nextcloud /
server
@@ -27,45 +27,45 @@ |
||
| 27 | 27 | |
| 28 | 28 | class Config { |
| 29 | 29 | |
| 30 | - /** @var IConfig */ |
|
| 31 | - private $config; |
|
| 30 | + /** @var IConfig */ |
|
| 31 | + private $config; |
|
| 32 | 32 | |
| 33 | - /** @var IRequest */ |
|
| 34 | - private $request; |
|
| 33 | + /** @var IRequest */ |
|
| 34 | + private $request; |
|
| 35 | 35 | |
| 36 | - /** |
|
| 37 | - * @param IConfig $config |
|
| 38 | - * @param IRequest $request |
|
| 39 | - */ |
|
| 40 | - public function __construct(IConfig $config, IRequest $request) { |
|
| 41 | - $this->config = $config; |
|
| 42 | - $this->request = $request; |
|
| 43 | - } |
|
| 36 | + /** |
|
| 37 | + * @param IConfig $config |
|
| 38 | + * @param IRequest $request |
|
| 39 | + */ |
|
| 40 | + public function __construct(IConfig $config, IRequest $request) { |
|
| 41 | + $this->config = $config; |
|
| 42 | + $this->request = $request; |
|
| 43 | + } |
|
| 44 | 44 | |
| 45 | - /** |
|
| 46 | - * @param array $parameters |
|
| 47 | - * @return \OC_OCS_Result |
|
| 48 | - */ |
|
| 49 | - public function setAppValue($parameters) { |
|
| 50 | - $app = $parameters['appid']; |
|
| 51 | - $configKey = $parameters['configkey']; |
|
| 45 | + /** |
|
| 46 | + * @param array $parameters |
|
| 47 | + * @return \OC_OCS_Result |
|
| 48 | + */ |
|
| 49 | + public function setAppValue($parameters) { |
|
| 50 | + $app = $parameters['appid']; |
|
| 51 | + $configKey = $parameters['configkey']; |
|
| 52 | 52 | |
| 53 | - $value = $this->request->getParam('value'); |
|
| 54 | - $this->config->setAppValue($app, $configKey, $value); |
|
| 53 | + $value = $this->request->getParam('value'); |
|
| 54 | + $this->config->setAppValue($app, $configKey, $value); |
|
| 55 | 55 | |
| 56 | - return new \OC_OCS_Result(); |
|
| 57 | - } |
|
| 56 | + return new \OC_OCS_Result(); |
|
| 57 | + } |
|
| 58 | 58 | |
| 59 | - /** |
|
| 60 | - * @param array $parameters |
|
| 61 | - * @return \OC_OCS_Result |
|
| 62 | - */ |
|
| 63 | - public function deleteAppValue($parameters) { |
|
| 64 | - $app = $parameters['appid']; |
|
| 65 | - $configKey = $parameters['configkey']; |
|
| 59 | + /** |
|
| 60 | + * @param array $parameters |
|
| 61 | + * @return \OC_OCS_Result |
|
| 62 | + */ |
|
| 63 | + public function deleteAppValue($parameters) { |
|
| 64 | + $app = $parameters['appid']; |
|
| 65 | + $configKey = $parameters['configkey']; |
|
| 66 | 66 | |
| 67 | - $this->config->deleteAppValue($app, $configKey); |
|
| 67 | + $this->config->deleteAppValue($app, $configKey); |
|
| 68 | 68 | |
| 69 | - return new \OC_OCS_Result(); |
|
| 70 | - } |
|
| 69 | + return new \OC_OCS_Result(); |
|
| 70 | + } |
|
| 71 | 71 | } |
@@ -25,18 +25,18 @@ |
||
| 25 | 25 | use OCA\Testing\AlternativeHomeUserBackend; |
| 26 | 26 | |
| 27 | 27 | class Application extends App { |
| 28 | - public function __construct (array $urlParams = array()) { |
|
| 29 | - $appName = 'testing'; |
|
| 30 | - parent::__construct($appName, $urlParams); |
|
| 28 | + public function __construct (array $urlParams = array()) { |
|
| 29 | + $appName = 'testing'; |
|
| 30 | + parent::__construct($appName, $urlParams); |
|
| 31 | 31 | |
| 32 | - $c = $this->getContainer(); |
|
| 33 | - $config = $c->getServer()->getConfig(); |
|
| 34 | - if ($config->getAppValue($appName, 'enable_alt_user_backend', 'no') === 'yes') { |
|
| 35 | - $userManager = $c->getServer()->getUserManager(); |
|
| 32 | + $c = $this->getContainer(); |
|
| 33 | + $config = $c->getServer()->getConfig(); |
|
| 34 | + if ($config->getAppValue($appName, 'enable_alt_user_backend', 'no') === 'yes') { |
|
| 35 | + $userManager = $c->getServer()->getUserManager(); |
|
| 36 | 36 | |
| 37 | - // replace all user backends with this one |
|
| 38 | - $userManager->clearBackends(); |
|
| 39 | - $userManager->registerBackend($c->query(AlternativeHomeUserBackend::class)); |
|
| 40 | - } |
|
| 41 | - } |
|
| 37 | + // replace all user backends with this one |
|
| 38 | + $userManager->clearBackends(); |
|
| 39 | + $userManager->registerBackend($c->query(AlternativeHomeUserBackend::class)); |
|
| 40 | + } |
|
| 41 | + } |
|
| 42 | 42 | } |
@@ -25,7 +25,7 @@ |
||
| 25 | 25 | use OCA\Testing\AlternativeHomeUserBackend; |
| 26 | 26 | |
| 27 | 27 | class Application extends App { |
| 28 | - public function __construct (array $urlParams = array()) { |
|
| 28 | + public function __construct(array $urlParams = array()) { |
|
| 29 | 29 | $appName = 'testing'; |
| 30 | 30 | parent::__construct($appName, $urlParams); |
| 31 | 31 | |
@@ -34,23 +34,23 @@ |
||
| 34 | 34 | * ] |
| 35 | 35 | */ |
| 36 | 36 | class AlternativeHomeUserBackend extends \OC\User\Database { |
| 37 | - public function __construct() { |
|
| 38 | - parent::__construct(); |
|
| 39 | - } |
|
| 40 | - /** |
|
| 41 | - * get the user's home directory |
|
| 42 | - * @param string $uid the username |
|
| 43 | - * @return string|false |
|
| 44 | - */ |
|
| 45 | - public function getHome($uid) { |
|
| 46 | - if ($this->userExists($uid)) { |
|
| 47 | - // workaround to avoid killing the admin |
|
| 48 | - if ($uid !== 'admin') { |
|
| 49 | - $uid = md5($uid); |
|
| 50 | - } |
|
| 51 | - return \OC::$server->getConfig()->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/' . $uid; |
|
| 52 | - } |
|
| 37 | + public function __construct() { |
|
| 38 | + parent::__construct(); |
|
| 39 | + } |
|
| 40 | + /** |
|
| 41 | + * get the user's home directory |
|
| 42 | + * @param string $uid the username |
|
| 43 | + * @return string|false |
|
| 44 | + */ |
|
| 45 | + public function getHome($uid) { |
|
| 46 | + if ($this->userExists($uid)) { |
|
| 47 | + // workaround to avoid killing the admin |
|
| 48 | + if ($uid !== 'admin') { |
|
| 49 | + $uid = md5($uid); |
|
| 50 | + } |
|
| 51 | + return \OC::$server->getConfig()->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/' . $uid; |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | - return false; |
|
| 55 | - } |
|
| 54 | + return false; |
|
| 55 | + } |
|
| 56 | 56 | } |
@@ -48,7 +48,7 @@ |
||
| 48 | 48 | if ($uid !== 'admin') { |
| 49 | 49 | $uid = md5($uid); |
| 50 | 50 | } |
| 51 | - return \OC::$server->getConfig()->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/' . $uid; |
|
| 51 | + return \OC::$server->getConfig()->getSystemValue('datadirectory', \OC::$SERVERROOT.'/data').'/'.$uid; |
|
| 52 | 52 | } |
| 53 | 53 | |
| 54 | 54 | return false; |
@@ -34,197 +34,197 @@ |
||
| 34 | 34 | use OCP\Notification\INotifier; |
| 35 | 35 | |
| 36 | 36 | class Notifier implements INotifier { |
| 37 | - /** @var IFactory */ |
|
| 38 | - protected $factory; |
|
| 39 | - /** @var IManager */ |
|
| 40 | - protected $contactsManager; |
|
| 41 | - /** @var IURLGenerator */ |
|
| 42 | - protected $url; |
|
| 43 | - /** @var array */ |
|
| 44 | - protected $federatedContacts; |
|
| 45 | - /** @var ICloudIdManager */ |
|
| 46 | - protected $cloudIdManager; |
|
| 47 | - |
|
| 48 | - /** |
|
| 49 | - * @param IFactory $factory |
|
| 50 | - * @param IManager $contactsManager |
|
| 51 | - * @param IURLGenerator $url |
|
| 52 | - * @param ICloudIdManager $cloudIdManager |
|
| 53 | - */ |
|
| 54 | - public function __construct(IFactory $factory, IManager $contactsManager, IURLGenerator $url, ICloudIdManager $cloudIdManager) { |
|
| 55 | - $this->factory = $factory; |
|
| 56 | - $this->contactsManager = $contactsManager; |
|
| 57 | - $this->url = $url; |
|
| 58 | - $this->cloudIdManager = $cloudIdManager; |
|
| 59 | - } |
|
| 60 | - |
|
| 61 | - /** |
|
| 62 | - * @param INotification $notification |
|
| 63 | - * @param string $languageCode The code of the language that should be used to prepare the notification |
|
| 64 | - * @return INotification |
|
| 65 | - * @throws \InvalidArgumentException |
|
| 66 | - */ |
|
| 67 | - public function prepare(INotification $notification, $languageCode) { |
|
| 68 | - if ($notification->getApp() !== 'files_sharing') { |
|
| 69 | - // Not my app => throw |
|
| 70 | - throw new \InvalidArgumentException(); |
|
| 71 | - } |
|
| 72 | - |
|
| 73 | - // Read the language from the notification |
|
| 74 | - $l = $this->factory->get('files_sharing', $languageCode); |
|
| 75 | - |
|
| 76 | - switch ($notification->getSubject()) { |
|
| 77 | - // Deal with known subjects |
|
| 78 | - case 'remote_share': |
|
| 79 | - $notification->setIcon($this->url->getAbsoluteURL($this->url->imagePath('core', 'actions/share.svg'))); |
|
| 80 | - |
|
| 81 | - $params = $notification->getSubjectParameters(); |
|
| 82 | - if ($params[0] !== $params[1] && $params[1] !== null) { |
|
| 83 | - $notification->setParsedSubject( |
|
| 84 | - $l->t('You received "%3$s" as a remote share from %1$s (on behalf of %2$s)', $params) |
|
| 85 | - ); |
|
| 86 | - $notification->setRichSubject( |
|
| 87 | - $l->t('You received {share} as a remote share from {user} (on behalf of {behalf})'), |
|
| 88 | - [ |
|
| 89 | - 'share' => [ |
|
| 90 | - 'type' => 'pending-federated-share', |
|
| 91 | - 'id' => $notification->getObjectId(), |
|
| 92 | - 'name' => $params[2], |
|
| 93 | - ], |
|
| 94 | - 'user' => $this->createRemoteUser($params[0]), |
|
| 95 | - 'behalf' => $this->createRemoteUser($params[1]), |
|
| 96 | - ] |
|
| 97 | - ); |
|
| 98 | - } else { |
|
| 99 | - $notification->setParsedSubject( |
|
| 100 | - $l->t('You received "%3$s" as a remote share from %1$s', $params) |
|
| 101 | - ); |
|
| 102 | - $notification->setRichSubject( |
|
| 103 | - $l->t('You received {share} as a remote share from {user}'), |
|
| 104 | - [ |
|
| 105 | - 'share' => [ |
|
| 106 | - 'type' => 'pending-federated-share', |
|
| 107 | - 'id' => $notification->getObjectId(), |
|
| 108 | - 'name' => $params[2], |
|
| 109 | - ], |
|
| 110 | - 'user' => $this->createRemoteUser($params[0]), |
|
| 111 | - ] |
|
| 112 | - ); |
|
| 113 | - } |
|
| 114 | - |
|
| 115 | - // Deal with the actions for a known subject |
|
| 116 | - foreach ($notification->getActions() as $action) { |
|
| 117 | - switch ($action->getLabel()) { |
|
| 118 | - case 'accept': |
|
| 119 | - $action->setParsedLabel( |
|
| 120 | - (string) $l->t('Accept') |
|
| 121 | - ) |
|
| 122 | - ->setPrimary(true); |
|
| 123 | - break; |
|
| 124 | - |
|
| 125 | - case 'decline': |
|
| 126 | - $action->setParsedLabel( |
|
| 127 | - (string) $l->t('Decline') |
|
| 128 | - ); |
|
| 129 | - break; |
|
| 130 | - } |
|
| 131 | - |
|
| 132 | - $notification->addParsedAction($action); |
|
| 133 | - } |
|
| 134 | - return $notification; |
|
| 135 | - |
|
| 136 | - default: |
|
| 137 | - // Unknown subject => Unknown notification => throw |
|
| 138 | - throw new \InvalidArgumentException(); |
|
| 139 | - } |
|
| 140 | - } |
|
| 141 | - |
|
| 142 | - /** |
|
| 143 | - * @param string $cloudId |
|
| 144 | - * @return array |
|
| 145 | - */ |
|
| 146 | - protected function createRemoteUser($cloudId) { |
|
| 147 | - $displayName = $cloudId; |
|
| 148 | - try { |
|
| 149 | - $resolvedId = $this->cloudIdManager->resolveCloudId($cloudId); |
|
| 150 | - $displayName = $this->getDisplayName($resolvedId); |
|
| 151 | - $user = $resolvedId->getUser(); |
|
| 152 | - $server = $resolvedId->getRemote(); |
|
| 153 | - } catch (HintException $e) { |
|
| 154 | - $user = $cloudId; |
|
| 155 | - $server = ''; |
|
| 156 | - } |
|
| 157 | - |
|
| 158 | - return [ |
|
| 159 | - 'type' => 'user', |
|
| 160 | - 'id' => $user, |
|
| 161 | - 'name' => $displayName, |
|
| 162 | - 'server' => $server, |
|
| 163 | - ]; |
|
| 164 | - } |
|
| 165 | - |
|
| 166 | - /** |
|
| 167 | - * Try to find the user in the contacts |
|
| 168 | - * |
|
| 169 | - * @param ICloudId $cloudId |
|
| 170 | - * @return string |
|
| 171 | - */ |
|
| 172 | - protected function getDisplayName(ICloudId $cloudId) { |
|
| 173 | - $server = $cloudId->getRemote(); |
|
| 174 | - $user = $cloudId->getUser(); |
|
| 175 | - if (strpos($server, 'http://') === 0) { |
|
| 176 | - $server = substr($server, strlen('http://')); |
|
| 177 | - } else if (strpos($server, 'https://') === 0) { |
|
| 178 | - $server = substr($server, strlen('https://')); |
|
| 179 | - } |
|
| 180 | - |
|
| 181 | - try { |
|
| 182 | - return $this->getDisplayNameFromContact($cloudId->getId()); |
|
| 183 | - } catch (\OutOfBoundsException $e) { |
|
| 184 | - } |
|
| 185 | - |
|
| 186 | - try { |
|
| 187 | - $this->getDisplayNameFromContact($user . '@http://' . $server); |
|
| 188 | - } catch (\OutOfBoundsException $e) { |
|
| 189 | - } |
|
| 190 | - |
|
| 191 | - try { |
|
| 192 | - $this->getDisplayNameFromContact($user . '@https://' . $server); |
|
| 193 | - } catch (\OutOfBoundsException $e) { |
|
| 194 | - } |
|
| 195 | - |
|
| 196 | - return $cloudId->getId(); |
|
| 197 | - } |
|
| 198 | - |
|
| 199 | - /** |
|
| 200 | - * Try to find the user in the contacts |
|
| 201 | - * |
|
| 202 | - * @param string $federatedCloudId |
|
| 203 | - * @return string |
|
| 204 | - * @throws \OutOfBoundsException when there is no contact for the id |
|
| 205 | - */ |
|
| 206 | - protected function getDisplayNameFromContact($federatedCloudId) { |
|
| 207 | - if (isset($this->federatedContacts[$federatedCloudId])) { |
|
| 208 | - if ($this->federatedContacts[$federatedCloudId] !== '') { |
|
| 209 | - return $this->federatedContacts[$federatedCloudId]; |
|
| 210 | - } else { |
|
| 211 | - throw new \OutOfBoundsException('No contact found for federated cloud id'); |
|
| 212 | - } |
|
| 213 | - } |
|
| 214 | - |
|
| 215 | - $addressBookEntries = $this->contactsManager->search($federatedCloudId, ['CLOUD']); |
|
| 216 | - foreach ($addressBookEntries as $entry) { |
|
| 217 | - if (isset($entry['CLOUD'])) { |
|
| 218 | - foreach ($entry['CLOUD'] as $cloudID) { |
|
| 219 | - if ($cloudID === $federatedCloudId) { |
|
| 220 | - $this->federatedContacts[$federatedCloudId] = $entry['FN']; |
|
| 221 | - return $entry['FN']; |
|
| 222 | - } |
|
| 223 | - } |
|
| 224 | - } |
|
| 225 | - } |
|
| 226 | - |
|
| 227 | - $this->federatedContacts[$federatedCloudId] = ''; |
|
| 228 | - throw new \OutOfBoundsException('No contact found for federated cloud id'); |
|
| 229 | - } |
|
| 37 | + /** @var IFactory */ |
|
| 38 | + protected $factory; |
|
| 39 | + /** @var IManager */ |
|
| 40 | + protected $contactsManager; |
|
| 41 | + /** @var IURLGenerator */ |
|
| 42 | + protected $url; |
|
| 43 | + /** @var array */ |
|
| 44 | + protected $federatedContacts; |
|
| 45 | + /** @var ICloudIdManager */ |
|
| 46 | + protected $cloudIdManager; |
|
| 47 | + |
|
| 48 | + /** |
|
| 49 | + * @param IFactory $factory |
|
| 50 | + * @param IManager $contactsManager |
|
| 51 | + * @param IURLGenerator $url |
|
| 52 | + * @param ICloudIdManager $cloudIdManager |
|
| 53 | + */ |
|
| 54 | + public function __construct(IFactory $factory, IManager $contactsManager, IURLGenerator $url, ICloudIdManager $cloudIdManager) { |
|
| 55 | + $this->factory = $factory; |
|
| 56 | + $this->contactsManager = $contactsManager; |
|
| 57 | + $this->url = $url; |
|
| 58 | + $this->cloudIdManager = $cloudIdManager; |
|
| 59 | + } |
|
| 60 | + |
|
| 61 | + /** |
|
| 62 | + * @param INotification $notification |
|
| 63 | + * @param string $languageCode The code of the language that should be used to prepare the notification |
|
| 64 | + * @return INotification |
|
| 65 | + * @throws \InvalidArgumentException |
|
| 66 | + */ |
|
| 67 | + public function prepare(INotification $notification, $languageCode) { |
|
| 68 | + if ($notification->getApp() !== 'files_sharing') { |
|
| 69 | + // Not my app => throw |
|
| 70 | + throw new \InvalidArgumentException(); |
|
| 71 | + } |
|
| 72 | + |
|
| 73 | + // Read the language from the notification |
|
| 74 | + $l = $this->factory->get('files_sharing', $languageCode); |
|
| 75 | + |
|
| 76 | + switch ($notification->getSubject()) { |
|
| 77 | + // Deal with known subjects |
|
| 78 | + case 'remote_share': |
|
| 79 | + $notification->setIcon($this->url->getAbsoluteURL($this->url->imagePath('core', 'actions/share.svg'))); |
|
| 80 | + |
|
| 81 | + $params = $notification->getSubjectParameters(); |
|
| 82 | + if ($params[0] !== $params[1] && $params[1] !== null) { |
|
| 83 | + $notification->setParsedSubject( |
|
| 84 | + $l->t('You received "%3$s" as a remote share from %1$s (on behalf of %2$s)', $params) |
|
| 85 | + ); |
|
| 86 | + $notification->setRichSubject( |
|
| 87 | + $l->t('You received {share} as a remote share from {user} (on behalf of {behalf})'), |
|
| 88 | + [ |
|
| 89 | + 'share' => [ |
|
| 90 | + 'type' => 'pending-federated-share', |
|
| 91 | + 'id' => $notification->getObjectId(), |
|
| 92 | + 'name' => $params[2], |
|
| 93 | + ], |
|
| 94 | + 'user' => $this->createRemoteUser($params[0]), |
|
| 95 | + 'behalf' => $this->createRemoteUser($params[1]), |
|
| 96 | + ] |
|
| 97 | + ); |
|
| 98 | + } else { |
|
| 99 | + $notification->setParsedSubject( |
|
| 100 | + $l->t('You received "%3$s" as a remote share from %1$s', $params) |
|
| 101 | + ); |
|
| 102 | + $notification->setRichSubject( |
|
| 103 | + $l->t('You received {share} as a remote share from {user}'), |
|
| 104 | + [ |
|
| 105 | + 'share' => [ |
|
| 106 | + 'type' => 'pending-federated-share', |
|
| 107 | + 'id' => $notification->getObjectId(), |
|
| 108 | + 'name' => $params[2], |
|
| 109 | + ], |
|
| 110 | + 'user' => $this->createRemoteUser($params[0]), |
|
| 111 | + ] |
|
| 112 | + ); |
|
| 113 | + } |
|
| 114 | + |
|
| 115 | + // Deal with the actions for a known subject |
|
| 116 | + foreach ($notification->getActions() as $action) { |
|
| 117 | + switch ($action->getLabel()) { |
|
| 118 | + case 'accept': |
|
| 119 | + $action->setParsedLabel( |
|
| 120 | + (string) $l->t('Accept') |
|
| 121 | + ) |
|
| 122 | + ->setPrimary(true); |
|
| 123 | + break; |
|
| 124 | + |
|
| 125 | + case 'decline': |
|
| 126 | + $action->setParsedLabel( |
|
| 127 | + (string) $l->t('Decline') |
|
| 128 | + ); |
|
| 129 | + break; |
|
| 130 | + } |
|
| 131 | + |
|
| 132 | + $notification->addParsedAction($action); |
|
| 133 | + } |
|
| 134 | + return $notification; |
|
| 135 | + |
|
| 136 | + default: |
|
| 137 | + // Unknown subject => Unknown notification => throw |
|
| 138 | + throw new \InvalidArgumentException(); |
|
| 139 | + } |
|
| 140 | + } |
|
| 141 | + |
|
| 142 | + /** |
|
| 143 | + * @param string $cloudId |
|
| 144 | + * @return array |
|
| 145 | + */ |
|
| 146 | + protected function createRemoteUser($cloudId) { |
|
| 147 | + $displayName = $cloudId; |
|
| 148 | + try { |
|
| 149 | + $resolvedId = $this->cloudIdManager->resolveCloudId($cloudId); |
|
| 150 | + $displayName = $this->getDisplayName($resolvedId); |
|
| 151 | + $user = $resolvedId->getUser(); |
|
| 152 | + $server = $resolvedId->getRemote(); |
|
| 153 | + } catch (HintException $e) { |
|
| 154 | + $user = $cloudId; |
|
| 155 | + $server = ''; |
|
| 156 | + } |
|
| 157 | + |
|
| 158 | + return [ |
|
| 159 | + 'type' => 'user', |
|
| 160 | + 'id' => $user, |
|
| 161 | + 'name' => $displayName, |
|
| 162 | + 'server' => $server, |
|
| 163 | + ]; |
|
| 164 | + } |
|
| 165 | + |
|
| 166 | + /** |
|
| 167 | + * Try to find the user in the contacts |
|
| 168 | + * |
|
| 169 | + * @param ICloudId $cloudId |
|
| 170 | + * @return string |
|
| 171 | + */ |
|
| 172 | + protected function getDisplayName(ICloudId $cloudId) { |
|
| 173 | + $server = $cloudId->getRemote(); |
|
| 174 | + $user = $cloudId->getUser(); |
|
| 175 | + if (strpos($server, 'http://') === 0) { |
|
| 176 | + $server = substr($server, strlen('http://')); |
|
| 177 | + } else if (strpos($server, 'https://') === 0) { |
|
| 178 | + $server = substr($server, strlen('https://')); |
|
| 179 | + } |
|
| 180 | + |
|
| 181 | + try { |
|
| 182 | + return $this->getDisplayNameFromContact($cloudId->getId()); |
|
| 183 | + } catch (\OutOfBoundsException $e) { |
|
| 184 | + } |
|
| 185 | + |
|
| 186 | + try { |
|
| 187 | + $this->getDisplayNameFromContact($user . '@http://' . $server); |
|
| 188 | + } catch (\OutOfBoundsException $e) { |
|
| 189 | + } |
|
| 190 | + |
|
| 191 | + try { |
|
| 192 | + $this->getDisplayNameFromContact($user . '@https://' . $server); |
|
| 193 | + } catch (\OutOfBoundsException $e) { |
|
| 194 | + } |
|
| 195 | + |
|
| 196 | + return $cloudId->getId(); |
|
| 197 | + } |
|
| 198 | + |
|
| 199 | + /** |
|
| 200 | + * Try to find the user in the contacts |
|
| 201 | + * |
|
| 202 | + * @param string $federatedCloudId |
|
| 203 | + * @return string |
|
| 204 | + * @throws \OutOfBoundsException when there is no contact for the id |
|
| 205 | + */ |
|
| 206 | + protected function getDisplayNameFromContact($federatedCloudId) { |
|
| 207 | + if (isset($this->federatedContacts[$federatedCloudId])) { |
|
| 208 | + if ($this->federatedContacts[$federatedCloudId] !== '') { |
|
| 209 | + return $this->federatedContacts[$federatedCloudId]; |
|
| 210 | + } else { |
|
| 211 | + throw new \OutOfBoundsException('No contact found for federated cloud id'); |
|
| 212 | + } |
|
| 213 | + } |
|
| 214 | + |
|
| 215 | + $addressBookEntries = $this->contactsManager->search($federatedCloudId, ['CLOUD']); |
|
| 216 | + foreach ($addressBookEntries as $entry) { |
|
| 217 | + if (isset($entry['CLOUD'])) { |
|
| 218 | + foreach ($entry['CLOUD'] as $cloudID) { |
|
| 219 | + if ($cloudID === $federatedCloudId) { |
|
| 220 | + $this->federatedContacts[$federatedCloudId] = $entry['FN']; |
|
| 221 | + return $entry['FN']; |
|
| 222 | + } |
|
| 223 | + } |
|
| 224 | + } |
|
| 225 | + } |
|
| 226 | + |
|
| 227 | + $this->federatedContacts[$federatedCloudId] = ''; |
|
| 228 | + throw new \OutOfBoundsException('No contact found for federated cloud id'); |
|
| 229 | + } |
|
| 230 | 230 | } |
@@ -184,12 +184,12 @@ |
||
| 184 | 184 | } |
| 185 | 185 | |
| 186 | 186 | try { |
| 187 | - $this->getDisplayNameFromContact($user . '@http://' . $server); |
|
| 187 | + $this->getDisplayNameFromContact($user.'@http://'.$server); |
|
| 188 | 188 | } catch (\OutOfBoundsException $e) { |
| 189 | 189 | } |
| 190 | 190 | |
| 191 | 191 | try { |
| 192 | - $this->getDisplayNameFromContact($user . '@https://' . $server); |
|
| 192 | + $this->getDisplayNameFromContact($user.'@https://'.$server); |
|
| 193 | 193 | } catch (\OutOfBoundsException $e) { |
| 194 | 194 | } |
| 195 | 195 | |
@@ -147,7 +147,7 @@ discard block |
||
| 147 | 147 | $storedPassword = $share->getPassword(); |
| 148 | 148 | $authenticated = $this->session->get('public_link_authenticated') === $share->getId() || |
| 149 | 149 | $this->shareManager->checkPassword($share, $password); |
| 150 | - if (!empty($storedPassword) && !$authenticated ) { |
|
| 150 | + if (!empty($storedPassword) && !$authenticated) { |
|
| 151 | 151 | return new JSONResponse( |
| 152 | 152 | ['message' => 'No permission to access the share'], |
| 153 | 153 | Http::STATUS_BAD_REQUEST |
@@ -189,7 +189,7 @@ discard block |
||
| 189 | 189 | $httpClient = $this->clientService->newClient(); |
| 190 | 190 | |
| 191 | 191 | try { |
| 192 | - $response = $httpClient->post($remote . '/index.php/apps/federatedfilesharing/createFederatedShare', |
|
| 192 | + $response = $httpClient->post($remote.'/index.php/apps/federatedfilesharing/createFederatedShare', |
|
| 193 | 193 | [ |
| 194 | 194 | 'body' => |
| 195 | 195 | [ |
@@ -287,14 +287,14 @@ discard block |
||
| 287 | 287 | // note: checkStorageAvailability will already remove the invalid share |
| 288 | 288 | Util::writeLog( |
| 289 | 289 | 'federatedfilesharing', |
| 290 | - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 290 | + 'Invalid remote storage: '.get_class($e).': '.$e->getMessage(), |
|
| 291 | 291 | Util::DEBUG |
| 292 | 292 | ); |
| 293 | 293 | return new JSONResponse(['message' => $this->l->t('Could not authenticate to remote share, password might be wrong')], Http::STATUS_BAD_REQUEST); |
| 294 | 294 | } catch (\Exception $e) { |
| 295 | 295 | Util::writeLog( |
| 296 | 296 | 'federatedfilesharing', |
| 297 | - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 297 | + 'Invalid remote storage: '.get_class($e).': '.$e->getMessage(), |
|
| 298 | 298 | Util::DEBUG |
| 299 | 299 | ); |
| 300 | 300 | $externalManager->removeShare($mount->getMountPoint()); |
@@ -313,14 +313,14 @@ discard block |
||
| 313 | 313 | } catch (StorageInvalidException $e) { |
| 314 | 314 | Util::writeLog( |
| 315 | 315 | 'federatedfilesharing', |
| 316 | - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 316 | + 'Invalid remote storage: '.get_class($e).': '.$e->getMessage(), |
|
| 317 | 317 | Util::DEBUG |
| 318 | 318 | ); |
| 319 | 319 | return new JSONResponse(['message' => $this->l->t('Storage not valid')], Http::STATUS_BAD_REQUEST); |
| 320 | 320 | } catch (\Exception $e) { |
| 321 | 321 | Util::writeLog( |
| 322 | 322 | 'federatedfilesharing', |
| 323 | - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 323 | + 'Invalid remote storage: '.get_class($e).': '.$e->getMessage(), |
|
| 324 | 324 | Util::DEBUG |
| 325 | 325 | ); |
| 326 | 326 | return new JSONResponse(['message' => $this->l->t('Couldn\'t add remote share')], Http::STATUS_BAD_REQUEST); |
@@ -29,7 +29,6 @@ |
||
| 29 | 29 | use OC\HintException; |
| 30 | 30 | use OC\Share\Helper; |
| 31 | 31 | use OCA\FederatedFileSharing\AddressHandler; |
| 32 | -use OCA\FederatedFileSharing\DiscoveryManager; |
|
| 33 | 32 | use OCA\FederatedFileSharing\FederatedShareProvider; |
| 34 | 33 | use OCA\Files_Sharing\External\Manager; |
| 35 | 34 | use OCP\AppFramework\Controller; |
@@ -54,283 +54,283 @@ |
||
| 54 | 54 | */ |
| 55 | 55 | class MountPublicLinkController extends Controller { |
| 56 | 56 | |
| 57 | - /** @var FederatedShareProvider */ |
|
| 58 | - private $federatedShareProvider; |
|
| 59 | - |
|
| 60 | - /** @var AddressHandler */ |
|
| 61 | - private $addressHandler; |
|
| 62 | - |
|
| 63 | - /** @var IManager */ |
|
| 64 | - private $shareManager; |
|
| 65 | - |
|
| 66 | - /** @var ISession */ |
|
| 67 | - private $session; |
|
| 68 | - |
|
| 69 | - /** @var IL10N */ |
|
| 70 | - private $l; |
|
| 71 | - |
|
| 72 | - /** @var IUserSession */ |
|
| 73 | - private $userSession; |
|
| 74 | - |
|
| 75 | - /** @var IClientService */ |
|
| 76 | - private $clientService; |
|
| 77 | - |
|
| 78 | - /** @var ICloudIdManager */ |
|
| 79 | - private $cloudIdManager; |
|
| 80 | - |
|
| 81 | - /** |
|
| 82 | - * MountPublicLinkController constructor. |
|
| 83 | - * |
|
| 84 | - * @param string $appName |
|
| 85 | - * @param IRequest $request |
|
| 86 | - * @param FederatedShareProvider $federatedShareProvider |
|
| 87 | - * @param IManager $shareManager |
|
| 88 | - * @param AddressHandler $addressHandler |
|
| 89 | - * @param ISession $session |
|
| 90 | - * @param IL10N $l |
|
| 91 | - * @param IUserSession $userSession |
|
| 92 | - * @param IClientService $clientService |
|
| 93 | - * @param ICloudIdManager $cloudIdManager |
|
| 94 | - */ |
|
| 95 | - public function __construct($appName, |
|
| 96 | - IRequest $request, |
|
| 97 | - FederatedShareProvider $federatedShareProvider, |
|
| 98 | - IManager $shareManager, |
|
| 99 | - AddressHandler $addressHandler, |
|
| 100 | - ISession $session, |
|
| 101 | - IL10N $l, |
|
| 102 | - IUserSession $userSession, |
|
| 103 | - IClientService $clientService, |
|
| 104 | - ICloudIdManager $cloudIdManager |
|
| 105 | - ) { |
|
| 106 | - parent::__construct($appName, $request); |
|
| 107 | - |
|
| 108 | - $this->federatedShareProvider = $federatedShareProvider; |
|
| 109 | - $this->shareManager = $shareManager; |
|
| 110 | - $this->addressHandler = $addressHandler; |
|
| 111 | - $this->session = $session; |
|
| 112 | - $this->l = $l; |
|
| 113 | - $this->userSession = $userSession; |
|
| 114 | - $this->clientService = $clientService; |
|
| 115 | - $this->cloudIdManager = $cloudIdManager; |
|
| 116 | - } |
|
| 117 | - |
|
| 118 | - /** |
|
| 119 | - * send federated share to a user of a public link |
|
| 120 | - * |
|
| 121 | - * @NoCSRFRequired |
|
| 122 | - * @PublicPage |
|
| 123 | - * @BruteForceProtection(action=publicLink2FederatedShare) |
|
| 124 | - * |
|
| 125 | - * @param string $shareWith |
|
| 126 | - * @param string $token |
|
| 127 | - * @param string $password |
|
| 128 | - * @return JSONResponse |
|
| 129 | - */ |
|
| 130 | - public function createFederatedShare($shareWith, $token, $password = '') { |
|
| 131 | - |
|
| 132 | - if (!$this->federatedShareProvider->isOutgoingServer2serverShareEnabled()) { |
|
| 133 | - return new JSONResponse( |
|
| 134 | - ['message' => 'This server doesn\'t support outgoing federated shares'], |
|
| 135 | - Http::STATUS_BAD_REQUEST |
|
| 136 | - ); |
|
| 137 | - } |
|
| 138 | - |
|
| 139 | - try { |
|
| 140 | - list(, $server) = $this->addressHandler->splitUserRemote($shareWith); |
|
| 141 | - $share = $this->shareManager->getShareByToken($token); |
|
| 142 | - } catch (HintException $e) { |
|
| 143 | - return new JSONResponse(['message' => $e->getHint()], Http::STATUS_BAD_REQUEST); |
|
| 144 | - } |
|
| 145 | - |
|
| 146 | - // make sure that user is authenticated in case of a password protected link |
|
| 147 | - $storedPassword = $share->getPassword(); |
|
| 148 | - $authenticated = $this->session->get('public_link_authenticated') === $share->getId() || |
|
| 149 | - $this->shareManager->checkPassword($share, $password); |
|
| 150 | - if (!empty($storedPassword) && !$authenticated ) { |
|
| 151 | - return new JSONResponse( |
|
| 152 | - ['message' => 'No permission to access the share'], |
|
| 153 | - Http::STATUS_BAD_REQUEST |
|
| 154 | - ); |
|
| 155 | - } |
|
| 156 | - |
|
| 157 | - $share->setSharedWith($shareWith); |
|
| 158 | - |
|
| 159 | - try { |
|
| 160 | - $this->federatedShareProvider->create($share); |
|
| 161 | - } catch (\Exception $e) { |
|
| 162 | - return new JSONResponse(['message' => $e->getMessage()], Http::STATUS_BAD_REQUEST); |
|
| 163 | - } |
|
| 164 | - |
|
| 165 | - return new JSONResponse(['remoteUrl' => $server]); |
|
| 166 | - } |
|
| 167 | - |
|
| 168 | - /** |
|
| 169 | - * ask other server to get a federated share |
|
| 170 | - * |
|
| 171 | - * @NoAdminRequired |
|
| 172 | - * |
|
| 173 | - * @param string $token |
|
| 174 | - * @param string $remote |
|
| 175 | - * @param string $password |
|
| 176 | - * @param string $owner (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 177 | - * @param string $ownerDisplayName (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 178 | - * @param string $name (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 179 | - * @return JSONResponse |
|
| 180 | - */ |
|
| 181 | - public function askForFederatedShare($token, $remote, $password = '', $owner = '', $ownerDisplayName = '', $name = '') { |
|
| 182 | - // check if server admin allows to mount public links from other servers |
|
| 183 | - if ($this->federatedShareProvider->isIncomingServer2serverShareEnabled() === false) { |
|
| 184 | - return new JSONResponse(['message' => $this->l->t('Server to server sharing is not enabled on this server')], Http::STATUS_BAD_REQUEST); |
|
| 185 | - } |
|
| 186 | - |
|
| 187 | - $cloudId = $this->cloudIdManager->getCloudId($this->userSession->getUser()->getUID(), $this->addressHandler->generateRemoteURL()); |
|
| 188 | - |
|
| 189 | - $httpClient = $this->clientService->newClient(); |
|
| 190 | - |
|
| 191 | - try { |
|
| 192 | - $response = $httpClient->post($remote . '/index.php/apps/federatedfilesharing/createFederatedShare', |
|
| 193 | - [ |
|
| 194 | - 'body' => |
|
| 195 | - [ |
|
| 196 | - 'token' => $token, |
|
| 197 | - 'shareWith' => rtrim($cloudId->getId(), '/'), |
|
| 198 | - 'password' => $password |
|
| 199 | - ], |
|
| 200 | - 'connect_timeout' => 10, |
|
| 201 | - ] |
|
| 202 | - ); |
|
| 203 | - } catch (\Exception $e) { |
|
| 204 | - if (empty($password)) { |
|
| 205 | - $message = $this->l->t("Couldn't establish a federated share."); |
|
| 206 | - } else { |
|
| 207 | - $message = $this->l->t("Couldn't establish a federated share, maybe the password was wrong."); |
|
| 208 | - } |
|
| 209 | - return new JSONResponse(['message' => $message], Http::STATUS_BAD_REQUEST); |
|
| 210 | - } |
|
| 211 | - |
|
| 212 | - $body = $response->getBody(); |
|
| 213 | - $result = json_decode($body, true); |
|
| 214 | - |
|
| 215 | - if (is_array($result) && isset($result['remoteUrl'])) { |
|
| 216 | - return new JSONResponse(['message' => $this->l->t('Federated Share request was successful, you will receive a invitation. Check your notifications.')]); |
|
| 217 | - } |
|
| 218 | - |
|
| 219 | - // if we doesn't get the expected response we assume that we try to add |
|
| 220 | - // a federated share from a Nextcloud <= 9 server |
|
| 221 | - return $this->legacyMountPublicLink($token, $remote, $password, $name, $owner, $ownerDisplayName); |
|
| 222 | - } |
|
| 223 | - |
|
| 224 | - /** |
|
| 225 | - * Allow Nextcloud to mount a public link directly |
|
| 226 | - * |
|
| 227 | - * This code was copied from the apps/files_sharing/ajax/external.php with |
|
| 228 | - * minimal changes, just to guarantee backward compatibility |
|
| 229 | - * |
|
| 230 | - * ToDo: Remove this method once Nextcloud 9 reaches end of life |
|
| 231 | - * |
|
| 232 | - * @param string $token |
|
| 233 | - * @param string $remote |
|
| 234 | - * @param string $password |
|
| 235 | - * @param string $name |
|
| 236 | - * @param string $owner |
|
| 237 | - * @param string $ownerDisplayName |
|
| 238 | - * @return JSONResponse |
|
| 239 | - */ |
|
| 240 | - private function legacyMountPublicLink($token, $remote, $password, $name, $owner, $ownerDisplayName) { |
|
| 241 | - |
|
| 242 | - // Check for invalid name |
|
| 243 | - if (!Util::isValidFileName($name)) { |
|
| 244 | - return new JSONResponse(['message' => $this->l->t('The mountpoint name contains invalid characters.')], Http::STATUS_BAD_REQUEST); |
|
| 245 | - } |
|
| 246 | - $currentUser = $this->userSession->getUser()->getUID(); |
|
| 247 | - $currentServer = $this->addressHandler->generateRemoteURL(); |
|
| 248 | - if (Helper::isSameUserOnSameServer($owner, $remote, $currentUser, $currentServer)) { |
|
| 249 | - return new JSONResponse(['message' => $this->l->t('Not allowed to create a federated share with the owner.')], Http::STATUS_BAD_REQUEST); |
|
| 250 | - } |
|
| 251 | - $externalManager = new Manager( |
|
| 252 | - \OC::$server->getDatabaseConnection(), |
|
| 253 | - Filesystem::getMountManager(), |
|
| 254 | - Filesystem::getLoader(), |
|
| 255 | - \OC::$server->getHTTPClientService(), |
|
| 256 | - \OC::$server->getNotificationManager(), |
|
| 257 | - \OC::$server->query(\OCP\OCS\IDiscoveryService::class), |
|
| 258 | - \OC::$server->getUserSession()->getUser()->getUID() |
|
| 259 | - ); |
|
| 260 | - |
|
| 261 | - // check for ssl cert |
|
| 262 | - |
|
| 263 | - if (strpos($remote, 'https') === 0) { |
|
| 264 | - try { |
|
| 265 | - $client = $this->clientService->newClient(); |
|
| 266 | - $client->get($remote, [ |
|
| 267 | - 'timeout' => 10, |
|
| 268 | - 'connect_timeout' => 10, |
|
| 269 | - ])->getBody(); |
|
| 270 | - } catch (\Exception $e) { |
|
| 271 | - return new JSONResponse(['message' => $this->l->t('Invalid or untrusted SSL certificate')], Http::STATUS_BAD_REQUEST); |
|
| 272 | - } |
|
| 273 | - } |
|
| 274 | - $mount = $externalManager->addShare($remote, $token, $password, $name, $ownerDisplayName, true); |
|
| 275 | - /** |
|
| 276 | - * @var \OCA\Files_Sharing\External\Storage $storage |
|
| 277 | - */ |
|
| 278 | - $storage = $mount->getStorage(); |
|
| 279 | - try { |
|
| 280 | - // check if storage exists |
|
| 281 | - $storage->checkStorageAvailability(); |
|
| 282 | - } catch (StorageInvalidException $e) { |
|
| 283 | - // note: checkStorageAvailability will already remove the invalid share |
|
| 284 | - Util::writeLog( |
|
| 285 | - 'federatedfilesharing', |
|
| 286 | - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 287 | - Util::DEBUG |
|
| 288 | - ); |
|
| 289 | - return new JSONResponse(['message' => $this->l->t('Could not authenticate to remote share, password might be wrong')], Http::STATUS_BAD_REQUEST); |
|
| 290 | - } catch (\Exception $e) { |
|
| 291 | - Util::writeLog( |
|
| 292 | - 'federatedfilesharing', |
|
| 293 | - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 294 | - Util::DEBUG |
|
| 295 | - ); |
|
| 296 | - $externalManager->removeShare($mount->getMountPoint()); |
|
| 297 | - return new JSONResponse(['message' => $this->l->t('Storage not valid')], Http::STATUS_BAD_REQUEST); |
|
| 298 | - } |
|
| 299 | - $result = $storage->file_exists(''); |
|
| 300 | - if ($result) { |
|
| 301 | - try { |
|
| 302 | - $storage->getScanner()->scanAll(); |
|
| 303 | - return new JSONResponse( |
|
| 304 | - [ |
|
| 305 | - 'message' => $this->l->t('Federated Share successfully added'), |
|
| 306 | - 'legacyMount' => '1' |
|
| 307 | - ] |
|
| 308 | - ); |
|
| 309 | - } catch (StorageInvalidException $e) { |
|
| 310 | - Util::writeLog( |
|
| 311 | - 'federatedfilesharing', |
|
| 312 | - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 313 | - Util::DEBUG |
|
| 314 | - ); |
|
| 315 | - return new JSONResponse(['message' => $this->l->t('Storage not valid')], Http::STATUS_BAD_REQUEST); |
|
| 316 | - } catch (\Exception $e) { |
|
| 317 | - Util::writeLog( |
|
| 318 | - 'federatedfilesharing', |
|
| 319 | - 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 320 | - Util::DEBUG |
|
| 321 | - ); |
|
| 322 | - return new JSONResponse(['message' => $this->l->t('Couldn\'t add remote share')], Http::STATUS_BAD_REQUEST); |
|
| 323 | - } |
|
| 324 | - } else { |
|
| 325 | - $externalManager->removeShare($mount->getMountPoint()); |
|
| 326 | - Util::writeLog( |
|
| 327 | - 'federatedfilesharing', |
|
| 328 | - 'Couldn\'t add remote share', |
|
| 329 | - Util::DEBUG |
|
| 330 | - ); |
|
| 331 | - return new JSONResponse(['message' => $this->l->t('Couldn\'t add remote share')], Http::STATUS_BAD_REQUEST); |
|
| 332 | - } |
|
| 333 | - |
|
| 334 | - } |
|
| 57 | + /** @var FederatedShareProvider */ |
|
| 58 | + private $federatedShareProvider; |
|
| 59 | + |
|
| 60 | + /** @var AddressHandler */ |
|
| 61 | + private $addressHandler; |
|
| 62 | + |
|
| 63 | + /** @var IManager */ |
|
| 64 | + private $shareManager; |
|
| 65 | + |
|
| 66 | + /** @var ISession */ |
|
| 67 | + private $session; |
|
| 68 | + |
|
| 69 | + /** @var IL10N */ |
|
| 70 | + private $l; |
|
| 71 | + |
|
| 72 | + /** @var IUserSession */ |
|
| 73 | + private $userSession; |
|
| 74 | + |
|
| 75 | + /** @var IClientService */ |
|
| 76 | + private $clientService; |
|
| 77 | + |
|
| 78 | + /** @var ICloudIdManager */ |
|
| 79 | + private $cloudIdManager; |
|
| 80 | + |
|
| 81 | + /** |
|
| 82 | + * MountPublicLinkController constructor. |
|
| 83 | + * |
|
| 84 | + * @param string $appName |
|
| 85 | + * @param IRequest $request |
|
| 86 | + * @param FederatedShareProvider $federatedShareProvider |
|
| 87 | + * @param IManager $shareManager |
|
| 88 | + * @param AddressHandler $addressHandler |
|
| 89 | + * @param ISession $session |
|
| 90 | + * @param IL10N $l |
|
| 91 | + * @param IUserSession $userSession |
|
| 92 | + * @param IClientService $clientService |
|
| 93 | + * @param ICloudIdManager $cloudIdManager |
|
| 94 | + */ |
|
| 95 | + public function __construct($appName, |
|
| 96 | + IRequest $request, |
|
| 97 | + FederatedShareProvider $federatedShareProvider, |
|
| 98 | + IManager $shareManager, |
|
| 99 | + AddressHandler $addressHandler, |
|
| 100 | + ISession $session, |
|
| 101 | + IL10N $l, |
|
| 102 | + IUserSession $userSession, |
|
| 103 | + IClientService $clientService, |
|
| 104 | + ICloudIdManager $cloudIdManager |
|
| 105 | + ) { |
|
| 106 | + parent::__construct($appName, $request); |
|
| 107 | + |
|
| 108 | + $this->federatedShareProvider = $federatedShareProvider; |
|
| 109 | + $this->shareManager = $shareManager; |
|
| 110 | + $this->addressHandler = $addressHandler; |
|
| 111 | + $this->session = $session; |
|
| 112 | + $this->l = $l; |
|
| 113 | + $this->userSession = $userSession; |
|
| 114 | + $this->clientService = $clientService; |
|
| 115 | + $this->cloudIdManager = $cloudIdManager; |
|
| 116 | + } |
|
| 117 | + |
|
| 118 | + /** |
|
| 119 | + * send federated share to a user of a public link |
|
| 120 | + * |
|
| 121 | + * @NoCSRFRequired |
|
| 122 | + * @PublicPage |
|
| 123 | + * @BruteForceProtection(action=publicLink2FederatedShare) |
|
| 124 | + * |
|
| 125 | + * @param string $shareWith |
|
| 126 | + * @param string $token |
|
| 127 | + * @param string $password |
|
| 128 | + * @return JSONResponse |
|
| 129 | + */ |
|
| 130 | + public function createFederatedShare($shareWith, $token, $password = '') { |
|
| 131 | + |
|
| 132 | + if (!$this->federatedShareProvider->isOutgoingServer2serverShareEnabled()) { |
|
| 133 | + return new JSONResponse( |
|
| 134 | + ['message' => 'This server doesn\'t support outgoing federated shares'], |
|
| 135 | + Http::STATUS_BAD_REQUEST |
|
| 136 | + ); |
|
| 137 | + } |
|
| 138 | + |
|
| 139 | + try { |
|
| 140 | + list(, $server) = $this->addressHandler->splitUserRemote($shareWith); |
|
| 141 | + $share = $this->shareManager->getShareByToken($token); |
|
| 142 | + } catch (HintException $e) { |
|
| 143 | + return new JSONResponse(['message' => $e->getHint()], Http::STATUS_BAD_REQUEST); |
|
| 144 | + } |
|
| 145 | + |
|
| 146 | + // make sure that user is authenticated in case of a password protected link |
|
| 147 | + $storedPassword = $share->getPassword(); |
|
| 148 | + $authenticated = $this->session->get('public_link_authenticated') === $share->getId() || |
|
| 149 | + $this->shareManager->checkPassword($share, $password); |
|
| 150 | + if (!empty($storedPassword) && !$authenticated ) { |
|
| 151 | + return new JSONResponse( |
|
| 152 | + ['message' => 'No permission to access the share'], |
|
| 153 | + Http::STATUS_BAD_REQUEST |
|
| 154 | + ); |
|
| 155 | + } |
|
| 156 | + |
|
| 157 | + $share->setSharedWith($shareWith); |
|
| 158 | + |
|
| 159 | + try { |
|
| 160 | + $this->federatedShareProvider->create($share); |
|
| 161 | + } catch (\Exception $e) { |
|
| 162 | + return new JSONResponse(['message' => $e->getMessage()], Http::STATUS_BAD_REQUEST); |
|
| 163 | + } |
|
| 164 | + |
|
| 165 | + return new JSONResponse(['remoteUrl' => $server]); |
|
| 166 | + } |
|
| 167 | + |
|
| 168 | + /** |
|
| 169 | + * ask other server to get a federated share |
|
| 170 | + * |
|
| 171 | + * @NoAdminRequired |
|
| 172 | + * |
|
| 173 | + * @param string $token |
|
| 174 | + * @param string $remote |
|
| 175 | + * @param string $password |
|
| 176 | + * @param string $owner (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 177 | + * @param string $ownerDisplayName (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 178 | + * @param string $name (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 179 | + * @return JSONResponse |
|
| 180 | + */ |
|
| 181 | + public function askForFederatedShare($token, $remote, $password = '', $owner = '', $ownerDisplayName = '', $name = '') { |
|
| 182 | + // check if server admin allows to mount public links from other servers |
|
| 183 | + if ($this->federatedShareProvider->isIncomingServer2serverShareEnabled() === false) { |
|
| 184 | + return new JSONResponse(['message' => $this->l->t('Server to server sharing is not enabled on this server')], Http::STATUS_BAD_REQUEST); |
|
| 185 | + } |
|
| 186 | + |
|
| 187 | + $cloudId = $this->cloudIdManager->getCloudId($this->userSession->getUser()->getUID(), $this->addressHandler->generateRemoteURL()); |
|
| 188 | + |
|
| 189 | + $httpClient = $this->clientService->newClient(); |
|
| 190 | + |
|
| 191 | + try { |
|
| 192 | + $response = $httpClient->post($remote . '/index.php/apps/federatedfilesharing/createFederatedShare', |
|
| 193 | + [ |
|
| 194 | + 'body' => |
|
| 195 | + [ |
|
| 196 | + 'token' => $token, |
|
| 197 | + 'shareWith' => rtrim($cloudId->getId(), '/'), |
|
| 198 | + 'password' => $password |
|
| 199 | + ], |
|
| 200 | + 'connect_timeout' => 10, |
|
| 201 | + ] |
|
| 202 | + ); |
|
| 203 | + } catch (\Exception $e) { |
|
| 204 | + if (empty($password)) { |
|
| 205 | + $message = $this->l->t("Couldn't establish a federated share."); |
|
| 206 | + } else { |
|
| 207 | + $message = $this->l->t("Couldn't establish a federated share, maybe the password was wrong."); |
|
| 208 | + } |
|
| 209 | + return new JSONResponse(['message' => $message], Http::STATUS_BAD_REQUEST); |
|
| 210 | + } |
|
| 211 | + |
|
| 212 | + $body = $response->getBody(); |
|
| 213 | + $result = json_decode($body, true); |
|
| 214 | + |
|
| 215 | + if (is_array($result) && isset($result['remoteUrl'])) { |
|
| 216 | + return new JSONResponse(['message' => $this->l->t('Federated Share request was successful, you will receive a invitation. Check your notifications.')]); |
|
| 217 | + } |
|
| 218 | + |
|
| 219 | + // if we doesn't get the expected response we assume that we try to add |
|
| 220 | + // a federated share from a Nextcloud <= 9 server |
|
| 221 | + return $this->legacyMountPublicLink($token, $remote, $password, $name, $owner, $ownerDisplayName); |
|
| 222 | + } |
|
| 223 | + |
|
| 224 | + /** |
|
| 225 | + * Allow Nextcloud to mount a public link directly |
|
| 226 | + * |
|
| 227 | + * This code was copied from the apps/files_sharing/ajax/external.php with |
|
| 228 | + * minimal changes, just to guarantee backward compatibility |
|
| 229 | + * |
|
| 230 | + * ToDo: Remove this method once Nextcloud 9 reaches end of life |
|
| 231 | + * |
|
| 232 | + * @param string $token |
|
| 233 | + * @param string $remote |
|
| 234 | + * @param string $password |
|
| 235 | + * @param string $name |
|
| 236 | + * @param string $owner |
|
| 237 | + * @param string $ownerDisplayName |
|
| 238 | + * @return JSONResponse |
|
| 239 | + */ |
|
| 240 | + private function legacyMountPublicLink($token, $remote, $password, $name, $owner, $ownerDisplayName) { |
|
| 241 | + |
|
| 242 | + // Check for invalid name |
|
| 243 | + if (!Util::isValidFileName($name)) { |
|
| 244 | + return new JSONResponse(['message' => $this->l->t('The mountpoint name contains invalid characters.')], Http::STATUS_BAD_REQUEST); |
|
| 245 | + } |
|
| 246 | + $currentUser = $this->userSession->getUser()->getUID(); |
|
| 247 | + $currentServer = $this->addressHandler->generateRemoteURL(); |
|
| 248 | + if (Helper::isSameUserOnSameServer($owner, $remote, $currentUser, $currentServer)) { |
|
| 249 | + return new JSONResponse(['message' => $this->l->t('Not allowed to create a federated share with the owner.')], Http::STATUS_BAD_REQUEST); |
|
| 250 | + } |
|
| 251 | + $externalManager = new Manager( |
|
| 252 | + \OC::$server->getDatabaseConnection(), |
|
| 253 | + Filesystem::getMountManager(), |
|
| 254 | + Filesystem::getLoader(), |
|
| 255 | + \OC::$server->getHTTPClientService(), |
|
| 256 | + \OC::$server->getNotificationManager(), |
|
| 257 | + \OC::$server->query(\OCP\OCS\IDiscoveryService::class), |
|
| 258 | + \OC::$server->getUserSession()->getUser()->getUID() |
|
| 259 | + ); |
|
| 260 | + |
|
| 261 | + // check for ssl cert |
|
| 262 | + |
|
| 263 | + if (strpos($remote, 'https') === 0) { |
|
| 264 | + try { |
|
| 265 | + $client = $this->clientService->newClient(); |
|
| 266 | + $client->get($remote, [ |
|
| 267 | + 'timeout' => 10, |
|
| 268 | + 'connect_timeout' => 10, |
|
| 269 | + ])->getBody(); |
|
| 270 | + } catch (\Exception $e) { |
|
| 271 | + return new JSONResponse(['message' => $this->l->t('Invalid or untrusted SSL certificate')], Http::STATUS_BAD_REQUEST); |
|
| 272 | + } |
|
| 273 | + } |
|
| 274 | + $mount = $externalManager->addShare($remote, $token, $password, $name, $ownerDisplayName, true); |
|
| 275 | + /** |
|
| 276 | + * @var \OCA\Files_Sharing\External\Storage $storage |
|
| 277 | + */ |
|
| 278 | + $storage = $mount->getStorage(); |
|
| 279 | + try { |
|
| 280 | + // check if storage exists |
|
| 281 | + $storage->checkStorageAvailability(); |
|
| 282 | + } catch (StorageInvalidException $e) { |
|
| 283 | + // note: checkStorageAvailability will already remove the invalid share |
|
| 284 | + Util::writeLog( |
|
| 285 | + 'federatedfilesharing', |
|
| 286 | + 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 287 | + Util::DEBUG |
|
| 288 | + ); |
|
| 289 | + return new JSONResponse(['message' => $this->l->t('Could not authenticate to remote share, password might be wrong')], Http::STATUS_BAD_REQUEST); |
|
| 290 | + } catch (\Exception $e) { |
|
| 291 | + Util::writeLog( |
|
| 292 | + 'federatedfilesharing', |
|
| 293 | + 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 294 | + Util::DEBUG |
|
| 295 | + ); |
|
| 296 | + $externalManager->removeShare($mount->getMountPoint()); |
|
| 297 | + return new JSONResponse(['message' => $this->l->t('Storage not valid')], Http::STATUS_BAD_REQUEST); |
|
| 298 | + } |
|
| 299 | + $result = $storage->file_exists(''); |
|
| 300 | + if ($result) { |
|
| 301 | + try { |
|
| 302 | + $storage->getScanner()->scanAll(); |
|
| 303 | + return new JSONResponse( |
|
| 304 | + [ |
|
| 305 | + 'message' => $this->l->t('Federated Share successfully added'), |
|
| 306 | + 'legacyMount' => '1' |
|
| 307 | + ] |
|
| 308 | + ); |
|
| 309 | + } catch (StorageInvalidException $e) { |
|
| 310 | + Util::writeLog( |
|
| 311 | + 'federatedfilesharing', |
|
| 312 | + 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 313 | + Util::DEBUG |
|
| 314 | + ); |
|
| 315 | + return new JSONResponse(['message' => $this->l->t('Storage not valid')], Http::STATUS_BAD_REQUEST); |
|
| 316 | + } catch (\Exception $e) { |
|
| 317 | + Util::writeLog( |
|
| 318 | + 'federatedfilesharing', |
|
| 319 | + 'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(), |
|
| 320 | + Util::DEBUG |
|
| 321 | + ); |
|
| 322 | + return new JSONResponse(['message' => $this->l->t('Couldn\'t add remote share')], Http::STATUS_BAD_REQUEST); |
|
| 323 | + } |
|
| 324 | + } else { |
|
| 325 | + $externalManager->removeShare($mount->getMountPoint()); |
|
| 326 | + Util::writeLog( |
|
| 327 | + 'federatedfilesharing', |
|
| 328 | + 'Couldn\'t add remote share', |
|
| 329 | + Util::DEBUG |
|
| 330 | + ); |
|
| 331 | + return new JSONResponse(['message' => $this->l->t('Couldn\'t add remote share')], Http::STATUS_BAD_REQUEST); |
|
| 332 | + } |
|
| 333 | + |
|
| 334 | + } |
|
| 335 | 335 | |
| 336 | 336 | } |
@@ -105,7 +105,7 @@ discard block |
||
| 105 | 105 | $token = $argument['token']; |
| 106 | 106 | $action = $argument['action']; |
| 107 | 107 | $data = json_decode($argument['data'], true); |
| 108 | - $try = (int)$argument['try'] + 1; |
|
| 108 | + $try = (int) $argument['try'] + 1; |
|
| 109 | 109 | |
| 110 | 110 | $result = $this->notifications->sendUpdateToRemote($remote, $remoteId, $token, $action, $data, $try); |
| 111 | 111 | |
@@ -128,7 +128,7 @@ discard block |
||
| 128 | 128 | 'token' => $argument['token'], |
| 129 | 129 | 'data' => $argument['data'], |
| 130 | 130 | 'action' => $argument['action'], |
| 131 | - 'try' => (int)$argument['try'] + 1, |
|
| 131 | + 'try' => (int) $argument['try'] + 1, |
|
| 132 | 132 | 'lastRun' => time() |
| 133 | 133 | ] |
| 134 | 134 | ); |
@@ -141,7 +141,7 @@ discard block |
||
| 141 | 141 | * @return bool |
| 142 | 142 | */ |
| 143 | 143 | protected function shouldRun(array $argument) { |
| 144 | - $lastRun = (int)$argument['lastRun']; |
|
| 144 | + $lastRun = (int) $argument['lastRun']; |
|
| 145 | 145 | return ((time() - $lastRun) > $this->interval); |
| 146 | 146 | } |
| 147 | 147 | |
@@ -41,103 +41,103 @@ |
||
| 41 | 41 | */ |
| 42 | 42 | class RetryJob extends Job { |
| 43 | 43 | |
| 44 | - /** @var bool */ |
|
| 45 | - private $retainJob = true; |
|
| 46 | - |
|
| 47 | - /** @var Notifications */ |
|
| 48 | - private $notifications; |
|
| 49 | - |
|
| 50 | - /** @var int max number of attempts to send the request */ |
|
| 51 | - private $maxTry = 20; |
|
| 52 | - |
|
| 53 | - /** @var int how much time should be between two tries (10 minutes) */ |
|
| 54 | - private $interval = 600; |
|
| 55 | - |
|
| 56 | - /** |
|
| 57 | - * UnShare constructor. |
|
| 58 | - * |
|
| 59 | - * @param Notifications $notifications |
|
| 60 | - */ |
|
| 61 | - public function __construct(Notifications $notifications = null) { |
|
| 62 | - if ($notifications) { |
|
| 63 | - $this->notifications = $notifications; |
|
| 64 | - } else { |
|
| 65 | - $addressHandler = new AddressHandler( |
|
| 66 | - \OC::$server->getURLGenerator(), |
|
| 67 | - \OC::$server->getL10N('federatedfilesharing'), |
|
| 68 | - \OC::$server->getCloudIdManager() |
|
| 69 | - ); |
|
| 70 | - $this->notifications = new Notifications( |
|
| 71 | - $addressHandler, |
|
| 72 | - \OC::$server->getHTTPClientService(), |
|
| 73 | - \OC::$server->query(\OCP\OCS\IDiscoveryService::class), |
|
| 74 | - \OC::$server->getJobList() |
|
| 75 | - ); |
|
| 76 | - } |
|
| 77 | - |
|
| 78 | - } |
|
| 79 | - |
|
| 80 | - /** |
|
| 81 | - * run the job, then remove it from the jobList |
|
| 82 | - * |
|
| 83 | - * @param JobList $jobList |
|
| 84 | - * @param ILogger $logger |
|
| 85 | - */ |
|
| 86 | - public function execute($jobList, ILogger $logger = null) { |
|
| 87 | - |
|
| 88 | - if ($this->shouldRun($this->argument)) { |
|
| 89 | - parent::execute($jobList, $logger); |
|
| 90 | - $jobList->remove($this, $this->argument); |
|
| 91 | - if ($this->retainJob) { |
|
| 92 | - $this->reAddJob($jobList, $this->argument); |
|
| 93 | - } |
|
| 94 | - } |
|
| 95 | - } |
|
| 96 | - |
|
| 97 | - protected function run($argument) { |
|
| 98 | - $remote = $argument['remote']; |
|
| 99 | - $remoteId = $argument['remoteId']; |
|
| 100 | - $token = $argument['token']; |
|
| 101 | - $action = $argument['action']; |
|
| 102 | - $data = json_decode($argument['data'], true); |
|
| 103 | - $try = (int)$argument['try'] + 1; |
|
| 104 | - |
|
| 105 | - $result = $this->notifications->sendUpdateToRemote($remote, $remoteId, $token, $action, $data, $try); |
|
| 106 | - |
|
| 107 | - if ($result === true || $try > $this->maxTry) { |
|
| 108 | - $this->retainJob = false; |
|
| 109 | - } |
|
| 110 | - } |
|
| 111 | - |
|
| 112 | - /** |
|
| 113 | - * re-add background job with new arguments |
|
| 114 | - * |
|
| 115 | - * @param IJobList $jobList |
|
| 116 | - * @param array $argument |
|
| 117 | - */ |
|
| 118 | - protected function reAddJob(IJobList $jobList, array $argument) { |
|
| 119 | - $jobList->add('OCA\FederatedFileSharing\BackgroundJob\RetryJob', |
|
| 120 | - [ |
|
| 121 | - 'remote' => $argument['remote'], |
|
| 122 | - 'remoteId' => $argument['remoteId'], |
|
| 123 | - 'token' => $argument['token'], |
|
| 124 | - 'data' => $argument['data'], |
|
| 125 | - 'action' => $argument['action'], |
|
| 126 | - 'try' => (int)$argument['try'] + 1, |
|
| 127 | - 'lastRun' => time() |
|
| 128 | - ] |
|
| 129 | - ); |
|
| 130 | - } |
|
| 131 | - |
|
| 132 | - /** |
|
| 133 | - * test if it is time for the next run |
|
| 134 | - * |
|
| 135 | - * @param array $argument |
|
| 136 | - * @return bool |
|
| 137 | - */ |
|
| 138 | - protected function shouldRun(array $argument) { |
|
| 139 | - $lastRun = (int)$argument['lastRun']; |
|
| 140 | - return ((time() - $lastRun) > $this->interval); |
|
| 141 | - } |
|
| 44 | + /** @var bool */ |
|
| 45 | + private $retainJob = true; |
|
| 46 | + |
|
| 47 | + /** @var Notifications */ |
|
| 48 | + private $notifications; |
|
| 49 | + |
|
| 50 | + /** @var int max number of attempts to send the request */ |
|
| 51 | + private $maxTry = 20; |
|
| 52 | + |
|
| 53 | + /** @var int how much time should be between two tries (10 minutes) */ |
|
| 54 | + private $interval = 600; |
|
| 55 | + |
|
| 56 | + /** |
|
| 57 | + * UnShare constructor. |
|
| 58 | + * |
|
| 59 | + * @param Notifications $notifications |
|
| 60 | + */ |
|
| 61 | + public function __construct(Notifications $notifications = null) { |
|
| 62 | + if ($notifications) { |
|
| 63 | + $this->notifications = $notifications; |
|
| 64 | + } else { |
|
| 65 | + $addressHandler = new AddressHandler( |
|
| 66 | + \OC::$server->getURLGenerator(), |
|
| 67 | + \OC::$server->getL10N('federatedfilesharing'), |
|
| 68 | + \OC::$server->getCloudIdManager() |
|
| 69 | + ); |
|
| 70 | + $this->notifications = new Notifications( |
|
| 71 | + $addressHandler, |
|
| 72 | + \OC::$server->getHTTPClientService(), |
|
| 73 | + \OC::$server->query(\OCP\OCS\IDiscoveryService::class), |
|
| 74 | + \OC::$server->getJobList() |
|
| 75 | + ); |
|
| 76 | + } |
|
| 77 | + |
|
| 78 | + } |
|
| 79 | + |
|
| 80 | + /** |
|
| 81 | + * run the job, then remove it from the jobList |
|
| 82 | + * |
|
| 83 | + * @param JobList $jobList |
|
| 84 | + * @param ILogger $logger |
|
| 85 | + */ |
|
| 86 | + public function execute($jobList, ILogger $logger = null) { |
|
| 87 | + |
|
| 88 | + if ($this->shouldRun($this->argument)) { |
|
| 89 | + parent::execute($jobList, $logger); |
|
| 90 | + $jobList->remove($this, $this->argument); |
|
| 91 | + if ($this->retainJob) { |
|
| 92 | + $this->reAddJob($jobList, $this->argument); |
|
| 93 | + } |
|
| 94 | + } |
|
| 95 | + } |
|
| 96 | + |
|
| 97 | + protected function run($argument) { |
|
| 98 | + $remote = $argument['remote']; |
|
| 99 | + $remoteId = $argument['remoteId']; |
|
| 100 | + $token = $argument['token']; |
|
| 101 | + $action = $argument['action']; |
|
| 102 | + $data = json_decode($argument['data'], true); |
|
| 103 | + $try = (int)$argument['try'] + 1; |
|
| 104 | + |
|
| 105 | + $result = $this->notifications->sendUpdateToRemote($remote, $remoteId, $token, $action, $data, $try); |
|
| 106 | + |
|
| 107 | + if ($result === true || $try > $this->maxTry) { |
|
| 108 | + $this->retainJob = false; |
|
| 109 | + } |
|
| 110 | + } |
|
| 111 | + |
|
| 112 | + /** |
|
| 113 | + * re-add background job with new arguments |
|
| 114 | + * |
|
| 115 | + * @param IJobList $jobList |
|
| 116 | + * @param array $argument |
|
| 117 | + */ |
|
| 118 | + protected function reAddJob(IJobList $jobList, array $argument) { |
|
| 119 | + $jobList->add('OCA\FederatedFileSharing\BackgroundJob\RetryJob', |
|
| 120 | + [ |
|
| 121 | + 'remote' => $argument['remote'], |
|
| 122 | + 'remoteId' => $argument['remoteId'], |
|
| 123 | + 'token' => $argument['token'], |
|
| 124 | + 'data' => $argument['data'], |
|
| 125 | + 'action' => $argument['action'], |
|
| 126 | + 'try' => (int)$argument['try'] + 1, |
|
| 127 | + 'lastRun' => time() |
|
| 128 | + ] |
|
| 129 | + ); |
|
| 130 | + } |
|
| 131 | + |
|
| 132 | + /** |
|
| 133 | + * test if it is time for the next run |
|
| 134 | + * |
|
| 135 | + * @param array $argument |
|
| 136 | + * @return bool |
|
| 137 | + */ |
|
| 138 | + protected function shouldRun(array $argument) { |
|
| 139 | + $lastRun = (int)$argument['lastRun']; |
|
| 140 | + return ((time() - $lastRun) > $this->interval); |
|
| 141 | + } |
|
| 142 | 142 | |
| 143 | 143 | } |
@@ -33,30 +33,30 @@ |
||
| 33 | 33 | */ |
| 34 | 34 | class TokenHandler { |
| 35 | 35 | |
| 36 | - const TOKEN_LENGTH = 15; |
|
| 37 | - |
|
| 38 | - /** @var ISecureRandom */ |
|
| 39 | - private $secureRandom; |
|
| 40 | - |
|
| 41 | - /** |
|
| 42 | - * TokenHandler constructor. |
|
| 43 | - * |
|
| 44 | - * @param ISecureRandom $secureRandom |
|
| 45 | - */ |
|
| 46 | - public function __construct(ISecureRandom $secureRandom) { |
|
| 47 | - $this->secureRandom = $secureRandom; |
|
| 48 | - } |
|
| 49 | - |
|
| 50 | - /** |
|
| 51 | - * generate to token used to authenticate federated shares |
|
| 52 | - * |
|
| 53 | - * @return string |
|
| 54 | - */ |
|
| 55 | - public function generateToken() { |
|
| 56 | - $token = $this->secureRandom->generate( |
|
| 57 | - self::TOKEN_LENGTH, |
|
| 58 | - ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS); |
|
| 59 | - return $token; |
|
| 60 | - } |
|
| 36 | + const TOKEN_LENGTH = 15; |
|
| 37 | + |
|
| 38 | + /** @var ISecureRandom */ |
|
| 39 | + private $secureRandom; |
|
| 40 | + |
|
| 41 | + /** |
|
| 42 | + * TokenHandler constructor. |
|
| 43 | + * |
|
| 44 | + * @param ISecureRandom $secureRandom |
|
| 45 | + */ |
|
| 46 | + public function __construct(ISecureRandom $secureRandom) { |
|
| 47 | + $this->secureRandom = $secureRandom; |
|
| 48 | + } |
|
| 49 | + |
|
| 50 | + /** |
|
| 51 | + * generate to token used to authenticate federated shares |
|
| 52 | + * |
|
| 53 | + * @return string |
|
| 54 | + */ |
|
| 55 | + public function generateToken() { |
|
| 56 | + $token = $this->secureRandom->generate( |
|
| 57 | + self::TOKEN_LENGTH, |
|
| 58 | + ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS); |
|
| 59 | + return $token; |
|
| 60 | + } |
|
| 61 | 61 | |
| 62 | 62 | } |
@@ -55,7 +55,7 @@ |
||
| 55 | 55 | public function generateToken() { |
| 56 | 56 | $token = $this->secureRandom->generate( |
| 57 | 57 | self::TOKEN_LENGTH, |
| 58 | - ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS); |
|
| 58 | + ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS); |
|
| 59 | 59 | return $token; |
| 60 | 60 | } |
| 61 | 61 | |
@@ -33,122 +33,122 @@ |
||
| 33 | 33 | */ |
| 34 | 34 | class AddressHandler { |
| 35 | 35 | |
| 36 | - /** @var IL10N */ |
|
| 37 | - private $l; |
|
| 38 | - |
|
| 39 | - /** @var IURLGenerator */ |
|
| 40 | - private $urlGenerator; |
|
| 41 | - |
|
| 42 | - /** @var ICloudIdManager */ |
|
| 43 | - private $cloudIdManager; |
|
| 44 | - |
|
| 45 | - /** |
|
| 46 | - * AddressHandler constructor. |
|
| 47 | - * |
|
| 48 | - * @param IURLGenerator $urlGenerator |
|
| 49 | - * @param IL10N $il10n |
|
| 50 | - * @param ICloudIdManager $cloudIdManager |
|
| 51 | - */ |
|
| 52 | - public function __construct( |
|
| 53 | - IURLGenerator $urlGenerator, |
|
| 54 | - IL10N $il10n, |
|
| 55 | - ICloudIdManager $cloudIdManager |
|
| 56 | - ) { |
|
| 57 | - $this->l = $il10n; |
|
| 58 | - $this->urlGenerator = $urlGenerator; |
|
| 59 | - $this->cloudIdManager = $cloudIdManager; |
|
| 60 | - } |
|
| 61 | - |
|
| 62 | - /** |
|
| 63 | - * split user and remote from federated cloud id |
|
| 64 | - * |
|
| 65 | - * @param string $address federated share address |
|
| 66 | - * @return array [user, remoteURL] |
|
| 67 | - * @throws HintException |
|
| 68 | - */ |
|
| 69 | - public function splitUserRemote($address) { |
|
| 70 | - try { |
|
| 71 | - $cloudId = $this->cloudIdManager->resolveCloudId($address); |
|
| 72 | - return [$cloudId->getUser(), $cloudId->getRemote()]; |
|
| 73 | - } catch (\InvalidArgumentException $e) { |
|
| 74 | - $hint = $this->l->t('Invalid Federated Cloud ID'); |
|
| 75 | - throw new HintException('Invalid Federated Cloud ID', $hint, 0, $e); |
|
| 76 | - } |
|
| 77 | - } |
|
| 78 | - |
|
| 79 | - /** |
|
| 80 | - * generate remote URL part of federated ID |
|
| 81 | - * |
|
| 82 | - * @return string url of the current server |
|
| 83 | - */ |
|
| 84 | - public function generateRemoteURL() { |
|
| 85 | - $url = $this->urlGenerator->getAbsoluteURL('/'); |
|
| 86 | - return $url; |
|
| 87 | - } |
|
| 88 | - |
|
| 89 | - /** |
|
| 90 | - * check if two federated cloud IDs refer to the same user |
|
| 91 | - * |
|
| 92 | - * @param string $user1 |
|
| 93 | - * @param string $server1 |
|
| 94 | - * @param string $user2 |
|
| 95 | - * @param string $server2 |
|
| 96 | - * @return bool true if both users and servers are the same |
|
| 97 | - */ |
|
| 98 | - public function compareAddresses($user1, $server1, $user2, $server2) { |
|
| 99 | - $normalizedServer1 = strtolower($this->removeProtocolFromUrl($server1)); |
|
| 100 | - $normalizedServer2 = strtolower($this->removeProtocolFromUrl($server2)); |
|
| 101 | - |
|
| 102 | - if (rtrim($normalizedServer1, '/') === rtrim($normalizedServer2, '/')) { |
|
| 103 | - // FIXME this should be a method in the user management instead |
|
| 104 | - \OCP\Util::emitHook( |
|
| 105 | - '\OCA\Files_Sharing\API\Server2Server', |
|
| 106 | - 'preLoginNameUsedAsUserName', |
|
| 107 | - array('uid' => &$user1) |
|
| 108 | - ); |
|
| 109 | - \OCP\Util::emitHook( |
|
| 110 | - '\OCA\Files_Sharing\API\Server2Server', |
|
| 111 | - 'preLoginNameUsedAsUserName', |
|
| 112 | - array('uid' => &$user2) |
|
| 113 | - ); |
|
| 114 | - |
|
| 115 | - if ($user1 === $user2) { |
|
| 116 | - return true; |
|
| 117 | - } |
|
| 118 | - } |
|
| 119 | - |
|
| 120 | - return false; |
|
| 121 | - } |
|
| 122 | - |
|
| 123 | - /** |
|
| 124 | - * remove protocol from URL |
|
| 125 | - * |
|
| 126 | - * @param string $url |
|
| 127 | - * @return string |
|
| 128 | - */ |
|
| 129 | - public function removeProtocolFromUrl($url) { |
|
| 130 | - if (strpos($url, 'https://') === 0) { |
|
| 131 | - return substr($url, strlen('https://')); |
|
| 132 | - } else if (strpos($url, 'http://') === 0) { |
|
| 133 | - return substr($url, strlen('http://')); |
|
| 134 | - } |
|
| 135 | - |
|
| 136 | - return $url; |
|
| 137 | - } |
|
| 138 | - |
|
| 139 | - /** |
|
| 140 | - * check if the url contain the protocol (http or https) |
|
| 141 | - * |
|
| 142 | - * @param string $url |
|
| 143 | - * @return bool |
|
| 144 | - */ |
|
| 145 | - public function urlContainProtocol($url) { |
|
| 146 | - if (strpos($url, 'https://') === 0 || |
|
| 147 | - strpos($url, 'http://') === 0) { |
|
| 148 | - |
|
| 149 | - return true; |
|
| 150 | - } |
|
| 151 | - |
|
| 152 | - return false; |
|
| 153 | - } |
|
| 36 | + /** @var IL10N */ |
|
| 37 | + private $l; |
|
| 38 | + |
|
| 39 | + /** @var IURLGenerator */ |
|
| 40 | + private $urlGenerator; |
|
| 41 | + |
|
| 42 | + /** @var ICloudIdManager */ |
|
| 43 | + private $cloudIdManager; |
|
| 44 | + |
|
| 45 | + /** |
|
| 46 | + * AddressHandler constructor. |
|
| 47 | + * |
|
| 48 | + * @param IURLGenerator $urlGenerator |
|
| 49 | + * @param IL10N $il10n |
|
| 50 | + * @param ICloudIdManager $cloudIdManager |
|
| 51 | + */ |
|
| 52 | + public function __construct( |
|
| 53 | + IURLGenerator $urlGenerator, |
|
| 54 | + IL10N $il10n, |
|
| 55 | + ICloudIdManager $cloudIdManager |
|
| 56 | + ) { |
|
| 57 | + $this->l = $il10n; |
|
| 58 | + $this->urlGenerator = $urlGenerator; |
|
| 59 | + $this->cloudIdManager = $cloudIdManager; |
|
| 60 | + } |
|
| 61 | + |
|
| 62 | + /** |
|
| 63 | + * split user and remote from federated cloud id |
|
| 64 | + * |
|
| 65 | + * @param string $address federated share address |
|
| 66 | + * @return array [user, remoteURL] |
|
| 67 | + * @throws HintException |
|
| 68 | + */ |
|
| 69 | + public function splitUserRemote($address) { |
|
| 70 | + try { |
|
| 71 | + $cloudId = $this->cloudIdManager->resolveCloudId($address); |
|
| 72 | + return [$cloudId->getUser(), $cloudId->getRemote()]; |
|
| 73 | + } catch (\InvalidArgumentException $e) { |
|
| 74 | + $hint = $this->l->t('Invalid Federated Cloud ID'); |
|
| 75 | + throw new HintException('Invalid Federated Cloud ID', $hint, 0, $e); |
|
| 76 | + } |
|
| 77 | + } |
|
| 78 | + |
|
| 79 | + /** |
|
| 80 | + * generate remote URL part of federated ID |
|
| 81 | + * |
|
| 82 | + * @return string url of the current server |
|
| 83 | + */ |
|
| 84 | + public function generateRemoteURL() { |
|
| 85 | + $url = $this->urlGenerator->getAbsoluteURL('/'); |
|
| 86 | + return $url; |
|
| 87 | + } |
|
| 88 | + |
|
| 89 | + /** |
|
| 90 | + * check if two federated cloud IDs refer to the same user |
|
| 91 | + * |
|
| 92 | + * @param string $user1 |
|
| 93 | + * @param string $server1 |
|
| 94 | + * @param string $user2 |
|
| 95 | + * @param string $server2 |
|
| 96 | + * @return bool true if both users and servers are the same |
|
| 97 | + */ |
|
| 98 | + public function compareAddresses($user1, $server1, $user2, $server2) { |
|
| 99 | + $normalizedServer1 = strtolower($this->removeProtocolFromUrl($server1)); |
|
| 100 | + $normalizedServer2 = strtolower($this->removeProtocolFromUrl($server2)); |
|
| 101 | + |
|
| 102 | + if (rtrim($normalizedServer1, '/') === rtrim($normalizedServer2, '/')) { |
|
| 103 | + // FIXME this should be a method in the user management instead |
|
| 104 | + \OCP\Util::emitHook( |
|
| 105 | + '\OCA\Files_Sharing\API\Server2Server', |
|
| 106 | + 'preLoginNameUsedAsUserName', |
|
| 107 | + array('uid' => &$user1) |
|
| 108 | + ); |
|
| 109 | + \OCP\Util::emitHook( |
|
| 110 | + '\OCA\Files_Sharing\API\Server2Server', |
|
| 111 | + 'preLoginNameUsedAsUserName', |
|
| 112 | + array('uid' => &$user2) |
|
| 113 | + ); |
|
| 114 | + |
|
| 115 | + if ($user1 === $user2) { |
|
| 116 | + return true; |
|
| 117 | + } |
|
| 118 | + } |
|
| 119 | + |
|
| 120 | + return false; |
|
| 121 | + } |
|
| 122 | + |
|
| 123 | + /** |
|
| 124 | + * remove protocol from URL |
|
| 125 | + * |
|
| 126 | + * @param string $url |
|
| 127 | + * @return string |
|
| 128 | + */ |
|
| 129 | + public function removeProtocolFromUrl($url) { |
|
| 130 | + if (strpos($url, 'https://') === 0) { |
|
| 131 | + return substr($url, strlen('https://')); |
|
| 132 | + } else if (strpos($url, 'http://') === 0) { |
|
| 133 | + return substr($url, strlen('http://')); |
|
| 134 | + } |
|
| 135 | + |
|
| 136 | + return $url; |
|
| 137 | + } |
|
| 138 | + |
|
| 139 | + /** |
|
| 140 | + * check if the url contain the protocol (http or https) |
|
| 141 | + * |
|
| 142 | + * @param string $url |
|
| 143 | + * @return bool |
|
| 144 | + */ |
|
| 145 | + public function urlContainProtocol($url) { |
|
| 146 | + if (strpos($url, 'https://') === 0 || |
|
| 147 | + strpos($url, 'http://') === 0) { |
|
| 148 | + |
|
| 149 | + return true; |
|
| 150 | + } |
|
| 151 | + |
|
| 152 | + return false; |
|
| 153 | + } |
|
| 154 | 154 | } |
@@ -28,10 +28,10 @@ |
||
| 28 | 28 | <?php if((int)$trustedServer['status'] === TrustedServers::STATUS_OK) { ?> |
| 29 | 29 | <span class="status success"></span> |
| 30 | 30 | <?php |
| 31 | - } elseif( |
|
| 32 | - (int)$trustedServer['status'] === TrustedServers::STATUS_PENDING || |
|
| 33 | - (int)$trustedServer['status'] === TrustedServers::STATUS_ACCESS_REVOKED |
|
| 34 | - ) { ?> |
|
| 31 | + } elseif( |
|
| 32 | + (int)$trustedServer['status'] === TrustedServers::STATUS_PENDING || |
|
| 33 | + (int)$trustedServer['status'] === TrustedServers::STATUS_ACCESS_REVOKED |
|
| 34 | + ) { ?> |
|
| 35 | 35 | <span class="status indeterminate"></span> |
| 36 | 36 | <?php } else {?> |
| 37 | 37 | <span class="status error"></span> |
@@ -11,7 +11,7 @@ discard block |
||
| 11 | 11 | <em><?php p($l->t('Federation allows you to connect with other trusted servers to exchange the user directory. For example this will be used to auto-complete external users for federated sharing.')); ?></em> |
| 12 | 12 | |
| 13 | 13 | <p> |
| 14 | - <input id="autoAddServers" type="checkbox" class="checkbox" <?php if($_['autoAddServers']) p('checked'); ?> /> |
|
| 14 | + <input id="autoAddServers" type="checkbox" class="checkbox" <?php if ($_['autoAddServers']) p('checked'); ?> /> |
|
| 15 | 15 | <label for="autoAddServers"><?php p($l->t('Add server automatically once a federated share was created successfully')); ?></label> |
| 16 | 16 | </p> |
| 17 | 17 | |
@@ -23,14 +23,14 @@ discard block |
||
| 23 | 23 | <span class="msg"></span> |
| 24 | 24 | </p> |
| 25 | 25 | <ul id="listOfTrustedServers"> |
| 26 | - <?php foreach($_['trustedServers'] as $trustedServer) { ?> |
|
| 26 | + <?php foreach ($_['trustedServers'] as $trustedServer) { ?> |
|
| 27 | 27 | <li id="<?php p($trustedServer['id']); ?>"> |
| 28 | - <?php if((int)$trustedServer['status'] === TrustedServers::STATUS_OK) { ?> |
|
| 28 | + <?php if ((int) $trustedServer['status'] === TrustedServers::STATUS_OK) { ?> |
|
| 29 | 29 | <span class="status success"></span> |
| 30 | 30 | <?php |
| 31 | - } elseif( |
|
| 32 | - (int)$trustedServer['status'] === TrustedServers::STATUS_PENDING || |
|
| 33 | - (int)$trustedServer['status'] === TrustedServers::STATUS_ACCESS_REVOKED |
|
| 31 | + } elseif ( |
|
| 32 | + (int) $trustedServer['status'] === TrustedServers::STATUS_PENDING || |
|
| 33 | + (int) $trustedServer['status'] === TrustedServers::STATUS_ACCESS_REVOKED |
|
| 34 | 34 | ) { ?> |
| 35 | 35 | <span class="status indeterminate"></span> |
| 36 | 36 | <?php } else {?> |
@@ -11,7 +11,10 @@ |
||
| 11 | 11 | <em><?php p($l->t('Federation allows you to connect with other trusted servers to exchange the user directory. For example this will be used to auto-complete external users for federated sharing.')); ?></em> |
| 12 | 12 | |
| 13 | 13 | <p> |
| 14 | - <input id="autoAddServers" type="checkbox" class="checkbox" <?php if($_['autoAddServers']) p('checked'); ?> /> |
|
| 14 | + <input id="autoAddServers" type="checkbox" class="checkbox" <?php if($_['autoAddServers']) { |
|
| 15 | + p('checked'); |
|
| 16 | +} |
|
| 17 | +?> /> |
|
| 15 | 18 | <label for="autoAddServers"><?php p($l->t('Add server automatically once a federated share was created successfully')); ?></label> |
| 16 | 19 | </p> |
| 17 | 20 | |
