nextcloud / server

apps/twofactor_backupcodes/lib/Provider/BackupCodesProvider.php

Spacing +1 added lines, -1 removed lines

@@ -143,7 +143,7 @@
 	 * @return boolean
 	 */
 	public function isActive(IUser $user): bool {
-		$appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function ($appId) {
+		$appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function($appId) {
 			return $appId !== $this->appName;
 		});
 		foreach ($appIds as $appId) {

Indentation +106 added lines, -106 removed lines

@@ -22,120 +22,120 @@
 
 class BackupCodesProvider implements IDeactivatableByAdmin, IProvidesPersonalSettings {
 
-	/** @var AppManager */
-	private $appManager;
+    /** @var AppManager */
+    private $appManager;
 
-	/**
-	 * @param string $appName
-	 * @param BackupCodeStorage $storage
-	 * @param IL10N $l10n
-	 * @param AppManager $appManager
-	 */
-	public function __construct(
-		private string $appName,
-		private BackupCodeStorage $storage,
-		private IL10N $l10n,
-		AppManager $appManager,
-		private IInitialStateService $initialStateService,
-		private ITemplateManager $templateManager,
-	) {
-		$this->appManager = $appManager;
-	}
+    /**
+     * @param string $appName
+     * @param BackupCodeStorage $storage
+     * @param IL10N $l10n
+     * @param AppManager $appManager
+     */
+    public function __construct(
+        private string $appName,
+        private BackupCodeStorage $storage,
+        private IL10N $l10n,
+        AppManager $appManager,
+        private IInitialStateService $initialStateService,
+        private ITemplateManager $templateManager,
+    ) {
+        $this->appManager = $appManager;
+    }
 
-	/**
-	 * Get unique identifier of this 2FA provider
-	 *
-	 * @return string
-	 */
-	public function getId(): string {
-		return 'backup_codes';
-	}
+    /**
+     * Get unique identifier of this 2FA provider
+     *
+     * @return string
+     */
+    public function getId(): string {
+        return 'backup_codes';
+    }
 
-	/**
-	 * Get the display name for selecting the 2FA provider
-	 *
-	 * @return string
-	 */
-	public function getDisplayName(): string {
-		return $this->l10n->t('Backup code');
-	}
+    /**
+     * Get the display name for selecting the 2FA provider
+     *
+     * @return string
+     */
+    public function getDisplayName(): string {
+        return $this->l10n->t('Backup code');
+    }
 
-	/**
-	 * Get the description for selecting the 2FA provider
-	 *
-	 * @return string
-	 */
-	public function getDescription(): string {
-		return $this->l10n->t('Use backup code');
-	}
+    /**
+     * Get the description for selecting the 2FA provider
+     *
+     * @return string
+     */
+    public function getDescription(): string {
+        return $this->l10n->t('Use backup code');
+    }
 
-	/**
-	 * Get the template for rending the 2FA provider view
-	 *
-	 * @param IUser $user
-	 * @return ITemplate
-	 */
-	public function getTemplate(IUser $user): ITemplate {
-		return $this->templateManager->getTemplate('twofactor_backupcodes', 'challenge');
-	}
+    /**
+     * Get the template for rending the 2FA provider view
+     *
+     * @param IUser $user
+     * @return ITemplate
+     */
+    public function getTemplate(IUser $user): ITemplate {
+        return $this->templateManager->getTemplate('twofactor_backupcodes', 'challenge');
+    }
 
-	/**
-	 * Verify the given challenge
-	 *
-	 * @param IUser $user
-	 * @param string $challenge
-	 * @return bool
-	 */
-	public function verifyChallenge(IUser $user, string $challenge): bool {
-		return $this->storage->validateCode($user, $challenge);
-	}
+    /**
+     * Verify the given challenge
+     *
+     * @param IUser $user
+     * @param string $challenge
+     * @return bool
+     */
+    public function verifyChallenge(IUser $user, string $challenge): bool {
+        return $this->storage->validateCode($user, $challenge);
+    }
 
-	/**
-	 * Decides whether 2FA is enabled for the given user
-	 *
-	 * @param IUser $user
-	 * @return boolean
-	 */
-	public function isTwoFactorAuthEnabledForUser(IUser $user): bool {
-		return $this->storage->hasBackupCodes($user);
-	}
+    /**
+     * Decides whether 2FA is enabled for the given user
+     *
+     * @param IUser $user
+     * @return boolean
+     */
+    public function isTwoFactorAuthEnabledForUser(IUser $user): bool {
+        return $this->storage->hasBackupCodes($user);
+    }
 
-	/**
-	 * Determine whether backup codes should be active or not
-	 *
-	 * Backup codes only make sense if at least one 2FA provider is active,
-	 * hence this method checks all enabled apps on whether they provide 2FA
-	 * functionality or not. If there's at least one app, backup codes are
-	 * enabled on the personal settings page.
-	 *
-	 * @param IUser $user
-	 * @return boolean
-	 */
-	public function isActive(IUser $user): bool {
-		$appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function ($appId) {
-			return $appId !== $this->appName;
-		});
-		foreach ($appIds as $appId) {
-			$info = $this->appManager->getAppInfo($appId);
-			if (isset($info['two-factor-providers']) && count($info['two-factor-providers']) > 0) {
-				return true;
-			}
-		}
-		return false;
-	}
+    /**
+     * Determine whether backup codes should be active or not
+     *
+     * Backup codes only make sense if at least one 2FA provider is active,
+     * hence this method checks all enabled apps on whether they provide 2FA
+     * functionality or not. If there's at least one app, backup codes are
+     * enabled on the personal settings page.
+     *
+     * @param IUser $user
+     * @return boolean
+     */
+    public function isActive(IUser $user): bool {
+        $appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function ($appId) {
+            return $appId !== $this->appName;
+        });
+        foreach ($appIds as $appId) {
+            $info = $this->appManager->getAppInfo($appId);
+            if (isset($info['two-factor-providers']) && count($info['two-factor-providers']) > 0) {
+                return true;
+            }
+        }
+        return false;
+    }
 
-	/**
-	 * @param IUser $user
-	 *
-	 * @return IPersonalProviderSettings
-	 */
-	public function getPersonalSettings(IUser $user): IPersonalProviderSettings {
-		$state = $this->storage->getBackupCodesState($user);
-		$this->initialStateService->provideInitialState($this->appName, 'state', $state);
-		return new Personal();
-	}
+    /**
+     * @param IUser $user
+     *
+     * @return IPersonalProviderSettings
+     */
+    public function getPersonalSettings(IUser $user): IPersonalProviderSettings {
+        $state = $this->storage->getBackupCodesState($user);
+        $this->initialStateService->provideInitialState($this->appName, 'state', $state);
+        return new Personal();
+    }
 
-	public function disableFor(IUser $user) {
-		$this->storage->deleteCodes($user);
-	}
+    public function disableFor(IUser $user) {
+        $this->storage->deleteCodes($user);
+    }
 }

apps/workflowengine/lib/Settings/ASettings.php

Spacing +6 added lines, -6 removed lines

@@ -146,8 +146,8 @@ 
 	}
 
 	private function entitiesToArray(array $entities) {
-		return array_map(function (IEntity $entity) {
-			$events = array_map(function (IEntityEvent $entityEvent) {
+		return array_map(function(IEntity $entity) {
+			$events = array_map(function(IEntityEvent $entityEvent) {
 				return [
 					'eventName' => $entityEvent->getEventName(),
 					'displayName' => $entityEvent->getDisplayName()
@@ -164,11 +164,11 @@ 
 	}
 
 	private function operatorsToArray(array $operators) {
-		$operators = array_filter($operators, function (IOperation $operator) {
+		$operators = array_filter($operators, function(IOperation $operator) {
 			return $operator->isAvailableForScope($this->getScope());
 		});
 
-		return array_map(function (IOperation $operator) {
+		return array_map(function(IOperation $operator) {
 			return [
 				'id' => get_class($operator),
 				'icon' => $operator->getIcon(),
@@ -182,11 +182,11 @@ 
 	}
 
 	private function checksToArray(array $checks) {
-		$checks = array_filter($checks, function (ICheck $check) {
+		$checks = array_filter($checks, function(ICheck $check) {
 			return $check->isAvailableForScope($this->getScope());
 		});
 
-		return array_map(function (ICheck $check) {
+		return array_map(function(ICheck $check) {
 			return [
 				'id' => get_class($check),
 				'supportedEntities' => $check->supportedEntities(),

Indentation +126 added lines, -126 removed lines

@@ -26,130 +26,130 @@
 use OCP\WorkflowEngine\ISpecificOperation;
 
 abstract class ASettings implements ISettings {
-	public function __construct(
-		private string $appName,
-		private IL10N $l10n,
-		private IEventDispatcher $eventDispatcher,
-		protected Manager $manager,
-		private IInitialState $initialStateService,
-		private IConfig $config,
-		private IURLGenerator $urlGenerator,
-	) {
-	}
-
-	abstract public function getScope(): int;
-
-	/**
-	 * @return TemplateResponse
-	 */
-	public function getForm(): TemplateResponse {
-		// @deprecated in 20.0.0: retire this one in favor of the typed event
-		$this->eventDispatcher->dispatch(
-			'OCP\WorkflowEngine::loadAdditionalSettingScripts',
-			new LoadSettingsScriptsEvent()
-		);
-		$this->eventDispatcher->dispatchTyped(new LoadSettingsScriptsEvent());
-
-		$entities = $this->manager->getEntitiesList();
-		$this->initialStateService->provideInitialState(
-			'entities',
-			$this->entitiesToArray($entities)
-		);
-
-		$operators = $this->manager->getOperatorList();
-		$this->initialStateService->provideInitialState(
-			'operators',
-			$this->operatorsToArray($operators)
-		);
-
-		$checks = $this->manager->getCheckList();
-		$this->initialStateService->provideInitialState(
-			'checks',
-			$this->checksToArray($checks)
-		);
-
-		$this->initialStateService->provideInitialState(
-			'scope',
-			$this->getScope()
-		);
-
-		$this->initialStateService->provideInitialState(
-			'appstoreenabled',
-			$this->config->getSystemValueBool('appstoreenabled', true)
-		);
-
-		$this->initialStateService->provideInitialState(
-			'doc-url',
-			$this->urlGenerator->linkToDocs('admin-workflowengine')
-		);
-
-		return new TemplateResponse(Application::APP_ID, 'settings', [], 'blank');
-	}
-
-	/**
-	 * @return string the section ID, e.g. 'sharing'
-	 */
-	public function getSection(): ?string {
-		return 'workflow';
-	}
-
-	/**
-	 * @return int whether the form should be rather on the top or bottom of
-	 *             the admin section. The forms are arranged in ascending order of the
-	 *             priority values. It is required to return a value between 0 and 100.
-	 *
-	 * E.g.: 70
-	 */
-	public function getPriority(): int {
-		return 0;
-	}
-
-	private function entitiesToArray(array $entities) {
-		return array_map(function (IEntity $entity) {
-			$events = array_map(function (IEntityEvent $entityEvent) {
-				return [
-					'eventName' => $entityEvent->getEventName(),
-					'displayName' => $entityEvent->getDisplayName()
-				];
-			}, $entity->getEvents());
-
-			return [
-				'id' => get_class($entity),
-				'icon' => $entity->getIcon(),
-				'name' => $entity->getName(),
-				'events' => $events,
-			];
-		}, $entities);
-	}
-
-	private function operatorsToArray(array $operators) {
-		$operators = array_filter($operators, function (IOperation $operator) {
-			return $operator->isAvailableForScope($this->getScope());
-		});
-
-		return array_map(function (IOperation $operator) {
-			return [
-				'id' => get_class($operator),
-				'icon' => $operator->getIcon(),
-				'name' => $operator->getDisplayName(),
-				'description' => $operator->getDescription(),
-				'fixedEntity' => $operator instanceof ISpecificOperation ? $operator->getEntityId() : '',
-				'isComplex' => $operator instanceof IComplexOperation,
-				'triggerHint' => $operator instanceof IComplexOperation ? $operator->getTriggerHint() : '',
-			];
-		}, $operators);
-	}
-
-	private function checksToArray(array $checks) {
-		$checks = array_filter($checks, function (ICheck $check) {
-			return $check->isAvailableForScope($this->getScope());
-		});
-
-		return array_map(function (ICheck $check) {
-			return [
-				'id' => get_class($check),
-				'supportedEntities' => $check->supportedEntities(),
-			];
-		}, $checks);
-	}
+    public function __construct(
+        private string $appName,
+        private IL10N $l10n,
+        private IEventDispatcher $eventDispatcher,
+        protected Manager $manager,
+        private IInitialState $initialStateService,
+        private IConfig $config,
+        private IURLGenerator $urlGenerator,
+    ) {
+    }
+
+    abstract public function getScope(): int;
+
+    /**
+     * @return TemplateResponse
+     */
+    public function getForm(): TemplateResponse {
+        // @deprecated in 20.0.0: retire this one in favor of the typed event
+        $this->eventDispatcher->dispatch(
+            'OCP\WorkflowEngine::loadAdditionalSettingScripts',
+            new LoadSettingsScriptsEvent()
+        );
+        $this->eventDispatcher->dispatchTyped(new LoadSettingsScriptsEvent());
+
+        $entities = $this->manager->getEntitiesList();
+        $this->initialStateService->provideInitialState(
+            'entities',
+            $this->entitiesToArray($entities)
+        );
+
+        $operators = $this->manager->getOperatorList();
+        $this->initialStateService->provideInitialState(
+            'operators',
+            $this->operatorsToArray($operators)
+        );
+
+        $checks = $this->manager->getCheckList();
+        $this->initialStateService->provideInitialState(
+            'checks',
+            $this->checksToArray($checks)
+        );
+
+        $this->initialStateService->provideInitialState(
+            'scope',
+            $this->getScope()
+        );
+
+        $this->initialStateService->provideInitialState(
+            'appstoreenabled',
+            $this->config->getSystemValueBool('appstoreenabled', true)
+        );
+
+        $this->initialStateService->provideInitialState(
+            'doc-url',
+            $this->urlGenerator->linkToDocs('admin-workflowengine')
+        );
+
+        return new TemplateResponse(Application::APP_ID, 'settings', [], 'blank');
+    }
+
+    /**
+     * @return string the section ID, e.g. 'sharing'
+     */
+    public function getSection(): ?string {
+        return 'workflow';
+    }
+
+    /**
+     * @return int whether the form should be rather on the top or bottom of
+     *             the admin section. The forms are arranged in ascending order of the
+     *             priority values. It is required to return a value between 0 and 100.
+     *
+     * E.g.: 70
+     */
+    public function getPriority(): int {
+        return 0;
+    }
+
+    private function entitiesToArray(array $entities) {
+        return array_map(function (IEntity $entity) {
+            $events = array_map(function (IEntityEvent $entityEvent) {
+                return [
+                    'eventName' => $entityEvent->getEventName(),
+                    'displayName' => $entityEvent->getDisplayName()
+                ];
+            }, $entity->getEvents());
+
+            return [
+                'id' => get_class($entity),
+                'icon' => $entity->getIcon(),
+                'name' => $entity->getName(),
+                'events' => $events,
+            ];
+        }, $entities);
+    }
+
+    private function operatorsToArray(array $operators) {
+        $operators = array_filter($operators, function (IOperation $operator) {
+            return $operator->isAvailableForScope($this->getScope());
+        });
+
+        return array_map(function (IOperation $operator) {
+            return [
+                'id' => get_class($operator),
+                'icon' => $operator->getIcon(),
+                'name' => $operator->getDisplayName(),
+                'description' => $operator->getDescription(),
+                'fixedEntity' => $operator instanceof ISpecificOperation ? $operator->getEntityId() : '',
+                'isComplex' => $operator instanceof IComplexOperation,
+                'triggerHint' => $operator instanceof IComplexOperation ? $operator->getTriggerHint() : '',
+            ];
+        }, $operators);
+    }
+
+    private function checksToArray(array $checks) {
+        $checks = array_filter($checks, function (ICheck $check) {
+            return $check->isAvailableForScope($this->getScope());
+        });
+
+        return array_map(function (ICheck $check) {
+            return [
+                'id' => get_class($check),
+                'supportedEntities' => $check->supportedEntities(),
+            ];
+        }, $checks);
+    }
 }

lib/private/Authentication/TwoFactorAuth/ProviderSet.php

Spacing +1 added lines, -1 removed lines

@@ -72,7 +72,7 @@
 	 * @return IProvider[]
 	 */
 	public function getPrimaryProviders(): array {
-		return array_filter($this->providers, function (IProvider $provider) {
+		return array_filter($this->providers, function(IProvider $provider) {
 			return !($provider instanceof BackupCodesProvider);
 		});
 	}

Indentation +39 added lines, -39 removed lines

@@ -33,49 +33,49 @@
  * Contains all two-factor provider information for the two-factor login challenge
  */
 class ProviderSet {
-	/** @var IProvider */
-	private $providers;
+    /** @var IProvider */
+    private $providers;
 
-	/** @var bool */
-	private $providerMissing;
+    /** @var bool */
+    private $providerMissing;
 
-	/**
-	 * @param IProvider[] $providers
-	 * @param bool $providerMissing
-	 */
-	public function __construct(array $providers, bool $providerMissing) {
-		$this->providers = [];
-		foreach ($providers as $provider) {
-			$this->providers[$provider->getId()] = $provider;
-		}
-		$this->providerMissing = $providerMissing;
-	}
+    /**
+     * @param IProvider[] $providers
+     * @param bool $providerMissing
+     */
+    public function __construct(array $providers, bool $providerMissing) {
+        $this->providers = [];
+        foreach ($providers as $provider) {
+            $this->providers[$provider->getId()] = $provider;
+        }
+        $this->providerMissing = $providerMissing;
+    }
 
-	/**
-	 * @param string $providerId
-	 * @return IProvider|null
-	 */
-	public function getProvider(string $providerId) {
-		return $this->providers[$providerId] ?? null;
-	}
+    /**
+     * @param string $providerId
+     * @return IProvider|null
+     */
+    public function getProvider(string $providerId) {
+        return $this->providers[$providerId] ?? null;
+    }
 
-	/**
-	 * @return IProvider[]
-	 */
-	public function getProviders(): array {
-		return $this->providers;
-	}
+    /**
+     * @return IProvider[]
+     */
+    public function getProviders(): array {
+        return $this->providers;
+    }
 
-	/**
-	 * @return IProvider[]
-	 */
-	public function getPrimaryProviders(): array {
-		return array_filter($this->providers, function (IProvider $provider) {
-			return !($provider instanceof BackupCodesProvider);
-		});
-	}
+    /**
+     * @return IProvider[]
+     */
+    public function getPrimaryProviders(): array {
+        return array_filter($this->providers, function (IProvider $provider) {
+            return !($provider instanceof BackupCodesProvider);
+        });
+    }
 
-	public function isProviderMissing(): bool {
-		return $this->providerMissing;
-	}
+    public function isProviderMissing(): bool {
+        return $this->providerMissing;
+    }
 }

lib/private/Collaboration/Resources/Collection.php

Spacing +2 added lines, -2 removed lines

@@ -126,7 +126,7 @@ 
 	 * @since 16.0.0
 	 */
 	public function addResource(IResource $resource): void {
-		array_map(function (IResource $r) use ($resource) {
+		array_map(function(IResource $r) use ($resource) {
 			if ($this->isSameResource($r, $resource)) {
 				throw new ResourceException('Already part of the collection');
 			}
@@ -158,7 +158,7 @@ 
 	 * @since 16.0.0
 	 */
 	public function removeResource(IResource $resource): void {
-		$this->resources = array_filter($this->getResources(), function (IResource $r) use ($resource) {
+		$this->resources = array_filter($this->getResources(), function(IResource $r) use ($resource) {
 			return !$this->isSameResource($r, $resource);
 		});
 

Indentation +159 added lines, -159 removed lines

@@ -18,163 +18,163 @@
 use OCP\IUser;
 
 class Collection implements ICollection {
-	/** @var IResource[] */
-	protected array $resources = [];
-
-	public function __construct(
-		/** @var Manager $manager */
-		protected IManager $manager,
-		protected IDBConnection $connection,
-		protected int $id,
-		protected string $name,
-		protected ?IUser $userForAccess = null,
-		protected ?bool $access = null,
-	) {
-	}
-
-	/**
-	 * @since 16.0.0
-	 */
-	public function getId(): int {
-		return $this->id;
-	}
-
-	/**
-	 * @since 16.0.0
-	 */
-	public function getName(): string {
-		return $this->name;
-	}
-
-	/**
-	 * @since 16.0.0
-	 */
-	public function setName(string $name): void {
-		$query = $this->connection->getQueryBuilder();
-		$query->update(Manager::TABLE_COLLECTIONS)
-			->set('name', $query->createNamedParameter($name))
-			->where($query->expr()->eq('id', $query->createNamedParameter($this->getId(), IQueryBuilder::PARAM_INT)));
-		$query->executeStatement();
-
-		$this->name = $name;
-	}
-
-	/**
-	 * @return IResource[]
-	 * @since 16.0.0
-	 */
-	public function getResources(): array {
-		if (empty($this->resources)) {
-			$this->resources = $this->manager->getResourcesByCollectionForUser($this, $this->userForAccess);
-		}
-
-		return $this->resources;
-	}
-
-	/**
-	 * Adds a resource to a collection
-	 *
-	 * @throws ResourceException when the resource is already part of the collection
-	 * @since 16.0.0
-	 */
-	public function addResource(IResource $resource): void {
-		array_map(function (IResource $r) use ($resource) {
-			if ($this->isSameResource($r, $resource)) {
-				throw new ResourceException('Already part of the collection');
-			}
-		}, $this->getResources());
-
-		$this->resources[] = $resource;
-
-		$query = $this->connection->getQueryBuilder();
-		$query->insert(Manager::TABLE_RESOURCES)
-			->values([
-				'collection_id' => $query->createNamedParameter($this->id, IQueryBuilder::PARAM_INT),
-				'resource_type' => $query->createNamedParameter($resource->getType()),
-				'resource_id' => $query->createNamedParameter($resource->getId()),
-			]);
-
-		try {
-			$query->execute();
-		} catch (ConstraintViolationException $e) {
-			throw new ResourceException('Already part of the collection');
-		}
-
-		$this->manager->invalidateAccessCacheForCollection($this);
-	}
-
-	/**
-	 * Removes a resource from a collection
-	 *
-	 * @since 16.0.0
-	 */
-	public function removeResource(IResource $resource): void {
-		$this->resources = array_filter($this->getResources(), function (IResource $r) use ($resource) {
-			return !$this->isSameResource($r, $resource);
-		});
-
-		$query = $this->connection->getQueryBuilder();
-		$query->delete(Manager::TABLE_RESOURCES)
-			->where($query->expr()->eq('collection_id', $query->createNamedParameter($this->id, IQueryBuilder::PARAM_INT)))
-			->andWhere($query->expr()->eq('resource_type', $query->createNamedParameter($resource->getType())))
-			->andWhere($query->expr()->eq('resource_id', $query->createNamedParameter($resource->getId())));
-		$query->executeStatement();
-
-		if (empty($this->resources)) {
-			$this->removeCollection();
-		} else {
-			$this->manager->invalidateAccessCacheForCollection($this);
-		}
-	}
-
-	/**
-	 * Can a user/guest access the collection
-	 *
-	 * @since 16.0.0
-	 */
-	public function canAccess(?IUser $user): bool {
-		if ($user instanceof IUser) {
-			return $this->canUserAccess($user);
-		}
-		return $this->canGuestAccess();
-	}
-
-	protected function canUserAccess(IUser $user): bool {
-		if (\is_bool($this->access) && $this->userForAccess instanceof IUser && $user->getUID() === $this->userForAccess->getUID()) {
-			return $this->access;
-		}
-
-		$access = $this->manager->canAccessCollection($this, $user);
-		if ($this->userForAccess instanceof IUser && $user->getUID() === $this->userForAccess->getUID()) {
-			$this->access = $access;
-		}
-		return $access;
-	}
-
-	protected function canGuestAccess(): bool {
-		if (\is_bool($this->access) && !$this->userForAccess instanceof IUser) {
-			return $this->access;
-		}
-
-		$access = $this->manager->canAccessCollection($this, null);
-		if (!$this->userForAccess instanceof IUser) {
-			$this->access = $access;
-		}
-		return $access;
-	}
-
-	protected function isSameResource(IResource $resource1, IResource $resource2): bool {
-		return $resource1->getType() === $resource2->getType() &&
-			$resource1->getId() === $resource2->getId();
-	}
-
-	protected function removeCollection(): void {
-		$query = $this->connection->getQueryBuilder();
-		$query->delete(Manager::TABLE_COLLECTIONS)
-			->where($query->expr()->eq('id', $query->createNamedParameter($this->id, IQueryBuilder::PARAM_INT)));
-		$query->executeStatement();
-
-		$this->manager->invalidateAccessCacheForCollection($this);
-		$this->id = 0;
-	}
+    /** @var IResource[] */
+    protected array $resources = [];
+
+    public function __construct(
+        /** @var Manager $manager */
+        protected IManager $manager,
+        protected IDBConnection $connection,
+        protected int $id,
+        protected string $name,
+        protected ?IUser $userForAccess = null,
+        protected ?bool $access = null,
+    ) {
+    }
+
+    /**
+     * @since 16.0.0
+     */
+    public function getId(): int {
+        return $this->id;
+    }
+
+    /**
+     * @since 16.0.0
+     */
+    public function getName(): string {
+        return $this->name;
+    }
+
+    /**
+     * @since 16.0.0
+     */
+    public function setName(string $name): void {
+        $query = $this->connection->getQueryBuilder();
+        $query->update(Manager::TABLE_COLLECTIONS)
+            ->set('name', $query->createNamedParameter($name))
+            ->where($query->expr()->eq('id', $query->createNamedParameter($this->getId(), IQueryBuilder::PARAM_INT)));
+        $query->executeStatement();
+
+        $this->name = $name;
+    }
+
+    /**
+     * @return IResource[]
+     * @since 16.0.0
+     */
+    public function getResources(): array {
+        if (empty($this->resources)) {
+            $this->resources = $this->manager->getResourcesByCollectionForUser($this, $this->userForAccess);
+        }
+
+        return $this->resources;
+    }
+
+    /**
+     * Adds a resource to a collection
+     *
+     * @throws ResourceException when the resource is already part of the collection
+     * @since 16.0.0
+     */
+    public function addResource(IResource $resource): void {
+        array_map(function (IResource $r) use ($resource) {
+            if ($this->isSameResource($r, $resource)) {
+                throw new ResourceException('Already part of the collection');
+            }
+        }, $this->getResources());
+
+        $this->resources[] = $resource;
+
+        $query = $this->connection->getQueryBuilder();
+        $query->insert(Manager::TABLE_RESOURCES)
+            ->values([
+                'collection_id' => $query->createNamedParameter($this->id, IQueryBuilder::PARAM_INT),
+                'resource_type' => $query->createNamedParameter($resource->getType()),
+                'resource_id' => $query->createNamedParameter($resource->getId()),
+            ]);
+
+        try {
+            $query->execute();
+        } catch (ConstraintViolationException $e) {
+            throw new ResourceException('Already part of the collection');
+        }
+
+        $this->manager->invalidateAccessCacheForCollection($this);
+    }
+
+    /**
+     * Removes a resource from a collection
+     *
+     * @since 16.0.0
+     */
+    public function removeResource(IResource $resource): void {
+        $this->resources = array_filter($this->getResources(), function (IResource $r) use ($resource) {
+            return !$this->isSameResource($r, $resource);
+        });
+
+        $query = $this->connection->getQueryBuilder();
+        $query->delete(Manager::TABLE_RESOURCES)
+            ->where($query->expr()->eq('collection_id', $query->createNamedParameter($this->id, IQueryBuilder::PARAM_INT)))
+            ->andWhere($query->expr()->eq('resource_type', $query->createNamedParameter($resource->getType())))
+            ->andWhere($query->expr()->eq('resource_id', $query->createNamedParameter($resource->getId())));
+        $query->executeStatement();
+
+        if (empty($this->resources)) {
+            $this->removeCollection();
+        } else {
+            $this->manager->invalidateAccessCacheForCollection($this);
+        }
+    }
+
+    /**
+     * Can a user/guest access the collection
+     *
+     * @since 16.0.0
+     */
+    public function canAccess(?IUser $user): bool {
+        if ($user instanceof IUser) {
+            return $this->canUserAccess($user);
+        }
+        return $this->canGuestAccess();
+    }
+
+    protected function canUserAccess(IUser $user): bool {
+        if (\is_bool($this->access) && $this->userForAccess instanceof IUser && $user->getUID() === $this->userForAccess->getUID()) {
+            return $this->access;
+        }
+
+        $access = $this->manager->canAccessCollection($this, $user);
+        if ($this->userForAccess instanceof IUser && $user->getUID() === $this->userForAccess->getUID()) {
+            $this->access = $access;
+        }
+        return $access;
+    }
+
+    protected function canGuestAccess(): bool {
+        if (\is_bool($this->access) && !$this->userForAccess instanceof IUser) {
+            return $this->access;
+        }
+
+        $access = $this->manager->canAccessCollection($this, null);
+        if (!$this->userForAccess instanceof IUser) {
+            $this->access = $access;
+        }
+        return $access;
+    }
+
+    protected function isSameResource(IResource $resource1, IResource $resource2): bool {
+        return $resource1->getType() === $resource2->getType() &&
+            $resource1->getId() === $resource2->getId();
+    }
+
+    protected function removeCollection(): void {
+        $query = $this->connection->getQueryBuilder();
+        $query->delete(Manager::TABLE_COLLECTIONS)
+            ->where($query->expr()->eq('id', $query->createNamedParameter($this->id, IQueryBuilder::PARAM_INT)));
+        $query->executeStatement();
+
+        $this->manager->invalidateAccessCacheForCollection($this);
+        $this->id = 0;
+    }
 }

lib/public/Accounts/PropertyDoesNotExistException.php

Spacing +1 added lines, -1 removed lines

@@ -38,7 +38,7 @@
 	 * @since 15.0.0
 	 */
 	public function __construct($property) {
-		parent::__construct('Property ' . $property . ' does not exist.');
+		parent::__construct('Property '.$property.' does not exist.');
 	}
 
 }

Indentation +8 added lines, -8 removed lines

@@ -30,12 +30,12 @@
  *
  */
 class PropertyDoesNotExistException extends \Exception {
-	/**
-	 * Constructor
-	 * @param string $msg the error message
-	 * @since 15.0.0
-	 */
-	public function __construct($property) {
-		parent::__construct('Property ' . $property . ' does not exist.');
-	}
+    /**
+     * Constructor
+     * @param string $msg the error message
+     * @since 15.0.0
+     */
+    public function __construct($property) {
+        parent::__construct('Property ' . $property . ' does not exist.');
+    }
 }

lib/private/Collaboration/Collaborators/RemotePlugin.php

Spacing +3 added lines, -3 removed lines

@@ -112,7 +112,7 @@ 
 							$searchResult->markExactIdMatch($resultType);
 						}
 						$result['exact'][] = [
-							'label' => $contact['FN'] . " ($cloudId)",
+							'label' => $contact['FN']." ($cloudId)",
 							'uuid' => $contact['UID'],
 							'name' => $contact['FN'],
 							'type' => $cloudIdType,
@@ -124,7 +124,7 @@ 
 						];
 					} else {
 						$result['wide'][] = [
-							'label' => $contact['FN'] . " ($cloudId)",
+							'label' => $contact['FN']." ($cloudId)",
 							'uuid' => $contact['UID'],
 							'name' => $contact['FN'],
 							'type' => $cloudIdType,
@@ -154,7 +154,7 @@ 
 				$localUser = $this->userManager->get($remoteUser);
 				if ($localUser === null || $search !== $localUser->getCloudId()) {
 					$result['exact'][] = [
-						'label' => $remoteUser . " ($serverUrl)",
+						'label' => $remoteUser." ($serverUrl)",
 						'uuid' => $remoteUser,
 						'name' => $remoteUser,
 						'value' => [

Indentation +135 added lines, -135 removed lines

@@ -16,150 +16,150 @@
 use OCP\Share\IShare;
 
 class RemotePlugin implements ISearchPlugin {
-	protected bool $shareeEnumeration;
+    protected bool $shareeEnumeration;
 
-	private string $userId;
+    private string $userId;
 
-	public function __construct(
-		private IManager $contactsManager,
-		private ICloudIdManager $cloudIdManager,
-		private IConfig $config,
-		private IUserManager $userManager,
-		IUserSession $userSession,
-	) {
-		$this->userId = $userSession->getUser()?->getUID() ?? '';
-		$this->shareeEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
-	}
+    public function __construct(
+        private IManager $contactsManager,
+        private ICloudIdManager $cloudIdManager,
+        private IConfig $config,
+        private IUserManager $userManager,
+        IUserSession $userSession,
+    ) {
+        $this->userId = $userSession->getUser()?->getUID() ?? '';
+        $this->shareeEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
+    }
 
-	public function search($search, $limit, $offset, ISearchResult $searchResult): bool {
-		$result = ['wide' => [], 'exact' => []];
-		$resultType = new SearchResultType('remotes');
+    public function search($search, $limit, $offset, ISearchResult $searchResult): bool {
+        $result = ['wide' => [], 'exact' => []];
+        $resultType = new SearchResultType('remotes');
 
-		// Search in contacts
-		$addressBookContacts = $this->contactsManager->search($search, ['CLOUD', 'FN'], [
-			'limit' => $limit,
-			'offset' => $offset,
-			'enumeration' => false,
-			'fullmatch' => false,
-		]);
-		foreach ($addressBookContacts as $contact) {
-			if (isset($contact['isLocalSystemBook'])) {
-				continue;
-			}
-			if (isset($contact['CLOUD'])) {
-				$cloudIds = $contact['CLOUD'];
-				if (is_string($cloudIds)) {
-					$cloudIds = [$cloudIds];
-				}
-				$lowerSearch = strtolower($search);
-				foreach ($cloudIds as $cloudId) {
-					$cloudIdType = '';
-					if (\is_array($cloudId)) {
-						$cloudIdData = $cloudId;
-						$cloudId = $cloudIdData['value'];
-						$cloudIdType = $cloudIdData['type'];
-					}
-					try {
-						[$remoteUser, $serverUrl] = $this->splitUserRemote($cloudId);
-					} catch (\InvalidArgumentException $e) {
-						continue;
-					}
+        // Search in contacts
+        $addressBookContacts = $this->contactsManager->search($search, ['CLOUD', 'FN'], [
+            'limit' => $limit,
+            'offset' => $offset,
+            'enumeration' => false,
+            'fullmatch' => false,
+        ]);
+        foreach ($addressBookContacts as $contact) {
+            if (isset($contact['isLocalSystemBook'])) {
+                continue;
+            }
+            if (isset($contact['CLOUD'])) {
+                $cloudIds = $contact['CLOUD'];
+                if (is_string($cloudIds)) {
+                    $cloudIds = [$cloudIds];
+                }
+                $lowerSearch = strtolower($search);
+                foreach ($cloudIds as $cloudId) {
+                    $cloudIdType = '';
+                    if (\is_array($cloudId)) {
+                        $cloudIdData = $cloudId;
+                        $cloudId = $cloudIdData['value'];
+                        $cloudIdType = $cloudIdData['type'];
+                    }
+                    try {
+                        [$remoteUser, $serverUrl] = $this->splitUserRemote($cloudId);
+                    } catch (\InvalidArgumentException $e) {
+                        continue;
+                    }
 
-					$localUser = $this->userManager->get($remoteUser);
-					/**
-					 * Add local share if remote cloud id matches a local user ones
-					 */
-					if ($localUser !== null && $remoteUser !== $this->userId && $cloudId === $localUser->getCloudId()) {
-						$result['wide'][] = [
-							'label' => $contact['FN'],
-							'uuid' => $contact['UID'],
-							'value' => [
-								'shareType' => IShare::TYPE_USER,
-								'shareWith' => $remoteUser
-							],
-							'shareWithDisplayNameUnique' => $contact['EMAIL'] !== null && $contact['EMAIL'] !== '' ? $contact['EMAIL'] : $contact['UID'],
-						];
-					}
+                    $localUser = $this->userManager->get($remoteUser);
+                    /**
+                     * Add local share if remote cloud id matches a local user ones
+                     */
+                    if ($localUser !== null && $remoteUser !== $this->userId && $cloudId === $localUser->getCloudId()) {
+                        $result['wide'][] = [
+                            'label' => $contact['FN'],
+                            'uuid' => $contact['UID'],
+                            'value' => [
+                                'shareType' => IShare::TYPE_USER,
+                                'shareWith' => $remoteUser
+                            ],
+                            'shareWithDisplayNameUnique' => $contact['EMAIL'] !== null && $contact['EMAIL'] !== '' ? $contact['EMAIL'] : $contact['UID'],
+                        ];
+                    }
 
-					if (strtolower($contact['FN']) === $lowerSearch || strtolower($cloudId) === $lowerSearch) {
-						if (strtolower($cloudId) === $lowerSearch) {
-							$searchResult->markExactIdMatch($resultType);
-						}
-						$result['exact'][] = [
-							'label' => $contact['FN'] . " ($cloudId)",
-							'uuid' => $contact['UID'],
-							'name' => $contact['FN'],
-							'type' => $cloudIdType,
-							'value' => [
-								'shareType' => IShare::TYPE_REMOTE,
-								'shareWith' => $cloudId,
-								'server' => $serverUrl,
-							],
-						];
-					} else {
-						$result['wide'][] = [
-							'label' => $contact['FN'] . " ($cloudId)",
-							'uuid' => $contact['UID'],
-							'name' => $contact['FN'],
-							'type' => $cloudIdType,
-							'value' => [
-								'shareType' => IShare::TYPE_REMOTE,
-								'shareWith' => $cloudId,
-								'server' => $serverUrl,
-							],
-						];
-					}
-				}
-			}
-		}
+                    if (strtolower($contact['FN']) === $lowerSearch || strtolower($cloudId) === $lowerSearch) {
+                        if (strtolower($cloudId) === $lowerSearch) {
+                            $searchResult->markExactIdMatch($resultType);
+                        }
+                        $result['exact'][] = [
+                            'label' => $contact['FN'] . " ($cloudId)",
+                            'uuid' => $contact['UID'],
+                            'name' => $contact['FN'],
+                            'type' => $cloudIdType,
+                            'value' => [
+                                'shareType' => IShare::TYPE_REMOTE,
+                                'shareWith' => $cloudId,
+                                'server' => $serverUrl,
+                            ],
+                        ];
+                    } else {
+                        $result['wide'][] = [
+                            'label' => $contact['FN'] . " ($cloudId)",
+                            'uuid' => $contact['UID'],
+                            'name' => $contact['FN'],
+                            'type' => $cloudIdType,
+                            'value' => [
+                                'shareType' => IShare::TYPE_REMOTE,
+                                'shareWith' => $cloudId,
+                                'server' => $serverUrl,
+                            ],
+                        ];
+                    }
+                }
+            }
+        }
 
-		if (!$this->shareeEnumeration) {
-			$result['wide'] = [];
-		} else {
-			$result['wide'] = array_slice($result['wide'], $offset, $limit);
-		}
+        if (!$this->shareeEnumeration) {
+            $result['wide'] = [];
+        } else {
+            $result['wide'] = array_slice($result['wide'], $offset, $limit);
+        }
 
-		/**
-		 * Add generic share with remote item for valid cloud ids that are not users of the local instance
-		 */
-		if (!$searchResult->hasExactIdMatch($resultType) && $this->cloudIdManager->isValidCloudId($search) && $offset === 0) {
-			try {
-				[$remoteUser, $serverUrl] = $this->splitUserRemote($search);
-				$localUser = $this->userManager->get($remoteUser);
-				if ($localUser === null || $search !== $localUser->getCloudId()) {
-					$result['exact'][] = [
-						'label' => $remoteUser . " ($serverUrl)",
-						'uuid' => $remoteUser,
-						'name' => $remoteUser,
-						'value' => [
-							'shareType' => IShare::TYPE_REMOTE,
-							'shareWith' => $search,
-							'server' => $serverUrl,
-						],
-					];
-				}
-			} catch (\InvalidArgumentException $e) {
-			}
-		}
+        /**
+         * Add generic share with remote item for valid cloud ids that are not users of the local instance
+         */
+        if (!$searchResult->hasExactIdMatch($resultType) && $this->cloudIdManager->isValidCloudId($search) && $offset === 0) {
+            try {
+                [$remoteUser, $serverUrl] = $this->splitUserRemote($search);
+                $localUser = $this->userManager->get($remoteUser);
+                if ($localUser === null || $search !== $localUser->getCloudId()) {
+                    $result['exact'][] = [
+                        'label' => $remoteUser . " ($serverUrl)",
+                        'uuid' => $remoteUser,
+                        'name' => $remoteUser,
+                        'value' => [
+                            'shareType' => IShare::TYPE_REMOTE,
+                            'shareWith' => $search,
+                            'server' => $serverUrl,
+                        ],
+                    ];
+                }
+            } catch (\InvalidArgumentException $e) {
+            }
+        }
 
-		$searchResult->addResultSet($resultType, $result['wide'], $result['exact']);
+        $searchResult->addResultSet($resultType, $result['wide'], $result['exact']);
 
-		return true;
-	}
+        return true;
+    }
 
-	/**
-	 * split user and remote from federated cloud id
-	 *
-	 * @param string $address federated share address
-	 * @return array [user, remoteURL]
-	 * @throws \InvalidArgumentException
-	 */
-	public function splitUserRemote(string $address): array {
-		try {
-			$cloudId = $this->cloudIdManager->resolveCloudId($address);
-			return [$cloudId->getUser(), $this->cloudIdManager->removeProtocolFromUrl($cloudId->getRemote(), true)];
-		} catch (\InvalidArgumentException $e) {
-			throw new \InvalidArgumentException('Invalid Federated Cloud ID', 0, $e);
-		}
-	}
+    /**
+     * split user and remote from federated cloud id
+     *
+     * @param string $address federated share address
+     * @return array [user, remoteURL]
+     * @throws \InvalidArgumentException
+     */
+    public function splitUserRemote(string $address): array {
+        try {
+            $cloudId = $this->cloudIdManager->resolveCloudId($address);
+            return [$cloudId->getUser(), $this->cloudIdManager->removeProtocolFromUrl($cloudId->getRemote(), true)];
+        } catch (\InvalidArgumentException $e) {
+            throw new \InvalidArgumentException('Invalid Federated Cloud ID', 0, $e);
+        }
+    }
 }

lib/private/Color.php

Indentation +8 added lines, -8 removed lines

@@ -24,12 +24,12 @@
 namespace OC;
 
 class Color {
-	public $r;
-	public $g;
-	public $b;
-	public function __construct($r, $g, $b) {
-		$this->r = $r;
-		$this->g = $g;
-		$this->b = $b;
-	}
+    public $r;
+    public $g;
+    public $b;
+    public function __construct($r, $g, $b) {
+        $this->r = $r;
+        $this->g = $g;
+        $this->b = $b;
+    }
 }

apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php

Spacing +1 added lines, -1 removed lines

@@ -194,7 +194,7 @@
 		$httpClient = $this->clientService->newClient();
 
 		try {
-			$response = $httpClient->post($remote . '/index.php/apps/federatedfilesharing/createFederatedShare',
+			$response = $httpClient->post($remote.'/index.php/apps/federatedfilesharing/createFederatedShare',
 				[
 					'body' =>
 						[

Indentation +144 added lines, -144 removed lines

@@ -37,148 +37,148 @@
  * @package OCA\FederatedFileSharing\Controller
  */
 class MountPublicLinkController extends Controller {
-	/**
-	 * MountPublicLinkController constructor.
-	 */
-	public function __construct(
-		string $appName,
-		IRequest $request,
-		private FederatedShareProvider $federatedShareProvider,
-		private IManager $shareManager,
-		private AddressHandler $addressHandler,
-		private ISession $session,
-		private IL10N $l,
-		private IUserSession $userSession,
-		private IClientService $clientService,
-		private ICloudIdManager $cloudIdManager,
-		private LoggerInterface $logger,
-	) {
-		parent::__construct($appName, $request);
-	}
-
-	/**
-	 * send federated share to a user of a public link
-	 *
-	 * @param string $shareWith Username to share with
-	 * @param string $token Token of the share
-	 * @param string $password Password of the share
-	 * @return JSONResponse<Http::STATUS_OK, array{remoteUrl: string}, array{}>|JSONResponse<Http::STATUS_BAD_REQUEST, array{message: string}, array{}>
-	 *
-	 * 200: Remote URL returned
-	 * 400: Creating share is not possible
-	 */
-	#[NoCSRFRequired]
-	#[PublicPage]
-	#[BruteForceProtection(action: 'publicLink2FederatedShare')]
-	#[OpenAPI(scope: OpenAPI::SCOPE_FEDERATION)]
-	public function createFederatedShare($shareWith, $token, $password = '') {
-		if (!$this->federatedShareProvider->isOutgoingServer2serverShareEnabled()) {
-			return new JSONResponse(
-				['message' => 'This server doesn\'t support outgoing federated shares'],
-				Http::STATUS_BAD_REQUEST
-			);
-		}
-
-		try {
-			[, $server] = $this->addressHandler->splitUserRemote($shareWith);
-			$share = $this->shareManager->getShareByToken($token);
-		} catch (HintException $e) {
-			$response = new JSONResponse(['message' => $e->getHint()], Http::STATUS_BAD_REQUEST);
-			$response->throttle();
-			return $response;
-		}
-
-		// make sure that user is authenticated in case of a password protected link
-		$storedPassword = $share->getPassword();
-		$authenticated = $this->session->get(PublicAuth::DAV_AUTHENTICATED) === $share->getId() ||
-			$this->shareManager->checkPassword($share, $password);
-		if (!empty($storedPassword) && !$authenticated) {
-			$response = new JSONResponse(
-				['message' => 'No permission to access the share'],
-				Http::STATUS_BAD_REQUEST
-			);
-			$response->throttle();
-			return $response;
-		}
-
-		if (($share->getPermissions() & Constants::PERMISSION_READ) === 0) {
-			$response = new JSONResponse(
-				['message' => 'Mounting file drop not supported'],
-				Http::STATUS_BAD_REQUEST
-			);
-			$response->throttle();
-			return $response;
-		}
-
-		$share->setSharedWith($shareWith);
-		$share->setShareType(IShare::TYPE_REMOTE);
-
-		try {
-			$this->federatedShareProvider->create($share);
-		} catch (\Exception $e) {
-			$this->logger->warning($e->getMessage(), [
-				'app' => 'federatedfilesharing',
-				'exception' => $e,
-			]);
-			return new JSONResponse(['message' => $e->getMessage()], Http::STATUS_BAD_REQUEST);
-		}
-
-		return new JSONResponse(['remoteUrl' => $server]);
-	}
-
-	/**
-	 * ask other server to get a federated share
-	 *
-	 * @param string $token
-	 * @param string $remote
-	 * @param string $password
-	 * @param string $owner (only for legacy reasons, can be removed with legacyMountPublicLink())
-	 * @param string $ownerDisplayName (only for legacy reasons, can be removed with legacyMountPublicLink())
-	 * @param string $name (only for legacy reasons, can be removed with legacyMountPublicLink())
-	 * @return JSONResponse
-	 */
-	#[NoAdminRequired]
-	public function askForFederatedShare($token, $remote, $password = '', $owner = '', $ownerDisplayName = '', $name = '') {
-		// check if server admin allows to mount public links from other servers
-		if ($this->federatedShareProvider->isIncomingServer2serverShareEnabled() === false) {
-			return new JSONResponse(['message' => $this->l->t('Server to server sharing is not enabled on this server')], Http::STATUS_BAD_REQUEST);
-		}
-
-		$cloudId = $this->cloudIdManager->getCloudId($this->userSession->getUser()->getUID(), $this->addressHandler->generateRemoteURL());
-
-		$httpClient = $this->clientService->newClient();
-
-		try {
-			$response = $httpClient->post($remote . '/index.php/apps/federatedfilesharing/createFederatedShare',
-				[
-					'body' =>
-						[
-							'token' => $token,
-							'shareWith' => rtrim($cloudId->getId(), '/'),
-							'password' => $password
-						],
-					'connect_timeout' => 10,
-				]
-			);
-		} catch (\Exception $e) {
-			if (empty($password)) {
-				$message = $this->l->t("Couldn't establish a federated share.");
-			} else {
-				$message = $this->l->t("Couldn't establish a federated share, maybe the password was wrong.");
-			}
-			return new JSONResponse(['message' => $message], Http::STATUS_BAD_REQUEST);
-		}
-
-		$body = $response->getBody();
-		$result = json_decode($body, true);
-
-		if (is_array($result) && isset($result['remoteUrl'])) {
-			return new JSONResponse(['message' => $this->l->t('Federated Share request sent, you will receive an invitation. Check your notifications.')]);
-		}
-
-		// if we doesn't get the expected response we assume that we try to add
-		// a federated share from a Nextcloud <= 9 server
-		$message = $this->l->t("Couldn't establish a federated share, it looks like the server to federate with is too old (Nextcloud <= 9).");
-		return new JSONResponse(['message' => $message], Http::STATUS_BAD_REQUEST);
-	}
+    /**
+     * MountPublicLinkController constructor.
+     */
+    public function __construct(
+        string $appName,
+        IRequest $request,
+        private FederatedShareProvider $federatedShareProvider,
+        private IManager $shareManager,
+        private AddressHandler $addressHandler,
+        private ISession $session,
+        private IL10N $l,
+        private IUserSession $userSession,
+        private IClientService $clientService,
+        private ICloudIdManager $cloudIdManager,
+        private LoggerInterface $logger,
+    ) {
+        parent::__construct($appName, $request);
+    }
+
+    /**
+     * send federated share to a user of a public link
+     *
+     * @param string $shareWith Username to share with
+     * @param string $token Token of the share
+     * @param string $password Password of the share
+     * @return JSONResponse<Http::STATUS_OK, array{remoteUrl: string}, array{}>|JSONResponse<Http::STATUS_BAD_REQUEST, array{message: string}, array{}>
+     *
+     * 200: Remote URL returned
+     * 400: Creating share is not possible
+     */
+    #[NoCSRFRequired]
+    #[PublicPage]
+    #[BruteForceProtection(action: 'publicLink2FederatedShare')]
+    #[OpenAPI(scope: OpenAPI::SCOPE_FEDERATION)]
+    public function createFederatedShare($shareWith, $token, $password = '') {
+        if (!$this->federatedShareProvider->isOutgoingServer2serverShareEnabled()) {
+            return new JSONResponse(
+                ['message' => 'This server doesn\'t support outgoing federated shares'],
+                Http::STATUS_BAD_REQUEST
+            );
+        }
+
+        try {
+            [, $server] = $this->addressHandler->splitUserRemote($shareWith);
+            $share = $this->shareManager->getShareByToken($token);
+        } catch (HintException $e) {
+            $response = new JSONResponse(['message' => $e->getHint()], Http::STATUS_BAD_REQUEST);
+            $response->throttle();
+            return $response;
+        }
+
+        // make sure that user is authenticated in case of a password protected link
+        $storedPassword = $share->getPassword();
+        $authenticated = $this->session->get(PublicAuth::DAV_AUTHENTICATED) === $share->getId() ||
+            $this->shareManager->checkPassword($share, $password);
+        if (!empty($storedPassword) && !$authenticated) {
+            $response = new JSONResponse(
+                ['message' => 'No permission to access the share'],
+                Http::STATUS_BAD_REQUEST
+            );
+            $response->throttle();
+            return $response;
+        }
+
+        if (($share->getPermissions() & Constants::PERMISSION_READ) === 0) {
+            $response = new JSONResponse(
+                ['message' => 'Mounting file drop not supported'],
+                Http::STATUS_BAD_REQUEST
+            );
+            $response->throttle();
+            return $response;
+        }
+
+        $share->setSharedWith($shareWith);
+        $share->setShareType(IShare::TYPE_REMOTE);
+
+        try {
+            $this->federatedShareProvider->create($share);
+        } catch (\Exception $e) {
+            $this->logger->warning($e->getMessage(), [
+                'app' => 'federatedfilesharing',
+                'exception' => $e,
+            ]);
+            return new JSONResponse(['message' => $e->getMessage()], Http::STATUS_BAD_REQUEST);
+        }
+
+        return new JSONResponse(['remoteUrl' => $server]);
+    }
+
+    /**
+     * ask other server to get a federated share
+     *
+     * @param string $token
+     * @param string $remote
+     * @param string $password
+     * @param string $owner (only for legacy reasons, can be removed with legacyMountPublicLink())
+     * @param string $ownerDisplayName (only for legacy reasons, can be removed with legacyMountPublicLink())
+     * @param string $name (only for legacy reasons, can be removed with legacyMountPublicLink())
+     * @return JSONResponse
+     */
+    #[NoAdminRequired]
+    public function askForFederatedShare($token, $remote, $password = '', $owner = '', $ownerDisplayName = '', $name = '') {
+        // check if server admin allows to mount public links from other servers
+        if ($this->federatedShareProvider->isIncomingServer2serverShareEnabled() === false) {
+            return new JSONResponse(['message' => $this->l->t('Server to server sharing is not enabled on this server')], Http::STATUS_BAD_REQUEST);
+        }
+
+        $cloudId = $this->cloudIdManager->getCloudId($this->userSession->getUser()->getUID(), $this->addressHandler->generateRemoteURL());
+
+        $httpClient = $this->clientService->newClient();
+
+        try {
+            $response = $httpClient->post($remote . '/index.php/apps/federatedfilesharing/createFederatedShare',
+                [
+                    'body' =>
+                        [
+                            'token' => $token,
+                            'shareWith' => rtrim($cloudId->getId(), '/'),
+                            'password' => $password
+                        ],
+                    'connect_timeout' => 10,
+                ]
+            );
+        } catch (\Exception $e) {
+            if (empty($password)) {
+                $message = $this->l->t("Couldn't establish a federated share.");
+            } else {
+                $message = $this->l->t("Couldn't establish a federated share, maybe the password was wrong.");
+            }
+            return new JSONResponse(['message' => $message], Http::STATUS_BAD_REQUEST);
+        }
+
+        $body = $response->getBody();
+        $result = json_decode($body, true);
+
+        if (is_array($result) && isset($result['remoteUrl'])) {
+            return new JSONResponse(['message' => $this->l->t('Federated Share request sent, you will receive an invitation. Check your notifications.')]);
+        }
+
+        // if we doesn't get the expected response we assume that we try to add
+        // a federated share from a Nextcloud <= 9 server
+        $message = $this->l->t("Couldn't establish a federated share, it looks like the server to federate with is too old (Nextcloud <= 9).");
+        return new JSONResponse(['message' => $message], Http::STATUS_BAD_REQUEST);
+    }
 }

lib/private/Lock/MemcacheLockingProvider.php

Spacing +1 added lines, -1 removed lines

@@ -143,7 +143,7 @@
 		} elseif ($existing === 'exclusive') {
 			return $existing;
 		} else {
-			return $existing . ' shared locks';
+			return $existing.' shared locks';
 		}
 	}
 }

Indentation +164 added lines, -164 removed lines

@@ -14,168 +14,168 @@
 use OCP\Lock\LockedException;
 
 class MemcacheLockingProvider extends AbstractLockingProvider {
-	/** @var array<string, array{time: int, ttl: int}> */
-	private array $oldTTLs = [];
-
-	public function __construct(
-		private IMemcache $memcache,
-		private ITimeFactory $timeFactory,
-		int $ttl = 3600,
-	) {
-		parent::__construct($ttl);
-	}
-
-	private function setTTL(string $path, ?int $ttl = null, mixed $compare = null): void {
-		if (is_null($ttl)) {
-			$ttl = $this->ttl;
-		}
-		if ($this->memcache instanceof IMemcacheTTL) {
-			if ($compare !== null) {
-				$this->memcache->compareSetTTL($path, $compare, $ttl);
-			} else {
-				$this->memcache->setTTL($path, $ttl);
-			}
-		}
-	}
-
-	private function getTTL(string $path): int {
-		if ($this->memcache instanceof IMemcacheTTL) {
-			$ttl = $this->memcache->getTTL($path);
-			return $ttl === false ? -1 : $ttl;
-		} else {
-			return -1;
-		}
-	}
-
-	public function isLocked(string $path, int $type): bool {
-		$lockValue = $this->memcache->get($path);
-		if ($type === self::LOCK_SHARED) {
-			return is_int($lockValue) && $lockValue > 0;
-		} elseif ($type === self::LOCK_EXCLUSIVE) {
-			return $lockValue === 'exclusive';
-		} else {
-			return false;
-		}
-	}
-
-	public function acquireLock(string $path, int $type, ?string $readablePath = null): void {
-		if ($type === self::LOCK_SHARED) {
-			// save the old TTL to for `restoreTTL`
-			$this->oldTTLs[$path] = [
-				'ttl' => $this->getTTL($path),
-				'time' => $this->timeFactory->getTime()
-			];
-			if (!$this->memcache->inc($path)) {
-				throw new LockedException($path, null, $this->getExistingLockForException($path), $readablePath);
-			}
-		} else {
-			// when getting exclusive locks, we know there are no old TTLs to restore
-			$this->memcache->add($path, 0);
-			// ttl is updated automatically when the `set` succeeds
-			if (!$this->memcache->cas($path, 0, 'exclusive')) {
-				throw new LockedException($path, null, $this->getExistingLockForException($path), $readablePath);
-			}
-			unset($this->oldTTLs[$path]);
-		}
-		$this->setTTL($path);
-		$this->markAcquire($path, $type);
-	}
-
-	public function releaseLock(string $path, int $type): void {
-		if ($type === self::LOCK_SHARED) {
-			$ownSharedLockCount = $this->getOwnSharedLockCount($path);
-			$newValue = 0;
-			if ($ownSharedLockCount === 0) { // if we are not holding the lock, don't try to release it
-				return;
-			}
-			if ($ownSharedLockCount === 1) {
-				$removed = $this->memcache->cad($path, 1); // if we're the only one having a shared lock we can remove it in one go
-				if (!$removed) { //someone else also has a shared lock, decrease only
-					$newValue = $this->memcache->dec($path);
-				}
-			} else {
-				// if we own more than one lock ourselves just decrease
-				$newValue = $this->memcache->dec($path);
-			}
-
-			if ($newValue > 0) {
-				$this->restoreTTL($path);
-			} else {
-				unset($this->oldTTLs[$path]);
-			}
-
-			// if we somehow release more locks then exists, reset the lock
-			if ($newValue < 0) {
-				$this->memcache->cad($path, $newValue);
-			}
-		} elseif ($type === self::LOCK_EXCLUSIVE) {
-			$this->memcache->cad($path, 'exclusive');
-		}
-		$this->markRelease($path, $type);
-	}
-
-	public function changeLock(string $path, int $targetType): void {
-		if ($targetType === self::LOCK_SHARED) {
-			if (!$this->memcache->cas($path, 'exclusive', 1)) {
-				throw new LockedException($path, null, $this->getExistingLockForException($path));
-			}
-		} elseif ($targetType === self::LOCK_EXCLUSIVE) {
-			// we can only change a shared lock to an exclusive if there's only a single owner of the shared lock
-			if (!$this->memcache->cas($path, 1, 'exclusive')) {
-				$this->restoreTTL($path);
-				throw new LockedException($path, null, $this->getExistingLockForException($path));
-			}
-			unset($this->oldTTLs[$path]);
-		}
-		$this->setTTL($path);
-		$this->markChange($path, $targetType);
-	}
-
-	/**
-	 * With shared locks, each time the lock is acquired, the ttl for the path is reset.
-	 *
-	 * Due to this "ttl extension" when a shared lock isn't freed correctly for any reason
-	 * the lock won't expire until no shared locks are required for the path for 1h.
-	 * This can lead to a client repeatedly trying to upload a file, and failing forever
-	 * because the lock never gets the opportunity to expire.
-	 *
-	 * To help the lock expire in this case, we lower the TTL back to what it was before we
-	 * took the shared lock *only* if nobody else got a shared lock after we did.
-	 *
-	 * This doesn't handle all cases where multiple requests are acquiring shared locks
-	 * but it should handle some of the more common ones and not hurt things further
-	 */
-	private function restoreTTL(string $path): void {
-		if (isset($this->oldTTLs[$path])) {
-			$saved = $this->oldTTLs[$path];
-			$elapsed = $this->timeFactory->getTime() - $saved['time'];
-
-			// old value to compare to when setting ttl in case someone else changes the lock in the middle of this function
-			$value = $this->memcache->get($path);
-
-			$currentTtl = $this->getTTL($path);
-
-			// what the old ttl would be given the time elapsed since we acquired the lock
-			// note that if this gets negative the key will be expired directly when we set the ttl
-			$remainingOldTtl = $saved['ttl'] - $elapsed;
-			// what the currently ttl would be if nobody else acquired a lock since we did (+1 to cover rounding errors)
-			$expectedTtl = $this->ttl - $elapsed + 1;
-
-			// check if another request has acquired a lock (and didn't release it yet)
-			if ($currentTtl <= $expectedTtl) {
-				$this->setTTL($path, $remainingOldTtl, $value);
-			}
-		}
-	}
-
-	private function getExistingLockForException(string $path): string {
-		$existing = $this->memcache->get($path);
-		if (!$existing) {
-			return 'none';
-		} elseif ($existing === 'exclusive') {
-			return $existing;
-		} else {
-			return $existing . ' shared locks';
-		}
-	}
+    /** @var array<string, array{time: int, ttl: int}> */
+    private array $oldTTLs = [];
+
+    public function __construct(
+        private IMemcache $memcache,
+        private ITimeFactory $timeFactory,
+        int $ttl = 3600,
+    ) {
+        parent::__construct($ttl);
+    }
+
+    private function setTTL(string $path, ?int $ttl = null, mixed $compare = null): void {
+        if (is_null($ttl)) {
+            $ttl = $this->ttl;
+        }
+        if ($this->memcache instanceof IMemcacheTTL) {
+            if ($compare !== null) {
+                $this->memcache->compareSetTTL($path, $compare, $ttl);
+            } else {
+                $this->memcache->setTTL($path, $ttl);
+            }
+        }
+    }
+
+    private function getTTL(string $path): int {
+        if ($this->memcache instanceof IMemcacheTTL) {
+            $ttl = $this->memcache->getTTL($path);
+            return $ttl === false ? -1 : $ttl;
+        } else {
+            return -1;
+        }
+    }
+
+    public function isLocked(string $path, int $type): bool {
+        $lockValue = $this->memcache->get($path);
+        if ($type === self::LOCK_SHARED) {
+            return is_int($lockValue) && $lockValue > 0;
+        } elseif ($type === self::LOCK_EXCLUSIVE) {
+            return $lockValue === 'exclusive';
+        } else {
+            return false;
+        }
+    }
+
+    public function acquireLock(string $path, int $type, ?string $readablePath = null): void {
+        if ($type === self::LOCK_SHARED) {
+            // save the old TTL to for `restoreTTL`
+            $this->oldTTLs[$path] = [
+                'ttl' => $this->getTTL($path),
+                'time' => $this->timeFactory->getTime()
+            ];
+            if (!$this->memcache->inc($path)) {
+                throw new LockedException($path, null, $this->getExistingLockForException($path), $readablePath);
+            }
+        } else {
+            // when getting exclusive locks, we know there are no old TTLs to restore
+            $this->memcache->add($path, 0);
+            // ttl is updated automatically when the `set` succeeds
+            if (!$this->memcache->cas($path, 0, 'exclusive')) {
+                throw new LockedException($path, null, $this->getExistingLockForException($path), $readablePath);
+            }
+            unset($this->oldTTLs[$path]);
+        }
+        $this->setTTL($path);
+        $this->markAcquire($path, $type);
+    }
+
+    public function releaseLock(string $path, int $type): void {
+        if ($type === self::LOCK_SHARED) {
+            $ownSharedLockCount = $this->getOwnSharedLockCount($path);
+            $newValue = 0;
+            if ($ownSharedLockCount === 0) { // if we are not holding the lock, don't try to release it
+                return;
+            }
+            if ($ownSharedLockCount === 1) {
+                $removed = $this->memcache->cad($path, 1); // if we're the only one having a shared lock we can remove it in one go
+                if (!$removed) { //someone else also has a shared lock, decrease only
+                    $newValue = $this->memcache->dec($path);
+                }
+            } else {
+                // if we own more than one lock ourselves just decrease
+                $newValue = $this->memcache->dec($path);
+            }
+
+            if ($newValue > 0) {
+                $this->restoreTTL($path);
+            } else {
+                unset($this->oldTTLs[$path]);
+            }
+
+            // if we somehow release more locks then exists, reset the lock
+            if ($newValue < 0) {
+                $this->memcache->cad($path, $newValue);
+            }
+        } elseif ($type === self::LOCK_EXCLUSIVE) {
+            $this->memcache->cad($path, 'exclusive');
+        }
+        $this->markRelease($path, $type);
+    }
+
+    public function changeLock(string $path, int $targetType): void {
+        if ($targetType === self::LOCK_SHARED) {
+            if (!$this->memcache->cas($path, 'exclusive', 1)) {
+                throw new LockedException($path, null, $this->getExistingLockForException($path));
+            }
+        } elseif ($targetType === self::LOCK_EXCLUSIVE) {
+            // we can only change a shared lock to an exclusive if there's only a single owner of the shared lock
+            if (!$this->memcache->cas($path, 1, 'exclusive')) {
+                $this->restoreTTL($path);
+                throw new LockedException($path, null, $this->getExistingLockForException($path));
+            }
+            unset($this->oldTTLs[$path]);
+        }
+        $this->setTTL($path);
+        $this->markChange($path, $targetType);
+    }
+
+    /**
+     * With shared locks, each time the lock is acquired, the ttl for the path is reset.
+     *
+     * Due to this "ttl extension" when a shared lock isn't freed correctly for any reason
+     * the lock won't expire until no shared locks are required for the path for 1h.
+     * This can lead to a client repeatedly trying to upload a file, and failing forever
+     * because the lock never gets the opportunity to expire.
+     *
+     * To help the lock expire in this case, we lower the TTL back to what it was before we
+     * took the shared lock *only* if nobody else got a shared lock after we did.
+     *
+     * This doesn't handle all cases where multiple requests are acquiring shared locks
+     * but it should handle some of the more common ones and not hurt things further
+     */
+    private function restoreTTL(string $path): void {
+        if (isset($this->oldTTLs[$path])) {
+            $saved = $this->oldTTLs[$path];
+            $elapsed = $this->timeFactory->getTime() - $saved['time'];
+
+            // old value to compare to when setting ttl in case someone else changes the lock in the middle of this function
+            $value = $this->memcache->get($path);
+
+            $currentTtl = $this->getTTL($path);
+
+            // what the old ttl would be given the time elapsed since we acquired the lock
+            // note that if this gets negative the key will be expired directly when we set the ttl
+            $remainingOldTtl = $saved['ttl'] - $elapsed;
+            // what the currently ttl would be if nobody else acquired a lock since we did (+1 to cover rounding errors)
+            $expectedTtl = $this->ttl - $elapsed + 1;
+
+            // check if another request has acquired a lock (and didn't release it yet)
+            if ($currentTtl <= $expectedTtl) {
+                $this->setTTL($path, $remainingOldTtl, $value);
+            }
+        }
+    }
+
+    private function getExistingLockForException(string $path): string {
+        $existing = $this->memcache->get($path);
+        if (!$existing) {
+            return 'none';
+        } elseif ($existing === 'exclusive') {
+            return $existing;
+        } else {
+            return $existing . ' shared locks';
+        }
+    }
 }