|
|
|
|
@ -264,72 +264,6 @@ class Share extends Constants {
|
|
|
|
|
$parameters, -1, $includeCollections);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Share an item with a user, group, or via private link
|
|
|
|
|
* @param string $itemType
|
|
|
|
|
* @param string $itemSource
|
|
|
|
|
* @param int $shareType SHARE_TYPE_USER, SHARE_TYPE_GROUP, or SHARE_TYPE_LINK
|
|
|
|
|
* @param string $shareWith User or group the item is being shared with
|
|
|
|
|
* @param int $permissions CRUDS
|
|
|
|
|
* @param string $itemSourceName
|
|
|
|
|
* @param \DateTime|null $expirationDate
|
|
|
|
|
* @return boolean|string Returns true on success or false on failure, Returns token on success for links
|
|
|
|
|
* @throws \OC\HintException when the share type is remote and the shareWith is invalid
|
|
|
|
|
* @throws \Exception
|
|
|
|
|
* @since 5.0.0 - parameter $itemSourceName was added in 6.0.0, parameter $expirationDate was added in 7.0.0, parameter $passwordChanged added in 9.0.0
|
|
|
|
|
* @deprecated 14.0.0 TESTS ONLY - this methods is as of 2018-06 only used by tests
|
|
|
|
|
* called like this:
|
|
|
|
|
* \OC\Share\Share::shareItem('test', 1, IShare::TYPE_USER, $otherUserId, \OCP\Constants::PERMISSION_READ);
|
|
|
|
|
*/
|
|
|
|
|
public static function shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions) {
|
|
|
|
|
$backend = self::getBackend($itemType);
|
|
|
|
|
|
|
|
|
|
if ($backend->isShareTypeAllowed($shareType) === false) {
|
|
|
|
|
$message = 'Sharing failed, because the backend does not allow shares from type %i';
|
|
|
|
|
throw new \Exception(sprintf($message, $shareType));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$uidOwner = \OC_User::getUser();
|
|
|
|
|
|
|
|
|
|
// Verify share type and sharing conditions are met
|
|
|
|
|
if ($shareType === IShare::TYPE_USER) {
|
|
|
|
|
if ($shareWith == $uidOwner) {
|
|
|
|
|
$message = 'Sharing failed, because you can not share with yourself';
|
|
|
|
|
throw new \Exception($message);
|
|
|
|
|
}
|
|
|
|
|
if (!\OC::$server->getUserManager()->userExists($shareWith)) {
|
|
|
|
|
$message = 'Sharing failed, because the user %s does not exist';
|
|
|
|
|
throw new \Exception(sprintf($message, $shareWith));
|
|
|
|
|
}
|
|
|
|
|
// Check if the item source is already shared with the user, either from the same owner or a different user
|
|
|
|
|
if ($checkExists = self::getItems($itemType, $itemSource, self::$shareTypeUserAndGroups,
|
|
|
|
|
$shareWith, null, self::FORMAT_NONE, null, 1, true, true)) {
|
|
|
|
|
// Only allow the same share to occur again if it is the same
|
|
|
|
|
// owner and is not a user share, this use case is for increasing
|
|
|
|
|
// permissions for a specific user
|
|
|
|
|
if ($checkExists['uid_owner'] != $uidOwner || $checkExists['share_type'] == $shareType) {
|
|
|
|
|
$message = 'Sharing failed, because this item is already shared with %s';
|
|
|
|
|
throw new \Exception(sprintf($message, $shareWith));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ($checkExists = self::getItems($itemType, $itemSource, IShare::TYPE_USER,
|
|
|
|
|
$shareWith, null, self::FORMAT_NONE, null, 1, true, true)) {
|
|
|
|
|
// Only allow the same share to occur again if it is the same
|
|
|
|
|
// owner and is not a user share, this use case is for increasing
|
|
|
|
|
// permissions for a specific user
|
|
|
|
|
if ($checkExists['uid_owner'] != $uidOwner || $checkExists['share_type'] == $shareType) {
|
|
|
|
|
$message = 'Sharing failed, because this item is already shared with user %s';
|
|
|
|
|
throw new \Exception(sprintf($message, $shareWith));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Put the item into the database
|
|
|
|
|
$result = self::put('test', $itemSource, IShare::TYPE_USER, $shareWith, $uidOwner, $permissions);
|
|
|
|
|
|
|
|
|
|
return $result ? true : false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Unshare an item from a user, group, or delete a private link
|
|
|
|
|
* @param string $itemType
|
|
|
|
|
@ -980,278 +914,6 @@ class Share extends Constants {
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Put shared item into the database
|
|
|
|
|
* @param string $itemType Item type
|
|
|
|
|
* @param string $itemSource Item source
|
|
|
|
|
* @param int $shareType SHARE_TYPE_USER, SHARE_TYPE_GROUP, or SHARE_TYPE_LINK
|
|
|
|
|
* @param string $shareWith User or group the item is being shared with
|
|
|
|
|
* @param string $uidOwner User that is the owner of shared item
|
|
|
|
|
* @param int $permissions CRUDS permissions
|
|
|
|
|
* @throws \Exception
|
|
|
|
|
* @return mixed id of the new share or false
|
|
|
|
|
* @deprecated TESTS ONLY - this methods is only used by tests
|
|
|
|
|
* called like this:
|
|
|
|
|
* self::put('test', $itemSource, IShare::TYPE_USER, $shareWith, $uidOwner, $permissions);
|
|
|
|
|
*/
|
|
|
|
|
private static function put($itemType, $itemSource, $shareType, $shareWith, $uidOwner,
|
|
|
|
|
$permissions) {
|
|
|
|
|
$queriesToExecute = [];
|
|
|
|
|
$suggestedItemTarget = null;
|
|
|
|
|
$groupFileTarget = $fileTarget = $suggestedFileTarget = $filePath = '';
|
|
|
|
|
$groupItemTarget = $itemTarget = $fileSource = $parent = 0;
|
|
|
|
|
|
|
|
|
|
$result = self::checkReshare('test', $itemSource, IShare::TYPE_USER, $shareWith, $uidOwner, $permissions, null, null);
|
|
|
|
|
if (!empty($result)) {
|
|
|
|
|
$parent = $result['parent'];
|
|
|
|
|
$itemSource = $result['itemSource'];
|
|
|
|
|
$fileSource = $result['fileSource'];
|
|
|
|
|
$suggestedItemTarget = $result['suggestedItemTarget'];
|
|
|
|
|
$suggestedFileTarget = $result['suggestedFileTarget'];
|
|
|
|
|
$filePath = $result['filePath'];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$isGroupShare = false;
|
|
|
|
|
$users = [$shareWith];
|
|
|
|
|
$itemTarget = Helper::generateTarget($itemType, $itemSource, $shareType, $shareWith, $uidOwner,
|
|
|
|
|
$suggestedItemTarget);
|
|
|
|
|
|
|
|
|
|
$run = true;
|
|
|
|
|
$error = '';
|
|
|
|
|
$preHookData = [
|
|
|
|
|
'itemType' => $itemType,
|
|
|
|
|
'itemSource' => $itemSource,
|
|
|
|
|
'shareType' => $shareType,
|
|
|
|
|
'uidOwner' => $uidOwner,
|
|
|
|
|
'permissions' => $permissions,
|
|
|
|
|
'fileSource' => $fileSource,
|
|
|
|
|
'expiration' => null,
|
|
|
|
|
'token' => null,
|
|
|
|
|
'run' => &$run,
|
|
|
|
|
'error' => &$error
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
$preHookData['itemTarget'] = $itemTarget;
|
|
|
|
|
$preHookData['shareWith'] = $shareWith;
|
|
|
|
|
|
|
|
|
|
\OC_Hook::emit(\OCP\Share::class, 'pre_shared', $preHookData);
|
|
|
|
|
|
|
|
|
|
if ($run === false) {
|
|
|
|
|
throw new \Exception($error);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
foreach ($users as $user) {
|
|
|
|
|
$sourceId = ($itemType === 'file' || $itemType === 'folder') ? $fileSource : $itemSource;
|
|
|
|
|
$sourceExists = self::getItemSharedWithBySource($itemType, $sourceId, self::FORMAT_NONE, null, true, $user);
|
|
|
|
|
|
|
|
|
|
$userShareType = $shareType;
|
|
|
|
|
|
|
|
|
|
if ($sourceExists && $sourceExists['item_source'] === $itemSource) {
|
|
|
|
|
$fileTarget = $sourceExists['file_target'];
|
|
|
|
|
$itemTarget = $sourceExists['item_target'];
|
|
|
|
|
} elseif (!$sourceExists) {
|
|
|
|
|
$itemTarget = Helper::generateTarget($itemType, $itemSource, $userShareType, $user,
|
|
|
|
|
$uidOwner, $suggestedItemTarget, $parent);
|
|
|
|
|
if (isset($fileSource)) {
|
|
|
|
|
$fileTarget = Helper::generateTarget('file', $filePath, $userShareType,
|
|
|
|
|
$user, $uidOwner, $suggestedFileTarget, $parent);
|
|
|
|
|
} else {
|
|
|
|
|
$fileTarget = null;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
|
|
// group share which doesn't exists until now, check if we need a unique target for this user
|
|
|
|
|
|
|
|
|
|
$itemTarget = Helper::generateTarget($itemType, $itemSource, IShare::TYPE_USER, $user,
|
|
|
|
|
$uidOwner, $suggestedItemTarget, $parent);
|
|
|
|
|
|
|
|
|
|
// do we also need a file target
|
|
|
|
|
if (isset($fileSource)) {
|
|
|
|
|
$fileTarget = Helper::generateTarget('file', $filePath, IShare::TYPE_USER, $user,
|
|
|
|
|
$uidOwner, $suggestedFileTarget, $parent);
|
|
|
|
|
} else {
|
|
|
|
|
$fileTarget = null;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (($itemTarget === $groupItemTarget) &&
|
|
|
|
|
(!isset($fileSource) || $fileTarget === $groupFileTarget)) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$queriesToExecute[] = [
|
|
|
|
|
'itemType' => $itemType,
|
|
|
|
|
'itemSource' => $itemSource,
|
|
|
|
|
'itemTarget' => $itemTarget,
|
|
|
|
|
'shareType' => $userShareType,
|
|
|
|
|
'shareWith' => $user,
|
|
|
|
|
'uidOwner' => $uidOwner,
|
|
|
|
|
'permissions' => $permissions,
|
|
|
|
|
'shareTime' => time(),
|
|
|
|
|
'fileSource' => $fileSource,
|
|
|
|
|
'fileTarget' => $fileTarget,
|
|
|
|
|
'token' => null,
|
|
|
|
|
'parent' => $parent,
|
|
|
|
|
'expiration' => null,
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$id = false;
|
|
|
|
|
|
|
|
|
|
foreach ($queriesToExecute as $shareQuery) {
|
|
|
|
|
$shareQuery['parent'] = $parent;
|
|
|
|
|
$id = self::insertShare($shareQuery);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$postHookData = [
|
|
|
|
|
'itemType' => $itemType,
|
|
|
|
|
'itemSource' => $itemSource,
|
|
|
|
|
'parent' => $parent,
|
|
|
|
|
'shareType' => $shareType,
|
|
|
|
|
'uidOwner' => $uidOwner,
|
|
|
|
|
'permissions' => $permissions,
|
|
|
|
|
'fileSource' => $fileSource,
|
|
|
|
|
'id' => $parent,
|
|
|
|
|
'token' => null,
|
|
|
|
|
'expirationDate' => null,
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
$postHookData['shareWith'] = $isGroupShare ? $shareWith['group'] : $shareWith;
|
|
|
|
|
$postHookData['itemTarget'] = $isGroupShare ? $groupItemTarget : $itemTarget;
|
|
|
|
|
$postHookData['fileTarget'] = $isGroupShare ? $groupFileTarget : $fileTarget;
|
|
|
|
|
|
|
|
|
|
\OC_Hook::emit(\OCP\Share::class, 'post_shared', $postHookData);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return $id ? $id : false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @param string $itemType
|
|
|
|
|
* @param string $itemSource
|
|
|
|
|
* @param int $shareType
|
|
|
|
|
* @param string $shareWith
|
|
|
|
|
* @param string $uidOwner
|
|
|
|
|
* @param int $permissions
|
|
|
|
|
* @param string|null $itemSourceName
|
|
|
|
|
* @param null|\DateTime $expirationDate
|
|
|
|
|
* @deprecated TESTS ONLY - this methods is only used by tests
|
|
|
|
|
* called like this:
|
|
|
|
|
* self::checkReshare('test', $itemSource, IShare::TYPE_USER, $shareWith, $uidOwner, $permissions, null, null);
|
|
|
|
|
*/
|
|
|
|
|
private static function checkReshare($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions, $itemSourceName, $expirationDate) {
|
|
|
|
|
$backend = self::getBackend($itemType);
|
|
|
|
|
|
|
|
|
|
$result = [];
|
|
|
|
|
|
|
|
|
|
$column = ($itemType === 'file' || $itemType === 'folder') ? 'file_source' : 'item_source';
|
|
|
|
|
|
|
|
|
|
$checkReshare = self::getItemSharedWithBySource($itemType, $itemSource, self::FORMAT_NONE, null, true);
|
|
|
|
|
if ($checkReshare) {
|
|
|
|
|
// Check if attempting to share back to owner
|
|
|
|
|
if ($checkReshare['uid_owner'] == $shareWith) {
|
|
|
|
|
$message = 'Sharing %1$s failed, because the user %2$s is the original sharer';
|
|
|
|
|
throw new \Exception(sprintf($message, $itemSourceName, $shareWith));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($checkReshare && $checkReshare['uid_owner'] !== \OC_User::getUser()) {
|
|
|
|
|
// Check if share permissions is granted
|
|
|
|
|
if (self::isResharingAllowed() && (int)$checkReshare['permissions'] & \OCP\Constants::PERMISSION_SHARE) {
|
|
|
|
|
if (~(int)$checkReshare['permissions'] & $permissions) {
|
|
|
|
|
$message = 'Sharing %1$s failed, because the permissions exceed permissions granted to %2$s';
|
|
|
|
|
throw new \Exception(sprintf($message, $itemSourceName, $uidOwner));
|
|
|
|
|
} else {
|
|
|
|
|
// TODO Don't check if inside folder
|
|
|
|
|
$result['parent'] = $checkReshare['id'];
|
|
|
|
|
|
|
|
|
|
$result['expirationDate'] = $expirationDate;
|
|
|
|
|
// $checkReshare['expiration'] could be null and then is always less than any value
|
|
|
|
|
if (isset($checkReshare['expiration']) && $checkReshare['expiration'] < $expirationDate) {
|
|
|
|
|
$result['expirationDate'] = $checkReshare['expiration'];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// only suggest the same name as new target if it is a reshare of the
|
|
|
|
|
// same file/folder and not the reshare of a child
|
|
|
|
|
if ($checkReshare[$column] === $itemSource) {
|
|
|
|
|
$result['filePath'] = $checkReshare['file_target'];
|
|
|
|
|
$result['itemSource'] = $checkReshare['item_source'];
|
|
|
|
|
$result['fileSource'] = $checkReshare['file_source'];
|
|
|
|
|
$result['suggestedItemTarget'] = $checkReshare['item_target'];
|
|
|
|
|
$result['suggestedFileTarget'] = $checkReshare['file_target'];
|
|
|
|
|
} else {
|
|
|
|
|
$result['filePath'] = ($backend instanceof \OCP\Share_Backend_File_Dependent) ? $backend->getFilePath($itemSource, $uidOwner) : null;
|
|
|
|
|
$result['suggestedItemTarget'] = null;
|
|
|
|
|
$result['suggestedFileTarget'] = null;
|
|
|
|
|
$result['itemSource'] = $itemSource;
|
|
|
|
|
$result['fileSource'] = ($backend instanceof \OCP\Share_Backend_File_Dependent) ? $itemSource : null;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
$message = 'Sharing %s failed, because resharing is not allowed';
|
|
|
|
|
throw new \Exception(sprintf($message, $itemSourceName));
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
$result['parent'] = null;
|
|
|
|
|
$result['suggestedItemTarget'] = null;
|
|
|
|
|
$result['suggestedFileTarget'] = null;
|
|
|
|
|
$result['itemSource'] = $itemSource;
|
|
|
|
|
$result['expirationDate'] = $expirationDate;
|
|
|
|
|
if (!$backend->isValidSource($itemSource, $uidOwner)) {
|
|
|
|
|
$message = 'Sharing %1$s failed, because the sharing backend for '
|
|
|
|
|
.'%2$s could not find its source';
|
|
|
|
|
throw new \Exception(sprintf($message, $itemSource, $itemType));
|
|
|
|
|
}
|
|
|
|
|
if ($backend instanceof \OCP\Share_Backend_File_Dependent) {
|
|
|
|
|
$result['filePath'] = $backend->getFilePath($itemSource, $uidOwner);
|
|
|
|
|
$meta = \OC\Files\Filesystem::getFileInfo($result['filePath']);
|
|
|
|
|
$result['fileSource'] = $meta['fileid'];
|
|
|
|
|
if ($result['fileSource'] == -1) {
|
|
|
|
|
$message = 'Sharing %s failed, because the file could not be found in the file cache';
|
|
|
|
|
throw new \Exception(sprintf($message, $itemSource));
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
$result['filePath'] = null;
|
|
|
|
|
$result['fileSource'] = null;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @param array $shareData
|
|
|
|
|
* @return mixed false in case of a failure or the id of the new share
|
|
|
|
|
*/
|
|
|
|
|
private static function insertShare(array $shareData) {
|
|
|
|
|
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` ('
|
|
|
|
|
.' `item_type`, `item_source`, `item_target`, `share_type`,'
|
|
|
|
|
.' `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`,'
|
|
|
|
|
.' `file_target`, `token`, `parent`, `expiration`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)');
|
|
|
|
|
$query->bindValue(1, $shareData['itemType']);
|
|
|
|
|
$query->bindValue(2, $shareData['itemSource']);
|
|
|
|
|
$query->bindValue(3, $shareData['itemTarget']);
|
|
|
|
|
$query->bindValue(4, $shareData['shareType']);
|
|
|
|
|
$query->bindValue(5, $shareData['shareWith']);
|
|
|
|
|
$query->bindValue(6, $shareData['uidOwner']);
|
|
|
|
|
$query->bindValue(7, $shareData['permissions']);
|
|
|
|
|
$query->bindValue(8, $shareData['shareTime']);
|
|
|
|
|
$query->bindValue(9, $shareData['fileSource']);
|
|
|
|
|
$query->bindValue(10, $shareData['fileTarget']);
|
|
|
|
|
$query->bindValue(11, $shareData['token']);
|
|
|
|
|
$query->bindValue(12, $shareData['parent']);
|
|
|
|
|
$query->bindValue(13, $shareData['expiration'], 'datetime');
|
|
|
|
|
$result = $query->execute();
|
|
|
|
|
|
|
|
|
|
$id = false;
|
|
|
|
|
if ($result) {
|
|
|
|
|
$id = \OC::$server->getDatabaseConnection()->lastInsertId('*PREFIX*share');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* construct select statement
|
|
|
|
|
* @param int $format
|
|
|
|
|
|
Morris Jobke
4 years ago