|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* @author Joas Schilling <[email protected]> |
|
4
|
|
|
* @author Lukas Reschke <[email protected]> |
|
5
|
|
|
* @author Thomas Citharel <[email protected]> |
|
6
|
|
|
* @author Thomas Müller <[email protected]> |
|
7
|
|
|
* |
|
8
|
|
|
* @copyright Copyright (c) 2018, ownCloud GmbH |
|
9
|
|
|
* @license AGPL-3.0 |
|
10
|
|
|
* |
|
11
|
|
|
* This code is free software: you can redistribute it and/or modify |
|
12
|
|
|
* it under the terms of the GNU Affero General Public License, version 3, |
|
13
|
|
|
* as published by the Free Software Foundation. |
|
14
|
|
|
* |
|
15
|
|
|
* This program is distributed in the hope that it will be useful, |
|
16
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
17
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
18
|
|
|
* GNU Affero General Public License for more details. |
|
19
|
|
|
* |
|
20
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3, |
|
21
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/> |
|
22
|
|
|
* |
|
23
|
|
|
*/ |
|
24
|
|
|
|
|
25
|
|
|
namespace OCA\DAV\DAV\Sharing; |
|
26
|
|
|
|
|
27
|
|
|
use OCA\DAV\Connector\Sabre\Principal; |
|
28
|
|
|
use OCP\IDBConnection; |
|
29
|
|
|
|
|
30
|
|
|
class Backend { |
|
31
|
|
|
|
|
32
|
|
|
/** @var IDBConnection */ |
|
33
|
|
|
private $db; |
|
34
|
|
|
/** @var Principal */ |
|
35
|
|
|
private $principalBackend; |
|
36
|
|
|
/** @var string */ |
|
37
|
|
|
private $resourceType; |
|
38
|
|
|
|
|
39
|
|
|
const ACCESS_OWNER = 1; |
|
40
|
|
|
const ACCESS_READ_WRITE = 2; |
|
41
|
|
|
const ACCESS_READ = 3; |
|
42
|
|
|
|
|
43
|
|
|
/** |
|
44
|
|
|
* @param IDBConnection $db |
|
45
|
|
|
* @param Principal $principalBackend |
|
46
|
|
|
* @param string $resourceType |
|
47
|
|
|
*/ |
|
48
|
|
|
public function __construct(IDBConnection $db, Principal $principalBackend, $resourceType) { |
|
49
|
|
|
$this->db = $db; |
|
50
|
|
|
$this->principalBackend = $principalBackend; |
|
51
|
|
|
$this->resourceType = $resourceType; |
|
52
|
|
|
} |
|
53
|
|
|
|
|
54
|
|
|
/** |
|
55
|
|
|
* @param IShareable $shareable |
|
56
|
|
|
* @param string[] $add |
|
57
|
|
|
* @param string[] $remove |
|
58
|
|
|
*/ |
|
59
|
|
|
public function updateShares($shareable, $add, $remove) { |
|
60
|
|
View Code Duplication |
foreach($add as $element) { |
|
|
|
|
|
|
61
|
|
|
$principal = $this->principalBackend->findByUri($element['href'], ''); |
|
62
|
|
|
if ($principal !== '') { |
|
63
|
|
|
$this->shareWith($shareable, $element); |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
} |
|
67
|
|
View Code Duplication |
foreach($remove as $element) { |
|
|
|
|
|
|
68
|
|
|
$principal = $this->principalBackend->findByUri($element, ''); |
|
69
|
|
|
if ($principal !== '') { |
|
70
|
|
|
$this->unshare($shareable, $element); |
|
71
|
|
|
} |
|
72
|
|
|
} |
|
73
|
|
|
} |
|
74
|
|
|
|
|
75
|
|
|
/** |
|
76
|
|
|
* @param IShareable $shareable |
|
77
|
|
|
* @param string $element |
|
78
|
|
|
*/ |
|
79
|
|
|
private function shareWith($shareable, $element) { |
|
80
|
|
|
$user = $element['href']; |
|
81
|
|
|
$parts = explode(':', $user, 2); |
|
82
|
|
|
if ($parts[0] !== 'principal') { |
|
83
|
|
|
return; |
|
84
|
|
|
} |
|
85
|
|
|
|
|
86
|
|
|
// don't share with owner |
|
87
|
|
|
if ($shareable->getOwner() === $parts[1]) { |
|
88
|
|
|
return; |
|
89
|
|
|
} |
|
90
|
|
|
|
|
91
|
|
|
// remove the share if it already exists |
|
92
|
|
|
$this->unshare($shareable, $element['href']); |
|
93
|
|
|
$access = self::ACCESS_READ; |
|
94
|
|
|
if (isset($element['readOnly'])) { |
|
95
|
|
|
$access = $element['readOnly'] ? self::ACCESS_READ : self::ACCESS_READ_WRITE; |
|
96
|
|
|
} |
|
97
|
|
|
|
|
98
|
|
|
$query = $this->db->getQueryBuilder(); |
|
99
|
|
|
$query->insert('dav_shares') |
|
100
|
|
|
->values([ |
|
101
|
|
|
'principaluri' => $query->createNamedParameter($parts[1]), |
|
102
|
|
|
'type' => $query->createNamedParameter($this->resourceType), |
|
103
|
|
|
'access' => $query->createNamedParameter($access), |
|
104
|
|
|
'resourceid' => $query->createNamedParameter($shareable->getResourceId()) |
|
105
|
|
|
]); |
|
106
|
|
|
$query->execute(); |
|
107
|
|
|
} |
|
108
|
|
|
|
|
109
|
|
|
/** |
|
110
|
|
|
* @param $resourceId |
|
111
|
|
|
*/ |
|
112
|
|
View Code Duplication |
public function deleteAllShares($resourceId) { |
|
113
|
|
|
$query = $this->db->getQueryBuilder(); |
|
114
|
|
|
$query->delete('dav_shares') |
|
115
|
|
|
->where($query->expr()->eq('resourceid', $query->createNamedParameter($resourceId))) |
|
116
|
|
|
->andWhere($query->expr()->eq('type', $query->createNamedParameter($this->resourceType))) |
|
117
|
|
|
->execute(); |
|
118
|
|
|
} |
|
119
|
|
|
|
|
120
|
|
View Code Duplication |
public function deleteAllSharesByUser($principaluri) { |
|
121
|
|
|
$query = $this->db->getQueryBuilder(); |
|
122
|
|
|
$query->delete('dav_shares') |
|
123
|
|
|
->where($query->expr()->eq('principaluri', $query->createNamedParameter($principaluri))) |
|
124
|
|
|
->andWhere($query->expr()->eq('type', $query->createNamedParameter($this->resourceType))) |
|
125
|
|
|
->execute(); |
|
126
|
|
|
} |
|
127
|
|
|
|
|
128
|
|
|
/** |
|
129
|
|
|
* @param IShareable $shareable |
|
130
|
|
|
* @param string $element |
|
131
|
|
|
*/ |
|
132
|
|
|
private function unshare($shareable, $element) { |
|
133
|
|
|
$parts = explode(':', $element, 2); |
|
134
|
|
|
if ($parts[0] !== 'principal') { |
|
135
|
|
|
return; |
|
136
|
|
|
} |
|
137
|
|
|
|
|
138
|
|
|
// don't share with owner |
|
139
|
|
|
if ($shareable->getOwner() === $parts[1]) { |
|
140
|
|
|
return; |
|
141
|
|
|
} |
|
142
|
|
|
|
|
143
|
|
|
$query = $this->db->getQueryBuilder(); |
|
144
|
|
|
$query->delete('dav_shares') |
|
145
|
|
|
->where($query->expr()->eq('resourceid', $query->createNamedParameter($shareable->getResourceId()))) |
|
146
|
|
|
->andWhere($query->expr()->eq('type', $query->createNamedParameter($this->resourceType))) |
|
147
|
|
|
->andWhere($query->expr()->eq('principaluri', $query->createNamedParameter($parts[1]))) |
|
148
|
|
|
; |
|
149
|
|
|
$query->execute(); |
|
150
|
|
|
} |
|
151
|
|
|
|
|
152
|
|
|
/** |
|
153
|
|
|
* Returns the list of people whom this resource is shared with. |
|
154
|
|
|
* |
|
155
|
|
|
* Every element in this array should have the following properties: |
|
156
|
|
|
* * href - Often a mailto: address |
|
157
|
|
|
* * commonName - Optional, for example a first + last name |
|
158
|
|
|
* * status - See the Sabre\CalDAV\SharingPlugin::STATUS_ constants. |
|
159
|
|
|
* * readOnly - boolean |
|
160
|
|
|
* * summary - Optional, a description for the share |
|
161
|
|
|
* |
|
162
|
|
|
* @param int $resourceId |
|
163
|
|
|
* @return array |
|
164
|
|
|
*/ |
|
165
|
|
|
public function getShares($resourceId) { |
|
166
|
|
|
$query = $this->db->getQueryBuilder(); |
|
167
|
|
|
$result = $query->select(['principaluri', 'access']) |
|
168
|
|
|
->from('dav_shares') |
|
169
|
|
|
->where($query->expr()->eq('resourceid', $query->createNamedParameter($resourceId))) |
|
170
|
|
|
->andWhere($query->expr()->eq('type', $query->createNamedParameter($this->resourceType))) |
|
171
|
|
|
->execute(); |
|
172
|
|
|
|
|
173
|
|
|
$shares = []; |
|
174
|
|
|
while($row = $result->fetch()) { |
|
175
|
|
|
$p = $this->principalBackend->getPrincipalByPath($row['principaluri']); |
|
176
|
|
|
$shares[]= [ |
|
177
|
|
|
'href' => "principal:${row['principaluri']}", |
|
178
|
|
|
'commonName' => isset($p['{DAV:}displayname']) ? $p['{DAV:}displayname'] : '', |
|
179
|
|
|
'status' => 1, |
|
180
|
|
|
'readOnly' => ($row['access'] == self::ACCESS_READ), |
|
181
|
|
|
'{http://owncloud.org/ns}principal' => $row['principaluri'], |
|
182
|
|
|
'{http://owncloud.org/ns}group-share' => is_null($p) |
|
183
|
|
|
]; |
|
184
|
|
|
} |
|
185
|
|
|
|
|
186
|
|
|
return $shares; |
|
187
|
|
|
} |
|
188
|
|
|
|
|
189
|
|
|
/** |
|
190
|
|
|
* For shared resources the sharee is set in the ACL of the resource |
|
191
|
|
|
* |
|
192
|
|
|
* @param int $resourceId |
|
193
|
|
|
* @param array $acl |
|
194
|
|
|
* @return array |
|
195
|
|
|
*/ |
|
196
|
|
|
public function applyShareAcl($resourceId, $acl) { |
|
197
|
|
|
|
|
198
|
|
|
$shares = $this->getShares($resourceId); |
|
199
|
|
|
foreach ($shares as $share) { |
|
200
|
|
|
$acl[] = [ |
|
201
|
|
|
'privilege' => '{DAV:}read', |
|
202
|
|
|
'principal' => $share['{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}principal'], |
|
203
|
|
|
'protected' => true, |
|
204
|
|
|
]; |
|
205
|
|
|
if (!$share['readOnly']) { |
|
206
|
|
|
$acl[] = [ |
|
207
|
|
|
'privilege' => '{DAV:}write', |
|
208
|
|
|
'principal' => $share['{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}principal'], |
|
209
|
|
|
'protected' => true, |
|
210
|
|
|
]; |
|
211
|
|
|
} else if ($this->resourceType === 'calendar') { |
|
212
|
|
|
// Allow changing the properties of read only calendars, |
|
213
|
|
|
// so users can change the visibility. |
|
214
|
|
|
$acl[] = [ |
|
215
|
|
|
'privilege' => '{DAV:}write-properties', |
|
216
|
|
|
'principal' => $share['{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}principal'], |
|
217
|
|
|
'protected' => true, |
|
218
|
|
|
]; |
|
219
|
|
|
} |
|
220
|
|
|
} |
|
221
|
|
|
return $acl; |
|
222
|
|
|
} |
|
223
|
|
|
|
|
224
|
|
|
} |
|
225
|
|
|
|
owncloud /
core
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.