nextcloud / server

lib/public/SystemTag/ISystemTagManager.php

Indentation +120 added lines, -120 removed lines

@@ -34,133 +34,133 @@
  * @since 9.0.0
  */
 interface ISystemTagManager {
-	/**
-	 * Returns the tag objects matching the given tag ids.
-	 *
-	 * @param array|string $tagIds id or array of unique ids of the tag to retrieve
-	 *
-	 * @return ISystemTag[] array of system tags with tag id as key
-	 *
-	 * @throws \InvalidArgumentException if at least one given tag ids is invalid (string instead of integer, etc.)
-	 * @throws TagNotFoundException if at least one given tag ids did no exist
-	 * 			The message contains a json_encoded array of the ids that could not be found
-	 *
-	 * @since 9.0.0
-	 */
-	public function getTagsByIds($tagIds): array;
+    /**
+     * Returns the tag objects matching the given tag ids.
+     *
+     * @param array|string $tagIds id or array of unique ids of the tag to retrieve
+     *
+     * @return ISystemTag[] array of system tags with tag id as key
+     *
+     * @throws \InvalidArgumentException if at least one given tag ids is invalid (string instead of integer, etc.)
+     * @throws TagNotFoundException if at least one given tag ids did no exist
+     * 			The message contains a json_encoded array of the ids that could not be found
+     *
+     * @since 9.0.0
+     */
+    public function getTagsByIds($tagIds): array;
 
-	/**
-	 * Returns the tag object matching the given attributes.
-	 *
-	 * @param string $tagName tag name
-	 * @param bool $userVisible whether the tag is visible by users
-	 * @param bool $userAssignable whether the tag is assignable by users
-	 *
-	 * @return ISystemTag system tag
-	 *
-	 * @throws TagNotFoundException if tag does not exist
-	 *
-	 * @since 9.0.0
-	 */
-	public function getTag(string $tagName, bool $userVisible, bool $userAssignable): ISystemTag;
+    /**
+     * Returns the tag object matching the given attributes.
+     *
+     * @param string $tagName tag name
+     * @param bool $userVisible whether the tag is visible by users
+     * @param bool $userAssignable whether the tag is assignable by users
+     *
+     * @return ISystemTag system tag
+     *
+     * @throws TagNotFoundException if tag does not exist
+     *
+     * @since 9.0.0
+     */
+    public function getTag(string $tagName, bool $userVisible, bool $userAssignable): ISystemTag;
 
-	/**
-	 * Creates the tag object using the given attributes.
-	 *
-	 * @param string $tagName tag name
-	 * @param bool $userVisible whether the tag is visible by users
-	 * @param bool $userAssignable whether the tag is assignable by users
-	 *
-	 * @return ISystemTag system tag
-	 *
-	 * @throws TagAlreadyExistsException if tag already exists
-	 *
-	 * @since 9.0.0
-	 */
-	public function createTag(string $tagName, bool $userVisible, bool $userAssignable): ISystemTag;
+    /**
+     * Creates the tag object using the given attributes.
+     *
+     * @param string $tagName tag name
+     * @param bool $userVisible whether the tag is visible by users
+     * @param bool $userAssignable whether the tag is assignable by users
+     *
+     * @return ISystemTag system tag
+     *
+     * @throws TagAlreadyExistsException if tag already exists
+     *
+     * @since 9.0.0
+     */
+    public function createTag(string $tagName, bool $userVisible, bool $userAssignable): ISystemTag;
 
-	/**
-	 * Returns all known tags, optionally filtered by visibility.
-	 *
-	 * @param bool|null $visibilityFilter filter by visibility if non-null
-	 * @param string $nameSearchPattern optional search pattern for the tag name
-	 *
-	 * @return ISystemTag[] array of system tags or empty array if none found
-	 *
-	 * @since 9.0.0
-	 */
-	public function getAllTags($visibilityFilter = null, $nameSearchPattern = null): array;
+    /**
+     * Returns all known tags, optionally filtered by visibility.
+     *
+     * @param bool|null $visibilityFilter filter by visibility if non-null
+     * @param string $nameSearchPattern optional search pattern for the tag name
+     *
+     * @return ISystemTag[] array of system tags or empty array if none found
+     *
+     * @since 9.0.0
+     */
+    public function getAllTags($visibilityFilter = null, $nameSearchPattern = null): array;
 
-	/**
-	 * Updates the given tag
-	 *
-	 * @param string $tagId tag id
-	 * @param string $newName the new tag name
-	 * @param bool $userVisible whether the tag is visible by users
-	 * @param bool $userAssignable whether the tag is assignable by users
-	 *
-	 * @throws TagNotFoundException if tag with the given id does not exist
-	 * @throws TagAlreadyExistsException if there is already another tag
-	 * with the same attributes
-	 *
-	 * @since 9.0.0
-	 */
-	public function updateTag(string $tagId, string $newName, bool $userVisible, bool $userAssignable);
+    /**
+     * Updates the given tag
+     *
+     * @param string $tagId tag id
+     * @param string $newName the new tag name
+     * @param bool $userVisible whether the tag is visible by users
+     * @param bool $userAssignable whether the tag is assignable by users
+     *
+     * @throws TagNotFoundException if tag with the given id does not exist
+     * @throws TagAlreadyExistsException if there is already another tag
+     * with the same attributes
+     *
+     * @since 9.0.0
+     */
+    public function updateTag(string $tagId, string $newName, bool $userVisible, bool $userAssignable);
 
-	/**
-	 * Delete the given tags from the database and all their relationships.
-	 *
-	 * @param string|array $tagIds array of tag ids
-	 *
-	 * @throws TagNotFoundException if at least one tag did not exist
-	 *
-	 * @since 9.0.0
-	 */
-	public function deleteTags($tagIds);
+    /**
+     * Delete the given tags from the database and all their relationships.
+     *
+     * @param string|array $tagIds array of tag ids
+     *
+     * @throws TagNotFoundException if at least one tag did not exist
+     *
+     * @since 9.0.0
+     */
+    public function deleteTags($tagIds);
 
-	/**
-	 * Checks whether the given user is allowed to assign/unassign the tag with the
-	 * given id.
-	 *
-	 * @param ISystemTag $tag tag to check permission for
-	 * @param IUser $user user to check permission for
-	 *
-	 * @return bool true if the user is allowed to assign/unassign the tag, false otherwise
-	 *
-	 * @since 9.1.0
-	 */
-	public function canUserAssignTag(ISystemTag $tag, IUser $user): bool;
+    /**
+     * Checks whether the given user is allowed to assign/unassign the tag with the
+     * given id.
+     *
+     * @param ISystemTag $tag tag to check permission for
+     * @param IUser $user user to check permission for
+     *
+     * @return bool true if the user is allowed to assign/unassign the tag, false otherwise
+     *
+     * @since 9.1.0
+     */
+    public function canUserAssignTag(ISystemTag $tag, IUser $user): bool;
 
-	/**
-	 * Checks whether the given user is allowed to see the tag with the given id.
-	 *
-	 * @param ISystemTag $tag tag to check permission for
-	 * @param IUser $user user to check permission for
-	 *
-	 * @return bool true if the user can see the tag, false otherwise
-	 *
-	 * @since 9.1.0
-	 */
-	public function canUserSeeTag(ISystemTag $tag, IUser $user): bool;
+    /**
+     * Checks whether the given user is allowed to see the tag with the given id.
+     *
+     * @param ISystemTag $tag tag to check permission for
+     * @param IUser $user user to check permission for
+     *
+     * @return bool true if the user can see the tag, false otherwise
+     *
+     * @since 9.1.0
+     */
+    public function canUserSeeTag(ISystemTag $tag, IUser $user): bool;
 
-	/**
-	 * Set groups that can assign a given tag.
-	 *
-	 * @param ISystemTag $tag tag for group assignment
-	 * @param string[] $groupIds group ids of groups that can assign/unassign the tag
-	 *
-	 * @since 9.1.0
-	 */
-	public function setTagGroups(ISystemTag $tag, array $groupIds);
+    /**
+     * Set groups that can assign a given tag.
+     *
+     * @param ISystemTag $tag tag for group assignment
+     * @param string[] $groupIds group ids of groups that can assign/unassign the tag
+     *
+     * @since 9.1.0
+     */
+    public function setTagGroups(ISystemTag $tag, array $groupIds);
 
-	/**
-	 * Get groups that can assign a given tag.
-	 *
-	 * @param ISystemTag $tag tag for group assignment
-	 *
-	 * @return string[] group ids of groups that can assign/unassign the tag
-	 *
-	 * @since 9.1.0
-	 */
-	public function getTagGroups(ISystemTag $tag): array;
+    /**
+     * Get groups that can assign a given tag.
+     *
+     * @param ISystemTag $tag tag for group assignment
+     *
+     * @return string[] group ids of groups that can assign/unassign the tag
+     *
+     * @since 9.1.0
+     */
+    public function getTagGroups(ISystemTag $tag): array;
 }

apps/dav/lib/Server.php

Indentation +293 added lines, -293 removed lines

@@ -86,297 +86,297 @@
 use SearchDAV\DAV\SearchPlugin;
 
 class Server {
-	private IRequest $request;
-	private string $baseUri;
-	public Connector\Sabre\Server $server;
-	private IProfiler $profiler;
-
-	public function __construct(IRequest $request, string $baseUri) {
-		$this->profiler = \OC::$server->get(IProfiler::class);
-		if ($this->profiler->isEnabled()) {
-			/** @var IEventLogger $eventLogger */
-			$eventLogger = \OC::$server->get(IEventLogger::class);
-			$eventLogger->start('runtime', 'DAV Runtime');
-		}
-
-		$this->request = $request;
-		$this->baseUri = $baseUri;
-		$logger = \OC::$server->get(LoggerInterface::class);
-		$dispatcher = \OC::$server->getEventDispatcher();
-		/** @var IEventDispatcher $newDispatcher */
-		$newDispatcher = \OC::$server->query(IEventDispatcher::class);
-
-		$root = new RootCollection();
-		$this->server = new \OCA\DAV\Connector\Sabre\Server(new CachingTree($root));
-
-		// Add maintenance plugin
-		$this->server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin(\OC::$server->getConfig(), \OC::$server->getL10N('dav')));
-
-		$this->server->addPlugin(new \OCA\DAV\Connector\Sabre\AppleQuirksPlugin());
-
-		// Backends
-		$authBackend = new Auth(
-			\OC::$server->getSession(),
-			\OC::$server->getUserSession(),
-			\OC::$server->getRequest(),
-			\OC::$server->getTwoFactorAuthManager(),
-			\OC::$server->getBruteForceThrottler()
-		);
-
-		// Set URL explicitly due to reverse-proxy situations
-		$this->server->httpRequest->setUrl($this->request->getRequestUri());
-		$this->server->setBaseUri($this->baseUri);
-
-		$this->server->addPlugin(new ProfilerPlugin($this->request));
-		$this->server->addPlugin(new BlockLegacyClientPlugin(\OC::$server->getConfig()));
-		$this->server->addPlugin(new AnonymousOptionsPlugin());
-		$authPlugin = new Plugin();
-		$authPlugin->addBackend(new PublicAuth());
-		$this->server->addPlugin($authPlugin);
-
-		// allow setup of additional auth backends
-		$event = new SabrePluginEvent($this->server);
-		$dispatcher->dispatch('OCA\DAV\Connector\Sabre::authInit', $event);
-
-		$newAuthEvent = new SabrePluginAuthInitEvent($this->server);
-		$newDispatcher->dispatchTyped($newAuthEvent);
-
-		$bearerAuthBackend = new BearerAuth(
-			\OC::$server->getUserSession(),
-			\OC::$server->getSession(),
-			\OC::$server->getRequest()
-		);
-		$authPlugin->addBackend($bearerAuthBackend);
-		// because we are throwing exceptions this plugin has to be the last one
-		$authPlugin->addBackend($authBackend);
-
-		// debugging
-		if (\OC::$server->getConfig()->getSystemValue('debug', false)) {
-			$this->server->addPlugin(new \Sabre\DAV\Browser\Plugin());
-		} else {
-			$this->server->addPlugin(new DummyGetResponsePlugin());
-		}
-
-		$this->server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $logger));
-		$this->server->addPlugin(new \OCA\DAV\Connector\Sabre\LockPlugin());
-		$this->server->addPlugin(new \Sabre\DAV\Sync\Plugin());
-
-		// acl
-		$acl = new DavAclPlugin();
-		$acl->principalCollectionSet = [
-			'principals/users',
-			'principals/groups',
-			'principals/calendar-resources',
-			'principals/calendar-rooms',
-		];
-		$this->server->addPlugin($acl);
-
-		// calendar plugins
-		if ($this->requestIsForSubtree(['calendars', 'public-calendars', 'system-calendars', 'principals'])) {
-			$this->server->addPlugin(new \OCA\DAV\CalDAV\Plugin());
-			$this->server->addPlugin(new \OCA\DAV\CalDAV\ICSExportPlugin\ICSExportPlugin(\OC::$server->getConfig(), $logger));
-			$this->server->addPlugin(new \OCA\DAV\CalDAV\Schedule\Plugin(\OC::$server->getConfig(), \OC::$server->get(LoggerInterface::class)));
-			if (\OC::$server->getConfig()->getAppValue('dav', 'sendInvitations', 'yes') === 'yes') {
-				$this->server->addPlugin(\OC::$server->query(\OCA\DAV\CalDAV\Schedule\IMipPlugin::class));
-			}
-
-			$this->server->addPlugin(\OC::$server->get(\OCA\DAV\CalDAV\Trashbin\Plugin::class));
-			$this->server->addPlugin(new \OCA\DAV\CalDAV\WebcalCaching\Plugin($request));
-			if (\OC::$server->getConfig()->getAppValue('dav', 'allow_calendar_link_subscriptions', 'yes') === 'yes') {
-				$this->server->addPlugin(new \Sabre\CalDAV\Subscriptions\Plugin());
-			}
-
-			$this->server->addPlugin(new \Sabre\CalDAV\Notifications\Plugin());
-			$this->server->addPlugin(new DAV\Sharing\Plugin($authBackend, \OC::$server->getRequest(), \OC::$server->getConfig()));
-			$this->server->addPlugin(new \OCA\DAV\CalDAV\Publishing\PublishPlugin(
-				\OC::$server->getConfig(),
-				\OC::$server->getURLGenerator()
-			));
-		}
-
-		// addressbook plugins
-		if ($this->requestIsForSubtree(['addressbooks', 'principals'])) {
-			$this->server->addPlugin(new DAV\Sharing\Plugin($authBackend, \OC::$server->getRequest(), \OC::$server->getConfig()));
-			$this->server->addPlugin(new \OCA\DAV\CardDAV\Plugin());
-			$this->server->addPlugin(new VCFExportPlugin());
-			$this->server->addPlugin(new MultiGetExportPlugin());
-			$this->server->addPlugin(new HasPhotoPlugin());
-			$this->server->addPlugin(new ImageExportPlugin(new PhotoCache(
-				\OC::$server->getAppDataDir('dav-photocache'),
-				$logger)
-			));
-		}
-
-		// system tags plugins
-		$this->server->addPlugin(\OC::$server->get(SystemTagPlugin::class));
-
-		// comments plugin
-		$this->server->addPlugin(new CommentsPlugin(
-			\OC::$server->getCommentsManager(),
-			\OC::$server->getUserSession()
-		));
-
-		$this->server->addPlugin(new CopyEtagHeaderPlugin());
-		$this->server->addPlugin(new RequestIdHeaderPlugin(\OC::$server->get(IRequest::class)));
-		$this->server->addPlugin(new ChunkingV2Plugin(\OCP\Server::get(ICacheFactory::class)));
-		$this->server->addPlugin(new ChunkingPlugin());
-
-		// allow setup of additional plugins
-		$dispatcher->dispatch('OCA\DAV\Connector\Sabre::addPlugin', $event);
-
-		// Some WebDAV clients do require Class 2 WebDAV support (locking), since
-		// we do not provide locking we emulate it using a fake locking plugin.
-		if ($request->isUserAgent([
-			'/WebDAVFS/',
-			'/OneNote/',
-			'/^Microsoft-WebDAV/',// Microsoft-WebDAV-MiniRedir/6.1.7601
-		])) {
-			$this->server->addPlugin(new FakeLockerPlugin());
-		}
-
-		// Allow view-only plugin for webdav requests
-		$this->server->addPlugin(new ViewOnlyPlugin(
-			$logger
-		));
-
-		if (BrowserErrorPagePlugin::isBrowserRequest($request)) {
-			$this->server->addPlugin(new BrowserErrorPagePlugin());
-		}
-
-		$lazySearchBackend = new LazySearchBackend();
-		$this->server->addPlugin(new SearchPlugin($lazySearchBackend));
-
-		// wait with registering these until auth is handled and the filesystem is setup
-		$this->server->on('beforeMethod:*', function () use ($root, $lazySearchBackend, $logger) {
-			// custom properties plugin must be the last one
-			$userSession = \OC::$server->getUserSession();
-			$user = $userSession->getUser();
-			if ($user !== null) {
-				$view = \OC\Files\Filesystem::getView();
-				$this->server->addPlugin(
-					new FilesPlugin(
-						$this->server->tree,
-						\OC::$server->getConfig(),
-						$this->request,
-						\OC::$server->getPreviewManager(),
-						\OC::$server->getUserSession(),
-						false,
-						!\OC::$server->getConfig()->getSystemValue('debug', false)
-					)
-				);
-				$this->server->addPlugin(new ChecksumUpdatePlugin());
-
-				$this->server->addPlugin(
-					new \Sabre\DAV\PropertyStorage\Plugin(
-						new CustomPropertiesBackend(
-							$this->server->tree,
-							\OC::$server->getDatabaseConnection(),
-							\OC::$server->getUserSession()->getUser()
-						)
-					)
-				);
-				if ($view !== null) {
-					$this->server->addPlugin(
-						new QuotaPlugin($view));
-				}
-				$this->server->addPlugin(
-					new TagsPlugin(
-						$this->server->tree, \OC::$server->getTagManager()
-					)
-				);
-				// TODO: switch to LazyUserFolder
-				$userFolder = \OC::$server->getUserFolder();
-				$this->server->addPlugin(new SharesPlugin(
-					$this->server->tree,
-					$userSession,
-					$userFolder,
-					\OC::$server->getShareManager()
-				));
-				$this->server->addPlugin(new CommentPropertiesPlugin(
-					\OC::$server->getCommentsManager(),
-					$userSession
-				));
-				$this->server->addPlugin(new \OCA\DAV\CalDAV\Search\SearchPlugin());
-				if ($view !== null) {
-					$this->server->addPlugin(new FilesReportPlugin(
-						$this->server->tree,
-						$view,
-						\OC::$server->getSystemTagManager(),
-						\OC::$server->getSystemTagObjectMapper(),
-						\OC::$server->getTagManager(),
-						$userSession,
-						\OC::$server->getGroupManager(),
-						$userFolder,
-						\OC::$server->getAppManager()
-					));
-					$lazySearchBackend->setBackend(new \OCA\DAV\Files\FileSearchBackend(
-						$this->server->tree,
-						$user,
-						\OC::$server->getRootFolder(),
-						\OC::$server->getShareManager(),
-						$view
-					));
-					$this->server->addPlugin(
-						new BulkUploadPlugin(
-							$userFolder,
-							$logger
-						)
-					);
-				}
-				$this->server->addPlugin(new \OCA\DAV\CalDAV\BirthdayCalendar\EnablePlugin(
-					\OC::$server->getConfig(),
-					\OC::$server->query(BirthdayService::class)
-				));
-				$this->server->addPlugin(new AppleProvisioningPlugin(
-					\OC::$server->getUserSession(),
-					\OC::$server->getURLGenerator(),
-					\OC::$server->getThemingDefaults(),
-					\OC::$server->getRequest(),
-					\OC::$server->getL10N('dav'),
-					function () {
-						return UUIDUtil::getUUID();
-					}
-				));
-			}
-
-			// register plugins from apps
-			$pluginManager = new PluginManager(
-				\OC::$server,
-				\OC::$server->getAppManager()
-			);
-			foreach ($pluginManager->getAppPlugins() as $appPlugin) {
-				$this->server->addPlugin($appPlugin);
-			}
-			foreach ($pluginManager->getAppCollections() as $appCollection) {
-				$root->addChild($appCollection);
-			}
-		});
-
-		$this->server->addPlugin(
-			new PropfindCompressionPlugin()
-		);
-	}
-
-	public function exec() {
-		/** @var IEventLogger $eventLogger */
-		$eventLogger = \OC::$server->get(IEventLogger::class);
-		$eventLogger->start('dav_server_exec', '');
-		$this->server->exec();
-		$eventLogger->end('dav_server_exec');
-		if ($this->profiler->isEnabled()) {
-			$eventLogger->end('runtime');
-			$profile = $this->profiler->collect(\OC::$server->get(IRequest::class), new Response());
-			$this->profiler->saveProfile($profile);
-		}
-	}
-
-	private function requestIsForSubtree(array $subTrees): bool {
-		foreach ($subTrees as $subTree) {
-			$subTree = trim($subTree, ' /');
-			if (strpos($this->server->getRequestUri(), $subTree.'/') === 0) {
-				return true;
-			}
-		}
-		return false;
-	}
+    private IRequest $request;
+    private string $baseUri;
+    public Connector\Sabre\Server $server;
+    private IProfiler $profiler;
+
+    public function __construct(IRequest $request, string $baseUri) {
+        $this->profiler = \OC::$server->get(IProfiler::class);
+        if ($this->profiler->isEnabled()) {
+            /** @var IEventLogger $eventLogger */
+            $eventLogger = \OC::$server->get(IEventLogger::class);
+            $eventLogger->start('runtime', 'DAV Runtime');
+        }
+
+        $this->request = $request;
+        $this->baseUri = $baseUri;
+        $logger = \OC::$server->get(LoggerInterface::class);
+        $dispatcher = \OC::$server->getEventDispatcher();
+        /** @var IEventDispatcher $newDispatcher */
+        $newDispatcher = \OC::$server->query(IEventDispatcher::class);
+
+        $root = new RootCollection();
+        $this->server = new \OCA\DAV\Connector\Sabre\Server(new CachingTree($root));
+
+        // Add maintenance plugin
+        $this->server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin(\OC::$server->getConfig(), \OC::$server->getL10N('dav')));
+
+        $this->server->addPlugin(new \OCA\DAV\Connector\Sabre\AppleQuirksPlugin());
+
+        // Backends
+        $authBackend = new Auth(
+            \OC::$server->getSession(),
+            \OC::$server->getUserSession(),
+            \OC::$server->getRequest(),
+            \OC::$server->getTwoFactorAuthManager(),
+            \OC::$server->getBruteForceThrottler()
+        );
+
+        // Set URL explicitly due to reverse-proxy situations
+        $this->server->httpRequest->setUrl($this->request->getRequestUri());
+        $this->server->setBaseUri($this->baseUri);
+
+        $this->server->addPlugin(new ProfilerPlugin($this->request));
+        $this->server->addPlugin(new BlockLegacyClientPlugin(\OC::$server->getConfig()));
+        $this->server->addPlugin(new AnonymousOptionsPlugin());
+        $authPlugin = new Plugin();
+        $authPlugin->addBackend(new PublicAuth());
+        $this->server->addPlugin($authPlugin);
+
+        // allow setup of additional auth backends
+        $event = new SabrePluginEvent($this->server);
+        $dispatcher->dispatch('OCA\DAV\Connector\Sabre::authInit', $event);
+
+        $newAuthEvent = new SabrePluginAuthInitEvent($this->server);
+        $newDispatcher->dispatchTyped($newAuthEvent);
+
+        $bearerAuthBackend = new BearerAuth(
+            \OC::$server->getUserSession(),
+            \OC::$server->getSession(),
+            \OC::$server->getRequest()
+        );
+        $authPlugin->addBackend($bearerAuthBackend);
+        // because we are throwing exceptions this plugin has to be the last one
+        $authPlugin->addBackend($authBackend);
+
+        // debugging
+        if (\OC::$server->getConfig()->getSystemValue('debug', false)) {
+            $this->server->addPlugin(new \Sabre\DAV\Browser\Plugin());
+        } else {
+            $this->server->addPlugin(new DummyGetResponsePlugin());
+        }
+
+        $this->server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $logger));
+        $this->server->addPlugin(new \OCA\DAV\Connector\Sabre\LockPlugin());
+        $this->server->addPlugin(new \Sabre\DAV\Sync\Plugin());
+
+        // acl
+        $acl = new DavAclPlugin();
+        $acl->principalCollectionSet = [
+            'principals/users',
+            'principals/groups',
+            'principals/calendar-resources',
+            'principals/calendar-rooms',
+        ];
+        $this->server->addPlugin($acl);
+
+        // calendar plugins
+        if ($this->requestIsForSubtree(['calendars', 'public-calendars', 'system-calendars', 'principals'])) {
+            $this->server->addPlugin(new \OCA\DAV\CalDAV\Plugin());
+            $this->server->addPlugin(new \OCA\DAV\CalDAV\ICSExportPlugin\ICSExportPlugin(\OC::$server->getConfig(), $logger));
+            $this->server->addPlugin(new \OCA\DAV\CalDAV\Schedule\Plugin(\OC::$server->getConfig(), \OC::$server->get(LoggerInterface::class)));
+            if (\OC::$server->getConfig()->getAppValue('dav', 'sendInvitations', 'yes') === 'yes') {
+                $this->server->addPlugin(\OC::$server->query(\OCA\DAV\CalDAV\Schedule\IMipPlugin::class));
+            }
+
+            $this->server->addPlugin(\OC::$server->get(\OCA\DAV\CalDAV\Trashbin\Plugin::class));
+            $this->server->addPlugin(new \OCA\DAV\CalDAV\WebcalCaching\Plugin($request));
+            if (\OC::$server->getConfig()->getAppValue('dav', 'allow_calendar_link_subscriptions', 'yes') === 'yes') {
+                $this->server->addPlugin(new \Sabre\CalDAV\Subscriptions\Plugin());
+            }
+
+            $this->server->addPlugin(new \Sabre\CalDAV\Notifications\Plugin());
+            $this->server->addPlugin(new DAV\Sharing\Plugin($authBackend, \OC::$server->getRequest(), \OC::$server->getConfig()));
+            $this->server->addPlugin(new \OCA\DAV\CalDAV\Publishing\PublishPlugin(
+                \OC::$server->getConfig(),
+                \OC::$server->getURLGenerator()
+            ));
+        }
+
+        // addressbook plugins
+        if ($this->requestIsForSubtree(['addressbooks', 'principals'])) {
+            $this->server->addPlugin(new DAV\Sharing\Plugin($authBackend, \OC::$server->getRequest(), \OC::$server->getConfig()));
+            $this->server->addPlugin(new \OCA\DAV\CardDAV\Plugin());
+            $this->server->addPlugin(new VCFExportPlugin());
+            $this->server->addPlugin(new MultiGetExportPlugin());
+            $this->server->addPlugin(new HasPhotoPlugin());
+            $this->server->addPlugin(new ImageExportPlugin(new PhotoCache(
+                \OC::$server->getAppDataDir('dav-photocache'),
+                $logger)
+            ));
+        }
+
+        // system tags plugins
+        $this->server->addPlugin(\OC::$server->get(SystemTagPlugin::class));
+
+        // comments plugin
+        $this->server->addPlugin(new CommentsPlugin(
+            \OC::$server->getCommentsManager(),
+            \OC::$server->getUserSession()
+        ));
+
+        $this->server->addPlugin(new CopyEtagHeaderPlugin());
+        $this->server->addPlugin(new RequestIdHeaderPlugin(\OC::$server->get(IRequest::class)));
+        $this->server->addPlugin(new ChunkingV2Plugin(\OCP\Server::get(ICacheFactory::class)));
+        $this->server->addPlugin(new ChunkingPlugin());
+
+        // allow setup of additional plugins
+        $dispatcher->dispatch('OCA\DAV\Connector\Sabre::addPlugin', $event);
+
+        // Some WebDAV clients do require Class 2 WebDAV support (locking), since
+        // we do not provide locking we emulate it using a fake locking plugin.
+        if ($request->isUserAgent([
+            '/WebDAVFS/',
+            '/OneNote/',
+            '/^Microsoft-WebDAV/',// Microsoft-WebDAV-MiniRedir/6.1.7601
+        ])) {
+            $this->server->addPlugin(new FakeLockerPlugin());
+        }
+
+        // Allow view-only plugin for webdav requests
+        $this->server->addPlugin(new ViewOnlyPlugin(
+            $logger
+        ));
+
+        if (BrowserErrorPagePlugin::isBrowserRequest($request)) {
+            $this->server->addPlugin(new BrowserErrorPagePlugin());
+        }
+
+        $lazySearchBackend = new LazySearchBackend();
+        $this->server->addPlugin(new SearchPlugin($lazySearchBackend));
+
+        // wait with registering these until auth is handled and the filesystem is setup
+        $this->server->on('beforeMethod:*', function () use ($root, $lazySearchBackend, $logger) {
+            // custom properties plugin must be the last one
+            $userSession = \OC::$server->getUserSession();
+            $user = $userSession->getUser();
+            if ($user !== null) {
+                $view = \OC\Files\Filesystem::getView();
+                $this->server->addPlugin(
+                    new FilesPlugin(
+                        $this->server->tree,
+                        \OC::$server->getConfig(),
+                        $this->request,
+                        \OC::$server->getPreviewManager(),
+                        \OC::$server->getUserSession(),
+                        false,
+                        !\OC::$server->getConfig()->getSystemValue('debug', false)
+                    )
+                );
+                $this->server->addPlugin(new ChecksumUpdatePlugin());
+
+                $this->server->addPlugin(
+                    new \Sabre\DAV\PropertyStorage\Plugin(
+                        new CustomPropertiesBackend(
+                            $this->server->tree,
+                            \OC::$server->getDatabaseConnection(),
+                            \OC::$server->getUserSession()->getUser()
+                        )
+                    )
+                );
+                if ($view !== null) {
+                    $this->server->addPlugin(
+                        new QuotaPlugin($view));
+                }
+                $this->server->addPlugin(
+                    new TagsPlugin(
+                        $this->server->tree, \OC::$server->getTagManager()
+                    )
+                );
+                // TODO: switch to LazyUserFolder
+                $userFolder = \OC::$server->getUserFolder();
+                $this->server->addPlugin(new SharesPlugin(
+                    $this->server->tree,
+                    $userSession,
+                    $userFolder,
+                    \OC::$server->getShareManager()
+                ));
+                $this->server->addPlugin(new CommentPropertiesPlugin(
+                    \OC::$server->getCommentsManager(),
+                    $userSession
+                ));
+                $this->server->addPlugin(new \OCA\DAV\CalDAV\Search\SearchPlugin());
+                if ($view !== null) {
+                    $this->server->addPlugin(new FilesReportPlugin(
+                        $this->server->tree,
+                        $view,
+                        \OC::$server->getSystemTagManager(),
+                        \OC::$server->getSystemTagObjectMapper(),
+                        \OC::$server->getTagManager(),
+                        $userSession,
+                        \OC::$server->getGroupManager(),
+                        $userFolder,
+                        \OC::$server->getAppManager()
+                    ));
+                    $lazySearchBackend->setBackend(new \OCA\DAV\Files\FileSearchBackend(
+                        $this->server->tree,
+                        $user,
+                        \OC::$server->getRootFolder(),
+                        \OC::$server->getShareManager(),
+                        $view
+                    ));
+                    $this->server->addPlugin(
+                        new BulkUploadPlugin(
+                            $userFolder,
+                            $logger
+                        )
+                    );
+                }
+                $this->server->addPlugin(new \OCA\DAV\CalDAV\BirthdayCalendar\EnablePlugin(
+                    \OC::$server->getConfig(),
+                    \OC::$server->query(BirthdayService::class)
+                ));
+                $this->server->addPlugin(new AppleProvisioningPlugin(
+                    \OC::$server->getUserSession(),
+                    \OC::$server->getURLGenerator(),
+                    \OC::$server->getThemingDefaults(),
+                    \OC::$server->getRequest(),
+                    \OC::$server->getL10N('dav'),
+                    function () {
+                        return UUIDUtil::getUUID();
+                    }
+                ));
+            }
+
+            // register plugins from apps
+            $pluginManager = new PluginManager(
+                \OC::$server,
+                \OC::$server->getAppManager()
+            );
+            foreach ($pluginManager->getAppPlugins() as $appPlugin) {
+                $this->server->addPlugin($appPlugin);
+            }
+            foreach ($pluginManager->getAppCollections() as $appCollection) {
+                $root->addChild($appCollection);
+            }
+        });
+
+        $this->server->addPlugin(
+            new PropfindCompressionPlugin()
+        );
+    }
+
+    public function exec() {
+        /** @var IEventLogger $eventLogger */
+        $eventLogger = \OC::$server->get(IEventLogger::class);
+        $eventLogger->start('dav_server_exec', '');
+        $this->server->exec();
+        $eventLogger->end('dav_server_exec');
+        if ($this->profiler->isEnabled()) {
+            $eventLogger->end('runtime');
+            $profile = $this->profiler->collect(\OC::$server->get(IRequest::class), new Response());
+            $this->profiler->saveProfile($profile);
+        }
+    }
+
+    private function requestIsForSubtree(array $subTrees): bool {
+        foreach ($subTrees as $subTree) {
+            $subTree = trim($subTree, ' /');
+            if (strpos($this->server->getRequestUri(), $subTree.'/') === 0) {
+                return true;
+            }
+        }
+        return false;
+    }
 }

apps/dav/lib/SystemTag/SystemTagMappingNode.php

Indentation +135 added lines, -135 removed lines

@@ -37,139 +37,139 @@
  * Mapping node for system tag to object id
  */
 class SystemTagMappingNode implements \Sabre\DAV\INode {
-	/**
-	 * @var ISystemTag
-	 */
-	protected $tag;
-
-	/**
-	 * @var string
-	 */
-	private $objectId;
-
-	/**
-	 * @var string
-	 */
-	private $objectType;
-
-	/**
-	 * User
-	 *
-	 * @var IUser
-	 */
-	protected $user;
-
-	/**
-	 * @var ISystemTagManager
-	 */
-	protected $tagManager;
-
-	/**
-	 * @var ISystemTagObjectMapper
-	 */
-	private $tagMapper;
-
-	/**
-	 * Sets up the node, expects a full path name
-	 *
-	 * @param ISystemTag $tag system tag
-	 * @param string $objectId
-	 * @param string $objectType
-	 * @param IUser $user user
-	 * @param ISystemTagManager $tagManager
-	 * @param ISystemTagObjectMapper $tagMapper
-	 */
-	public function __construct(
-		ISystemTag $tag,
-		$objectId,
-		$objectType,
-		IUser $user,
-		ISystemTagManager $tagManager,
-		ISystemTagObjectMapper $tagMapper
-	) {
-		$this->tag = $tag;
-		$this->objectId = $objectId;
-		$this->objectType = $objectType;
-		$this->user = $user;
-		$this->tagManager = $tagManager;
-		$this->tagMapper = $tagMapper;
-	}
-
-	/**
-	 * Returns the object id of the relationship
-	 *
-	 * @return string object id
-	 */
-	public function getObjectId() {
-		return $this->objectId;
-	}
-
-	/**
-	 * Returns the object type of the relationship
-	 *
-	 * @return string object type
-	 */
-	public function getObjectType() {
-		return $this->objectType;
-	}
-
-	/**
-	 * Returns the system tag represented by this node
-	 *
-	 * @return ISystemTag system tag
-	 */
-	public function getSystemTag() {
-		return $this->tag;
-	}
-
-	/**
-	 *  Returns the id of the tag
-	 *
-	 * @return string
-	 */
-	public function getName() {
-		return $this->tag->getId();
-	}
-
-	/**
-	 * Renames the node
-	 *
-	 * @param string $name The new name
-	 *
-	 * @throws MethodNotAllowed not allowed to rename node
-	 *
-	 * @return never
-	 */
-	public function setName($name) {
-		throw new MethodNotAllowed();
-	}
-
-	/**
-	 * Returns null, not supported
-	 *
-	 * @return null
-	 */
-	public function getLastModified() {
-		return null;
-	}
-
-	/**
-	 * Delete tag to object association
-	 *
-	 * @return void
-	 */
-	public function delete() {
-		try {
-			if (!$this->tagManager->canUserSeeTag($this->tag, $this->user)) {
-				throw new NotFound('Tag with id ' . $this->tag->getId() . ' not found');
-			}
-			if (!$this->tagManager->canUserAssignTag($this->tag, $this->user)) {
-				throw new Forbidden('No permission to unassign tag ' . $this->tag->getId());
-			}
-			$this->tagMapper->unassignTags($this->objectId, $this->objectType, $this->tag->getId());
-		} catch (TagNotFoundException $e) {
-			// can happen if concurrent deletion occurred
-			throw new NotFound('Tag with id ' . $this->tag->getId() . ' not found', 0, $e);
-		}
-	}
+    /**
+     * @var ISystemTag
+     */
+    protected $tag;
+
+    /**
+     * @var string
+     */
+    private $objectId;
+
+    /**
+     * @var string
+     */
+    private $objectType;
+
+    /**
+     * User
+     *
+     * @var IUser
+     */
+    protected $user;
+
+    /**
+     * @var ISystemTagManager
+     */
+    protected $tagManager;
+
+    /**
+     * @var ISystemTagObjectMapper
+     */
+    private $tagMapper;
+
+    /**
+     * Sets up the node, expects a full path name
+     *
+     * @param ISystemTag $tag system tag
+     * @param string $objectId
+     * @param string $objectType
+     * @param IUser $user user
+     * @param ISystemTagManager $tagManager
+     * @param ISystemTagObjectMapper $tagMapper
+     */
+    public function __construct(
+        ISystemTag $tag,
+        $objectId,
+        $objectType,
+        IUser $user,
+        ISystemTagManager $tagManager,
+        ISystemTagObjectMapper $tagMapper
+    ) {
+        $this->tag = $tag;
+        $this->objectId = $objectId;
+        $this->objectType = $objectType;
+        $this->user = $user;
+        $this->tagManager = $tagManager;
+        $this->tagMapper = $tagMapper;
+    }
+
+    /**
+     * Returns the object id of the relationship
+     *
+     * @return string object id
+     */
+    public function getObjectId() {
+        return $this->objectId;
+    }
+
+    /**
+     * Returns the object type of the relationship
+     *
+     * @return string object type
+     */
+    public function getObjectType() {
+        return $this->objectType;
+    }
+
+    /**
+     * Returns the system tag represented by this node
+     *
+     * @return ISystemTag system tag
+     */
+    public function getSystemTag() {
+        return $this->tag;
+    }
+
+    /**
+     *  Returns the id of the tag
+     *
+     * @return string
+     */
+    public function getName() {
+        return $this->tag->getId();
+    }
+
+    /**
+     * Renames the node
+     *
+     * @param string $name The new name
+     *
+     * @throws MethodNotAllowed not allowed to rename node
+     *
+     * @return never
+     */
+    public function setName($name) {
+        throw new MethodNotAllowed();
+    }
+
+    /**
+     * Returns null, not supported
+     *
+     * @return null
+     */
+    public function getLastModified() {
+        return null;
+    }
+
+    /**
+     * Delete tag to object association
+     *
+     * @return void
+     */
+    public function delete() {
+        try {
+            if (!$this->tagManager->canUserSeeTag($this->tag, $this->user)) {
+                throw new NotFound('Tag with id ' . $this->tag->getId() . ' not found');
+            }
+            if (!$this->tagManager->canUserAssignTag($this->tag, $this->user)) {
+                throw new Forbidden('No permission to unassign tag ' . $this->tag->getId());
+            }
+            $this->tagMapper->unassignTags($this->objectId, $this->objectType, $this->tag->getId());
+        } catch (TagNotFoundException $e) {
+            // can happen if concurrent deletion occurred
+            throw new NotFound('Tag with id ' . $this->tag->getId() . ' not found', 0, $e);
+        }
+    }
 }

apps/dav/lib/SystemTag/SystemTagList.php

Indentation +32 added lines, -32 removed lines

@@ -33,41 +33,41 @@
  * This property contains multiple "tag" elements, each containing a tag name.
  */
 class SystemTagList implements Element {
-	public const NS_NEXTCLOUD = 'http://nextcloud.org/ns';
+    public const NS_NEXTCLOUD = 'http://nextcloud.org/ns';
 
-	/** @var ISystemTag[] */
-	private array $tags;
-	private ISystemTagManager $tagManager;
-	private IUser $user;
+    /** @var ISystemTag[] */
+    private array $tags;
+    private ISystemTagManager $tagManager;
+    private IUser $user;
 
-	public function __construct(array $tags, ISystemTagManager $tagManager, IUser $user) {
-		$this->tags = $tags;
-		$this->tagManager = $tagManager;
-		$this->user = $user;
-	}
+    public function __construct(array $tags, ISystemTagManager $tagManager, IUser $user) {
+        $this->tags = $tags;
+        $this->tagManager = $tagManager;
+        $this->user = $user;
+    }
 
-	/**
-	 * @return ISystemTag[]
-	 */
-	public function getTags(): array {
-		return $this->tags;
-	}
+    /**
+     * @return ISystemTag[]
+     */
+    public function getTags(): array {
+        return $this->tags;
+    }
 
-	public static function xmlDeserialize(Reader $reader): void {
-		// unsupported/unused
-	}
+    public static function xmlDeserialize(Reader $reader): void {
+        // unsupported/unused
+    }
 
-	public function xmlSerialize(Writer $writer): void {
-		foreach ($this->tags as $tag) {
-			$writer->startElement('{' . self::NS_NEXTCLOUD . '}system-tag');
-			$writer->writeAttributes([
-				SystemTagPlugin::CANASSIGN_PROPERTYNAME => $this->tagManager->canUserAssignTag($tag, $this->user) ? 'true' : 'false',
-				SystemTagPlugin::ID_PROPERTYNAME => $tag->getId(),
-				SystemTagPlugin::USERASSIGNABLE_PROPERTYNAME => $tag->isUserAssignable() ? 'true' : 'false',
-				SystemTagPlugin::USERVISIBLE_PROPERTYNAME => $tag->isUserVisible() ? 'true' : 'false',
-			]);
-			$writer->write($tag->getName());
-			$writer->endElement();
-		}
-	}
+    public function xmlSerialize(Writer $writer): void {
+        foreach ($this->tags as $tag) {
+            $writer->startElement('{' . self::NS_NEXTCLOUD . '}system-tag');
+            $writer->writeAttributes([
+                SystemTagPlugin::CANASSIGN_PROPERTYNAME => $this->tagManager->canUserAssignTag($tag, $this->user) ? 'true' : 'false',
+                SystemTagPlugin::ID_PROPERTYNAME => $tag->getId(),
+                SystemTagPlugin::USERASSIGNABLE_PROPERTYNAME => $tag->isUserAssignable() ? 'true' : 'false',
+                SystemTagPlugin::USERVISIBLE_PROPERTYNAME => $tag->isUserVisible() ? 'true' : 'false',
+            ]);
+            $writer->write($tag->getName());
+            $writer->endElement();
+        }
+    }
 }

apps/dav/lib/SystemTag/SystemTagsByIdCollection.php

Indentation +163 added lines, -163 removed lines

@@ -36,167 +36,167 @@
 
 class SystemTagsByIdCollection implements ICollection {
 
-	/**
-	 * @var ISystemTagManager
-	 */
-	private $tagManager;
-
-	/**
-	 * @var IGroupManager
-	 */
-	private $groupManager;
-
-	/**
-	 * @var IUserSession
-	 */
-	private $userSession;
-
-	/**
-	 * SystemTagsByIdCollection constructor.
-	 *
-	 * @param ISystemTagManager $tagManager
-	 * @param IUserSession $userSession
-	 * @param IGroupManager $groupManager
-	 */
-	public function __construct(
-		ISystemTagManager $tagManager,
-		IUserSession $userSession,
-		IGroupManager $groupManager
-	) {
-		$this->tagManager = $tagManager;
-		$this->userSession = $userSession;
-		$this->groupManager = $groupManager;
-	}
-
-	/**
-	 * Returns whether the currently logged in user is an administrator
-	 *
-	 * @return bool true if the user is an admin
-	 */
-	private function isAdmin() {
-		$user = $this->userSession->getUser();
-		if ($user !== null) {
-			return $this->groupManager->isAdmin($user->getUID());
-		}
-		return false;
-	}
-
-	/**
-	 * @param string $name
-	 * @param resource|string $data Initial payload
-	 *
-	 * @throws Forbidden
-	 *
-	 * @return never
-	 */
-	public function createFile($name, $data = null) {
-		throw new Forbidden('Cannot create tags by id');
-	}
-
-	/**
-	 * @param string $name
-	 *
-	 * @return never
-	 */
-	public function createDirectory($name) {
-		throw new Forbidden('Permission denied to create collections');
-	}
-
-	/**
-	 * @param string $name
-	 *
-	 * @return SystemTagNode
-	 */
-	public function getChild($name) {
-		try {
-			$tag = $this->tagManager->getTagsByIds([$name]);
-			$tag = current($tag);
-			if (!$this->tagManager->canUserSeeTag($tag, $this->userSession->getUser())) {
-				throw new NotFound('Tag with id ' . $name . ' not found');
-			}
-			return $this->makeNode($tag);
-		} catch (\InvalidArgumentException $e) {
-			throw new BadRequest('Invalid tag id', 0, $e);
-		} catch (TagNotFoundException $e) {
-			throw new NotFound('Tag with id ' . $name . ' not found', 0, $e);
-		}
-	}
-
-	/**
-	 * @return SystemTagNode[]
-	 *
-	 * @psalm-return array<SystemTagNode>
-	 */
-	public function getChildren() {
-		$visibilityFilter = true;
-		if ($this->isAdmin()) {
-			$visibilityFilter = null;
-		}
-
-		$tags = $this->tagManager->getAllTags($visibilityFilter);
-		return array_map(function ($tag) {
-			return $this->makeNode($tag);
-		}, $tags);
-	}
-
-	/**
-	 * @param string $name
-	 */
-	public function childExists($name) {
-		try {
-			$tag = $this->tagManager->getTagsByIds([$name]);
-			$tag = current($tag);
-			if (!$this->tagManager->canUserSeeTag($tag, $this->userSession->getUser())) {
-				return false;
-			}
-			return true;
-		} catch (\InvalidArgumentException $e) {
-			throw new BadRequest('Invalid tag id', 0, $e);
-		} catch (TagNotFoundException $e) {
-			return false;
-		}
-	}
-
-	/**
-	 * @return never
-	 */
-	public function delete() {
-		throw new Forbidden('Permission denied to delete this collection');
-	}
-
-	/**
-	 * @return string
-	 *
-	 * @psalm-return 'systemtags'
-	 */
-	public function getName() {
-		return 'systemtags';
-	}
-
-	/**
-	 * @return never
-	 */
-	public function setName($name) {
-		throw new Forbidden('Permission denied to rename this collection');
-	}
-
-	/**
-	 * Returns the last modification time, as a unix timestamp
-	 *
-	 * @return null
-	 */
-	public function getLastModified() {
-		return null;
-	}
-
-	/**
-	 * Create a sabre node for the given system tag
-	 *
-	 * @param ISystemTag $tag
-	 *
-	 * @return SystemTagNode
-	 */
-	private function makeNode(ISystemTag $tag) {
-		return new SystemTagNode($tag, $this->userSession->getUser(), $this->isAdmin(), $this->tagManager);
-	}
+    /**
+     * @var ISystemTagManager
+     */
+    private $tagManager;
+
+    /**
+     * @var IGroupManager
+     */
+    private $groupManager;
+
+    /**
+     * @var IUserSession
+     */
+    private $userSession;
+
+    /**
+     * SystemTagsByIdCollection constructor.
+     *
+     * @param ISystemTagManager $tagManager
+     * @param IUserSession $userSession
+     * @param IGroupManager $groupManager
+     */
+    public function __construct(
+        ISystemTagManager $tagManager,
+        IUserSession $userSession,
+        IGroupManager $groupManager
+    ) {
+        $this->tagManager = $tagManager;
+        $this->userSession = $userSession;
+        $this->groupManager = $groupManager;
+    }
+
+    /**
+     * Returns whether the currently logged in user is an administrator
+     *
+     * @return bool true if the user is an admin
+     */
+    private function isAdmin() {
+        $user = $this->userSession->getUser();
+        if ($user !== null) {
+            return $this->groupManager->isAdmin($user->getUID());
+        }
+        return false;
+    }
+
+    /**
+     * @param string $name
+     * @param resource|string $data Initial payload
+     *
+     * @throws Forbidden
+     *
+     * @return never
+     */
+    public function createFile($name, $data = null) {
+        throw new Forbidden('Cannot create tags by id');
+    }
+
+    /**
+     * @param string $name
+     *
+     * @return never
+     */
+    public function createDirectory($name) {
+        throw new Forbidden('Permission denied to create collections');
+    }
+
+    /**
+     * @param string $name
+     *
+     * @return SystemTagNode
+     */
+    public function getChild($name) {
+        try {
+            $tag = $this->tagManager->getTagsByIds([$name]);
+            $tag = current($tag);
+            if (!$this->tagManager->canUserSeeTag($tag, $this->userSession->getUser())) {
+                throw new NotFound('Tag with id ' . $name . ' not found');
+            }
+            return $this->makeNode($tag);
+        } catch (\InvalidArgumentException $e) {
+            throw new BadRequest('Invalid tag id', 0, $e);
+        } catch (TagNotFoundException $e) {
+            throw new NotFound('Tag with id ' . $name . ' not found', 0, $e);
+        }
+    }
+
+    /**
+     * @return SystemTagNode[]
+     *
+     * @psalm-return array<SystemTagNode>
+     */
+    public function getChildren() {
+        $visibilityFilter = true;
+        if ($this->isAdmin()) {
+            $visibilityFilter = null;
+        }
+
+        $tags = $this->tagManager->getAllTags($visibilityFilter);
+        return array_map(function ($tag) {
+            return $this->makeNode($tag);
+        }, $tags);
+    }
+
+    /**
+     * @param string $name
+     */
+    public function childExists($name) {
+        try {
+            $tag = $this->tagManager->getTagsByIds([$name]);
+            $tag = current($tag);
+            if (!$this->tagManager->canUserSeeTag($tag, $this->userSession->getUser())) {
+                return false;
+            }
+            return true;
+        } catch (\InvalidArgumentException $e) {
+            throw new BadRequest('Invalid tag id', 0, $e);
+        } catch (TagNotFoundException $e) {
+            return false;
+        }
+    }
+
+    /**
+     * @return never
+     */
+    public function delete() {
+        throw new Forbidden('Permission denied to delete this collection');
+    }
+
+    /**
+     * @return string
+     *
+     * @psalm-return 'systemtags'
+     */
+    public function getName() {
+        return 'systemtags';
+    }
+
+    /**
+     * @return never
+     */
+    public function setName($name) {
+        throw new Forbidden('Permission denied to rename this collection');
+    }
+
+    /**
+     * Returns the last modification time, as a unix timestamp
+     *
+     * @return null
+     */
+    public function getLastModified() {
+        return null;
+    }
+
+    /**
+     * Create a sabre node for the given system tag
+     *
+     * @param ISystemTag $tag
+     *
+     * @return SystemTagNode
+     */
+    private function makeNode(ISystemTag $tag) {
+        return new SystemTagNode($tag, $this->userSession->getUser(), $this->isAdmin(), $this->tagManager);
+    }
 }

apps/dav/lib/SystemTag/SystemTagsObjectTypeCollection.php

Indentation +147 added lines, -147 removed lines

@@ -39,151 +39,151 @@
  */
 class SystemTagsObjectTypeCollection implements ICollection {
 
-	/**
-	 * @var string
-	 */
-	private $objectType;
-
-	/**
-	 * @var ISystemTagManager
-	 */
-	private $tagManager;
-
-	/**
-	 * @var ISystemTagObjectMapper
-	 */
-	private $tagMapper;
-
-	/**
-	 * @var IGroupManager
-	 */
-	private $groupManager;
-
-	/**
-	 * @var IUserSession
-	 */
-	private $userSession;
-
-	/**
-	 * @var \Closure
-	 **/
-	protected $childExistsFunction;
-
-	/**
-	 * Constructor
-	 *
-	 * @param string $objectType object type
-	 * @param ISystemTagManager $tagManager
-	 * @param ISystemTagObjectMapper $tagMapper
-	 * @param IUserSession $userSession
-	 * @param IGroupManager $groupManager
-	 * @param \Closure $childExistsFunction
-	 */
-	public function __construct(
-		$objectType,
-		ISystemTagManager $tagManager,
-		ISystemTagObjectMapper $tagMapper,
-		IUserSession $userSession,
-		IGroupManager $groupManager,
-		\Closure $childExistsFunction
-	) {
-		$this->tagManager = $tagManager;
-		$this->tagMapper = $tagMapper;
-		$this->objectType = $objectType;
-		$this->userSession = $userSession;
-		$this->groupManager = $groupManager;
-		$this->childExistsFunction = $childExistsFunction;
-	}
-
-	/**
-	 * @param string $name
-	 * @param resource|string $data Initial payload
-	 *
-	 * @return never
-	 *
-	 * @throws Forbidden
-	 */
-	public function createFile($name, $data = null) {
-		throw new Forbidden('Permission denied to create nodes');
-	}
-
-	/**
-	 * @param string $name
-	 *
-	 * @throws Forbidden
-	 *
-	 * @return never
-	 */
-	public function createDirectory($name) {
-		throw new Forbidden('Permission denied to create collections');
-	}
-
-	/**
-	 * @param string $objectName
-	 *
-	 * @return SystemTagsObjectMappingCollection
-	 * @throws NotFound
-	 */
-	public function getChild($objectName) {
-		// make sure the object exists and is reachable
-		if (!$this->childExists($objectName)) {
-			throw new NotFound('Entity does not exist or is not available');
-		}
-		return new SystemTagsObjectMappingCollection(
-			$objectName,
-			$this->objectType,
-			$this->userSession->getUser(),
-			$this->tagManager,
-			$this->tagMapper
-		);
-	}
-
-	/**
-	 * @return never
-	 */
-	public function getChildren() {
-		// do not list object ids
-		throw new MethodNotAllowed();
-	}
-
-	/**
-	 * Checks if a child-node with the specified name exists
-	 *
-	 * @param string $name
-	 * @return bool
-	 */
-	public function childExists($name) {
-		return call_user_func($this->childExistsFunction, $name);
-	}
-
-	/**
-	 * @return never
-	 */
-	public function delete() {
-		throw new Forbidden('Permission denied to delete this collection');
-	}
-
-	public function getName() {
-		return $this->objectType;
-	}
-
-	/**
-	 * @param string $name
-	 *
-	 * @throws Forbidden
-	 *
-	 * @return never
-	 */
-	public function setName($name) {
-		throw new Forbidden('Permission denied to rename this collection');
-	}
-
-	/**
-	 * Returns the last modification time, as a unix timestamp
-	 *
-	 * @return null
-	 */
-	public function getLastModified() {
-		return null;
-	}
+    /**
+     * @var string
+     */
+    private $objectType;
+
+    /**
+     * @var ISystemTagManager
+     */
+    private $tagManager;
+
+    /**
+     * @var ISystemTagObjectMapper
+     */
+    private $tagMapper;
+
+    /**
+     * @var IGroupManager
+     */
+    private $groupManager;
+
+    /**
+     * @var IUserSession
+     */
+    private $userSession;
+
+    /**
+     * @var \Closure
+     **/
+    protected $childExistsFunction;
+
+    /**
+     * Constructor
+     *
+     * @param string $objectType object type
+     * @param ISystemTagManager $tagManager
+     * @param ISystemTagObjectMapper $tagMapper
+     * @param IUserSession $userSession
+     * @param IGroupManager $groupManager
+     * @param \Closure $childExistsFunction
+     */
+    public function __construct(
+        $objectType,
+        ISystemTagManager $tagManager,
+        ISystemTagObjectMapper $tagMapper,
+        IUserSession $userSession,
+        IGroupManager $groupManager,
+        \Closure $childExistsFunction
+    ) {
+        $this->tagManager = $tagManager;
+        $this->tagMapper = $tagMapper;
+        $this->objectType = $objectType;
+        $this->userSession = $userSession;
+        $this->groupManager = $groupManager;
+        $this->childExistsFunction = $childExistsFunction;
+    }
+
+    /**
+     * @param string $name
+     * @param resource|string $data Initial payload
+     *
+     * @return never
+     *
+     * @throws Forbidden
+     */
+    public function createFile($name, $data = null) {
+        throw new Forbidden('Permission denied to create nodes');
+    }
+
+    /**
+     * @param string $name
+     *
+     * @throws Forbidden
+     *
+     * @return never
+     */
+    public function createDirectory($name) {
+        throw new Forbidden('Permission denied to create collections');
+    }
+
+    /**
+     * @param string $objectName
+     *
+     * @return SystemTagsObjectMappingCollection
+     * @throws NotFound
+     */
+    public function getChild($objectName) {
+        // make sure the object exists and is reachable
+        if (!$this->childExists($objectName)) {
+            throw new NotFound('Entity does not exist or is not available');
+        }
+        return new SystemTagsObjectMappingCollection(
+            $objectName,
+            $this->objectType,
+            $this->userSession->getUser(),
+            $this->tagManager,
+            $this->tagMapper
+        );
+    }
+
+    /**
+     * @return never
+     */
+    public function getChildren() {
+        // do not list object ids
+        throw new MethodNotAllowed();
+    }
+
+    /**
+     * Checks if a child-node with the specified name exists
+     *
+     * @param string $name
+     * @return bool
+     */
+    public function childExists($name) {
+        return call_user_func($this->childExistsFunction, $name);
+    }
+
+    /**
+     * @return never
+     */
+    public function delete() {
+        throw new Forbidden('Permission denied to delete this collection');
+    }
+
+    public function getName() {
+        return $this->objectType;
+    }
+
+    /**
+     * @param string $name
+     *
+     * @throws Forbidden
+     *
+     * @return never
+     */
+    public function setName($name) {
+        throw new Forbidden('Permission denied to rename this collection');
+    }
+
+    /**
+     * Returns the last modification time, as a unix timestamp
+     *
+     * @return null
+     */
+    public function getLastModified() {
+        return null;
+    }
 }

apps/dav/lib/SystemTag/SystemTagPlugin.php

Indentation +360 added lines, -360 removed lines

@@ -52,365 +52,365 @@
  */
 class SystemTagPlugin extends \Sabre\DAV\ServerPlugin {
 
-	// namespace
-	public const NS_OWNCLOUD = 'http://owncloud.org/ns';
-	public const ID_PROPERTYNAME = '{http://owncloud.org/ns}id';
-	public const DISPLAYNAME_PROPERTYNAME = '{http://owncloud.org/ns}display-name';
-	public const USERVISIBLE_PROPERTYNAME = '{http://owncloud.org/ns}user-visible';
-	public const USERASSIGNABLE_PROPERTYNAME = '{http://owncloud.org/ns}user-assignable';
-	public const GROUPS_PROPERTYNAME = '{http://owncloud.org/ns}groups';
-	public const CANASSIGN_PROPERTYNAME = '{http://owncloud.org/ns}can-assign';
-	public const SYSTEM_TAGS_PROPERTYNAME = '{http://nextcloud.org/ns}system-tags';
-
-	/**
-	 * @var \Sabre\DAV\Server $server
-	 */
-	private $server;
-
-	/**
-	 * @var ISystemTagManager
-	 */
-	protected $tagManager;
-
-	/**
-	 * @var IUserSession
-	 */
-	protected $userSession;
-
-	/**
-	 * @var IGroupManager
-	 */
-	protected $groupManager;
-
-	/** @var array<int, string[]> */
-	private array $cachedTagMappings = [];
-	/** @var array<string, ISystemTag> */
-	private array $cachedTags = [];
-
-	private ISystemTagObjectMapper $tagMapper;
-
-	public function __construct(
-		ISystemTagManager $tagManager,
-		IGroupManager $groupManager,
-		IUserSession $userSession,
-		ISystemTagObjectMapper $tagMapper,
-	) {
-		$this->tagManager = $tagManager;
-		$this->userSession = $userSession;
-		$this->groupManager = $groupManager;
-		$this->tagMapper = $tagMapper;
-	}
-
-	/**
-	 * This initializes the plugin.
-	 *
-	 * This function is called by \Sabre\DAV\Server, after
-	 * addPlugin is called.
-	 *
-	 * This method should set up the required event subscriptions.
-	 *
-	 * @param \Sabre\DAV\Server $server
-	 * @return void
-	 */
-	public function initialize(\Sabre\DAV\Server $server) {
-		$server->xml->namespaceMap[self::NS_OWNCLOUD] = 'oc';
-
-		$server->protectedProperties[] = self::ID_PROPERTYNAME;
-
-		$server->on('propFind', [$this, 'handleGetProperties']);
-		$server->on('propPatch', [$this, 'handleUpdateProperties']);
-		$server->on('method:POST', [$this, 'httpPost']);
-
-		$this->server = $server;
-	}
-
-	/**
-	 * POST operation on system tag collections
-	 *
-	 * @param RequestInterface $request request object
-	 * @param ResponseInterface $response response object
-	 * @return null|false
-	 */
-	public function httpPost(RequestInterface $request, ResponseInterface $response) {
-		$path = $request->getPath();
-
-		// Making sure the node exists
-		$node = $this->server->tree->getNodeForPath($path);
-		if ($node instanceof SystemTagsByIdCollection || $node instanceof SystemTagsObjectMappingCollection) {
-			$data = $request->getBodyAsString();
-
-			$tag = $this->createTag($data, $request->getHeader('Content-Type'));
-
-			if ($node instanceof SystemTagsObjectMappingCollection) {
-				// also add to collection
-				$node->createFile($tag->getId());
-				$url = $request->getBaseUrl() . 'systemtags/';
-			} else {
-				$url = $request->getUrl();
-			}
-
-			if ($url[strlen($url) - 1] !== '/') {
-				$url .= '/';
-			}
-
-			$response->setHeader('Content-Location', $url . $tag->getId());
-
-			// created
-			$response->setStatus(201);
-			return false;
-		}
-	}
-
-	/**
-	 * Creates a new tag
-	 *
-	 * @param string $data JSON encoded string containing the properties of the tag to create
-	 * @param string $contentType content type of the data
-	 * @return ISystemTag newly created system tag
-	 *
-	 * @throws BadRequest if a field was missing
-	 * @throws Conflict if a tag with the same properties already exists
-	 * @throws UnsupportedMediaType if the content type is not supported
-	 */
-	private function createTag($data, $contentType = 'application/json') {
-		if (explode(';', $contentType)[0] === 'application/json') {
-			$data = json_decode($data, true, 512, JSON_THROW_ON_ERROR);
-		} else {
-			throw new UnsupportedMediaType();
-		}
-
-		if (!isset($data['name'])) {
-			throw new BadRequest('Missing "name" attribute');
-		}
-
-		$tagName = $data['name'];
-		$userVisible = true;
-		$userAssignable = true;
-
-		if (isset($data['userVisible'])) {
-			$userVisible = (bool)$data['userVisible'];
-		}
-
-		if (isset($data['userAssignable'])) {
-			$userAssignable = (bool)$data['userAssignable'];
-		}
-
-		$groups = [];
-		if (isset($data['groups'])) {
-			$groups = $data['groups'];
-			if (is_string($groups)) {
-				$groups = explode('|', $groups);
-			}
-		}
-
-		if ($userVisible === false || $userAssignable === false || !empty($groups)) {
-			if (!$this->userSession->isLoggedIn() || !$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
-				throw new BadRequest('Not sufficient permissions');
-			}
-		}
-
-		try {
-			$tag = $this->tagManager->createTag($tagName, $userVisible, $userAssignable);
-			if (!empty($groups)) {
-				$this->tagManager->setTagGroups($tag, $groups);
-			}
-			return $tag;
-		} catch (TagAlreadyExistsException $e) {
-			throw new Conflict('Tag already exists', 0, $e);
-		}
-	}
-
-
-	/**
-	 * Retrieves system tag properties
-	 *
-	 * @param PropFind $propFind
-	 * @param \Sabre\DAV\INode $node
-	 *
-	 * @return void
-	 */
-	public function handleGetProperties(
-		PropFind $propFind,
-		\Sabre\DAV\INode $node
-	) {
-		if ($node instanceof Node) {
-			$this->propfindForFile($propFind, $node);
-			return;
-		}
-
-		if (!($node instanceof SystemTagNode) && !($node instanceof SystemTagMappingNode)) {
-			return;
-		}
-
-		$propFind->handle(self::ID_PROPERTYNAME, function () use ($node) {
-			return $node->getSystemTag()->getId();
-		});
-
-		$propFind->handle(self::DISPLAYNAME_PROPERTYNAME, function () use ($node) {
-			return $node->getSystemTag()->getName();
-		});
-
-		$propFind->handle(self::USERVISIBLE_PROPERTYNAME, function () use ($node) {
-			return $node->getSystemTag()->isUserVisible() ? 'true' : 'false';
-		});
-
-		$propFind->handle(self::USERASSIGNABLE_PROPERTYNAME, function () use ($node) {
-			// this is the tag's inherent property "is user assignable"
-			return $node->getSystemTag()->isUserAssignable() ? 'true' : 'false';
-		});
-
-		$propFind->handle(self::CANASSIGN_PROPERTYNAME, function () use ($node) {
-			// this is the effective permission for the current user
-			return $this->tagManager->canUserAssignTag($node->getSystemTag(), $this->userSession->getUser()) ? 'true' : 'false';
-		});
-
-		$propFind->handle(self::GROUPS_PROPERTYNAME, function () use ($node) {
-			if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
-				// property only available for admins
-				throw new Forbidden();
-			}
-			$groups = [];
-			// no need to retrieve groups for namespaces that don't qualify
-			if ($node->getSystemTag()->isUserVisible() && !$node->getSystemTag()->isUserAssignable()) {
-				$groups = $this->tagManager->getTagGroups($node->getSystemTag());
-			}
-			return implode('|', $groups);
-		});
-	}
-
-	private function propfindForFile(PropFind $propFind, Node $node): void {
-		if ($node instanceof Directory
-			&& $propFind->getDepth() !== 0
-			&& !is_null($propFind->getStatus(self::SYSTEM_TAGS_PROPERTYNAME))) {
-			$fileIds = [$node->getId()];
-
-			// note: pre-fetching only supported for depth <= 1
-			$folderContent = $node->getNode()->getDirectoryListing();
-			foreach ($folderContent as $info) {
-				$fileIds[] = $info->getId();
-			}
-
-			$tags = $this->tagMapper->getTagIdsForObjects($fileIds, 'files');
-
-			$this->cachedTagMappings = $this->cachedTagMappings + $tags;
-			$emptyFileIds = array_diff($fileIds, array_keys($tags));
-
-			// also cache the ones that were not found
-			foreach ($emptyFileIds as $fileId) {
-				$this->cachedTagMappings[$fileId] = [];
-			}
-		}
-
-		$propFind->handle(self::SYSTEM_TAGS_PROPERTYNAME, function () use ($node) {
-			$user = $this->userSession->getUser();
-			if ($user === null) {
-				return;
-			}
+    // namespace
+    public const NS_OWNCLOUD = 'http://owncloud.org/ns';
+    public const ID_PROPERTYNAME = '{http://owncloud.org/ns}id';
+    public const DISPLAYNAME_PROPERTYNAME = '{http://owncloud.org/ns}display-name';
+    public const USERVISIBLE_PROPERTYNAME = '{http://owncloud.org/ns}user-visible';
+    public const USERASSIGNABLE_PROPERTYNAME = '{http://owncloud.org/ns}user-assignable';
+    public const GROUPS_PROPERTYNAME = '{http://owncloud.org/ns}groups';
+    public const CANASSIGN_PROPERTYNAME = '{http://owncloud.org/ns}can-assign';
+    public const SYSTEM_TAGS_PROPERTYNAME = '{http://nextcloud.org/ns}system-tags';
+
+    /**
+     * @var \Sabre\DAV\Server $server
+     */
+    private $server;
+
+    /**
+     * @var ISystemTagManager
+     */
+    protected $tagManager;
+
+    /**
+     * @var IUserSession
+     */
+    protected $userSession;
+
+    /**
+     * @var IGroupManager
+     */
+    protected $groupManager;
+
+    /** @var array<int, string[]> */
+    private array $cachedTagMappings = [];
+    /** @var array<string, ISystemTag> */
+    private array $cachedTags = [];
+
+    private ISystemTagObjectMapper $tagMapper;
+
+    public function __construct(
+        ISystemTagManager $tagManager,
+        IGroupManager $groupManager,
+        IUserSession $userSession,
+        ISystemTagObjectMapper $tagMapper,
+    ) {
+        $this->tagManager = $tagManager;
+        $this->userSession = $userSession;
+        $this->groupManager = $groupManager;
+        $this->tagMapper = $tagMapper;
+    }
+
+    /**
+     * This initializes the plugin.
+     *
+     * This function is called by \Sabre\DAV\Server, after
+     * addPlugin is called.
+     *
+     * This method should set up the required event subscriptions.
+     *
+     * @param \Sabre\DAV\Server $server
+     * @return void
+     */
+    public function initialize(\Sabre\DAV\Server $server) {
+        $server->xml->namespaceMap[self::NS_OWNCLOUD] = 'oc';
+
+        $server->protectedProperties[] = self::ID_PROPERTYNAME;
+
+        $server->on('propFind', [$this, 'handleGetProperties']);
+        $server->on('propPatch', [$this, 'handleUpdateProperties']);
+        $server->on('method:POST', [$this, 'httpPost']);
+
+        $this->server = $server;
+    }
+
+    /**
+     * POST operation on system tag collections
+     *
+     * @param RequestInterface $request request object
+     * @param ResponseInterface $response response object
+     * @return null|false
+     */
+    public function httpPost(RequestInterface $request, ResponseInterface $response) {
+        $path = $request->getPath();
+
+        // Making sure the node exists
+        $node = $this->server->tree->getNodeForPath($path);
+        if ($node instanceof SystemTagsByIdCollection || $node instanceof SystemTagsObjectMappingCollection) {
+            $data = $request->getBodyAsString();
+
+            $tag = $this->createTag($data, $request->getHeader('Content-Type'));
+
+            if ($node instanceof SystemTagsObjectMappingCollection) {
+                // also add to collection
+                $node->createFile($tag->getId());
+                $url = $request->getBaseUrl() . 'systemtags/';
+            } else {
+                $url = $request->getUrl();
+            }
+
+            if ($url[strlen($url) - 1] !== '/') {
+                $url .= '/';
+            }
+
+            $response->setHeader('Content-Location', $url . $tag->getId());
+
+            // created
+            $response->setStatus(201);
+            return false;
+        }
+    }
+
+    /**
+     * Creates a new tag
+     *
+     * @param string $data JSON encoded string containing the properties of the tag to create
+     * @param string $contentType content type of the data
+     * @return ISystemTag newly created system tag
+     *
+     * @throws BadRequest if a field was missing
+     * @throws Conflict if a tag with the same properties already exists
+     * @throws UnsupportedMediaType if the content type is not supported
+     */
+    private function createTag($data, $contentType = 'application/json') {
+        if (explode(';', $contentType)[0] === 'application/json') {
+            $data = json_decode($data, true, 512, JSON_THROW_ON_ERROR);
+        } else {
+            throw new UnsupportedMediaType();
+        }
+
+        if (!isset($data['name'])) {
+            throw new BadRequest('Missing "name" attribute');
+        }
+
+        $tagName = $data['name'];
+        $userVisible = true;
+        $userAssignable = true;
+
+        if (isset($data['userVisible'])) {
+            $userVisible = (bool)$data['userVisible'];
+        }
+
+        if (isset($data['userAssignable'])) {
+            $userAssignable = (bool)$data['userAssignable'];
+        }
+
+        $groups = [];
+        if (isset($data['groups'])) {
+            $groups = $data['groups'];
+            if (is_string($groups)) {
+                $groups = explode('|', $groups);
+            }
+        }
+
+        if ($userVisible === false || $userAssignable === false || !empty($groups)) {
+            if (!$this->userSession->isLoggedIn() || !$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
+                throw new BadRequest('Not sufficient permissions');
+            }
+        }
+
+        try {
+            $tag = $this->tagManager->createTag($tagName, $userVisible, $userAssignable);
+            if (!empty($groups)) {
+                $this->tagManager->setTagGroups($tag, $groups);
+            }
+            return $tag;
+        } catch (TagAlreadyExistsException $e) {
+            throw new Conflict('Tag already exists', 0, $e);
+        }
+    }
+
+
+    /**
+     * Retrieves system tag properties
+     *
+     * @param PropFind $propFind
+     * @param \Sabre\DAV\INode $node
+     *
+     * @return void
+     */
+    public function handleGetProperties(
+        PropFind $propFind,
+        \Sabre\DAV\INode $node
+    ) {
+        if ($node instanceof Node) {
+            $this->propfindForFile($propFind, $node);
+            return;
+        }
+
+        if (!($node instanceof SystemTagNode) && !($node instanceof SystemTagMappingNode)) {
+            return;
+        }
+
+        $propFind->handle(self::ID_PROPERTYNAME, function () use ($node) {
+            return $node->getSystemTag()->getId();
+        });
+
+        $propFind->handle(self::DISPLAYNAME_PROPERTYNAME, function () use ($node) {
+            return $node->getSystemTag()->getName();
+        });
+
+        $propFind->handle(self::USERVISIBLE_PROPERTYNAME, function () use ($node) {
+            return $node->getSystemTag()->isUserVisible() ? 'true' : 'false';
+        });
+
+        $propFind->handle(self::USERASSIGNABLE_PROPERTYNAME, function () use ($node) {
+            // this is the tag's inherent property "is user assignable"
+            return $node->getSystemTag()->isUserAssignable() ? 'true' : 'false';
+        });
+
+        $propFind->handle(self::CANASSIGN_PROPERTYNAME, function () use ($node) {
+            // this is the effective permission for the current user
+            return $this->tagManager->canUserAssignTag($node->getSystemTag(), $this->userSession->getUser()) ? 'true' : 'false';
+        });
+
+        $propFind->handle(self::GROUPS_PROPERTYNAME, function () use ($node) {
+            if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
+                // property only available for admins
+                throw new Forbidden();
+            }
+            $groups = [];
+            // no need to retrieve groups for namespaces that don't qualify
+            if ($node->getSystemTag()->isUserVisible() && !$node->getSystemTag()->isUserAssignable()) {
+                $groups = $this->tagManager->getTagGroups($node->getSystemTag());
+            }
+            return implode('|', $groups);
+        });
+    }
+
+    private function propfindForFile(PropFind $propFind, Node $node): void {
+        if ($node instanceof Directory
+            && $propFind->getDepth() !== 0
+            && !is_null($propFind->getStatus(self::SYSTEM_TAGS_PROPERTYNAME))) {
+            $fileIds = [$node->getId()];
+
+            // note: pre-fetching only supported for depth <= 1
+            $folderContent = $node->getNode()->getDirectoryListing();
+            foreach ($folderContent as $info) {
+                $fileIds[] = $info->getId();
+            }
+
+            $tags = $this->tagMapper->getTagIdsForObjects($fileIds, 'files');
+
+            $this->cachedTagMappings = $this->cachedTagMappings + $tags;
+            $emptyFileIds = array_diff($fileIds, array_keys($tags));
+
+            // also cache the ones that were not found
+            foreach ($emptyFileIds as $fileId) {
+                $this->cachedTagMappings[$fileId] = [];
+            }
+        }
+
+        $propFind->handle(self::SYSTEM_TAGS_PROPERTYNAME, function () use ($node) {
+            $user = $this->userSession->getUser();
+            if ($user === null) {
+                return;
+            }
 	
-			$tags = $this->getTagsForFile($node->getId(), $user);
-			return new SystemTagList($tags, $this->tagManager, $user);
-		});
-	}
-
-	/**
-	 * @param int $fileId
-	 * @return ISystemTag[]
-	 */
-	private function getTagsForFile(int $fileId, IUser $user): array {
-
-		if (isset($this->cachedTagMappings[$fileId])) {
-			$tagIds = $this->cachedTagMappings[$fileId];
-		} else {
-			$tags = $this->tagMapper->getTagIdsForObjects([$fileId], 'files');
-			$fileTags = current($tags);
-			if ($fileTags) {
-				$tagIds = $fileTags;
-			} else {
-				$tagIds = [];
-			}
-		}
-
-		$tags = array_filter(array_map(function(string $tagId) {
-			return $this->cachedTags[$tagId] ?? null;
-		}, $tagIds));
-
-		$uncachedTagIds = array_filter($tagIds, function(string $tagId): bool {
-			return !isset($this->cachedTags[$tagId]);
-		});
-
-		if (count($uncachedTagIds)) {
-			$retrievedTags = $this->tagManager->getTagsByIds($uncachedTagIds);
-			foreach ($retrievedTags as $tag) {
-				$this->cachedTags[$tag->getId()] = $tag;
-			}
-			$tags += $retrievedTags;
-		}
-
-		return array_filter($tags, function(ISystemTag $tag) use ($user) {
-			return $this->tagManager->canUserSeeTag($tag, $user);
-		});
-	}
-
-	/**
-	 * Updates tag attributes
-	 *
-	 * @param string $path
-	 * @param PropPatch $propPatch
-	 *
-	 * @return void
-	 */
-	public function handleUpdateProperties($path, PropPatch $propPatch) {
-		$node = $this->server->tree->getNodeForPath($path);
-		if (!($node instanceof SystemTagNode)) {
-			return;
-		}
-
-		$propPatch->handle([
-			self::DISPLAYNAME_PROPERTYNAME,
-			self::USERVISIBLE_PROPERTYNAME,
-			self::USERASSIGNABLE_PROPERTYNAME,
-			self::GROUPS_PROPERTYNAME,
-		], function ($props) use ($node) {
-			$tag = $node->getSystemTag();
-			$name = $tag->getName();
-			$userVisible = $tag->isUserVisible();
-			$userAssignable = $tag->isUserAssignable();
-
-			$updateTag = false;
-
-			if (isset($props[self::DISPLAYNAME_PROPERTYNAME])) {
-				$name = $props[self::DISPLAYNAME_PROPERTYNAME];
-				$updateTag = true;
-			}
-
-			if (isset($props[self::USERVISIBLE_PROPERTYNAME])) {
-				$propValue = $props[self::USERVISIBLE_PROPERTYNAME];
-				$userVisible = ($propValue !== 'false' && $propValue !== '0');
-				$updateTag = true;
-			}
-
-			if (isset($props[self::USERASSIGNABLE_PROPERTYNAME])) {
-				$propValue = $props[self::USERASSIGNABLE_PROPERTYNAME];
-				$userAssignable = ($propValue !== 'false' && $propValue !== '0');
-				$updateTag = true;
-			}
-
-			if (isset($props[self::GROUPS_PROPERTYNAME])) {
-				if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
-					// property only available for admins
-					throw new Forbidden();
-				}
-
-				$propValue = $props[self::GROUPS_PROPERTYNAME];
-				$groupIds = explode('|', $propValue);
-				$this->tagManager->setTagGroups($tag, $groupIds);
-			}
-
-			if ($updateTag) {
-				$node->update($name, $userVisible, $userAssignable);
-			}
-
-			return true;
-		});
-	}
+            $tags = $this->getTagsForFile($node->getId(), $user);
+            return new SystemTagList($tags, $this->tagManager, $user);
+        });
+    }
+
+    /**
+     * @param int $fileId
+     * @return ISystemTag[]
+     */
+    private function getTagsForFile(int $fileId, IUser $user): array {
+
+        if (isset($this->cachedTagMappings[$fileId])) {
+            $tagIds = $this->cachedTagMappings[$fileId];
+        } else {
+            $tags = $this->tagMapper->getTagIdsForObjects([$fileId], 'files');
+            $fileTags = current($tags);
+            if ($fileTags) {
+                $tagIds = $fileTags;
+            } else {
+                $tagIds = [];
+            }
+        }
+
+        $tags = array_filter(array_map(function(string $tagId) {
+            return $this->cachedTags[$tagId] ?? null;
+        }, $tagIds));
+
+        $uncachedTagIds = array_filter($tagIds, function(string $tagId): bool {
+            return !isset($this->cachedTags[$tagId]);
+        });
+
+        if (count($uncachedTagIds)) {
+            $retrievedTags = $this->tagManager->getTagsByIds($uncachedTagIds);
+            foreach ($retrievedTags as $tag) {
+                $this->cachedTags[$tag->getId()] = $tag;
+            }
+            $tags += $retrievedTags;
+        }
+
+        return array_filter($tags, function(ISystemTag $tag) use ($user) {
+            return $this->tagManager->canUserSeeTag($tag, $user);
+        });
+    }
+
+    /**
+     * Updates tag attributes
+     *
+     * @param string $path
+     * @param PropPatch $propPatch
+     *
+     * @return void
+     */
+    public function handleUpdateProperties($path, PropPatch $propPatch) {
+        $node = $this->server->tree->getNodeForPath($path);
+        if (!($node instanceof SystemTagNode)) {
+            return;
+        }
+
+        $propPatch->handle([
+            self::DISPLAYNAME_PROPERTYNAME,
+            self::USERVISIBLE_PROPERTYNAME,
+            self::USERASSIGNABLE_PROPERTYNAME,
+            self::GROUPS_PROPERTYNAME,
+        ], function ($props) use ($node) {
+            $tag = $node->getSystemTag();
+            $name = $tag->getName();
+            $userVisible = $tag->isUserVisible();
+            $userAssignable = $tag->isUserAssignable();
+
+            $updateTag = false;
+
+            if (isset($props[self::DISPLAYNAME_PROPERTYNAME])) {
+                $name = $props[self::DISPLAYNAME_PROPERTYNAME];
+                $updateTag = true;
+            }
+
+            if (isset($props[self::USERVISIBLE_PROPERTYNAME])) {
+                $propValue = $props[self::USERVISIBLE_PROPERTYNAME];
+                $userVisible = ($propValue !== 'false' && $propValue !== '0');
+                $updateTag = true;
+            }
+
+            if (isset($props[self::USERASSIGNABLE_PROPERTYNAME])) {
+                $propValue = $props[self::USERASSIGNABLE_PROPERTYNAME];
+                $userAssignable = ($propValue !== 'false' && $propValue !== '0');
+                $updateTag = true;
+            }
+
+            if (isset($props[self::GROUPS_PROPERTYNAME])) {
+                if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
+                    // property only available for admins
+                    throw new Forbidden();
+                }
+
+                $propValue = $props[self::GROUPS_PROPERTYNAME];
+                $groupIds = explode('|', $propValue);
+                $this->tagManager->setTagGroups($tag, $groupIds);
+            }
+
+            if ($updateTag) {
+                $node->update($name, $userVisible, $userAssignable);
+            }
+
+            return true;
+        });
+    }
 }

apps/dav/lib/SystemTag/SystemTagsObjectMappingCollection.php

Indentation +186 added lines, -186 removed lines

@@ -41,190 +41,190 @@
  */
 class SystemTagsObjectMappingCollection implements ICollection {
 
-	/**
-	 * @var string
-	 */
-	private $objectId;
-
-	/**
-	 * @var string
-	 */
-	private $objectType;
-
-	/**
-	 * @var ISystemTagManager
-	 */
-	private $tagManager;
-
-	/**
-	 * @var ISystemTagObjectMapper
-	 */
-	private $tagMapper;
-
-	/**
-	 * User
-	 *
-	 * @var IUser
-	 */
-	private $user;
-
-
-	/**
-	 * Constructor
-	 *
-	 * @param string $objectId object id
-	 * @param string $objectType object type
-	 * @param IUser $user user
-	 * @param ISystemTagManager $tagManager tag manager
-	 * @param ISystemTagObjectMapper $tagMapper tag mapper
-	 */
-	public function __construct(
-		$objectId,
-		$objectType,
-		IUser $user,
-		ISystemTagManager $tagManager,
-		ISystemTagObjectMapper $tagMapper
-	) {
-		$this->tagManager = $tagManager;
-		$this->tagMapper = $tagMapper;
-		$this->objectId = $objectId;
-		$this->objectType = $objectType;
-		$this->user = $user;
-	}
-
-	/**
-	 * @return void
-	 */
-	public function createFile($name, $data = null) {
-		$tagId = $name;
-		try {
-			$tags = $this->tagManager->getTagsByIds([$tagId]);
-			$tag = current($tags);
-			if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
-				throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
-			}
-			if (!$this->tagManager->canUserAssignTag($tag, $this->user)) {
-				throw new Forbidden('No permission to assign tag ' . $tagId);
-			}
-
-			$this->tagMapper->assignTags($this->objectId, $this->objectType, $tagId);
-		} catch (TagNotFoundException $e) {
-			throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
-		}
-	}
-
-	/**
-	 * @return never
-	 */
-	public function createDirectory($name) {
-		throw new Forbidden('Permission denied to create collections');
-	}
-
-	/**
-	 * @return SystemTagMappingNode
-	 */
-	public function getChild($tagName) {
-		try {
-			if ($this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagName, true)) {
-				$tag = $this->tagManager->getTagsByIds([$tagName]);
-				$tag = current($tag);
-				if ($this->tagManager->canUserSeeTag($tag, $this->user)) {
-					return $this->makeNode($tag);
-				}
-			}
-			throw new NotFound('Tag with id ' . $tagName . ' not present for object ' . $this->objectId);
-		} catch (\InvalidArgumentException $e) {
-			throw new BadRequest('Invalid tag id', 0, $e);
-		} catch (TagNotFoundException $e) {
-			throw new NotFound('Tag with id ' . $tagName . ' not found', 0, $e);
-		}
-	}
-
-	/**
-	 * @return SystemTagMappingNode[]
-	 *
-	 * @psalm-return list<SystemTagMappingNode>
-	 */
-	public function getChildren() {
-		$tagIds = current($this->tagMapper->getTagIdsForObjects([$this->objectId], $this->objectType));
-		if (empty($tagIds)) {
-			return [];
-		}
-		$tags = $this->tagManager->getTagsByIds($tagIds);
-
-		// filter out non-visible tags
-		$tags = array_filter($tags, function ($tag) {
-			return $this->tagManager->canUserSeeTag($tag, $this->user);
-		});
-
-		return array_values(array_map(function ($tag) {
-			return $this->makeNode($tag);
-		}, $tags));
-	}
-
-	public function childExists($tagId) {
-		try {
-			$result = $this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagId, true);
-
-			if ($result) {
-				$tags = $this->tagManager->getTagsByIds([$tagId]);
-				$tag = current($tags);
-				if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
-					return false;
-				}
-			}
-
-			return $result;
-		} catch (\InvalidArgumentException $e) {
-			throw new BadRequest('Invalid tag id', 0, $e);
-		} catch (TagNotFoundException $e) {
-			return false;
-		}
-	}
-
-	/**
-	 * @return never
-	 */
-	public function delete() {
-		throw new Forbidden('Permission denied to delete this collection');
-	}
-
-	public function getName() {
-		return $this->objectId;
-	}
-
-	/**
-	 * @return never
-	 */
-	public function setName($name) {
-		throw new Forbidden('Permission denied to rename this collection');
-	}
-
-	/**
-	 * Returns the last modification time, as a unix timestamp
-	 *
-	 * @return null
-	 */
-	public function getLastModified() {
-		return null;
-	}
-
-	/**
-	 * Create a sabre node for the mapping of the
-	 * given system tag to the collection's object
-	 *
-	 * @param ISystemTag $tag
-	 *
-	 * @return SystemTagMappingNode
-	 */
-	private function makeNode(ISystemTag $tag) {
-		return new SystemTagMappingNode(
-			$tag,
-			$this->objectId,
-			$this->objectType,
-			$this->user,
-			$this->tagManager,
-			$this->tagMapper
-		);
-	}
+    /**
+     * @var string
+     */
+    private $objectId;
+
+    /**
+     * @var string
+     */
+    private $objectType;
+
+    /**
+     * @var ISystemTagManager
+     */
+    private $tagManager;
+
+    /**
+     * @var ISystemTagObjectMapper
+     */
+    private $tagMapper;
+
+    /**
+     * User
+     *
+     * @var IUser
+     */
+    private $user;
+
+
+    /**
+     * Constructor
+     *
+     * @param string $objectId object id
+     * @param string $objectType object type
+     * @param IUser $user user
+     * @param ISystemTagManager $tagManager tag manager
+     * @param ISystemTagObjectMapper $tagMapper tag mapper
+     */
+    public function __construct(
+        $objectId,
+        $objectType,
+        IUser $user,
+        ISystemTagManager $tagManager,
+        ISystemTagObjectMapper $tagMapper
+    ) {
+        $this->tagManager = $tagManager;
+        $this->tagMapper = $tagMapper;
+        $this->objectId = $objectId;
+        $this->objectType = $objectType;
+        $this->user = $user;
+    }
+
+    /**
+     * @return void
+     */
+    public function createFile($name, $data = null) {
+        $tagId = $name;
+        try {
+            $tags = $this->tagManager->getTagsByIds([$tagId]);
+            $tag = current($tags);
+            if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
+                throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
+            }
+            if (!$this->tagManager->canUserAssignTag($tag, $this->user)) {
+                throw new Forbidden('No permission to assign tag ' . $tagId);
+            }
+
+            $this->tagMapper->assignTags($this->objectId, $this->objectType, $tagId);
+        } catch (TagNotFoundException $e) {
+            throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
+        }
+    }
+
+    /**
+     * @return never
+     */
+    public function createDirectory($name) {
+        throw new Forbidden('Permission denied to create collections');
+    }
+
+    /**
+     * @return SystemTagMappingNode
+     */
+    public function getChild($tagName) {
+        try {
+            if ($this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagName, true)) {
+                $tag = $this->tagManager->getTagsByIds([$tagName]);
+                $tag = current($tag);
+                if ($this->tagManager->canUserSeeTag($tag, $this->user)) {
+                    return $this->makeNode($tag);
+                }
+            }
+            throw new NotFound('Tag with id ' . $tagName . ' not present for object ' . $this->objectId);
+        } catch (\InvalidArgumentException $e) {
+            throw new BadRequest('Invalid tag id', 0, $e);
+        } catch (TagNotFoundException $e) {
+            throw new NotFound('Tag with id ' . $tagName . ' not found', 0, $e);
+        }
+    }
+
+    /**
+     * @return SystemTagMappingNode[]
+     *
+     * @psalm-return list<SystemTagMappingNode>
+     */
+    public function getChildren() {
+        $tagIds = current($this->tagMapper->getTagIdsForObjects([$this->objectId], $this->objectType));
+        if (empty($tagIds)) {
+            return [];
+        }
+        $tags = $this->tagManager->getTagsByIds($tagIds);
+
+        // filter out non-visible tags
+        $tags = array_filter($tags, function ($tag) {
+            return $this->tagManager->canUserSeeTag($tag, $this->user);
+        });
+
+        return array_values(array_map(function ($tag) {
+            return $this->makeNode($tag);
+        }, $tags));
+    }
+
+    public function childExists($tagId) {
+        try {
+            $result = $this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagId, true);
+
+            if ($result) {
+                $tags = $this->tagManager->getTagsByIds([$tagId]);
+                $tag = current($tags);
+                if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
+                    return false;
+                }
+            }
+
+            return $result;
+        } catch (\InvalidArgumentException $e) {
+            throw new BadRequest('Invalid tag id', 0, $e);
+        } catch (TagNotFoundException $e) {
+            return false;
+        }
+    }
+
+    /**
+     * @return never
+     */
+    public function delete() {
+        throw new Forbidden('Permission denied to delete this collection');
+    }
+
+    public function getName() {
+        return $this->objectId;
+    }
+
+    /**
+     * @return never
+     */
+    public function setName($name) {
+        throw new Forbidden('Permission denied to rename this collection');
+    }
+
+    /**
+     * Returns the last modification time, as a unix timestamp
+     *
+     * @return null
+     */
+    public function getLastModified() {
+        return null;
+    }
+
+    /**
+     * Create a sabre node for the mapping of the
+     * given system tag to the collection's object
+     *
+     * @param ISystemTag $tag
+     *
+     * @return SystemTagMappingNode
+     */
+    private function makeNode(ISystemTag $tag) {
+        return new SystemTagMappingNode(
+            $tag,
+            $this->objectId,
+            $this->objectType,
+            $this->user,
+            $this->tagManager,
+            $this->tagMapper
+        );
+    }
 }

apps/dav/lib/SystemTag/SystemTagNode.php

Indentation +139 added lines, -139 removed lines

@@ -40,143 +40,143 @@
  */
 class SystemTagNode implements \Sabre\DAV\INode {
 
-	/**
-	 * @var ISystemTag
-	 */
-	protected $tag;
-
-	/**
-	 * @var ISystemTagManager
-	 */
-	protected $tagManager;
-
-	/**
-	 * User
-	 *
-	 * @var IUser
-	 */
-	protected $user;
-
-	/**
-	 * Whether to allow permissions for admins
-	 *
-	 * @var bool
-	 */
-	protected $isAdmin;
-
-	/**
-	 * Sets up the node, expects a full path name
-	 *
-	 * @param ISystemTag $tag system tag
-	 * @param IUser $user user
-	 * @param bool $isAdmin whether to allow operations for admins
-	 * @param ISystemTagManager $tagManager tag manager
-	 */
-	public function __construct(ISystemTag $tag, IUser $user, $isAdmin, ISystemTagManager $tagManager) {
-		$this->tag = $tag;
-		$this->user = $user;
-		$this->isAdmin = $isAdmin;
-		$this->tagManager = $tagManager;
-	}
-
-	/**
-	 *  Returns the id of the tag
-	 *
-	 * @return string
-	 */
-	public function getName() {
-		return $this->tag->getId();
-	}
-
-	/**
-	 * Returns the system tag represented by this node
-	 *
-	 * @return ISystemTag system tag
-	 */
-	public function getSystemTag() {
-		return $this->tag;
-	}
-
-	/**
-	 * Renames the node
-	 *
-	 * @param string $name The new name
-	 *
-	 * @throws MethodNotAllowed not allowed to rename node
-	 *
-	 * @return never
-	 */
-	public function setName($name) {
-		throw new MethodNotAllowed();
-	}
-
-	/**
-	 * Update tag
-	 *
-	 * @param string $name new tag name
-	 * @param bool $userVisible user visible
-	 * @param bool $userAssignable user assignable
-	 *
-	 * @throws NotFound whenever the given tag id does not exist
-	 * @throws Forbidden whenever there is no permission to update said tag
-	 * @throws Conflict whenever a tag already exists with the given attributes
-	 */
-	public function update($name, $userVisible, $userAssignable): void {
-		try {
-			if (!$this->tagManager->canUserSeeTag($this->tag, $this->user)) {
-				throw new NotFound('Tag with id ' . $this->tag->getId() . ' does not exist');
-			}
-			if (!$this->tagManager->canUserAssignTag($this->tag, $this->user)) {
-				throw new Forbidden('No permission to update tag ' . $this->tag->getId());
-			}
-
-			// only admin is able to change permissions, regular users can only rename
-			if (!$this->isAdmin) {
-				// only renaming is allowed for regular users
-				if ($userVisible !== $this->tag->isUserVisible()
-					|| $userAssignable !== $this->tag->isUserAssignable()
-				) {
-					throw new Forbidden('No permission to update permissions for tag ' . $this->tag->getId());
-				}
-			}
-
-			$this->tagManager->updateTag($this->tag->getId(), $name, $userVisible, $userAssignable);
-		} catch (TagNotFoundException $e) {
-			throw new NotFound('Tag with id ' . $this->tag->getId() . ' does not exist');
-		} catch (TagAlreadyExistsException $e) {
-			throw new Conflict(
-				'Tag with the properties "' . $name . '", ' .
-				$userVisible . ', ' . $userAssignable . ' already exists'
-			);
-		}
-	}
-
-	/**
-	 * Returns null, not supported
-	 *
-	 * @return null
-	 */
-	public function getLastModified() {
-		return null;
-	}
-
-	/**
-	 * @return void
-	 */
-	public function delete() {
-		try {
-			if (!$this->isAdmin) {
-				throw new Forbidden('No permission to delete tag ' . $this->tag->getId());
-			}
-
-			if (!$this->tagManager->canUserSeeTag($this->tag, $this->user)) {
-				throw new NotFound('Tag with id ' . $this->tag->getId() . ' not found');
-			}
-
-			$this->tagManager->deleteTags($this->tag->getId());
-		} catch (TagNotFoundException $e) {
-			// can happen if concurrent deletion occurred
-			throw new NotFound('Tag with id ' . $this->tag->getId() . ' not found', 0, $e);
-		}
-	}
+    /**
+     * @var ISystemTag
+     */
+    protected $tag;
+
+    /**
+     * @var ISystemTagManager
+     */
+    protected $tagManager;
+
+    /**
+     * User
+     *
+     * @var IUser
+     */
+    protected $user;
+
+    /**
+     * Whether to allow permissions for admins
+     *
+     * @var bool
+     */
+    protected $isAdmin;
+
+    /**
+     * Sets up the node, expects a full path name
+     *
+     * @param ISystemTag $tag system tag
+     * @param IUser $user user
+     * @param bool $isAdmin whether to allow operations for admins
+     * @param ISystemTagManager $tagManager tag manager
+     */
+    public function __construct(ISystemTag $tag, IUser $user, $isAdmin, ISystemTagManager $tagManager) {
+        $this->tag = $tag;
+        $this->user = $user;
+        $this->isAdmin = $isAdmin;
+        $this->tagManager = $tagManager;
+    }
+
+    /**
+     *  Returns the id of the tag
+     *
+     * @return string
+     */
+    public function getName() {
+        return $this->tag->getId();
+    }
+
+    /**
+     * Returns the system tag represented by this node
+     *
+     * @return ISystemTag system tag
+     */
+    public function getSystemTag() {
+        return $this->tag;
+    }
+
+    /**
+     * Renames the node
+     *
+     * @param string $name The new name
+     *
+     * @throws MethodNotAllowed not allowed to rename node
+     *
+     * @return never
+     */
+    public function setName($name) {
+        throw new MethodNotAllowed();
+    }
+
+    /**
+     * Update tag
+     *
+     * @param string $name new tag name
+     * @param bool $userVisible user visible
+     * @param bool $userAssignable user assignable
+     *
+     * @throws NotFound whenever the given tag id does not exist
+     * @throws Forbidden whenever there is no permission to update said tag
+     * @throws Conflict whenever a tag already exists with the given attributes
+     */
+    public function update($name, $userVisible, $userAssignable): void {
+        try {
+            if (!$this->tagManager->canUserSeeTag($this->tag, $this->user)) {
+                throw new NotFound('Tag with id ' . $this->tag->getId() . ' does not exist');
+            }
+            if (!$this->tagManager->canUserAssignTag($this->tag, $this->user)) {
+                throw new Forbidden('No permission to update tag ' . $this->tag->getId());
+            }
+
+            // only admin is able to change permissions, regular users can only rename
+            if (!$this->isAdmin) {
+                // only renaming is allowed for regular users
+                if ($userVisible !== $this->tag->isUserVisible()
+                    || $userAssignable !== $this->tag->isUserAssignable()
+                ) {
+                    throw new Forbidden('No permission to update permissions for tag ' . $this->tag->getId());
+                }
+            }
+
+            $this->tagManager->updateTag($this->tag->getId(), $name, $userVisible, $userAssignable);
+        } catch (TagNotFoundException $e) {
+            throw new NotFound('Tag with id ' . $this->tag->getId() . ' does not exist');
+        } catch (TagAlreadyExistsException $e) {
+            throw new Conflict(
+                'Tag with the properties "' . $name . '", ' .
+                $userVisible . ', ' . $userAssignable . ' already exists'
+            );
+        }
+    }
+
+    /**
+     * Returns null, not supported
+     *
+     * @return null
+     */
+    public function getLastModified() {
+        return null;
+    }
+
+    /**
+     * @return void
+     */
+    public function delete() {
+        try {
+            if (!$this->isAdmin) {
+                throw new Forbidden('No permission to delete tag ' . $this->tag->getId());
+            }
+
+            if (!$this->tagManager->canUserSeeTag($this->tag, $this->user)) {
+                throw new NotFound('Tag with id ' . $this->tag->getId() . ' not found');
+            }
+
+            $this->tagManager->deleteTags($this->tag->getId());
+        } catch (TagNotFoundException $e) {
+            // can happen if concurrent deletion occurred
+            throw new NotFound('Tag with id ' . $this->tag->getId() . ' not found', 0, $e);
+        }
+    }
 }