nextcloud / server

apps/dav/lib/Comments/CommentNode.php

Doc Comments +1 added lines, -1 removed lines

@@ -93,7 +93,7 @@
 	/**
 	 * returns a list of all possible property names
 	 *
-	 * @return array
+	 * @return string[]
 	 */
 	static public function getPropertyNames() {
 		return [

Indentation +241 added lines, -241 removed lines

@@ -36,270 +36,270 @@
 use Sabre\DAV\PropPatch;
 
 class CommentNode implements \Sabre\DAV\INode, \Sabre\DAV\IProperties {
-	const NS_OWNCLOUD = 'http://owncloud.org/ns';
+    const NS_OWNCLOUD = 'http://owncloud.org/ns';
 
-	const PROPERTY_NAME_UNREAD = '{http://owncloud.org/ns}isUnread';
-	const PROPERTY_NAME_MESSAGE = '{http://owncloud.org/ns}message';
-	const PROPERTY_NAME_ACTOR_DISPLAYNAME = '{http://owncloud.org/ns}actorDisplayName';
-	const PROPERTY_NAME_MENTIONS = '{http://owncloud.org/ns}mentions';
-	const PROPERTY_NAME_MENTION = '{http://owncloud.org/ns}mention';
-	const PROPERTY_NAME_MENTION_TYPE = '{http://owncloud.org/ns}mentionType';
-	const PROPERTY_NAME_MENTION_ID = '{http://owncloud.org/ns}mentionId';
-	const PROPERTY_NAME_MENTION_DISPLAYNAME = '{http://owncloud.org/ns}mentionDisplayName';
+    const PROPERTY_NAME_UNREAD = '{http://owncloud.org/ns}isUnread';
+    const PROPERTY_NAME_MESSAGE = '{http://owncloud.org/ns}message';
+    const PROPERTY_NAME_ACTOR_DISPLAYNAME = '{http://owncloud.org/ns}actorDisplayName';
+    const PROPERTY_NAME_MENTIONS = '{http://owncloud.org/ns}mentions';
+    const PROPERTY_NAME_MENTION = '{http://owncloud.org/ns}mention';
+    const PROPERTY_NAME_MENTION_TYPE = '{http://owncloud.org/ns}mentionType';
+    const PROPERTY_NAME_MENTION_ID = '{http://owncloud.org/ns}mentionId';
+    const PROPERTY_NAME_MENTION_DISPLAYNAME = '{http://owncloud.org/ns}mentionDisplayName';
 
-	/** @var  IComment */
-	public $comment;
+    /** @var  IComment */
+    public $comment;
 
-	/** @var ICommentsManager */
-	protected $commentsManager;
+    /** @var ICommentsManager */
+    protected $commentsManager;
 
-	/** @var  ILogger */
-	protected $logger;
+    /** @var  ILogger */
+    protected $logger;
 
-	/** @var array list of properties with key being their name and value their setter */
-	protected $properties = [];
+    /** @var array list of properties with key being their name and value their setter */
+    protected $properties = [];
 
-	/** @var IUserManager */
-	protected $userManager;
+    /** @var IUserManager */
+    protected $userManager;
 
-	/** @var IUserSession */
-	protected $userSession;
+    /** @var IUserSession */
+    protected $userSession;
 
-	/**
-	 * CommentNode constructor.
-	 *
-	 * @param ICommentsManager $commentsManager
-	 * @param IComment $comment
-	 * @param IUserManager $userManager
-	 * @param IUserSession $userSession
-	 * @param ILogger $logger
-	 */
-	public function __construct(
-		ICommentsManager $commentsManager,
-		IComment $comment,
-		IUserManager $userManager,
-		IUserSession $userSession,
-		ILogger $logger
-	) {
-		$this->commentsManager = $commentsManager;
-		$this->comment = $comment;
-		$this->logger = $logger;
+    /**
+     * CommentNode constructor.
+     *
+     * @param ICommentsManager $commentsManager
+     * @param IComment $comment
+     * @param IUserManager $userManager
+     * @param IUserSession $userSession
+     * @param ILogger $logger
+     */
+    public function __construct(
+        ICommentsManager $commentsManager,
+        IComment $comment,
+        IUserManager $userManager,
+        IUserSession $userSession,
+        ILogger $logger
+    ) {
+        $this->commentsManager = $commentsManager;
+        $this->comment = $comment;
+        $this->logger = $logger;
 
-		$methods = get_class_methods($this->comment);
-		$methods = array_filter($methods, function($name){
-			return strpos($name, 'get') === 0;
-		});
-		foreach($methods as $getter) {
-			if($getter === 'getMentions') {
-				continue;	// special treatment
-			}
-			$name = '{'.self::NS_OWNCLOUD.'}' . lcfirst(substr($getter, 3));
-			$this->properties[$name] = $getter;
-		}
-		$this->userManager = $userManager;
-		$this->userSession = $userSession;
-	}
+        $methods = get_class_methods($this->comment);
+        $methods = array_filter($methods, function($name){
+            return strpos($name, 'get') === 0;
+        });
+        foreach($methods as $getter) {
+            if($getter === 'getMentions') {
+                continue;	// special treatment
+            }
+            $name = '{'.self::NS_OWNCLOUD.'}' . lcfirst(substr($getter, 3));
+            $this->properties[$name] = $getter;
+        }
+        $this->userManager = $userManager;
+        $this->userSession = $userSession;
+    }
 
-	/**
-	 * returns a list of all possible property names
-	 *
-	 * @return array
-	 */
-	static public function getPropertyNames() {
-		return [
-			'{http://owncloud.org/ns}id',
-			'{http://owncloud.org/ns}parentId',
-			'{http://owncloud.org/ns}topmostParentId',
-			'{http://owncloud.org/ns}childrenCount',
-			'{http://owncloud.org/ns}verb',
-			'{http://owncloud.org/ns}actorType',
-			'{http://owncloud.org/ns}actorId',
-			'{http://owncloud.org/ns}creationDateTime',
-			'{http://owncloud.org/ns}latestChildDateTime',
-			'{http://owncloud.org/ns}objectType',
-			'{http://owncloud.org/ns}objectId',
-			// re-used property names are defined as constants
-			self::PROPERTY_NAME_MESSAGE,
-			self::PROPERTY_NAME_ACTOR_DISPLAYNAME,
-			self::PROPERTY_NAME_UNREAD,
-			self::PROPERTY_NAME_MENTIONS,
-			self::PROPERTY_NAME_MENTION,
-			self::PROPERTY_NAME_MENTION_TYPE,
-			self::PROPERTY_NAME_MENTION_ID,
-			self::PROPERTY_NAME_MENTION_DISPLAYNAME,
-		];
-	}
+    /**
+     * returns a list of all possible property names
+     *
+     * @return array
+     */
+    static public function getPropertyNames() {
+        return [
+            '{http://owncloud.org/ns}id',
+            '{http://owncloud.org/ns}parentId',
+            '{http://owncloud.org/ns}topmostParentId',
+            '{http://owncloud.org/ns}childrenCount',
+            '{http://owncloud.org/ns}verb',
+            '{http://owncloud.org/ns}actorType',
+            '{http://owncloud.org/ns}actorId',
+            '{http://owncloud.org/ns}creationDateTime',
+            '{http://owncloud.org/ns}latestChildDateTime',
+            '{http://owncloud.org/ns}objectType',
+            '{http://owncloud.org/ns}objectId',
+            // re-used property names are defined as constants
+            self::PROPERTY_NAME_MESSAGE,
+            self::PROPERTY_NAME_ACTOR_DISPLAYNAME,
+            self::PROPERTY_NAME_UNREAD,
+            self::PROPERTY_NAME_MENTIONS,
+            self::PROPERTY_NAME_MENTION,
+            self::PROPERTY_NAME_MENTION_TYPE,
+            self::PROPERTY_NAME_MENTION_ID,
+            self::PROPERTY_NAME_MENTION_DISPLAYNAME,
+        ];
+    }
 
-	protected function checkWriteAccessOnComment() {
-		$user = $this->userSession->getUser();
-		if(    $this->comment->getActorType() !== 'users'
-			|| is_null($user)
-			|| $this->comment->getActorId() !== $user->getUID()
-		) {
-			throw new Forbidden('Only authors are allowed to edit their comment.');
-		}
-	}
+    protected function checkWriteAccessOnComment() {
+        $user = $this->userSession->getUser();
+        if(    $this->comment->getActorType() !== 'users'
+            || is_null($user)
+            || $this->comment->getActorId() !== $user->getUID()
+        ) {
+            throw new Forbidden('Only authors are allowed to edit their comment.');
+        }
+    }
 
-	/**
-	 * Deleted the current node
-	 *
-	 * @return void
-	 */
-	function delete() {
-		$this->checkWriteAccessOnComment();
-		$this->commentsManager->delete($this->comment->getId());
-	}
+    /**
+     * Deleted the current node
+     *
+     * @return void
+     */
+    function delete() {
+        $this->checkWriteAccessOnComment();
+        $this->commentsManager->delete($this->comment->getId());
+    }
 
-	/**
-	 * Returns the name of the node.
-	 *
-	 * This is used to generate the url.
-	 *
-	 * @return string
-	 */
-	function getName() {
-		return $this->comment->getId();
-	}
+    /**
+     * Returns the name of the node.
+     *
+     * This is used to generate the url.
+     *
+     * @return string
+     */
+    function getName() {
+        return $this->comment->getId();
+    }
 
-	/**
-	 * Renames the node
-	 *
-	 * @param string $name The new name
-	 * @throws MethodNotAllowed
-	 */
-	function setName($name) {
-		throw new MethodNotAllowed();
-	}
+    /**
+     * Renames the node
+     *
+     * @param string $name The new name
+     * @throws MethodNotAllowed
+     */
+    function setName($name) {
+        throw new MethodNotAllowed();
+    }
 
-	/**
-	 * Returns the last modification time, as a unix timestamp
-	 *
-	 * @return int
-	 */
-	function getLastModified() {
-		return null;
-	}
+    /**
+     * Returns the last modification time, as a unix timestamp
+     *
+     * @return int
+     */
+    function getLastModified() {
+        return null;
+    }
 
-	/**
-	 * update the comment's message
-	 *
-	 * @param $propertyValue
-	 * @return bool
-	 * @throws BadRequest
-	 * @throws \Exception
-	 */
-	public function updateComment($propertyValue) {
-		$this->checkWriteAccessOnComment();
-		try {
-			$this->comment->setMessage($propertyValue);
-			$this->commentsManager->save($this->comment);
-			return true;
-		} catch (\Exception $e) {
-			$this->logger->logException($e, ['app' => 'dav/comments']);
-			if($e instanceof MessageTooLongException) {
-				$msg = 'Message exceeds allowed character limit of ';
-				throw new BadRequest($msg . IComment::MAX_MESSAGE_LENGTH, 0, $e);
-			}
-			throw $e;
-		}
-	}
+    /**
+     * update the comment's message
+     *
+     * @param $propertyValue
+     * @return bool
+     * @throws BadRequest
+     * @throws \Exception
+     */
+    public function updateComment($propertyValue) {
+        $this->checkWriteAccessOnComment();
+        try {
+            $this->comment->setMessage($propertyValue);
+            $this->commentsManager->save($this->comment);
+            return true;
+        } catch (\Exception $e) {
+            $this->logger->logException($e, ['app' => 'dav/comments']);
+            if($e instanceof MessageTooLongException) {
+                $msg = 'Message exceeds allowed character limit of ';
+                throw new BadRequest($msg . IComment::MAX_MESSAGE_LENGTH, 0, $e);
+            }
+            throw $e;
+        }
+    }
 
-	/**
-	 * Updates properties on this node.
-	 *
-	 * This method received a PropPatch object, which contains all the
-	 * information about the update.
-	 *
-	 * To update specific properties, call the 'handle' method on this object.
-	 * Read the PropPatch documentation for more information.
-	 *
-	 * @param PropPatch $propPatch
-	 * @return void
-	 */
-	function propPatch(PropPatch $propPatch) {
-		// other properties than 'message' are read only
-		$propPatch->handle(self::PROPERTY_NAME_MESSAGE, [$this, 'updateComment']);
-	}
+    /**
+     * Updates properties on this node.
+     *
+     * This method received a PropPatch object, which contains all the
+     * information about the update.
+     *
+     * To update specific properties, call the 'handle' method on this object.
+     * Read the PropPatch documentation for more information.
+     *
+     * @param PropPatch $propPatch
+     * @return void
+     */
+    function propPatch(PropPatch $propPatch) {
+        // other properties than 'message' are read only
+        $propPatch->handle(self::PROPERTY_NAME_MESSAGE, [$this, 'updateComment']);
+    }
 
-	/**
-	 * Returns a list of properties for this nodes.
-	 *
-	 * The properties list is a list of propertynames the client requested,
-	 * encoded in clark-notation {xmlnamespace}tagname
-	 *
-	 * If the array is empty, it means 'all properties' were requested.
-	 *
-	 * Note that it's fine to liberally give properties back, instead of
-	 * conforming to the list of requested properties.
-	 * The Server class will filter out the extra.
-	 *
-	 * @param array $properties
-	 * @return array
-	 */
-	function getProperties($properties) {
-		$properties = array_keys($this->properties);
+    /**
+     * Returns a list of properties for this nodes.
+     *
+     * The properties list is a list of propertynames the client requested,
+     * encoded in clark-notation {xmlnamespace}tagname
+     *
+     * If the array is empty, it means 'all properties' were requested.
+     *
+     * Note that it's fine to liberally give properties back, instead of
+     * conforming to the list of requested properties.
+     * The Server class will filter out the extra.
+     *
+     * @param array $properties
+     * @return array
+     */
+    function getProperties($properties) {
+        $properties = array_keys($this->properties);
 
-		$result = [];
-		foreach($properties as $property) {
-			$getter = $this->properties[$property];
-			if(method_exists($this->comment, $getter)) {
-				$result[$property] = $this->comment->$getter();
-			}
-		}
+        $result = [];
+        foreach($properties as $property) {
+            $getter = $this->properties[$property];
+            if(method_exists($this->comment, $getter)) {
+                $result[$property] = $this->comment->$getter();
+            }
+        }
 
-		if($this->comment->getActorType() === 'users') {
-			$user = $this->userManager->get($this->comment->getActorId());
-			$displayName = is_null($user) ? null : $user->getDisplayName();
-			$result[self::PROPERTY_NAME_ACTOR_DISPLAYNAME] = $displayName;
-		}
+        if($this->comment->getActorType() === 'users') {
+            $user = $this->userManager->get($this->comment->getActorId());
+            $displayName = is_null($user) ? null : $user->getDisplayName();
+            $result[self::PROPERTY_NAME_ACTOR_DISPLAYNAME] = $displayName;
+        }
 
-		$result[self::PROPERTY_NAME_MENTIONS] = $this->composeMentionsPropertyValue();
+        $result[self::PROPERTY_NAME_MENTIONS] = $this->composeMentionsPropertyValue();
 
-		$unread = null;
-		$user =  $this->userSession->getUser();
-		if(!is_null($user)) {
-			$readUntil = $this->commentsManager->getReadMark(
-				$this->comment->getObjectType(),
-				$this->comment->getObjectId(),
-				$user
-			);
-			if(is_null($readUntil)) {
-				$unread = 'true';
-			} else {
-				$unread = $this->comment->getCreationDateTime() > $readUntil;
-				// re-format for output
-				$unread = $unread ? 'true' : 'false';
-			}
-		}
-		$result[self::PROPERTY_NAME_UNREAD] = $unread;
+        $unread = null;
+        $user =  $this->userSession->getUser();
+        if(!is_null($user)) {
+            $readUntil = $this->commentsManager->getReadMark(
+                $this->comment->getObjectType(),
+                $this->comment->getObjectId(),
+                $user
+            );
+            if(is_null($readUntil)) {
+                $unread = 'true';
+            } else {
+                $unread = $this->comment->getCreationDateTime() > $readUntil;
+                // re-format for output
+                $unread = $unread ? 'true' : 'false';
+            }
+        }
+        $result[self::PROPERTY_NAME_UNREAD] = $unread;
 
-		return $result;
-	}
+        return $result;
+    }
 
-	/**
-	 * transforms a mentions array as returned from IComment->getMentions to an
-	 * array with DAV-compatible structure that can be assigned to the
-	 * PROPERTY_NAME_MENTION property.
-	 *
-	 * @return array
-	 */
-	protected function composeMentionsPropertyValue() {
-		return array_map(function($mention) {
-			try {
-				$displayName = $this->commentsManager->resolveDisplayName($mention['type'], $mention['id']);
-			} catch (\OutOfBoundsException $e) {
-				$this->logger->logException($e);
-				// No displayname, upon client's discretion what to display.
-				$displayName = '';
-			}
+    /**
+     * transforms a mentions array as returned from IComment->getMentions to an
+     * array with DAV-compatible structure that can be assigned to the
+     * PROPERTY_NAME_MENTION property.
+     *
+     * @return array
+     */
+    protected function composeMentionsPropertyValue() {
+        return array_map(function($mention) {
+            try {
+                $displayName = $this->commentsManager->resolveDisplayName($mention['type'], $mention['id']);
+            } catch (\OutOfBoundsException $e) {
+                $this->logger->logException($e);
+                // No displayname, upon client's discretion what to display.
+                $displayName = '';
+            }
 
-			return [
-				self::PROPERTY_NAME_MENTION => [
-					self::PROPERTY_NAME_MENTION_TYPE        => $mention['type'],
-					self::PROPERTY_NAME_MENTION_ID          => $mention['id'],
-					self::PROPERTY_NAME_MENTION_DISPLAYNAME => $displayName,
-				]
-			];
-		}, $this->comment->getMentions());
-	}
+            return [
+                self::PROPERTY_NAME_MENTION => [
+                    self::PROPERTY_NAME_MENTION_TYPE        => $mention['type'],
+                    self::PROPERTY_NAME_MENTION_ID          => $mention['id'],
+                    self::PROPERTY_NAME_MENTION_DISPLAYNAME => $displayName,
+                ]
+            ];
+        }, $this->comment->getMentions());
+    }
 }

apps/dav/lib/Comments/CommentsPlugin.php

Doc Comments +1 added lines, -1 removed lines

@@ -138,7 +138,7 @@
 	 * This will be used in the {DAV:}supported-report-set property.
 	 *
 	 * @param string $uri
-	 * @return array
+	 * @return string[]
 	 */
 	public function getSupportedReportSet($uri) {
 		return [self::REPORT_NAME];

Indentation +207 added lines, -207 removed lines

@@ -43,213 +43,213 @@
  * Sabre plugin to handle comments:
  */
 class CommentsPlugin extends ServerPlugin {
-	// namespace
-	const NS_OWNCLOUD = 'http://owncloud.org/ns';
-
-	const REPORT_NAME            = '{http://owncloud.org/ns}filter-comments';
-	const REPORT_PARAM_LIMIT     = '{http://owncloud.org/ns}limit';
-	const REPORT_PARAM_OFFSET    = '{http://owncloud.org/ns}offset';
-	const REPORT_PARAM_TIMESTAMP = '{http://owncloud.org/ns}datetime';
-
-	/** @var ICommentsManager  */
-	protected $commentsManager;
-
-	/** @var \Sabre\DAV\Server $server */
-	private $server;
-
-	/** @var  \OCP\IUserSession */
-	protected $userSession;
-
-	/**
-	 * Comments plugin
-	 *
-	 * @param ICommentsManager $commentsManager
-	 * @param IUserSession $userSession
-	 */
-	public function __construct(ICommentsManager $commentsManager, IUserSession $userSession) {
-		$this->commentsManager = $commentsManager;
-		$this->userSession = $userSession;
-	}
-
-	/**
-	 * This initializes the plugin.
-	 *
-	 * This function is called by Sabre\DAV\Server, after
-	 * addPlugin is called.
-	 *
-	 * This method should set up the required event subscriptions.
-	 *
-	 * @param Server $server
-	 * @return void
-	 */
-	function initialize(Server $server) {
-		$this->server = $server;
-		if(strpos($this->server->getRequestUri(), 'comments/') !== 0) {
-			return;
-		}
-
-		$this->server->xml->namespaceMap[self::NS_OWNCLOUD] = 'oc';
-
-		$this->server->xml->classMap['DateTime'] = function(Writer $writer, \DateTime $value) {
-			$writer->write(\Sabre\HTTP\toDate($value));
-		};
-
-		$this->server->on('report', [$this, 'onReport']);
-		$this->server->on('method:POST', [$this, 'httpPost']);
-	}
-
-	/**
-	 * POST operation on Comments collections
-	 *
-	 * @param RequestInterface $request request object
-	 * @param ResponseInterface $response response object
-	 * @return null|false
-	 */
-	public function httpPost(RequestInterface $request, ResponseInterface $response) {
-		$path = $request->getPath();
-		$node = $this->server->tree->getNodeForPath($path);
-		if (!$node instanceof EntityCollection) {
-			return null;
-		}
-
-		$data = $request->getBodyAsString();
-		$comment = $this->createComment(
-			$node->getName(),
-			$node->getId(),
-			$data,
-			$request->getHeader('Content-Type')
-		);
-
-		// update read marker for the current user/poster to avoid
-		// having their own comments marked as unread
-		$node->setReadMarker(null);
-
-		$url = rtrim($request->getUrl(), '/') . '/' . urlencode($comment->getId());
-
-		$response->setHeader('Content-Location', $url);
-
-		// created
-		$response->setStatus(201);
-		return false;
-	}
-
-	/**
-	 * Returns a list of reports this plugin supports.
-	 *
-	 * This will be used in the {DAV:}supported-report-set property.
-	 *
-	 * @param string $uri
-	 * @return array
-	 */
-	public function getSupportedReportSet($uri) {
-		return [self::REPORT_NAME];
-	}
-
-	/**
-	 * REPORT operations to look for comments
-	 *
-	 * @param string $reportName
-	 * @param array $report
-	 * @param string $uri
-	 * @return bool
-	 * @throws NotFound
-	 * @throws ReportNotSupported
-	 */
-	public function onReport($reportName, $report, $uri) {
-		$node = $this->server->tree->getNodeForPath($uri);
-		if(!$node instanceof EntityCollection || $reportName !== self::REPORT_NAME) {
-			throw new ReportNotSupported();
-		}
-		$args = ['limit' => 0, 'offset' => 0, 'datetime' => null];
-		$acceptableParameters = [
-			$this::REPORT_PARAM_LIMIT,
-			$this::REPORT_PARAM_OFFSET,
-			$this::REPORT_PARAM_TIMESTAMP
-		];
-		$ns = '{' . $this::NS_OWNCLOUD . '}';
-		foreach($report as $parameter) {
-			if(!in_array($parameter['name'], $acceptableParameters) || empty($parameter['value'])) {
-				continue;
-			}
-			$args[str_replace($ns, '', $parameter['name'])] = $parameter['value'];
-		}
-
-		if(!is_null($args['datetime'])) {
-			$args['datetime'] = new \DateTime($args['datetime']);
-		}
-
-		$results = $node->findChildren($args['limit'], $args['offset'], $args['datetime']);
-
-		$responses = [];
-		foreach($results as $node) {
-			$nodePath = $this->server->getRequestUri() . '/' . $node->comment->getId();
-			$resultSet = $this->server->getPropertiesForPath($nodePath, CommentNode::getPropertyNames());
-			if(isset($resultSet[0]) && isset($resultSet[0][200])) {
-				$responses[] = new Response(
-					$this->server->getBaseUri() . $nodePath,
-					[200 => $resultSet[0][200]],
-					200
-				);
-			}
-
-		}
-
-		$xml = $this->server->xml->write(
-			'{DAV:}multistatus',
-			new MultiStatus($responses)
-		);
-
-		$this->server->httpResponse->setStatus(207);
-		$this->server->httpResponse->setHeader('Content-Type', 'application/xml; charset=utf-8');
-		$this->server->httpResponse->setBody($xml);
-
-		return false;
-	}
-
-	/**
-	 * Creates a new comment
-	 *
-	 * @param string $objectType e.g. "files"
-	 * @param string $objectId e.g. the file id
-	 * @param string $data JSON encoded string containing the properties of the tag to create
-	 * @param string $contentType content type of the data
-	 * @return IComment newly created comment
-	 *
-	 * @throws BadRequest if a field was missing
-	 * @throws UnsupportedMediaType if the content type is not supported
-	 */
-	private function createComment($objectType, $objectId, $data, $contentType = 'application/json') {
-		if (explode(';', $contentType)[0] === 'application/json') {
-			$data = json_decode($data, true);
-		} else {
-			throw new UnsupportedMediaType();
-		}
-
-		$actorType = $data['actorType'];
-		$actorId = null;
-		if($actorType === 'users') {
-			$user = $this->userSession->getUser();
-			if(!is_null($user)) {
-				$actorId = $user->getUID();
-			}
-		}
-		if(is_null($actorId)) {
-			throw new BadRequest('Invalid actor "' .  $actorType .'"');
-		}
-
-		try {
-			$comment = $this->commentsManager->create($actorType, $actorId, $objectType, $objectId);
-			$comment->setMessage($data['message']);
-			$comment->setVerb($data['verb']);
-			$this->commentsManager->save($comment);
-			return $comment;
-		} catch (\InvalidArgumentException $e) {
-			throw new BadRequest('Invalid input values', 0, $e);
-		} catch (\OCP\Comments\MessageTooLongException $e) {
-			$msg = 'Message exceeds allowed character limit of ';
-			throw new BadRequest($msg . \OCP\Comments\IComment::MAX_MESSAGE_LENGTH, 0,	$e);
-		}
-	}
+    // namespace
+    const NS_OWNCLOUD = 'http://owncloud.org/ns';
+
+    const REPORT_NAME            = '{http://owncloud.org/ns}filter-comments';
+    const REPORT_PARAM_LIMIT     = '{http://owncloud.org/ns}limit';
+    const REPORT_PARAM_OFFSET    = '{http://owncloud.org/ns}offset';
+    const REPORT_PARAM_TIMESTAMP = '{http://owncloud.org/ns}datetime';
+
+    /** @var ICommentsManager  */
+    protected $commentsManager;
+
+    /** @var \Sabre\DAV\Server $server */
+    private $server;
+
+    /** @var  \OCP\IUserSession */
+    protected $userSession;
+
+    /**
+     * Comments plugin
+     *
+     * @param ICommentsManager $commentsManager
+     * @param IUserSession $userSession
+     */
+    public function __construct(ICommentsManager $commentsManager, IUserSession $userSession) {
+        $this->commentsManager = $commentsManager;
+        $this->userSession = $userSession;
+    }
+
+    /**
+     * This initializes the plugin.
+     *
+     * This function is called by Sabre\DAV\Server, after
+     * addPlugin is called.
+     *
+     * This method should set up the required event subscriptions.
+     *
+     * @param Server $server
+     * @return void
+     */
+    function initialize(Server $server) {
+        $this->server = $server;
+        if(strpos($this->server->getRequestUri(), 'comments/') !== 0) {
+            return;
+        }
+
+        $this->server->xml->namespaceMap[self::NS_OWNCLOUD] = 'oc';
+
+        $this->server->xml->classMap['DateTime'] = function(Writer $writer, \DateTime $value) {
+            $writer->write(\Sabre\HTTP\toDate($value));
+        };
+
+        $this->server->on('report', [$this, 'onReport']);
+        $this->server->on('method:POST', [$this, 'httpPost']);
+    }
+
+    /**
+     * POST operation on Comments collections
+     *
+     * @param RequestInterface $request request object
+     * @param ResponseInterface $response response object
+     * @return null|false
+     */
+    public function httpPost(RequestInterface $request, ResponseInterface $response) {
+        $path = $request->getPath();
+        $node = $this->server->tree->getNodeForPath($path);
+        if (!$node instanceof EntityCollection) {
+            return null;
+        }
+
+        $data = $request->getBodyAsString();
+        $comment = $this->createComment(
+            $node->getName(),
+            $node->getId(),
+            $data,
+            $request->getHeader('Content-Type')
+        );
+
+        // update read marker for the current user/poster to avoid
+        // having their own comments marked as unread
+        $node->setReadMarker(null);
+
+        $url = rtrim($request->getUrl(), '/') . '/' . urlencode($comment->getId());
+
+        $response->setHeader('Content-Location', $url);
+
+        // created
+        $response->setStatus(201);
+        return false;
+    }
+
+    /**
+     * Returns a list of reports this plugin supports.
+     *
+     * This will be used in the {DAV:}supported-report-set property.
+     *
+     * @param string $uri
+     * @return array
+     */
+    public function getSupportedReportSet($uri) {
+        return [self::REPORT_NAME];
+    }
+
+    /**
+     * REPORT operations to look for comments
+     *
+     * @param string $reportName
+     * @param array $report
+     * @param string $uri
+     * @return bool
+     * @throws NotFound
+     * @throws ReportNotSupported
+     */
+    public function onReport($reportName, $report, $uri) {
+        $node = $this->server->tree->getNodeForPath($uri);
+        if(!$node instanceof EntityCollection || $reportName !== self::REPORT_NAME) {
+            throw new ReportNotSupported();
+        }
+        $args = ['limit' => 0, 'offset' => 0, 'datetime' => null];
+        $acceptableParameters = [
+            $this::REPORT_PARAM_LIMIT,
+            $this::REPORT_PARAM_OFFSET,
+            $this::REPORT_PARAM_TIMESTAMP
+        ];
+        $ns = '{' . $this::NS_OWNCLOUD . '}';
+        foreach($report as $parameter) {
+            if(!in_array($parameter['name'], $acceptableParameters) || empty($parameter['value'])) {
+                continue;
+            }
+            $args[str_replace($ns, '', $parameter['name'])] = $parameter['value'];
+        }
+
+        if(!is_null($args['datetime'])) {
+            $args['datetime'] = new \DateTime($args['datetime']);
+        }
+
+        $results = $node->findChildren($args['limit'], $args['offset'], $args['datetime']);
+
+        $responses = [];
+        foreach($results as $node) {
+            $nodePath = $this->server->getRequestUri() . '/' . $node->comment->getId();
+            $resultSet = $this->server->getPropertiesForPath($nodePath, CommentNode::getPropertyNames());
+            if(isset($resultSet[0]) && isset($resultSet[0][200])) {
+                $responses[] = new Response(
+                    $this->server->getBaseUri() . $nodePath,
+                    [200 => $resultSet[0][200]],
+                    200
+                );
+            }
+
+        }
+
+        $xml = $this->server->xml->write(
+            '{DAV:}multistatus',
+            new MultiStatus($responses)
+        );
+
+        $this->server->httpResponse->setStatus(207);
+        $this->server->httpResponse->setHeader('Content-Type', 'application/xml; charset=utf-8');
+        $this->server->httpResponse->setBody($xml);
+
+        return false;
+    }
+
+    /**
+     * Creates a new comment
+     *
+     * @param string $objectType e.g. "files"
+     * @param string $objectId e.g. the file id
+     * @param string $data JSON encoded string containing the properties of the tag to create
+     * @param string $contentType content type of the data
+     * @return IComment newly created comment
+     *
+     * @throws BadRequest if a field was missing
+     * @throws UnsupportedMediaType if the content type is not supported
+     */
+    private function createComment($objectType, $objectId, $data, $contentType = 'application/json') {
+        if (explode(';', $contentType)[0] === 'application/json') {
+            $data = json_decode($data, true);
+        } else {
+            throw new UnsupportedMediaType();
+        }
+
+        $actorType = $data['actorType'];
+        $actorId = null;
+        if($actorType === 'users') {
+            $user = $this->userSession->getUser();
+            if(!is_null($user)) {
+                $actorId = $user->getUID();
+            }
+        }
+        if(is_null($actorId)) {
+            throw new BadRequest('Invalid actor "' .  $actorType .'"');
+        }
+
+        try {
+            $comment = $this->commentsManager->create($actorType, $actorId, $objectType, $objectId);
+            $comment->setMessage($data['message']);
+            $comment->setVerb($data['verb']);
+            $this->commentsManager->save($comment);
+            return $comment;
+        } catch (\InvalidArgumentException $e) {
+            throw new BadRequest('Invalid input values', 0, $e);
+        } catch (\OCP\Comments\MessageTooLongException $e) {
+            $msg = 'Message exceeds allowed character limit of ';
+            throw new BadRequest($msg . \OCP\Comments\IComment::MAX_MESSAGE_LENGTH, 0,	$e);
+        }
+    }
 
 
 

apps/dav/lib/Comments/EntityCollection.php

Doc Comments +1 added lines, -1 removed lines

@@ -115,7 +115,7 @@
 	/**
 	 * Returns an array with all the child nodes
 	 *
-	 * @return \Sabre\DAV\INode[]
+	 * @return CommentNode[]
 	 */
 	function getChildren() {
 		return $this->findChildren();

Indentation +140 added lines, -140 removed lines

@@ -41,156 +41,156 @@
  * @package OCA\DAV\Comments
  */
 class EntityCollection extends RootCollection implements IProperties {
-	const PROPERTY_NAME_READ_MARKER  = '{http://owncloud.org/ns}readMarker';
+    const PROPERTY_NAME_READ_MARKER  = '{http://owncloud.org/ns}readMarker';
 
-	/** @var  string */
-	protected $id;
+    /** @var  string */
+    protected $id;
 
-	/** @var  ILogger */
-	protected $logger;
+    /** @var  ILogger */
+    protected $logger;
 
-	/**
-	 * @param string $id
-	 * @param string $name
-	 * @param ICommentsManager $commentsManager
-	 * @param IUserManager $userManager
-	 * @param IUserSession $userSession
-	 * @param ILogger $logger
-	 */
-	public function __construct(
-		$id,
-		$name,
-		ICommentsManager $commentsManager,
-		IUserManager $userManager,
-		IUserSession $userSession,
-		ILogger $logger
-	) {
-		foreach(['id', 'name'] as $property) {
-			$$property = trim($$property);
-			if(empty($$property) || !is_string($$property)) {
-				throw new \InvalidArgumentException('"' . $property . '" parameter must be non-empty string');
-			}
-		}
-		$this->id = $id;
-		$this->name = $name;
-		$this->commentsManager = $commentsManager;
-		$this->logger = $logger;
-		$this->userManager = $userManager;
-		$this->userSession = $userSession;
-	}
+    /**
+     * @param string $id
+     * @param string $name
+     * @param ICommentsManager $commentsManager
+     * @param IUserManager $userManager
+     * @param IUserSession $userSession
+     * @param ILogger $logger
+     */
+    public function __construct(
+        $id,
+        $name,
+        ICommentsManager $commentsManager,
+        IUserManager $userManager,
+        IUserSession $userSession,
+        ILogger $logger
+    ) {
+        foreach(['id', 'name'] as $property) {
+            $$property = trim($$property);
+            if(empty($$property) || !is_string($$property)) {
+                throw new \InvalidArgumentException('"' . $property . '" parameter must be non-empty string');
+            }
+        }
+        $this->id = $id;
+        $this->name = $name;
+        $this->commentsManager = $commentsManager;
+        $this->logger = $logger;
+        $this->userManager = $userManager;
+        $this->userSession = $userSession;
+    }
 
-	/**
-	 * returns the ID of this entity
-	 *
-	 * @return string
-	 */
-	public function getId() {
-		return $this->id;
-	}
+    /**
+     * returns the ID of this entity
+     *
+     * @return string
+     */
+    public function getId() {
+        return $this->id;
+    }
 
-	/**
-	 * Returns a specific child node, referenced by its name
-	 *
-	 * This method must throw Sabre\DAV\Exception\NotFound if the node does not
-	 * exist.
-	 *
-	 * @param string $name
-	 * @return \Sabre\DAV\INode
-	 * @throws NotFound
-	 */
-	function getChild($name) {
-		try {
-			$comment = $this->commentsManager->get($name);
-			return new CommentNode(
-				$this->commentsManager,
-				$comment,
-				$this->userManager,
-				$this->userSession,
-				$this->logger
-			);
-		} catch (NotFoundException $e) {
-			throw new NotFound();
-		}
-	}
+    /**
+     * Returns a specific child node, referenced by its name
+     *
+     * This method must throw Sabre\DAV\Exception\NotFound if the node does not
+     * exist.
+     *
+     * @param string $name
+     * @return \Sabre\DAV\INode
+     * @throws NotFound
+     */
+    function getChild($name) {
+        try {
+            $comment = $this->commentsManager->get($name);
+            return new CommentNode(
+                $this->commentsManager,
+                $comment,
+                $this->userManager,
+                $this->userSession,
+                $this->logger
+            );
+        } catch (NotFoundException $e) {
+            throw new NotFound();
+        }
+    }
 
-	/**
-	 * Returns an array with all the child nodes
-	 *
-	 * @return \Sabre\DAV\INode[]
-	 */
-	function getChildren() {
-		return $this->findChildren();
-	}
+    /**
+     * Returns an array with all the child nodes
+     *
+     * @return \Sabre\DAV\INode[]
+     */
+    function getChildren() {
+        return $this->findChildren();
+    }
 
-	/**
-	 * Returns an array of comment nodes. Result can be influenced by offset,
-	 * limit and date time parameters.
-	 *
-	 * @param int $limit
-	 * @param int $offset
-	 * @param \DateTime|null $datetime
-	 * @return CommentNode[]
-	 */
-	function findChildren($limit = 0, $offset = 0, \DateTime $datetime = null) {
-		$comments = $this->commentsManager->getForObject($this->name, $this->id, $limit, $offset, $datetime);
-		$result = [];
-		foreach($comments as $comment) {
-			$result[] = new CommentNode(
-				$this->commentsManager,
-				$comment,
-				$this->userManager,
-				$this->userSession,
-				$this->logger
-			);
-		}
-		return $result;
-	}
+    /**
+     * Returns an array of comment nodes. Result can be influenced by offset,
+     * limit and date time parameters.
+     *
+     * @param int $limit
+     * @param int $offset
+     * @param \DateTime|null $datetime
+     * @return CommentNode[]
+     */
+    function findChildren($limit = 0, $offset = 0, \DateTime $datetime = null) {
+        $comments = $this->commentsManager->getForObject($this->name, $this->id, $limit, $offset, $datetime);
+        $result = [];
+        foreach($comments as $comment) {
+            $result[] = new CommentNode(
+                $this->commentsManager,
+                $comment,
+                $this->userManager,
+                $this->userSession,
+                $this->logger
+            );
+        }
+        return $result;
+    }
 
-	/**
-	 * Checks if a child-node with the specified name exists
-	 *
-	 * @param string $name
-	 * @return bool
-	 */
-	function childExists($name) {
-		try {
-			$this->commentsManager->get($name);
-			return true;
-		} catch (NotFoundException $e) {
-			return false;
-		}
-	}
+    /**
+     * Checks if a child-node with the specified name exists
+     *
+     * @param string $name
+     * @return bool
+     */
+    function childExists($name) {
+        try {
+            $this->commentsManager->get($name);
+            return true;
+        } catch (NotFoundException $e) {
+            return false;
+        }
+    }
 
-	/**
-	 * Sets the read marker to the specified date for the logged in user
-	 *
-	 * @param \DateTime $value
-	 * @return bool
-	 */
-	public function setReadMarker($value) {
-		$dateTime = new \DateTime($value);
-		$user = $this->userSession->getUser();
-		$this->commentsManager->setReadMark($this->name, $this->id, $dateTime, $user);
-		return true;
-	}
+    /**
+     * Sets the read marker to the specified date for the logged in user
+     *
+     * @param \DateTime $value
+     * @return bool
+     */
+    public function setReadMarker($value) {
+        $dateTime = new \DateTime($value);
+        $user = $this->userSession->getUser();
+        $this->commentsManager->setReadMark($this->name, $this->id, $dateTime, $user);
+        return true;
+    }
 
-	/**
-	 * @inheritdoc
-	 */
-	function propPatch(PropPatch $propPatch) {
-		$propPatch->handle(self::PROPERTY_NAME_READ_MARKER, [$this, 'setReadMarker']);
-	}
+    /**
+     * @inheritdoc
+     */
+    function propPatch(PropPatch $propPatch) {
+        $propPatch->handle(self::PROPERTY_NAME_READ_MARKER, [$this, 'setReadMarker']);
+    }
 
-	/**
-	 * @inheritdoc
-	 */
-	function getProperties($properties) {
-		$marker = null;
-		$user = $this->userSession->getUser();
-		if(!is_null($user)) {
-			$marker = $this->commentsManager->getReadMark($this->name, $this->id, $user);
-		}
-		return [self::PROPERTY_NAME_READ_MARKER => $marker];
-	}
+    /**
+     * @inheritdoc
+     */
+    function getProperties($properties) {
+        $marker = null;
+        $user = $this->userSession->getUser();
+        if(!is_null($user)) {
+            $marker = $this->commentsManager->getReadMark($this->name, $this->id, $user);
+        }
+        return [self::PROPERTY_NAME_READ_MARKER => $marker];
+    }
 }
 

apps/dav/lib/Connector/Sabre/CustomPropertiesBackend.php

Doc Comments +1 added lines, -1 removed lines

@@ -75,7 +75,7 @@
 	private $cache = [];
 
 	/**
-	 * @param Tree $tree node tree
+	 * @param ObjectTree $tree node tree
 	 * @param IDBConnection $connection database connection
 	 * @param IUser $user owner of the tree and properties
 	 */

Indentation +318 added lines, -318 removed lines

@@ -36,323 +36,323 @@
 
 class CustomPropertiesBackend implements BackendInterface {
 
-	/**
-	 * Ignored properties
-	 *
-	 * @var array
-	 */
-	private $ignoredProperties = array(
-		'{DAV:}getcontentlength',
-		'{DAV:}getcontenttype',
-		'{DAV:}getetag',
-		'{DAV:}quota-used-bytes',
-		'{DAV:}quota-available-bytes',
-		'{DAV:}quota-available-bytes',
-		'{http://owncloud.org/ns}permissions',
-		'{http://owncloud.org/ns}downloadURL',
-		'{http://owncloud.org/ns}dDC',
-		'{http://owncloud.org/ns}size',
-		'{http://nextcloud.org/ns}is-encrypted',
-	);
-
-	/**
-	 * @var Tree
-	 */
-	private $tree;
-
-	/**
-	 * @var IDBConnection
-	 */
-	private $connection;
-
-	/**
-	 * @var IUser
-	 */
-	private $user;
-
-	/**
-	 * Properties cache
-	 *
-	 * @var array
-	 */
-	private $cache = [];
-
-	/**
-	 * @param Tree $tree node tree
-	 * @param IDBConnection $connection database connection
-	 * @param IUser $user owner of the tree and properties
-	 */
-	public function __construct(
-		Tree $tree,
-		IDBConnection $connection,
-		IUser $user) {
-		$this->tree = $tree;
-		$this->connection = $connection;
-		$this->user = $user->getUID();
-	}
-
-	/**
-	 * Fetches properties for a path.
-	 *
-	 * @param string $path
-	 * @param PropFind $propFind
-	 * @return void
-	 */
-	public function propFind($path, PropFind $propFind) {
-		try {
-			$node = $this->tree->getNodeForPath($path);
-			if (!($node instanceof Node)) {
-				return;
-			}
-		} catch (ServiceUnavailable $e) {
-			// might happen for unavailable mount points, skip
-			return;
-		} catch (NotFound $e) {
-			// in some rare (buggy) cases the node might not be found,
-			// we catch the exception to prevent breaking the whole list with a 404
-			// (soft fail)
-			\OC::$server->getLogger()->warning(
-				'Could not get node for path: \"' . $path . '\" : ' . $e->getMessage(),
-				array('app' => 'files')
-			);
-			return;
-		}
-
-		$requestedProps = $propFind->get404Properties();
-
-		// these might appear
-		$requestedProps = array_diff(
-			$requestedProps,
-			$this->ignoredProperties
-		);
-
-		if (empty($requestedProps)) {
-			return;
-		}
-
-		if ($node instanceof Directory
-			&& $propFind->getDepth() !== 0
-		) {
-			// note: pre-fetching only supported for depth <= 1
-			$this->loadChildrenProperties($node, $requestedProps);
-		}
-
-		$props = $this->getProperties($node, $requestedProps);
-		foreach ($props as $propName => $propValue) {
-			$propFind->set($propName, $propValue);
-		}
-	}
-
-	/**
-	 * Updates properties for a path
-	 *
-	 * @param string $path
-	 * @param PropPatch $propPatch
-	 *
-	 * @return void
-	 */
-	public function propPatch($path, PropPatch $propPatch) {
-		$node = $this->tree->getNodeForPath($path);
-		if (!($node instanceof Node)) {
-			return;
-		}
-
-		$propPatch->handleRemaining(function($changedProps) use ($node) {
-			return $this->updateProperties($node, $changedProps);
-		});
-	}
-
-	/**
-	 * This method is called after a node is deleted.
-	 *
-	 * @param string $path path of node for which to delete properties
-	 */
-	public function delete($path) {
-		$statement = $this->connection->prepare(
-			'DELETE FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ?'
-		);
-		$statement->execute(array($this->user, '/' . $path));
-		$statement->closeCursor();
-
-		unset($this->cache[$path]);
-	}
-
-	/**
-	 * This method is called after a successful MOVE
-	 *
-	 * @param string $source
-	 * @param string $destination
-	 *
-	 * @return void
-	 */
-	public function move($source, $destination) {
-		$statement = $this->connection->prepare(
-			'UPDATE `*PREFIX*properties` SET `propertypath` = ?' .
-			' WHERE `userid` = ? AND `propertypath` = ?'
-		);
-		$statement->execute(array('/' . $destination, $this->user, '/' . $source));
-		$statement->closeCursor();
-	}
-
-	/**
-	 * Returns a list of properties for this nodes.;
-	 * @param Node $node
-	 * @param array $requestedProperties requested properties or empty array for "all"
-	 * @return array
-	 * @note The properties list is a list of propertynames the client
-	 * requested, encoded as xmlnamespace#tagName, for example:
-	 * http://www.example.org/namespace#author If the array is empty, all
-	 * properties should be returned
-	 */
-	private function getProperties(Node $node, array $requestedProperties) {
-		$path = $node->getPath();
-		if (isset($this->cache[$path])) {
-			return $this->cache[$path];
-		}
-
-		// TODO: chunking if more than 1000 properties
-		$sql = 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ?';
-
-		$whereValues = array($this->user, $path);
-		$whereTypes = array(null, null);
-
-		if (!empty($requestedProperties)) {
-			// request only a subset
-			$sql .= ' AND `propertyname` in (?)';
-			$whereValues[] = $requestedProperties;
-			$whereTypes[] = \Doctrine\DBAL\Connection::PARAM_STR_ARRAY;
-		}
-
-		$result = $this->connection->executeQuery(
-			$sql,
-			$whereValues,
-			$whereTypes
-		);
-
-		$props = [];
-		while ($row = $result->fetch()) {
-			$props[$row['propertyname']] = $row['propertyvalue'];
-		}
-
-		$result->closeCursor();
-
-		$this->cache[$path] = $props;
-		return $props;
-	}
-
-	/**
-	 * Update properties
-	 *
-	 * @param Node $node node for which to update properties
-	 * @param array $properties array of properties to update
-	 *
-	 * @return bool
-	 */
-	private function updateProperties($node, $properties) {
-		$path = $node->getPath();
-
-		$deleteStatement = 'DELETE FROM `*PREFIX*properties`' .
-			' WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?';
-
-		$insertStatement = 'INSERT INTO `*PREFIX*properties`' .
-			' (`userid`,`propertypath`,`propertyname`,`propertyvalue`) VALUES(?,?,?,?)';
-
-		$updateStatement = 'UPDATE `*PREFIX*properties` SET `propertyvalue` = ?' .
-			' WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?';
-
-		// TODO: use "insert or update" strategy ?
-		$existing = $this->getProperties($node, array());
-		$this->connection->beginTransaction();
-		foreach ($properties as $propertyName => $propertyValue) {
-			// If it was null, we need to delete the property
-			if (is_null($propertyValue)) {
-				if (array_key_exists($propertyName, $existing)) {
-					$this->connection->executeUpdate($deleteStatement,
-						array(
-							$this->user,
-							$path,
-							$propertyName
-						)
-					);
-				}
-			} else {
-				if (!array_key_exists($propertyName, $existing)) {
-					$this->connection->executeUpdate($insertStatement,
-						array(
-							$this->user,
-							$path,
-							$propertyName,
-							$propertyValue
-						)
-					);
-				} else {
-					$this->connection->executeUpdate($updateStatement,
-						array(
-							$propertyValue,
-							$this->user,
-							$path,
-							$propertyName
-						)
-					);
-				}
-			}
-		}
-
-		$this->connection->commit();
-		unset($this->cache[$path]);
-
-		return true;
-	}
-
-	/**
-	 * Bulk load properties for directory children
-	 *
-	 * @param Directory $node
-	 * @param array $requestedProperties requested properties
-	 *
-	 * @return void
-	 */
-	private function loadChildrenProperties(Directory $node, $requestedProperties) {
-		$path = $node->getPath();
-		if (isset($this->cache[$path])) {
-			// we already loaded them at some point
-			return;
-		}
-
-		$childNodes = $node->getChildren();
-		// pre-fill cache
-		foreach ($childNodes as $childNode) {
-			$this->cache[$childNode->getPath()] = [];
-		}
-
-		$sql = 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` LIKE ?';
-		$sql .= ' AND `propertyname` in (?) ORDER BY `propertypath`, `propertyname`';
-
-		$result = $this->connection->executeQuery(
-			$sql,
-			array($this->user, $this->connection->escapeLikeParameter(rtrim($path, '/')) . '/%', $requestedProperties),
-			array(null, null, \Doctrine\DBAL\Connection::PARAM_STR_ARRAY)
-		);
-
-		$oldPath = null;
-		$props = [];
-		while ($row = $result->fetch()) {
-			$path = $row['propertypath'];
-			if ($oldPath !== $path) {
-				// save previously gathered props
-				$this->cache[$oldPath] = $props;
-				$oldPath = $path;
-				// prepare props for next path
-				$props = [];
-			}
-			$props[$row['propertyname']] = $row['propertyvalue'];
-		}
-		if (!is_null($oldPath)) {
-			// save props from last run
-			$this->cache[$oldPath] = $props;
-		}
-
-		$result->closeCursor();
-	}
+    /**
+     * Ignored properties
+     *
+     * @var array
+     */
+    private $ignoredProperties = array(
+        '{DAV:}getcontentlength',
+        '{DAV:}getcontenttype',
+        '{DAV:}getetag',
+        '{DAV:}quota-used-bytes',
+        '{DAV:}quota-available-bytes',
+        '{DAV:}quota-available-bytes',
+        '{http://owncloud.org/ns}permissions',
+        '{http://owncloud.org/ns}downloadURL',
+        '{http://owncloud.org/ns}dDC',
+        '{http://owncloud.org/ns}size',
+        '{http://nextcloud.org/ns}is-encrypted',
+    );
+
+    /**
+     * @var Tree
+     */
+    private $tree;
+
+    /**
+     * @var IDBConnection
+     */
+    private $connection;
+
+    /**
+     * @var IUser
+     */
+    private $user;
+
+    /**
+     * Properties cache
+     *
+     * @var array
+     */
+    private $cache = [];
+
+    /**
+     * @param Tree $tree node tree
+     * @param IDBConnection $connection database connection
+     * @param IUser $user owner of the tree and properties
+     */
+    public function __construct(
+        Tree $tree,
+        IDBConnection $connection,
+        IUser $user) {
+        $this->tree = $tree;
+        $this->connection = $connection;
+        $this->user = $user->getUID();
+    }
+
+    /**
+     * Fetches properties for a path.
+     *
+     * @param string $path
+     * @param PropFind $propFind
+     * @return void
+     */
+    public function propFind($path, PropFind $propFind) {
+        try {
+            $node = $this->tree->getNodeForPath($path);
+            if (!($node instanceof Node)) {
+                return;
+            }
+        } catch (ServiceUnavailable $e) {
+            // might happen for unavailable mount points, skip
+            return;
+        } catch (NotFound $e) {
+            // in some rare (buggy) cases the node might not be found,
+            // we catch the exception to prevent breaking the whole list with a 404
+            // (soft fail)
+            \OC::$server->getLogger()->warning(
+                'Could not get node for path: \"' . $path . '\" : ' . $e->getMessage(),
+                array('app' => 'files')
+            );
+            return;
+        }
+
+        $requestedProps = $propFind->get404Properties();
+
+        // these might appear
+        $requestedProps = array_diff(
+            $requestedProps,
+            $this->ignoredProperties
+        );
+
+        if (empty($requestedProps)) {
+            return;
+        }
+
+        if ($node instanceof Directory
+            && $propFind->getDepth() !== 0
+        ) {
+            // note: pre-fetching only supported for depth <= 1
+            $this->loadChildrenProperties($node, $requestedProps);
+        }
+
+        $props = $this->getProperties($node, $requestedProps);
+        foreach ($props as $propName => $propValue) {
+            $propFind->set($propName, $propValue);
+        }
+    }
+
+    /**
+     * Updates properties for a path
+     *
+     * @param string $path
+     * @param PropPatch $propPatch
+     *
+     * @return void
+     */
+    public function propPatch($path, PropPatch $propPatch) {
+        $node = $this->tree->getNodeForPath($path);
+        if (!($node instanceof Node)) {
+            return;
+        }
+
+        $propPatch->handleRemaining(function($changedProps) use ($node) {
+            return $this->updateProperties($node, $changedProps);
+        });
+    }
+
+    /**
+     * This method is called after a node is deleted.
+     *
+     * @param string $path path of node for which to delete properties
+     */
+    public function delete($path) {
+        $statement = $this->connection->prepare(
+            'DELETE FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ?'
+        );
+        $statement->execute(array($this->user, '/' . $path));
+        $statement->closeCursor();
+
+        unset($this->cache[$path]);
+    }
+
+    /**
+     * This method is called after a successful MOVE
+     *
+     * @param string $source
+     * @param string $destination
+     *
+     * @return void
+     */
+    public function move($source, $destination) {
+        $statement = $this->connection->prepare(
+            'UPDATE `*PREFIX*properties` SET `propertypath` = ?' .
+            ' WHERE `userid` = ? AND `propertypath` = ?'
+        );
+        $statement->execute(array('/' . $destination, $this->user, '/' . $source));
+        $statement->closeCursor();
+    }
+
+    /**
+     * Returns a list of properties for this nodes.;
+     * @param Node $node
+     * @param array $requestedProperties requested properties or empty array for "all"
+     * @return array
+     * @note The properties list is a list of propertynames the client
+     * requested, encoded as xmlnamespace#tagName, for example:
+     * http://www.example.org/namespace#author If the array is empty, all
+     * properties should be returned
+     */
+    private function getProperties(Node $node, array $requestedProperties) {
+        $path = $node->getPath();
+        if (isset($this->cache[$path])) {
+            return $this->cache[$path];
+        }
+
+        // TODO: chunking if more than 1000 properties
+        $sql = 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ?';
+
+        $whereValues = array($this->user, $path);
+        $whereTypes = array(null, null);
+
+        if (!empty($requestedProperties)) {
+            // request only a subset
+            $sql .= ' AND `propertyname` in (?)';
+            $whereValues[] = $requestedProperties;
+            $whereTypes[] = \Doctrine\DBAL\Connection::PARAM_STR_ARRAY;
+        }
+
+        $result = $this->connection->executeQuery(
+            $sql,
+            $whereValues,
+            $whereTypes
+        );
+
+        $props = [];
+        while ($row = $result->fetch()) {
+            $props[$row['propertyname']] = $row['propertyvalue'];
+        }
+
+        $result->closeCursor();
+
+        $this->cache[$path] = $props;
+        return $props;
+    }
+
+    /**
+     * Update properties
+     *
+     * @param Node $node node for which to update properties
+     * @param array $properties array of properties to update
+     *
+     * @return bool
+     */
+    private function updateProperties($node, $properties) {
+        $path = $node->getPath();
+
+        $deleteStatement = 'DELETE FROM `*PREFIX*properties`' .
+            ' WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?';
+
+        $insertStatement = 'INSERT INTO `*PREFIX*properties`' .
+            ' (`userid`,`propertypath`,`propertyname`,`propertyvalue`) VALUES(?,?,?,?)';
+
+        $updateStatement = 'UPDATE `*PREFIX*properties` SET `propertyvalue` = ?' .
+            ' WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?';
+
+        // TODO: use "insert or update" strategy ?
+        $existing = $this->getProperties($node, array());
+        $this->connection->beginTransaction();
+        foreach ($properties as $propertyName => $propertyValue) {
+            // If it was null, we need to delete the property
+            if (is_null($propertyValue)) {
+                if (array_key_exists($propertyName, $existing)) {
+                    $this->connection->executeUpdate($deleteStatement,
+                        array(
+                            $this->user,
+                            $path,
+                            $propertyName
+                        )
+                    );
+                }
+            } else {
+                if (!array_key_exists($propertyName, $existing)) {
+                    $this->connection->executeUpdate($insertStatement,
+                        array(
+                            $this->user,
+                            $path,
+                            $propertyName,
+                            $propertyValue
+                        )
+                    );
+                } else {
+                    $this->connection->executeUpdate($updateStatement,
+                        array(
+                            $propertyValue,
+                            $this->user,
+                            $path,
+                            $propertyName
+                        )
+                    );
+                }
+            }
+        }
+
+        $this->connection->commit();
+        unset($this->cache[$path]);
+
+        return true;
+    }
+
+    /**
+     * Bulk load properties for directory children
+     *
+     * @param Directory $node
+     * @param array $requestedProperties requested properties
+     *
+     * @return void
+     */
+    private function loadChildrenProperties(Directory $node, $requestedProperties) {
+        $path = $node->getPath();
+        if (isset($this->cache[$path])) {
+            // we already loaded them at some point
+            return;
+        }
+
+        $childNodes = $node->getChildren();
+        // pre-fill cache
+        foreach ($childNodes as $childNode) {
+            $this->cache[$childNode->getPath()] = [];
+        }
+
+        $sql = 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` LIKE ?';
+        $sql .= ' AND `propertyname` in (?) ORDER BY `propertypath`, `propertyname`';
+
+        $result = $this->connection->executeQuery(
+            $sql,
+            array($this->user, $this->connection->escapeLikeParameter(rtrim($path, '/')) . '/%', $requestedProperties),
+            array(null, null, \Doctrine\DBAL\Connection::PARAM_STR_ARRAY)
+        );
+
+        $oldPath = null;
+        $props = [];
+        while ($row = $result->fetch()) {
+            $path = $row['propertypath'];
+            if ($oldPath !== $path) {
+                // save previously gathered props
+                $this->cache[$oldPath] = $props;
+                $oldPath = $path;
+                // prepare props for next path
+                $props = [];
+            }
+            $props[$row['propertyname']] = $row['propertyvalue'];
+        }
+        if (!is_null($oldPath)) {
+            // save props from last run
+            $this->cache[$oldPath] = $props;
+        }
+
+        $result->closeCursor();
+    }
 
 }

apps/dav/lib/DAV/SystemPrincipalBackend.php

Doc Comments +1 added lines, -1 removed lines

@@ -132,7 +132,7 @@
 	 * Returns the list of members for a group-principal
 	 *
 	 * @param string $principal
-	 * @return array
+	 * @return string[]
 	 */
 	function getGroupMemberSet($principal) {
 		// TODO: for now the group principal has only one member, the user itself

Indentation +161 added lines, -161 removed lines

@@ -27,165 +27,165 @@
 
 class SystemPrincipalBackend extends AbstractBackend {
 
-	/**
-	 * Returns a list of principals based on a prefix.
-	 *
-	 * This prefix will often contain something like 'principals'. You are only
-	 * expected to return principals that are in this base path.
-	 *
-	 * You are expected to return at least a 'uri' for every user, you can
-	 * return any additional properties if you wish so. Common properties are:
-	 *   {DAV:}displayname
-	 *   {http://sabredav.org/ns}email-address - This is a custom SabreDAV
-	 *     field that's actually injected in a number of other properties. If
-	 *     you have an email address, use this property.
-	 *
-	 * @param string $prefixPath
-	 * @return array
-	 */
-	function getPrincipalsByPrefix($prefixPath) {
-		$principals = [];
-
-		if ($prefixPath === 'principals/system') {
-			$principals[] = [
-				'uri' => 'principals/system/system',
-				'{DAV:}displayname' => 'system',
-			];
-			$principals[] = [
-				'uri' => 'principals/system/public',
-				'{DAV:}displayname' => 'public',
-			];
-		}
-
-		return $principals;
-	}
-
-	/**
-	 * Returns a specific principal, specified by it's path.
-	 * The returned structure should be the exact same as from
-	 * getPrincipalsByPrefix.
-	 *
-	 * @param string $path
-	 * @return array
-	 */
-	function getPrincipalByPath($path) {
-
-		if ($path === 'principals/system/system') {
-			$principal = [
-				'uri' => 'principals/system/system',
-				'{DAV:}displayname' => 'system',
-			];
-			return $principal;
-		}
-		if ($path === 'principals/system/public') {
-			$principal = [
-				'uri' => 'principals/system/public',
-				'{DAV:}displayname' => 'public',
-			];
-			return $principal;
-		}
-
-		return null;
-	}
-
-	/**
-	 * Updates one ore more webdav properties on a principal.
-	 *
-	 * The list of mutations is stored in a Sabre\DAV\PropPatch object.
-	 * To do the actual updates, you must tell this object which properties
-	 * you're going to process with the handle() method.
-	 *
-	 * Calling the handle method is like telling the PropPatch object "I
-	 * promise I can handle updating this property".
-	 *
-	 * Read the PropPatch documentation for more info and examples.
-	 *
-	 * @param string $path
-	 * @param \Sabre\DAV\PropPatch $propPatch
-	 * @return void
-	 */
-	function updatePrincipal($path, \Sabre\DAV\PropPatch $propPatch) {
-	}
-
-	/**
-	 * This method is used to search for principals matching a set of
-	 * properties.
-	 *
-	 * This search is specifically used by RFC3744's principal-property-search
-	 * REPORT.
-	 *
-	 * The actual search should be a unicode-non-case-sensitive search. The
-	 * keys in searchProperties are the WebDAV property names, while the values
-	 * are the property values to search on.
-	 *
-	 * By default, if multiple properties are submitted to this method, the
-	 * various properties should be combined with 'AND'. If $test is set to
-	 * 'anyof', it should be combined using 'OR'.
-	 *
-	 * This method should simply return an array with full principal uri's.
-	 *
-	 * If somebody attempted to search on a property the backend does not
-	 * support, you should simply return 0 results.
-	 *
-	 * You can also just return 0 results if you choose to not support
-	 * searching at all, but keep in mind that this may stop certain features
-	 * from working.
-	 *
-	 * @param string $prefixPath
-	 * @param array $searchProperties
-	 * @param string $test
-	 * @return array
-	 */
-	function searchPrincipals($prefixPath, array $searchProperties, $test = 'allof') {
-		return [];
-	}
-
-	/**
-	 * Returns the list of members for a group-principal
-	 *
-	 * @param string $principal
-	 * @return array
-	 */
-	function getGroupMemberSet($principal) {
-		// TODO: for now the group principal has only one member, the user itself
-		$principal = $this->getPrincipalByPath($principal);
-		if (!$principal) {
-			throw new \Sabre\DAV\Exception('Principal not found');
-		}
-
-		return [$principal['uri']];
-	}
-
-	/**
-	 * Returns the list of groups a principal is a member of
-	 *
-	 * @param string $principal
-	 * @return array
-	 */
-	function getGroupMembership($principal) {
-		list($prefix, ) = \Sabre\Uri\split($principal);
-
-		if ($prefix === 'principals/system') {
-			$principal = $this->getPrincipalByPath($principal);
-			if (!$principal) {
-				throw new \Sabre\DAV\Exception('Principal not found');
-			}
-
-			return [];
-		}
-		return [];
-	}
-
-	/**
-	 * Updates the list of group members for a group principal.
-	 *
-	 * The principals should be passed as a list of uri's.
-	 *
-	 * @param string $principal
-	 * @param array $members
-	 * @return void
-	 */
-	function setGroupMemberSet($principal, array $members) {
-		throw new \Sabre\DAV\Exception('Setting members of the group is not supported yet');
-	}
+    /**
+     * Returns a list of principals based on a prefix.
+     *
+     * This prefix will often contain something like 'principals'. You are only
+     * expected to return principals that are in this base path.
+     *
+     * You are expected to return at least a 'uri' for every user, you can
+     * return any additional properties if you wish so. Common properties are:
+     *   {DAV:}displayname
+     *   {http://sabredav.org/ns}email-address - This is a custom SabreDAV
+     *     field that's actually injected in a number of other properties. If
+     *     you have an email address, use this property.
+     *
+     * @param string $prefixPath
+     * @return array
+     */
+    function getPrincipalsByPrefix($prefixPath) {
+        $principals = [];
+
+        if ($prefixPath === 'principals/system') {
+            $principals[] = [
+                'uri' => 'principals/system/system',
+                '{DAV:}displayname' => 'system',
+            ];
+            $principals[] = [
+                'uri' => 'principals/system/public',
+                '{DAV:}displayname' => 'public',
+            ];
+        }
+
+        return $principals;
+    }
+
+    /**
+     * Returns a specific principal, specified by it's path.
+     * The returned structure should be the exact same as from
+     * getPrincipalsByPrefix.
+     *
+     * @param string $path
+     * @return array
+     */
+    function getPrincipalByPath($path) {
+
+        if ($path === 'principals/system/system') {
+            $principal = [
+                'uri' => 'principals/system/system',
+                '{DAV:}displayname' => 'system',
+            ];
+            return $principal;
+        }
+        if ($path === 'principals/system/public') {
+            $principal = [
+                'uri' => 'principals/system/public',
+                '{DAV:}displayname' => 'public',
+            ];
+            return $principal;
+        }
+
+        return null;
+    }
+
+    /**
+     * Updates one ore more webdav properties on a principal.
+     *
+     * The list of mutations is stored in a Sabre\DAV\PropPatch object.
+     * To do the actual updates, you must tell this object which properties
+     * you're going to process with the handle() method.
+     *
+     * Calling the handle method is like telling the PropPatch object "I
+     * promise I can handle updating this property".
+     *
+     * Read the PropPatch documentation for more info and examples.
+     *
+     * @param string $path
+     * @param \Sabre\DAV\PropPatch $propPatch
+     * @return void
+     */
+    function updatePrincipal($path, \Sabre\DAV\PropPatch $propPatch) {
+    }
+
+    /**
+     * This method is used to search for principals matching a set of
+     * properties.
+     *
+     * This search is specifically used by RFC3744's principal-property-search
+     * REPORT.
+     *
+     * The actual search should be a unicode-non-case-sensitive search. The
+     * keys in searchProperties are the WebDAV property names, while the values
+     * are the property values to search on.
+     *
+     * By default, if multiple properties are submitted to this method, the
+     * various properties should be combined with 'AND'. If $test is set to
+     * 'anyof', it should be combined using 'OR'.
+     *
+     * This method should simply return an array with full principal uri's.
+     *
+     * If somebody attempted to search on a property the backend does not
+     * support, you should simply return 0 results.
+     *
+     * You can also just return 0 results if you choose to not support
+     * searching at all, but keep in mind that this may stop certain features
+     * from working.
+     *
+     * @param string $prefixPath
+     * @param array $searchProperties
+     * @param string $test
+     * @return array
+     */
+    function searchPrincipals($prefixPath, array $searchProperties, $test = 'allof') {
+        return [];
+    }
+
+    /**
+     * Returns the list of members for a group-principal
+     *
+     * @param string $principal
+     * @return array
+     */
+    function getGroupMemberSet($principal) {
+        // TODO: for now the group principal has only one member, the user itself
+        $principal = $this->getPrincipalByPath($principal);
+        if (!$principal) {
+            throw new \Sabre\DAV\Exception('Principal not found');
+        }
+
+        return [$principal['uri']];
+    }
+
+    /**
+     * Returns the list of groups a principal is a member of
+     *
+     * @param string $principal
+     * @return array
+     */
+    function getGroupMembership($principal) {
+        list($prefix, ) = \Sabre\Uri\split($principal);
+
+        if ($prefix === 'principals/system') {
+            $principal = $this->getPrincipalByPath($principal);
+            if (!$principal) {
+                throw new \Sabre\DAV\Exception('Principal not found');
+            }
+
+            return [];
+        }
+        return [];
+    }
+
+    /**
+     * Updates the list of group members for a group principal.
+     *
+     * The principals should be passed as a list of uri's.
+     *
+     * @param string $principal
+     * @param array $members
+     * @return void
+     */
+    function setGroupMemberSet($principal, array $members) {
+        throw new \Sabre\DAV\Exception('Setting members of the group is not supported yet');
+    }
 }

apps/encryption/lib/Crypto/Encryption.php

Doc Comments +1 added lines, -1 removed lines

@@ -369,7 +369,7 @@
 	 * @param string $path path to the file which should be updated
 	 * @param string $uid of the user who performs the operation
 	 * @param array $accessList who has access to the file contains the key 'users' and 'public'
-	 * @return boolean
+	 * @return null|boolean
 	 */
 	public function update($path, $uid, array $accessList) {
 

Indentation +554 added lines, -554 removed lines

@@ -43,558 +43,558 @@
 
 class Encryption implements IEncryptionModule {
 
-	const ID = 'OC_DEFAULT_MODULE';
-	const DISPLAY_NAME = 'Default encryption module';
-
-	/**
-	 * @var Crypt
-	 */
-	private $crypt;
-
-	/** @var string */
-	private $cipher;
-
-	/** @var string */
-	private $path;
-
-	/** @var string */
-	private $user;
-
-	/** @var  array */
-	private $owner;
-
-	/** @var string */
-	private $fileKey;
-
-	/** @var string */
-	private $writeCache;
-
-	/** @var KeyManager */
-	private $keyManager;
-
-	/** @var array */
-	private $accessList;
-
-	/** @var boolean */
-	private $isWriteOperation;
-
-	/** @var Util */
-	private $util;
-
-	/** @var  Session */
-	private $session;
-
-	/** @var  ILogger */
-	private $logger;
-
-	/** @var IL10N */
-	private $l;
-
-	/** @var EncryptAll */
-	private $encryptAll;
-
-	/** @var  bool */
-	private $useMasterPassword;
-
-	/** @var DecryptAll  */
-	private $decryptAll;
-
-	/** @var int unencrypted block size if block contains signature */
-	private $unencryptedBlockSizeSigned = 6072;
-
-	/** @var int unencrypted block size */
-	private $unencryptedBlockSize = 6126;
-
-	/** @var int Current version of the file */
-	private $version = 0;
-
-	/** @var array remember encryption signature version */
-	private static $rememberVersion = [];
-
-
-	/**
-	 *
-	 * @param Crypt $crypt
-	 * @param KeyManager $keyManager
-	 * @param Util $util
-	 * @param Session $session
-	 * @param EncryptAll $encryptAll
-	 * @param DecryptAll $decryptAll
-	 * @param ILogger $logger
-	 * @param IL10N $il10n
-	 */
-	public function __construct(Crypt $crypt,
-								KeyManager $keyManager,
-								Util $util,
-								Session $session,
-								EncryptAll $encryptAll,
-								DecryptAll $decryptAll,
-								ILogger $logger,
-								IL10N $il10n) {
-		$this->crypt = $crypt;
-		$this->keyManager = $keyManager;
-		$this->util = $util;
-		$this->session = $session;
-		$this->encryptAll = $encryptAll;
-		$this->decryptAll = $decryptAll;
-		$this->logger = $logger;
-		$this->l = $il10n;
-		$this->owner = [];
-		$this->useMasterPassword = $util->isMasterKeyEnabled();
-	}
-
-	/**
-	 * @return string defining the technical unique id
-	 */
-	public function getId() {
-		return self::ID;
-	}
-
-	/**
-	 * In comparison to getKey() this function returns a human readable (maybe translated) name
-	 *
-	 * @return string
-	 */
-	public function getDisplayName() {
-		return self::DISPLAY_NAME;
-	}
-
-	/**
-	 * start receiving chunks from a file. This is the place where you can
-	 * perform some initial step before starting encrypting/decrypting the
-	 * chunks
-	 *
-	 * @param string $path to the file
-	 * @param string $user who read/write the file
-	 * @param string $mode php stream open mode
-	 * @param array $header contains the header data read from the file
-	 * @param array $accessList who has access to the file contains the key 'users' and 'public'
-	 *
-	 * @return array $header contain data as key-value pairs which should be
-	 *                       written to the header, in case of a write operation
-	 *                       or if no additional data is needed return a empty array
-	 */
-	public function begin($path, $user, $mode, array $header, array $accessList) {
-		$this->path = $this->getPathToRealFile($path);
-		$this->accessList = $accessList;
-		$this->user = $user;
-		$this->isWriteOperation = false;
-		$this->writeCache = '';
-
-		if($this->session->isReady() === false) {
-			// if the master key is enabled we can initialize encryption
-			// with a empty password and user name
-			if ($this->util->isMasterKeyEnabled()) {
-				$this->keyManager->init('', '');
-			}
-		}
-
-		if ($this->session->decryptAllModeActivated()) {
-			$encryptedFileKey = $this->keyManager->getEncryptedFileKey($this->path);
-			$shareKey = $this->keyManager->getShareKey($this->path, $this->session->getDecryptAllUid());
-			$this->fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey,
-				$shareKey,
-				$this->session->getDecryptAllKey());
-		} else {
-			$this->fileKey = $this->keyManager->getFileKey($this->path, $this->user);
-		}
-
-		// always use the version from the original file, also part files
-		// need to have a correct version number if they get moved over to the
-		// final location
-		$this->version = (int)$this->keyManager->getVersion($this->stripPartFileExtension($path), new View());
-
-		if (
-			$mode === 'w'
-			|| $mode === 'w+'
-			|| $mode === 'wb'
-			|| $mode === 'wb+'
-		) {
-			$this->isWriteOperation = true;
-			if (empty($this->fileKey)) {
-				$this->fileKey = $this->crypt->generateFileKey();
-			}
-		} else {
-			// if we read a part file we need to increase the version by 1
-			// because the version number was also increased by writing
-			// the part file
-			if(Scanner::isPartialFile($path)) {
-				$this->version = $this->version + 1;
-			}
-		}
-
-		if ($this->isWriteOperation) {
-			$this->cipher = $this->crypt->getCipher();
-		} elseif (isset($header['cipher'])) {
-			$this->cipher = $header['cipher'];
-		} else {
-			// if we read a file without a header we fall-back to the legacy cipher
-			// which was used in <=oC6
-			$this->cipher = $this->crypt->getLegacyCipher();
-		}
-
-		return array('cipher' => $this->cipher, 'signed' => 'true');
-	}
-
-	/**
-	 * last chunk received. This is the place where you can perform some final
-	 * operation and return some remaining data if something is left in your
-	 * buffer.
-	 *
-	 * @param string $path to the file
-	 * @param int $position
-	 * @return string remained data which should be written to the file in case
-	 *                of a write operation
-	 * @throws PublicKeyMissingException
-	 * @throws \Exception
-	 * @throws \OCA\Encryption\Exceptions\MultiKeyEncryptException
-	 */
-	public function end($path, $position = 0) {
-		$result = '';
-		if ($this->isWriteOperation) {
-			$this->keyManager->setVersion($path, $this->version + 1, new View());
-			// in case of a part file we remember the new signature versions
-			// the version will be set later on update.
-			// This way we make sure that other apps listening to the pre-hooks
-			// still get the old version which should be the correct value for them
-			if (Scanner::isPartialFile($path)) {
-				self::$rememberVersion[$this->stripPartFileExtension($path)] = $this->version + 1;
-			}
-			if (!empty($this->writeCache)) {
-				$result = $this->crypt->symmetricEncryptFileContent($this->writeCache, $this->fileKey, $this->version + 1, $position);
-				$this->writeCache = '';
-			}
-			$publicKeys = array();
-			if ($this->useMasterPassword === true) {
-				$publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey();
-			} else {
-				foreach ($this->accessList['users'] as $uid) {
-					try {
-						$publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
-					} catch (PublicKeyMissingException $e) {
-						$this->logger->warning(
-							'no public key found for user "{uid}", user will not be able to read the file',
-							['app' => 'encryption', 'uid' => $uid]
-						);
-						// if the public key of the owner is missing we should fail
-						if ($uid === $this->user) {
-							throw $e;
-						}
-					}
-				}
-			}
-
-			$publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys, $this->getOwner($path));
-			$encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys);
-			$this->keyManager->setAllFileKeys($this->path, $encryptedKeyfiles);
-		}
-		return $result;
-	}
-
-
-
-	/**
-	 * encrypt data
-	 *
-	 * @param string $data you want to encrypt
-	 * @param int $position
-	 * @return string encrypted data
-	 */
-	public function encrypt($data, $position = 0) {
-		// If extra data is left over from the last round, make sure it
-		// is integrated into the next block
-		if ($this->writeCache) {
-
-			// Concat writeCache to start of $data
-			$data = $this->writeCache . $data;
-
-			// Clear the write cache, ready for reuse - it has been
-			// flushed and its old contents processed
-			$this->writeCache = '';
-
-		}
-
-		$encrypted = '';
-		// While there still remains some data to be processed & written
-		while (strlen($data) > 0) {
-
-			// Remaining length for this iteration, not of the
-			// entire file (may be greater than 8192 bytes)
-			$remainingLength = strlen($data);
-
-			// If data remaining to be written is less than the
-			// size of 1 6126 byte block
-			if ($remainingLength < $this->unencryptedBlockSizeSigned) {
-
-				// Set writeCache to contents of $data
-				// The writeCache will be carried over to the
-				// next write round, and added to the start of
-				// $data to ensure that written blocks are
-				// always the correct length. If there is still
-				// data in writeCache after the writing round
-				// has finished, then the data will be written
-				// to disk by $this->flush().
-				$this->writeCache = $data;
-
-				// Clear $data ready for next round
-				$data = '';
-
-			} else {
-
-				// Read the chunk from the start of $data
-				$chunk = substr($data, 0, $this->unencryptedBlockSizeSigned);
-
-				$encrypted .= $this->crypt->symmetricEncryptFileContent($chunk, $this->fileKey, $this->version + 1, $position);
-
-				// Remove the chunk we just processed from
-				// $data, leaving only unprocessed data in $data
-				// var, for handling on the next round
-				$data = substr($data, $this->unencryptedBlockSizeSigned);
-
-			}
-
-		}
-
-		return $encrypted;
-	}
-
-	/**
-	 * decrypt data
-	 *
-	 * @param string $data you want to decrypt
-	 * @param int $position
-	 * @return string decrypted data
-	 * @throws DecryptionFailedException
-	 */
-	public function decrypt($data, $position = 0) {
-		if (empty($this->fileKey)) {
-			$msg = 'Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.';
-			$hint = $this->l->t('Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
-			$this->logger->error($msg);
-
-			throw new DecryptionFailedException($msg, $hint);
-		}
-
-		return $this->crypt->symmetricDecryptFileContent($data, $this->fileKey, $this->cipher, $this->version, $position);
-	}
-
-	/**
-	 * update encrypted file, e.g. give additional users access to the file
-	 *
-	 * @param string $path path to the file which should be updated
-	 * @param string $uid of the user who performs the operation
-	 * @param array $accessList who has access to the file contains the key 'users' and 'public'
-	 * @return boolean
-	 */
-	public function update($path, $uid, array $accessList) {
-
-		if (empty($accessList)) {
-			if (isset(self::$rememberVersion[$path])) {
-				$this->keyManager->setVersion($path, self::$rememberVersion[$path], new View());
-				unset(self::$rememberVersion[$path]);
-			}
-			return;
-		}
-
-		$fileKey = $this->keyManager->getFileKey($path, $uid);
-
-		if (!empty($fileKey)) {
-
-			$publicKeys = array();
-			if ($this->useMasterPassword === true) {
-				$publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey();
-			} else {
-				foreach ($accessList['users'] as $user) {
-					try {
-						$publicKeys[$user] = $this->keyManager->getPublicKey($user);
-					} catch (PublicKeyMissingException $e) {
-						$this->logger->warning('Could not encrypt file for ' . $user . ': ' . $e->getMessage());
-					}
-				}
-			}
-
-			$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $this->getOwner($path));
-
-			$encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
-
-			$this->keyManager->deleteAllFileKeys($path);
-
-			$this->keyManager->setAllFileKeys($path, $encryptedFileKey);
-
-		} else {
-			$this->logger->debug('no file key found, we assume that the file "{file}" is not encrypted',
-				array('file' => $path, 'app' => 'encryption'));
-
-			return false;
-		}
-
-		return true;
-	}
-
-	/**
-	 * should the file be encrypted or not
-	 *
-	 * @param string $path
-	 * @return boolean
-	 */
-	public function shouldEncrypt($path) {
-		if ($this->util->shouldEncryptHomeStorage() === false) {
-			$storage = $this->util->getStorage($path);
-			if ($storage->instanceOfStorage('\OCP\Files\IHomeStorage')) {
-				return false;
-			}
-		}
-		$parts = explode('/', $path);
-		if (count($parts) < 4) {
-			return false;
-		}
-
-		if ($parts[2] === 'files') {
-			return true;
-		}
-		if ($parts[2] === 'files_versions') {
-			return true;
-		}
-		if ($parts[2] === 'files_trashbin') {
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * get size of the unencrypted payload per block.
-	 * Nextcloud read/write files with a block size of 8192 byte
-	 *
-	 * @param bool $signed
-	 * @return int
-	 */
-	public function getUnencryptedBlockSize($signed = false) {
-		if ($signed === false) {
-			return $this->unencryptedBlockSize;
-		}
-
-		return $this->unencryptedBlockSizeSigned;
-	}
-
-	/**
-	 * check if the encryption module is able to read the file,
-	 * e.g. if all encryption keys exists
-	 *
-	 * @param string $path
-	 * @param string $uid user for whom we want to check if he can read the file
-	 * @return bool
-	 * @throws DecryptionFailedException
-	 */
-	public function isReadable($path, $uid) {
-		$fileKey = $this->keyManager->getFileKey($path, $uid);
-		if (empty($fileKey)) {
-			$owner = $this->util->getOwner($path);
-			if ($owner !== $uid) {
-				// if it is a shared file we throw a exception with a useful
-				// error message because in this case it means that the file was
-				// shared with the user at a point where the user didn't had a
-				// valid private/public key
-				$msg = 'Encryption module "' . $this->getDisplayName() .
-					'" is not able to read ' . $path;
-				$hint = $this->l->t('Can not read this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
-				$this->logger->warning($msg);
-				throw new DecryptionFailedException($msg, $hint);
-			}
-			return false;
-		}
-
-		return true;
-	}
-
-	/**
-	 * Initial encryption of all files
-	 *
-	 * @param InputInterface $input
-	 * @param OutputInterface $output write some status information to the terminal during encryption
-	 */
-	public function encryptAll(InputInterface $input, OutputInterface $output) {
-		$this->encryptAll->encryptAll($input, $output);
-	}
-
-	/**
-	 * prepare module to perform decrypt all operation
-	 *
-	 * @param InputInterface $input
-	 * @param OutputInterface $output
-	 * @param string $user
-	 * @return bool
-	 */
-	public function prepareDecryptAll(InputInterface $input, OutputInterface $output, $user = '') {
-		return $this->decryptAll->prepare($input, $output, $user);
-	}
-
-
-	/**
-	 * @param string $path
-	 * @return string
-	 */
-	protected function getPathToRealFile($path) {
-		$realPath = $path;
-		$parts = explode('/', $path);
-		if ($parts[2] === 'files_versions') {
-			$realPath = '/' . $parts[1] . '/files/' . implode('/', array_slice($parts, 3));
-			$length = strrpos($realPath, '.');
-			$realPath = substr($realPath, 0, $length);
-		}
-
-		return $realPath;
-	}
-
-	/**
-	 * remove .part file extension and the ocTransferId from the file to get the
-	 * original file name
-	 *
-	 * @param string $path
-	 * @return string
-	 */
-	protected function stripPartFileExtension($path) {
-		if (pathinfo($path, PATHINFO_EXTENSION) === 'part') {
-			$pos = strrpos($path, '.', -6);
-			$path = substr($path, 0, $pos);
-		}
-
-		return $path;
-	}
-
-	/**
-	 * get owner of a file
-	 *
-	 * @param string $path
-	 * @return string
-	 */
-	protected function getOwner($path) {
-		if (!isset($this->owner[$path])) {
-			$this->owner[$path] = $this->util->getOwner($path);
-		}
-		return $this->owner[$path];
-	}
-
-	/**
-	 * Check if the module is ready to be used by that specific user.
-	 * In case a module is not ready - because e.g. key pairs have not been generated
-	 * upon login this method can return false before any operation starts and might
-	 * cause issues during operations.
-	 *
-	 * @param string $user
-	 * @return boolean
-	 * @since 9.1.0
-	 */
-	public function isReadyForUser($user) {
-		return $this->keyManager->userHasKeys($user);
-	}
-
-	/**
-	 * We only need a detailed access list if the master key is not enabled
-	 *
-	 * @return bool
-	 */
-	public function needDetailedAccessList() {
-		return !$this->util->isMasterKeyEnabled();
-	}
+    const ID = 'OC_DEFAULT_MODULE';
+    const DISPLAY_NAME = 'Default encryption module';
+
+    /**
+     * @var Crypt
+     */
+    private $crypt;
+
+    /** @var string */
+    private $cipher;
+
+    /** @var string */
+    private $path;
+
+    /** @var string */
+    private $user;
+
+    /** @var  array */
+    private $owner;
+
+    /** @var string */
+    private $fileKey;
+
+    /** @var string */
+    private $writeCache;
+
+    /** @var KeyManager */
+    private $keyManager;
+
+    /** @var array */
+    private $accessList;
+
+    /** @var boolean */
+    private $isWriteOperation;
+
+    /** @var Util */
+    private $util;
+
+    /** @var  Session */
+    private $session;
+
+    /** @var  ILogger */
+    private $logger;
+
+    /** @var IL10N */
+    private $l;
+
+    /** @var EncryptAll */
+    private $encryptAll;
+
+    /** @var  bool */
+    private $useMasterPassword;
+
+    /** @var DecryptAll  */
+    private $decryptAll;
+
+    /** @var int unencrypted block size if block contains signature */
+    private $unencryptedBlockSizeSigned = 6072;
+
+    /** @var int unencrypted block size */
+    private $unencryptedBlockSize = 6126;
+
+    /** @var int Current version of the file */
+    private $version = 0;
+
+    /** @var array remember encryption signature version */
+    private static $rememberVersion = [];
+
+
+    /**
+     *
+     * @param Crypt $crypt
+     * @param KeyManager $keyManager
+     * @param Util $util
+     * @param Session $session
+     * @param EncryptAll $encryptAll
+     * @param DecryptAll $decryptAll
+     * @param ILogger $logger
+     * @param IL10N $il10n
+     */
+    public function __construct(Crypt $crypt,
+                                KeyManager $keyManager,
+                                Util $util,
+                                Session $session,
+                                EncryptAll $encryptAll,
+                                DecryptAll $decryptAll,
+                                ILogger $logger,
+                                IL10N $il10n) {
+        $this->crypt = $crypt;
+        $this->keyManager = $keyManager;
+        $this->util = $util;
+        $this->session = $session;
+        $this->encryptAll = $encryptAll;
+        $this->decryptAll = $decryptAll;
+        $this->logger = $logger;
+        $this->l = $il10n;
+        $this->owner = [];
+        $this->useMasterPassword = $util->isMasterKeyEnabled();
+    }
+
+    /**
+     * @return string defining the technical unique id
+     */
+    public function getId() {
+        return self::ID;
+    }
+
+    /**
+     * In comparison to getKey() this function returns a human readable (maybe translated) name
+     *
+     * @return string
+     */
+    public function getDisplayName() {
+        return self::DISPLAY_NAME;
+    }
+
+    /**
+     * start receiving chunks from a file. This is the place where you can
+     * perform some initial step before starting encrypting/decrypting the
+     * chunks
+     *
+     * @param string $path to the file
+     * @param string $user who read/write the file
+     * @param string $mode php stream open mode
+     * @param array $header contains the header data read from the file
+     * @param array $accessList who has access to the file contains the key 'users' and 'public'
+     *
+     * @return array $header contain data as key-value pairs which should be
+     *                       written to the header, in case of a write operation
+     *                       or if no additional data is needed return a empty array
+     */
+    public function begin($path, $user, $mode, array $header, array $accessList) {
+        $this->path = $this->getPathToRealFile($path);
+        $this->accessList = $accessList;
+        $this->user = $user;
+        $this->isWriteOperation = false;
+        $this->writeCache = '';
+
+        if($this->session->isReady() === false) {
+            // if the master key is enabled we can initialize encryption
+            // with a empty password and user name
+            if ($this->util->isMasterKeyEnabled()) {
+                $this->keyManager->init('', '');
+            }
+        }
+
+        if ($this->session->decryptAllModeActivated()) {
+            $encryptedFileKey = $this->keyManager->getEncryptedFileKey($this->path);
+            $shareKey = $this->keyManager->getShareKey($this->path, $this->session->getDecryptAllUid());
+            $this->fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey,
+                $shareKey,
+                $this->session->getDecryptAllKey());
+        } else {
+            $this->fileKey = $this->keyManager->getFileKey($this->path, $this->user);
+        }
+
+        // always use the version from the original file, also part files
+        // need to have a correct version number if they get moved over to the
+        // final location
+        $this->version = (int)$this->keyManager->getVersion($this->stripPartFileExtension($path), new View());
+
+        if (
+            $mode === 'w'
+            || $mode === 'w+'
+            || $mode === 'wb'
+            || $mode === 'wb+'
+        ) {
+            $this->isWriteOperation = true;
+            if (empty($this->fileKey)) {
+                $this->fileKey = $this->crypt->generateFileKey();
+            }
+        } else {
+            // if we read a part file we need to increase the version by 1
+            // because the version number was also increased by writing
+            // the part file
+            if(Scanner::isPartialFile($path)) {
+                $this->version = $this->version + 1;
+            }
+        }
+
+        if ($this->isWriteOperation) {
+            $this->cipher = $this->crypt->getCipher();
+        } elseif (isset($header['cipher'])) {
+            $this->cipher = $header['cipher'];
+        } else {
+            // if we read a file without a header we fall-back to the legacy cipher
+            // which was used in <=oC6
+            $this->cipher = $this->crypt->getLegacyCipher();
+        }
+
+        return array('cipher' => $this->cipher, 'signed' => 'true');
+    }
+
+    /**
+     * last chunk received. This is the place where you can perform some final
+     * operation and return some remaining data if something is left in your
+     * buffer.
+     *
+     * @param string $path to the file
+     * @param int $position
+     * @return string remained data which should be written to the file in case
+     *                of a write operation
+     * @throws PublicKeyMissingException
+     * @throws \Exception
+     * @throws \OCA\Encryption\Exceptions\MultiKeyEncryptException
+     */
+    public function end($path, $position = 0) {
+        $result = '';
+        if ($this->isWriteOperation) {
+            $this->keyManager->setVersion($path, $this->version + 1, new View());
+            // in case of a part file we remember the new signature versions
+            // the version will be set later on update.
+            // This way we make sure that other apps listening to the pre-hooks
+            // still get the old version which should be the correct value for them
+            if (Scanner::isPartialFile($path)) {
+                self::$rememberVersion[$this->stripPartFileExtension($path)] = $this->version + 1;
+            }
+            if (!empty($this->writeCache)) {
+                $result = $this->crypt->symmetricEncryptFileContent($this->writeCache, $this->fileKey, $this->version + 1, $position);
+                $this->writeCache = '';
+            }
+            $publicKeys = array();
+            if ($this->useMasterPassword === true) {
+                $publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey();
+            } else {
+                foreach ($this->accessList['users'] as $uid) {
+                    try {
+                        $publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
+                    } catch (PublicKeyMissingException $e) {
+                        $this->logger->warning(
+                            'no public key found for user "{uid}", user will not be able to read the file',
+                            ['app' => 'encryption', 'uid' => $uid]
+                        );
+                        // if the public key of the owner is missing we should fail
+                        if ($uid === $this->user) {
+                            throw $e;
+                        }
+                    }
+                }
+            }
+
+            $publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys, $this->getOwner($path));
+            $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys);
+            $this->keyManager->setAllFileKeys($this->path, $encryptedKeyfiles);
+        }
+        return $result;
+    }
+
+
+
+    /**
+     * encrypt data
+     *
+     * @param string $data you want to encrypt
+     * @param int $position
+     * @return string encrypted data
+     */
+    public function encrypt($data, $position = 0) {
+        // If extra data is left over from the last round, make sure it
+        // is integrated into the next block
+        if ($this->writeCache) {
+
+            // Concat writeCache to start of $data
+            $data = $this->writeCache . $data;
+
+            // Clear the write cache, ready for reuse - it has been
+            // flushed and its old contents processed
+            $this->writeCache = '';
+
+        }
+
+        $encrypted = '';
+        // While there still remains some data to be processed & written
+        while (strlen($data) > 0) {
+
+            // Remaining length for this iteration, not of the
+            // entire file (may be greater than 8192 bytes)
+            $remainingLength = strlen($data);
+
+            // If data remaining to be written is less than the
+            // size of 1 6126 byte block
+            if ($remainingLength < $this->unencryptedBlockSizeSigned) {
+
+                // Set writeCache to contents of $data
+                // The writeCache will be carried over to the
+                // next write round, and added to the start of
+                // $data to ensure that written blocks are
+                // always the correct length. If there is still
+                // data in writeCache after the writing round
+                // has finished, then the data will be written
+                // to disk by $this->flush().
+                $this->writeCache = $data;
+
+                // Clear $data ready for next round
+                $data = '';
+
+            } else {
+
+                // Read the chunk from the start of $data
+                $chunk = substr($data, 0, $this->unencryptedBlockSizeSigned);
+
+                $encrypted .= $this->crypt->symmetricEncryptFileContent($chunk, $this->fileKey, $this->version + 1, $position);
+
+                // Remove the chunk we just processed from
+                // $data, leaving only unprocessed data in $data
+                // var, for handling on the next round
+                $data = substr($data, $this->unencryptedBlockSizeSigned);
+
+            }
+
+        }
+
+        return $encrypted;
+    }
+
+    /**
+     * decrypt data
+     *
+     * @param string $data you want to decrypt
+     * @param int $position
+     * @return string decrypted data
+     * @throws DecryptionFailedException
+     */
+    public function decrypt($data, $position = 0) {
+        if (empty($this->fileKey)) {
+            $msg = 'Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.';
+            $hint = $this->l->t('Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
+            $this->logger->error($msg);
+
+            throw new DecryptionFailedException($msg, $hint);
+        }
+
+        return $this->crypt->symmetricDecryptFileContent($data, $this->fileKey, $this->cipher, $this->version, $position);
+    }
+
+    /**
+     * update encrypted file, e.g. give additional users access to the file
+     *
+     * @param string $path path to the file which should be updated
+     * @param string $uid of the user who performs the operation
+     * @param array $accessList who has access to the file contains the key 'users' and 'public'
+     * @return boolean
+     */
+    public function update($path, $uid, array $accessList) {
+
+        if (empty($accessList)) {
+            if (isset(self::$rememberVersion[$path])) {
+                $this->keyManager->setVersion($path, self::$rememberVersion[$path], new View());
+                unset(self::$rememberVersion[$path]);
+            }
+            return;
+        }
+
+        $fileKey = $this->keyManager->getFileKey($path, $uid);
+
+        if (!empty($fileKey)) {
+
+            $publicKeys = array();
+            if ($this->useMasterPassword === true) {
+                $publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey();
+            } else {
+                foreach ($accessList['users'] as $user) {
+                    try {
+                        $publicKeys[$user] = $this->keyManager->getPublicKey($user);
+                    } catch (PublicKeyMissingException $e) {
+                        $this->logger->warning('Could not encrypt file for ' . $user . ': ' . $e->getMessage());
+                    }
+                }
+            }
+
+            $publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $this->getOwner($path));
+
+            $encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
+
+            $this->keyManager->deleteAllFileKeys($path);
+
+            $this->keyManager->setAllFileKeys($path, $encryptedFileKey);
+
+        } else {
+            $this->logger->debug('no file key found, we assume that the file "{file}" is not encrypted',
+                array('file' => $path, 'app' => 'encryption'));
+
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * should the file be encrypted or not
+     *
+     * @param string $path
+     * @return boolean
+     */
+    public function shouldEncrypt($path) {
+        if ($this->util->shouldEncryptHomeStorage() === false) {
+            $storage = $this->util->getStorage($path);
+            if ($storage->instanceOfStorage('\OCP\Files\IHomeStorage')) {
+                return false;
+            }
+        }
+        $parts = explode('/', $path);
+        if (count($parts) < 4) {
+            return false;
+        }
+
+        if ($parts[2] === 'files') {
+            return true;
+        }
+        if ($parts[2] === 'files_versions') {
+            return true;
+        }
+        if ($parts[2] === 'files_trashbin') {
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * get size of the unencrypted payload per block.
+     * Nextcloud read/write files with a block size of 8192 byte
+     *
+     * @param bool $signed
+     * @return int
+     */
+    public function getUnencryptedBlockSize($signed = false) {
+        if ($signed === false) {
+            return $this->unencryptedBlockSize;
+        }
+
+        return $this->unencryptedBlockSizeSigned;
+    }
+
+    /**
+     * check if the encryption module is able to read the file,
+     * e.g. if all encryption keys exists
+     *
+     * @param string $path
+     * @param string $uid user for whom we want to check if he can read the file
+     * @return bool
+     * @throws DecryptionFailedException
+     */
+    public function isReadable($path, $uid) {
+        $fileKey = $this->keyManager->getFileKey($path, $uid);
+        if (empty($fileKey)) {
+            $owner = $this->util->getOwner($path);
+            if ($owner !== $uid) {
+                // if it is a shared file we throw a exception with a useful
+                // error message because in this case it means that the file was
+                // shared with the user at a point where the user didn't had a
+                // valid private/public key
+                $msg = 'Encryption module "' . $this->getDisplayName() .
+                    '" is not able to read ' . $path;
+                $hint = $this->l->t('Can not read this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
+                $this->logger->warning($msg);
+                throw new DecryptionFailedException($msg, $hint);
+            }
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * Initial encryption of all files
+     *
+     * @param InputInterface $input
+     * @param OutputInterface $output write some status information to the terminal during encryption
+     */
+    public function encryptAll(InputInterface $input, OutputInterface $output) {
+        $this->encryptAll->encryptAll($input, $output);
+    }
+
+    /**
+     * prepare module to perform decrypt all operation
+     *
+     * @param InputInterface $input
+     * @param OutputInterface $output
+     * @param string $user
+     * @return bool
+     */
+    public function prepareDecryptAll(InputInterface $input, OutputInterface $output, $user = '') {
+        return $this->decryptAll->prepare($input, $output, $user);
+    }
+
+
+    /**
+     * @param string $path
+     * @return string
+     */
+    protected function getPathToRealFile($path) {
+        $realPath = $path;
+        $parts = explode('/', $path);
+        if ($parts[2] === 'files_versions') {
+            $realPath = '/' . $parts[1] . '/files/' . implode('/', array_slice($parts, 3));
+            $length = strrpos($realPath, '.');
+            $realPath = substr($realPath, 0, $length);
+        }
+
+        return $realPath;
+    }
+
+    /**
+     * remove .part file extension and the ocTransferId from the file to get the
+     * original file name
+     *
+     * @param string $path
+     * @return string
+     */
+    protected function stripPartFileExtension($path) {
+        if (pathinfo($path, PATHINFO_EXTENSION) === 'part') {
+            $pos = strrpos($path, '.', -6);
+            $path = substr($path, 0, $pos);
+        }
+
+        return $path;
+    }
+
+    /**
+     * get owner of a file
+     *
+     * @param string $path
+     * @return string
+     */
+    protected function getOwner($path) {
+        if (!isset($this->owner[$path])) {
+            $this->owner[$path] = $this->util->getOwner($path);
+        }
+        return $this->owner[$path];
+    }
+
+    /**
+     * Check if the module is ready to be used by that specific user.
+     * In case a module is not ready - because e.g. key pairs have not been generated
+     * upon login this method can return false before any operation starts and might
+     * cause issues during operations.
+     *
+     * @param string $user
+     * @return boolean
+     * @since 9.1.0
+     */
+    public function isReadyForUser($user) {
+        return $this->keyManager->userHasKeys($user);
+    }
+
+    /**
+     * We only need a detailed access list if the master key is not enabled
+     *
+     * @return bool
+     */
+    public function needDetailedAccessList() {
+        return !$this->util->isMasterKeyEnabled();
+    }
 }

apps/encryption/lib/KeyManager.php

Doc Comments +1 added lines, -1 removed lines

@@ -488,7 +488,7 @@
 
 
 	/**
-	 * @param $path
+	 * @param string $path
 	 * @param $uid
 	 * @return mixed
 	 */

Indentation +681 added lines, -681 removed lines

@@ -40,685 +40,685 @@
 
 class KeyManager {
 
-	/**
-	 * @var Session
-	 */
-	protected $session;
-	/**
-	 * @var IStorage
-	 */
-	private $keyStorage;
-	/**
-	 * @var Crypt
-	 */
-	private $crypt;
-	/**
-	 * @var string
-	 */
-	private $recoveryKeyId;
-	/**
-	 * @var string
-	 */
-	private $publicShareKeyId;
-	/**
-	 * @var string
-	 */
-	private $masterKeyId;
-	/**
-	 * @var string UserID
-	 */
-	private $keyId;
-	/**
-	 * @var string
-	 */
-	private $publicKeyId = 'publicKey';
-	/**
-	 * @var string
-	 */
-	private $privateKeyId = 'privateKey';
-
-	/**
-	 * @var string
-	 */
-	private $shareKeyId = 'shareKey';
-
-	/**
-	 * @var string
-	 */
-	private $fileKeyId = 'fileKey';
-	/**
-	 * @var IConfig
-	 */
-	private $config;
-	/**
-	 * @var ILogger
-	 */
-	private $log;
-	/**
-	 * @var Util
-	 */
-	private $util;
-
-	/**
-	 * @param IStorage $keyStorage
-	 * @param Crypt $crypt
-	 * @param IConfig $config
-	 * @param IUserSession $userSession
-	 * @param Session $session
-	 * @param ILogger $log
-	 * @param Util $util
-	 */
-	public function __construct(
-		IStorage $keyStorage,
-		Crypt $crypt,
-		IConfig $config,
-		IUserSession $userSession,
-		Session $session,
-		ILogger $log,
-		Util $util
-	) {
-
-		$this->util = $util;
-		$this->session = $session;
-		$this->keyStorage = $keyStorage;
-		$this->crypt = $crypt;
-		$this->config = $config;
-		$this->log = $log;
-
-		$this->recoveryKeyId = $this->config->getAppValue('encryption',
-			'recoveryKeyId');
-		if (empty($this->recoveryKeyId)) {
-			$this->recoveryKeyId = 'recoveryKey_' . substr(md5(time()), 0, 8);
-			$this->config->setAppValue('encryption',
-				'recoveryKeyId',
-				$this->recoveryKeyId);
-		}
-
-		$this->publicShareKeyId = $this->config->getAppValue('encryption',
-			'publicShareKeyId');
-		if (empty($this->publicShareKeyId)) {
-			$this->publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
-			$this->config->setAppValue('encryption', 'publicShareKeyId', $this->publicShareKeyId);
-		}
-
-		$this->masterKeyId = $this->config->getAppValue('encryption',
-			'masterKeyId');
-		if (empty($this->masterKeyId)) {
-			$this->masterKeyId = 'master_' . substr(md5(time()), 0, 8);
-			$this->config->setAppValue('encryption', 'masterKeyId', $this->masterKeyId);
-		}
-
-		$this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false;
-		$this->log = $log;
-	}
-
-	/**
-	 * check if key pair for public link shares exists, if not we create one
-	 */
-	public function validateShareKey() {
-		$shareKey = $this->getPublicShareKey();
-		if (empty($shareKey)) {
-			$keyPair = $this->crypt->createKeyPair();
-
-			// Save public key
-			$this->keyStorage->setSystemUserKey(
-				$this->publicShareKeyId . '.publicKey', $keyPair['publicKey'],
-				Encryption::ID);
-
-			// Encrypt private key empty passphrase
-			$encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], '');
-			$header = $this->crypt->generateHeader();
-			$this->setSystemPrivateKey($this->publicShareKeyId, $header . $encryptedKey);
-		}
-	}
-
-	/**
-	 * check if a key pair for the master key exists, if not we create one
-	 */
-	public function validateMasterKey() {
-
-		if ($this->util->isMasterKeyEnabled() === false) {
-			return;
-		}
-
-		$publicMasterKey = $this->getPublicMasterKey();
-		if (empty($publicMasterKey)) {
-			$keyPair = $this->crypt->createKeyPair();
-
-			// Save public key
-			$this->keyStorage->setSystemUserKey(
-				$this->masterKeyId . '.publicKey', $keyPair['publicKey'],
-				Encryption::ID);
-
-			// Encrypt private key with system password
-			$encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $this->getMasterKeyPassword(), $this->masterKeyId);
-			$header = $this->crypt->generateHeader();
-			$this->setSystemPrivateKey($this->masterKeyId, $header . $encryptedKey);
-		}
-
-		if (!$this->session->isPrivateKeySet()) {
-			$masterKey = $this->getSystemPrivateKey($this->masterKeyId);
-			$decryptedMasterKey = $this->crypt->decryptPrivateKey($masterKey, $this->getMasterKeyPassword(), $this->masterKeyId);
-			$this->session->setPrivateKey($decryptedMasterKey);
-		}
-
-		// after the encryption key is available we are ready to go
-		$this->session->setStatus(Session::INIT_SUCCESSFUL);
-	}
-
-	/**
-	 * @return bool
-	 */
-	public function recoveryKeyExists() {
-		$key = $this->getRecoveryKey();
-		return !empty($key);
-	}
-
-	/**
-	 * get recovery key
-	 *
-	 * @return string
-	 */
-	public function getRecoveryKey() {
-		return $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey', Encryption::ID);
-	}
-
-	/**
-	 * get recovery key ID
-	 *
-	 * @return string
-	 */
-	public function getRecoveryKeyId() {
-		return $this->recoveryKeyId;
-	}
-
-	/**
-	 * @param string $password
-	 * @return bool
-	 */
-	public function checkRecoveryPassword($password) {
-		$recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.privateKey', Encryption::ID);
-		$decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey, $password);
-
-		if ($decryptedRecoveryKey) {
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * @param string $uid
-	 * @param string $password
-	 * @param string $keyPair
-	 * @return bool
-	 */
-	public function storeKeyPair($uid, $password, $keyPair) {
-		// Save Public Key
-		$this->setPublicKey($uid, $keyPair['publicKey']);
-
-		$encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $password, $uid);
-
-		$header = $this->crypt->generateHeader();
-
-		if ($encryptedKey) {
-			$this->setPrivateKey($uid, $header . $encryptedKey);
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * @param string $password
-	 * @param array $keyPair
-	 * @return bool
-	 */
-	public function setRecoveryKey($password, $keyPair) {
-		// Save Public Key
-		$this->keyStorage->setSystemUserKey($this->getRecoveryKeyId().
-			'.publicKey',
-			$keyPair['publicKey'],
-			Encryption::ID);
-
-		$encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $password);
-		$header = $this->crypt->generateHeader();
-
-		if ($encryptedKey) {
-			$this->setSystemPrivateKey($this->getRecoveryKeyId(), $header . $encryptedKey);
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * @param $userId
-	 * @param $key
-	 * @return bool
-	 */
-	public function setPublicKey($userId, $key) {
-		return $this->keyStorage->setUserKey($userId, $this->publicKeyId, $key, Encryption::ID);
-	}
-
-	/**
-	 * @param $userId
-	 * @param string $key
-	 * @return bool
-	 */
-	public function setPrivateKey($userId, $key) {
-		return $this->keyStorage->setUserKey($userId,
-			$this->privateKeyId,
-			$key,
-			Encryption::ID);
-	}
-
-	/**
-	 * write file key to key storage
-	 *
-	 * @param string $path
-	 * @param string $key
-	 * @return boolean
-	 */
-	public function setFileKey($path, $key) {
-		return $this->keyStorage->setFileKey($path, $this->fileKeyId, $key, Encryption::ID);
-	}
-
-	/**
-	 * set all file keys (the file key and the corresponding share keys)
-	 *
-	 * @param string $path
-	 * @param array $keys
-	 */
-	public function setAllFileKeys($path, $keys) {
-		$this->setFileKey($path, $keys['data']);
-		foreach ($keys['keys'] as $uid => $keyFile) {
-			$this->setShareKey($path, $uid, $keyFile);
-		}
-	}
-
-	/**
-	 * write share key to the key storage
-	 *
-	 * @param string $path
-	 * @param string $uid
-	 * @param string $key
-	 * @return boolean
-	 */
-	public function setShareKey($path, $uid, $key) {
-		$keyId = $uid . '.' . $this->shareKeyId;
-		return $this->keyStorage->setFileKey($path, $keyId, $key, Encryption::ID);
-	}
-
-	/**
-	 * Decrypt private key and store it
-	 *
-	 * @param string $uid user id
-	 * @param string $passPhrase users password
-	 * @return boolean
-	 */
-	public function init($uid, $passPhrase) {
-
-		$this->session->setStatus(Session::INIT_EXECUTED);
-
-		try {
-			if($this->util->isMasterKeyEnabled()) {
-				$uid = $this->getMasterKeyId();
-				$passPhrase = $this->getMasterKeyPassword();
-				$privateKey = $this->getSystemPrivateKey($uid);
-			} else {
-				$privateKey = $this->getPrivateKey($uid);
-			}
-			$privateKey = $this->crypt->decryptPrivateKey($privateKey, $passPhrase, $uid);
-		} catch (PrivateKeyMissingException $e) {
-			return false;
-		} catch (DecryptionFailedException $e) {
-			return false;
-		} catch (\Exception $e) {
-			$this->log->logException($e, [
-				'message' => 'Could not decrypt the private key from user "' . $uid . '"" during login. Assume password change on the user back-end.',
-				'level' => ILogger::WARN,
-				'app' => 'encryption',
-			]);
-			return false;
-		}
-
-		if ($privateKey) {
-			$this->session->setPrivateKey($privateKey);
-			$this->session->setStatus(Session::INIT_SUCCESSFUL);
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * @param $userId
-	 * @return string
-	 * @throws PrivateKeyMissingException
-	 */
-	public function getPrivateKey($userId) {
-		$privateKey = $this->keyStorage->getUserKey($userId,
-			$this->privateKeyId, Encryption::ID);
-
-		if (strlen($privateKey) !== 0) {
-			return $privateKey;
-		}
-		throw new PrivateKeyMissingException($userId);
-	}
-
-	/**
-	 * @param string $path
-	 * @param $uid
-	 * @return string
-	 */
-	public function getFileKey($path, $uid) {
-		if ($uid === '') {
-			$uid = null;
-		}
-		$publicAccess = is_null($uid);
-		$encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId, Encryption::ID);
-
-		if (empty($encryptedFileKey)) {
-			return '';
-		}
-
-		if ($this->util->isMasterKeyEnabled()) {
-			$uid = $this->getMasterKeyId();
-			$shareKey = $this->getShareKey($path, $uid);
-			if ($publicAccess) {
-				$privateKey = $this->getSystemPrivateKey($uid);
-				$privateKey = $this->crypt->decryptPrivateKey($privateKey, $this->getMasterKeyPassword(), $uid);
-			} else {
-				// when logged in, the master key is already decrypted in the session
-				$privateKey = $this->session->getPrivateKey();
-			}
-		} else if ($publicAccess) {
-			// use public share key for public links
-			$uid = $this->getPublicShareKeyId();
-			$shareKey = $this->getShareKey($path, $uid);
-			$privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.privateKey', Encryption::ID);
-			$privateKey = $this->crypt->decryptPrivateKey($privateKey);
-		} else {
-			$shareKey = $this->getShareKey($path, $uid);
-			$privateKey = $this->session->getPrivateKey();
-		}
-
-		if ($encryptedFileKey && $shareKey && $privateKey) {
-			return $this->crypt->multiKeyDecrypt($encryptedFileKey,
-				$shareKey,
-				$privateKey);
-		}
-
-		return '';
-	}
-
-	/**
-	 * Get the current version of a file
-	 *
-	 * @param string $path
-	 * @param View $view
-	 * @return int
-	 */
-	public function getVersion($path, View $view) {
-		$fileInfo = $view->getFileInfo($path);
-		if($fileInfo === false) {
-			return 0;
-		}
-		return $fileInfo->getEncryptedVersion();
-	}
-
-	/**
-	 * Set the current version of a file
-	 *
-	 * @param string $path
-	 * @param int $version
-	 * @param View $view
-	 */
-	public function setVersion($path, $version, View $view) {
-		$fileInfo= $view->getFileInfo($path);
-
-		if($fileInfo !== false) {
-			$cache = $fileInfo->getStorage()->getCache();
-			$cache->update($fileInfo->getId(), ['encrypted' => $version, 'encryptedVersion' => $version]);
-		}
-	}
-
-	/**
-	 * get the encrypted file key
-	 *
-	 * @param string $path
-	 * @return string
-	 */
-	public function getEncryptedFileKey($path) {
-		$encryptedFileKey = $this->keyStorage->getFileKey($path,
-			$this->fileKeyId, Encryption::ID);
-
-		return $encryptedFileKey;
-	}
-
-	/**
-	 * delete share key
-	 *
-	 * @param string $path
-	 * @param string $keyId
-	 * @return boolean
-	 */
-	public function deleteShareKey($path, $keyId) {
-		return $this->keyStorage->deleteFileKey(
-			$path,
-			$keyId . '.' . $this->shareKeyId,
-			Encryption::ID);
-	}
-
-
-	/**
-	 * @param $path
-	 * @param $uid
-	 * @return mixed
-	 */
-	public function getShareKey($path, $uid) {
-		$keyId = $uid . '.' . $this->shareKeyId;
-		return $this->keyStorage->getFileKey($path, $keyId, Encryption::ID);
-	}
-
-	/**
-	 * check if user has a private and a public key
-	 *
-	 * @param string $userId
-	 * @return bool
-	 * @throws PrivateKeyMissingException
-	 * @throws PublicKeyMissingException
-	 */
-	public function userHasKeys($userId) {
-		$privateKey = $publicKey = true;
-		$exception = null;
-
-		try {
-			$this->getPrivateKey($userId);
-		} catch (PrivateKeyMissingException $e) {
-			$privateKey = false;
-			$exception = $e;
-		}
-		try {
-			$this->getPublicKey($userId);
-		} catch (PublicKeyMissingException $e) {
-			$publicKey = false;
-			$exception = $e;
-		}
-
-		if ($privateKey && $publicKey) {
-			return true;
-		} elseif (!$privateKey && !$publicKey) {
-			return false;
-		} else {
-			throw $exception;
-		}
-	}
-
-	/**
-	 * @param $userId
-	 * @return mixed
-	 * @throws PublicKeyMissingException
-	 */
-	public function getPublicKey($userId) {
-		$publicKey = $this->keyStorage->getUserKey($userId, $this->publicKeyId, Encryption::ID);
-
-		if (strlen($publicKey) !== 0) {
-			return $publicKey;
-		}
-		throw new PublicKeyMissingException($userId);
-	}
-
-	public function getPublicShareKeyId() {
-		return $this->publicShareKeyId;
-	}
-
-	/**
-	 * get public key for public link shares
-	 *
-	 * @return string
-	 */
-	public function getPublicShareKey() {
-		return $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.publicKey', Encryption::ID);
-	}
-
-	/**
-	 * @param string $purpose
-	 * @param string $uid
-	 */
-	public function backupUserKeys($purpose, $uid) {
-		$this->keyStorage->backupUserKeys(Encryption::ID, $purpose, $uid);
-	}
-
-	/**
-	 * creat a backup of the users private and public key and then  delete it
-	 *
-	 * @param string $uid
-	 */
-	public function deleteUserKeys($uid) {
-		$this->deletePublicKey($uid);
-		$this->deletePrivateKey($uid);
-	}
-
-	/**
-	 * @param $uid
-	 * @return bool
-	 */
-	public function deletePublicKey($uid) {
-		return $this->keyStorage->deleteUserKey($uid, $this->publicKeyId, Encryption::ID);
-	}
-
-	/**
-	 * @param string $uid
-	 * @return bool
-	 */
-	private function deletePrivateKey($uid) {
-		return $this->keyStorage->deleteUserKey($uid, $this->privateKeyId, Encryption::ID);
-	}
-
-	/**
-	 * @param string $path
-	 * @return bool
-	 */
-	public function deleteAllFileKeys($path) {
-		return $this->keyStorage->deleteAllFileKeys($path);
-	}
-
-	/**
-	 * @param array $userIds
-	 * @return array
-	 * @throws PublicKeyMissingException
-	 */
-	public function getPublicKeys(array $userIds) {
-		$keys = [];
-
-		foreach ($userIds as $userId) {
-			try {
-				$keys[$userId] = $this->getPublicKey($userId);
-			} catch (PublicKeyMissingException $e) {
-				continue;
-			}
-		}
-
-		return $keys;
-
-	}
-
-	/**
-	 * @param string $keyId
-	 * @return string returns openssl key
-	 */
-	public function getSystemPrivateKey($keyId) {
-		return $this->keyStorage->getSystemUserKey($keyId . '.' . $this->privateKeyId, Encryption::ID);
-	}
-
-	/**
-	 * @param string $keyId
-	 * @param string $key
-	 * @return string returns openssl key
-	 */
-	public function setSystemPrivateKey($keyId, $key) {
-		return $this->keyStorage->setSystemUserKey(
-			$keyId . '.' . $this->privateKeyId,
-			$key,
-			Encryption::ID);
-	}
-
-	/**
-	 * add system keys such as the public share key and the recovery key
-	 *
-	 * @param array $accessList
-	 * @param array $publicKeys
-	 * @param string $uid
-	 * @return array
-	 * @throws PublicKeyMissingException
-	 */
-	public function addSystemKeys(array $accessList, array $publicKeys, $uid) {
-		if (!empty($accessList['public'])) {
-			$publicShareKey = $this->getPublicShareKey();
-			if (empty($publicShareKey)) {
-				throw new PublicKeyMissingException($this->getPublicShareKeyId());
-			}
-			$publicKeys[$this->getPublicShareKeyId()] = $publicShareKey;
-		}
-
-		if ($this->recoveryKeyExists() &&
-			$this->util->isRecoveryEnabledForUser($uid)) {
-
-			$publicKeys[$this->getRecoveryKeyId()] = $this->getRecoveryKey();
-		}
-
-		return $publicKeys;
-	}
-
-	/**
-	 * get master key password
-	 *
-	 * @return string
-	 * @throws \Exception
-	 */
-	public function getMasterKeyPassword() {
-		$password = $this->config->getSystemValue('secret');
-		if (empty($password)){
-			throw new \Exception('Can not get secret from Nextcloud instance');
-		}
-
-		return $password;
-	}
-
-	/**
-	 * return master key id
-	 *
-	 * @return string
-	 */
-	public function getMasterKeyId() {
-		return $this->masterKeyId;
-	}
-
-	/**
-	 * get public master key
-	 *
-	 * @return string
-	 */
-	public function getPublicMasterKey() {
-		return $this->keyStorage->getSystemUserKey($this->masterKeyId . '.publicKey', Encryption::ID);
-	}
+    /**
+     * @var Session
+     */
+    protected $session;
+    /**
+     * @var IStorage
+     */
+    private $keyStorage;
+    /**
+     * @var Crypt
+     */
+    private $crypt;
+    /**
+     * @var string
+     */
+    private $recoveryKeyId;
+    /**
+     * @var string
+     */
+    private $publicShareKeyId;
+    /**
+     * @var string
+     */
+    private $masterKeyId;
+    /**
+     * @var string UserID
+     */
+    private $keyId;
+    /**
+     * @var string
+     */
+    private $publicKeyId = 'publicKey';
+    /**
+     * @var string
+     */
+    private $privateKeyId = 'privateKey';
+
+    /**
+     * @var string
+     */
+    private $shareKeyId = 'shareKey';
+
+    /**
+     * @var string
+     */
+    private $fileKeyId = 'fileKey';
+    /**
+     * @var IConfig
+     */
+    private $config;
+    /**
+     * @var ILogger
+     */
+    private $log;
+    /**
+     * @var Util
+     */
+    private $util;
+
+    /**
+     * @param IStorage $keyStorage
+     * @param Crypt $crypt
+     * @param IConfig $config
+     * @param IUserSession $userSession
+     * @param Session $session
+     * @param ILogger $log
+     * @param Util $util
+     */
+    public function __construct(
+        IStorage $keyStorage,
+        Crypt $crypt,
+        IConfig $config,
+        IUserSession $userSession,
+        Session $session,
+        ILogger $log,
+        Util $util
+    ) {
+
+        $this->util = $util;
+        $this->session = $session;
+        $this->keyStorage = $keyStorage;
+        $this->crypt = $crypt;
+        $this->config = $config;
+        $this->log = $log;
+
+        $this->recoveryKeyId = $this->config->getAppValue('encryption',
+            'recoveryKeyId');
+        if (empty($this->recoveryKeyId)) {
+            $this->recoveryKeyId = 'recoveryKey_' . substr(md5(time()), 0, 8);
+            $this->config->setAppValue('encryption',
+                'recoveryKeyId',
+                $this->recoveryKeyId);
+        }
+
+        $this->publicShareKeyId = $this->config->getAppValue('encryption',
+            'publicShareKeyId');
+        if (empty($this->publicShareKeyId)) {
+            $this->publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
+            $this->config->setAppValue('encryption', 'publicShareKeyId', $this->publicShareKeyId);
+        }
+
+        $this->masterKeyId = $this->config->getAppValue('encryption',
+            'masterKeyId');
+        if (empty($this->masterKeyId)) {
+            $this->masterKeyId = 'master_' . substr(md5(time()), 0, 8);
+            $this->config->setAppValue('encryption', 'masterKeyId', $this->masterKeyId);
+        }
+
+        $this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false;
+        $this->log = $log;
+    }
+
+    /**
+     * check if key pair for public link shares exists, if not we create one
+     */
+    public function validateShareKey() {
+        $shareKey = $this->getPublicShareKey();
+        if (empty($shareKey)) {
+            $keyPair = $this->crypt->createKeyPair();
+
+            // Save public key
+            $this->keyStorage->setSystemUserKey(
+                $this->publicShareKeyId . '.publicKey', $keyPair['publicKey'],
+                Encryption::ID);
+
+            // Encrypt private key empty passphrase
+            $encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], '');
+            $header = $this->crypt->generateHeader();
+            $this->setSystemPrivateKey($this->publicShareKeyId, $header . $encryptedKey);
+        }
+    }
+
+    /**
+     * check if a key pair for the master key exists, if not we create one
+     */
+    public function validateMasterKey() {
+
+        if ($this->util->isMasterKeyEnabled() === false) {
+            return;
+        }
+
+        $publicMasterKey = $this->getPublicMasterKey();
+        if (empty($publicMasterKey)) {
+            $keyPair = $this->crypt->createKeyPair();
+
+            // Save public key
+            $this->keyStorage->setSystemUserKey(
+                $this->masterKeyId . '.publicKey', $keyPair['publicKey'],
+                Encryption::ID);
+
+            // Encrypt private key with system password
+            $encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $this->getMasterKeyPassword(), $this->masterKeyId);
+            $header = $this->crypt->generateHeader();
+            $this->setSystemPrivateKey($this->masterKeyId, $header . $encryptedKey);
+        }
+
+        if (!$this->session->isPrivateKeySet()) {
+            $masterKey = $this->getSystemPrivateKey($this->masterKeyId);
+            $decryptedMasterKey = $this->crypt->decryptPrivateKey($masterKey, $this->getMasterKeyPassword(), $this->masterKeyId);
+            $this->session->setPrivateKey($decryptedMasterKey);
+        }
+
+        // after the encryption key is available we are ready to go
+        $this->session->setStatus(Session::INIT_SUCCESSFUL);
+    }
+
+    /**
+     * @return bool
+     */
+    public function recoveryKeyExists() {
+        $key = $this->getRecoveryKey();
+        return !empty($key);
+    }
+
+    /**
+     * get recovery key
+     *
+     * @return string
+     */
+    public function getRecoveryKey() {
+        return $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey', Encryption::ID);
+    }
+
+    /**
+     * get recovery key ID
+     *
+     * @return string
+     */
+    public function getRecoveryKeyId() {
+        return $this->recoveryKeyId;
+    }
+
+    /**
+     * @param string $password
+     * @return bool
+     */
+    public function checkRecoveryPassword($password) {
+        $recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.privateKey', Encryption::ID);
+        $decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey, $password);
+
+        if ($decryptedRecoveryKey) {
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * @param string $uid
+     * @param string $password
+     * @param string $keyPair
+     * @return bool
+     */
+    public function storeKeyPair($uid, $password, $keyPair) {
+        // Save Public Key
+        $this->setPublicKey($uid, $keyPair['publicKey']);
+
+        $encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $password, $uid);
+
+        $header = $this->crypt->generateHeader();
+
+        if ($encryptedKey) {
+            $this->setPrivateKey($uid, $header . $encryptedKey);
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * @param string $password
+     * @param array $keyPair
+     * @return bool
+     */
+    public function setRecoveryKey($password, $keyPair) {
+        // Save Public Key
+        $this->keyStorage->setSystemUserKey($this->getRecoveryKeyId().
+            '.publicKey',
+            $keyPair['publicKey'],
+            Encryption::ID);
+
+        $encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $password);
+        $header = $this->crypt->generateHeader();
+
+        if ($encryptedKey) {
+            $this->setSystemPrivateKey($this->getRecoveryKeyId(), $header . $encryptedKey);
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * @param $userId
+     * @param $key
+     * @return bool
+     */
+    public function setPublicKey($userId, $key) {
+        return $this->keyStorage->setUserKey($userId, $this->publicKeyId, $key, Encryption::ID);
+    }
+
+    /**
+     * @param $userId
+     * @param string $key
+     * @return bool
+     */
+    public function setPrivateKey($userId, $key) {
+        return $this->keyStorage->setUserKey($userId,
+            $this->privateKeyId,
+            $key,
+            Encryption::ID);
+    }
+
+    /**
+     * write file key to key storage
+     *
+     * @param string $path
+     * @param string $key
+     * @return boolean
+     */
+    public function setFileKey($path, $key) {
+        return $this->keyStorage->setFileKey($path, $this->fileKeyId, $key, Encryption::ID);
+    }
+
+    /**
+     * set all file keys (the file key and the corresponding share keys)
+     *
+     * @param string $path
+     * @param array $keys
+     */
+    public function setAllFileKeys($path, $keys) {
+        $this->setFileKey($path, $keys['data']);
+        foreach ($keys['keys'] as $uid => $keyFile) {
+            $this->setShareKey($path, $uid, $keyFile);
+        }
+    }
+
+    /**
+     * write share key to the key storage
+     *
+     * @param string $path
+     * @param string $uid
+     * @param string $key
+     * @return boolean
+     */
+    public function setShareKey($path, $uid, $key) {
+        $keyId = $uid . '.' . $this->shareKeyId;
+        return $this->keyStorage->setFileKey($path, $keyId, $key, Encryption::ID);
+    }
+
+    /**
+     * Decrypt private key and store it
+     *
+     * @param string $uid user id
+     * @param string $passPhrase users password
+     * @return boolean
+     */
+    public function init($uid, $passPhrase) {
+
+        $this->session->setStatus(Session::INIT_EXECUTED);
+
+        try {
+            if($this->util->isMasterKeyEnabled()) {
+                $uid = $this->getMasterKeyId();
+                $passPhrase = $this->getMasterKeyPassword();
+                $privateKey = $this->getSystemPrivateKey($uid);
+            } else {
+                $privateKey = $this->getPrivateKey($uid);
+            }
+            $privateKey = $this->crypt->decryptPrivateKey($privateKey, $passPhrase, $uid);
+        } catch (PrivateKeyMissingException $e) {
+            return false;
+        } catch (DecryptionFailedException $e) {
+            return false;
+        } catch (\Exception $e) {
+            $this->log->logException($e, [
+                'message' => 'Could not decrypt the private key from user "' . $uid . '"" during login. Assume password change on the user back-end.',
+                'level' => ILogger::WARN,
+                'app' => 'encryption',
+            ]);
+            return false;
+        }
+
+        if ($privateKey) {
+            $this->session->setPrivateKey($privateKey);
+            $this->session->setStatus(Session::INIT_SUCCESSFUL);
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * @param $userId
+     * @return string
+     * @throws PrivateKeyMissingException
+     */
+    public function getPrivateKey($userId) {
+        $privateKey = $this->keyStorage->getUserKey($userId,
+            $this->privateKeyId, Encryption::ID);
+
+        if (strlen($privateKey) !== 0) {
+            return $privateKey;
+        }
+        throw new PrivateKeyMissingException($userId);
+    }
+
+    /**
+     * @param string $path
+     * @param $uid
+     * @return string
+     */
+    public function getFileKey($path, $uid) {
+        if ($uid === '') {
+            $uid = null;
+        }
+        $publicAccess = is_null($uid);
+        $encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId, Encryption::ID);
+
+        if (empty($encryptedFileKey)) {
+            return '';
+        }
+
+        if ($this->util->isMasterKeyEnabled()) {
+            $uid = $this->getMasterKeyId();
+            $shareKey = $this->getShareKey($path, $uid);
+            if ($publicAccess) {
+                $privateKey = $this->getSystemPrivateKey($uid);
+                $privateKey = $this->crypt->decryptPrivateKey($privateKey, $this->getMasterKeyPassword(), $uid);
+            } else {
+                // when logged in, the master key is already decrypted in the session
+                $privateKey = $this->session->getPrivateKey();
+            }
+        } else if ($publicAccess) {
+            // use public share key for public links
+            $uid = $this->getPublicShareKeyId();
+            $shareKey = $this->getShareKey($path, $uid);
+            $privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.privateKey', Encryption::ID);
+            $privateKey = $this->crypt->decryptPrivateKey($privateKey);
+        } else {
+            $shareKey = $this->getShareKey($path, $uid);
+            $privateKey = $this->session->getPrivateKey();
+        }
+
+        if ($encryptedFileKey && $shareKey && $privateKey) {
+            return $this->crypt->multiKeyDecrypt($encryptedFileKey,
+                $shareKey,
+                $privateKey);
+        }
+
+        return '';
+    }
+
+    /**
+     * Get the current version of a file
+     *
+     * @param string $path
+     * @param View $view
+     * @return int
+     */
+    public function getVersion($path, View $view) {
+        $fileInfo = $view->getFileInfo($path);
+        if($fileInfo === false) {
+            return 0;
+        }
+        return $fileInfo->getEncryptedVersion();
+    }
+
+    /**
+     * Set the current version of a file
+     *
+     * @param string $path
+     * @param int $version
+     * @param View $view
+     */
+    public function setVersion($path, $version, View $view) {
+        $fileInfo= $view->getFileInfo($path);
+
+        if($fileInfo !== false) {
+            $cache = $fileInfo->getStorage()->getCache();
+            $cache->update($fileInfo->getId(), ['encrypted' => $version, 'encryptedVersion' => $version]);
+        }
+    }
+
+    /**
+     * get the encrypted file key
+     *
+     * @param string $path
+     * @return string
+     */
+    public function getEncryptedFileKey($path) {
+        $encryptedFileKey = $this->keyStorage->getFileKey($path,
+            $this->fileKeyId, Encryption::ID);
+
+        return $encryptedFileKey;
+    }
+
+    /**
+     * delete share key
+     *
+     * @param string $path
+     * @param string $keyId
+     * @return boolean
+     */
+    public function deleteShareKey($path, $keyId) {
+        return $this->keyStorage->deleteFileKey(
+            $path,
+            $keyId . '.' . $this->shareKeyId,
+            Encryption::ID);
+    }
+
+
+    /**
+     * @param $path
+     * @param $uid
+     * @return mixed
+     */
+    public function getShareKey($path, $uid) {
+        $keyId = $uid . '.' . $this->shareKeyId;
+        return $this->keyStorage->getFileKey($path, $keyId, Encryption::ID);
+    }
+
+    /**
+     * check if user has a private and a public key
+     *
+     * @param string $userId
+     * @return bool
+     * @throws PrivateKeyMissingException
+     * @throws PublicKeyMissingException
+     */
+    public function userHasKeys($userId) {
+        $privateKey = $publicKey = true;
+        $exception = null;
+
+        try {
+            $this->getPrivateKey($userId);
+        } catch (PrivateKeyMissingException $e) {
+            $privateKey = false;
+            $exception = $e;
+        }
+        try {
+            $this->getPublicKey($userId);
+        } catch (PublicKeyMissingException $e) {
+            $publicKey = false;
+            $exception = $e;
+        }
+
+        if ($privateKey && $publicKey) {
+            return true;
+        } elseif (!$privateKey && !$publicKey) {
+            return false;
+        } else {
+            throw $exception;
+        }
+    }
+
+    /**
+     * @param $userId
+     * @return mixed
+     * @throws PublicKeyMissingException
+     */
+    public function getPublicKey($userId) {
+        $publicKey = $this->keyStorage->getUserKey($userId, $this->publicKeyId, Encryption::ID);
+
+        if (strlen($publicKey) !== 0) {
+            return $publicKey;
+        }
+        throw new PublicKeyMissingException($userId);
+    }
+
+    public function getPublicShareKeyId() {
+        return $this->publicShareKeyId;
+    }
+
+    /**
+     * get public key for public link shares
+     *
+     * @return string
+     */
+    public function getPublicShareKey() {
+        return $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.publicKey', Encryption::ID);
+    }
+
+    /**
+     * @param string $purpose
+     * @param string $uid
+     */
+    public function backupUserKeys($purpose, $uid) {
+        $this->keyStorage->backupUserKeys(Encryption::ID, $purpose, $uid);
+    }
+
+    /**
+     * creat a backup of the users private and public key and then  delete it
+     *
+     * @param string $uid
+     */
+    public function deleteUserKeys($uid) {
+        $this->deletePublicKey($uid);
+        $this->deletePrivateKey($uid);
+    }
+
+    /**
+     * @param $uid
+     * @return bool
+     */
+    public function deletePublicKey($uid) {
+        return $this->keyStorage->deleteUserKey($uid, $this->publicKeyId, Encryption::ID);
+    }
+
+    /**
+     * @param string $uid
+     * @return bool
+     */
+    private function deletePrivateKey($uid) {
+        return $this->keyStorage->deleteUserKey($uid, $this->privateKeyId, Encryption::ID);
+    }
+
+    /**
+     * @param string $path
+     * @return bool
+     */
+    public function deleteAllFileKeys($path) {
+        return $this->keyStorage->deleteAllFileKeys($path);
+    }
+
+    /**
+     * @param array $userIds
+     * @return array
+     * @throws PublicKeyMissingException
+     */
+    public function getPublicKeys(array $userIds) {
+        $keys = [];
+
+        foreach ($userIds as $userId) {
+            try {
+                $keys[$userId] = $this->getPublicKey($userId);
+            } catch (PublicKeyMissingException $e) {
+                continue;
+            }
+        }
+
+        return $keys;
+
+    }
+
+    /**
+     * @param string $keyId
+     * @return string returns openssl key
+     */
+    public function getSystemPrivateKey($keyId) {
+        return $this->keyStorage->getSystemUserKey($keyId . '.' . $this->privateKeyId, Encryption::ID);
+    }
+
+    /**
+     * @param string $keyId
+     * @param string $key
+     * @return string returns openssl key
+     */
+    public function setSystemPrivateKey($keyId, $key) {
+        return $this->keyStorage->setSystemUserKey(
+            $keyId . '.' . $this->privateKeyId,
+            $key,
+            Encryption::ID);
+    }
+
+    /**
+     * add system keys such as the public share key and the recovery key
+     *
+     * @param array $accessList
+     * @param array $publicKeys
+     * @param string $uid
+     * @return array
+     * @throws PublicKeyMissingException
+     */
+    public function addSystemKeys(array $accessList, array $publicKeys, $uid) {
+        if (!empty($accessList['public'])) {
+            $publicShareKey = $this->getPublicShareKey();
+            if (empty($publicShareKey)) {
+                throw new PublicKeyMissingException($this->getPublicShareKeyId());
+            }
+            $publicKeys[$this->getPublicShareKeyId()] = $publicShareKey;
+        }
+
+        if ($this->recoveryKeyExists() &&
+            $this->util->isRecoveryEnabledForUser($uid)) {
+
+            $publicKeys[$this->getRecoveryKeyId()] = $this->getRecoveryKey();
+        }
+
+        return $publicKeys;
+    }
+
+    /**
+     * get master key password
+     *
+     * @return string
+     * @throws \Exception
+     */
+    public function getMasterKeyPassword() {
+        $password = $this->config->getSystemValue('secret');
+        if (empty($password)){
+            throw new \Exception('Can not get secret from Nextcloud instance');
+        }
+
+        return $password;
+    }
+
+    /**
+     * return master key id
+     *
+     * @return string
+     */
+    public function getMasterKeyId() {
+        return $this->masterKeyId;
+    }
+
+    /**
+     * get public master key
+     *
+     * @return string
+     */
+    public function getPublicMasterKey() {
+        return $this->keyStorage->getSystemUserKey($this->masterKeyId . '.publicKey', Encryption::ID);
+    }
 }

apps/federatedfilesharing/lib/FederatedShareProvider.php

Doc Comments +2 added lines, -2 removed lines

@@ -391,7 +391,7 @@ 
 	/**
 	 * store remote ID in federated reShare table
 	 *
-	 * @param $shareId
+	 * @param integer $shareId
 	 * @param $remoteId
 	 */
 	public function storeRemoteId($shareId, $remoteId) {
@@ -729,7 +729,7 @@ 
 	/**
 	 * get database row of a give share
 	 *
-	 * @param $id
+	 * @param integer $id
 	 * @return array
 	 * @throws ShareNotFound
 	 */

Indentation +1019 added lines, -1019 removed lines

@@ -54,1033 +54,1033 @@
  */
 class FederatedShareProvider implements IShareProvider {
 
-	const SHARE_TYPE_REMOTE = 6;
-
-	/** @var IDBConnection */
-	private $dbConnection;
-
-	/** @var AddressHandler */
-	private $addressHandler;
-
-	/** @var Notifications */
-	private $notifications;
-
-	/** @var TokenHandler */
-	private $tokenHandler;
-
-	/** @var IL10N */
-	private $l;
-
-	/** @var ILogger */
-	private $logger;
-
-	/** @var IRootFolder */
-	private $rootFolder;
-
-	/** @var IConfig */
-	private $config;
-
-	/** @var string */
-	private $externalShareTable = 'share_external';
-
-	/** @var IUserManager */
-	private $userManager;
-
-	/** @var ICloudIdManager */
-	private $cloudIdManager;
-
-	/** @var \OCP\GlobalScale\IConfig */
-	private $gsConfig;
-
-	/** @var ICloudFederationProviderManager */
-	private $cloudFederationProviderManager;
-
-	/**
-	 * DefaultShareProvider constructor.
-	 *
-	 * @param IDBConnection $connection
-	 * @param AddressHandler $addressHandler
-	 * @param Notifications $notifications
-	 * @param TokenHandler $tokenHandler
-	 * @param IL10N $l10n
-	 * @param ILogger $logger
-	 * @param IRootFolder $rootFolder
-	 * @param IConfig $config
-	 * @param IUserManager $userManager
-	 * @param ICloudIdManager $cloudIdManager
-	 * @param \OCP\GlobalScale\IConfig $globalScaleConfig
-	 * @param ICloudFederationProviderManager $cloudFederationProviderManager
-	 */
-	public function __construct(
-			IDBConnection $connection,
-			AddressHandler $addressHandler,
-			Notifications $notifications,
-			TokenHandler $tokenHandler,
-			IL10N $l10n,
-			ILogger $logger,
-			IRootFolder $rootFolder,
-			IConfig $config,
-			IUserManager $userManager,
-			ICloudIdManager $cloudIdManager,
-			\OCP\GlobalScale\IConfig $globalScaleConfig,
-			ICloudFederationProviderManager $cloudFederationProviderManager
-	) {
-		$this->dbConnection = $connection;
-		$this->addressHandler = $addressHandler;
-		$this->notifications = $notifications;
-		$this->tokenHandler = $tokenHandler;
-		$this->l = $l10n;
-		$this->logger = $logger;
-		$this->rootFolder = $rootFolder;
-		$this->config = $config;
-		$this->userManager = $userManager;
-		$this->cloudIdManager = $cloudIdManager;
-		$this->gsConfig = $globalScaleConfig;
-		$this->cloudFederationProviderManager = $cloudFederationProviderManager;
-	}
-
-	/**
-	 * Return the identifier of this provider.
-	 *
-	 * @return string Containing only [a-zA-Z0-9]
-	 */
-	public function identifier() {
-		return 'ocFederatedSharing';
-	}
-
-	/**
-	 * Share a path
-	 *
-	 * @param IShare $share
-	 * @return IShare The share object
-	 * @throws ShareNotFound
-	 * @throws \Exception
-	 */
-	public function create(IShare $share) {
-
-		$shareWith = $share->getSharedWith();
-		$itemSource = $share->getNodeId();
-		$itemType = $share->getNodeType();
-		$permissions = $share->getPermissions();
-		$sharedBy = $share->getSharedBy();
-		$shareType = $share->getShareType();
-
-		if ($shareType === \OCP\Share::SHARE_TYPE_REMOTE_GROUP &&
-			!$this->isOutgoingServer2serverGroupShareEnabled()
-		) {
-			$message = 'It is not allowed to send federated group shares from this server.';
-			$message_t = $this->l->t('It is not allowed to send federated group shares from this server.');
-			$this->logger->debug($message, ['app' => 'Federated File Sharing']);
-			throw new \Exception($message_t);
-		}
-
-		/*
+    const SHARE_TYPE_REMOTE = 6;
+
+    /** @var IDBConnection */
+    private $dbConnection;
+
+    /** @var AddressHandler */
+    private $addressHandler;
+
+    /** @var Notifications */
+    private $notifications;
+
+    /** @var TokenHandler */
+    private $tokenHandler;
+
+    /** @var IL10N */
+    private $l;
+
+    /** @var ILogger */
+    private $logger;
+
+    /** @var IRootFolder */
+    private $rootFolder;
+
+    /** @var IConfig */
+    private $config;
+
+    /** @var string */
+    private $externalShareTable = 'share_external';
+
+    /** @var IUserManager */
+    private $userManager;
+
+    /** @var ICloudIdManager */
+    private $cloudIdManager;
+
+    /** @var \OCP\GlobalScale\IConfig */
+    private $gsConfig;
+
+    /** @var ICloudFederationProviderManager */
+    private $cloudFederationProviderManager;
+
+    /**
+     * DefaultShareProvider constructor.
+     *
+     * @param IDBConnection $connection
+     * @param AddressHandler $addressHandler
+     * @param Notifications $notifications
+     * @param TokenHandler $tokenHandler
+     * @param IL10N $l10n
+     * @param ILogger $logger
+     * @param IRootFolder $rootFolder
+     * @param IConfig $config
+     * @param IUserManager $userManager
+     * @param ICloudIdManager $cloudIdManager
+     * @param \OCP\GlobalScale\IConfig $globalScaleConfig
+     * @param ICloudFederationProviderManager $cloudFederationProviderManager
+     */
+    public function __construct(
+            IDBConnection $connection,
+            AddressHandler $addressHandler,
+            Notifications $notifications,
+            TokenHandler $tokenHandler,
+            IL10N $l10n,
+            ILogger $logger,
+            IRootFolder $rootFolder,
+            IConfig $config,
+            IUserManager $userManager,
+            ICloudIdManager $cloudIdManager,
+            \OCP\GlobalScale\IConfig $globalScaleConfig,
+            ICloudFederationProviderManager $cloudFederationProviderManager
+    ) {
+        $this->dbConnection = $connection;
+        $this->addressHandler = $addressHandler;
+        $this->notifications = $notifications;
+        $this->tokenHandler = $tokenHandler;
+        $this->l = $l10n;
+        $this->logger = $logger;
+        $this->rootFolder = $rootFolder;
+        $this->config = $config;
+        $this->userManager = $userManager;
+        $this->cloudIdManager = $cloudIdManager;
+        $this->gsConfig = $globalScaleConfig;
+        $this->cloudFederationProviderManager = $cloudFederationProviderManager;
+    }
+
+    /**
+     * Return the identifier of this provider.
+     *
+     * @return string Containing only [a-zA-Z0-9]
+     */
+    public function identifier() {
+        return 'ocFederatedSharing';
+    }
+
+    /**
+     * Share a path
+     *
+     * @param IShare $share
+     * @return IShare The share object
+     * @throws ShareNotFound
+     * @throws \Exception
+     */
+    public function create(IShare $share) {
+
+        $shareWith = $share->getSharedWith();
+        $itemSource = $share->getNodeId();
+        $itemType = $share->getNodeType();
+        $permissions = $share->getPermissions();
+        $sharedBy = $share->getSharedBy();
+        $shareType = $share->getShareType();
+
+        if ($shareType === \OCP\Share::SHARE_TYPE_REMOTE_GROUP &&
+            !$this->isOutgoingServer2serverGroupShareEnabled()
+        ) {
+            $message = 'It is not allowed to send federated group shares from this server.';
+            $message_t = $this->l->t('It is not allowed to send federated group shares from this server.');
+            $this->logger->debug($message, ['app' => 'Federated File Sharing']);
+            throw new \Exception($message_t);
+        }
+
+        /*
 		 * Check if file is not already shared with the remote user
 		 */
-		$alreadyShared = $this->getSharedWith($shareWith, self::SHARE_TYPE_REMOTE, $share->getNode(), 1, 0);
-		if (!empty($alreadyShared)) {
-			$message = 'Sharing %s failed, because this item is already shared with %s';
-			$message_t = $this->l->t('Sharing %s failed, because this item is already shared with %s', array($share->getNode()->getName(), $shareWith));
-			$this->logger->debug(sprintf($message, $share->getNode()->getName(), $shareWith), ['app' => 'Federated File Sharing']);
-			throw new \Exception($message_t);
-		}
-
-
-		// don't allow federated shares if source and target server are the same
-		$cloudId = $this->cloudIdManager->resolveCloudId($shareWith);
-		$currentServer = $this->addressHandler->generateRemoteURL();
-		$currentUser = $sharedBy;
-		if ($this->addressHandler->compareAddresses($cloudId->getUser(), $cloudId->getRemote(), $currentUser, $currentServer)) {
-			$message = 'Not allowed to create a federated share with the same user.';
-			$message_t = $this->l->t('Not allowed to create a federated share with the same user');
-			$this->logger->debug($message, ['app' => 'Federated File Sharing']);
-			throw new \Exception($message_t);
-		}
-
-
-		$share->setSharedWith($cloudId->getId());
-
-		try {
-			$remoteShare = $this->getShareFromExternalShareTable($share);
-		} catch (ShareNotFound $e) {
-			$remoteShare = null;
-		}
-
-		if ($remoteShare) {
-			try {
-				$ownerCloudId = $this->cloudIdManager->getCloudId($remoteShare['owner'], $remoteShare['remote']);
-				$shareId = $this->addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $ownerCloudId->getId(), $permissions, 'tmp_token_' . time());
-				$share->setId($shareId);
-				list($token, $remoteId) = $this->askOwnerToReShare($shareWith, $share, $shareId);
-				// remote share was create successfully if we get a valid token as return
-				$send = is_string($token) && $token !== '';
-			} catch (\Exception $e) {
-				// fall back to old re-share behavior if the remote server
-				// doesn't support flat re-shares (was introduced with Nextcloud 9.1)
-				$this->removeShareFromTable($share);
-				$shareId = $this->createFederatedShare($share);
-			}
-			if ($send) {
-				$this->updateSuccessfulReshare($shareId, $token);
-				$this->storeRemoteId($shareId, $remoteId);
-			} else {
-				$this->removeShareFromTable($share);
-				$message_t = $this->l->t('File is already shared with %s', [$shareWith]);
-				throw new \Exception($message_t);
-			}
-
-		} else {
-			$shareId = $this->createFederatedShare($share);
-		}
-
-		$data = $this->getRawShare($shareId);
-		return $this->createShareObject($data);
-	}
-
-	/**
-	 * create federated share and inform the recipient
-	 *
-	 * @param IShare $share
-	 * @return int
-	 * @throws ShareNotFound
-	 * @throws \Exception
-	 */
-	protected function createFederatedShare(IShare $share) {
-		$token = $this->tokenHandler->generateToken();
-		$shareId = $this->addShareToDB(
-			$share->getNodeId(),
-			$share->getNodeType(),
-			$share->getSharedWith(),
-			$share->getSharedBy(),
-			$share->getShareOwner(),
-			$share->getPermissions(),
-			$token
-		);
-
-		$failure = false;
-
-		try {
-			$sharedByFederatedId = $share->getSharedBy();
-			if ($this->userManager->userExists($sharedByFederatedId)) {
-				$cloudId = $this->cloudIdManager->getCloudId($sharedByFederatedId, $this->addressHandler->generateRemoteURL());
-				$sharedByFederatedId = $cloudId->getId();
-			}
-			$ownerCloudId = $this->cloudIdManager->getCloudId($share->getShareOwner(), $this->addressHandler->generateRemoteURL());
-			$send = $this->notifications->sendRemoteShare(
-				$token,
-				$share->getSharedWith(),
-				$share->getNode()->getName(),
-				$shareId,
-				$share->getShareOwner(),
-				$ownerCloudId->getId(),
-				$share->getSharedBy(),
-				$sharedByFederatedId,
-				$share->getShareType()
-			);
-
-			if ($send === false) {
-				$failure = true;
-			}
-		} catch (\Exception $e) {
-			$this->logger->logException($e, [
-				'message' => 'Failed to notify remote server of federated share, removing share.',
-				'level' => ILogger::ERROR,
-				'app' => 'federatedfilesharing',
-			]);
-			$failure = true;
-		}
-
-		if($failure) {
-			$this->removeShareFromTableById($shareId);
-			$message_t = $this->l->t('Sharing %s failed, could not find %s, maybe the server is currently unreachable or uses a self-signed certificate.',
-				[$share->getNode()->getName(), $share->getSharedWith()]);
-			throw new \Exception($message_t);
-		}
-
-		return $shareId;
-
-	}
-
-	/**
-	 * @param string $shareWith
-	 * @param IShare $share
-	 * @param string $shareId internal share Id
-	 * @return array
-	 * @throws \Exception
-	 */
-	protected function askOwnerToReShare($shareWith, IShare $share, $shareId) {
-
-		$remoteShare = $this->getShareFromExternalShareTable($share);
-		$token = $remoteShare['share_token'];
-		$remoteId = $remoteShare['remote_id'];
-		$remote = $remoteShare['remote'];
-
-		list($token, $remoteId) = $this->notifications->requestReShare(
-			$token,
-			$remoteId,
-			$shareId,
-			$remote,
-			$shareWith,
-			$share->getPermissions(),
-			$share->getNode()->getName()
-		);
-
-		return [$token, $remoteId];
-	}
-
-	/**
-	 * get federated share from the share_external table but exclude mounted link shares
-	 *
-	 * @param IShare $share
-	 * @return array
-	 * @throws ShareNotFound
-	 */
-	protected function getShareFromExternalShareTable(IShare $share) {
-		$query = $this->dbConnection->getQueryBuilder();
-		$query->select('*')->from($this->externalShareTable)
-			->where($query->expr()->eq('user', $query->createNamedParameter($share->getShareOwner())))
-			->andWhere($query->expr()->eq('mountpoint', $query->createNamedParameter($share->getTarget())));
-		$result = $query->execute()->fetchAll();
-
-		if (isset($result[0]) && (int)$result[0]['remote_id'] > 0) {
-			return $result[0];
-		}
-
-		throw new ShareNotFound('share not found in share_external table');
-	}
-
-	/**
-	 * add share to the database and return the ID
-	 *
-	 * @param int $itemSource
-	 * @param string $itemType
-	 * @param string $shareWith
-	 * @param string $sharedBy
-	 * @param string $uidOwner
-	 * @param int $permissions
-	 * @param string $token
-	 * @return int
-	 */
-	private function addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $uidOwner, $permissions, $token) {
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->insert('share')
-			->setValue('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE))
-			->setValue('item_type', $qb->createNamedParameter($itemType))
-			->setValue('item_source', $qb->createNamedParameter($itemSource))
-			->setValue('file_source', $qb->createNamedParameter($itemSource))
-			->setValue('share_with', $qb->createNamedParameter($shareWith))
-			->setValue('uid_owner', $qb->createNamedParameter($uidOwner))
-			->setValue('uid_initiator', $qb->createNamedParameter($sharedBy))
-			->setValue('permissions', $qb->createNamedParameter($permissions))
-			->setValue('token', $qb->createNamedParameter($token))
-			->setValue('stime', $qb->createNamedParameter(time()));
-
-		/*
+        $alreadyShared = $this->getSharedWith($shareWith, self::SHARE_TYPE_REMOTE, $share->getNode(), 1, 0);
+        if (!empty($alreadyShared)) {
+            $message = 'Sharing %s failed, because this item is already shared with %s';
+            $message_t = $this->l->t('Sharing %s failed, because this item is already shared with %s', array($share->getNode()->getName(), $shareWith));
+            $this->logger->debug(sprintf($message, $share->getNode()->getName(), $shareWith), ['app' => 'Federated File Sharing']);
+            throw new \Exception($message_t);
+        }
+
+
+        // don't allow federated shares if source and target server are the same
+        $cloudId = $this->cloudIdManager->resolveCloudId($shareWith);
+        $currentServer = $this->addressHandler->generateRemoteURL();
+        $currentUser = $sharedBy;
+        if ($this->addressHandler->compareAddresses($cloudId->getUser(), $cloudId->getRemote(), $currentUser, $currentServer)) {
+            $message = 'Not allowed to create a federated share with the same user.';
+            $message_t = $this->l->t('Not allowed to create a federated share with the same user');
+            $this->logger->debug($message, ['app' => 'Federated File Sharing']);
+            throw new \Exception($message_t);
+        }
+
+
+        $share->setSharedWith($cloudId->getId());
+
+        try {
+            $remoteShare = $this->getShareFromExternalShareTable($share);
+        } catch (ShareNotFound $e) {
+            $remoteShare = null;
+        }
+
+        if ($remoteShare) {
+            try {
+                $ownerCloudId = $this->cloudIdManager->getCloudId($remoteShare['owner'], $remoteShare['remote']);
+                $shareId = $this->addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $ownerCloudId->getId(), $permissions, 'tmp_token_' . time());
+                $share->setId($shareId);
+                list($token, $remoteId) = $this->askOwnerToReShare($shareWith, $share, $shareId);
+                // remote share was create successfully if we get a valid token as return
+                $send = is_string($token) && $token !== '';
+            } catch (\Exception $e) {
+                // fall back to old re-share behavior if the remote server
+                // doesn't support flat re-shares (was introduced with Nextcloud 9.1)
+                $this->removeShareFromTable($share);
+                $shareId = $this->createFederatedShare($share);
+            }
+            if ($send) {
+                $this->updateSuccessfulReshare($shareId, $token);
+                $this->storeRemoteId($shareId, $remoteId);
+            } else {
+                $this->removeShareFromTable($share);
+                $message_t = $this->l->t('File is already shared with %s', [$shareWith]);
+                throw new \Exception($message_t);
+            }
+
+        } else {
+            $shareId = $this->createFederatedShare($share);
+        }
+
+        $data = $this->getRawShare($shareId);
+        return $this->createShareObject($data);
+    }
+
+    /**
+     * create federated share and inform the recipient
+     *
+     * @param IShare $share
+     * @return int
+     * @throws ShareNotFound
+     * @throws \Exception
+     */
+    protected function createFederatedShare(IShare $share) {
+        $token = $this->tokenHandler->generateToken();
+        $shareId = $this->addShareToDB(
+            $share->getNodeId(),
+            $share->getNodeType(),
+            $share->getSharedWith(),
+            $share->getSharedBy(),
+            $share->getShareOwner(),
+            $share->getPermissions(),
+            $token
+        );
+
+        $failure = false;
+
+        try {
+            $sharedByFederatedId = $share->getSharedBy();
+            if ($this->userManager->userExists($sharedByFederatedId)) {
+                $cloudId = $this->cloudIdManager->getCloudId($sharedByFederatedId, $this->addressHandler->generateRemoteURL());
+                $sharedByFederatedId = $cloudId->getId();
+            }
+            $ownerCloudId = $this->cloudIdManager->getCloudId($share->getShareOwner(), $this->addressHandler->generateRemoteURL());
+            $send = $this->notifications->sendRemoteShare(
+                $token,
+                $share->getSharedWith(),
+                $share->getNode()->getName(),
+                $shareId,
+                $share->getShareOwner(),
+                $ownerCloudId->getId(),
+                $share->getSharedBy(),
+                $sharedByFederatedId,
+                $share->getShareType()
+            );
+
+            if ($send === false) {
+                $failure = true;
+            }
+        } catch (\Exception $e) {
+            $this->logger->logException($e, [
+                'message' => 'Failed to notify remote server of federated share, removing share.',
+                'level' => ILogger::ERROR,
+                'app' => 'federatedfilesharing',
+            ]);
+            $failure = true;
+        }
+
+        if($failure) {
+            $this->removeShareFromTableById($shareId);
+            $message_t = $this->l->t('Sharing %s failed, could not find %s, maybe the server is currently unreachable or uses a self-signed certificate.',
+                [$share->getNode()->getName(), $share->getSharedWith()]);
+            throw new \Exception($message_t);
+        }
+
+        return $shareId;
+
+    }
+
+    /**
+     * @param string $shareWith
+     * @param IShare $share
+     * @param string $shareId internal share Id
+     * @return array
+     * @throws \Exception
+     */
+    protected function askOwnerToReShare($shareWith, IShare $share, $shareId) {
+
+        $remoteShare = $this->getShareFromExternalShareTable($share);
+        $token = $remoteShare['share_token'];
+        $remoteId = $remoteShare['remote_id'];
+        $remote = $remoteShare['remote'];
+
+        list($token, $remoteId) = $this->notifications->requestReShare(
+            $token,
+            $remoteId,
+            $shareId,
+            $remote,
+            $shareWith,
+            $share->getPermissions(),
+            $share->getNode()->getName()
+        );
+
+        return [$token, $remoteId];
+    }
+
+    /**
+     * get federated share from the share_external table but exclude mounted link shares
+     *
+     * @param IShare $share
+     * @return array
+     * @throws ShareNotFound
+     */
+    protected function getShareFromExternalShareTable(IShare $share) {
+        $query = $this->dbConnection->getQueryBuilder();
+        $query->select('*')->from($this->externalShareTable)
+            ->where($query->expr()->eq('user', $query->createNamedParameter($share->getShareOwner())))
+            ->andWhere($query->expr()->eq('mountpoint', $query->createNamedParameter($share->getTarget())));
+        $result = $query->execute()->fetchAll();
+
+        if (isset($result[0]) && (int)$result[0]['remote_id'] > 0) {
+            return $result[0];
+        }
+
+        throw new ShareNotFound('share not found in share_external table');
+    }
+
+    /**
+     * add share to the database and return the ID
+     *
+     * @param int $itemSource
+     * @param string $itemType
+     * @param string $shareWith
+     * @param string $sharedBy
+     * @param string $uidOwner
+     * @param int $permissions
+     * @param string $token
+     * @return int
+     */
+    private function addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $uidOwner, $permissions, $token) {
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->insert('share')
+            ->setValue('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE))
+            ->setValue('item_type', $qb->createNamedParameter($itemType))
+            ->setValue('item_source', $qb->createNamedParameter($itemSource))
+            ->setValue('file_source', $qb->createNamedParameter($itemSource))
+            ->setValue('share_with', $qb->createNamedParameter($shareWith))
+            ->setValue('uid_owner', $qb->createNamedParameter($uidOwner))
+            ->setValue('uid_initiator', $qb->createNamedParameter($sharedBy))
+            ->setValue('permissions', $qb->createNamedParameter($permissions))
+            ->setValue('token', $qb->createNamedParameter($token))
+            ->setValue('stime', $qb->createNamedParameter(time()));
+
+        /*
 		 * Added to fix https://github.com/owncloud/core/issues/22215
 		 * Can be removed once we get rid of ajax/share.php
 		 */
-		$qb->setValue('file_target', $qb->createNamedParameter(''));
-
-		$qb->execute();
-		$id = $qb->getLastInsertId();
-
-		return (int)$id;
-	}
-
-	/**
-	 * Update a share
-	 *
-	 * @param IShare $share
-	 * @return IShare The share object
-	 */
-	public function update(IShare $share) {
-		/*
+        $qb->setValue('file_target', $qb->createNamedParameter(''));
+
+        $qb->execute();
+        $id = $qb->getLastInsertId();
+
+        return (int)$id;
+    }
+
+    /**
+     * Update a share
+     *
+     * @param IShare $share
+     * @return IShare The share object
+     */
+    public function update(IShare $share) {
+        /*
 		 * We allow updating the permissions of federated shares
 		 */
-		$qb = $this->dbConnection->getQueryBuilder();
-			$qb->update('share')
-				->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))
-				->set('permissions', $qb->createNamedParameter($share->getPermissions()))
-				->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))
-				->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))
-				->execute();
-
-		// send the updated permission to the owner/initiator, if they are not the same
-		if ($share->getShareOwner() !== $share->getSharedBy()) {
-			$this->sendPermissionUpdate($share);
-		}
-
-		return $share;
-	}
-
-	/**
-	 * send the updated permission to the owner/initiator, if they are not the same
-	 *
-	 * @param IShare $share
-	 * @throws ShareNotFound
-	 * @throws \OC\HintException
-	 */
-	protected function sendPermissionUpdate(IShare $share) {
-		$remoteId = $this->getRemoteId($share);
-		// if the local user is the owner we send the permission change to the initiator
-		if ($this->userManager->userExists($share->getShareOwner())) {
-			list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
-		} else { // ... if not we send the permission change to the owner
-			list(, $remote) = $this->addressHandler->splitUserRemote($share->getShareOwner());
-		}
-		$this->notifications->sendPermissionChange($remote, $remoteId, $share->getToken(), $share->getPermissions());
-	}
-
-
-	/**
-	 * update successful reShare with the correct token
-	 *
-	 * @param int $shareId
-	 * @param string $token
-	 */
-	protected function updateSuccessfulReShare($shareId, $token) {
-		$query = $this->dbConnection->getQueryBuilder();
-		$query->update('share')
-			->where($query->expr()->eq('id', $query->createNamedParameter($shareId)))
-			->set('token', $query->createNamedParameter($token))
-			->execute();
-	}
-
-	/**
-	 * store remote ID in federated reShare table
-	 *
-	 * @param $shareId
-	 * @param $remoteId
-	 */
-	public function storeRemoteId($shareId, $remoteId) {
-		$query = $this->dbConnection->getQueryBuilder();
-		$query->insert('federated_reshares')
-			->values(
-				[
-					'share_id' =>  $query->createNamedParameter($shareId),
-					'remote_id' => $query->createNamedParameter($remoteId),
-				]
-			);
-		$query->execute();
-	}
-
-	/**
-	 * get share ID on remote server for federated re-shares
-	 *
-	 * @param IShare $share
-	 * @return int
-	 * @throws ShareNotFound
-	 */
-	public function getRemoteId(IShare $share) {
-		$query = $this->dbConnection->getQueryBuilder();
-		$query->select('remote_id')->from('federated_reshares')
-			->where($query->expr()->eq('share_id', $query->createNamedParameter((int)$share->getId())));
-		$data = $query->execute()->fetch();
-
-		if (!is_array($data) || !isset($data['remote_id'])) {
-			throw new ShareNotFound();
-		}
-
-		return (int)$data['remote_id'];
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function move(IShare $share, $recipient) {
-		/*
+        $qb = $this->dbConnection->getQueryBuilder();
+            $qb->update('share')
+                ->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))
+                ->set('permissions', $qb->createNamedParameter($share->getPermissions()))
+                ->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))
+                ->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))
+                ->execute();
+
+        // send the updated permission to the owner/initiator, if they are not the same
+        if ($share->getShareOwner() !== $share->getSharedBy()) {
+            $this->sendPermissionUpdate($share);
+        }
+
+        return $share;
+    }
+
+    /**
+     * send the updated permission to the owner/initiator, if they are not the same
+     *
+     * @param IShare $share
+     * @throws ShareNotFound
+     * @throws \OC\HintException
+     */
+    protected function sendPermissionUpdate(IShare $share) {
+        $remoteId = $this->getRemoteId($share);
+        // if the local user is the owner we send the permission change to the initiator
+        if ($this->userManager->userExists($share->getShareOwner())) {
+            list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
+        } else { // ... if not we send the permission change to the owner
+            list(, $remote) = $this->addressHandler->splitUserRemote($share->getShareOwner());
+        }
+        $this->notifications->sendPermissionChange($remote, $remoteId, $share->getToken(), $share->getPermissions());
+    }
+
+
+    /**
+     * update successful reShare with the correct token
+     *
+     * @param int $shareId
+     * @param string $token
+     */
+    protected function updateSuccessfulReShare($shareId, $token) {
+        $query = $this->dbConnection->getQueryBuilder();
+        $query->update('share')
+            ->where($query->expr()->eq('id', $query->createNamedParameter($shareId)))
+            ->set('token', $query->createNamedParameter($token))
+            ->execute();
+    }
+
+    /**
+     * store remote ID in federated reShare table
+     *
+     * @param $shareId
+     * @param $remoteId
+     */
+    public function storeRemoteId($shareId, $remoteId) {
+        $query = $this->dbConnection->getQueryBuilder();
+        $query->insert('federated_reshares')
+            ->values(
+                [
+                    'share_id' =>  $query->createNamedParameter($shareId),
+                    'remote_id' => $query->createNamedParameter($remoteId),
+                ]
+            );
+        $query->execute();
+    }
+
+    /**
+     * get share ID on remote server for federated re-shares
+     *
+     * @param IShare $share
+     * @return int
+     * @throws ShareNotFound
+     */
+    public function getRemoteId(IShare $share) {
+        $query = $this->dbConnection->getQueryBuilder();
+        $query->select('remote_id')->from('federated_reshares')
+            ->where($query->expr()->eq('share_id', $query->createNamedParameter((int)$share->getId())));
+        $data = $query->execute()->fetch();
+
+        if (!is_array($data) || !isset($data['remote_id'])) {
+            throw new ShareNotFound();
+        }
+
+        return (int)$data['remote_id'];
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function move(IShare $share, $recipient) {
+        /*
 		 * This function does nothing yet as it is just for outgoing
 		 * federated shares.
 		 */
-		return $share;
-	}
-
-	/**
-	 * Get all children of this share
-	 *
-	 * @param IShare $parent
-	 * @return IShare[]
-	 */
-	public function getChildren(IShare $parent) {
-		$children = [];
-
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('*')
-			->from('share')
-			->where($qb->expr()->eq('parent', $qb->createNamedParameter($parent->getId())))
-			->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
-			->orderBy('id');
-
-		$cursor = $qb->execute();
-		while($data = $cursor->fetch()) {
-			$children[] = $this->createShareObject($data);
-		}
-		$cursor->closeCursor();
-
-		return $children;
-	}
-
-	/**
-	 * Delete a share (owner unShares the file)
-	 *
-	 * @param IShare $share
-	 * @throws ShareNotFound
-	 * @throws \OC\HintException
-	 */
-	public function delete(IShare $share) {
-
-		list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedWith());
-
-		// if the local user is the owner we can send the unShare request directly...
-		if ($this->userManager->userExists($share->getShareOwner())) {
-			$this->notifications->sendRemoteUnShare($remote, $share->getId(), $share->getToken());
-			$this->revokeShare($share, true);
-		} else { // ... if not we need to correct ID for the unShare request
-			$remoteId = $this->getRemoteId($share);
-			$this->notifications->sendRemoteUnShare($remote, $remoteId, $share->getToken());
-			$this->revokeShare($share, false);
-		}
-
-		// only remove the share when all messages are send to not lose information
-		// about the share to early
-		$this->removeShareFromTable($share);
-	}
-
-	/**
-	 * in case of a re-share we need to send the other use (initiator or owner)
-	 * a message that the file was unshared
-	 *
-	 * @param IShare $share
-	 * @param bool $isOwner the user can either be the owner or the user who re-sahred it
-	 * @throws ShareNotFound
-	 * @throws \OC\HintException
-	 */
-	protected function revokeShare($share, $isOwner) {
-		// also send a unShare request to the initiator, if this is a different user than the owner
-		if ($share->getShareOwner() !== $share->getSharedBy()) {
-			if ($isOwner) {
-				list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
-			} else {
-				list(, $remote) = $this->addressHandler->splitUserRemote($share->getShareOwner());
-			}
-			$remoteId = $this->getRemoteId($share);
-			$this->notifications->sendRevokeShare($remote, $remoteId, $share->getToken());
-		}
-	}
-
-	/**
-	 * remove share from table
-	 *
-	 * @param IShare $share
-	 */
-	public function removeShareFromTable(IShare $share) {
-		$this->removeShareFromTableById($share->getId());
-	}
-
-	/**
-	 * remove share from table
-	 *
-	 * @param string $shareId
-	 */
-	private function removeShareFromTableById($shareId) {
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->delete('share')
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($shareId)));
-		$qb->execute();
-
-		$qb->delete('federated_reshares')
-			->where($qb->expr()->eq('share_id', $qb->createNamedParameter($shareId)));
-		$qb->execute();
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteFromSelf(IShare $share, $recipient) {
-		// nothing to do here. Technically deleteFromSelf in the context of federated
-		// shares is a umount of a external storage. This is handled here
-		// apps/files_sharing/lib/external/manager.php
-		// TODO move this code over to this app
-	}
-
-
-	public function getSharesInFolder($userId, Folder $node, $reshares) {
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('*')
-			->from('share', 's')
-			->andWhere($qb->expr()->orX(
-				$qb->expr()->eq('item_type', $qb->createNamedParameter('file')),
-				$qb->expr()->eq('item_type', $qb->createNamedParameter('folder'))
-			))
-			->andWhere(
-				$qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE))
-			);
-
-		/**
-		 * Reshares for this user are shares where they are the owner.
-		 */
-		if ($reshares === false) {
-			$qb->andWhere($qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId)));
-		} else {
-			$qb->andWhere(
-				$qb->expr()->orX(
-					$qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
-					$qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId))
-				)
-			);
-		}
-
-		$qb->innerJoin('s', 'filecache' ,'f', $qb->expr()->eq('s.file_source', 'f.fileid'));
-		$qb->andWhere($qb->expr()->eq('f.parent', $qb->createNamedParameter($node->getId())));
-
-		$qb->orderBy('id');
-
-		$cursor = $qb->execute();
-		$shares = [];
-		while ($data = $cursor->fetch()) {
-			$shares[$data['fileid']][] = $this->createShareObject($data);
-		}
-		$cursor->closeCursor();
-
-		return $shares;
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getSharesBy($userId, $shareType, $node, $reshares, $limit, $offset) {
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('*')
-			->from('share');
-
-		$qb->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
-
-		/**
-		 * Reshares for this user are shares where they are the owner.
-		 */
-		if ($reshares === false) {
-			//Special case for old shares created via the web UI
-			$or1 = $qb->expr()->andX(
-				$qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
-				$qb->expr()->isNull('uid_initiator')
-			);
-
-			$qb->andWhere(
-				$qb->expr()->orX(
-					$qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId)),
-					$or1
-				)
-			);
-		} else {
-			$qb->andWhere(
-				$qb->expr()->orX(
-					$qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
-					$qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId))
-				)
-			);
-		}
-
-		if ($node !== null) {
-			$qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
-		}
-
-		if ($limit !== -1) {
-			$qb->setMaxResults($limit);
-		}
-
-		$qb->setFirstResult($offset);
-		$qb->orderBy('id');
-
-		$cursor = $qb->execute();
-		$shares = [];
-		while($data = $cursor->fetch()) {
-			$shares[] = $this->createShareObject($data);
-		}
-		$cursor->closeCursor();
-
-		return $shares;
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getShareById($id, $recipientId = null) {
-		$qb = $this->dbConnection->getQueryBuilder();
-
-		$qb->select('*')
-			->from('share')
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
-			->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
-
-		$cursor = $qb->execute();
-		$data = $cursor->fetch();
-		$cursor->closeCursor();
-
-		if ($data === false) {
-			throw new ShareNotFound('Can not find share with ID: ' . $id);
-		}
-
-		try {
-			$share = $this->createShareObject($data);
-		} catch (InvalidShare $e) {
-			throw new ShareNotFound();
-		}
-
-		return $share;
-	}
-
-	/**
-	 * Get shares for a given path
-	 *
-	 * @param \OCP\Files\Node $path
-	 * @return IShare[]
-	 */
-	public function getSharesByPath(Node $path) {
-		$qb = $this->dbConnection->getQueryBuilder();
-
-		$cursor = $qb->select('*')
-			->from('share')
-			->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($path->getId())))
-			->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
-			->execute();
-
-		$shares = [];
-		while($data = $cursor->fetch()) {
-			$shares[] = $this->createShareObject($data);
-		}
-		$cursor->closeCursor();
-
-		return $shares;
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getSharedWith($userId, $shareType, $node, $limit, $offset) {
-		/** @var IShare[] $shares */
-		$shares = [];
-
-		//Get shares directly with this user
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('*')
-			->from('share');
-
-		// Order by id
-		$qb->orderBy('id');
-
-		// Set limit and offset
-		if ($limit !== -1) {
-			$qb->setMaxResults($limit);
-		}
-		$qb->setFirstResult($offset);
-
-		$qb->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
-		$qb->andWhere($qb->expr()->eq('share_with', $qb->createNamedParameter($userId)));
-
-		// Filter by node if provided
-		if ($node !== null) {
-			$qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
-		}
-
-		$cursor = $qb->execute();
-
-		while($data = $cursor->fetch()) {
-			$shares[] = $this->createShareObject($data);
-		}
-		$cursor->closeCursor();
-
-
-		return $shares;
-	}
-
-	/**
-	 * Get a share by token
-	 *
-	 * @param string $token
-	 * @return IShare
-	 * @throws ShareNotFound
-	 */
-	public function getShareByToken($token) {
-		$qb = $this->dbConnection->getQueryBuilder();
-
-		$cursor = $qb->select('*')
-			->from('share')
-			->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
-			->andWhere($qb->expr()->eq('token', $qb->createNamedParameter($token)))
-			->execute();
-
-		$data = $cursor->fetch();
-
-		if ($data === false) {
-			throw new ShareNotFound('Share not found', $this->l->t('Could not find share'));
-		}
-
-		try {
-			$share = $this->createShareObject($data);
-		} catch (InvalidShare $e) {
-			throw new ShareNotFound('Share not found', $this->l->t('Could not find share'));
-		}
-
-		return $share;
-	}
-
-	/**
-	 * get database row of a give share
-	 *
-	 * @param $id
-	 * @return array
-	 * @throws ShareNotFound
-	 */
-	private function getRawShare($id) {
-
-		// Now fetch the inserted share and create a complete share object
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('*')
-			->from('share')
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($id)));
-
-		$cursor = $qb->execute();
-		$data = $cursor->fetch();
-		$cursor->closeCursor();
-
-		if ($data === false) {
-			throw new ShareNotFound;
-		}
-
-		return $data;
-	}
-
-	/**
-	 * Create a share object from an database row
-	 *
-	 * @param array $data
-	 * @return IShare
-	 * @throws InvalidShare
-	 * @throws ShareNotFound
-	 */
-	private function createShareObject($data) {
-
-		$share = new Share($this->rootFolder, $this->userManager);
-		$share->setId((int)$data['id'])
-			->setShareType((int)$data['share_type'])
-			->setPermissions((int)$data['permissions'])
-			->setTarget($data['file_target'])
-			->setMailSend((bool)$data['mail_send'])
-			->setToken($data['token']);
-
-		$shareTime = new \DateTime();
-		$shareTime->setTimestamp((int)$data['stime']);
-		$share->setShareTime($shareTime);
-		$share->setSharedWith($data['share_with']);
-
-		if ($data['uid_initiator'] !== null) {
-			$share->setShareOwner($data['uid_owner']);
-			$share->setSharedBy($data['uid_initiator']);
-		} else {
-			//OLD SHARE
-			$share->setSharedBy($data['uid_owner']);
-			$path = $this->getNode($share->getSharedBy(), (int)$data['file_source']);
-
-			$owner = $path->getOwner();
-			$share->setShareOwner($owner->getUID());
-		}
-
-		$share->setNodeId((int)$data['file_source']);
-		$share->setNodeType($data['item_type']);
-
-		$share->setProviderId($this->identifier());
-
-		return $share;
-	}
-
-	/**
-	 * Get the node with file $id for $user
-	 *
-	 * @param string $userId
-	 * @param int $id
-	 * @return \OCP\Files\File|\OCP\Files\Folder
-	 * @throws InvalidShare
-	 */
-	private function getNode($userId, $id) {
-		try {
-			$userFolder = $this->rootFolder->getUserFolder($userId);
-		} catch (NotFoundException $e) {
-			throw new InvalidShare();
-		}
-
-		$nodes = $userFolder->getById($id);
-
-		if (empty($nodes)) {
-			throw new InvalidShare();
-		}
-
-		return $nodes[0];
-	}
-
-	/**
-	 * A user is deleted from the system
-	 * So clean up the relevant shares.
-	 *
-	 * @param string $uid
-	 * @param int $shareType
-	 */
-	public function userDeleted($uid, $shareType) {
-		//TODO: probabaly a good idea to send unshare info to remote servers
-
-		$qb = $this->dbConnection->getQueryBuilder();
-
-		$qb->delete('share')
-			->where($qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE)))
-			->andWhere($qb->expr()->eq('uid_owner', $qb->createNamedParameter($uid)))
-			->execute();
-	}
-
-	/**
-	 * This provider does not handle groups
-	 *
-	 * @param string $gid
-	 */
-	public function groupDeleted($gid) {
-		// We don't handle groups here
-	}
-
-	/**
-	 * This provider does not handle groups
-	 *
-	 * @param string $uid
-	 * @param string $gid
-	 */
-	public function userDeletedFromGroup($uid, $gid) {
-		// We don't handle groups here
-	}
-
-	/**
-	 * check if users from other Nextcloud instances are allowed to mount public links share by this instance
-	 *
-	 * @return bool
-	 */
-	public function isOutgoingServer2serverShareEnabled() {
-		if ($this->gsConfig->onlyInternalFederation()) {
-			return false;
-		}
-		$result = $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes');
-		return ($result === 'yes');
-	}
-
-	/**
-	 * check if users are allowed to mount public links from other Nextclouds
-	 *
-	 * @return bool
-	 */
-	public function isIncomingServer2serverShareEnabled() {
-		if ($this->gsConfig->onlyInternalFederation()) {
-			return false;
-		}
-		$result = $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes');
-		return ($result === 'yes');
-	}
-
-
-	/**
-	 * check if users from other Nextcloud instances are allowed to send federated group shares
-	 *
-	 * @return bool
-	 */
-	public function isOutgoingServer2serverGroupShareEnabled() {
-		if ($this->gsConfig->onlyInternalFederation()) {
-			return false;
-		}
-		$result = $this->config->getAppValue('files_sharing', 'outgoing_server2server_group_share_enabled', 'no');
-		return ($result === 'yes');
-	}
-
-	/**
-	 * check if users are allowed to receive federated group shares
-	 *
-	 * @return bool
-	 */
-	public function isIncomingServer2serverGroupShareEnabled() {
-		if ($this->gsConfig->onlyInternalFederation()) {
-			return false;
-		}
-		$result = $this->config->getAppValue('files_sharing', 'incoming_server2server_group_share_enabled', 'no');
-		return ($result === 'yes');
-	}
-
-	/**
-	 * check if federated group sharing is supported, therefore the OCM API need to be enabled
-	 *
-	 * @return bool
-	 */
-	public function isFederatedGroupSharingSupported() {
-		return $this->cloudFederationProviderManager->isReady();
-	}
-
-	/**
-	 * Check if querying sharees on the lookup server is enabled
-	 *
-	 * @return bool
-	 */
-	public function isLookupServerQueriesEnabled() {
-		// in a global scale setup we should always query the lookup server
-		if ($this->gsConfig->isGlobalScaleEnabled()) {
-			return true;
-		}
-		$result = $this->config->getAppValue('files_sharing', 'lookupServerEnabled', 'no');
-		return ($result === 'yes');
-	}
-
-
-	/**
-	 * Check if it is allowed to publish user specific data to the lookup server
-	 *
-	 * @return bool
-	 */
-	public function isLookupServerUploadEnabled() {
-		// in a global scale setup the admin is responsible to keep the lookup server up-to-date
-		if ($this->gsConfig->isGlobalScaleEnabled()) {
-			return false;
-		}
-		$result = $this->config->getAppValue('files_sharing', 'lookupServerUploadEnabled', 'yes');
-		return ($result === 'yes');
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getAccessList($nodes, $currentAccess) {
-		$ids = [];
-		foreach ($nodes as $node) {
-			$ids[] = $node->getId();
-		}
-
-		$qb = $this->dbConnection->getQueryBuilder();
-		$qb->select('share_with', 'token', 'file_source')
-			->from('share')
-			->where($qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE)))
-			->andWhere($qb->expr()->in('file_source', $qb->createNamedParameter($ids, IQueryBuilder::PARAM_INT_ARRAY)))
-			->andWhere($qb->expr()->orX(
-				$qb->expr()->eq('item_type', $qb->createNamedParameter('file')),
-				$qb->expr()->eq('item_type', $qb->createNamedParameter('folder'))
-			));
-		$cursor = $qb->execute();
-
-		if ($currentAccess === false) {
-			$remote = $cursor->fetch() !== false;
-			$cursor->closeCursor();
-
-			return ['remote' => $remote];
-		}
-
-		$remote = [];
-		while ($row = $cursor->fetch()) {
-			$remote[$row['share_with']] = [
-				'node_id' => $row['file_source'],
-				'token' => $row['token'],
-			];
-		}
-		$cursor->closeCursor();
-
-		return ['remote' => $remote];
-	}
+        return $share;
+    }
+
+    /**
+     * Get all children of this share
+     *
+     * @param IShare $parent
+     * @return IShare[]
+     */
+    public function getChildren(IShare $parent) {
+        $children = [];
+
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('*')
+            ->from('share')
+            ->where($qb->expr()->eq('parent', $qb->createNamedParameter($parent->getId())))
+            ->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
+            ->orderBy('id');
+
+        $cursor = $qb->execute();
+        while($data = $cursor->fetch()) {
+            $children[] = $this->createShareObject($data);
+        }
+        $cursor->closeCursor();
+
+        return $children;
+    }
+
+    /**
+     * Delete a share (owner unShares the file)
+     *
+     * @param IShare $share
+     * @throws ShareNotFound
+     * @throws \OC\HintException
+     */
+    public function delete(IShare $share) {
+
+        list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedWith());
+
+        // if the local user is the owner we can send the unShare request directly...
+        if ($this->userManager->userExists($share->getShareOwner())) {
+            $this->notifications->sendRemoteUnShare($remote, $share->getId(), $share->getToken());
+            $this->revokeShare($share, true);
+        } else { // ... if not we need to correct ID for the unShare request
+            $remoteId = $this->getRemoteId($share);
+            $this->notifications->sendRemoteUnShare($remote, $remoteId, $share->getToken());
+            $this->revokeShare($share, false);
+        }
+
+        // only remove the share when all messages are send to not lose information
+        // about the share to early
+        $this->removeShareFromTable($share);
+    }
+
+    /**
+     * in case of a re-share we need to send the other use (initiator or owner)
+     * a message that the file was unshared
+     *
+     * @param IShare $share
+     * @param bool $isOwner the user can either be the owner or the user who re-sahred it
+     * @throws ShareNotFound
+     * @throws \OC\HintException
+     */
+    protected function revokeShare($share, $isOwner) {
+        // also send a unShare request to the initiator, if this is a different user than the owner
+        if ($share->getShareOwner() !== $share->getSharedBy()) {
+            if ($isOwner) {
+                list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
+            } else {
+                list(, $remote) = $this->addressHandler->splitUserRemote($share->getShareOwner());
+            }
+            $remoteId = $this->getRemoteId($share);
+            $this->notifications->sendRevokeShare($remote, $remoteId, $share->getToken());
+        }
+    }
+
+    /**
+     * remove share from table
+     *
+     * @param IShare $share
+     */
+    public function removeShareFromTable(IShare $share) {
+        $this->removeShareFromTableById($share->getId());
+    }
+
+    /**
+     * remove share from table
+     *
+     * @param string $shareId
+     */
+    private function removeShareFromTableById($shareId) {
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->delete('share')
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($shareId)));
+        $qb->execute();
+
+        $qb->delete('federated_reshares')
+            ->where($qb->expr()->eq('share_id', $qb->createNamedParameter($shareId)));
+        $qb->execute();
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteFromSelf(IShare $share, $recipient) {
+        // nothing to do here. Technically deleteFromSelf in the context of federated
+        // shares is a umount of a external storage. This is handled here
+        // apps/files_sharing/lib/external/manager.php
+        // TODO move this code over to this app
+    }
+
+
+    public function getSharesInFolder($userId, Folder $node, $reshares) {
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('*')
+            ->from('share', 's')
+            ->andWhere($qb->expr()->orX(
+                $qb->expr()->eq('item_type', $qb->createNamedParameter('file')),
+                $qb->expr()->eq('item_type', $qb->createNamedParameter('folder'))
+            ))
+            ->andWhere(
+                $qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE))
+            );
+
+        /**
+         * Reshares for this user are shares where they are the owner.
+         */
+        if ($reshares === false) {
+            $qb->andWhere($qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId)));
+        } else {
+            $qb->andWhere(
+                $qb->expr()->orX(
+                    $qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
+                    $qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId))
+                )
+            );
+        }
+
+        $qb->innerJoin('s', 'filecache' ,'f', $qb->expr()->eq('s.file_source', 'f.fileid'));
+        $qb->andWhere($qb->expr()->eq('f.parent', $qb->createNamedParameter($node->getId())));
+
+        $qb->orderBy('id');
+
+        $cursor = $qb->execute();
+        $shares = [];
+        while ($data = $cursor->fetch()) {
+            $shares[$data['fileid']][] = $this->createShareObject($data);
+        }
+        $cursor->closeCursor();
+
+        return $shares;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getSharesBy($userId, $shareType, $node, $reshares, $limit, $offset) {
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('*')
+            ->from('share');
+
+        $qb->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
+
+        /**
+         * Reshares for this user are shares where they are the owner.
+         */
+        if ($reshares === false) {
+            //Special case for old shares created via the web UI
+            $or1 = $qb->expr()->andX(
+                $qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
+                $qb->expr()->isNull('uid_initiator')
+            );
+
+            $qb->andWhere(
+                $qb->expr()->orX(
+                    $qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId)),
+                    $or1
+                )
+            );
+        } else {
+            $qb->andWhere(
+                $qb->expr()->orX(
+                    $qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
+                    $qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId))
+                )
+            );
+        }
+
+        if ($node !== null) {
+            $qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
+        }
+
+        if ($limit !== -1) {
+            $qb->setMaxResults($limit);
+        }
+
+        $qb->setFirstResult($offset);
+        $qb->orderBy('id');
+
+        $cursor = $qb->execute();
+        $shares = [];
+        while($data = $cursor->fetch()) {
+            $shares[] = $this->createShareObject($data);
+        }
+        $cursor->closeCursor();
+
+        return $shares;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getShareById($id, $recipientId = null) {
+        $qb = $this->dbConnection->getQueryBuilder();
+
+        $qb->select('*')
+            ->from('share')
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
+            ->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
+
+        $cursor = $qb->execute();
+        $data = $cursor->fetch();
+        $cursor->closeCursor();
+
+        if ($data === false) {
+            throw new ShareNotFound('Can not find share with ID: ' . $id);
+        }
+
+        try {
+            $share = $this->createShareObject($data);
+        } catch (InvalidShare $e) {
+            throw new ShareNotFound();
+        }
+
+        return $share;
+    }
+
+    /**
+     * Get shares for a given path
+     *
+     * @param \OCP\Files\Node $path
+     * @return IShare[]
+     */
+    public function getSharesByPath(Node $path) {
+        $qb = $this->dbConnection->getQueryBuilder();
+
+        $cursor = $qb->select('*')
+            ->from('share')
+            ->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($path->getId())))
+            ->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
+            ->execute();
+
+        $shares = [];
+        while($data = $cursor->fetch()) {
+            $shares[] = $this->createShareObject($data);
+        }
+        $cursor->closeCursor();
+
+        return $shares;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getSharedWith($userId, $shareType, $node, $limit, $offset) {
+        /** @var IShare[] $shares */
+        $shares = [];
+
+        //Get shares directly with this user
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('*')
+            ->from('share');
+
+        // Order by id
+        $qb->orderBy('id');
+
+        // Set limit and offset
+        if ($limit !== -1) {
+            $qb->setMaxResults($limit);
+        }
+        $qb->setFirstResult($offset);
+
+        $qb->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)));
+        $qb->andWhere($qb->expr()->eq('share_with', $qb->createNamedParameter($userId)));
+
+        // Filter by node if provided
+        if ($node !== null) {
+            $qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
+        }
+
+        $cursor = $qb->execute();
+
+        while($data = $cursor->fetch()) {
+            $shares[] = $this->createShareObject($data);
+        }
+        $cursor->closeCursor();
+
+
+        return $shares;
+    }
+
+    /**
+     * Get a share by token
+     *
+     * @param string $token
+     * @return IShare
+     * @throws ShareNotFound
+     */
+    public function getShareByToken($token) {
+        $qb = $this->dbConnection->getQueryBuilder();
+
+        $cursor = $qb->select('*')
+            ->from('share')
+            ->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_REMOTE)))
+            ->andWhere($qb->expr()->eq('token', $qb->createNamedParameter($token)))
+            ->execute();
+
+        $data = $cursor->fetch();
+
+        if ($data === false) {
+            throw new ShareNotFound('Share not found', $this->l->t('Could not find share'));
+        }
+
+        try {
+            $share = $this->createShareObject($data);
+        } catch (InvalidShare $e) {
+            throw new ShareNotFound('Share not found', $this->l->t('Could not find share'));
+        }
+
+        return $share;
+    }
+
+    /**
+     * get database row of a give share
+     *
+     * @param $id
+     * @return array
+     * @throws ShareNotFound
+     */
+    private function getRawShare($id) {
+
+        // Now fetch the inserted share and create a complete share object
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('*')
+            ->from('share')
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)));
+
+        $cursor = $qb->execute();
+        $data = $cursor->fetch();
+        $cursor->closeCursor();
+
+        if ($data === false) {
+            throw new ShareNotFound;
+        }
+
+        return $data;
+    }
+
+    /**
+     * Create a share object from an database row
+     *
+     * @param array $data
+     * @return IShare
+     * @throws InvalidShare
+     * @throws ShareNotFound
+     */
+    private function createShareObject($data) {
+
+        $share = new Share($this->rootFolder, $this->userManager);
+        $share->setId((int)$data['id'])
+            ->setShareType((int)$data['share_type'])
+            ->setPermissions((int)$data['permissions'])
+            ->setTarget($data['file_target'])
+            ->setMailSend((bool)$data['mail_send'])
+            ->setToken($data['token']);
+
+        $shareTime = new \DateTime();
+        $shareTime->setTimestamp((int)$data['stime']);
+        $share->setShareTime($shareTime);
+        $share->setSharedWith($data['share_with']);
+
+        if ($data['uid_initiator'] !== null) {
+            $share->setShareOwner($data['uid_owner']);
+            $share->setSharedBy($data['uid_initiator']);
+        } else {
+            //OLD SHARE
+            $share->setSharedBy($data['uid_owner']);
+            $path = $this->getNode($share->getSharedBy(), (int)$data['file_source']);
+
+            $owner = $path->getOwner();
+            $share->setShareOwner($owner->getUID());
+        }
+
+        $share->setNodeId((int)$data['file_source']);
+        $share->setNodeType($data['item_type']);
+
+        $share->setProviderId($this->identifier());
+
+        return $share;
+    }
+
+    /**
+     * Get the node with file $id for $user
+     *
+     * @param string $userId
+     * @param int $id
+     * @return \OCP\Files\File|\OCP\Files\Folder
+     * @throws InvalidShare
+     */
+    private function getNode($userId, $id) {
+        try {
+            $userFolder = $this->rootFolder->getUserFolder($userId);
+        } catch (NotFoundException $e) {
+            throw new InvalidShare();
+        }
+
+        $nodes = $userFolder->getById($id);
+
+        if (empty($nodes)) {
+            throw new InvalidShare();
+        }
+
+        return $nodes[0];
+    }
+
+    /**
+     * A user is deleted from the system
+     * So clean up the relevant shares.
+     *
+     * @param string $uid
+     * @param int $shareType
+     */
+    public function userDeleted($uid, $shareType) {
+        //TODO: probabaly a good idea to send unshare info to remote servers
+
+        $qb = $this->dbConnection->getQueryBuilder();
+
+        $qb->delete('share')
+            ->where($qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE)))
+            ->andWhere($qb->expr()->eq('uid_owner', $qb->createNamedParameter($uid)))
+            ->execute();
+    }
+
+    /**
+     * This provider does not handle groups
+     *
+     * @param string $gid
+     */
+    public function groupDeleted($gid) {
+        // We don't handle groups here
+    }
+
+    /**
+     * This provider does not handle groups
+     *
+     * @param string $uid
+     * @param string $gid
+     */
+    public function userDeletedFromGroup($uid, $gid) {
+        // We don't handle groups here
+    }
+
+    /**
+     * check if users from other Nextcloud instances are allowed to mount public links share by this instance
+     *
+     * @return bool
+     */
+    public function isOutgoingServer2serverShareEnabled() {
+        if ($this->gsConfig->onlyInternalFederation()) {
+            return false;
+        }
+        $result = $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes');
+        return ($result === 'yes');
+    }
+
+    /**
+     * check if users are allowed to mount public links from other Nextclouds
+     *
+     * @return bool
+     */
+    public function isIncomingServer2serverShareEnabled() {
+        if ($this->gsConfig->onlyInternalFederation()) {
+            return false;
+        }
+        $result = $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes');
+        return ($result === 'yes');
+    }
+
+
+    /**
+     * check if users from other Nextcloud instances are allowed to send federated group shares
+     *
+     * @return bool
+     */
+    public function isOutgoingServer2serverGroupShareEnabled() {
+        if ($this->gsConfig->onlyInternalFederation()) {
+            return false;
+        }
+        $result = $this->config->getAppValue('files_sharing', 'outgoing_server2server_group_share_enabled', 'no');
+        return ($result === 'yes');
+    }
+
+    /**
+     * check if users are allowed to receive federated group shares
+     *
+     * @return bool
+     */
+    public function isIncomingServer2serverGroupShareEnabled() {
+        if ($this->gsConfig->onlyInternalFederation()) {
+            return false;
+        }
+        $result = $this->config->getAppValue('files_sharing', 'incoming_server2server_group_share_enabled', 'no');
+        return ($result === 'yes');
+    }
+
+    /**
+     * check if federated group sharing is supported, therefore the OCM API need to be enabled
+     *
+     * @return bool
+     */
+    public function isFederatedGroupSharingSupported() {
+        return $this->cloudFederationProviderManager->isReady();
+    }
+
+    /**
+     * Check if querying sharees on the lookup server is enabled
+     *
+     * @return bool
+     */
+    public function isLookupServerQueriesEnabled() {
+        // in a global scale setup we should always query the lookup server
+        if ($this->gsConfig->isGlobalScaleEnabled()) {
+            return true;
+        }
+        $result = $this->config->getAppValue('files_sharing', 'lookupServerEnabled', 'no');
+        return ($result === 'yes');
+    }
+
+
+    /**
+     * Check if it is allowed to publish user specific data to the lookup server
+     *
+     * @return bool
+     */
+    public function isLookupServerUploadEnabled() {
+        // in a global scale setup the admin is responsible to keep the lookup server up-to-date
+        if ($this->gsConfig->isGlobalScaleEnabled()) {
+            return false;
+        }
+        $result = $this->config->getAppValue('files_sharing', 'lookupServerUploadEnabled', 'yes');
+        return ($result === 'yes');
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getAccessList($nodes, $currentAccess) {
+        $ids = [];
+        foreach ($nodes as $node) {
+            $ids[] = $node->getId();
+        }
+
+        $qb = $this->dbConnection->getQueryBuilder();
+        $qb->select('share_with', 'token', 'file_source')
+            ->from('share')
+            ->where($qb->expr()->eq('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_REMOTE)))
+            ->andWhere($qb->expr()->in('file_source', $qb->createNamedParameter($ids, IQueryBuilder::PARAM_INT_ARRAY)))
+            ->andWhere($qb->expr()->orX(
+                $qb->expr()->eq('item_type', $qb->createNamedParameter('file')),
+                $qb->expr()->eq('item_type', $qb->createNamedParameter('folder'))
+            ));
+        $cursor = $qb->execute();
+
+        if ($currentAccess === false) {
+            $remote = $cursor->fetch() !== false;
+            $cursor->closeCursor();
+
+            return ['remote' => $remote];
+        }
+
+        $remote = [];
+        while ($row = $cursor->fetch()) {
+            $remote[$row['share_with']] = [
+                'node_id' => $row['file_source'],
+                'token' => $row['token'],
+            ];
+        }
+        $cursor->closeCursor();
+
+        return ['remote' => $remote];
+    }
 }

apps/files_trashbin/lib/Storage.php

Doc Comments +1 added lines, -1 removed lines

@@ -110,7 +110,7 @@
 	 * check if it is a file located in data/user/files only files in the
 	 * 'files' directory should be moved to the trash
 	 *
-	 * @param $path
+	 * @param string $path
 	 * @return bool
 	 */
 	protected function shouldMoveToTrash($path){

Indentation +279 added lines, -279 removed lines

@@ -40,284 +40,284 @@
 
 class Storage extends Wrapper {
 
-	private $mountPoint;
-	// remember already deleted files to avoid infinite loops if the trash bin
-	// move files across storages
-	private $deletedFiles = array();
-
-	/**
-	 * Disable trash logic
-	 *
-	 * @var bool
-	 */
-	private static $disableTrash = false;
-
-	/**
-	 * remember which file/folder was moved out of s shared folder
-	 * in this case we want to add a copy to the owners trash bin
-	 *
-	 * @var array
-	 */
-	private static $moveOutOfSharedFolder = [];
-
-	/** @var  IUserManager */
-	private $userManager;
-
-	/** @var ILogger */
-	private $logger;
-
-	/** @var EventDispatcher */
-	private $eventDispatcher;
-
-	/** @var IRootFolder */
-	private $rootFolder;
-
-	/**
-	 * Storage constructor.
-	 *
-	 * @param array $parameters
-	 * @param IUserManager|null $userManager
-	 * @param ILogger|null $logger
-	 * @param EventDispatcher|null $eventDispatcher
-	 * @param IRootFolder|null $rootFolder
-	 */
-	public function __construct($parameters,
-								IUserManager $userManager = null,
-								ILogger $logger = null,
-								EventDispatcher $eventDispatcher = null,
-								IRootFolder $rootFolder = null) {
-		$this->mountPoint = $parameters['mountPoint'];
-		$this->userManager = $userManager;
-		$this->logger = $logger;
-		$this->eventDispatcher = $eventDispatcher;
-		$this->rootFolder = $rootFolder;
-		parent::__construct($parameters);
-	}
-
-	/**
-	 * @internal
-	 */
-	public static function preRenameHook($params) {
-		// in cross-storage cases, a rename is a copy + unlink,
-		// that last unlink must not go to trash, only exception:
-		// if the file was moved from a shared storage to a local folder,
-		// in this case the owner should get a copy in his trash bin so that
-		// they can restore the files again
-
-		$oldPath = $params['oldpath'];
-		$newPath = dirname($params['newpath']);
-		$currentUser = \OC::$server->getUserSession()->getUser();
-
-		$fileMovedOutOfSharedFolder = false;
-
-		try {
-			if ($currentUser) {
-				$currentUserId = $currentUser->getUID();
-
-				$view = new View($currentUserId . '/files');
-				$fileInfo = $view->getFileInfo($oldPath);
-				if ($fileInfo) {
-					$sourceStorage = $fileInfo->getStorage();
-					$sourceOwner = $view->getOwner($oldPath);
-					$targetOwner = $view->getOwner($newPath);
-
-					if ($sourceOwner !== $targetOwner
-						&& $sourceStorage->instanceOfStorage('OCA\Files_Sharing\SharedStorage')
-					) {
-						$fileMovedOutOfSharedFolder = true;
-					}
-				}
-			}
-		} catch (\Exception $e) {
-			// do nothing, in this case we just disable the trashbin and continue
-			\OC::$server->getLogger()->logException($e, [
-				'message' => 'Trashbin storage could not check if a file was moved out of a shared folder.',
-				'level' => ILogger::DEBUG,
-				'app' => 'files_trashbin',
-			]);
-		}
-
-		if($fileMovedOutOfSharedFolder) {
-			self::$moveOutOfSharedFolder['/' . $currentUserId . '/files' . $oldPath] = true;
-		} else {
-			self::$disableTrash = true;
-		}
-
-	}
-
-	/**
-	 * @internal
-	 */
-	public static function postRenameHook($params) {
-		self::$disableTrash = false;
-	}
-
-	/**
-	 * Rename path1 to path2 by calling the wrapped storage.
-	 *
-	 * @param string $path1 first path
-	 * @param string $path2 second path
-	 * @return bool
-	 */
-	public function rename($path1, $path2) {
-		$result = $this->storage->rename($path1, $path2);
-		if ($result === false) {
-			// when rename failed, the post_rename hook isn't triggered,
-			// but we still want to reenable the trash logic
-			self::$disableTrash = false;
-		}
-		return $result;
-	}
-
-	/**
-	 * Deletes the given file by moving it into the trashbin.
-	 *
-	 * @param string $path path of file or folder to delete
-	 *
-	 * @return bool true if the operation succeeded, false otherwise
-	 */
-	public function unlink($path) {
-		try {
-			if (isset(self::$moveOutOfSharedFolder[$this->mountPoint . $path])) {
-				$result = $this->doDelete($path, 'unlink', true);
-				unset(self::$moveOutOfSharedFolder[$this->mountPoint . $path]);
-			} else {
-				$result = $this->doDelete($path, 'unlink');
-			}
-		} catch (GenericEncryptionException $e) {
-			// in case of a encryption exception we delete the file right away
-			$this->logger->info(
-				"Can't move file" .  $path .
-				"to the trash bin, therefore it was deleted right away");
-
-			$result = $this->storage->unlink($path);
-		}
-
-		return $result;
-	}
-
-	/**
-	 * Deletes the given folder by moving it into the trashbin.
-	 *
-	 * @param string $path path of folder to delete
-	 *
-	 * @return bool true if the operation succeeded, false otherwise
-	 */
-	public function rmdir($path) {
-		if (isset(self::$moveOutOfSharedFolder[$this->mountPoint . $path])) {
-			$result = $this->doDelete($path, 'rmdir', true);
-			unset(self::$moveOutOfSharedFolder[$this->mountPoint . $path]);
-		} else {
-			$result = $this->doDelete($path, 'rmdir');
-		}
-
-		return $result;
-	}
-
-	/**
-	 * check if it is a file located in data/user/files only files in the
-	 * 'files' directory should be moved to the trash
-	 *
-	 * @param $path
-	 * @return bool
-	 */
-	protected function shouldMoveToTrash($path){
-
-		// check if there is a app which want to disable the trash bin for this file
-		$fileId = $this->storage->getCache()->getId($path);
-		$nodes = $this->rootFolder->getById($fileId);
-		foreach ($nodes as $node) {
-			$event = $this->createMoveToTrashEvent($node);
-			$this->eventDispatcher->dispatch('OCA\Files_Trashbin::moveToTrash', $event);
-			if ($event->shouldMoveToTrashBin() === false) {
-				return false;
-			}
-		}
-
-		$normalized = Filesystem::normalizePath($this->mountPoint . '/' . $path);
-		$parts = explode('/', $normalized);
-		if (count($parts) < 4) {
-			return false;
-		}
-
-		if ($parts[2] === 'files' && $this->userManager->userExists($parts[1])) {
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * get move to trash event
-	 *
-	 * @param Node $node
-	 * @return MoveToTrashEvent
-	 */
-	protected function createMoveToTrashEvent(Node $node) {
-		return new MoveToTrashEvent($node);
-	}
-
-	/**
-	 * Run the delete operation with the given method
-	 *
-	 * @param string $path path of file or folder to delete
-	 * @param string $method either "unlink" or "rmdir"
-	 * @param bool $ownerOnly delete for owner only (if file gets moved out of a shared folder)
-	 *
-	 * @return bool true if the operation succeeded, false otherwise
-	 */
-	private function doDelete($path, $method, $ownerOnly = false) {
-		if (self::$disableTrash
-			|| !\OC::$server->getAppManager()->isEnabledForUser('files_trashbin')
-			|| (pathinfo($path, PATHINFO_EXTENSION) === 'part')
-			|| $this->shouldMoveToTrash($path) === false
-		) {
-			return call_user_func_array([$this->storage, $method], [$path]);
-		}
-
-		// check permissions before we continue, this is especially important for
-		// shared files
-		if (!$this->isDeletable($path)) {
-			return false;
-		}
-
-		$normalized = Filesystem::normalizePath($this->mountPoint . '/' . $path, true, false, true);
-		$result = true;
-		$view = Filesystem::getView();
-		if (!isset($this->deletedFiles[$normalized]) && $view instanceof View) {
-			$this->deletedFiles[$normalized] = $normalized;
-			if ($filesPath = $view->getRelativePath($normalized)) {
-				$filesPath = trim($filesPath, '/');
-				$result = \OCA\Files_Trashbin\Trashbin::move2trash($filesPath, $ownerOnly);
-				// in cross-storage cases the file will be copied
-				// but not deleted, so we delete it here
-				if ($result) {
-					call_user_func_array([$this->storage, $method], [$path]);
-				}
-			} else {
-				$result = call_user_func_array([$this->storage, $method], [$path]);
-			}
-			unset($this->deletedFiles[$normalized]);
-		} else if ($this->storage->file_exists($path)) {
-			$result = call_user_func_array([$this->storage, $method], [$path]);
-		}
-
-		return $result;
-	}
-
-	/**
-	 * Setup the storate wrapper callback
-	 */
-	public static function setupStorage() {
-		\OC\Files\Filesystem::addStorageWrapper('oc_trashbin', function ($mountPoint, $storage) {
-			return new \OCA\Files_Trashbin\Storage(
-				array('storage' => $storage, 'mountPoint' => $mountPoint),
-				\OC::$server->getUserManager(),
-				\OC::$server->getLogger(),
-				\OC::$server->getEventDispatcher(),
-				\OC::$server->getLazyRootFolder()
-			);
-		}, 1);
-	}
+    private $mountPoint;
+    // remember already deleted files to avoid infinite loops if the trash bin
+    // move files across storages
+    private $deletedFiles = array();
+
+    /**
+     * Disable trash logic
+     *
+     * @var bool
+     */
+    private static $disableTrash = false;
+
+    /**
+     * remember which file/folder was moved out of s shared folder
+     * in this case we want to add a copy to the owners trash bin
+     *
+     * @var array
+     */
+    private static $moveOutOfSharedFolder = [];
+
+    /** @var  IUserManager */
+    private $userManager;
+
+    /** @var ILogger */
+    private $logger;
+
+    /** @var EventDispatcher */
+    private $eventDispatcher;
+
+    /** @var IRootFolder */
+    private $rootFolder;
+
+    /**
+     * Storage constructor.
+     *
+     * @param array $parameters
+     * @param IUserManager|null $userManager
+     * @param ILogger|null $logger
+     * @param EventDispatcher|null $eventDispatcher
+     * @param IRootFolder|null $rootFolder
+     */
+    public function __construct($parameters,
+                                IUserManager $userManager = null,
+                                ILogger $logger = null,
+                                EventDispatcher $eventDispatcher = null,
+                                IRootFolder $rootFolder = null) {
+        $this->mountPoint = $parameters['mountPoint'];
+        $this->userManager = $userManager;
+        $this->logger = $logger;
+        $this->eventDispatcher = $eventDispatcher;
+        $this->rootFolder = $rootFolder;
+        parent::__construct($parameters);
+    }
+
+    /**
+     * @internal
+     */
+    public static function preRenameHook($params) {
+        // in cross-storage cases, a rename is a copy + unlink,
+        // that last unlink must not go to trash, only exception:
+        // if the file was moved from a shared storage to a local folder,
+        // in this case the owner should get a copy in his trash bin so that
+        // they can restore the files again
+
+        $oldPath = $params['oldpath'];
+        $newPath = dirname($params['newpath']);
+        $currentUser = \OC::$server->getUserSession()->getUser();
+
+        $fileMovedOutOfSharedFolder = false;
+
+        try {
+            if ($currentUser) {
+                $currentUserId = $currentUser->getUID();
+
+                $view = new View($currentUserId . '/files');
+                $fileInfo = $view->getFileInfo($oldPath);
+                if ($fileInfo) {
+                    $sourceStorage = $fileInfo->getStorage();
+                    $sourceOwner = $view->getOwner($oldPath);
+                    $targetOwner = $view->getOwner($newPath);
+
+                    if ($sourceOwner !== $targetOwner
+                        && $sourceStorage->instanceOfStorage('OCA\Files_Sharing\SharedStorage')
+                    ) {
+                        $fileMovedOutOfSharedFolder = true;
+                    }
+                }
+            }
+        } catch (\Exception $e) {
+            // do nothing, in this case we just disable the trashbin and continue
+            \OC::$server->getLogger()->logException($e, [
+                'message' => 'Trashbin storage could not check if a file was moved out of a shared folder.',
+                'level' => ILogger::DEBUG,
+                'app' => 'files_trashbin',
+            ]);
+        }
+
+        if($fileMovedOutOfSharedFolder) {
+            self::$moveOutOfSharedFolder['/' . $currentUserId . '/files' . $oldPath] = true;
+        } else {
+            self::$disableTrash = true;
+        }
+
+    }
+
+    /**
+     * @internal
+     */
+    public static function postRenameHook($params) {
+        self::$disableTrash = false;
+    }
+
+    /**
+     * Rename path1 to path2 by calling the wrapped storage.
+     *
+     * @param string $path1 first path
+     * @param string $path2 second path
+     * @return bool
+     */
+    public function rename($path1, $path2) {
+        $result = $this->storage->rename($path1, $path2);
+        if ($result === false) {
+            // when rename failed, the post_rename hook isn't triggered,
+            // but we still want to reenable the trash logic
+            self::$disableTrash = false;
+        }
+        return $result;
+    }
+
+    /**
+     * Deletes the given file by moving it into the trashbin.
+     *
+     * @param string $path path of file or folder to delete
+     *
+     * @return bool true if the operation succeeded, false otherwise
+     */
+    public function unlink($path) {
+        try {
+            if (isset(self::$moveOutOfSharedFolder[$this->mountPoint . $path])) {
+                $result = $this->doDelete($path, 'unlink', true);
+                unset(self::$moveOutOfSharedFolder[$this->mountPoint . $path]);
+            } else {
+                $result = $this->doDelete($path, 'unlink');
+            }
+        } catch (GenericEncryptionException $e) {
+            // in case of a encryption exception we delete the file right away
+            $this->logger->info(
+                "Can't move file" .  $path .
+                "to the trash bin, therefore it was deleted right away");
+
+            $result = $this->storage->unlink($path);
+        }
+
+        return $result;
+    }
+
+    /**
+     * Deletes the given folder by moving it into the trashbin.
+     *
+     * @param string $path path of folder to delete
+     *
+     * @return bool true if the operation succeeded, false otherwise
+     */
+    public function rmdir($path) {
+        if (isset(self::$moveOutOfSharedFolder[$this->mountPoint . $path])) {
+            $result = $this->doDelete($path, 'rmdir', true);
+            unset(self::$moveOutOfSharedFolder[$this->mountPoint . $path]);
+        } else {
+            $result = $this->doDelete($path, 'rmdir');
+        }
+
+        return $result;
+    }
+
+    /**
+     * check if it is a file located in data/user/files only files in the
+     * 'files' directory should be moved to the trash
+     *
+     * @param $path
+     * @return bool
+     */
+    protected function shouldMoveToTrash($path){
+
+        // check if there is a app which want to disable the trash bin for this file
+        $fileId = $this->storage->getCache()->getId($path);
+        $nodes = $this->rootFolder->getById($fileId);
+        foreach ($nodes as $node) {
+            $event = $this->createMoveToTrashEvent($node);
+            $this->eventDispatcher->dispatch('OCA\Files_Trashbin::moveToTrash', $event);
+            if ($event->shouldMoveToTrashBin() === false) {
+                return false;
+            }
+        }
+
+        $normalized = Filesystem::normalizePath($this->mountPoint . '/' . $path);
+        $parts = explode('/', $normalized);
+        if (count($parts) < 4) {
+            return false;
+        }
+
+        if ($parts[2] === 'files' && $this->userManager->userExists($parts[1])) {
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * get move to trash event
+     *
+     * @param Node $node
+     * @return MoveToTrashEvent
+     */
+    protected function createMoveToTrashEvent(Node $node) {
+        return new MoveToTrashEvent($node);
+    }
+
+    /**
+     * Run the delete operation with the given method
+     *
+     * @param string $path path of file or folder to delete
+     * @param string $method either "unlink" or "rmdir"
+     * @param bool $ownerOnly delete for owner only (if file gets moved out of a shared folder)
+     *
+     * @return bool true if the operation succeeded, false otherwise
+     */
+    private function doDelete($path, $method, $ownerOnly = false) {
+        if (self::$disableTrash
+            || !\OC::$server->getAppManager()->isEnabledForUser('files_trashbin')
+            || (pathinfo($path, PATHINFO_EXTENSION) === 'part')
+            || $this->shouldMoveToTrash($path) === false
+        ) {
+            return call_user_func_array([$this->storage, $method], [$path]);
+        }
+
+        // check permissions before we continue, this is especially important for
+        // shared files
+        if (!$this->isDeletable($path)) {
+            return false;
+        }
+
+        $normalized = Filesystem::normalizePath($this->mountPoint . '/' . $path, true, false, true);
+        $result = true;
+        $view = Filesystem::getView();
+        if (!isset($this->deletedFiles[$normalized]) && $view instanceof View) {
+            $this->deletedFiles[$normalized] = $normalized;
+            if ($filesPath = $view->getRelativePath($normalized)) {
+                $filesPath = trim($filesPath, '/');
+                $result = \OCA\Files_Trashbin\Trashbin::move2trash($filesPath, $ownerOnly);
+                // in cross-storage cases the file will be copied
+                // but not deleted, so we delete it here
+                if ($result) {
+                    call_user_func_array([$this->storage, $method], [$path]);
+                }
+            } else {
+                $result = call_user_func_array([$this->storage, $method], [$path]);
+            }
+            unset($this->deletedFiles[$normalized]);
+        } else if ($this->storage->file_exists($path)) {
+            $result = call_user_func_array([$this->storage, $method], [$path]);
+        }
+
+        return $result;
+    }
+
+    /**
+     * Setup the storate wrapper callback
+     */
+    public static function setupStorage() {
+        \OC\Files\Filesystem::addStorageWrapper('oc_trashbin', function ($mountPoint, $storage) {
+            return new \OCA\Files_Trashbin\Storage(
+                array('storage' => $storage, 'mountPoint' => $mountPoint),
+                \OC::$server->getUserManager(),
+                \OC::$server->getLogger(),
+                \OC::$server->getEventDispatcher(),
+                \OC::$server->getLazyRootFolder()
+            );
+        }, 1);
+    }
 
 }