nextcloud / server

apps/dav/lib/DAV/SystemPrincipalBackend.php

Doc Comments +1 added lines, -1 removed lines

@@ -132,7 +132,7 @@
 	 * Returns the list of members for a group-principal
 	 *
 	 * @param string $principal
-	 * @return array
+	 * @return string[]
 	 */
 	function getGroupMemberSet($principal) {
 		// TODO: for now the group principal has only one member, the user itself

Indentation +161 added lines, -161 removed lines

@@ -27,165 +27,165 @@
 
 class SystemPrincipalBackend extends AbstractBackend {
 
-	/**
-	 * Returns a list of principals based on a prefix.
-	 *
-	 * This prefix will often contain something like 'principals'. You are only
-	 * expected to return principals that are in this base path.
-	 *
-	 * You are expected to return at least a 'uri' for every user, you can
-	 * return any additional properties if you wish so. Common properties are:
-	 *   {DAV:}displayname
-	 *   {http://sabredav.org/ns}email-address - This is a custom SabreDAV
-	 *     field that's actually injected in a number of other properties. If
-	 *     you have an email address, use this property.
-	 *
-	 * @param string $prefixPath
-	 * @return array
-	 */
-	function getPrincipalsByPrefix($prefixPath) {
-		$principals = [];
-
-		if ($prefixPath === 'principals/system') {
-			$principals[] = [
-				'uri' => 'principals/system/system',
-				'{DAV:}displayname' => 'system',
-			];
-			$principals[] = [
-				'uri' => 'principals/system/public',
-				'{DAV:}displayname' => 'public',
-			];
-		}
-
-		return $principals;
-	}
-
-	/**
-	 * Returns a specific principal, specified by it's path.
-	 * The returned structure should be the exact same as from
-	 * getPrincipalsByPrefix.
-	 *
-	 * @param string $path
-	 * @return array
-	 */
-	function getPrincipalByPath($path) {
-
-		if ($path === 'principals/system/system') {
-			$principal = [
-				'uri' => 'principals/system/system',
-				'{DAV:}displayname' => 'system',
-			];
-			return $principal;
-		}
-		if ($path === 'principals/system/public') {
-			$principal = [
-				'uri' => 'principals/system/public',
-				'{DAV:}displayname' => 'public',
-			];
-			return $principal;
-		}
-
-		return null;
-	}
-
-	/**
-	 * Updates one ore more webdav properties on a principal.
-	 *
-	 * The list of mutations is stored in a Sabre\DAV\PropPatch object.
-	 * To do the actual updates, you must tell this object which properties
-	 * you're going to process with the handle() method.
-	 *
-	 * Calling the handle method is like telling the PropPatch object "I
-	 * promise I can handle updating this property".
-	 *
-	 * Read the PropPatch documentation for more info and examples.
-	 *
-	 * @param string $path
-	 * @param \Sabre\DAV\PropPatch $propPatch
-	 * @return void
-	 */
-	function updatePrincipal($path, \Sabre\DAV\PropPatch $propPatch) {
-	}
-
-	/**
-	 * This method is used to search for principals matching a set of
-	 * properties.
-	 *
-	 * This search is specifically used by RFC3744's principal-property-search
-	 * REPORT.
-	 *
-	 * The actual search should be a unicode-non-case-sensitive search. The
-	 * keys in searchProperties are the WebDAV property names, while the values
-	 * are the property values to search on.
-	 *
-	 * By default, if multiple properties are submitted to this method, the
-	 * various properties should be combined with 'AND'. If $test is set to
-	 * 'anyof', it should be combined using 'OR'.
-	 *
-	 * This method should simply return an array with full principal uri's.
-	 *
-	 * If somebody attempted to search on a property the backend does not
-	 * support, you should simply return 0 results.
-	 *
-	 * You can also just return 0 results if you choose to not support
-	 * searching at all, but keep in mind that this may stop certain features
-	 * from working.
-	 *
-	 * @param string $prefixPath
-	 * @param array $searchProperties
-	 * @param string $test
-	 * @return array
-	 */
-	function searchPrincipals($prefixPath, array $searchProperties, $test = 'allof') {
-		return [];
-	}
-
-	/**
-	 * Returns the list of members for a group-principal
-	 *
-	 * @param string $principal
-	 * @return array
-	 */
-	function getGroupMemberSet($principal) {
-		// TODO: for now the group principal has only one member, the user itself
-		$principal = $this->getPrincipalByPath($principal);
-		if (!$principal) {
-			throw new \Sabre\DAV\Exception('Principal not found');
-		}
-
-		return [$principal['uri']];
-	}
-
-	/**
-	 * Returns the list of groups a principal is a member of
-	 *
-	 * @param string $principal
-	 * @return array
-	 */
-	function getGroupMembership($principal) {
-		list($prefix, $name) = URLUtil::splitPath($principal);
-
-		if ($prefix === 'principals/system') {
-			$principal = $this->getPrincipalByPath($principal);
-			if (!$principal) {
-				throw new \Sabre\DAV\Exception('Principal not found');
-			}
-
-			return [];
-		}
-		return [];
-	}
-
-	/**
-	 * Updates the list of group members for a group principal.
-	 *
-	 * The principals should be passed as a list of uri's.
-	 *
-	 * @param string $principal
-	 * @param array $members
-	 * @return void
-	 */
-	function setGroupMemberSet($principal, array $members) {
-		throw new \Sabre\DAV\Exception('Setting members of the group is not supported yet');
-	}
+    /**
+     * Returns a list of principals based on a prefix.
+     *
+     * This prefix will often contain something like 'principals'. You are only
+     * expected to return principals that are in this base path.
+     *
+     * You are expected to return at least a 'uri' for every user, you can
+     * return any additional properties if you wish so. Common properties are:
+     *   {DAV:}displayname
+     *   {http://sabredav.org/ns}email-address - This is a custom SabreDAV
+     *     field that's actually injected in a number of other properties. If
+     *     you have an email address, use this property.
+     *
+     * @param string $prefixPath
+     * @return array
+     */
+    function getPrincipalsByPrefix($prefixPath) {
+        $principals = [];
+
+        if ($prefixPath === 'principals/system') {
+            $principals[] = [
+                'uri' => 'principals/system/system',
+                '{DAV:}displayname' => 'system',
+            ];
+            $principals[] = [
+                'uri' => 'principals/system/public',
+                '{DAV:}displayname' => 'public',
+            ];
+        }
+
+        return $principals;
+    }
+
+    /**
+     * Returns a specific principal, specified by it's path.
+     * The returned structure should be the exact same as from
+     * getPrincipalsByPrefix.
+     *
+     * @param string $path
+     * @return array
+     */
+    function getPrincipalByPath($path) {
+
+        if ($path === 'principals/system/system') {
+            $principal = [
+                'uri' => 'principals/system/system',
+                '{DAV:}displayname' => 'system',
+            ];
+            return $principal;
+        }
+        if ($path === 'principals/system/public') {
+            $principal = [
+                'uri' => 'principals/system/public',
+                '{DAV:}displayname' => 'public',
+            ];
+            return $principal;
+        }
+
+        return null;
+    }
+
+    /**
+     * Updates one ore more webdav properties on a principal.
+     *
+     * The list of mutations is stored in a Sabre\DAV\PropPatch object.
+     * To do the actual updates, you must tell this object which properties
+     * you're going to process with the handle() method.
+     *
+     * Calling the handle method is like telling the PropPatch object "I
+     * promise I can handle updating this property".
+     *
+     * Read the PropPatch documentation for more info and examples.
+     *
+     * @param string $path
+     * @param \Sabre\DAV\PropPatch $propPatch
+     * @return void
+     */
+    function updatePrincipal($path, \Sabre\DAV\PropPatch $propPatch) {
+    }
+
+    /**
+     * This method is used to search for principals matching a set of
+     * properties.
+     *
+     * This search is specifically used by RFC3744's principal-property-search
+     * REPORT.
+     *
+     * The actual search should be a unicode-non-case-sensitive search. The
+     * keys in searchProperties are the WebDAV property names, while the values
+     * are the property values to search on.
+     *
+     * By default, if multiple properties are submitted to this method, the
+     * various properties should be combined with 'AND'. If $test is set to
+     * 'anyof', it should be combined using 'OR'.
+     *
+     * This method should simply return an array with full principal uri's.
+     *
+     * If somebody attempted to search on a property the backend does not
+     * support, you should simply return 0 results.
+     *
+     * You can also just return 0 results if you choose to not support
+     * searching at all, but keep in mind that this may stop certain features
+     * from working.
+     *
+     * @param string $prefixPath
+     * @param array $searchProperties
+     * @param string $test
+     * @return array
+     */
+    function searchPrincipals($prefixPath, array $searchProperties, $test = 'allof') {
+        return [];
+    }
+
+    /**
+     * Returns the list of members for a group-principal
+     *
+     * @param string $principal
+     * @return array
+     */
+    function getGroupMemberSet($principal) {
+        // TODO: for now the group principal has only one member, the user itself
+        $principal = $this->getPrincipalByPath($principal);
+        if (!$principal) {
+            throw new \Sabre\DAV\Exception('Principal not found');
+        }
+
+        return [$principal['uri']];
+    }
+
+    /**
+     * Returns the list of groups a principal is a member of
+     *
+     * @param string $principal
+     * @return array
+     */
+    function getGroupMembership($principal) {
+        list($prefix, $name) = URLUtil::splitPath($principal);
+
+        if ($prefix === 'principals/system') {
+            $principal = $this->getPrincipalByPath($principal);
+            if (!$principal) {
+                throw new \Sabre\DAV\Exception('Principal not found');
+            }
+
+            return [];
+        }
+        return [];
+    }
+
+    /**
+     * Updates the list of group members for a group principal.
+     *
+     * The principals should be passed as a list of uri's.
+     *
+     * @param string $principal
+     * @param array $members
+     * @return void
+     */
+    function setGroupMemberSet($principal, array $members) {
+        throw new \Sabre\DAV\Exception('Setting members of the group is not supported yet');
+    }
 }

apps/dav/lib/SystemTag/SystemTagPlugin.php

Unused Use Statements -2 removed lines

@@ -29,9 +29,7 @@
 use Sabre\DAV\Exception\BadRequest;
 use Sabre\DAV\Exception\Conflict;
 use Sabre\DAV\Exception\Forbidden;
-use Sabre\DAV\Exception\NotFound;
 use Sabre\DAV\Exception\UnsupportedMediaType;
-
 use OCP\SystemTag\ISystemTag;
 use OCP\SystemTag\ISystemTagManager;
 use OCP\SystemTag\TagAlreadyExistsException;

Indentation +276 added lines, -276 removed lines

@@ -49,280 +49,280 @@
  */
 class SystemTagPlugin extends \Sabre\DAV\ServerPlugin {
 
-	// namespace
-	const NS_OWNCLOUD = 'http://owncloud.org/ns';
-	const ID_PROPERTYNAME = '{http://owncloud.org/ns}id';
-	const DISPLAYNAME_PROPERTYNAME = '{http://owncloud.org/ns}display-name';
-	const USERVISIBLE_PROPERTYNAME = '{http://owncloud.org/ns}user-visible';
-	const USERASSIGNABLE_PROPERTYNAME = '{http://owncloud.org/ns}user-assignable';
-	const GROUPS_PROPERTYNAME = '{http://owncloud.org/ns}groups';
-	const CANASSIGN_PROPERTYNAME = '{http://owncloud.org/ns}can-assign';
-
-	/**
-	 * @var \Sabre\DAV\Server $server
-	 */
-	private $server;
-
-	/**
-	 * @var ISystemTagManager
-	 */
-	protected $tagManager;
-
-	/**
-	 * @var IUserSession
-	 */
-	protected $userSession;
-
-	/**
-	 * @var IGroupManager
-	 */
-	protected $groupManager;
-
-	/**
-	 * @param ISystemTagManager $tagManager tag manager
-	 * @param IGroupManager $groupManager
-	 * @param IUserSession $userSession
-	 */
-	public function __construct(ISystemTagManager $tagManager,
-								IGroupManager $groupManager,
-								IUserSession $userSession) {
-		$this->tagManager = $tagManager;
-		$this->userSession = $userSession;
-		$this->groupManager = $groupManager;
-	}
-
-	/**
-	 * This initializes the plugin.
-	 *
-	 * This function is called by \Sabre\DAV\Server, after
-	 * addPlugin is called.
-	 *
-	 * This method should set up the required event subscriptions.
-	 *
-	 * @param \Sabre\DAV\Server $server
-	 * @return void
-	 */
-	public function initialize(\Sabre\DAV\Server $server) {
-
-		$server->xml->namespaceMap[self::NS_OWNCLOUD] = 'oc';
-
-		$server->protectedProperties[] = self::ID_PROPERTYNAME;
-
-		$server->on('propFind', array($this, 'handleGetProperties'));
-		$server->on('propPatch', array($this, 'handleUpdateProperties'));
-		$server->on('method:POST', [$this, 'httpPost']);
-
-		$this->server = $server;
-	}
-
-	/**
-	 * POST operation on system tag collections
-	 *
-	 * @param RequestInterface $request request object
-	 * @param ResponseInterface $response response object
-	 * @return null|false
-	 */
-	public function httpPost(RequestInterface $request, ResponseInterface $response) {
-		$path = $request->getPath();
-
-		// Making sure the node exists
-		$node = $this->server->tree->getNodeForPath($path);
-		if ($node instanceof SystemTagsByIdCollection || $node instanceof SystemTagsObjectMappingCollection) {
-			$data = $request->getBodyAsString();
-
-			$tag = $this->createTag($data, $request->getHeader('Content-Type'));
-
-			if ($node instanceof SystemTagsObjectMappingCollection) {
-				// also add to collection
-				$node->createFile($tag->getId());
-				$url = $request->getBaseUrl() . 'systemtags/';
-			} else {
-				$url = $request->getUrl();
-			}
-
-			if ($url[strlen($url) - 1] !== '/') {
-				$url .= '/';
-			}
-
-			$response->setHeader('Content-Location', $url . $tag->getId());
-
-			// created
-			$response->setStatus(201);
-			return false;
-		}
-	}
-
-	/**
-	 * Creates a new tag
-	 *
-	 * @param string $data JSON encoded string containing the properties of the tag to create
-	 * @param string $contentType content type of the data
-	 * @return ISystemTag newly created system tag
-	 *
-	 * @throws BadRequest if a field was missing
-	 * @throws Conflict if a tag with the same properties already exists
-	 * @throws UnsupportedMediaType if the content type is not supported
-	 */
-	private function createTag($data, $contentType = 'application/json') {
-		if (explode(';', $contentType)[0] === 'application/json') {
-			$data = json_decode($data, true);
-		} else {
-			throw new UnsupportedMediaType();
-		}
-
-		if (!isset($data['name'])) {
-			throw new BadRequest('Missing "name" attribute');
-		}
-
-		$tagName = $data['name'];
-		$userVisible = true;
-		$userAssignable = true;
-
-		if (isset($data['userVisible'])) {
-			$userVisible = (bool)$data['userVisible'];
-		}
-
-		if (isset($data['userAssignable'])) {
-			$userAssignable = (bool)$data['userAssignable'];
-		}
-
-		$groups = [];
-		if (isset($data['groups'])) {
-			$groups = $data['groups'];
-			if (is_string($groups)) {
-				$groups = explode('|', $groups);
-			}
-		}
-
-		if($userVisible === false || $userAssignable === false || !empty($groups)) {
-			if(!$this->userSession->isLoggedIn() || !$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
-				throw new BadRequest('Not sufficient permissions');
-			}
-		}
-
-		try {
-			$tag = $this->tagManager->createTag($tagName, $userVisible, $userAssignable);
-			if (!empty($groups)) {
-				$this->tagManager->setTagGroups($tag, $groups);
-			}
-			return $tag;
-		} catch (TagAlreadyExistsException $e) {
-			throw new Conflict('Tag already exists', 0, $e);
-		}
-	}
-
-
-	/**
-	 * Retrieves system tag properties
-	 *
-	 * @param PropFind $propFind
-	 * @param \Sabre\DAV\INode $node
-	 */
-	public function handleGetProperties(
-		PropFind $propFind,
-		\Sabre\DAV\INode $node
-	) {
-		if (!($node instanceof SystemTagNode) && !($node instanceof SystemTagMappingNode)) {
-			return;
-		}
-
-		$propFind->handle(self::ID_PROPERTYNAME, function() use ($node) {
-			return $node->getSystemTag()->getId();
-		});
-
-		$propFind->handle(self::DISPLAYNAME_PROPERTYNAME, function() use ($node) {
-			return $node->getSystemTag()->getName();
-		});
-
-		$propFind->handle(self::USERVISIBLE_PROPERTYNAME, function() use ($node) {
-			return $node->getSystemTag()->isUserVisible() ? 'true' : 'false';
-		});
-
-		$propFind->handle(self::USERASSIGNABLE_PROPERTYNAME, function() use ($node) {
-			// this is the tag's inherent property "is user assignable"
-			return $node->getSystemTag()->isUserAssignable() ? 'true' : 'false';
-		});
-
-		$propFind->handle(self::CANASSIGN_PROPERTYNAME, function() use ($node) {
-			// this is the effective permission for the current user
-			return $this->tagManager->canUserAssignTag($node->getSystemTag(), $this->userSession->getUser()) ? 'true' : 'false';
-		});
-
-		$propFind->handle(self::GROUPS_PROPERTYNAME, function() use ($node) {
-			if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
-				// property only available for admins
-				throw new Forbidden();
-			}
-			$groups = [];
-			// no need to retrieve groups for namespaces that don't qualify
-			if ($node->getSystemTag()->isUserVisible() && !$node->getSystemTag()->isUserAssignable()) {
-				$groups = $this->tagManager->getTagGroups($node->getSystemTag());
-			}
-			return implode('|', $groups);
-		});
-	}
-
-	/**
-	 * Updates tag attributes
-	 *
-	 * @param string $path
-	 * @param PropPatch $propPatch
-	 *
-	 * @return void
-	 */
-	public function handleUpdateProperties($path, PropPatch $propPatch) {
-		$propPatch->handle([
-			self::DISPLAYNAME_PROPERTYNAME,
-			self::USERVISIBLE_PROPERTYNAME,
-			self::USERASSIGNABLE_PROPERTYNAME,
-			self::GROUPS_PROPERTYNAME,
-		], function($props) use ($path) {
-			$node = $this->server->tree->getNodeForPath($path);
-			if (!($node instanceof SystemTagNode)) {
-				return;
-			}
-
-			$tag = $node->getSystemTag();
-			$name = $tag->getName();
-			$userVisible = $tag->isUserVisible();
-			$userAssignable = $tag->isUserAssignable();
-
-			$updateTag = false;
-
-			if (isset($props[self::DISPLAYNAME_PROPERTYNAME])) {
-				$name = $props[self::DISPLAYNAME_PROPERTYNAME];
-				$updateTag = true;
-			}
-
-			if (isset($props[self::USERVISIBLE_PROPERTYNAME])) {
-				$propValue = $props[self::USERVISIBLE_PROPERTYNAME];
-				$userVisible = ($propValue !== 'false' && $propValue !== '0');
-				$updateTag = true;
-			}
-
-			if (isset($props[self::USERASSIGNABLE_PROPERTYNAME])) {
-				$propValue = $props[self::USERASSIGNABLE_PROPERTYNAME];
-				$userAssignable = ($propValue !== 'false' && $propValue !== '0');
-				$updateTag = true;
-			}
-
-			if (isset($props[self::GROUPS_PROPERTYNAME])) {
-				if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
-					// property only available for admins
-					throw new Forbidden();
-				}
-
-				$propValue = $props[self::GROUPS_PROPERTYNAME];
-				$groupIds = explode('|', $propValue);
-				$this->tagManager->setTagGroups($tag, $groupIds);
-			}
-
-			if ($updateTag) {
-				$node->update($name, $userVisible, $userAssignable);
-			}
-
-			return true;
-		});
-
-	}
+    // namespace
+    const NS_OWNCLOUD = 'http://owncloud.org/ns';
+    const ID_PROPERTYNAME = '{http://owncloud.org/ns}id';
+    const DISPLAYNAME_PROPERTYNAME = '{http://owncloud.org/ns}display-name';
+    const USERVISIBLE_PROPERTYNAME = '{http://owncloud.org/ns}user-visible';
+    const USERASSIGNABLE_PROPERTYNAME = '{http://owncloud.org/ns}user-assignable';
+    const GROUPS_PROPERTYNAME = '{http://owncloud.org/ns}groups';
+    const CANASSIGN_PROPERTYNAME = '{http://owncloud.org/ns}can-assign';
+
+    /**
+     * @var \Sabre\DAV\Server $server
+     */
+    private $server;
+
+    /**
+     * @var ISystemTagManager
+     */
+    protected $tagManager;
+
+    /**
+     * @var IUserSession
+     */
+    protected $userSession;
+
+    /**
+     * @var IGroupManager
+     */
+    protected $groupManager;
+
+    /**
+     * @param ISystemTagManager $tagManager tag manager
+     * @param IGroupManager $groupManager
+     * @param IUserSession $userSession
+     */
+    public function __construct(ISystemTagManager $tagManager,
+                                IGroupManager $groupManager,
+                                IUserSession $userSession) {
+        $this->tagManager = $tagManager;
+        $this->userSession = $userSession;
+        $this->groupManager = $groupManager;
+    }
+
+    /**
+     * This initializes the plugin.
+     *
+     * This function is called by \Sabre\DAV\Server, after
+     * addPlugin is called.
+     *
+     * This method should set up the required event subscriptions.
+     *
+     * @param \Sabre\DAV\Server $server
+     * @return void
+     */
+    public function initialize(\Sabre\DAV\Server $server) {
+
+        $server->xml->namespaceMap[self::NS_OWNCLOUD] = 'oc';
+
+        $server->protectedProperties[] = self::ID_PROPERTYNAME;
+
+        $server->on('propFind', array($this, 'handleGetProperties'));
+        $server->on('propPatch', array($this, 'handleUpdateProperties'));
+        $server->on('method:POST', [$this, 'httpPost']);
+
+        $this->server = $server;
+    }
+
+    /**
+     * POST operation on system tag collections
+     *
+     * @param RequestInterface $request request object
+     * @param ResponseInterface $response response object
+     * @return null|false
+     */
+    public function httpPost(RequestInterface $request, ResponseInterface $response) {
+        $path = $request->getPath();
+
+        // Making sure the node exists
+        $node = $this->server->tree->getNodeForPath($path);
+        if ($node instanceof SystemTagsByIdCollection || $node instanceof SystemTagsObjectMappingCollection) {
+            $data = $request->getBodyAsString();
+
+            $tag = $this->createTag($data, $request->getHeader('Content-Type'));
+
+            if ($node instanceof SystemTagsObjectMappingCollection) {
+                // also add to collection
+                $node->createFile($tag->getId());
+                $url = $request->getBaseUrl() . 'systemtags/';
+            } else {
+                $url = $request->getUrl();
+            }
+
+            if ($url[strlen($url) - 1] !== '/') {
+                $url .= '/';
+            }
+
+            $response->setHeader('Content-Location', $url . $tag->getId());
+
+            // created
+            $response->setStatus(201);
+            return false;
+        }
+    }
+
+    /**
+     * Creates a new tag
+     *
+     * @param string $data JSON encoded string containing the properties of the tag to create
+     * @param string $contentType content type of the data
+     * @return ISystemTag newly created system tag
+     *
+     * @throws BadRequest if a field was missing
+     * @throws Conflict if a tag with the same properties already exists
+     * @throws UnsupportedMediaType if the content type is not supported
+     */
+    private function createTag($data, $contentType = 'application/json') {
+        if (explode(';', $contentType)[0] === 'application/json') {
+            $data = json_decode($data, true);
+        } else {
+            throw new UnsupportedMediaType();
+        }
+
+        if (!isset($data['name'])) {
+            throw new BadRequest('Missing "name" attribute');
+        }
+
+        $tagName = $data['name'];
+        $userVisible = true;
+        $userAssignable = true;
+
+        if (isset($data['userVisible'])) {
+            $userVisible = (bool)$data['userVisible'];
+        }
+
+        if (isset($data['userAssignable'])) {
+            $userAssignable = (bool)$data['userAssignable'];
+        }
+
+        $groups = [];
+        if (isset($data['groups'])) {
+            $groups = $data['groups'];
+            if (is_string($groups)) {
+                $groups = explode('|', $groups);
+            }
+        }
+
+        if($userVisible === false || $userAssignable === false || !empty($groups)) {
+            if(!$this->userSession->isLoggedIn() || !$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
+                throw new BadRequest('Not sufficient permissions');
+            }
+        }
+
+        try {
+            $tag = $this->tagManager->createTag($tagName, $userVisible, $userAssignable);
+            if (!empty($groups)) {
+                $this->tagManager->setTagGroups($tag, $groups);
+            }
+            return $tag;
+        } catch (TagAlreadyExistsException $e) {
+            throw new Conflict('Tag already exists', 0, $e);
+        }
+    }
+
+
+    /**
+     * Retrieves system tag properties
+     *
+     * @param PropFind $propFind
+     * @param \Sabre\DAV\INode $node
+     */
+    public function handleGetProperties(
+        PropFind $propFind,
+        \Sabre\DAV\INode $node
+    ) {
+        if (!($node instanceof SystemTagNode) && !($node instanceof SystemTagMappingNode)) {
+            return;
+        }
+
+        $propFind->handle(self::ID_PROPERTYNAME, function() use ($node) {
+            return $node->getSystemTag()->getId();
+        });
+
+        $propFind->handle(self::DISPLAYNAME_PROPERTYNAME, function() use ($node) {
+            return $node->getSystemTag()->getName();
+        });
+
+        $propFind->handle(self::USERVISIBLE_PROPERTYNAME, function() use ($node) {
+            return $node->getSystemTag()->isUserVisible() ? 'true' : 'false';
+        });
+
+        $propFind->handle(self::USERASSIGNABLE_PROPERTYNAME, function() use ($node) {
+            // this is the tag's inherent property "is user assignable"
+            return $node->getSystemTag()->isUserAssignable() ? 'true' : 'false';
+        });
+
+        $propFind->handle(self::CANASSIGN_PROPERTYNAME, function() use ($node) {
+            // this is the effective permission for the current user
+            return $this->tagManager->canUserAssignTag($node->getSystemTag(), $this->userSession->getUser()) ? 'true' : 'false';
+        });
+
+        $propFind->handle(self::GROUPS_PROPERTYNAME, function() use ($node) {
+            if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
+                // property only available for admins
+                throw new Forbidden();
+            }
+            $groups = [];
+            // no need to retrieve groups for namespaces that don't qualify
+            if ($node->getSystemTag()->isUserVisible() && !$node->getSystemTag()->isUserAssignable()) {
+                $groups = $this->tagManager->getTagGroups($node->getSystemTag());
+            }
+            return implode('|', $groups);
+        });
+    }
+
+    /**
+     * Updates tag attributes
+     *
+     * @param string $path
+     * @param PropPatch $propPatch
+     *
+     * @return void
+     */
+    public function handleUpdateProperties($path, PropPatch $propPatch) {
+        $propPatch->handle([
+            self::DISPLAYNAME_PROPERTYNAME,
+            self::USERVISIBLE_PROPERTYNAME,
+            self::USERASSIGNABLE_PROPERTYNAME,
+            self::GROUPS_PROPERTYNAME,
+        ], function($props) use ($path) {
+            $node = $this->server->tree->getNodeForPath($path);
+            if (!($node instanceof SystemTagNode)) {
+                return;
+            }
+
+            $tag = $node->getSystemTag();
+            $name = $tag->getName();
+            $userVisible = $tag->isUserVisible();
+            $userAssignable = $tag->isUserAssignable();
+
+            $updateTag = false;
+
+            if (isset($props[self::DISPLAYNAME_PROPERTYNAME])) {
+                $name = $props[self::DISPLAYNAME_PROPERTYNAME];
+                $updateTag = true;
+            }
+
+            if (isset($props[self::USERVISIBLE_PROPERTYNAME])) {
+                $propValue = $props[self::USERVISIBLE_PROPERTYNAME];
+                $userVisible = ($propValue !== 'false' && $propValue !== '0');
+                $updateTag = true;
+            }
+
+            if (isset($props[self::USERASSIGNABLE_PROPERTYNAME])) {
+                $propValue = $props[self::USERASSIGNABLE_PROPERTYNAME];
+                $userAssignable = ($propValue !== 'false' && $propValue !== '0');
+                $updateTag = true;
+            }
+
+            if (isset($props[self::GROUPS_PROPERTYNAME])) {
+                if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
+                    // property only available for admins
+                    throw new Forbidden();
+                }
+
+                $propValue = $props[self::GROUPS_PROPERTYNAME];
+                $groupIds = explode('|', $propValue);
+                $this->tagManager->setTagGroups($tag, $groupIds);
+            }
+
+            if ($updateTag) {
+                $node->update($name, $userVisible, $userAssignable);
+            }
+
+            return true;
+        });
+
+    }
 }

Spacing +6 added lines, -6 removed lines

@@ -135,7 +135,7 @@ 
 			if ($node instanceof SystemTagsObjectMappingCollection) {
 				// also add to collection
 				$node->createFile($tag->getId());
-				$url = $request->getBaseUrl() . 'systemtags/';
+				$url = $request->getBaseUrl().'systemtags/';
 			} else {
 				$url = $request->getUrl();
 			}
@@ -144,7 +144,7 @@ 
 				$url .= '/';
 			}
 
-			$response->setHeader('Content-Location', $url . $tag->getId());
+			$response->setHeader('Content-Location', $url.$tag->getId());
 
 			// created
 			$response->setStatus(201);
@@ -179,11 +179,11 @@ 
 		$userAssignable = true;
 
 		if (isset($data['userVisible'])) {
-			$userVisible = (bool)$data['userVisible'];
+			$userVisible = (bool) $data['userVisible'];
 		}
 
 		if (isset($data['userAssignable'])) {
-			$userAssignable = (bool)$data['userAssignable'];
+			$userAssignable = (bool) $data['userAssignable'];
 		}
 
 		$groups = [];
@@ -194,8 +194,8 @@ 
 			}
 		}
 
-		if($userVisible === false || $userAssignable === false || !empty($groups)) {
-			if(!$this->userSession->isLoggedIn() || !$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
+		if ($userVisible === false || $userAssignable === false || !empty($groups)) {
+			if (!$this->userSession->isLoggedIn() || !$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) {
 				throw new BadRequest('Not sufficient permissions');
 			}
 		}

apps/dav/lib/SystemTag/SystemTagsByIdCollection.php

Unused Use Statements -2 removed lines

@@ -26,13 +26,11 @@
 use Sabre\DAV\Exception\NotFound;
 use Sabre\DAV\Exception\BadRequest;
 use Sabre\DAV\ICollection;
-
 use OCP\SystemTag\ISystemTagManager;
 use OCP\SystemTag\ISystemTag;
 use OCP\SystemTag\TagNotFoundException;
 use OCP\IGroupManager;
 use OCP\IUserSession;
-use OC\User\NoUserException;
 
 class SystemTagsByIdCollection implements ICollection {
 

Indentation +140 added lines, -140 removed lines

@@ -37,144 +37,144 @@
 
 class SystemTagsByIdCollection implements ICollection {
 
-	/**
-	 * @var ISystemTagManager
-	 */
-	private $tagManager;
-
-	/**
-	 * @var IGroupManager
-	 */
-	private $groupManager;
-
-	/**
-	 * @var IUserSession
-	 */
-	private $userSession;
-
-	/**
-	 * SystemTagsByIdCollection constructor.
-	 *
-	 * @param ISystemTagManager $tagManager
-	 * @param IUserSession $userSession
-	 * @param IGroupManager $groupManager
-	 */
-	public function __construct(
-		ISystemTagManager $tagManager,
-		IUserSession $userSession,
-		IGroupManager $groupManager
-	) {
-		$this->tagManager = $tagManager;
-		$this->userSession = $userSession;
-		$this->groupManager = $groupManager;
-	}
-
-	/**
-	 * Returns whether the currently logged in user is an administrator
-	 *
-	 * @return bool true if the user is an admin
-	 */
-	private function isAdmin() {
-		$user = $this->userSession->getUser();
-		if ($user !== null) {
-			return $this->groupManager->isAdmin($user->getUID());
-		}
-		return false;
-	}
-
-	/**
-	 * @param string $name
-	 * @param resource|string $data Initial payload
-	 * @throws Forbidden
-	 */
-	function createFile($name, $data = null) {
-		throw new Forbidden('Cannot create tags by id');
-	}
-
-	/**
-	 * @param string $name
-	 */
-	function createDirectory($name) {
-		throw new Forbidden('Permission denied to create collections');
-	}
-
-	/**
-	 * @param string $name
-	 */
-	function getChild($name) {
-		try {
-			$tag = $this->tagManager->getTagsByIds([$name]);
-			$tag = current($tag);
-			if (!$this->tagManager->canUserSeeTag($tag, $this->userSession->getUser())) {
-				throw new NotFound('Tag with id ' . $name . ' not found');
-			}
-			return $this->makeNode($tag);
-		} catch (\InvalidArgumentException $e) {
-			throw new BadRequest('Invalid tag id', 0, $e);
-		} catch (TagNotFoundException $e) {
-			throw new NotFound('Tag with id ' . $name . ' not found', 0, $e);
-		}
-	}
-
-	function getChildren() {
-		$visibilityFilter = true;
-		if ($this->isAdmin()) {
-			$visibilityFilter = null;
-		}
-
-		$tags = $this->tagManager->getAllTags($visibilityFilter);
-		return array_map(function($tag) {
-			return $this->makeNode($tag);
-		}, $tags);
-	}
-
-	/**
-	 * @param string $name
-	 */
-	function childExists($name) {
-		try {
-			$tag = $this->tagManager->getTagsByIds([$name]);
-			$tag = current($tag);
-			if (!$this->tagManager->canUserSeeTag($tag, $this->userSession->getUser())) {
-				return false;
-			}
-			return true;
-		} catch (\InvalidArgumentException $e) {
-			throw new BadRequest('Invalid tag id', 0, $e);
-		} catch (TagNotFoundException $e) {
-			return false;
-		}
-	}
-
-	function delete() {
-		throw new Forbidden('Permission denied to delete this collection');
-	}
-
-	function getName() {
-		return 'systemtags';
-	}
-
-	function setName($name) {
-		throw new Forbidden('Permission denied to rename this collection');
-	}
-
-	/**
-	 * Returns the last modification time, as a unix timestamp
-	 *
-	 * @return int
-	 */
-	function getLastModified() {
-		return null;
-	}
-
-	/**
-	 * Create a sabre node for the given system tag
-	 *
-	 * @param ISystemTag $tag
-	 *
-	 * @return SystemTagNode
-	 */
-	private function makeNode(ISystemTag $tag) {
-		return new SystemTagNode($tag, $this->userSession->getUser(), $this->isAdmin(), $this->tagManager);
-	}
+    /**
+     * @var ISystemTagManager
+     */
+    private $tagManager;
+
+    /**
+     * @var IGroupManager
+     */
+    private $groupManager;
+
+    /**
+     * @var IUserSession
+     */
+    private $userSession;
+
+    /**
+     * SystemTagsByIdCollection constructor.
+     *
+     * @param ISystemTagManager $tagManager
+     * @param IUserSession $userSession
+     * @param IGroupManager $groupManager
+     */
+    public function __construct(
+        ISystemTagManager $tagManager,
+        IUserSession $userSession,
+        IGroupManager $groupManager
+    ) {
+        $this->tagManager = $tagManager;
+        $this->userSession = $userSession;
+        $this->groupManager = $groupManager;
+    }
+
+    /**
+     * Returns whether the currently logged in user is an administrator
+     *
+     * @return bool true if the user is an admin
+     */
+    private function isAdmin() {
+        $user = $this->userSession->getUser();
+        if ($user !== null) {
+            return $this->groupManager->isAdmin($user->getUID());
+        }
+        return false;
+    }
+
+    /**
+     * @param string $name
+     * @param resource|string $data Initial payload
+     * @throws Forbidden
+     */
+    function createFile($name, $data = null) {
+        throw new Forbidden('Cannot create tags by id');
+    }
+
+    /**
+     * @param string $name
+     */
+    function createDirectory($name) {
+        throw new Forbidden('Permission denied to create collections');
+    }
+
+    /**
+     * @param string $name
+     */
+    function getChild($name) {
+        try {
+            $tag = $this->tagManager->getTagsByIds([$name]);
+            $tag = current($tag);
+            if (!$this->tagManager->canUserSeeTag($tag, $this->userSession->getUser())) {
+                throw new NotFound('Tag with id ' . $name . ' not found');
+            }
+            return $this->makeNode($tag);
+        } catch (\InvalidArgumentException $e) {
+            throw new BadRequest('Invalid tag id', 0, $e);
+        } catch (TagNotFoundException $e) {
+            throw new NotFound('Tag with id ' . $name . ' not found', 0, $e);
+        }
+    }
+
+    function getChildren() {
+        $visibilityFilter = true;
+        if ($this->isAdmin()) {
+            $visibilityFilter = null;
+        }
+
+        $tags = $this->tagManager->getAllTags($visibilityFilter);
+        return array_map(function($tag) {
+            return $this->makeNode($tag);
+        }, $tags);
+    }
+
+    /**
+     * @param string $name
+     */
+    function childExists($name) {
+        try {
+            $tag = $this->tagManager->getTagsByIds([$name]);
+            $tag = current($tag);
+            if (!$this->tagManager->canUserSeeTag($tag, $this->userSession->getUser())) {
+                return false;
+            }
+            return true;
+        } catch (\InvalidArgumentException $e) {
+            throw new BadRequest('Invalid tag id', 0, $e);
+        } catch (TagNotFoundException $e) {
+            return false;
+        }
+    }
+
+    function delete() {
+        throw new Forbidden('Permission denied to delete this collection');
+    }
+
+    function getName() {
+        return 'systemtags';
+    }
+
+    function setName($name) {
+        throw new Forbidden('Permission denied to rename this collection');
+    }
+
+    /**
+     * Returns the last modification time, as a unix timestamp
+     *
+     * @return int
+     */
+    function getLastModified() {
+        return null;
+    }
+
+    /**
+     * Create a sabre node for the given system tag
+     *
+     * @param ISystemTag $tag
+     *
+     * @return SystemTagNode
+     */
+    private function makeNode(ISystemTag $tag) {
+        return new SystemTagNode($tag, $this->userSession->getUser(), $this->isAdmin(), $this->tagManager);
+    }
 }

Spacing +2 added lines, -2 removed lines

@@ -106,13 +106,13 @@
 			$tag = $this->tagManager->getTagsByIds([$name]);
 			$tag = current($tag);
 			if (!$this->tagManager->canUserSeeTag($tag, $this->userSession->getUser())) {
-				throw new NotFound('Tag with id ' . $name . ' not found');
+				throw new NotFound('Tag with id '.$name.' not found');
 			}
 			return $this->makeNode($tag);
 		} catch (\InvalidArgumentException $e) {
 			throw new BadRequest('Invalid tag id', 0, $e);
 		} catch (TagNotFoundException $e) {
-			throw new NotFound('Tag with id ' . $name . ' not found', 0, $e);
+			throw new NotFound('Tag with id '.$name.' not found', 0, $e);
 		}
 	}
 

apps/dav/lib/SystemTag/SystemTagsObjectMappingCollection.php

Unused Use Statements -1 removed lines

@@ -26,7 +26,6 @@
 use Sabre\DAV\Exception\BadRequest;
 use Sabre\DAV\Exception\PreconditionFailed;
 use Sabre\DAV\ICollection;
-
 use OCP\SystemTag\ISystemTagManager;
 use OCP\SystemTag\ISystemTagObjectMapper;
 use OCP\SystemTag\ISystemTag;

Doc Comments +3 added lines

@@ -89,6 +89,9 @@
 		$this->user = $user;
 	}
 
+	/**
+	 * @param string $tagId
+	 */
 	function createFile($tagId, $data = null) {
 		try {
 			$tags = $this->tagManager->getTagsByIds([$tagId]);

Indentation +165 added lines, -165 removed lines

@@ -39,169 +39,169 @@
  */
 class SystemTagsObjectMappingCollection implements ICollection {
 
-	/**
-	 * @var string
-	 */
-	private $objectId;
-
-	/**
-	 * @var string
-	 */
-	private $objectType;
-
-	/**
-	 * @var ISystemTagManager
-	 */
-	private $tagManager;
-
-	/**
-	 * @var ISystemTagObjectMapper
-	 */
-	private $tagMapper;
-
-	/**
-	 * User
-	 *
-	 * @var IUser
-	 */
-	private $user;
-
-
-	/**
-	 * Constructor
-	 *
-	 * @param string $objectId object id
-	 * @param string $objectType object type
-	 * @param IUser $user user
-	 * @param ISystemTagManager $tagManager tag manager
-	 * @param ISystemTagObjectMapper $tagMapper tag mapper
-	 */
-	public function __construct(
-		$objectId,
-		$objectType,
-		IUser $user,
-		ISystemTagManager $tagManager,
-		ISystemTagObjectMapper $tagMapper
-	) {
-		$this->tagManager = $tagManager;
-		$this->tagMapper = $tagMapper;
-		$this->objectId = $objectId;
-		$this->objectType = $objectType;
-		$this->user = $user;
-	}
-
-	function createFile($tagId, $data = null) {
-		try {
-			$tags = $this->tagManager->getTagsByIds([$tagId]);
-			$tag = current($tags);
-			if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
-				throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
-			}
-			if (!$this->tagManager->canUserAssignTag($tag, $this->user)) {
-				throw new Forbidden('No permission to assign tag ' . $tagId);
-			}
-
-			$this->tagMapper->assignTags($this->objectId, $this->objectType, $tagId);
-		} catch (TagNotFoundException $e) {
-			throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
-		}
-	}
-
-	function createDirectory($name) {
-		throw new Forbidden('Permission denied to create collections');
-	}
-
-	function getChild($tagId) {
-		try {
-			if ($this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagId, true)) {
-				$tag = $this->tagManager->getTagsByIds([$tagId]);
-				$tag = current($tag);
-				if ($this->tagManager->canUserSeeTag($tag, $this->user)) {
-					return $this->makeNode($tag);
-				}
-			}
-			throw new NotFound('Tag with id ' . $tagId . ' not present for object ' . $this->objectId);
-		} catch (\InvalidArgumentException $e) {
-			throw new BadRequest('Invalid tag id', 0, $e);
-		} catch (TagNotFoundException $e) {
-			throw new NotFound('Tag with id ' . $tagId . ' not found', 0, $e);
-		}
-	}
-
-	function getChildren() {
-		$tagIds = current($this->tagMapper->getTagIdsForObjects([$this->objectId], $this->objectType));
-		if (empty($tagIds)) {
-			return [];
-		}
-		$tags = $this->tagManager->getTagsByIds($tagIds);
-
-		// filter out non-visible tags
-		$tags = array_filter($tags, function($tag) {
-			return $this->tagManager->canUserSeeTag($tag, $this->user);
-		});
-
-		return array_values(array_map(function($tag) {
-			return $this->makeNode($tag);
-		}, $tags));
-	}
-
-	function childExists($tagId) {
-		try {
-			$result = ($this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagId, true));
-
-			if ($result) {
-				$tags = $this->tagManager->getTagsByIds([$tagId]);
-				$tag = current($tags);
-				if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
-					return false;
-				}
-			}
-
-			return $result;
-		} catch (\InvalidArgumentException $e) {
-			throw new BadRequest('Invalid tag id', 0, $e);
-		} catch (TagNotFoundException $e) {
-			return false;
-		}
-	}
-
-	function delete() {
-		throw new Forbidden('Permission denied to delete this collection');
-	}
-
-	function getName() {
-		return $this->objectId;
-	}
-
-	function setName($name) {
-		throw new Forbidden('Permission denied to rename this collection');
-	}
-
-	/**
-	 * Returns the last modification time, as a unix timestamp
-	 *
-	 * @return int
-	 */
-	function getLastModified() {
-		return null;
-	}
-
-	/**
-	 * Create a sabre node for the mapping of the 
-	 * given system tag to the collection's object
-	 *
-	 * @param ISystemTag $tag
-	 *
-	 * @return SystemTagMappingNode
-	 */
-	private function makeNode(ISystemTag $tag) {
-		return new SystemTagMappingNode(
-			$tag,
-			$this->objectId,
-			$this->objectType,
-			$this->user,
-			$this->tagManager,
-			$this->tagMapper
-		);
-	}
+    /**
+     * @var string
+     */
+    private $objectId;
+
+    /**
+     * @var string
+     */
+    private $objectType;
+
+    /**
+     * @var ISystemTagManager
+     */
+    private $tagManager;
+
+    /**
+     * @var ISystemTagObjectMapper
+     */
+    private $tagMapper;
+
+    /**
+     * User
+     *
+     * @var IUser
+     */
+    private $user;
+
+
+    /**
+     * Constructor
+     *
+     * @param string $objectId object id
+     * @param string $objectType object type
+     * @param IUser $user user
+     * @param ISystemTagManager $tagManager tag manager
+     * @param ISystemTagObjectMapper $tagMapper tag mapper
+     */
+    public function __construct(
+        $objectId,
+        $objectType,
+        IUser $user,
+        ISystemTagManager $tagManager,
+        ISystemTagObjectMapper $tagMapper
+    ) {
+        $this->tagManager = $tagManager;
+        $this->tagMapper = $tagMapper;
+        $this->objectId = $objectId;
+        $this->objectType = $objectType;
+        $this->user = $user;
+    }
+
+    function createFile($tagId, $data = null) {
+        try {
+            $tags = $this->tagManager->getTagsByIds([$tagId]);
+            $tag = current($tags);
+            if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
+                throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
+            }
+            if (!$this->tagManager->canUserAssignTag($tag, $this->user)) {
+                throw new Forbidden('No permission to assign tag ' . $tagId);
+            }
+
+            $this->tagMapper->assignTags($this->objectId, $this->objectType, $tagId);
+        } catch (TagNotFoundException $e) {
+            throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
+        }
+    }
+
+    function createDirectory($name) {
+        throw new Forbidden('Permission denied to create collections');
+    }
+
+    function getChild($tagId) {
+        try {
+            if ($this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagId, true)) {
+                $tag = $this->tagManager->getTagsByIds([$tagId]);
+                $tag = current($tag);
+                if ($this->tagManager->canUserSeeTag($tag, $this->user)) {
+                    return $this->makeNode($tag);
+                }
+            }
+            throw new NotFound('Tag with id ' . $tagId . ' not present for object ' . $this->objectId);
+        } catch (\InvalidArgumentException $e) {
+            throw new BadRequest('Invalid tag id', 0, $e);
+        } catch (TagNotFoundException $e) {
+            throw new NotFound('Tag with id ' . $tagId . ' not found', 0, $e);
+        }
+    }
+
+    function getChildren() {
+        $tagIds = current($this->tagMapper->getTagIdsForObjects([$this->objectId], $this->objectType));
+        if (empty($tagIds)) {
+            return [];
+        }
+        $tags = $this->tagManager->getTagsByIds($tagIds);
+
+        // filter out non-visible tags
+        $tags = array_filter($tags, function($tag) {
+            return $this->tagManager->canUserSeeTag($tag, $this->user);
+        });
+
+        return array_values(array_map(function($tag) {
+            return $this->makeNode($tag);
+        }, $tags));
+    }
+
+    function childExists($tagId) {
+        try {
+            $result = ($this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagId, true));
+
+            if ($result) {
+                $tags = $this->tagManager->getTagsByIds([$tagId]);
+                $tag = current($tags);
+                if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
+                    return false;
+                }
+            }
+
+            return $result;
+        } catch (\InvalidArgumentException $e) {
+            throw new BadRequest('Invalid tag id', 0, $e);
+        } catch (TagNotFoundException $e) {
+            return false;
+        }
+    }
+
+    function delete() {
+        throw new Forbidden('Permission denied to delete this collection');
+    }
+
+    function getName() {
+        return $this->objectId;
+    }
+
+    function setName($name) {
+        throw new Forbidden('Permission denied to rename this collection');
+    }
+
+    /**
+     * Returns the last modification time, as a unix timestamp
+     *
+     * @return int
+     */
+    function getLastModified() {
+        return null;
+    }
+
+    /**
+     * Create a sabre node for the mapping of the 
+     * given system tag to the collection's object
+     *
+     * @param ISystemTag $tag
+     *
+     * @return SystemTagMappingNode
+     */
+    private function makeNode(ISystemTag $tag) {
+        return new SystemTagMappingNode(
+            $tag,
+            $this->objectId,
+            $this->objectType,
+            $this->user,
+            $this->tagManager,
+            $this->tagMapper
+        );
+    }
 }

Spacing +5 added lines, -5 removed lines

@@ -95,15 +95,15 @@ 
 			$tags = $this->tagManager->getTagsByIds([$tagId]);
 			$tag = current($tags);
 			if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
-				throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
+				throw new PreconditionFailed('Tag with id '.$tagId.' does not exist, cannot assign');
 			}
 			if (!$this->tagManager->canUserAssignTag($tag, $this->user)) {
-				throw new Forbidden('No permission to assign tag ' . $tagId);
+				throw new Forbidden('No permission to assign tag '.$tagId);
 			}
 
 			$this->tagMapper->assignTags($this->objectId, $this->objectType, $tagId);
 		} catch (TagNotFoundException $e) {
-			throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
+			throw new PreconditionFailed('Tag with id '.$tagId.' does not exist, cannot assign');
 		}
 	}
 
@@ -120,11 +120,11 @@ 
 					return $this->makeNode($tag);
 				}
 			}
-			throw new NotFound('Tag with id ' . $tagId . ' not present for object ' . $this->objectId);
+			throw new NotFound('Tag with id '.$tagId.' not present for object '.$this->objectId);
 		} catch (\InvalidArgumentException $e) {
 			throw new BadRequest('Invalid tag id', 0, $e);
 		} catch (TagNotFoundException $e) {
-			throw new NotFound('Tag with id ' . $tagId . ' not found', 0, $e);
+			throw new NotFound('Tag with id '.$tagId.' not found', 0, $e);
 		}
 	}
 

apps/dav/lib/SystemTag/SystemTagsObjectTypeCollection.php

Unused Use Statements -1 removed lines

@@ -26,7 +26,6 @@
 use Sabre\DAV\Exception\MethodNotAllowed;
 use Sabre\DAV\Exception\NotFound;
 use Sabre\DAV\ICollection;
-
 use OCP\SystemTag\ISystemTagManager;
 use OCP\SystemTag\ISystemTagObjectMapper;
 use OCP\IUserSession;

Indentation +132 added lines, -132 removed lines

@@ -39,136 +39,136 @@
  */
 class SystemTagsObjectTypeCollection implements ICollection {
 
-	/**
-	 * @var string
-	 */
-	private $objectType;
-
-	/**
-	 * @var ISystemTagManager
-	 */
-	private $tagManager;
-
-	/**
-	 * @var ISystemTagObjectMapper
-	 */
-	private $tagMapper;
-
-	/**
-	 * @var IGroupManager
-	 */
-	private $groupManager;
-
-	/**
-	 * @var IUserSession
-	 */
-	private $userSession;
-
-	/**
-	 * @var \Closure
-	 **/
-	protected $childExistsFunction;
-
-	/**
-	 * Constructor
-	 *
-	 * @param string $objectType object type
-	 * @param ISystemTagManager $tagManager
-	 * @param ISystemTagObjectMapper $tagMapper
-	 * @param IUserSession $userSession
-	 * @param IGroupManager $groupManager
-	 * @param \Closure $childExistsFunction
-	 */
-	public function __construct(
-		$objectType, 
-		ISystemTagManager $tagManager,
-		ISystemTagObjectMapper $tagMapper,
-		IUserSession $userSession,
-		IGroupManager $groupManager,
-		\Closure $childExistsFunction
-	) {
-		$this->tagManager = $tagManager;
-		$this->tagMapper = $tagMapper;
-		$this->objectType = $objectType;
-		$this->userSession = $userSession;
-		$this->groupManager = $groupManager;
-		$this->childExistsFunction = $childExistsFunction;
-	}
-
-	/**
-	 * @param string $name
-	 * @param resource|string $data Initial payload
-	 * @return null|string
-	 * @throws Forbidden
-	 */
-	function createFile($name, $data = null) {
-		throw new Forbidden('Permission denied to create nodes');
-	}
-
-	/**
-	 * @param string $name
-	 * @throws Forbidden
-	 */
-	function createDirectory($name) {
-		throw new Forbidden('Permission denied to create collections');
-	}
-
-	/**
-	 * @param string $objectId
-	 * @return SystemTagsObjectMappingCollection
-	 * @throws NotFound
-	 */
-	function getChild($objectId) {
-		// make sure the object exists and is reachable
-		if(!$this->childExists($objectId)) {
-			throw new NotFound('Entity does not exist or is not available');
-		}
-		return new SystemTagsObjectMappingCollection(
-			$objectId,
-			$this->objectType,
-			$this->userSession->getUser(),
-			$this->tagManager,
-			$this->tagMapper
-		);
-	}
-
-	function getChildren() {
-		// do not list object ids
-		throw new MethodNotAllowed();
-	}
-
-	/**
-	 * Checks if a child-node with the specified name exists
-	 *
-	 * @param string $name
-	 * @return bool
-	 */
-	function childExists($name) {
-		return call_user_func($this->childExistsFunction, $name);
-	}
-
-	function delete() {
-		throw new Forbidden('Permission denied to delete this collection');
-	}
-
-	function getName() {
-		return $this->objectType;
-	}
-
-	/**
-	 * @param string $name
-	 * @throws Forbidden
-	 */
-	function setName($name) {
-		throw new Forbidden('Permission denied to rename this collection');
-	}
-
-	/**
-	 * Returns the last modification time, as a unix timestamp
-	 *
-	 * @return int
-	 */
-	function getLastModified() {
-		return null;
-	}
+    /**
+     * @var string
+     */
+    private $objectType;
+
+    /**
+     * @var ISystemTagManager
+     */
+    private $tagManager;
+
+    /**
+     * @var ISystemTagObjectMapper
+     */
+    private $tagMapper;
+
+    /**
+     * @var IGroupManager
+     */
+    private $groupManager;
+
+    /**
+     * @var IUserSession
+     */
+    private $userSession;
+
+    /**
+     * @var \Closure
+     **/
+    protected $childExistsFunction;
+
+    /**
+     * Constructor
+     *
+     * @param string $objectType object type
+     * @param ISystemTagManager $tagManager
+     * @param ISystemTagObjectMapper $tagMapper
+     * @param IUserSession $userSession
+     * @param IGroupManager $groupManager
+     * @param \Closure $childExistsFunction
+     */
+    public function __construct(
+        $objectType, 
+        ISystemTagManager $tagManager,
+        ISystemTagObjectMapper $tagMapper,
+        IUserSession $userSession,
+        IGroupManager $groupManager,
+        \Closure $childExistsFunction
+    ) {
+        $this->tagManager = $tagManager;
+        $this->tagMapper = $tagMapper;
+        $this->objectType = $objectType;
+        $this->userSession = $userSession;
+        $this->groupManager = $groupManager;
+        $this->childExistsFunction = $childExistsFunction;
+    }
+
+    /**
+     * @param string $name
+     * @param resource|string $data Initial payload
+     * @return null|string
+     * @throws Forbidden
+     */
+    function createFile($name, $data = null) {
+        throw new Forbidden('Permission denied to create nodes');
+    }
+
+    /**
+     * @param string $name
+     * @throws Forbidden
+     */
+    function createDirectory($name) {
+        throw new Forbidden('Permission denied to create collections');
+    }
+
+    /**
+     * @param string $objectId
+     * @return SystemTagsObjectMappingCollection
+     * @throws NotFound
+     */
+    function getChild($objectId) {
+        // make sure the object exists and is reachable
+        if(!$this->childExists($objectId)) {
+            throw new NotFound('Entity does not exist or is not available');
+        }
+        return new SystemTagsObjectMappingCollection(
+            $objectId,
+            $this->objectType,
+            $this->userSession->getUser(),
+            $this->tagManager,
+            $this->tagMapper
+        );
+    }
+
+    function getChildren() {
+        // do not list object ids
+        throw new MethodNotAllowed();
+    }
+
+    /**
+     * Checks if a child-node with the specified name exists
+     *
+     * @param string $name
+     * @return bool
+     */
+    function childExists($name) {
+        return call_user_func($this->childExistsFunction, $name);
+    }
+
+    function delete() {
+        throw new Forbidden('Permission denied to delete this collection');
+    }
+
+    function getName() {
+        return $this->objectType;
+    }
+
+    /**
+     * @param string $name
+     * @throws Forbidden
+     */
+    function setName($name) {
+        throw new Forbidden('Permission denied to rename this collection');
+    }
+
+    /**
+     * Returns the last modification time, as a unix timestamp
+     *
+     * @return int
+     */
+    function getLastModified() {
+        return null;
+    }
 }

Spacing +1 added lines, -1 removed lines

@@ -120,7 +120,7 @@
 	 */
 	function getChild($objectId) {
 		// make sure the object exists and is reachable
-		if(!$this->childExists($objectId)) {
+		if (!$this->childExists($objectId)) {
 			throw new NotFound('Entity does not exist or is not available');
 		}
 		return new SystemTagsObjectMappingCollection(

apps/dav/lib/Upload/AssemblyStream.php

Doc Comments +2 added lines, -2 removed lines

@@ -118,7 +118,7 @@ 
 
 	/**
 	 * @param string $data
-	 * @return int
+	 * @return boolean
 	 */
 	public function stream_write($data) {
 		return false;
@@ -224,7 +224,7 @@ 
 	}
 
 	/**
-	 * @param $pos
+	 * @param integer $pos
 	 * @return IFile | null
 	 */
 	private function getNodeForPosition($pos) {

Spacing +4 added lines, -4 removed lines

@@ -74,7 +74,7 @@ 
 		// build additional information
 		$this->sortedNodes = [];
 		$start = 0;
-		foreach($this->nodes as $node) {
+		foreach ($this->nodes as $node) {
 			$size = $node->getSize();
 			$name = $node->getName();
 			$this->sortedNodes[$name] = ['node' => $node, 'start' => $start, 'end' => $start + $size];
@@ -216,7 +216,7 @@ 
 		if (isset($context[$name])) {
 			$context = $context[$name];
 		} else {
-			throw new \BadMethodCallException('Invalid context, "' . $name . '" options not set');
+			throw new \BadMethodCallException('Invalid context, "'.$name.'" options not set');
 		}
 		if (isset($context['nodes']) and is_array($context['nodes'])) {
 			$this->nodes = $context['nodes'];
@@ -253,7 +253,7 @@ 
 	 * @return IFile | null
 	 */
 	private function getNodeForPosition($pos) {
-		foreach($this->sortedNodes as $node) {
+		foreach ($this->sortedNodes as $node) {
 			if ($pos >= $node['start'] && $pos < $node['end']) {
 				return [$node['node'], $pos - $node['start']];
 			}
@@ -271,7 +271,7 @@ 
 			return $data;
 		}
 
-		return fopen('data://text/plain,' . $data,'r');
+		return fopen('data://text/plain,'.$data, 'r');
 	}
 
 }

Indentation +238 added lines, -238 removed lines

@@ -35,243 +35,243 @@
  */
 class AssemblyStream implements \Icewind\Streams\File {
 
-	/** @var resource */
-	private $context;
-
-	/** @var IFile[] */
-	private $nodes;
-
-	/** @var int */
-	private $pos = 0;
-
-	/** @var array */
-	private $sortedNodes;
-
-	/** @var int */
-	private $size;
-
-	/** @var resource */
-	private $currentStream = null;
-
-	/**
-	 * @param string $path
-	 * @param string $mode
-	 * @param int $options
-	 * @param string &$opened_path
-	 * @return bool
-	 */
-	public function stream_open($path, $mode, $options, &$opened_path) {
-		$this->loadContext('assembly');
-
-		// sort the nodes
-		$nodes = $this->nodes;
-		// http://stackoverflow.com/a/10985500
-		@usort($nodes, function(IFile $a, IFile $b) {
-			return strnatcmp($a->getName(), $b->getName());
-		});
-		$this->nodes = $nodes;
-
-		// build additional information
-		$this->sortedNodes = [];
-		$start = 0;
-		foreach($this->nodes as $node) {
-			$size = $node->getSize();
-			$name = $node->getName();
-			$this->sortedNodes[$name] = ['node' => $node, 'start' => $start, 'end' => $start + $size];
-			$start += $size;
-			$this->size = $start;
-		}
-		return true;
-	}
-
-	/**
-	 * @param string $offset
-	 * @param int $whence
-	 * @return bool
-	 */
-	public function stream_seek($offset, $whence = SEEK_SET) {
-		return false;
-	}
-
-	/**
-	 * @return int
-	 */
-	public function stream_tell() {
-		return $this->pos;
-	}
-
-	/**
-	 * @param int $count
-	 * @return string
-	 */
-	public function stream_read($count) {
-		do {
-			if ($this->currentStream === null) {
-				list($node, $posInNode) = $this->getNodeForPosition($this->pos);
-				if (is_null($node)) {
-					// reached last node, no more data
-					return '';
-				}
-				$this->currentStream = $this->getStream($node);
-				fseek($this->currentStream, $posInNode);
-			}
-
-			$data = fread($this->currentStream, $count);
-			// isset is faster than strlen
-			if (isset($data[$count - 1])) {
-				// we read the full count
-				$read = $count;
-			} else {
-				// reaching end of stream, which happens less often so strlen is ok
-				$read = strlen($data);
-			}
-
-			if (feof($this->currentStream)) {
-				fclose($this->currentStream);
-				$this->currentNode = null;
-				$this->currentStream = null;
-			}
-			// if no data read, try again with the next node because
-			// returning empty data can make the caller think there is no more
-			// data left to read
-		} while ($read === 0);
-
-		// update position
-		$this->pos += $read;
-		return $data;
-	}
-
-	/**
-	 * @param string $data
-	 * @return int
-	 */
-	public function stream_write($data) {
-		return false;
-	}
-
-	/**
-	 * @param int $option
-	 * @param int $arg1
-	 * @param int $arg2
-	 * @return bool
-	 */
-	public function stream_set_option($option, $arg1, $arg2) {
-		return false;
-	}
-
-	/**
-	 * @param int $size
-	 * @return bool
-	 */
-	public function stream_truncate($size) {
-		return false;
-	}
-
-	/**
-	 * @return array
-	 */
-	public function stream_stat() {
-		return [];
-	}
-
-	/**
-	 * @param int $operation
-	 * @return bool
-	 */
-	public function stream_lock($operation) {
-		return false;
-	}
-
-	/**
-	 * @return bool
-	 */
-	public function stream_flush() {
-		return false;
-	}
-
-	/**
-	 * @return bool
-	 */
-	public function stream_eof() {
-		return $this->pos >= $this->size;
-	}
-
-	/**
-	 * @return bool
-	 */
-	public function stream_close() {
-		return true;
-	}
-
-
-	/**
-	 * Load the source from the stream context and return the context options
-	 *
-	 * @param string $name
-	 * @return array
-	 * @throws \Exception
-	 */
-	protected function loadContext($name) {
-		$context = stream_context_get_options($this->context);
-		if (isset($context[$name])) {
-			$context = $context[$name];
-		} else {
-			throw new \BadMethodCallException('Invalid context, "' . $name . '" options not set');
-		}
-		if (isset($context['nodes']) and is_array($context['nodes'])) {
-			$this->nodes = $context['nodes'];
-		} else {
-			throw new \BadMethodCallException('Invalid context, nodes not set');
-		}
-		return $context;
-	}
-
-	/**
-	 * @param IFile[] $nodes
-	 * @return resource
-	 *
-	 * @throws \BadMethodCallException
-	 */
-	public static function wrap(array $nodes) {
-		$context = stream_context_create([
-			'assembly' => [
-				'nodes' => $nodes]
-		]);
-		stream_wrapper_register('assembly', '\OCA\DAV\Upload\AssemblyStream');
-		try {
-			$wrapped = fopen('assembly://', 'r', null, $context);
-		} catch (\BadMethodCallException $e) {
-			stream_wrapper_unregister('assembly');
-			throw $e;
-		}
-		stream_wrapper_unregister('assembly');
-		return $wrapped;
-	}
-
-	/**
-	 * @param $pos
-	 * @return IFile | null
-	 */
-	private function getNodeForPosition($pos) {
-		foreach($this->sortedNodes as $node) {
-			if ($pos >= $node['start'] && $pos < $node['end']) {
-				return [$node['node'], $pos - $node['start']];
-			}
-		}
-		return null;
-	}
-
-	/**
-	 * @param IFile $node
-	 * @return resource
-	 */
-	private function getStream(IFile $node) {
-		$data = $node->get();
-		if (is_resource($data)) {
-			return $data;
-		}
-
-		return fopen('data://text/plain,' . $data,'r');
-	}
+    /** @var resource */
+    private $context;
+
+    /** @var IFile[] */
+    private $nodes;
+
+    /** @var int */
+    private $pos = 0;
+
+    /** @var array */
+    private $sortedNodes;
+
+    /** @var int */
+    private $size;
+
+    /** @var resource */
+    private $currentStream = null;
+
+    /**
+     * @param string $path
+     * @param string $mode
+     * @param int $options
+     * @param string &$opened_path
+     * @return bool
+     */
+    public function stream_open($path, $mode, $options, &$opened_path) {
+        $this->loadContext('assembly');
+
+        // sort the nodes
+        $nodes = $this->nodes;
+        // http://stackoverflow.com/a/10985500
+        @usort($nodes, function(IFile $a, IFile $b) {
+            return strnatcmp($a->getName(), $b->getName());
+        });
+        $this->nodes = $nodes;
+
+        // build additional information
+        $this->sortedNodes = [];
+        $start = 0;
+        foreach($this->nodes as $node) {
+            $size = $node->getSize();
+            $name = $node->getName();
+            $this->sortedNodes[$name] = ['node' => $node, 'start' => $start, 'end' => $start + $size];
+            $start += $size;
+            $this->size = $start;
+        }
+        return true;
+    }
+
+    /**
+     * @param string $offset
+     * @param int $whence
+     * @return bool
+     */
+    public function stream_seek($offset, $whence = SEEK_SET) {
+        return false;
+    }
+
+    /**
+     * @return int
+     */
+    public function stream_tell() {
+        return $this->pos;
+    }
+
+    /**
+     * @param int $count
+     * @return string
+     */
+    public function stream_read($count) {
+        do {
+            if ($this->currentStream === null) {
+                list($node, $posInNode) = $this->getNodeForPosition($this->pos);
+                if (is_null($node)) {
+                    // reached last node, no more data
+                    return '';
+                }
+                $this->currentStream = $this->getStream($node);
+                fseek($this->currentStream, $posInNode);
+            }
+
+            $data = fread($this->currentStream, $count);
+            // isset is faster than strlen
+            if (isset($data[$count - 1])) {
+                // we read the full count
+                $read = $count;
+            } else {
+                // reaching end of stream, which happens less often so strlen is ok
+                $read = strlen($data);
+            }
+
+            if (feof($this->currentStream)) {
+                fclose($this->currentStream);
+                $this->currentNode = null;
+                $this->currentStream = null;
+            }
+            // if no data read, try again with the next node because
+            // returning empty data can make the caller think there is no more
+            // data left to read
+        } while ($read === 0);
+
+        // update position
+        $this->pos += $read;
+        return $data;
+    }
+
+    /**
+     * @param string $data
+     * @return int
+     */
+    public function stream_write($data) {
+        return false;
+    }
+
+    /**
+     * @param int $option
+     * @param int $arg1
+     * @param int $arg2
+     * @return bool
+     */
+    public function stream_set_option($option, $arg1, $arg2) {
+        return false;
+    }
+
+    /**
+     * @param int $size
+     * @return bool
+     */
+    public function stream_truncate($size) {
+        return false;
+    }
+
+    /**
+     * @return array
+     */
+    public function stream_stat() {
+        return [];
+    }
+
+    /**
+     * @param int $operation
+     * @return bool
+     */
+    public function stream_lock($operation) {
+        return false;
+    }
+
+    /**
+     * @return bool
+     */
+    public function stream_flush() {
+        return false;
+    }
+
+    /**
+     * @return bool
+     */
+    public function stream_eof() {
+        return $this->pos >= $this->size;
+    }
+
+    /**
+     * @return bool
+     */
+    public function stream_close() {
+        return true;
+    }
+
+
+    /**
+     * Load the source from the stream context and return the context options
+     *
+     * @param string $name
+     * @return array
+     * @throws \Exception
+     */
+    protected function loadContext($name) {
+        $context = stream_context_get_options($this->context);
+        if (isset($context[$name])) {
+            $context = $context[$name];
+        } else {
+            throw new \BadMethodCallException('Invalid context, "' . $name . '" options not set');
+        }
+        if (isset($context['nodes']) and is_array($context['nodes'])) {
+            $this->nodes = $context['nodes'];
+        } else {
+            throw new \BadMethodCallException('Invalid context, nodes not set');
+        }
+        return $context;
+    }
+
+    /**
+     * @param IFile[] $nodes
+     * @return resource
+     *
+     * @throws \BadMethodCallException
+     */
+    public static function wrap(array $nodes) {
+        $context = stream_context_create([
+            'assembly' => [
+                'nodes' => $nodes]
+        ]);
+        stream_wrapper_register('assembly', '\OCA\DAV\Upload\AssemblyStream');
+        try {
+            $wrapped = fopen('assembly://', 'r', null, $context);
+        } catch (\BadMethodCallException $e) {
+            stream_wrapper_unregister('assembly');
+            throw $e;
+        }
+        stream_wrapper_unregister('assembly');
+        return $wrapped;
+    }
+
+    /**
+     * @param $pos
+     * @return IFile | null
+     */
+    private function getNodeForPosition($pos) {
+        foreach($this->sortedNodes as $node) {
+            if ($pos >= $node['start'] && $pos < $node['end']) {
+                return [$node['node'], $pos - $node['start']];
+            }
+        }
+        return null;
+    }
+
+    /**
+     * @param IFile $node
+     * @return resource
+     */
+    private function getStream(IFile $node) {
+        $data = $node->get();
+        if (is_resource($data)) {
+            return $data;
+        }
+
+        return fopen('data://text/plain,' . $data,'r');
+    }
 
 }

apps/encryption/lib/Crypto/Encryption.php

Doc Comments +1 added lines, -1 removed lines

@@ -369,7 +369,7 @@
 	 * @param string $path path to the file which should be updated
 	 * @param string $uid of the user who performs the operation
 	 * @param array $accessList who has access to the file contains the key 'users' and 'public'
-	 * @return boolean
+	 * @return null|boolean
 	 */
 	public function update($path, $uid, array $accessList) {
 

Spacing +8 added lines, -8 removed lines

@@ -177,7 +177,7 @@ 
 		$this->isWriteOperation = false;
 		$this->writeCache = '';
 
-		if($this->session->isReady() === false) {
+		if ($this->session->isReady() === false) {
 			// if the master key is enabled we can initialize encryption
 			// with a empty password and user name
 			if ($this->util->isMasterKeyEnabled()) {
@@ -198,7 +198,7 @@ 
 		// always use the version from the original file, also part files
 		// need to have a correct version number if they get moved over to the
 		// final location
-		$this->version = (int)$this->keyManager->getVersion($this->stripPartFileExtension($path), new View());
+		$this->version = (int) $this->keyManager->getVersion($this->stripPartFileExtension($path), new View());
 
 		if (
 			$mode === 'w'
@@ -214,7 +214,7 @@ 
 			// if we read a part file we need to increase the version by 1
 			// because the version number was also increased by writing
 			// the part file
-			if(Scanner::isPartialFile($path)) {
+			if (Scanner::isPartialFile($path)) {
 				$this->version = $this->version + 1;
 			}
 		}
@@ -300,7 +300,7 @@ 
 		if ($this->writeCache) {
 
 			// Concat writeCache to start of $data
-			$data = $this->writeCache . $data;
+			$data = $this->writeCache.$data;
 
 			// Clear the write cache, ready for reuse - it has been
 			// flushed and its old contents processed
@@ -402,7 +402,7 @@ 
 					try {
 						$publicKeys[$user] = $this->keyManager->getPublicKey($user);
 					} catch (PublicKeyMissingException $e) {
-						$this->logger->warning('Could not encrypt file for ' . $user . ': ' . $e->getMessage());
+						$this->logger->warning('Could not encrypt file for '.$user.': '.$e->getMessage());
 					}
 				}
 			}
@@ -489,8 +489,8 @@ 
 				// error message because in this case it means that the file was
 				// shared with the user at a point where the user didn't had a
 				// valid private/public key
-				$msg = 'Encryption module "' . $this->getDisplayName() .
-					'" is not able to read ' . $path;
+				$msg = 'Encryption module "'.$this->getDisplayName().
+					'" is not able to read '.$path;
 				$hint = $this->l->t('Can not read this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
 				$this->logger->warning($msg);
 				throw new DecryptionFailedException($msg, $hint);
@@ -532,7 +532,7 @@ 
 		$realPath = $path;
 		$parts = explode('/', $path);
 		if ($parts[2] === 'files_versions') {
-			$realPath = '/' . $parts[1] . '/files/' . implode('/', array_slice($parts, 3));
+			$realPath = '/'.$parts[1].'/files/'.implode('/', array_slice($parts, 3));
 			$length = strrpos($realPath, '.');
 			$realPath = substr($realPath, 0, $length);
 		}

Indentation +526 added lines, -526 removed lines

@@ -43,530 +43,530 @@
 
 class Encryption implements IEncryptionModule {
 
-	const ID = 'OC_DEFAULT_MODULE';
-	const DISPLAY_NAME = 'Default encryption module';
-
-	/**
-	 * @var Crypt
-	 */
-	private $crypt;
-
-	/** @var string */
-	private $cipher;
-
-	/** @var string */
-	private $path;
-
-	/** @var string */
-	private $user;
-
-	/** @var string */
-	private $fileKey;
-
-	/** @var string */
-	private $writeCache;
-
-	/** @var KeyManager */
-	private $keyManager;
-
-	/** @var array */
-	private $accessList;
-
-	/** @var boolean */
-	private $isWriteOperation;
-
-	/** @var Util */
-	private $util;
-
-	/** @var  Session */
-	private $session;
-
-	/** @var  ILogger */
-	private $logger;
-
-	/** @var IL10N */
-	private $l;
-
-	/** @var EncryptAll */
-	private $encryptAll;
-
-	/** @var  bool */
-	private $useMasterPassword;
-
-	/** @var DecryptAll  */
-	private $decryptAll;
-
-	/** @var int unencrypted block size if block contains signature */
-	private $unencryptedBlockSizeSigned = 6072;
-
-	/** @var int unencrypted block size */
-	private $unencryptedBlockSize = 6126;
-
-	/** @var int Current version of the file */
-	private $version = 0;
-
-	/** @var array remember encryption signature version */
-	private static $rememberVersion = [];
-
-
-	/**
-	 *
-	 * @param Crypt $crypt
-	 * @param KeyManager $keyManager
-	 * @param Util $util
-	 * @param Session $session
-	 * @param EncryptAll $encryptAll
-	 * @param DecryptAll $decryptAll
-	 * @param ILogger $logger
-	 * @param IL10N $il10n
-	 */
-	public function __construct(Crypt $crypt,
-								KeyManager $keyManager,
-								Util $util,
-								Session $session,
-								EncryptAll $encryptAll,
-								DecryptAll $decryptAll,
-								ILogger $logger,
-								IL10N $il10n) {
-		$this->crypt = $crypt;
-		$this->keyManager = $keyManager;
-		$this->util = $util;
-		$this->session = $session;
-		$this->encryptAll = $encryptAll;
-		$this->decryptAll = $decryptAll;
-		$this->logger = $logger;
-		$this->l = $il10n;
-		$this->useMasterPassword = $util->isMasterKeyEnabled();
-	}
-
-	/**
-	 * @return string defining the technical unique id
-	 */
-	public function getId() {
-		return self::ID;
-	}
-
-	/**
-	 * In comparison to getKey() this function returns a human readable (maybe translated) name
-	 *
-	 * @return string
-	 */
-	public function getDisplayName() {
-		return self::DISPLAY_NAME;
-	}
-
-	/**
-	 * start receiving chunks from a file. This is the place where you can
-	 * perform some initial step before starting encrypting/decrypting the
-	 * chunks
-	 *
-	 * @param string $path to the file
-	 * @param string $user who read/write the file
-	 * @param string $mode php stream open mode
-	 * @param array $header contains the header data read from the file
-	 * @param array $accessList who has access to the file contains the key 'users' and 'public'
-	 *
-	 * @return array $header contain data as key-value pairs which should be
-	 *                       written to the header, in case of a write operation
-	 *                       or if no additional data is needed return a empty array
-	 */
-	public function begin($path, $user, $mode, array $header, array $accessList) {
-		$this->path = $this->getPathToRealFile($path);
-		$this->accessList = $accessList;
-		$this->user = $user;
-		$this->isWriteOperation = false;
-		$this->writeCache = '';
-
-		if($this->session->isReady() === false) {
-			// if the master key is enabled we can initialize encryption
-			// with a empty password and user name
-			if ($this->util->isMasterKeyEnabled()) {
-				$this->keyManager->init('', '');
-			}
-		}
-
-		if ($this->session->decryptAllModeActivated()) {
-			$encryptedFileKey = $this->keyManager->getEncryptedFileKey($this->path);
-			$shareKey = $this->keyManager->getShareKey($this->path, $this->session->getDecryptAllUid());
-			$this->fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey,
-				$shareKey,
-				$this->session->getDecryptAllKey());
-		} else {
-			$this->fileKey = $this->keyManager->getFileKey($this->path, $this->user);
-		}
-
-		// always use the version from the original file, also part files
-		// need to have a correct version number if they get moved over to the
-		// final location
-		$this->version = (int)$this->keyManager->getVersion($this->stripPartFileExtension($path), new View());
-
-		if (
-			$mode === 'w'
-			|| $mode === 'w+'
-			|| $mode === 'wb'
-			|| $mode === 'wb+'
-		) {
-			$this->isWriteOperation = true;
-			if (empty($this->fileKey)) {
-				$this->fileKey = $this->crypt->generateFileKey();
-			}
-		} else {
-			// if we read a part file we need to increase the version by 1
-			// because the version number was also increased by writing
-			// the part file
-			if(Scanner::isPartialFile($path)) {
-				$this->version = $this->version + 1;
-			}
-		}
-
-		if ($this->isWriteOperation) {
-			$this->cipher = $this->crypt->getCipher();
-		} elseif (isset($header['cipher'])) {
-			$this->cipher = $header['cipher'];
-		} else {
-			// if we read a file without a header we fall-back to the legacy cipher
-			// which was used in <=oC6
-			$this->cipher = $this->crypt->getLegacyCipher();
-		}
-
-		return array('cipher' => $this->cipher, 'signed' => 'true');
-	}
-
-	/**
-	 * last chunk received. This is the place where you can perform some final
-	 * operation and return some remaining data if something is left in your
-	 * buffer.
-	 *
-	 * @param string $path to the file
-	 * @param int $position
-	 * @return string remained data which should be written to the file in case
-	 *                of a write operation
-	 * @throws PublicKeyMissingException
-	 * @throws \Exception
-	 * @throws \OCA\Encryption\Exceptions\MultiKeyEncryptException
-	 */
-	public function end($path, $position = 0) {
-		$result = '';
-		if ($this->isWriteOperation) {
-			$this->keyManager->setVersion($path, $this->version + 1, new View());
-			// in case of a part file we remember the new signature versions
-			// the version will be set later on update.
-			// This way we make sure that other apps listening to the pre-hooks
-			// still get the old version which should be the correct value for them
-			if (Scanner::isPartialFile($path)) {
-				self::$rememberVersion[$this->stripPartFileExtension($path)] = $this->version + 1;
-			}
-			if (!empty($this->writeCache)) {
-				$result = $this->crypt->symmetricEncryptFileContent($this->writeCache, $this->fileKey, $this->version + 1, $position);
-				$this->writeCache = '';
-			}
-			$publicKeys = array();
-			if ($this->useMasterPassword === true) {
-				$publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey();
-			} else {
-				foreach ($this->accessList['users'] as $uid) {
-					try {
-						$publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
-					} catch (PublicKeyMissingException $e) {
-						$this->logger->warning(
-							'no public key found for user "{uid}", user will not be able to read the file',
-							['app' => 'encryption', 'uid' => $uid]
-						);
-						// if the public key of the owner is missing we should fail
-						if ($uid === $this->user) {
-							throw $e;
-						}
-					}
-				}
-			}
-
-			$publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys, $this->user);
-			$encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys);
-			$this->keyManager->setAllFileKeys($this->path, $encryptedKeyfiles);
-		}
-		return $result;
-	}
-
-	/**
-	 * encrypt data
-	 *
-	 * @param string $data you want to encrypt
-	 * @param int $position
-	 * @return string encrypted data
-	 */
-	public function encrypt($data, $position = 0) {
-		// If extra data is left over from the last round, make sure it
-		// is integrated into the next block
-		if ($this->writeCache) {
-
-			// Concat writeCache to start of $data
-			$data = $this->writeCache . $data;
-
-			// Clear the write cache, ready for reuse - it has been
-			// flushed and its old contents processed
-			$this->writeCache = '';
-
-		}
-
-		$encrypted = '';
-		// While there still remains some data to be processed & written
-		while (strlen($data) > 0) {
-
-			// Remaining length for this iteration, not of the
-			// entire file (may be greater than 8192 bytes)
-			$remainingLength = strlen($data);
-
-			// If data remaining to be written is less than the
-			// size of 1 6126 byte block
-			if ($remainingLength < $this->unencryptedBlockSizeSigned) {
-
-				// Set writeCache to contents of $data
-				// The writeCache will be carried over to the
-				// next write round, and added to the start of
-				// $data to ensure that written blocks are
-				// always the correct length. If there is still
-				// data in writeCache after the writing round
-				// has finished, then the data will be written
-				// to disk by $this->flush().
-				$this->writeCache = $data;
-
-				// Clear $data ready for next round
-				$data = '';
-
-			} else {
-
-				// Read the chunk from the start of $data
-				$chunk = substr($data, 0, $this->unencryptedBlockSizeSigned);
-
-				$encrypted .= $this->crypt->symmetricEncryptFileContent($chunk, $this->fileKey, $this->version + 1, $position);
-
-				// Remove the chunk we just processed from
-				// $data, leaving only unprocessed data in $data
-				// var, for handling on the next round
-				$data = substr($data, $this->unencryptedBlockSizeSigned);
-
-			}
-
-		}
-
-		return $encrypted;
-	}
-
-	/**
-	 * decrypt data
-	 *
-	 * @param string $data you want to decrypt
-	 * @param int $position
-	 * @return string decrypted data
-	 * @throws DecryptionFailedException
-	 */
-	public function decrypt($data, $position = 0) {
-		if (empty($this->fileKey)) {
-			$msg = 'Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.';
-			$hint = $this->l->t('Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
-			$this->logger->error($msg);
-
-			throw new DecryptionFailedException($msg, $hint);
-		}
-
-		return $this->crypt->symmetricDecryptFileContent($data, $this->fileKey, $this->cipher, $this->version, $position);
-	}
-
-	/**
-	 * update encrypted file, e.g. give additional users access to the file
-	 *
-	 * @param string $path path to the file which should be updated
-	 * @param string $uid of the user who performs the operation
-	 * @param array $accessList who has access to the file contains the key 'users' and 'public'
-	 * @return boolean
-	 */
-	public function update($path, $uid, array $accessList) {
-
-		if (empty($accessList)) {
-			if (isset(self::$rememberVersion[$path])) {
-				$this->keyManager->setVersion($path, self::$rememberVersion[$path], new View());
-				unset(self::$rememberVersion[$path]);
-			}
-			return;
-		}
-
-		$fileKey = $this->keyManager->getFileKey($path, $uid);
-
-		if (!empty($fileKey)) {
-
-			$publicKeys = array();
-			if ($this->useMasterPassword === true) {
-				$publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey();
-			} else {
-				foreach ($accessList['users'] as $user) {
-					try {
-						$publicKeys[$user] = $this->keyManager->getPublicKey($user);
-					} catch (PublicKeyMissingException $e) {
-						$this->logger->warning('Could not encrypt file for ' . $user . ': ' . $e->getMessage());
-					}
-				}
-			}
-
-			$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $uid);
-
-			$encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
-
-			$this->keyManager->deleteAllFileKeys($path);
-
-			$this->keyManager->setAllFileKeys($path, $encryptedFileKey);
-
-		} else {
-			$this->logger->debug('no file key found, we assume that the file "{file}" is not encrypted',
-				array('file' => $path, 'app' => 'encryption'));
-
-			return false;
-		}
-
-		return true;
-	}
-
-	/**
-	 * should the file be encrypted or not
-	 *
-	 * @param string $path
-	 * @return boolean
-	 */
-	public function shouldEncrypt($path) {
-		if ($this->util->shouldEncryptHomeStorage() === false) {
-			$storage = $this->util->getStorage($path);
-			if ($storage->instanceOfStorage('\OCP\Files\IHomeStorage')) {
-				return false;
-			}
-		}
-		$parts = explode('/', $path);
-		if (count($parts) < 4) {
-			return false;
-		}
-
-		if ($parts[2] == 'files') {
-			return true;
-		}
-		if ($parts[2] == 'files_versions') {
-			return true;
-		}
-		if ($parts[2] == 'files_trashbin') {
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * get size of the unencrypted payload per block.
-	 * Nextcloud read/write files with a block size of 8192 byte
-	 *
-	 * @param bool $signed
-	 * @return int
-	 */
-	public function getUnencryptedBlockSize($signed = false) {
-		if ($signed === false) {
-			return $this->unencryptedBlockSize;
-		}
-
-		return $this->unencryptedBlockSizeSigned;
-	}
-
-	/**
-	 * check if the encryption module is able to read the file,
-	 * e.g. if all encryption keys exists
-	 *
-	 * @param string $path
-	 * @param string $uid user for whom we want to check if he can read the file
-	 * @return bool
-	 * @throws DecryptionFailedException
-	 */
-	public function isReadable($path, $uid) {
-		$fileKey = $this->keyManager->getFileKey($path, $uid);
-		if (empty($fileKey)) {
-			$owner = $this->util->getOwner($path);
-			if ($owner !== $uid) {
-				// if it is a shared file we throw a exception with a useful
-				// error message because in this case it means that the file was
-				// shared with the user at a point where the user didn't had a
-				// valid private/public key
-				$msg = 'Encryption module "' . $this->getDisplayName() .
-					'" is not able to read ' . $path;
-				$hint = $this->l->t('Can not read this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
-				$this->logger->warning($msg);
-				throw new DecryptionFailedException($msg, $hint);
-			}
-			return false;
-		}
-
-		return true;
-	}
-
-	/**
-	 * Initial encryption of all files
-	 *
-	 * @param InputInterface $input
-	 * @param OutputInterface $output write some status information to the terminal during encryption
-	 */
-	public function encryptAll(InputInterface $input, OutputInterface $output) {
-		$this->encryptAll->encryptAll($input, $output);
-	}
-
-	/**
-	 * prepare module to perform decrypt all operation
-	 *
-	 * @param InputInterface $input
-	 * @param OutputInterface $output
-	 * @param string $user
-	 * @return bool
-	 */
-	public function prepareDecryptAll(InputInterface $input, OutputInterface $output, $user = '') {
-		return $this->decryptAll->prepare($input, $output, $user);
-	}
-
-
-	/**
-	 * @param string $path
-	 * @return string
-	 */
-	protected function getPathToRealFile($path) {
-		$realPath = $path;
-		$parts = explode('/', $path);
-		if ($parts[2] === 'files_versions') {
-			$realPath = '/' . $parts[1] . '/files/' . implode('/', array_slice($parts, 3));
-			$length = strrpos($realPath, '.');
-			$realPath = substr($realPath, 0, $length);
-		}
-
-		return $realPath;
-	}
-
-	/**
-	 * remove .part file extension and the ocTransferId from the file to get the
-	 * original file name
-	 *
-	 * @param string $path
-	 * @return string
-	 */
-	protected function stripPartFileExtension($path) {
-		if (pathinfo($path, PATHINFO_EXTENSION) === 'part') {
-			$pos = strrpos($path, '.', -6);
-			$path = substr($path, 0, $pos);
-		}
-
-		return $path;
-	}
-
-	/**
-	 * Check if the module is ready to be used by that specific user.
-	 * In case a module is not ready - because e.g. key pairs have not been generated
-	 * upon login this method can return false before any operation starts and might
-	 * cause issues during operations.
-	 *
-	 * @param string $user
-	 * @return boolean
-	 * @since 9.1.0
-	 */
-	public function isReadyForUser($user) {
-		return $this->keyManager->userHasKeys($user);
-	}
+    const ID = 'OC_DEFAULT_MODULE';
+    const DISPLAY_NAME = 'Default encryption module';
+
+    /**
+     * @var Crypt
+     */
+    private $crypt;
+
+    /** @var string */
+    private $cipher;
+
+    /** @var string */
+    private $path;
+
+    /** @var string */
+    private $user;
+
+    /** @var string */
+    private $fileKey;
+
+    /** @var string */
+    private $writeCache;
+
+    /** @var KeyManager */
+    private $keyManager;
+
+    /** @var array */
+    private $accessList;
+
+    /** @var boolean */
+    private $isWriteOperation;
+
+    /** @var Util */
+    private $util;
+
+    /** @var  Session */
+    private $session;
+
+    /** @var  ILogger */
+    private $logger;
+
+    /** @var IL10N */
+    private $l;
+
+    /** @var EncryptAll */
+    private $encryptAll;
+
+    /** @var  bool */
+    private $useMasterPassword;
+
+    /** @var DecryptAll  */
+    private $decryptAll;
+
+    /** @var int unencrypted block size if block contains signature */
+    private $unencryptedBlockSizeSigned = 6072;
+
+    /** @var int unencrypted block size */
+    private $unencryptedBlockSize = 6126;
+
+    /** @var int Current version of the file */
+    private $version = 0;
+
+    /** @var array remember encryption signature version */
+    private static $rememberVersion = [];
+
+
+    /**
+     *
+     * @param Crypt $crypt
+     * @param KeyManager $keyManager
+     * @param Util $util
+     * @param Session $session
+     * @param EncryptAll $encryptAll
+     * @param DecryptAll $decryptAll
+     * @param ILogger $logger
+     * @param IL10N $il10n
+     */
+    public function __construct(Crypt $crypt,
+                                KeyManager $keyManager,
+                                Util $util,
+                                Session $session,
+                                EncryptAll $encryptAll,
+                                DecryptAll $decryptAll,
+                                ILogger $logger,
+                                IL10N $il10n) {
+        $this->crypt = $crypt;
+        $this->keyManager = $keyManager;
+        $this->util = $util;
+        $this->session = $session;
+        $this->encryptAll = $encryptAll;
+        $this->decryptAll = $decryptAll;
+        $this->logger = $logger;
+        $this->l = $il10n;
+        $this->useMasterPassword = $util->isMasterKeyEnabled();
+    }
+
+    /**
+     * @return string defining the technical unique id
+     */
+    public function getId() {
+        return self::ID;
+    }
+
+    /**
+     * In comparison to getKey() this function returns a human readable (maybe translated) name
+     *
+     * @return string
+     */
+    public function getDisplayName() {
+        return self::DISPLAY_NAME;
+    }
+
+    /**
+     * start receiving chunks from a file. This is the place where you can
+     * perform some initial step before starting encrypting/decrypting the
+     * chunks
+     *
+     * @param string $path to the file
+     * @param string $user who read/write the file
+     * @param string $mode php stream open mode
+     * @param array $header contains the header data read from the file
+     * @param array $accessList who has access to the file contains the key 'users' and 'public'
+     *
+     * @return array $header contain data as key-value pairs which should be
+     *                       written to the header, in case of a write operation
+     *                       or if no additional data is needed return a empty array
+     */
+    public function begin($path, $user, $mode, array $header, array $accessList) {
+        $this->path = $this->getPathToRealFile($path);
+        $this->accessList = $accessList;
+        $this->user = $user;
+        $this->isWriteOperation = false;
+        $this->writeCache = '';
+
+        if($this->session->isReady() === false) {
+            // if the master key is enabled we can initialize encryption
+            // with a empty password and user name
+            if ($this->util->isMasterKeyEnabled()) {
+                $this->keyManager->init('', '');
+            }
+        }
+
+        if ($this->session->decryptAllModeActivated()) {
+            $encryptedFileKey = $this->keyManager->getEncryptedFileKey($this->path);
+            $shareKey = $this->keyManager->getShareKey($this->path, $this->session->getDecryptAllUid());
+            $this->fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey,
+                $shareKey,
+                $this->session->getDecryptAllKey());
+        } else {
+            $this->fileKey = $this->keyManager->getFileKey($this->path, $this->user);
+        }
+
+        // always use the version from the original file, also part files
+        // need to have a correct version number if they get moved over to the
+        // final location
+        $this->version = (int)$this->keyManager->getVersion($this->stripPartFileExtension($path), new View());
+
+        if (
+            $mode === 'w'
+            || $mode === 'w+'
+            || $mode === 'wb'
+            || $mode === 'wb+'
+        ) {
+            $this->isWriteOperation = true;
+            if (empty($this->fileKey)) {
+                $this->fileKey = $this->crypt->generateFileKey();
+            }
+        } else {
+            // if we read a part file we need to increase the version by 1
+            // because the version number was also increased by writing
+            // the part file
+            if(Scanner::isPartialFile($path)) {
+                $this->version = $this->version + 1;
+            }
+        }
+
+        if ($this->isWriteOperation) {
+            $this->cipher = $this->crypt->getCipher();
+        } elseif (isset($header['cipher'])) {
+            $this->cipher = $header['cipher'];
+        } else {
+            // if we read a file without a header we fall-back to the legacy cipher
+            // which was used in <=oC6
+            $this->cipher = $this->crypt->getLegacyCipher();
+        }
+
+        return array('cipher' => $this->cipher, 'signed' => 'true');
+    }
+
+    /**
+     * last chunk received. This is the place where you can perform some final
+     * operation and return some remaining data if something is left in your
+     * buffer.
+     *
+     * @param string $path to the file
+     * @param int $position
+     * @return string remained data which should be written to the file in case
+     *                of a write operation
+     * @throws PublicKeyMissingException
+     * @throws \Exception
+     * @throws \OCA\Encryption\Exceptions\MultiKeyEncryptException
+     */
+    public function end($path, $position = 0) {
+        $result = '';
+        if ($this->isWriteOperation) {
+            $this->keyManager->setVersion($path, $this->version + 1, new View());
+            // in case of a part file we remember the new signature versions
+            // the version will be set later on update.
+            // This way we make sure that other apps listening to the pre-hooks
+            // still get the old version which should be the correct value for them
+            if (Scanner::isPartialFile($path)) {
+                self::$rememberVersion[$this->stripPartFileExtension($path)] = $this->version + 1;
+            }
+            if (!empty($this->writeCache)) {
+                $result = $this->crypt->symmetricEncryptFileContent($this->writeCache, $this->fileKey, $this->version + 1, $position);
+                $this->writeCache = '';
+            }
+            $publicKeys = array();
+            if ($this->useMasterPassword === true) {
+                $publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey();
+            } else {
+                foreach ($this->accessList['users'] as $uid) {
+                    try {
+                        $publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
+                    } catch (PublicKeyMissingException $e) {
+                        $this->logger->warning(
+                            'no public key found for user "{uid}", user will not be able to read the file',
+                            ['app' => 'encryption', 'uid' => $uid]
+                        );
+                        // if the public key of the owner is missing we should fail
+                        if ($uid === $this->user) {
+                            throw $e;
+                        }
+                    }
+                }
+            }
+
+            $publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys, $this->user);
+            $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys);
+            $this->keyManager->setAllFileKeys($this->path, $encryptedKeyfiles);
+        }
+        return $result;
+    }
+
+    /**
+     * encrypt data
+     *
+     * @param string $data you want to encrypt
+     * @param int $position
+     * @return string encrypted data
+     */
+    public function encrypt($data, $position = 0) {
+        // If extra data is left over from the last round, make sure it
+        // is integrated into the next block
+        if ($this->writeCache) {
+
+            // Concat writeCache to start of $data
+            $data = $this->writeCache . $data;
+
+            // Clear the write cache, ready for reuse - it has been
+            // flushed and its old contents processed
+            $this->writeCache = '';
+
+        }
+
+        $encrypted = '';
+        // While there still remains some data to be processed & written
+        while (strlen($data) > 0) {
+
+            // Remaining length for this iteration, not of the
+            // entire file (may be greater than 8192 bytes)
+            $remainingLength = strlen($data);
+
+            // If data remaining to be written is less than the
+            // size of 1 6126 byte block
+            if ($remainingLength < $this->unencryptedBlockSizeSigned) {
+
+                // Set writeCache to contents of $data
+                // The writeCache will be carried over to the
+                // next write round, and added to the start of
+                // $data to ensure that written blocks are
+                // always the correct length. If there is still
+                // data in writeCache after the writing round
+                // has finished, then the data will be written
+                // to disk by $this->flush().
+                $this->writeCache = $data;
+
+                // Clear $data ready for next round
+                $data = '';
+
+            } else {
+
+                // Read the chunk from the start of $data
+                $chunk = substr($data, 0, $this->unencryptedBlockSizeSigned);
+
+                $encrypted .= $this->crypt->symmetricEncryptFileContent($chunk, $this->fileKey, $this->version + 1, $position);
+
+                // Remove the chunk we just processed from
+                // $data, leaving only unprocessed data in $data
+                // var, for handling on the next round
+                $data = substr($data, $this->unencryptedBlockSizeSigned);
+
+            }
+
+        }
+
+        return $encrypted;
+    }
+
+    /**
+     * decrypt data
+     *
+     * @param string $data you want to decrypt
+     * @param int $position
+     * @return string decrypted data
+     * @throws DecryptionFailedException
+     */
+    public function decrypt($data, $position = 0) {
+        if (empty($this->fileKey)) {
+            $msg = 'Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.';
+            $hint = $this->l->t('Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
+            $this->logger->error($msg);
+
+            throw new DecryptionFailedException($msg, $hint);
+        }
+
+        return $this->crypt->symmetricDecryptFileContent($data, $this->fileKey, $this->cipher, $this->version, $position);
+    }
+
+    /**
+     * update encrypted file, e.g. give additional users access to the file
+     *
+     * @param string $path path to the file which should be updated
+     * @param string $uid of the user who performs the operation
+     * @param array $accessList who has access to the file contains the key 'users' and 'public'
+     * @return boolean
+     */
+    public function update($path, $uid, array $accessList) {
+
+        if (empty($accessList)) {
+            if (isset(self::$rememberVersion[$path])) {
+                $this->keyManager->setVersion($path, self::$rememberVersion[$path], new View());
+                unset(self::$rememberVersion[$path]);
+            }
+            return;
+        }
+
+        $fileKey = $this->keyManager->getFileKey($path, $uid);
+
+        if (!empty($fileKey)) {
+
+            $publicKeys = array();
+            if ($this->useMasterPassword === true) {
+                $publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey();
+            } else {
+                foreach ($accessList['users'] as $user) {
+                    try {
+                        $publicKeys[$user] = $this->keyManager->getPublicKey($user);
+                    } catch (PublicKeyMissingException $e) {
+                        $this->logger->warning('Could not encrypt file for ' . $user . ': ' . $e->getMessage());
+                    }
+                }
+            }
+
+            $publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $uid);
+
+            $encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
+
+            $this->keyManager->deleteAllFileKeys($path);
+
+            $this->keyManager->setAllFileKeys($path, $encryptedFileKey);
+
+        } else {
+            $this->logger->debug('no file key found, we assume that the file "{file}" is not encrypted',
+                array('file' => $path, 'app' => 'encryption'));
+
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * should the file be encrypted or not
+     *
+     * @param string $path
+     * @return boolean
+     */
+    public function shouldEncrypt($path) {
+        if ($this->util->shouldEncryptHomeStorage() === false) {
+            $storage = $this->util->getStorage($path);
+            if ($storage->instanceOfStorage('\OCP\Files\IHomeStorage')) {
+                return false;
+            }
+        }
+        $parts = explode('/', $path);
+        if (count($parts) < 4) {
+            return false;
+        }
+
+        if ($parts[2] == 'files') {
+            return true;
+        }
+        if ($parts[2] == 'files_versions') {
+            return true;
+        }
+        if ($parts[2] == 'files_trashbin') {
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * get size of the unencrypted payload per block.
+     * Nextcloud read/write files with a block size of 8192 byte
+     *
+     * @param bool $signed
+     * @return int
+     */
+    public function getUnencryptedBlockSize($signed = false) {
+        if ($signed === false) {
+            return $this->unencryptedBlockSize;
+        }
+
+        return $this->unencryptedBlockSizeSigned;
+    }
+
+    /**
+     * check if the encryption module is able to read the file,
+     * e.g. if all encryption keys exists
+     *
+     * @param string $path
+     * @param string $uid user for whom we want to check if he can read the file
+     * @return bool
+     * @throws DecryptionFailedException
+     */
+    public function isReadable($path, $uid) {
+        $fileKey = $this->keyManager->getFileKey($path, $uid);
+        if (empty($fileKey)) {
+            $owner = $this->util->getOwner($path);
+            if ($owner !== $uid) {
+                // if it is a shared file we throw a exception with a useful
+                // error message because in this case it means that the file was
+                // shared with the user at a point where the user didn't had a
+                // valid private/public key
+                $msg = 'Encryption module "' . $this->getDisplayName() .
+                    '" is not able to read ' . $path;
+                $hint = $this->l->t('Can not read this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
+                $this->logger->warning($msg);
+                throw new DecryptionFailedException($msg, $hint);
+            }
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * Initial encryption of all files
+     *
+     * @param InputInterface $input
+     * @param OutputInterface $output write some status information to the terminal during encryption
+     */
+    public function encryptAll(InputInterface $input, OutputInterface $output) {
+        $this->encryptAll->encryptAll($input, $output);
+    }
+
+    /**
+     * prepare module to perform decrypt all operation
+     *
+     * @param InputInterface $input
+     * @param OutputInterface $output
+     * @param string $user
+     * @return bool
+     */
+    public function prepareDecryptAll(InputInterface $input, OutputInterface $output, $user = '') {
+        return $this->decryptAll->prepare($input, $output, $user);
+    }
+
+
+    /**
+     * @param string $path
+     * @return string
+     */
+    protected function getPathToRealFile($path) {
+        $realPath = $path;
+        $parts = explode('/', $path);
+        if ($parts[2] === 'files_versions') {
+            $realPath = '/' . $parts[1] . '/files/' . implode('/', array_slice($parts, 3));
+            $length = strrpos($realPath, '.');
+            $realPath = substr($realPath, 0, $length);
+        }
+
+        return $realPath;
+    }
+
+    /**
+     * remove .part file extension and the ocTransferId from the file to get the
+     * original file name
+     *
+     * @param string $path
+     * @return string
+     */
+    protected function stripPartFileExtension($path) {
+        if (pathinfo($path, PATHINFO_EXTENSION) === 'part') {
+            $pos = strrpos($path, '.', -6);
+            $path = substr($path, 0, $pos);
+        }
+
+        return $path;
+    }
+
+    /**
+     * Check if the module is ready to be used by that specific user.
+     * In case a module is not ready - because e.g. key pairs have not been generated
+     * upon login this method can return false before any operation starts and might
+     * cause issues during operations.
+     *
+     * @param string $user
+     * @return boolean
+     * @since 9.1.0
+     */
+    public function isReadyForUser($user) {
+        return $this->keyManager->userHasKeys($user);
+    }
 }

apps/encryption/lib/KeyManager.php

Doc Comments +1 added lines, -1 removed lines

@@ -488,7 +488,7 @@
 
 
 	/**
-	 * @param $path
+	 * @param string $path
 	 * @param $uid
 	 * @return mixed
 	 */

Indentation +672 added lines, -672 removed lines

@@ -38,676 +38,676 @@
 
 class KeyManager {
 
-	/**
-	 * @var Session
-	 */
-	protected $session;
-	/**
-	 * @var IStorage
-	 */
-	private $keyStorage;
-	/**
-	 * @var Crypt
-	 */
-	private $crypt;
-	/**
-	 * @var string
-	 */
-	private $recoveryKeyId;
-	/**
-	 * @var string
-	 */
-	private $publicShareKeyId;
-	/**
-	 * @var string
-	 */
-	private $masterKeyId;
-	/**
-	 * @var string UserID
-	 */
-	private $keyId;
-	/**
-	 * @var string
-	 */
-	private $publicKeyId = 'publicKey';
-	/**
-	 * @var string
-	 */
-	private $privateKeyId = 'privateKey';
-
-	/**
-	 * @var string
-	 */
-	private $shareKeyId = 'shareKey';
-
-	/**
-	 * @var string
-	 */
-	private $fileKeyId = 'fileKey';
-	/**
-	 * @var IConfig
-	 */
-	private $config;
-	/**
-	 * @var ILogger
-	 */
-	private $log;
-	/**
-	 * @var Util
-	 */
-	private $util;
-
-	/**
-	 * @param IStorage $keyStorage
-	 * @param Crypt $crypt
-	 * @param IConfig $config
-	 * @param IUserSession $userSession
-	 * @param Session $session
-	 * @param ILogger $log
-	 * @param Util $util
-	 */
-	public function __construct(
-		IStorage $keyStorage,
-		Crypt $crypt,
-		IConfig $config,
-		IUserSession $userSession,
-		Session $session,
-		ILogger $log,
-		Util $util
-	) {
-
-		$this->util = $util;
-		$this->session = $session;
-		$this->keyStorage = $keyStorage;
-		$this->crypt = $crypt;
-		$this->config = $config;
-		$this->log = $log;
-
-		$this->recoveryKeyId = $this->config->getAppValue('encryption',
-			'recoveryKeyId');
-		if (empty($this->recoveryKeyId)) {
-			$this->recoveryKeyId = 'recoveryKey_' . substr(md5(time()), 0, 8);
-			$this->config->setAppValue('encryption',
-				'recoveryKeyId',
-				$this->recoveryKeyId);
-		}
-
-		$this->publicShareKeyId = $this->config->getAppValue('encryption',
-			'publicShareKeyId');
-		if (empty($this->publicShareKeyId)) {
-			$this->publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
-			$this->config->setAppValue('encryption', 'publicShareKeyId', $this->publicShareKeyId);
-		}
-
-		$this->masterKeyId = $this->config->getAppValue('encryption',
-			'masterKeyId');
-		if (empty($this->masterKeyId)) {
-			$this->masterKeyId = 'master_' . substr(md5(time()), 0, 8);
-			$this->config->setAppValue('encryption', 'masterKeyId', $this->masterKeyId);
-		}
-
-		$this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false;
-		$this->log = $log;
-	}
-
-	/**
-	 * check if key pair for public link shares exists, if not we create one
-	 */
-	public function validateShareKey() {
-		$shareKey = $this->getPublicShareKey();
-		if (empty($shareKey)) {
-			$keyPair = $this->crypt->createKeyPair();
-
-			// Save public key
-			$this->keyStorage->setSystemUserKey(
-				$this->publicShareKeyId . '.publicKey', $keyPair['publicKey'],
-				Encryption::ID);
-
-			// Encrypt private key empty passphrase
-			$encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], '');
-			$header = $this->crypt->generateHeader();
-			$this->setSystemPrivateKey($this->publicShareKeyId, $header . $encryptedKey);
-		}
-	}
-
-	/**
-	 * check if a key pair for the master key exists, if not we create one
-	 */
-	public function validateMasterKey() {
-
-		if ($this->util->isMasterKeyEnabled() === false) {
-			return;
-		}
-
-		$masterKey = $this->getPublicMasterKey();
-		if (empty($masterKey)) {
-			$keyPair = $this->crypt->createKeyPair();
-
-			// Save public key
-			$this->keyStorage->setSystemUserKey(
-				$this->masterKeyId . '.publicKey', $keyPair['publicKey'],
-				Encryption::ID);
-
-			// Encrypt private key with system password
-			$encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $this->getMasterKeyPassword(), $this->masterKeyId);
-			$header = $this->crypt->generateHeader();
-			$this->setSystemPrivateKey($this->masterKeyId, $header . $encryptedKey);
-		}
-	}
-
-	/**
-	 * @return bool
-	 */
-	public function recoveryKeyExists() {
-		$key = $this->getRecoveryKey();
-		return (!empty($key));
-	}
-
-	/**
-	 * get recovery key
-	 *
-	 * @return string
-	 */
-	public function getRecoveryKey() {
-		return $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey', Encryption::ID);
-	}
-
-	/**
-	 * get recovery key ID
-	 *
-	 * @return string
-	 */
-	public function getRecoveryKeyId() {
-		return $this->recoveryKeyId;
-	}
-
-	/**
-	 * @param string $password
-	 * @return bool
-	 */
-	public function checkRecoveryPassword($password) {
-		$recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.privateKey', Encryption::ID);
-		$decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey, $password);
-
-		if ($decryptedRecoveryKey) {
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * @param string $uid
-	 * @param string $password
-	 * @param string $keyPair
-	 * @return bool
-	 */
-	public function storeKeyPair($uid, $password, $keyPair) {
-		// Save Public Key
-		$this->setPublicKey($uid, $keyPair['publicKey']);
-
-		$encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $password, $uid);
-
-		$header = $this->crypt->generateHeader();
-
-		if ($encryptedKey) {
-			$this->setPrivateKey($uid, $header . $encryptedKey);
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * @param string $password
-	 * @param array $keyPair
-	 * @return bool
-	 */
-	public function setRecoveryKey($password, $keyPair) {
-		// Save Public Key
-		$this->keyStorage->setSystemUserKey($this->getRecoveryKeyId().
-			'.publicKey',
-			$keyPair['publicKey'],
-			Encryption::ID);
-
-		$encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $password);
-		$header = $this->crypt->generateHeader();
-
-		if ($encryptedKey) {
-			$this->setSystemPrivateKey($this->getRecoveryKeyId(), $header . $encryptedKey);
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * @param $userId
-	 * @param $key
-	 * @return bool
-	 */
-	public function setPublicKey($userId, $key) {
-		return $this->keyStorage->setUserKey($userId, $this->publicKeyId, $key, Encryption::ID);
-	}
-
-	/**
-	 * @param $userId
-	 * @param string $key
-	 * @return bool
-	 */
-	public function setPrivateKey($userId, $key) {
-		return $this->keyStorage->setUserKey($userId,
-			$this->privateKeyId,
-			$key,
-			Encryption::ID);
-	}
-
-	/**
-	 * write file key to key storage
-	 *
-	 * @param string $path
-	 * @param string $key
-	 * @return boolean
-	 */
-	public function setFileKey($path, $key) {
-		return $this->keyStorage->setFileKey($path, $this->fileKeyId, $key, Encryption::ID);
-	}
-
-	/**
-	 * set all file keys (the file key and the corresponding share keys)
-	 *
-	 * @param string $path
-	 * @param array $keys
-	 */
-	public function setAllFileKeys($path, $keys) {
-		$this->setFileKey($path, $keys['data']);
-		foreach ($keys['keys'] as $uid => $keyFile) {
-			$this->setShareKey($path, $uid, $keyFile);
-		}
-	}
-
-	/**
-	 * write share key to the key storage
-	 *
-	 * @param string $path
-	 * @param string $uid
-	 * @param string $key
-	 * @return boolean
-	 */
-	public function setShareKey($path, $uid, $key) {
-		$keyId = $uid . '.' . $this->shareKeyId;
-		return $this->keyStorage->setFileKey($path, $keyId, $key, Encryption::ID);
-	}
-
-	/**
-	 * Decrypt private key and store it
-	 *
-	 * @param string $uid user id
-	 * @param string $passPhrase users password
-	 * @return boolean
-	 */
-	public function init($uid, $passPhrase) {
-
-		$this->session->setStatus(Session::INIT_EXECUTED);
-
-		try {
-			if($this->util->isMasterKeyEnabled()) {
-				$uid = $this->getMasterKeyId();
-				$passPhrase = $this->getMasterKeyPassword();
-				$privateKey = $this->getSystemPrivateKey($uid);
-			} else {
-				$privateKey = $this->getPrivateKey($uid);
-			}
-			$privateKey = $this->crypt->decryptPrivateKey($privateKey, $passPhrase, $uid);
-		} catch (PrivateKeyMissingException $e) {
-			return false;
-		} catch (DecryptionFailedException $e) {
-			return false;
-		} catch (\Exception $e) {
-			$this->log->warning(
-				'Could not decrypt the private key from user "' . $uid . '"" during login. ' .
-				'Assume password change on the user back-end. Error message: '
-				. $e->getMessage()
-			);
-			return false;
-		}
-
-		if ($privateKey) {
-			$this->session->setPrivateKey($privateKey);
-			$this->session->setStatus(Session::INIT_SUCCESSFUL);
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * @param $userId
-	 * @return string
-	 * @throws PrivateKeyMissingException
-	 */
-	public function getPrivateKey($userId) {
-		$privateKey = $this->keyStorage->getUserKey($userId,
-			$this->privateKeyId, Encryption::ID);
-
-		if (strlen($privateKey) !== 0) {
-			return $privateKey;
-		}
-		throw new PrivateKeyMissingException($userId);
-	}
-
-	/**
-	 * @param string $path
-	 * @param $uid
-	 * @return string
-	 */
-	public function getFileKey($path, $uid) {
-		if ($uid === '') {
-			$uid = null;
-		}
-		$publicAccess = is_null($uid);
-		$encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId, Encryption::ID);
-
-		if (empty($encryptedFileKey)) {
-			return '';
-		}
-
-		if ($this->util->isMasterKeyEnabled()) {
-			$uid = $this->getMasterKeyId();
-			$shareKey = $this->getShareKey($path, $uid);
-			if ($publicAccess) {
-				$privateKey = $this->getSystemPrivateKey($uid);
-				$privateKey = $this->crypt->decryptPrivateKey($privateKey, $this->getMasterKeyPassword(), $uid);
-			} else {
-				// when logged in, the master key is already decrypted in the session
-				$privateKey = $this->session->getPrivateKey();
-			}
-		} else if ($publicAccess) {
-			// use public share key for public links
-			$uid = $this->getPublicShareKeyId();
-			$shareKey = $this->getShareKey($path, $uid);
-			$privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.privateKey', Encryption::ID);
-			$privateKey = $this->crypt->decryptPrivateKey($privateKey);
-		} else {
-			$shareKey = $this->getShareKey($path, $uid);
-			$privateKey = $this->session->getPrivateKey();
-		}
-
-		if ($encryptedFileKey && $shareKey && $privateKey) {
-			return $this->crypt->multiKeyDecrypt($encryptedFileKey,
-				$shareKey,
-				$privateKey);
-		}
-
-		return '';
-	}
-
-	/**
-	 * Get the current version of a file
-	 *
-	 * @param string $path
-	 * @param View $view
-	 * @return int
-	 */
-	public function getVersion($path, View $view) {
-		$fileInfo = $view->getFileInfo($path);
-		if($fileInfo === false) {
-			return 0;
-		}
-		return $fileInfo->getEncryptedVersion();
-	}
-
-	/**
-	 * Set the current version of a file
-	 *
-	 * @param string $path
-	 * @param int $version
-	 * @param View $view
-	 */
-	public function setVersion($path, $version, View $view) {
-		$fileInfo= $view->getFileInfo($path);
-
-		if($fileInfo !== false) {
-			$cache = $fileInfo->getStorage()->getCache();
-			$cache->update($fileInfo->getId(), ['encrypted' => $version, 'encryptedVersion' => $version]);
-		}
-	}
-
-	/**
-	 * get the encrypted file key
-	 *
-	 * @param string $path
-	 * @return string
-	 */
-	public function getEncryptedFileKey($path) {
-		$encryptedFileKey = $this->keyStorage->getFileKey($path,
-			$this->fileKeyId, Encryption::ID);
-
-		return $encryptedFileKey;
-	}
-
-	/**
-	 * delete share key
-	 *
-	 * @param string $path
-	 * @param string $keyId
-	 * @return boolean
-	 */
-	public function deleteShareKey($path, $keyId) {
-		return $this->keyStorage->deleteFileKey(
-			$path,
-			$keyId . '.' . $this->shareKeyId,
-			Encryption::ID);
-	}
-
-
-	/**
-	 * @param $path
-	 * @param $uid
-	 * @return mixed
-	 */
-	public function getShareKey($path, $uid) {
-		$keyId = $uid . '.' . $this->shareKeyId;
-		return $this->keyStorage->getFileKey($path, $keyId, Encryption::ID);
-	}
-
-	/**
-	 * check if user has a private and a public key
-	 *
-	 * @param string $userId
-	 * @return bool
-	 * @throws PrivateKeyMissingException
-	 * @throws PublicKeyMissingException
-	 */
-	public function userHasKeys($userId) {
-		$privateKey = $publicKey = true;
-		$exception = null;
-
-		try {
-			$this->getPrivateKey($userId);
-		} catch (PrivateKeyMissingException $e) {
-			$privateKey = false;
-			$exception = $e;
-		}
-		try {
-			$this->getPublicKey($userId);
-		} catch (PublicKeyMissingException $e) {
-			$publicKey = false;
-			$exception = $e;
-		}
-
-		if ($privateKey && $publicKey) {
-			return true;
-		} elseif (!$privateKey && !$publicKey) {
-			return false;
-		} else {
-			throw $exception;
-		}
-	}
-
-	/**
-	 * @param $userId
-	 * @return mixed
-	 * @throws PublicKeyMissingException
-	 */
-	public function getPublicKey($userId) {
-		$publicKey = $this->keyStorage->getUserKey($userId, $this->publicKeyId, Encryption::ID);
-
-		if (strlen($publicKey) !== 0) {
-			return $publicKey;
-		}
-		throw new PublicKeyMissingException($userId);
-	}
-
-	public function getPublicShareKeyId() {
-		return $this->publicShareKeyId;
-	}
-
-	/**
-	 * get public key for public link shares
-	 *
-	 * @return string
-	 */
-	public function getPublicShareKey() {
-		return $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.publicKey', Encryption::ID);
-	}
-
-	/**
-	 * @param string $purpose
-	 * @param string $uid
-	 */
-	public function backupUserKeys($purpose, $uid) {
-		$this->keyStorage->backupUserKeys(Encryption::ID, $purpose, $uid);
-	}
-
-	/**
-	 * creat a backup of the users private and public key and then  delete it
-	 *
-	 * @param string $uid
-	 */
-	public function deleteUserKeys($uid) {
-		$this->deletePublicKey($uid);
-		$this->deletePrivateKey($uid);
-	}
-
-	/**
-	 * @param $uid
-	 * @return bool
-	 */
-	public function deletePublicKey($uid) {
-		return $this->keyStorage->deleteUserKey($uid, $this->publicKeyId, Encryption::ID);
-	}
-
-	/**
-	 * @param string $uid
-	 * @return bool
-	 */
-	private function deletePrivateKey($uid) {
-		return $this->keyStorage->deleteUserKey($uid, $this->privateKeyId, Encryption::ID);
-	}
-
-	/**
-	 * @param string $path
-	 * @return bool
-	 */
-	public function deleteAllFileKeys($path) {
-		return $this->keyStorage->deleteAllFileKeys($path);
-	}
-
-	/**
-	 * @param array $userIds
-	 * @return array
-	 * @throws PublicKeyMissingException
-	 */
-	public function getPublicKeys(array $userIds) {
-		$keys = [];
-
-		foreach ($userIds as $userId) {
-			try {
-				$keys[$userId] = $this->getPublicKey($userId);
-			} catch (PublicKeyMissingException $e) {
-				continue;
-			}
-		}
-
-		return $keys;
-
-	}
-
-	/**
-	 * @param string $keyId
-	 * @return string returns openssl key
-	 */
-	public function getSystemPrivateKey($keyId) {
-		return $this->keyStorage->getSystemUserKey($keyId . '.' . $this->privateKeyId, Encryption::ID);
-	}
-
-	/**
-	 * @param string $keyId
-	 * @param string $key
-	 * @return string returns openssl key
-	 */
-	public function setSystemPrivateKey($keyId, $key) {
-		return $this->keyStorage->setSystemUserKey(
-			$keyId . '.' . $this->privateKeyId,
-			$key,
-			Encryption::ID);
-	}
-
-	/**
-	 * add system keys such as the public share key and the recovery key
-	 *
-	 * @param array $accessList
-	 * @param array $publicKeys
-	 * @param string $uid
-	 * @return array
-	 * @throws PublicKeyMissingException
-	 */
-	public function addSystemKeys(array $accessList, array $publicKeys, $uid) {
-		if (!empty($accessList['public'])) {
-			$publicShareKey = $this->getPublicShareKey();
-			if (empty($publicShareKey)) {
-				throw new PublicKeyMissingException($this->getPublicShareKeyId());
-			}
-			$publicKeys[$this->getPublicShareKeyId()] = $publicShareKey;
-		}
-
-		if ($this->recoveryKeyExists() &&
-			$this->util->isRecoveryEnabledForUser($uid)) {
-
-			$publicKeys[$this->getRecoveryKeyId()] = $this->getRecoveryKey();
-		}
-
-		return $publicKeys;
-	}
-
-	/**
-	 * get master key password
-	 *
-	 * @return string
-	 * @throws \Exception
-	 */
-	public function getMasterKeyPassword() {
-		$password = $this->config->getSystemValue('secret');
-		if (empty($password)){
-			throw new \Exception('Can not get secret from Nextcloud instance');
-		}
-
-		return $password;
-	}
-
-	/**
-	 * return master key id
-	 *
-	 * @return string
-	 */
-	public function getMasterKeyId() {
-		return $this->masterKeyId;
-	}
-
-	/**
-	 * get public master key
-	 *
-	 * @return string
-	 */
-	public function getPublicMasterKey() {
-		return $this->keyStorage->getSystemUserKey($this->masterKeyId . '.publicKey', Encryption::ID);
-	}
+    /**
+     * @var Session
+     */
+    protected $session;
+    /**
+     * @var IStorage
+     */
+    private $keyStorage;
+    /**
+     * @var Crypt
+     */
+    private $crypt;
+    /**
+     * @var string
+     */
+    private $recoveryKeyId;
+    /**
+     * @var string
+     */
+    private $publicShareKeyId;
+    /**
+     * @var string
+     */
+    private $masterKeyId;
+    /**
+     * @var string UserID
+     */
+    private $keyId;
+    /**
+     * @var string
+     */
+    private $publicKeyId = 'publicKey';
+    /**
+     * @var string
+     */
+    private $privateKeyId = 'privateKey';
+
+    /**
+     * @var string
+     */
+    private $shareKeyId = 'shareKey';
+
+    /**
+     * @var string
+     */
+    private $fileKeyId = 'fileKey';
+    /**
+     * @var IConfig
+     */
+    private $config;
+    /**
+     * @var ILogger
+     */
+    private $log;
+    /**
+     * @var Util
+     */
+    private $util;
+
+    /**
+     * @param IStorage $keyStorage
+     * @param Crypt $crypt
+     * @param IConfig $config
+     * @param IUserSession $userSession
+     * @param Session $session
+     * @param ILogger $log
+     * @param Util $util
+     */
+    public function __construct(
+        IStorage $keyStorage,
+        Crypt $crypt,
+        IConfig $config,
+        IUserSession $userSession,
+        Session $session,
+        ILogger $log,
+        Util $util
+    ) {
+
+        $this->util = $util;
+        $this->session = $session;
+        $this->keyStorage = $keyStorage;
+        $this->crypt = $crypt;
+        $this->config = $config;
+        $this->log = $log;
+
+        $this->recoveryKeyId = $this->config->getAppValue('encryption',
+            'recoveryKeyId');
+        if (empty($this->recoveryKeyId)) {
+            $this->recoveryKeyId = 'recoveryKey_' . substr(md5(time()), 0, 8);
+            $this->config->setAppValue('encryption',
+                'recoveryKeyId',
+                $this->recoveryKeyId);
+        }
+
+        $this->publicShareKeyId = $this->config->getAppValue('encryption',
+            'publicShareKeyId');
+        if (empty($this->publicShareKeyId)) {
+            $this->publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
+            $this->config->setAppValue('encryption', 'publicShareKeyId', $this->publicShareKeyId);
+        }
+
+        $this->masterKeyId = $this->config->getAppValue('encryption',
+            'masterKeyId');
+        if (empty($this->masterKeyId)) {
+            $this->masterKeyId = 'master_' . substr(md5(time()), 0, 8);
+            $this->config->setAppValue('encryption', 'masterKeyId', $this->masterKeyId);
+        }
+
+        $this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false;
+        $this->log = $log;
+    }
+
+    /**
+     * check if key pair for public link shares exists, if not we create one
+     */
+    public function validateShareKey() {
+        $shareKey = $this->getPublicShareKey();
+        if (empty($shareKey)) {
+            $keyPair = $this->crypt->createKeyPair();
+
+            // Save public key
+            $this->keyStorage->setSystemUserKey(
+                $this->publicShareKeyId . '.publicKey', $keyPair['publicKey'],
+                Encryption::ID);
+
+            // Encrypt private key empty passphrase
+            $encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], '');
+            $header = $this->crypt->generateHeader();
+            $this->setSystemPrivateKey($this->publicShareKeyId, $header . $encryptedKey);
+        }
+    }
+
+    /**
+     * check if a key pair for the master key exists, if not we create one
+     */
+    public function validateMasterKey() {
+
+        if ($this->util->isMasterKeyEnabled() === false) {
+            return;
+        }
+
+        $masterKey = $this->getPublicMasterKey();
+        if (empty($masterKey)) {
+            $keyPair = $this->crypt->createKeyPair();
+
+            // Save public key
+            $this->keyStorage->setSystemUserKey(
+                $this->masterKeyId . '.publicKey', $keyPair['publicKey'],
+                Encryption::ID);
+
+            // Encrypt private key with system password
+            $encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $this->getMasterKeyPassword(), $this->masterKeyId);
+            $header = $this->crypt->generateHeader();
+            $this->setSystemPrivateKey($this->masterKeyId, $header . $encryptedKey);
+        }
+    }
+
+    /**
+     * @return bool
+     */
+    public function recoveryKeyExists() {
+        $key = $this->getRecoveryKey();
+        return (!empty($key));
+    }
+
+    /**
+     * get recovery key
+     *
+     * @return string
+     */
+    public function getRecoveryKey() {
+        return $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey', Encryption::ID);
+    }
+
+    /**
+     * get recovery key ID
+     *
+     * @return string
+     */
+    public function getRecoveryKeyId() {
+        return $this->recoveryKeyId;
+    }
+
+    /**
+     * @param string $password
+     * @return bool
+     */
+    public function checkRecoveryPassword($password) {
+        $recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.privateKey', Encryption::ID);
+        $decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey, $password);
+
+        if ($decryptedRecoveryKey) {
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * @param string $uid
+     * @param string $password
+     * @param string $keyPair
+     * @return bool
+     */
+    public function storeKeyPair($uid, $password, $keyPair) {
+        // Save Public Key
+        $this->setPublicKey($uid, $keyPair['publicKey']);
+
+        $encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $password, $uid);
+
+        $header = $this->crypt->generateHeader();
+
+        if ($encryptedKey) {
+            $this->setPrivateKey($uid, $header . $encryptedKey);
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * @param string $password
+     * @param array $keyPair
+     * @return bool
+     */
+    public function setRecoveryKey($password, $keyPair) {
+        // Save Public Key
+        $this->keyStorage->setSystemUserKey($this->getRecoveryKeyId().
+            '.publicKey',
+            $keyPair['publicKey'],
+            Encryption::ID);
+
+        $encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $password);
+        $header = $this->crypt->generateHeader();
+
+        if ($encryptedKey) {
+            $this->setSystemPrivateKey($this->getRecoveryKeyId(), $header . $encryptedKey);
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * @param $userId
+     * @param $key
+     * @return bool
+     */
+    public function setPublicKey($userId, $key) {
+        return $this->keyStorage->setUserKey($userId, $this->publicKeyId, $key, Encryption::ID);
+    }
+
+    /**
+     * @param $userId
+     * @param string $key
+     * @return bool
+     */
+    public function setPrivateKey($userId, $key) {
+        return $this->keyStorage->setUserKey($userId,
+            $this->privateKeyId,
+            $key,
+            Encryption::ID);
+    }
+
+    /**
+     * write file key to key storage
+     *
+     * @param string $path
+     * @param string $key
+     * @return boolean
+     */
+    public function setFileKey($path, $key) {
+        return $this->keyStorage->setFileKey($path, $this->fileKeyId, $key, Encryption::ID);
+    }
+
+    /**
+     * set all file keys (the file key and the corresponding share keys)
+     *
+     * @param string $path
+     * @param array $keys
+     */
+    public function setAllFileKeys($path, $keys) {
+        $this->setFileKey($path, $keys['data']);
+        foreach ($keys['keys'] as $uid => $keyFile) {
+            $this->setShareKey($path, $uid, $keyFile);
+        }
+    }
+
+    /**
+     * write share key to the key storage
+     *
+     * @param string $path
+     * @param string $uid
+     * @param string $key
+     * @return boolean
+     */
+    public function setShareKey($path, $uid, $key) {
+        $keyId = $uid . '.' . $this->shareKeyId;
+        return $this->keyStorage->setFileKey($path, $keyId, $key, Encryption::ID);
+    }
+
+    /**
+     * Decrypt private key and store it
+     *
+     * @param string $uid user id
+     * @param string $passPhrase users password
+     * @return boolean
+     */
+    public function init($uid, $passPhrase) {
+
+        $this->session->setStatus(Session::INIT_EXECUTED);
+
+        try {
+            if($this->util->isMasterKeyEnabled()) {
+                $uid = $this->getMasterKeyId();
+                $passPhrase = $this->getMasterKeyPassword();
+                $privateKey = $this->getSystemPrivateKey($uid);
+            } else {
+                $privateKey = $this->getPrivateKey($uid);
+            }
+            $privateKey = $this->crypt->decryptPrivateKey($privateKey, $passPhrase, $uid);
+        } catch (PrivateKeyMissingException $e) {
+            return false;
+        } catch (DecryptionFailedException $e) {
+            return false;
+        } catch (\Exception $e) {
+            $this->log->warning(
+                'Could not decrypt the private key from user "' . $uid . '"" during login. ' .
+                'Assume password change on the user back-end. Error message: '
+                . $e->getMessage()
+            );
+            return false;
+        }
+
+        if ($privateKey) {
+            $this->session->setPrivateKey($privateKey);
+            $this->session->setStatus(Session::INIT_SUCCESSFUL);
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * @param $userId
+     * @return string
+     * @throws PrivateKeyMissingException
+     */
+    public function getPrivateKey($userId) {
+        $privateKey = $this->keyStorage->getUserKey($userId,
+            $this->privateKeyId, Encryption::ID);
+
+        if (strlen($privateKey) !== 0) {
+            return $privateKey;
+        }
+        throw new PrivateKeyMissingException($userId);
+    }
+
+    /**
+     * @param string $path
+     * @param $uid
+     * @return string
+     */
+    public function getFileKey($path, $uid) {
+        if ($uid === '') {
+            $uid = null;
+        }
+        $publicAccess = is_null($uid);
+        $encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId, Encryption::ID);
+
+        if (empty($encryptedFileKey)) {
+            return '';
+        }
+
+        if ($this->util->isMasterKeyEnabled()) {
+            $uid = $this->getMasterKeyId();
+            $shareKey = $this->getShareKey($path, $uid);
+            if ($publicAccess) {
+                $privateKey = $this->getSystemPrivateKey($uid);
+                $privateKey = $this->crypt->decryptPrivateKey($privateKey, $this->getMasterKeyPassword(), $uid);
+            } else {
+                // when logged in, the master key is already decrypted in the session
+                $privateKey = $this->session->getPrivateKey();
+            }
+        } else if ($publicAccess) {
+            // use public share key for public links
+            $uid = $this->getPublicShareKeyId();
+            $shareKey = $this->getShareKey($path, $uid);
+            $privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.privateKey', Encryption::ID);
+            $privateKey = $this->crypt->decryptPrivateKey($privateKey);
+        } else {
+            $shareKey = $this->getShareKey($path, $uid);
+            $privateKey = $this->session->getPrivateKey();
+        }
+
+        if ($encryptedFileKey && $shareKey && $privateKey) {
+            return $this->crypt->multiKeyDecrypt($encryptedFileKey,
+                $shareKey,
+                $privateKey);
+        }
+
+        return '';
+    }
+
+    /**
+     * Get the current version of a file
+     *
+     * @param string $path
+     * @param View $view
+     * @return int
+     */
+    public function getVersion($path, View $view) {
+        $fileInfo = $view->getFileInfo($path);
+        if($fileInfo === false) {
+            return 0;
+        }
+        return $fileInfo->getEncryptedVersion();
+    }
+
+    /**
+     * Set the current version of a file
+     *
+     * @param string $path
+     * @param int $version
+     * @param View $view
+     */
+    public function setVersion($path, $version, View $view) {
+        $fileInfo= $view->getFileInfo($path);
+
+        if($fileInfo !== false) {
+            $cache = $fileInfo->getStorage()->getCache();
+            $cache->update($fileInfo->getId(), ['encrypted' => $version, 'encryptedVersion' => $version]);
+        }
+    }
+
+    /**
+     * get the encrypted file key
+     *
+     * @param string $path
+     * @return string
+     */
+    public function getEncryptedFileKey($path) {
+        $encryptedFileKey = $this->keyStorage->getFileKey($path,
+            $this->fileKeyId, Encryption::ID);
+
+        return $encryptedFileKey;
+    }
+
+    /**
+     * delete share key
+     *
+     * @param string $path
+     * @param string $keyId
+     * @return boolean
+     */
+    public function deleteShareKey($path, $keyId) {
+        return $this->keyStorage->deleteFileKey(
+            $path,
+            $keyId . '.' . $this->shareKeyId,
+            Encryption::ID);
+    }
+
+
+    /**
+     * @param $path
+     * @param $uid
+     * @return mixed
+     */
+    public function getShareKey($path, $uid) {
+        $keyId = $uid . '.' . $this->shareKeyId;
+        return $this->keyStorage->getFileKey($path, $keyId, Encryption::ID);
+    }
+
+    /**
+     * check if user has a private and a public key
+     *
+     * @param string $userId
+     * @return bool
+     * @throws PrivateKeyMissingException
+     * @throws PublicKeyMissingException
+     */
+    public function userHasKeys($userId) {
+        $privateKey = $publicKey = true;
+        $exception = null;
+
+        try {
+            $this->getPrivateKey($userId);
+        } catch (PrivateKeyMissingException $e) {
+            $privateKey = false;
+            $exception = $e;
+        }
+        try {
+            $this->getPublicKey($userId);
+        } catch (PublicKeyMissingException $e) {
+            $publicKey = false;
+            $exception = $e;
+        }
+
+        if ($privateKey && $publicKey) {
+            return true;
+        } elseif (!$privateKey && !$publicKey) {
+            return false;
+        } else {
+            throw $exception;
+        }
+    }
+
+    /**
+     * @param $userId
+     * @return mixed
+     * @throws PublicKeyMissingException
+     */
+    public function getPublicKey($userId) {
+        $publicKey = $this->keyStorage->getUserKey($userId, $this->publicKeyId, Encryption::ID);
+
+        if (strlen($publicKey) !== 0) {
+            return $publicKey;
+        }
+        throw new PublicKeyMissingException($userId);
+    }
+
+    public function getPublicShareKeyId() {
+        return $this->publicShareKeyId;
+    }
+
+    /**
+     * get public key for public link shares
+     *
+     * @return string
+     */
+    public function getPublicShareKey() {
+        return $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.publicKey', Encryption::ID);
+    }
+
+    /**
+     * @param string $purpose
+     * @param string $uid
+     */
+    public function backupUserKeys($purpose, $uid) {
+        $this->keyStorage->backupUserKeys(Encryption::ID, $purpose, $uid);
+    }
+
+    /**
+     * creat a backup of the users private and public key and then  delete it
+     *
+     * @param string $uid
+     */
+    public function deleteUserKeys($uid) {
+        $this->deletePublicKey($uid);
+        $this->deletePrivateKey($uid);
+    }
+
+    /**
+     * @param $uid
+     * @return bool
+     */
+    public function deletePublicKey($uid) {
+        return $this->keyStorage->deleteUserKey($uid, $this->publicKeyId, Encryption::ID);
+    }
+
+    /**
+     * @param string $uid
+     * @return bool
+     */
+    private function deletePrivateKey($uid) {
+        return $this->keyStorage->deleteUserKey($uid, $this->privateKeyId, Encryption::ID);
+    }
+
+    /**
+     * @param string $path
+     * @return bool
+     */
+    public function deleteAllFileKeys($path) {
+        return $this->keyStorage->deleteAllFileKeys($path);
+    }
+
+    /**
+     * @param array $userIds
+     * @return array
+     * @throws PublicKeyMissingException
+     */
+    public function getPublicKeys(array $userIds) {
+        $keys = [];
+
+        foreach ($userIds as $userId) {
+            try {
+                $keys[$userId] = $this->getPublicKey($userId);
+            } catch (PublicKeyMissingException $e) {
+                continue;
+            }
+        }
+
+        return $keys;
+
+    }
+
+    /**
+     * @param string $keyId
+     * @return string returns openssl key
+     */
+    public function getSystemPrivateKey($keyId) {
+        return $this->keyStorage->getSystemUserKey($keyId . '.' . $this->privateKeyId, Encryption::ID);
+    }
+
+    /**
+     * @param string $keyId
+     * @param string $key
+     * @return string returns openssl key
+     */
+    public function setSystemPrivateKey($keyId, $key) {
+        return $this->keyStorage->setSystemUserKey(
+            $keyId . '.' . $this->privateKeyId,
+            $key,
+            Encryption::ID);
+    }
+
+    /**
+     * add system keys such as the public share key and the recovery key
+     *
+     * @param array $accessList
+     * @param array $publicKeys
+     * @param string $uid
+     * @return array
+     * @throws PublicKeyMissingException
+     */
+    public function addSystemKeys(array $accessList, array $publicKeys, $uid) {
+        if (!empty($accessList['public'])) {
+            $publicShareKey = $this->getPublicShareKey();
+            if (empty($publicShareKey)) {
+                throw new PublicKeyMissingException($this->getPublicShareKeyId());
+            }
+            $publicKeys[$this->getPublicShareKeyId()] = $publicShareKey;
+        }
+
+        if ($this->recoveryKeyExists() &&
+            $this->util->isRecoveryEnabledForUser($uid)) {
+
+            $publicKeys[$this->getRecoveryKeyId()] = $this->getRecoveryKey();
+        }
+
+        return $publicKeys;
+    }
+
+    /**
+     * get master key password
+     *
+     * @return string
+     * @throws \Exception
+     */
+    public function getMasterKeyPassword() {
+        $password = $this->config->getSystemValue('secret');
+        if (empty($password)){
+            throw new \Exception('Can not get secret from Nextcloud instance');
+        }
+
+        return $password;
+    }
+
+    /**
+     * return master key id
+     *
+     * @return string
+     */
+    public function getMasterKeyId() {
+        return $this->masterKeyId;
+    }
+
+    /**
+     * get public master key
+     *
+     * @return string
+     */
+    public function getPublicMasterKey() {
+        return $this->keyStorage->getSystemUserKey($this->masterKeyId . '.publicKey', Encryption::ID);
+    }
 }

Spacing +25 added lines, -25 removed lines

@@ -126,7 +126,7 @@ 
 		$this->recoveryKeyId = $this->config->getAppValue('encryption',
 			'recoveryKeyId');
 		if (empty($this->recoveryKeyId)) {
-			$this->recoveryKeyId = 'recoveryKey_' . substr(md5(time()), 0, 8);
+			$this->recoveryKeyId = 'recoveryKey_'.substr(md5(time()), 0, 8);
 			$this->config->setAppValue('encryption',
 				'recoveryKeyId',
 				$this->recoveryKeyId);
@@ -135,14 +135,14 @@ 
 		$this->publicShareKeyId = $this->config->getAppValue('encryption',
 			'publicShareKeyId');
 		if (empty($this->publicShareKeyId)) {
-			$this->publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
+			$this->publicShareKeyId = 'pubShare_'.substr(md5(time()), 0, 8);
 			$this->config->setAppValue('encryption', 'publicShareKeyId', $this->publicShareKeyId);
 		}
 
 		$this->masterKeyId = $this->config->getAppValue('encryption',
 			'masterKeyId');
 		if (empty($this->masterKeyId)) {
-			$this->masterKeyId = 'master_' . substr(md5(time()), 0, 8);
+			$this->masterKeyId = 'master_'.substr(md5(time()), 0, 8);
 			$this->config->setAppValue('encryption', 'masterKeyId', $this->masterKeyId);
 		}
 
@@ -160,13 +160,13 @@ 
 
 			// Save public key
 			$this->keyStorage->setSystemUserKey(
-				$this->publicShareKeyId . '.publicKey', $keyPair['publicKey'],
+				$this->publicShareKeyId.'.publicKey', $keyPair['publicKey'],
 				Encryption::ID);
 
 			// Encrypt private key empty passphrase
 			$encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], '');
 			$header = $this->crypt->generateHeader();
-			$this->setSystemPrivateKey($this->publicShareKeyId, $header . $encryptedKey);
+			$this->setSystemPrivateKey($this->publicShareKeyId, $header.$encryptedKey);
 		}
 	}
 
@@ -185,13 +185,13 @@ 
 
 			// Save public key
 			$this->keyStorage->setSystemUserKey(
-				$this->masterKeyId . '.publicKey', $keyPair['publicKey'],
+				$this->masterKeyId.'.publicKey', $keyPair['publicKey'],
 				Encryption::ID);
 
 			// Encrypt private key with system password
 			$encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $this->getMasterKeyPassword(), $this->masterKeyId);
 			$header = $this->crypt->generateHeader();
-			$this->setSystemPrivateKey($this->masterKeyId, $header . $encryptedKey);
+			$this->setSystemPrivateKey($this->masterKeyId, $header.$encryptedKey);
 		}
 	}
 
@@ -209,7 +209,7 @@ 
 	 * @return string
 	 */
 	public function getRecoveryKey() {
-		return $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey', Encryption::ID);
+		return $this->keyStorage->getSystemUserKey($this->recoveryKeyId.'.publicKey', Encryption::ID);
 	}
 
 	/**
@@ -226,7 +226,7 @@ 
 	 * @return bool
 	 */
 	public function checkRecoveryPassword($password) {
-		$recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.privateKey', Encryption::ID);
+		$recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId.'.privateKey', Encryption::ID);
 		$decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey, $password);
 
 		if ($decryptedRecoveryKey) {
@@ -250,7 +250,7 @@ 
 		$header = $this->crypt->generateHeader();
 
 		if ($encryptedKey) {
-			$this->setPrivateKey($uid, $header . $encryptedKey);
+			$this->setPrivateKey($uid, $header.$encryptedKey);
 			return true;
 		}
 		return false;
@@ -272,7 +272,7 @@ 
 		$header = $this->crypt->generateHeader();
 
 		if ($encryptedKey) {
-			$this->setSystemPrivateKey($this->getRecoveryKeyId(), $header . $encryptedKey);
+			$this->setSystemPrivateKey($this->getRecoveryKeyId(), $header.$encryptedKey);
 			return true;
 		}
 		return false;
@@ -332,7 +332,7 @@ 
 	 * @return boolean
 	 */
 	public function setShareKey($path, $uid, $key) {
-		$keyId = $uid . '.' . $this->shareKeyId;
+		$keyId = $uid.'.'.$this->shareKeyId;
 		return $this->keyStorage->setFileKey($path, $keyId, $key, Encryption::ID);
 	}
 
@@ -348,7 +348,7 @@ 
 		$this->session->setStatus(Session::INIT_EXECUTED);
 
 		try {
-			if($this->util->isMasterKeyEnabled()) {
+			if ($this->util->isMasterKeyEnabled()) {
 				$uid = $this->getMasterKeyId();
 				$passPhrase = $this->getMasterKeyPassword();
 				$privateKey = $this->getSystemPrivateKey($uid);
@@ -362,7 +362,7 @@ 
 			return false;
 		} catch (\Exception $e) {
 			$this->log->warning(
-				'Could not decrypt the private key from user "' . $uid . '"" during login. ' .
+				'Could not decrypt the private key from user "'.$uid.'"" during login. '.
 				'Assume password change on the user back-end. Error message: '
 				. $e->getMessage()
 			);
@@ -423,7 +423,7 @@ 
 			// use public share key for public links
 			$uid = $this->getPublicShareKeyId();
 			$shareKey = $this->getShareKey($path, $uid);
-			$privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.privateKey', Encryption::ID);
+			$privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId.'.privateKey', Encryption::ID);
 			$privateKey = $this->crypt->decryptPrivateKey($privateKey);
 		} else {
 			$shareKey = $this->getShareKey($path, $uid);
@@ -448,7 +448,7 @@ 
 	 */
 	public function getVersion($path, View $view) {
 		$fileInfo = $view->getFileInfo($path);
-		if($fileInfo === false) {
+		if ($fileInfo === false) {
 			return 0;
 		}
 		return $fileInfo->getEncryptedVersion();
@@ -462,9 +462,9 @@ 
 	 * @param View $view
 	 */
 	public function setVersion($path, $version, View $view) {
-		$fileInfo= $view->getFileInfo($path);
+		$fileInfo = $view->getFileInfo($path);
 
-		if($fileInfo !== false) {
+		if ($fileInfo !== false) {
 			$cache = $fileInfo->getStorage()->getCache();
 			$cache->update($fileInfo->getId(), ['encrypted' => $version, 'encryptedVersion' => $version]);
 		}
@@ -493,7 +493,7 @@ 
 	public function deleteShareKey($path, $keyId) {
 		return $this->keyStorage->deleteFileKey(
 			$path,
-			$keyId . '.' . $this->shareKeyId,
+			$keyId.'.'.$this->shareKeyId,
 			Encryption::ID);
 	}
 
@@ -504,7 +504,7 @@ 
 	 * @return mixed
 	 */
 	public function getShareKey($path, $uid) {
-		$keyId = $uid . '.' . $this->shareKeyId;
+		$keyId = $uid.'.'.$this->shareKeyId;
 		return $this->keyStorage->getFileKey($path, $keyId, Encryption::ID);
 	}
 
@@ -566,7 +566,7 @@ 
 	 * @return string
 	 */
 	public function getPublicShareKey() {
-		return $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.publicKey', Encryption::ID);
+		return $this->keyStorage->getSystemUserKey($this->publicShareKeyId.'.publicKey', Encryption::ID);
 	}
 
 	/**
@@ -636,7 +636,7 @@ 
 	 * @return string returns openssl key
 	 */
 	public function getSystemPrivateKey($keyId) {
-		return $this->keyStorage->getSystemUserKey($keyId . '.' . $this->privateKeyId, Encryption::ID);
+		return $this->keyStorage->getSystemUserKey($keyId.'.'.$this->privateKeyId, Encryption::ID);
 	}
 
 	/**
@@ -646,7 +646,7 @@ 
 	 */
 	public function setSystemPrivateKey($keyId, $key) {
 		return $this->keyStorage->setSystemUserKey(
-			$keyId . '.' . $this->privateKeyId,
+			$keyId.'.'.$this->privateKeyId,
 			$key,
 			Encryption::ID);
 	}
@@ -686,7 +686,7 @@ 
 	 */
 	public function getMasterKeyPassword() {
 		$password = $this->config->getSystemValue('secret');
-		if (empty($password)){
+		if (empty($password)) {
 			throw new \Exception('Can not get secret from Nextcloud instance');
 		}
 
@@ -708,6 +708,6 @@ 
 	 * @return string
 	 */
 	public function getPublicMasterKey() {
-		return $this->keyStorage->getSystemUserKey($this->masterKeyId . '.publicKey', Encryption::ID);
+		return $this->keyStorage->getSystemUserKey($this->masterKeyId.'.publicKey', Encryption::ID);
 	}
 }

apps/federatedfilesharing/lib/FederatedShareProvider.php

Doc Comments +2 added lines, -2 removed lines

@@ -391,7 +391,7 @@ 
 	/**
 	 * store remote ID in federated reShare table
 	 *
-	 * @param $shareId
+	 * @param integer $shareId
 	 * @param $remoteId
 	 */
 	public function storeRemoteId($shareId, $remoteId) {
@@ -729,7 +729,7 @@ 
 	/**
 	 * get database row of a give share
 	 *
-	 * @param $id
+	 * @param integer $id
 	 * @return array
 	 * @throws ShareNotFound
 	 */

Spacing +19 added lines, -19 removed lines

@@ -182,7 +182,7 @@ 
 		if ($remoteShare) {
 			try {
 				$ownerCloudId = $this->cloudIdManager->getCloudId($remoteShare['owner'], $remoteShare['remote']);
-				$shareId = $this->addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $ownerCloudId->getId(), $permissions, 'tmp_token_' . time());
+				$shareId = $this->addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $ownerCloudId->getId(), $permissions, 'tmp_token_'.time());
 				$share->setId($shareId);
 				list($token, $remoteId) = $this->askOwnerToReShare($shareWith, $share, $shareId);
 				// remote share was create successfully if we get a valid token as return
@@ -254,11 +254,11 @@ 
 				$failure = true;
 			}
 		} catch (\Exception $e) {
-			$this->logger->error('Failed to notify remote server of federated share, removing share (' . $e->getMessage() . ')');
+			$this->logger->error('Failed to notify remote server of federated share, removing share ('.$e->getMessage().')');
 			$failure = true;
 		}
 
-		if($failure) {
+		if ($failure) {
 			$this->removeShareFromTableById($shareId);
 			$message_t = $this->l->t('Sharing %s failed, could not find %s, maybe the server is currently unreachable or uses a self-signed certificate.',
 				[$share->getNode()->getName(), $share->getSharedWith()]);
@@ -309,7 +309,7 @@ 
 			->andWhere($query->expr()->eq('mountpoint', $query->createNamedParameter($share->getTarget())));
 		$result = $query->execute()->fetchAll();
 
-		if (isset($result[0]) && (int)$result[0]['remote_id'] > 0) {
+		if (isset($result[0]) && (int) $result[0]['remote_id'] > 0) {
 			return $result[0];
 		}
 
@@ -351,7 +351,7 @@ 
 		$qb->execute();
 		$id = $qb->getLastInsertId();
 
-		return (int)$id;
+		return (int) $id;
 	}
 
 	/**
@@ -441,14 +441,14 @@ 
 	public function getRemoteId(IShare $share) {
 		$query = $this->dbConnection->getQueryBuilder();
 		$query->select('remote_id')->from('federated_reshares')
-			->where($query->expr()->eq('share_id', $query->createNamedParameter((int)$share->getId())));
+			->where($query->expr()->eq('share_id', $query->createNamedParameter((int) $share->getId())));
 		$data = $query->execute()->fetch();
 
 		if (!is_array($data) || !isset($data['remote_id'])) {
 			throw new ShareNotFound();
 		}
 
-		return (int)$data['remote_id'];
+		return (int) $data['remote_id'];
 	}
 
 	/**
@@ -479,7 +479,7 @@ 
 			->orderBy('id');
 
 		$cursor = $qb->execute();
-		while($data = $cursor->fetch()) {
+		while ($data = $cursor->fetch()) {
 			$children[] = $this->createShareObject($data);
 		}
 		$cursor->closeCursor();
@@ -608,7 +608,7 @@ 
 			);
 		}
 
-		$qb->innerJoin('s', 'filecache' ,'f', $qb->expr()->eq('s.file_source', 'f.fileid'));
+		$qb->innerJoin('s', 'filecache', 'f', $qb->expr()->eq('s.file_source', 'f.fileid'));
 		$qb->andWhere($qb->expr()->eq('f.parent', $qb->createNamedParameter($node->getId())));
 
 		$qb->orderBy('id');
@@ -671,7 +671,7 @@ 
 
 		$cursor = $qb->execute();
 		$shares = [];
-		while($data = $cursor->fetch()) {
+		while ($data = $cursor->fetch()) {
 			$shares[] = $this->createShareObject($data);
 		}
 		$cursor->closeCursor();
@@ -723,7 +723,7 @@ 
 			->execute();
 
 		$shares = [];
-		while($data = $cursor->fetch()) {
+		while ($data = $cursor->fetch()) {
 			$shares[] = $this->createShareObject($data);
 		}
 		$cursor->closeCursor();
@@ -762,7 +762,7 @@ 
 
 		$cursor = $qb->execute();
 
-		while($data = $cursor->fetch()) {
+		while ($data = $cursor->fetch()) {
 			$shares[] = $this->createShareObject($data);
 		}
 		$cursor->closeCursor();
@@ -839,15 +839,15 @@ 
 	private function createShareObject($data) {
 
 		$share = new Share($this->rootFolder, $this->userManager);
-		$share->setId((int)$data['id'])
-			->setShareType((int)$data['share_type'])
-			->setPermissions((int)$data['permissions'])
+		$share->setId((int) $data['id'])
+			->setShareType((int) $data['share_type'])
+			->setPermissions((int) $data['permissions'])
 			->setTarget($data['file_target'])
-			->setMailSend((bool)$data['mail_send'])
+			->setMailSend((bool) $data['mail_send'])
 			->setToken($data['token']);
 
 		$shareTime = new \DateTime();
-		$shareTime->setTimestamp((int)$data['stime']);
+		$shareTime->setTimestamp((int) $data['stime']);
 		$share->setShareTime($shareTime);
 		$share->setSharedWith($data['share_with']);
 
@@ -857,13 +857,13 @@ 
 		} else {
 			//OLD SHARE
 			$share->setSharedBy($data['uid_owner']);
-			$path = $this->getNode($share->getSharedBy(), (int)$data['file_source']);
+			$path = $this->getNode($share->getSharedBy(), (int) $data['file_source']);
 
 			$owner = $path->getOwner();
 			$share->setShareOwner($owner->getUID());
 		}
 
-		$share->setNodeId((int)$data['file_source']);
+		$share->setNodeId((int) $data['file_source']);
 		$share->setNodeType($data['item_type']);
 
 		$share->setProviderId($this->identifier());

Indentation +954 added lines, -954 removed lines

@@ -50,968 +50,968 @@
  */
 class FederatedShareProvider implements IShareProvider {
 
-	const SHARE_TYPE_REMOTE = 6;
-
-	/** @var IDBConnection */
-	private $dbConnection;
-
-	/** @var AddressHandler */
-	private $addressHandler;
-
-	/** @var Notifications */
-	private $notifications;
-
-	/** @var TokenHandler */
-	private $tokenHandler;
-
-	/** @var IL10N */
-	private $l;
-
-	/** @var ILogger */
-	private $logger;
-
-	/** @var IRootFolder */
-	private $rootFolder;
-
-	/** @var IConfig */
-	private $config;
-
-	/** @var string */
-	private $externalShareTable = 'share_external';
-
-	/** @var IUserManager */
-	private $userManager;
-
-	/** @var ICloudIdManager */
-	private $cloudIdManager;
-
-	/**
-	 * DefaultShareProvider constructor.
-	 *
-	 * @param IDBConnection $connection
-	 * @param AddressHandler $addressHandler
-	 * @param Notifications $notifications
-	 * @param TokenHandler $tokenHandler
-	 * @param IL10N $l10n
-	 * @param ILogger $logger
-	 * @param IRootFolder $rootFolder
-	 * @param IConfig $config
-	 * @param IUserManager $userManager
-	 * @param ICloudIdManager $cloudIdManager
-	 */
-	public function __construct(
-			IDBConnection $connection,
-			AddressHandler $addressHandler,
-			Notifications $notifications,
-			TokenHandler $tokenHandler,
-			IL10N $l10n,
-			ILogger $logger,
-			IRootFolder $rootFolder,
-			IConfig $config,
-			IUserManager $userManager,
-			ICloudIdManager $cloudIdManager
-	) {
-		$this->dbConnection = $connection;
-		$this->addressHandler = $addressHandler;
-		$this->notifications = $notifications;
-		$this->tokenHandler = $tokenHandler;
-		$this->l = $l10n;
-		$this->logger = $logger;
-		$this->rootFolder = $rootFolder;
-		$this->config = $config;
-		$this->userManager = $userManager;
-		$this->cloudIdManager = $cloudIdManager;
-	}
-
-	/**
-	 * Return the identifier of this provider.
-	 *
-	 * @return string Containing only [a-zA-Z0-9]
-	 */
-	public function identifier() {
-		return 'ocFederatedSharing';
-	}
-
-	/**
-	 * Share a path
-	 *
-	 * @param IShare $share
-	 * @return IShare The share object
-	 * @throws ShareNotFound
-	 * @throws \Exception
-	 */
-	public function create(IShare $share) {
-
-		$shareWith = $share->getSharedWith();
-		$itemSource = $share->getNodeId();
-		$itemType = $share->getNodeType();
-		$permissions = $share->getPermissions();
-		$sharedBy = $share->getSharedBy();
-
-		/*
+    const SHARE_TYPE_REMOTE = 6;
+
+    /** @var IDBConnection */
+    private $dbConnection;
+
+    /** @var AddressHandler */
+    private $addressHandler;
+
+    /** @var Notifications */
+    private $notifications;
+
+    /** @var TokenHandler */
+    private $tokenHandler;
+
+    /** @var IL10N */
+    private $l;
+
+    /** @var ILogger */
+    private $logger;
+
+    /** @var IRootFolder */
+    private $rootFolder;
+
+    /** @var IConfig */
+    private $config;
+
+    /** @var string */
+    private $externalShareTable = 'share_external';
+
+    /** @var IUserManager */
+    private $userManager;
+
+    /** @var ICloudIdManager */
+    private $cloudIdManager;
+
+    /**
+     * DefaultShareProvider constructor.
+     *
+     * @param IDBConnection $connection
+     * @param AddressHandler $addressHandler
+     * @param Notifications $notifications
+     * @param TokenHandler $tokenHandler
+     * @param IL10N $l10n
+     * @param ILogger $logger
+     * @param IRootFolder $rootFolder
+     * @param IConfig $config
+     * @param IUserManager $userManager
+     * @param ICloudIdManager $cloudIdManager
+     */
+    public function __construct(
+            IDBConnection $connection,
+            AddressHandler $addressHandler,
+            Notifications $notifications,
+            TokenHandler $tokenHandler,
+            IL10N $l10n,
+            ILogger $logger,
+            IRootFolder $rootFolder,
+            IConfig $config,
+            IUserManager $userManager,
+            ICloudIdManager $cloudIdManager
+    ) {
+        $this->dbConnection = $connection;
+        $this->addressHandler = $addressHandler;
+        $this->notifications = $notifications;
+        $this->tokenHandler = $tokenHandler;
+        $this->l = $l10n;
+        $this->logger = $logger;
+        $this->rootFolder = $rootFolder;
+        $this->config = $config;
+        $this->userManager = $userManager;
+        $this->cloudIdManager = $cloudIdManager;
+    }
+
+    /**
+     * Return the identifier of this provider.
+     *
+     * @return string Containing only [a-zA-Z0-9]
+     */
+    public function identifier() {
+        return 'ocFederatedSharing';
+    }
+
+    /**
+     * Share a path
+     *
+     * @param IShare $share
+     * @return IShare The share object
+     * @throws ShareNotFound
+     * @throws \Exception
+     */
+    public function create(IShare $share) {
+
+        $shareWith = $share->getSharedWith();
+        $itemSource = $share->getNodeId();
+        $itemType = $share->getNodeType();
+        $permissions = $share->getPermissions();
+        $sharedBy = $share->getSharedBy();
+
+        /*
 		 * Check if file is not already shared with the remote user
 		 */
-		$alreadyShared = $this->getSharedWith($shareWith, self::SHARE_TYPE_REMOTE, $share->getNode(), 1, 0);
-		if (!empty($alreadyShared)) {
-			$message = 'Sharing %s failed, because this item is already shared with %s';
-			$message_t = $this->l->t('Sharing %s failed, because this item is already shared with %s', array($share->getNode()->getName(), $shareWith));
-			$this->logger->debug(sprintf($message, $share->getNode()->getName(), $shareWith), ['app' => 'Federated File Sharing']);
-			throw new \Exception($message_t);
-		}
-
-
-		// don't allow federated shares if source and target server are the same
-		$cloudId = $this->cloudIdManager->resolveCloudId($shareWith);
-		$currentServer = $this->addressHandler->generateRemoteURL();
-		$currentUser = $sharedBy;
-		if ($this->addressHandler->compareAddresses($cloudId->getUser(), $cloudId->getRemote(), $currentUser, $currentServer)) {
-			$message = 'Not allowed to create a federated share with the same user.';
-			$message_t = $this->l->t('Not allowed to create a federated share with the same user');
-			$this->logger->debug($message, ['app' => 'Federated File Sharing']);
-			throw new \Exception($message_t);
-		}
-
-
-		$share->setSharedWith($cloudId->getId());
-
-		try {
-			$remoteShare = $this->getShareFromExternalShareTable($share);
-		} catch (ShareNotFound $e) {
-			$remoteShare = null;
-		}
-
-		if ($remoteShare) {
-			try {
-				$ownerCloudId = $this->cloudIdManager->getCloudId($remoteShare['owner'], $remoteShare['remote']);
-				$shareId = $this->addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $ownerCloudId->getId(), $permissions, 'tmp_token_' . time());
-				$share->setId($shareId);
-				list($token, $remoteId) = $this->askOwnerToReShare($shareWith, $share, $shareId);
-				// remote share was create successfully if we get a valid token as return
-				$send = is_string($token) && $token !== '';
-			} catch (\Exception $e) {
-				// fall back to old re-share behavior if the remote server
-				// doesn't support flat re-shares (was introduced with Nextcloud 9.1)
-				$this->removeShareFromTable($share);
-				$shareId = $this->createFederatedShare($share);
-			}
-			if ($send) {
-				$this->updateSuccessfulReshare($shareId, $token);
-				$this->storeRemoteId($shareId, $remoteId);
-			} else {
-				$this->removeShareFromTable($share);
-				$message_t = $this->l->t('File is already shared with %s', [$shareWith]);
-				throw new \Exception($message_t);
-			}
-
-		} else {
-			$shareId = $this->createFederatedShare($share);
-		}
-
-		$data = $this->getRawShare($shareId);
-		return $this->createShareObject($data);
-	}
-
-	/**
-	 * create federated share and inform the recipient
-	 *
-	 * @param IShare $share
-	 * @return int
-	 * @throws ShareNotFound
-	 * @throws \Exception
-	 */
-	protected function createFederatedShare(IShare $share) {
-		$token = $this->tokenHandler->generateToken();
-		$shareId = $this->addShareToDB(
-			$share->getNodeId(),
-			$share->getNodeType(),
-			$share->getSharedWith(),
-			$share->getSharedBy(),
-			$share->getShareOwner(),
-			$share->getPermissions(),
-			$token
-		);
-
-		$failure = false;
-
-		try {
-			$sharedByFederatedId = $share->getSharedBy();
-			if ($this->userManager->userExists($sharedByFederatedId)) {
-				$cloudId = $this->cloudIdManager->getCloudId($sharedByFederatedId, $this->addressHandler->generateRemoteURL());
-				$sharedByFederatedId = $cloudId->getId();
-			}
-			$ownerCloudId = $this->cloudIdManager->getCloudId($share->getShareOwner(), $this->addressHandler->generateRemoteURL());
-			$send = $this->notifications->sendRemoteShare(
-				$token,
-				$share->getSharedWith(),
-				$share->getNode()->getName(),
-				$shareId,
-				$share->getShareOwner(),
-				$ownerCloudId->getId(),
-				$share->getSharedBy(),
-				$sharedByFederatedId
-			);
-
-			if ($send === false) {
-				$failure = true;
-			}
-		} catch (\Exception $e) {
-			$this->logger->error('Failed to notify remote server of federated share, removing share (' . $e->getMessage() . ')');
-			$failure = true;
-		}
-
-		if($failure) {
-			$this->removeShareFromTableById($shareId);
-			$message_t = $this->l->t('Sharing %s failed, could not find %s, maybe the server is currently unreachable or uses a self-signed certificate.',
-				[$share->getNode()->getName(), $share->getSharedWith()]);
-			throw new \Exception($message_t);
-		}
-
-		return $shareId;
-
-	}
-
-	/**
-	 * @param string $shareWith
-	 * @param IShare $share
-	 * @param string $shareId internal share Id
-	 * @return array
-	 * @throws \Exception
-	 */
-	protected function askOwnerToReShare($shareWith, IShare $share, $shareId) {
-
-		$remoteShare = $this->getShareFromExternalShareTable($share);
-		$token = $remoteShare['share_token'];
-		$remoteId = $remoteShare['remote_id'];
-		$remote = $remoteShare['remote'];
-
-		list($token, $remoteId) = $this->notifications->requestReShare(
-			$token,
-			$remoteId,
-			$shareId,
-			$remote,
-			$shareWith,
-			$share->getPermissions()
-		);
-
-		return [$token, $remoteId];
-	}
-
-	/**
-	 * get federated share from the share_external table but exclude mounted link shares
-	 *
-	 * @param IShare $share
-	 * @return array
-	 * @throws ShareNotFound
-	 */
-	protected function getShareFromExternalShareTable(IShare $share) {
-		$query = $this->dbConnection->getQueryBuilder();
-		$query->select('*')->from($this->externalShareTable)
-			->where($query->expr()->eq('user', $query->createNamedParameter($share->getShareOwner())))
-			->andWhere($query->expr()->eq('mountpoint', $query->createNamedParameter($share->getTarget())));
-		$result = $query->execute()->fetchAll();
-
-		if (isset($result[0]) && (int)$result[0]['remote_id'] > 0) {
-			return $result[0];
-		}
-
-		throw new ShareNotFound('share not found in share_external table');
-	}
-
-	/**
-	 * add share to the database and return the ID
-	 *
-	 * @param int $itemSource
-	 * @param string $itemType
-	 * @param string $shareWith
-	 * @param string $sharedBy
-	 * @param string $uidOwner
-	 * @param int $permissions
-	 * @param string $token
-	 * @return int
-	 */
-	private function addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $uidOwner, $permissions, $token) {
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->insert('share')
-			->setValue('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE))
-			->setValue('item_type', $qb->createNamedParameter($itemType))
-			->setValue('item_source', $qb->createNamedParameter($itemSource))
-			->setValue('file_source', $qb->createNamedParameter($itemSource))
-			->setValue('share_with', $qb->createNamedParameter($shareWith))
-			->setValue('uid_owner', $qb->createNamedParameter($uidOwner))
-			->setValue('uid_initiator', $qb->createNamedParameter($sharedBy))
-			->setValue('permissions', $qb->createNamedParameter($permissions))
-			->setValue('token', $qb->createNamedParameter($token))
-			->setValue('stime', $qb->createNamedParameter(time()));
-
-		/*
+        $alreadyShared = $this->getSharedWith($shareWith, self::SHARE_TYPE_REMOTE, $share->getNode(), 1, 0);
+        if (!empty($alreadyShared)) {
+            $message = 'Sharing %s failed, because this item is already shared with %s';
+            $message_t = $this->l->t('Sharing %s failed, because this item is already shared with %s', array($share->getNode()->getName(), $shareWith));
+            $this->logger->debug(sprintf($message, $share->getNode()->getName(), $shareWith), ['app' => 'Federated File Sharing']);
+            throw new \Exception($message_t);
+        }
+
+
+        // don't allow federated shares if source and target server are the same
+        $cloudId = $this->cloudIdManager->resolveCloudId($shareWith);
+        $currentServer = $this->addressHandler->generateRemoteURL();
+        $currentUser = $sharedBy;
+        if ($this->addressHandler->compareAddresses($cloudId->getUser(), $cloudId->getRemote(), $currentUser, $currentServer)) {
+            $message = 'Not allowed to create a federated share with the same user.';
+            $message_t = $this->l->t('Not allowed to create a federated share with the same user');
+            $this->logger->debug($message, ['app' => 'Federated File Sharing']);
+            throw new \Exception($message_t);
+        }
+
+
+        $share->setSharedWith($cloudId->getId());
+
+        try {
+            $remoteShare = $this->getShareFromExternalShareTable($share);
+        } catch (ShareNotFound $e) {
+            $remoteShare = null;
+        }
+
+        if ($remoteShare) {
+            try {
+                $ownerCloudId = $this->cloudIdManager->getCloudId($remoteShare['owner'], $remoteShare['remote']);
+                $shareId = $this->addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $ownerCloudId->getId(), $permissions, 'tmp_token_' . time());
+                $share->setId($shareId);
+                list($token, $remoteId) = $this->askOwnerToReShare($shareWith, $share, $shareId);
+                // remote share was create successfully if we get a valid token as return
+                $send = is_string($token) && $token !== '';
+            } catch (\Exception $e) {
+                // fall back to old re-share behavior if the remote server
+                // doesn't support flat re-shares (was introduced with Nextcloud 9.1)
+                $this->removeShareFromTable($share);
+                $shareId = $this->createFederatedShare($share);
+            }
+            if ($send) {
+                $this->updateSuccessfulReshare($shareId, $token);
+                $this->storeRemoteId($shareId, $remoteId);
+            } else {
+                $this->removeShareFromTable($share);
+                $message_t = $this->l->t('File is already shared with %s', [$shareWith]);
+                throw new \Exception($message_t);
+            }
+
+        } else {
+            $shareId = $this->createFederatedShare($share);
+        }
+
+        $data = $this->getRawShare($shareId);
+        return $this->createShareObject($data);
+    }
+
+    /**
+     * create federated share and inform the recipient
+     *
+     * @param IShare $share
+     * @return int
+     * @throws ShareNotFound
+     * @throws \Exception
+     */
+    protected function createFederatedShare(IShare $share) {
+        $token = $this->tokenHandler->generateToken();
+        $shareId = $this->addShareToDB(
+            $share->getNodeId(),
+            $share->getNodeType(),
+            $share->getSharedWith(),
+            $share->getSharedBy(),
+            $share->getShareOwner(),
+            $share->getPermissions(),
+            $token
+        );
+
+        $failure = false;
+
+        try {
+            $sharedByFederatedId = $share->getSharedBy();
+            if ($this->userManager->userExists($sharedByFederatedId)) {
+                $cloudId = $this->cloudIdManager->getCloudId($sharedByFederatedId, $this->addressHandler->generateRemoteURL());
+                $sharedByFederatedId = $cloudId->getId();
+            }
+            $ownerCloudId = $this->cloudIdManager->getCloudId($share->getShareOwner(), $this->addressHandler->generateRemoteURL());
+            $send = $this->notifications->sendRemoteShare(
+                $token,
+                $share->getSharedWith(),
+                $share->getNode()->getName(),
+                $shareId,
+                $share->getShareOwner(),
+                $ownerCloudId->getId(),
+                $share->getSharedBy(),
+                $sharedByFederatedId
+            );
+
+            if ($send === false) {
+                $failure = true;
+            }
+        } catch (\Exception $e) {
+            $this->logger->error('Failed to notify remote server of federated share, removing share (' . $e->getMessage() . ')');
+            $failure = true;
+        }
+
+        if($failure) {
+            $this->removeShareFromTableById($shareId);
+            $message_t = $this->l->t('Sharing %s failed, could not find %s, maybe the server is currently unreachable or uses a self-signed certificate.',
+                [$share->getNode()->getName(), $share->getSharedWith()]);
+            throw new \Exception($message_t);
+        }
+
+        return $shareId;
+
+    }
+
+    /**
+     * @param string $shareWith
+     * @param IShare $share
+     * @param string $shareId internal share Id
+     * @return array
+     * @throws \Exception
+     */
+    protected function askOwnerToReShare($shareWith, IShare $share, $shareId) {
+
+        $remoteShare = $this->getShareFromExternalShareTable($share);
+        $token = $remoteShare['share_token'];
+        $remoteId = $remoteShare['remote_id'];
+        $remote = $remoteShare['remote'];
+
+        list($token, $remoteId) = $this->notifications->requestReShare(
+            $token,
+            $remoteId,
+            $shareId,
+            $remote,
+            $shareWith,
+            $share->getPermissions()
+        );
+
+        return [$token, $remoteId];
+    }
+
+    /**
+     * get federated share from the share_external table but exclude mounted link shares
+     *
+     * @param IShare $share
+     * @return array
+     * @throws ShareNotFound
+     */
+    protected function getShareFromExternalShareTable(IShare $share) {
+        $query = $this->dbConnection->getQueryBuilder();
+        $query->select('*')->from($this->externalShareTable)
+            ->where($query->expr()->eq('user', $query->createNamedParameter($share->getShareOwner())))
+            ->andWhere($query->expr()->eq('mountpoint', $query->createNamedParameter($share->getTarget())));
+        $result = $query->execute()->fetchAll();
+
+        if (isset($result[0]) && (int)$result[0]['remote_id'] > 0) {
+            return $result[0];
+        }
+
+        throw new ShareNotFound('share not found in share_external table');
+    }
+
+    /**
+     * add share to the database and return the ID
+     *
+     * @param int $itemSource
+     * @param string $itemType
+     * @param string $shareWith
+     * @param string $sharedBy
+     * @param string $uidOwner
+     * @param int $permissions
+     * @param string $token
+     * @return int
+     */
+    private function addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $uidOwner, $permissions, $token) {
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->insert('share')
+            ->setValue('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE))
+            ->setValue('item_type', $qb->createNamedParameter($itemType))
+            ->setValue('item_source', $qb->createNamedParameter($itemSource))
+            ->setValue('file_source', $qb->createNamedParameter($itemSource))
+            ->setValue('share_with', $qb->createNamedParameter($shareWith))
+            ->setValue('uid_owner', $qb->createNamedParameter($uidOwner))
+            ->setValue('uid_initiator', $qb->createNamedParameter($sharedBy))
+            ->setValue('permissions', $qb->createNamedParameter($permissions))
+            ->setValue('token', $qb->createNamedParameter($token))
+            ->setValue('stime', $qb->createNamedParameter(time()));
+
+        /*
 		 * Added to fix https://github.com/owncloud/core/issues/22215
 		 * Can be removed once we get rid of ajax/share.php
 		 */
-		$qb->setValue('file_target', $qb->createNamedParameter(''));
-
-		$qb->execute();
-		$id = $qb->getLastInsertId();
-
-		return (int)$id;
-	}
-
-	/**
-	 * Update a share
-	 *
-	 * @param IShare $share
-	 * @return IShare The share object
-	 */
-	public function update(IShare $share) {
-		/*
+        $qb->setValue('file_target', $qb->createNamedParameter(''));
+
+        $qb->execute();
+        $id = $qb->getLastInsertId();
+
+        return (int)$id;
+    }
+
+    /**
+     * Update a share
+     *
+     * @param IShare $share
+     * @return IShare The share object
+     */
+    public function update(IShare $share) {
+        /*
 		 * We allow updating the permissions of federated shares
 		 */
-		$qb = $this->dbConnection->getQueryBuilder();
-			$qb->update('share')
-				->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))
-				->set('permissions', $qb->createNamedParameter($share->getPermissions()))
-				->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))
-				->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))
-				->execute();
-
-		// send the updated permission to the owner/initiator, if they are not the same
-		if ($share->getShareOwner() !== $share->getSharedBy()) {
-			$this->sendPermissionUpdate($share);
-		}
-
-		return $share;
-	}
-
-	/**
-	 * send the updated permission to the owner/initiator, if they are not the same
-	 *
-	 * @param IShare $share
-	 * @throws ShareNotFound
-	 * @throws \OC\HintException
-	 */
-	protected function sendPermissionUpdate(IShare $share) {
-		$remoteId = $this->getRemoteId($share);
-		// if the local user is the owner we send the permission change to the initiator
-		if ($this->userManager->userExists($share->getShareOwner())) {
-			list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
-		} else { // ... if not we send the permission change to the owner
-			list(, $remote) = $this->addressHandler->splitUserRemote($share->getShareOwner());
-		}
-		$this->notifications->sendPermissionChange($remote, $remoteId, $share->getToken(), $share->getPermissions());
-	}
-
-
-	/**
-	 * update successful reShare with the correct token
-	 *
-	 * @param int $shareId
-	 * @param string $token
-	 */
-	protected function updateSuccessfulReShare($shareId, $token) {
-		$query = $this->dbConnection->getQueryBuilder();
-		$query->update('share')
-			->where($query->expr()->eq('id', $query->createNamedParameter($shareId)))
-			->set('token', $query->createNamedParameter($token))
-			->execute();
-	}
-
-	/**
-	 * store remote ID in federated reShare table
-	 *
-	 * @param $shareId
-	 * @param $remoteId
-	 */
-	public function storeRemoteId($shareId, $remoteId) {
-		$query = $this->dbConnection->getQueryBuilder();
-		$query->insert('federated_reshares')
-			->values(
-				[
-					'share_id' =>  $query->createNamedParameter($shareId),
-					'remote_id' => $query->createNamedParameter($remoteId),
-				]
-			);
-		$query->execute();
-	}
-
-	/**
-	 * get share ID on remote server for federated re-shares
-	 *
-	 * @param IShare $share
-	 * @return int
-	 * @throws ShareNotFound
-	 */
-	public function getRemoteId(IShare $share) {
-		$query = $this->dbConnection->getQueryBuilder();
-		$query->select('remote_id')->from('federated_reshares')
-			->where($query->expr()->eq('share_id', $query->createNamedParameter((int)$share->getId())));
-		$data = $query->execute()->fetch();
-
-		if (!is_array($data) || !isset($data['remote_id'])) {
-			throw new ShareNotFound();
-		}
-
-		return (int)$data['remote_id'];
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function move(IShare $share, $recipient) {
-		/*
+        $qb = $this->dbConnection->getQueryBuilder();
+            $qb->update('share')
+                ->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))
+                ->set('permissions', $qb->createNamedParameter($share->getPermissions()))
+                ->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))
+                ->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))
+                ->execute();
+
+        // send the updated permission to the owner/initiator, if they are not the same
+        if ($share->getShareOwner() !== $share->getSharedBy()) {
+            $this->sendPermissionUpdate($share);
+        }
+
+        return $share;
+    }
+
+    /**
+     * send the updated permission to the owner/initiator, if they are not the same
+     *
+     * @param IShare $share
+     * @throws ShareNotFound
+     * @throws \OC\HintException
+     */
+    protected function sendPermissionUpdate(IShare $share) {
+        $remoteId = $this->getRemoteId($share);
+        // if the local user is the owner we send the permission change to the initiator
+        if ($this->userManager->userExists($share->getShareOwner())) {
+            list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
+        } else { // ... if not we send the permission change to the owner
+            list(, $remote) = $this->addressHandler->splitUserRemote($share->getShareOwner());
+        }
+        $this->notifications->sendPermissionChange($remote, $remoteId, $share->getToken(), $share->getPermissions());
+    }
+
+
+    /**
+     * update successful reShare with the correct token
+     *
+     * @param int $shareId
+     * @param string $token
+     */
+    protected function updateSuccessfulReShare($shareId, $token) {
+        $query = $this->dbConnection->getQueryBuilder();
+        $query->update('share')
+            ->where($query->expr()->eq('id', $query->createNamedParameter($shareId)))
+            ->set('token', $query->createNamedParameter($token))
+            ->execute();
+    }
+
+    /**
+     * store remote ID in federated reShare table
+     *
+     * @param $shareId
+     * @param $remoteId
+     */
+    public function storeRemoteId($shareId, $remoteId) {
+        $query = $this->dbConnection->getQueryBuilder();
+        $query->insert('federated_reshares')
+            ->values(
+                [
+                    'share_id' =>  $query->createNamedParameter($shareId),
+                    'remote_id' => $query->createNamedParameter($remoteId),
+                ]
+            );
+        $query->execute();
+    }
+
+    /**
+     * get share ID on remote server for federated re-shares
+     *
+     * @param IShare $share
+     * @return int
+     * @throws ShareNotFound
+     */
+    public function getRemoteId(IShare $share) {
+        $query = $this->dbConnection->getQueryBuilder();
+        $query->select('remote_id')->from('federated_reshares')
+            ->where($query->expr()->eq('share_id', $query->createNamedParameter((int)$share->getId())));
+        $data = $query->execute()->fetch();
+
+        if (!is_array($data) || !isset($data['remote_id'])) {
+            throw new ShareNotFound();
+        }
+
+        return (int)$data['remote_id'];
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function move(IShare $share, $recipient) {
+        /*
 		 * This function does nothing yet as it is just for outgoing
 		 * federated shares.
 		 */
-		return $share;
-	}
-
-	/**
-	 * Get all children of this share
-	 *
-	 * @param IShare $parent
-	 * @return IShare[]
-	 */
-	public function getChildren(IShare $parent) {
-		$children = [];
-
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('*')
-			->from('share')
-			->where($qb->expr()->eq('parent', $qb->createNamedParameter($parent->getId())))
-			->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
-			->orderBy('id');
-
-		$cursor = $qb->execute();
-		while($data = $cursor->fetch()) {
-			$children[] = $this->createShareObject($data);
-		}
-		$cursor->closeCursor();
-
-		return $children;
-	}
-
-	/**
-	 * Delete a share (owner unShares the file)
-	 *
-	 * @param IShare $share
-	 */
-	public function delete(IShare $share) {
-
-		list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedWith());
-
-		$isOwner = false;
-
-		$this->removeShareFromTable($share);
-
-		// if the local user is the owner we can send the unShare request directly...
-		if ($this->userManager->userExists($share->getShareOwner())) {
-			$this->notifications->sendRemoteUnShare($remote, $share->getId(), $share->getToken());
-			$this->revokeShare($share, true);
-			$isOwner = true;
-		} else { // ... if not we need to correct ID for the unShare request
-			$remoteId = $this->getRemoteId($share);
-			$this->notifications->sendRemoteUnShare($remote, $remoteId, $share->getToken());
-			$this->revokeShare($share, false);
-		}
-
-		// send revoke notification to the other user, if initiator and owner are not the same user
-		if ($share->getShareOwner() !== $share->getSharedBy()) {
-			$remoteId = $this->getRemoteId($share);
-			if ($isOwner) {
-				list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
-			} else {
-				list(, $remote) = $this->addressHandler->splitUserRemote($share->getShareOwner());
-			}
-			$this->notifications->sendRevokeShare($remote, $remoteId, $share->getToken());
-		}
-	}
-
-	/**
-	 * in case of a re-share we need to send the other use (initiator or owner)
-	 * a message that the file was unshared
-	 *
-	 * @param IShare $share
-	 * @param bool $isOwner the user can either be the owner or the user who re-sahred it
-	 * @throws ShareNotFound
-	 * @throws \OC\HintException
-	 */
-	protected function revokeShare($share, $isOwner) {
-		// also send a unShare request to the initiator, if this is a different user than the owner
-		if ($share->getShareOwner() !== $share->getSharedBy()) {
-			if ($isOwner) {
-				list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
-			} else {
-				list(, $remote) = $this->addressHandler->splitUserRemote($share->getShareOwner());
-			}
-			$remoteId = $this->getRemoteId($share);
-			$this->notifications->sendRevokeShare($remote, $remoteId, $share->getToken());
-		}
-	}
-
-	/**
-	 * remove share from table
-	 *
-	 * @param IShare $share
-	 */
-	public function removeShareFromTable(IShare $share) {
-		$this->removeShareFromTableById($share->getId());
-	}
-
-	/**
-	 * remove share from table
-	 *
-	 * @param string $shareId
-	 */
-	private function removeShareFromTableById($shareId) {
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->delete('share')
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($shareId)));
-		$qb->execute();
-
-		$qb->delete('federated_reshares')
-			->where($qb->expr()->eq('share_id', $qb->createNamedParameter($shareId)));
-		$qb->execute();
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteFromSelf(IShare $share, $recipient) {
-		// nothing to do here. Technically deleteFromSelf in the context of federated
-		// shares is a umount of a external storage. This is handled here
-		// apps/files_sharing/lib/external/manager.php
-		// TODO move this code over to this app
-		return;
-	}
-
-
-	public function getSharesInFolder($userId, Folder $node, $reshares) {
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('*')
-			->from('share', 's')
-			->andWhere($qb->expr()->orX(
-				$qb->expr()->eq('item_type', $qb->createNamedParameter('file')),
-				$qb->expr()->eq('item_type', $qb->createNamedParameter('folder'))
-			))
-			->andWhere(
-				$qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE))
-			);
-
-		/**
-		 * Reshares for this user are shares where they are the owner.
-		 */
-		if ($reshares === false) {
-			$qb->andWhere($qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId)));
-		} else {
-			$qb->andWhere(
-				$qb->expr()->orX(
-					$qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
-					$qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId))
-				)
-			);
-		}
-
-		$qb->innerJoin('s', 'filecache' ,'f', $qb->expr()->eq('s.file_source', 'f.fileid'));
-		$qb->andWhere($qb->expr()->eq('f.parent', $qb->createNamedParameter($node->getId())));
-
-		$qb->orderBy('id');
-
-		$cursor = $qb->execute();
-		$shares = [];
-		while ($data = $cursor->fetch()) {
-			$shares[$data['fileid']][] = $this->createShareObject($data);
-		}
-		$cursor->closeCursor();
-
-		return $shares;
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getSharesBy($userId, $shareType, $node, $reshares, $limit, $offset) {
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('*')
-			->from('share');
-
-		$qb->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
-
-		/**
-		 * Reshares for this user are shares where they are the owner.
-		 */
-		if ($reshares === false) {
-			//Special case for old shares created via the web UI
-			$or1 = $qb->expr()->andX(
-				$qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
-				$qb->expr()->isNull('uid_initiator')
-			);
-
-			$qb->andWhere(
-				$qb->expr()->orX(
-					$qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId)),
-					$or1
-				)
-			);
-		} else {
-			$qb->andWhere(
-				$qb->expr()->orX(
-					$qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
-					$qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId))
-				)
-			);
-		}
-
-		if ($node !== null) {
-			$qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
-		}
-
-		if ($limit !== -1) {
-			$qb->setMaxResults($limit);
-		}
-
-		$qb->setFirstResult($offset);
-		$qb->orderBy('id');
-
-		$cursor = $qb->execute();
-		$shares = [];
-		while($data = $cursor->fetch()) {
-			$shares[] = $this->createShareObject($data);
-		}
-		$cursor->closeCursor();
-
-		return $shares;
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getShareById($id, $recipientId = null) {
-		$qb = $this->dbConnection->getQueryBuilder();
-
-		$qb->select('*')
-			->from('share')
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
-			->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
-
-		$cursor = $qb->execute();
-		$data = $cursor->fetch();
-		$cursor->closeCursor();
-
-		if ($data === false) {
-			throw new ShareNotFound();
-		}
-
-		try {
-			$share = $this->createShareObject($data);
-		} catch (InvalidShare $e) {
-			throw new ShareNotFound();
-		}
-
-		return $share;
-	}
-
-	/**
-	 * Get shares for a given path
-	 *
-	 * @param \OCP\Files\Node $path
-	 * @return IShare[]
-	 */
-	public function getSharesByPath(Node $path) {
-		$qb = $this->dbConnection->getQueryBuilder();
-
-		$cursor = $qb->select('*')
-			->from('share')
-			->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($path->getId())))
-			->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
-			->execute();
-
-		$shares = [];
-		while($data = $cursor->fetch()) {
-			$shares[] = $this->createShareObject($data);
-		}
-		$cursor->closeCursor();
-
-		return $shares;
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getSharedWith($userId, $shareType, $node, $limit, $offset) {
-		/** @var IShare[] $shares */
-		$shares = [];
-
-		//Get shares directly with this user
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('*')
-			->from('share');
-
-		// Order by id
-		$qb->orderBy('id');
-
-		// Set limit and offset
-		if ($limit !== -1) {
-			$qb->setMaxResults($limit);
-		}
-		$qb->setFirstResult($offset);
-
-		$qb->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
-		$qb->andWhere($qb->expr()->eq('share_with', $qb->createNamedParameter($userId)));
-
-		// Filter by node if provided
-		if ($node !== null) {
-			$qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
-		}
-
-		$cursor = $qb->execute();
-
-		while($data = $cursor->fetch()) {
-			$shares[] = $this->createShareObject($data);
-		}
-		$cursor->closeCursor();
-
-
-		return $shares;
-	}
-
-	/**
-	 * Get a share by token
-	 *
-	 * @param string $token
-	 * @return IShare
-	 * @throws ShareNotFound
-	 */
-	public function getShareByToken($token) {
-		$qb = $this->dbConnection->getQueryBuilder();
-
-		$cursor = $qb->select('*')
-			->from('share')
-			->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
-			->andWhere($qb->expr()->eq('token', $qb->createNamedParameter($token)))
-			->execute();
-
-		$data = $cursor->fetch();
-
-		if ($data === false) {
-			throw new ShareNotFound('Share not found', $this->l->t('Could not find share'));
-		}
-
-		try {
-			$share = $this->createShareObject($data);
-		} catch (InvalidShare $e) {
-			throw new ShareNotFound('Share not found', $this->l->t('Could not find share'));
-		}
-
-		return $share;
-	}
-
-	/**
-	 * get database row of a give share
-	 *
-	 * @param $id
-	 * @return array
-	 * @throws ShareNotFound
-	 */
-	private function getRawShare($id) {
-
-		// Now fetch the inserted share and create a complete share object
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('*')
-			->from('share')
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($id)));
-
-		$cursor = $qb->execute();
-		$data = $cursor->fetch();
-		$cursor->closeCursor();
-
-		if ($data === false) {
-			throw new ShareNotFound;
-		}
-
-		return $data;
-	}
-
-	/**
-	 * Create a share object from an database row
-	 *
-	 * @param array $data
-	 * @return IShare
-	 * @throws InvalidShare
-	 * @throws ShareNotFound
-	 */
-	private function createShareObject($data) {
-
-		$share = new Share($this->rootFolder, $this->userManager);
-		$share->setId((int)$data['id'])
-			->setShareType((int)$data['share_type'])
-			->setPermissions((int)$data['permissions'])
-			->setTarget($data['file_target'])
-			->setMailSend((bool)$data['mail_send'])
-			->setToken($data['token']);
-
-		$shareTime = new \DateTime();
-		$shareTime->setTimestamp((int)$data['stime']);
-		$share->setShareTime($shareTime);
-		$share->setSharedWith($data['share_with']);
-
-		if ($data['uid_initiator'] !== null) {
-			$share->setShareOwner($data['uid_owner']);
-			$share->setSharedBy($data['uid_initiator']);
-		} else {
-			//OLD SHARE
-			$share->setSharedBy($data['uid_owner']);
-			$path = $this->getNode($share->getSharedBy(), (int)$data['file_source']);
-
-			$owner = $path->getOwner();
-			$share->setShareOwner($owner->getUID());
-		}
-
-		$share->setNodeId((int)$data['file_source']);
-		$share->setNodeType($data['item_type']);
-
-		$share->setProviderId($this->identifier());
-
-		return $share;
-	}
-
-	/**
-	 * Get the node with file $id for $user
-	 *
-	 * @param string $userId
-	 * @param int $id
-	 * @return \OCP\Files\File|\OCP\Files\Folder
-	 * @throws InvalidShare
-	 */
-	private function getNode($userId, $id) {
-		try {
-			$userFolder = $this->rootFolder->getUserFolder($userId);
-		} catch (NotFoundException $e) {
-			throw new InvalidShare();
-		}
-
-		$nodes = $userFolder->getById($id);
-
-		if (empty($nodes)) {
-			throw new InvalidShare();
-		}
-
-		return $nodes[0];
-	}
-
-	/**
-	 * A user is deleted from the system
-	 * So clean up the relevant shares.
-	 *
-	 * @param string $uid
-	 * @param int $shareType
-	 */
-	public function userDeleted($uid, $shareType) {
-		//TODO: probabaly a good idea to send unshare info to remote servers
-
-		$qb = $this->dbConnection->getQueryBuilder();
-
-		$qb->delete('share')
-			->where($qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE)))
-			->andWhere($qb->expr()->eq('uid_owner', $qb->createNamedParameter($uid)))
-			->execute();
-	}
-
-	/**
-	 * This provider does not handle groups
-	 *
-	 * @param string $gid
-	 */
-	public function groupDeleted($gid) {
-		// We don't handle groups here
-		return;
-	}
-
-	/**
-	 * This provider does not handle groups
-	 *
-	 * @param string $uid
-	 * @param string $gid
-	 */
-	public function userDeletedFromGroup($uid, $gid) {
-		// We don't handle groups here
-		return;
-	}
-
-	/**
-	 * check if users from other Nextcloud instances are allowed to mount public links share by this instance
-	 *
-	 * @return bool
-	 */
-	public function isOutgoingServer2serverShareEnabled() {
-		$result = $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes');
-		return ($result === 'yes');
-	}
-
-	/**
-	 * check if users are allowed to mount public links from other Nextclouds
-	 *
-	 * @return bool
-	 */
-	public function isIncomingServer2serverShareEnabled() {
-		$result = $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes');
-		return ($result === 'yes');
-	}
-
-	/**
-	 * Check if querying sharees on the lookup server is enabled
-	 *
-	 * @return bool
-	 */
-	public function isLookupServerQueriesEnabled() {
-		$result = $this->config->getAppValue('files_sharing', 'lookupServerEnabled', 'no');
-		return ($result === 'yes');
-	}
-
-
-	/**
-	 * Check if it is allowed to publish user specific data to the lookup server
-	 *
-	 * @return bool
-	 */
-	public function isLookupServerUploadEnabled() {
-		$result = $this->config->getAppValue('files_sharing', 'lookupServerUploadEnabled', 'yes');
-		return ($result === 'yes');
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getAccessList($nodes, $currentAccess) {
-		$ids = [];
-		foreach ($nodes as $node) {
-			$ids[] = $node->getId();
-		}
-
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('share_with', 'token', 'file_source')
-			->from('share')
-			->where($qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE)))
-			->andWhere($qb->expr()->in('file_source', $qb->createNamedParameter($ids, IQueryBuilder::PARAM_INT_ARRAY)))
-			->andWhere($qb->expr()->orX(
-				$qb->expr()->eq('item_type', $qb->createNamedParameter('file')),
-				$qb->expr()->eq('item_type', $qb->createNamedParameter('folder'))
-			));
-		$cursor = $qb->execute();
-
-		if ($currentAccess === false) {
-			$remote = $cursor->fetch() !== false;
-			$cursor->closeCursor();
-
-			return ['remote' => $remote];
-		}
-
-		$remote = [];
-		while ($row = $cursor->fetch()) {
-			$remote[$row['share_with']] = [
-				'node_id' => $row['file_source'],
-				'token' => $row['token'],
-			];
-		}
-		$cursor->closeCursor();
-
-		return ['remote' => $remote];
-	}
+        return $share;
+    }
+
+    /**
+     * Get all children of this share
+     *
+     * @param IShare $parent
+     * @return IShare[]
+     */
+    public function getChildren(IShare $parent) {
+        $children = [];
+
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('*')
+            ->from('share')
+            ->where($qb->expr()->eq('parent', $qb->createNamedParameter($parent->getId())))
+            ->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
+            ->orderBy('id');
+
+        $cursor = $qb->execute();
+        while($data = $cursor->fetch()) {
+            $children[] = $this->createShareObject($data);
+        }
+        $cursor->closeCursor();
+
+        return $children;
+    }
+
+    /**
+     * Delete a share (owner unShares the file)
+     *
+     * @param IShare $share
+     */
+    public function delete(IShare $share) {
+
+        list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedWith());
+
+        $isOwner = false;
+
+        $this->removeShareFromTable($share);
+
+        // if the local user is the owner we can send the unShare request directly...
+        if ($this->userManager->userExists($share->getShareOwner())) {
+            $this->notifications->sendRemoteUnShare($remote, $share->getId(), $share->getToken());
+            $this->revokeShare($share, true);
+            $isOwner = true;
+        } else { // ... if not we need to correct ID for the unShare request
+            $remoteId = $this->getRemoteId($share);
+            $this->notifications->sendRemoteUnShare($remote, $remoteId, $share->getToken());
+            $this->revokeShare($share, false);
+        }
+
+        // send revoke notification to the other user, if initiator and owner are not the same user
+        if ($share->getShareOwner() !== $share->getSharedBy()) {
+            $remoteId = $this->getRemoteId($share);
+            if ($isOwner) {
+                list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
+            } else {
+                list(, $remote) = $this->addressHandler->splitUserRemote($share->getShareOwner());
+            }
+            $this->notifications->sendRevokeShare($remote, $remoteId, $share->getToken());
+        }
+    }
+
+    /**
+     * in case of a re-share we need to send the other use (initiator or owner)
+     * a message that the file was unshared
+     *
+     * @param IShare $share
+     * @param bool $isOwner the user can either be the owner or the user who re-sahred it
+     * @throws ShareNotFound
+     * @throws \OC\HintException
+     */
+    protected function revokeShare($share, $isOwner) {
+        // also send a unShare request to the initiator, if this is a different user than the owner
+        if ($share->getShareOwner() !== $share->getSharedBy()) {
+            if ($isOwner) {
+                list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
+            } else {
+                list(, $remote) = $this->addressHandler->splitUserRemote($share->getShareOwner());
+            }
+            $remoteId = $this->getRemoteId($share);
+            $this->notifications->sendRevokeShare($remote, $remoteId, $share->getToken());
+        }
+    }
+
+    /**
+     * remove share from table
+     *
+     * @param IShare $share
+     */
+    public function removeShareFromTable(IShare $share) {
+        $this->removeShareFromTableById($share->getId());
+    }
+
+    /**
+     * remove share from table
+     *
+     * @param string $shareId
+     */
+    private function removeShareFromTableById($shareId) {
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->delete('share')
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($shareId)));
+        $qb->execute();
+
+        $qb->delete('federated_reshares')
+            ->where($qb->expr()->eq('share_id', $qb->createNamedParameter($shareId)));
+        $qb->execute();
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteFromSelf(IShare $share, $recipient) {
+        // nothing to do here. Technically deleteFromSelf in the context of federated
+        // shares is a umount of a external storage. This is handled here
+        // apps/files_sharing/lib/external/manager.php
+        // TODO move this code over to this app
+        return;
+    }
+
+
+    public function getSharesInFolder($userId, Folder $node, $reshares) {
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('*')
+            ->from('share', 's')
+            ->andWhere($qb->expr()->orX(
+                $qb->expr()->eq('item_type', $qb->createNamedParameter('file')),
+                $qb->expr()->eq('item_type', $qb->createNamedParameter('folder'))
+            ))
+            ->andWhere(
+                $qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE))
+            );
+
+        /**
+         * Reshares for this user are shares where they are the owner.
+         */
+        if ($reshares === false) {
+            $qb->andWhere($qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId)));
+        } else {
+            $qb->andWhere(
+                $qb->expr()->orX(
+                    $qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
+                    $qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId))
+                )
+            );
+        }
+
+        $qb->innerJoin('s', 'filecache' ,'f', $qb->expr()->eq('s.file_source', 'f.fileid'));
+        $qb->andWhere($qb->expr()->eq('f.parent', $qb->createNamedParameter($node->getId())));
+
+        $qb->orderBy('id');
+
+        $cursor = $qb->execute();
+        $shares = [];
+        while ($data = $cursor->fetch()) {
+            $shares[$data['fileid']][] = $this->createShareObject($data);
+        }
+        $cursor->closeCursor();
+
+        return $shares;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getSharesBy($userId, $shareType, $node, $reshares, $limit, $offset) {
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('*')
+            ->from('share');
+
+        $qb->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
+
+        /**
+         * Reshares for this user are shares where they are the owner.
+         */
+        if ($reshares === false) {
+            //Special case for old shares created via the web UI
+            $or1 = $qb->expr()->andX(
+                $qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
+                $qb->expr()->isNull('uid_initiator')
+            );
+
+            $qb->andWhere(
+                $qb->expr()->orX(
+                    $qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId)),
+                    $or1
+                )
+            );
+        } else {
+            $qb->andWhere(
+                $qb->expr()->orX(
+                    $qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
+                    $qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId))
+                )
+            );
+        }
+
+        if ($node !== null) {
+            $qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
+        }
+
+        if ($limit !== -1) {
+            $qb->setMaxResults($limit);
+        }
+
+        $qb->setFirstResult($offset);
+        $qb->orderBy('id');
+
+        $cursor = $qb->execute();
+        $shares = [];
+        while($data = $cursor->fetch()) {
+            $shares[] = $this->createShareObject($data);
+        }
+        $cursor->closeCursor();
+
+        return $shares;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getShareById($id, $recipientId = null) {
+        $qb = $this->dbConnection->getQueryBuilder();
+
+        $qb->select('*')
+            ->from('share')
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
+            ->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
+
+        $cursor = $qb->execute();
+        $data = $cursor->fetch();
+        $cursor->closeCursor();
+
+        if ($data === false) {
+            throw new ShareNotFound();
+        }
+
+        try {
+            $share = $this->createShareObject($data);
+        } catch (InvalidShare $e) {
+            throw new ShareNotFound();
+        }
+
+        return $share;
+    }
+
+    /**
+     * Get shares for a given path
+     *
+     * @param \OCP\Files\Node $path
+     * @return IShare[]
+     */
+    public function getSharesByPath(Node $path) {
+        $qb = $this->dbConnection->getQueryBuilder();
+
+        $cursor = $qb->select('*')
+            ->from('share')
+            ->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($path->getId())))
+            ->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
+            ->execute();
+
+        $shares = [];
+        while($data = $cursor->fetch()) {
+            $shares[] = $this->createShareObject($data);
+        }
+        $cursor->closeCursor();
+
+        return $shares;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getSharedWith($userId, $shareType, $node, $limit, $offset) {
+        /** @var IShare[] $shares */
+        $shares = [];
+
+        //Get shares directly with this user
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('*')
+            ->from('share');
+
+        // Order by id
+        $qb->orderBy('id');
+
+        // Set limit and offset
+        if ($limit !== -1) {
+            $qb->setMaxResults($limit);
+        }
+        $qb->setFirstResult($offset);
+
+        $qb->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
+        $qb->andWhere($qb->expr()->eq('share_with', $qb->createNamedParameter($userId)));
+
+        // Filter by node if provided
+        if ($node !== null) {
+            $qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
+        }
+
+        $cursor = $qb->execute();
+
+        while($data = $cursor->fetch()) {
+            $shares[] = $this->createShareObject($data);
+        }
+        $cursor->closeCursor();
+
+
+        return $shares;
+    }
+
+    /**
+     * Get a share by token
+     *
+     * @param string $token
+     * @return IShare
+     * @throws ShareNotFound
+     */
+    public function getShareByToken($token) {
+        $qb = $this->dbConnection->getQueryBuilder();
+
+        $cursor = $qb->select('*')
+            ->from('share')
+            ->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
+            ->andWhere($qb->expr()->eq('token', $qb->createNamedParameter($token)))
+            ->execute();
+
+        $data = $cursor->fetch();
+
+        if ($data === false) {
+            throw new ShareNotFound('Share not found', $this->l->t('Could not find share'));
+        }
+
+        try {
+            $share = $this->createShareObject($data);
+        } catch (InvalidShare $e) {
+            throw new ShareNotFound('Share not found', $this->l->t('Could not find share'));
+        }
+
+        return $share;
+    }
+
+    /**
+     * get database row of a give share
+     *
+     * @param $id
+     * @return array
+     * @throws ShareNotFound
+     */
+    private function getRawShare($id) {
+
+        // Now fetch the inserted share and create a complete share object
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('*')
+            ->from('share')
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)));
+
+        $cursor = $qb->execute();
+        $data = $cursor->fetch();
+        $cursor->closeCursor();
+
+        if ($data === false) {
+            throw new ShareNotFound;
+        }
+
+        return $data;
+    }
+
+    /**
+     * Create a share object from an database row
+     *
+     * @param array $data
+     * @return IShare
+     * @throws InvalidShare
+     * @throws ShareNotFound
+     */
+    private function createShareObject($data) {
+
+        $share = new Share($this->rootFolder, $this->userManager);
+        $share->setId((int)$data['id'])
+            ->setShareType((int)$data['share_type'])
+            ->setPermissions((int)$data['permissions'])
+            ->setTarget($data['file_target'])
+            ->setMailSend((bool)$data['mail_send'])
+            ->setToken($data['token']);
+
+        $shareTime = new \DateTime();
+        $shareTime->setTimestamp((int)$data['stime']);
+        $share->setShareTime($shareTime);
+        $share->setSharedWith($data['share_with']);
+
+        if ($data['uid_initiator'] !== null) {
+            $share->setShareOwner($data['uid_owner']);
+            $share->setSharedBy($data['uid_initiator']);
+        } else {
+            //OLD SHARE
+            $share->setSharedBy($data['uid_owner']);
+            $path = $this->getNode($share->getSharedBy(), (int)$data['file_source']);
+
+            $owner = $path->getOwner();
+            $share->setShareOwner($owner->getUID());
+        }
+
+        $share->setNodeId((int)$data['file_source']);
+        $share->setNodeType($data['item_type']);
+
+        $share->setProviderId($this->identifier());
+
+        return $share;
+    }
+
+    /**
+     * Get the node with file $id for $user
+     *
+     * @param string $userId
+     * @param int $id
+     * @return \OCP\Files\File|\OCP\Files\Folder
+     * @throws InvalidShare
+     */
+    private function getNode($userId, $id) {
+        try {
+            $userFolder = $this->rootFolder->getUserFolder($userId);
+        } catch (NotFoundException $e) {
+            throw new InvalidShare();
+        }
+
+        $nodes = $userFolder->getById($id);
+
+        if (empty($nodes)) {
+            throw new InvalidShare();
+        }
+
+        return $nodes[0];
+    }
+
+    /**
+     * A user is deleted from the system
+     * So clean up the relevant shares.
+     *
+     * @param string $uid
+     * @param int $shareType
+     */
+    public function userDeleted($uid, $shareType) {
+        //TODO: probabaly a good idea to send unshare info to remote servers
+
+        $qb = $this->dbConnection->getQueryBuilder();
+
+        $qb->delete('share')
+            ->where($qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE)))
+            ->andWhere($qb->expr()->eq('uid_owner', $qb->createNamedParameter($uid)))
+            ->execute();
+    }
+
+    /**
+     * This provider does not handle groups
+     *
+     * @param string $gid
+     */
+    public function groupDeleted($gid) {
+        // We don't handle groups here
+        return;
+    }
+
+    /**
+     * This provider does not handle groups
+     *
+     * @param string $uid
+     * @param string $gid
+     */
+    public function userDeletedFromGroup($uid, $gid) {
+        // We don't handle groups here
+        return;
+    }
+
+    /**
+     * check if users from other Nextcloud instances are allowed to mount public links share by this instance
+     *
+     * @return bool
+     */
+    public function isOutgoingServer2serverShareEnabled() {
+        $result = $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes');
+        return ($result === 'yes');
+    }
+
+    /**
+     * check if users are allowed to mount public links from other Nextclouds
+     *
+     * @return bool
+     */
+    public function isIncomingServer2serverShareEnabled() {
+        $result = $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes');
+        return ($result === 'yes');
+    }
+
+    /**
+     * Check if querying sharees on the lookup server is enabled
+     *
+     * @return bool
+     */
+    public function isLookupServerQueriesEnabled() {
+        $result = $this->config->getAppValue('files_sharing', 'lookupServerEnabled', 'no');
+        return ($result === 'yes');
+    }
+
+
+    /**
+     * Check if it is allowed to publish user specific data to the lookup server
+     *
+     * @return bool
+     */
+    public function isLookupServerUploadEnabled() {
+        $result = $this->config->getAppValue('files_sharing', 'lookupServerUploadEnabled', 'yes');
+        return ($result === 'yes');
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getAccessList($nodes, $currentAccess) {
+        $ids = [];
+        foreach ($nodes as $node) {
+            $ids[] = $node->getId();
+        }
+
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('share_with', 'token', 'file_source')
+            ->from('share')
+            ->where($qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE)))
+            ->andWhere($qb->expr()->in('file_source', $qb->createNamedParameter($ids, IQueryBuilder::PARAM_INT_ARRAY)))
+            ->andWhere($qb->expr()->orX(
+                $qb->expr()->eq('item_type', $qb->createNamedParameter('file')),
+                $qb->expr()->eq('item_type', $qb->createNamedParameter('folder'))
+            ));
+        $cursor = $qb->execute();
+
+        if ($currentAccess === false) {
+            $remote = $cursor->fetch() !== false;
+            $cursor->closeCursor();
+
+            return ['remote' => $remote];
+        }
+
+        $remote = [];
+        while ($row = $cursor->fetch()) {
+            $remote[$row['share_with']] = [
+                'node_id' => $row['file_source'],
+                'token' => $row['token'],
+            ];
+        }
+        $cursor->closeCursor();
+
+        return ['remote' => $remote];
+    }
 }