diff --git a/apps/federatedfilesharing/lib/RequestHandler.php b/apps/federatedfilesharing/lib/RequestHandler.php index 65925c3823c..90621666b6a 100644 --- a/apps/federatedfilesharing/lib/RequestHandler.php +++ b/apps/federatedfilesharing/lib/RequestHandler.php @@ -29,6 +29,7 @@ use OCA\FederatedFileSharing\DiscoveryManager; use OCA\FederatedFileSharing\FederatedShareProvider; use OCA\Files_Sharing\Activity; use OCP\Files\NotFoundException; +use OCP\IDBConnection; /** * Class RequestHandler @@ -42,14 +43,21 @@ class RequestHandler { /** @var FederatedShareProvider */ private $federatedShareProvider; + /** @var IDBConnection */ + private $connection; + + /** @var string */ + private $shareTable = 'share'; /** * Server2Server constructor. * * @param FederatedShareProvider $federatedShareProvider + * @param IDBConnection $connection */ - public function __construct(FederatedShareProvider $federatedShareProvider) { + public function __construct(FederatedShareProvider $federatedShareProvider, IDBConnection $connection) { $this->federatedShareProvider = $federatedShareProvider; + $this->connection = $connection; } /** @@ -162,10 +170,10 @@ class RequestHandler { $id = $params['id']; $token = isset($_POST['token']) ? $_POST['token'] : null; - $share = self::getShare($id, $token); + $share = $this->getShare($id, $token); if ($share) { - list($file, $link) = self::getFile($share['uid_owner'], $share['file_source']); + list($file, $link) = $this->getFile($share['uid_owner'], $share['file_source']); $event = \OC::$server->getActivityManager()->generateEvent(); $event->setApp(Activity::FILES_SHARING_APP) @@ -278,14 +286,22 @@ class RequestHandler { * * @param int $id * @param string $token - * @return array + * @return array|bool */ - private function getShare($id, $token) { - $query = \OCP\DB::prepare('SELECT * FROM `*PREFIX*share` WHERE `id` = ? AND `token` = ? AND `share_type` = ?'); - $query->execute(array($id, $token, \OCP\Share::SHARE_TYPE_REMOTE)); - $share = $query->fetchRow(); + protected function getShare($id, $token) { + $query = $this->connection->getQueryBuilder(); + $query->select('*')->from($this->shareTable) + ->where($query->expr()->eq('token', $query->createNamedParameter($token))) + ->andWhere($query->expr()->eq('share_type', $query->createNamedParameter(FederatedShareProvider::SHARE_TYPE_REMOTE))) + ->andWhere($query->expr()->eq('id', $query->createNamedParameter($id))); + + $result = $query->execute()->fetchAll(); + + if (!empty($result) && isset($result[0])) { + return $result[0]; + } - return $share; + return false; } /** diff --git a/apps/federatedfilesharing/tests/RequestHandlerTest.php b/apps/federatedfilesharing/tests/RequestHandlerTest.php index ef0074dc039..84b25701c6d 100644 --- a/apps/federatedfilesharing/tests/RequestHandlerTest.php +++ b/apps/federatedfilesharing/tests/RequestHandlerTest.php @@ -27,6 +27,7 @@ namespace OCA\FederatedFileSharing\Tests; use OC\Files\Filesystem; use OCA\FederatedFileSharing\DiscoveryManager; +use OCA\FederatedFileSharing\FederatedShareProvider; use OCA\FederatedFileSharing\RequestHandler; /** @@ -74,7 +75,7 @@ class RequestHandlerTest extends TestCase { $this->registerHttpHelper($httpHelperMock); - $this->s2s = new RequestHandler($this->federatedShareProvider); + $this->s2s = new RequestHandler($this->federatedShareProvider, \OC::$server->getDatabaseConnection()); $this->connection = \OC::$server->getDatabaseConnection(); } @@ -265,4 +266,76 @@ class RequestHandlerTest extends TestCase { $this->assertSame(10, count($dummyEntries)); } + /** + * @dataProvider dataTestGetShare + * + * @param bool $found + * @param bool $correctId + * @param bool $correctToken + */ + public function testGetShare($found, $correctId, $correctToken) { + + $connection = \OC::$server->getDatabaseConnection(); + $query = $connection->getQueryBuilder(); + $stime = time(); + $query->insert('share') + ->values( + [ + 'share_type' => $query->createNamedParameter(FederatedShareProvider::SHARE_TYPE_REMOTE), + 'uid_owner' => $query->createNamedParameter(self::TEST_FILES_SHARING_API_USER1), + 'uid_initiator' => $query->createNamedParameter(self::TEST_FILES_SHARING_API_USER2), + 'item_type' => $query->createNamedParameter('test'), + 'item_source' => $query->createNamedParameter('1'), + 'item_target' => $query->createNamedParameter('/1'), + 'file_source' => $query->createNamedParameter('1'), + 'file_target' => $query->createNamedParameter('/test.txt'), + 'permissions' => $query->createNamedParameter('1'), + 'stime' => $query->createNamedParameter($stime), + 'token' => $query->createNamedParameter('token'), + 'share_with' => $query->createNamedParameter('foo@bar'), + ] + )->execute(); + $id = $query->getLastInsertId(); + + $expected = [ + 'share_type' => (string)FederatedShareProvider::SHARE_TYPE_REMOTE, + 'uid_owner' => self::TEST_FILES_SHARING_API_USER1, + 'item_type' => 'test', + 'item_source' => '1', + 'item_target' => '/1', + 'file_source' => '1', + 'file_target' => '/test.txt', + 'permissions' => '1', + 'stime' => (string)$stime, + 'token' => 'token', + 'share_with' => 'foo@bar', + 'id' => (string)$id, + 'uid_initiator' => self::TEST_FILES_SHARING_API_USER2, + 'parent' => null, + 'accepted' => '0', + 'expiration' => null, + 'mail_send' => '0' + ]; + + $searchToken = $correctToken ? 'token' : 'wrongToken'; + $searchId = $correctId ? $id : -1; + + $result = $this->invokePrivate($this->s2s, 'getShare', [$searchId, $searchToken]); + + if ($found) { + $this->assertEquals($expected, $result); + } else { + $this->assertSame(false, $result); + } + } + + public function dataTestGetShare() { + return [ + [true, true, true], + [false, false, true], + [false, true, false], + [false, false, false], + ]; + } + } diff --git a/ocs/routes.php b/ocs/routes.php index 24af2460881..a7e3488d4a3 100644 --- a/ocs/routes.php +++ b/ocs/routes.php @@ -100,7 +100,7 @@ API::register( // Server-to-Server Sharing if (\OC::$server->getAppManager()->isEnabledForUser('files_sharing')) { $federatedSharingApp = new \OCA\FederatedFileSharing\AppInfo\Application('federatedfilesharing'); - $s2s = new OCA\FederatedFileSharing\RequestHandler($federatedSharingApp->getFederatedShareProvider()); + $s2s = new OCA\FederatedFileSharing\RequestHandler($federatedSharingApp->getFederatedShareProvider(), \OC::$server->getDatabaseConnection()); API::register('post', '/cloud/shares', array($s2s, 'createShare'),