 119 | + $selfGroups = $this->groupManager->getUserGroupIds($self); |
|
| 120 | + |
|
| 121 | + if ($excludedGroups) { |
|
| 122 | + $excludedGroups = $this->config->getAppValue('core', 'shareapi_exclude_groups_list', ''); |
|
| 123 | + $decodedExcludeGroups = json_decode($excludedGroups, true); |
|
| 124 | + $excludeGroupsList = ($decodedExcludeGroups !== null) ? $decodedExcludeGroups : []; |
|
| 125 | + |
|
| 126 | + if (count(array_intersect($excludeGroupsList, $selfGroups)) !== 0) { |
|
| 127 | + // a group of the current user is excluded -> filter all local users |
|
| 128 | + $skipLocal = true; |
|
| 129 | + } |
|
| 130 | + } |
|
| 131 | + |
|
| 132 | + $selfUID = $self->getUID(); |
|
| 133 | + |
|
| 134 | + return array_values(array_filter($entries, function(IEntry $entry) use ($self, $skipLocal, $ownGroupsOnly, $selfGroups, $selfUID, $disallowEnumeration, $filter) { |
|
| 135 | + if ($skipLocal && $entry->getProperty('isLocalSystemBook') === true) { |
|
| 136 | + return false; |
|
| 137 | + } |
|
| 138 | + |
|
| 139 | + // Prevent enumerating local users |
|
| 140 | + if($disallowEnumeration && $entry->getProperty('isLocalSystemBook')) { |
|
| 141 | + $filterUser = true; |
|
| 142 | + |
|
| 143 | + $mailAddresses = $entry->getEMailAddresses(); |
|
| 144 | + foreach($mailAddresses as $mailAddress) { |
|
| 145 | + if($mailAddress === $filter) { |
|
| 146 | + $filterUser = false; |
|
| 147 | + break; |
|
| 148 | + } |
|
| 149 | + } |
|
| 150 | + |
|
| 151 | + if($entry->getProperty('UID') && $entry->getProperty('UID') === $filter) { |
|
| 152 | + $filterUser = false; |
|
| 153 | + } |
|
| 154 | + |
|
| 155 | + if($filterUser) { |
|
| 156 | + return false; |
|
| 157 | + } |
|
| 158 | + } |
|
| 159 | + |
|
| 160 | + if ($ownGroupsOnly && $entry->getProperty('isLocalSystemBook') === true) { |
|
| 161 | + $uid = $this->userManager->get($entry->getProperty('UID')); |
|
| 162 | + |
|
| 163 | + if ($uid === null) { |
|
| 164 | + return false; |
|
| 165 | + } |
|
| 166 | + |
|
| 167 | + $contactGroups = $this->groupManager->getUserGroupIds($uid); |
|
| 168 | + if (count(array_intersect($contactGroups, $selfGroups)) === 0) { |
|
| 169 | + // no groups in common, so shouldn't see the contact |
|
| 170 | + return false; |
|
| 171 | + } |
|
| 172 | + } |
|
| 173 | + |
|
| 174 | + return $entry->getProperty('UID') !== $selfUID; |
|
| 175 | + })); |
|
| 176 | + } |
|
| 177 | + |
|
| 178 | + /** |
|
| 179 | + * @param IUser $user |
|
| 180 | + * @param integer $shareType |
|
| 181 | + * @param string $shareWith |
|
| 182 | + * @return IEntry|null |
|
| 183 | + */ |
|
| 184 | + public function findOne(IUser $user, $shareType, $shareWith) { |
|
| 185 | + switch($shareType) { |
|
| 186 | + case 0: |
|
| 187 | + case 6: |
|
| 188 | + $filter = ['UID']; |
|
| 189 | + break; |
|
| 190 | + case 4: |
|
| 191 | + $filter = ['EMAIL']; |
|
| 192 | + break; |
|
| 193 | + default: |
|
| 194 | + return null; |
|
| 195 | + } |
|
| 196 | + |
|
| 197 | + $userId = $user->getUID(); |
|
| 198 | + $allContacts = $this->contactsManager->search($shareWith, $filter); |
|
| 199 | + $contacts = array_filter($allContacts, function($contact) use ($userId) { |
|
| 200 | + return $contact['UID'] !== $userId; |
|
| 201 | + }); |
|
| 202 | + $match = null; |
|
| 203 | + |
|
| 204 | + foreach ($contacts as $contact) { |
|
| 205 | + if ($shareType === 4 && isset($contact['EMAIL'])) { |
|
| 206 | + if (in_array($shareWith, $contact['EMAIL'])) { |
|
| 207 | + $match = $contact; |
|
| 208 | + break; |
|
| 209 | + } |
|
| 210 | + } |
|
| 211 | + if ($shareType === 0 || $shareType === 6) { |
|
| 212 | + $isLocal = $contact['isLocalSystemBook'] ?? false; |
|
| 213 | + if ($contact['UID'] === $shareWith && $isLocal === true) { |
|
| 214 | + $match = $contact; |
|
| 215 | + break; |
|
| 216 | + } |
|
| 217 | + } |
|
| 218 | + } |
|
| 219 | + |
|
| 220 | + if ($match) { |
|
| 221 | + $match = $this->filterContacts($user, [$this->contactArrayToEntry($match)], $shareWith); |
|
| 222 | + if (count($match) === 1) { |
|
| 223 | + $match = $match[0]; |
|
| 224 | + } else { |
|
| 225 | + $match = null; |
|
| 226 | + } |
|
| 227 | + |
|
| 228 | + } |
|
| 229 | + |
|
| 230 | + return $match; |
|
| 231 | + } |
|
| 232 | + |
|
| 233 | + /** |
|
| 234 | + * @param array $contact |
|
| 235 | + * @return Entry |
|
| 236 | + */ |
|
| 237 | + private function contactArrayToEntry(array $contact) { |
|
| 238 | + $entry = new Entry(); |
|
| 239 | + |
|
| 240 | + if (isset($contact['id'])) { |
|
| 241 | + $entry->setId($contact['id']); |
|
| 242 | + } |
|
| 243 | + |
|
| 244 | + if (isset($contact['FN'])) { |
|
| 245 | + $entry->setFullName($contact['FN']); |
|
| 246 | + } |
|
| 247 | + |
|
| 248 | + $avatarPrefix = "VALUE=uri:"; |
|
| 249 | + if (isset($contact['PHOTO']) && strpos($contact['PHOTO'], $avatarPrefix) === 0) { |
|
| 250 | + $entry->setAvatar(substr($contact['PHOTO'], strlen($avatarPrefix))); |
|
| 251 | + } |
|
| 252 | + |
|
| 253 | + if (isset($contact['EMAIL'])) { |
|
| 254 | + foreach ($contact['EMAIL'] as $email) { |
|
| 255 | + $entry->addEMailAddress($email); |
|
| 256 | + } |
|
| 257 | + } |
|
| 258 | + |
|
| 259 | + // Attach all other properties to the entry too because some |
|
| 260 | + // providers might make use of it. |
|
| 261 | + $entry->setProperties($contact); |
|
| 262 | + |
|
| 263 | + return $entry; |
|
| 264 | + } |
|
| 265 | 265 | |
| 266 | 266 | } |
