12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067 |
- <?php
- /**
- * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
- * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
- * SPDX-License-Identifier: AGPL-3.0-only
- */
- namespace OCA\FederatedFileSharing;
- use OC\Share20\Exception\InvalidShare;
- use OC\Share20\Share;
- use OCP\Constants;
- use OCP\DB\QueryBuilder\IQueryBuilder;
- use OCP\Federation\ICloudFederationProviderManager;
- use OCP\Federation\ICloudIdManager;
- use OCP\Files\Folder;
- use OCP\Files\IRootFolder;
- use OCP\Files\Node;
- use OCP\Files\NotFoundException;
- use OCP\HintException;
- use OCP\IConfig;
- use OCP\IDBConnection;
- use OCP\IL10N;
- use OCP\IUserManager;
- use OCP\Share\Exceptions\GenericShareException;
- use OCP\Share\Exceptions\ShareNotFound;
- use OCP\Share\IShare;
- use OCP\Share\IShareProvider;
- use Psr\Log\LoggerInterface;
- /**
- * Class FederatedShareProvider
- *
- * @package OCA\FederatedFileSharing
- */
- class FederatedShareProvider implements IShareProvider {
- public const SHARE_TYPE_REMOTE = 6;
- /** @var string */
- private $externalShareTable = 'share_external';
- /** @var array list of supported share types */
- private $supportedShareType = [IShare::TYPE_REMOTE_GROUP, IShare::TYPE_REMOTE, IShare::TYPE_CIRCLE];
- /**
- * DefaultShareProvider constructor.
- */
- public function __construct(
- private IDBConnection $dbConnection,
- private AddressHandler $addressHandler,
- private Notifications $notifications,
- private TokenHandler $tokenHandler,
- private IL10N $l,
- private IRootFolder $rootFolder,
- private IConfig $config,
- private IUserManager $userManager,
- private ICloudIdManager $cloudIdManager,
- private \OCP\GlobalScale\IConfig $gsConfig,
- private ICloudFederationProviderManager $cloudFederationProviderManager,
- private LoggerInterface $logger,
- ) {
- }
- /**
- * Return the identifier of this provider.
- *
- * @return string Containing only [a-zA-Z0-9]
- */
- public function identifier() {
- return 'ocFederatedSharing';
- }
- /**
- * Share a path
- *
- * @param IShare $share
- * @return IShare The share object
- * @throws ShareNotFound
- * @throws \Exception
- */
- public function create(IShare $share) {
- $shareWith = $share->getSharedWith();
- $itemSource = $share->getNodeId();
- $itemType = $share->getNodeType();
- $permissions = $share->getPermissions();
- $sharedBy = $share->getSharedBy();
- $shareType = $share->getShareType();
- $expirationDate = $share->getExpirationDate();
- if ($shareType === IShare::TYPE_REMOTE_GROUP &&
- !$this->isOutgoingServer2serverGroupShareEnabled()
- ) {
- $message = 'It is not allowed to send federated group shares from this server.';
- $message_t = $this->l->t('It is not allowed to send federated group shares from this server.');
- $this->logger->debug($message, ['app' => 'Federated File Sharing']);
- throw new \Exception($message_t);
- }
- /*
- * Check if file is not already shared with the remote user
- */
- $alreadyShared = $this->getSharedWith($shareWith, IShare::TYPE_REMOTE, $share->getNode(), 1, 0);
- $alreadySharedGroup = $this->getSharedWith($shareWith, IShare::TYPE_REMOTE_GROUP, $share->getNode(), 1, 0);
- if (!empty($alreadyShared) || !empty($alreadySharedGroup)) {
- $message = 'Sharing %1$s failed, because this item is already shared with %2$s';
- $message_t = $this->l->t('Sharing %1$s failed, because this item is already shared with the account %2$s', [$share->getNode()->getName(), $shareWith]);
- $this->logger->debug(sprintf($message, $share->getNode()->getName(), $shareWith), ['app' => 'Federated File Sharing']);
- throw new \Exception($message_t);
- }
- // don't allow federated shares if source and target server are the same
- $cloudId = $this->cloudIdManager->resolveCloudId($shareWith);
- $currentServer = $this->addressHandler->generateRemoteURL();
- $currentUser = $sharedBy;
- if ($this->addressHandler->compareAddresses($cloudId->getUser(), $cloudId->getRemote(), $currentUser, $currentServer)) {
- $message = 'Not allowed to create a federated share to the same account.';
- $message_t = $this->l->t('Not allowed to create a federated share to the same account');
- $this->logger->debug($message, ['app' => 'Federated File Sharing']);
- throw new \Exception($message_t);
- }
- // Federated shares always have read permissions
- if (($share->getPermissions() & Constants::PERMISSION_READ) === 0) {
- $message = 'Federated shares require read permissions';
- $message_t = $this->l->t('Federated shares require read permissions');
- $this->logger->debug($message, ['app' => 'Federated File Sharing']);
- throw new \Exception($message_t);
- }
- $share->setSharedWith($cloudId->getId());
- try {
- $remoteShare = $this->getShareFromExternalShareTable($share);
- } catch (ShareNotFound $e) {
- $remoteShare = null;
- }
- if ($remoteShare) {
- try {
- $ownerCloudId = $this->cloudIdManager->getCloudId($remoteShare['owner'], $remoteShare['remote']);
- $shareId = $this->addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $ownerCloudId->getId(), $permissions, 'tmp_token_' . time(), $shareType, $expirationDate);
- $share->setId($shareId);
- [$token, $remoteId] = $this->askOwnerToReShare($shareWith, $share, $shareId);
- // remote share was create successfully if we get a valid token as return
- $send = is_string($token) && $token !== '';
- } catch (\Exception $e) {
- // fall back to old re-share behavior if the remote server
- // doesn't support flat re-shares (was introduced with Nextcloud 9.1)
- $this->removeShareFromTable($share);
- $shareId = $this->createFederatedShare($share);
- }
- if ($send) {
- $this->updateSuccessfulReshare($shareId, $token);
- $this->storeRemoteId($shareId, $remoteId);
- } else {
- $this->removeShareFromTable($share);
- $message_t = $this->l->t('File is already shared with %s', [$shareWith]);
- throw new \Exception($message_t);
- }
- } else {
- $shareId = $this->createFederatedShare($share);
- }
- $data = $this->getRawShare($shareId);
- return $this->createShareObject($data);
- }
- /**
- * create federated share and inform the recipient
- *
- * @param IShare $share
- * @return int
- * @throws ShareNotFound
- * @throws \Exception
- */
- protected function createFederatedShare(IShare $share) {
- $token = $this->tokenHandler->generateToken();
- $shareId = $this->addShareToDB(
- $share->getNodeId(),
- $share->getNodeType(),
- $share->getSharedWith(),
- $share->getSharedBy(),
- $share->getShareOwner(),
- $share->getPermissions(),
- $token,
- $share->getShareType(),
- $share->getExpirationDate()
- );
- $failure = false;
- try {
- $sharedByFederatedId = $share->getSharedBy();
- if ($this->userManager->userExists($sharedByFederatedId)) {
- $cloudId = $this->cloudIdManager->getCloudId($sharedByFederatedId, $this->addressHandler->generateRemoteURL());
- $sharedByFederatedId = $cloudId->getId();
- }
- $ownerCloudId = $this->cloudIdManager->getCloudId($share->getShareOwner(), $this->addressHandler->generateRemoteURL());
- $send = $this->notifications->sendRemoteShare(
- $token,
- $share->getSharedWith(),
- $share->getNode()->getName(),
- $shareId,
- $share->getShareOwner(),
- $ownerCloudId->getId(),
- $share->getSharedBy(),
- $sharedByFederatedId,
- $share->getShareType()
- );
- if ($send === false) {
- $failure = true;
- }
- } catch (\Exception $e) {
- $this->logger->error('Failed to notify remote server of federated share, removing share.', [
- 'app' => 'federatedfilesharing',
- 'exception' => $e,
- ]);
- $failure = true;
- }
- if ($failure) {
- $this->removeShareFromTableById($shareId);
- $message_t = $this->l->t('Sharing %1$s failed, could not find %2$s, maybe the server is currently unreachable or uses a self-signed certificate.',
- [$share->getNode()->getName(), $share->getSharedWith()]);
- throw new \Exception($message_t);
- }
- return $shareId;
- }
- /**
- * @param string $shareWith
- * @param IShare $share
- * @param string $shareId internal share Id
- * @return array
- * @throws \Exception
- */
- protected function askOwnerToReShare($shareWith, IShare $share, $shareId) {
- $remoteShare = $this->getShareFromExternalShareTable($share);
- $token = $remoteShare['share_token'];
- $remoteId = $remoteShare['remote_id'];
- $remote = $remoteShare['remote'];
- [$token, $remoteId] = $this->notifications->requestReShare(
- $token,
- $remoteId,
- $shareId,
- $remote,
- $shareWith,
- $share->getPermissions(),
- $share->getNode()->getName(),
- $share->getShareType(),
- );
- return [$token, $remoteId];
- }
- /**
- * get federated share from the share_external table but exclude mounted link shares
- *
- * @param IShare $share
- * @return array
- * @throws ShareNotFound
- */
- protected function getShareFromExternalShareTable(IShare $share) {
- $query = $this->dbConnection->getQueryBuilder();
- $query->select('*')->from($this->externalShareTable)
- ->where($query->expr()->eq('user', $query->createNamedParameter($share->getShareOwner())))
- ->andWhere($query->expr()->eq('mountpoint', $query->createNamedParameter($share->getTarget())));
- $qResult = $query->executeQuery();
- $result = $qResult->fetchAll();
- $qResult->closeCursor();
- if (isset($result[0]) && (int)$result[0]['remote_id'] > 0) {
- return $result[0];
- }
- throw new ShareNotFound('share not found in share_external table');
- }
- /**
- * add share to the database and return the ID
- *
- * @param int $itemSource
- * @param string $itemType
- * @param string $shareWith
- * @param string $sharedBy
- * @param string $uidOwner
- * @param int $permissions
- * @param string $token
- * @param int $shareType
- * @param \DateTime $expirationDate
- * @return int
- */
- private function addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $uidOwner, $permissions, $token, $shareType, $expirationDate) {
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->insert('share')
- ->setValue('share_type', $qb->createNamedParameter($shareType))
- ->setValue('item_type', $qb->createNamedParameter($itemType))
- ->setValue('item_source', $qb->createNamedParameter($itemSource))
- ->setValue('file_source', $qb->createNamedParameter($itemSource))
- ->setValue('share_with', $qb->createNamedParameter($shareWith))
- ->setValue('uid_owner', $qb->createNamedParameter($uidOwner))
- ->setValue('uid_initiator', $qb->createNamedParameter($sharedBy))
- ->setValue('permissions', $qb->createNamedParameter($permissions))
- ->setValue('expiration', $qb->createNamedParameter($expirationDate, IQueryBuilder::PARAM_DATETIME_MUTABLE))
- ->setValue('token', $qb->createNamedParameter($token))
- ->setValue('stime', $qb->createNamedParameter(time()));
- /*
- * Added to fix https://github.com/owncloud/core/issues/22215
- * Can be removed once we get rid of ajax/share.php
- */
- $qb->setValue('file_target', $qb->createNamedParameter(''));
- $qb->executeStatement();
- return $qb->getLastInsertId();
- }
- /**
- * Update a share
- *
- * @param IShare $share
- * @return IShare The share object
- */
- public function update(IShare $share) {
- /*
- * We allow updating the permissions of federated shares
- */
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->update('share')
- ->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))
- ->set('permissions', $qb->createNamedParameter($share->getPermissions()))
- ->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))
- ->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))
- ->set('expiration', $qb->createNamedParameter($share->getExpirationDate(), IQueryBuilder::PARAM_DATETIME_MUTABLE))
- ->executeStatement();
- // send the updated permission to the owner/initiator, if they are not the same
- if ($share->getShareOwner() !== $share->getSharedBy()) {
- $this->sendPermissionUpdate($share);
- }
- return $share;
- }
- /**
- * send the updated permission to the owner/initiator, if they are not the same
- *
- * @param IShare $share
- * @throws ShareNotFound
- * @throws HintException
- */
- protected function sendPermissionUpdate(IShare $share) {
- $remoteId = $this->getRemoteId($share);
- // if the local user is the owner we send the permission change to the initiator
- if ($this->userManager->userExists($share->getShareOwner())) {
- [, $remote] = $this->addressHandler->splitUserRemote($share->getSharedBy());
- } else { // ... if not we send the permission change to the owner
- [, $remote] = $this->addressHandler->splitUserRemote($share->getShareOwner());
- }
- $this->notifications->sendPermissionChange($remote, $remoteId, $share->getToken(), $share->getPermissions());
- }
- /**
- * update successful reShare with the correct token
- *
- * @param int $shareId
- * @param string $token
- */
- protected function updateSuccessfulReShare($shareId, $token) {
- $query = $this->dbConnection->getQueryBuilder();
- $query->update('share')
- ->where($query->expr()->eq('id', $query->createNamedParameter($shareId)))
- ->set('token', $query->createNamedParameter($token))
- ->executeStatement();
- }
- /**
- * store remote ID in federated reShare table
- *
- * @param $shareId
- * @param $remoteId
- */
- public function storeRemoteId(int $shareId, string $remoteId): void {
- $query = $this->dbConnection->getQueryBuilder();
- $query->insert('federated_reshares')
- ->values(
- [
- 'share_id' => $query->createNamedParameter($shareId),
- 'remote_id' => $query->createNamedParameter($remoteId),
- ]
- );
- $query->executeStatement();
- }
- /**
- * get share ID on remote server for federated re-shares
- *
- * @param IShare $share
- * @return string
- * @throws ShareNotFound
- */
- public function getRemoteId(IShare $share): string {
- $query = $this->dbConnection->getQueryBuilder();
- $query->select('remote_id')->from('federated_reshares')
- ->where($query->expr()->eq('share_id', $query->createNamedParameter((int)$share->getId())));
- $result = $query->executeQuery();
- $data = $result->fetch();
- $result->closeCursor();
- if (!is_array($data) || !isset($data['remote_id'])) {
- throw new ShareNotFound();
- }
- return (string)$data['remote_id'];
- }
- /**
- * @inheritdoc
- */
- public function move(IShare $share, $recipient) {
- /*
- * This function does nothing yet as it is just for outgoing
- * federated shares.
- */
- return $share;
- }
- /**
- * Get all children of this share
- *
- * @param IShare $parent
- * @return IShare[]
- */
- public function getChildren(IShare $parent) {
- $children = [];
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->select('*')
- ->from('share')
- ->where($qb->expr()->eq('parent', $qb->createNamedParameter($parent->getId())))
- ->andWhere($qb->expr()->in('share_type', $qb->createNamedParameter($this->supportedShareType, IQueryBuilder::PARAM_INT_ARRAY)))
- ->orderBy('id');
- $cursor = $qb->executeQuery();
- while ($data = $cursor->fetch()) {
- $children[] = $this->createShareObject($data);
- }
- $cursor->closeCursor();
- return $children;
- }
- /**
- * Delete a share (owner unShares the file)
- *
- * @param IShare $share
- * @throws ShareNotFound
- * @throws HintException
- */
- public function delete(IShare $share) {
- [, $remote] = $this->addressHandler->splitUserRemote($share->getSharedWith());
- // if the local user is the owner we can send the unShare request directly...
- if ($this->userManager->userExists($share->getShareOwner())) {
- $this->notifications->sendRemoteUnShare($remote, $share->getId(), $share->getToken());
- $this->revokeShare($share, true);
- } else { // ... if not we need to correct ID for the unShare request
- $remoteId = $this->getRemoteId($share);
- $this->notifications->sendRemoteUnShare($remote, $remoteId, $share->getToken());
- $this->revokeShare($share, false);
- }
- // only remove the share when all messages are send to not lose information
- // about the share to early
- $this->removeShareFromTable($share);
- }
- /**
- * in case of a re-share we need to send the other use (initiator or owner)
- * a message that the file was unshared
- *
- * @param IShare $share
- * @param bool $isOwner the user can either be the owner or the user who re-sahred it
- * @throws ShareNotFound
- * @throws HintException
- */
- protected function revokeShare($share, $isOwner) {
- if ($this->userManager->userExists($share->getShareOwner()) && $this->userManager->userExists($share->getSharedBy())) {
- // If both the owner and the initiator of the share are local users we don't have to notify anybody else
- return;
- }
- // also send a unShare request to the initiator, if this is a different user than the owner
- if ($share->getShareOwner() !== $share->getSharedBy()) {
- if ($isOwner) {
- [, $remote] = $this->addressHandler->splitUserRemote($share->getSharedBy());
- } else {
- [, $remote] = $this->addressHandler->splitUserRemote($share->getShareOwner());
- }
- $remoteId = $this->getRemoteId($share);
- $this->notifications->sendRevokeShare($remote, $remoteId, $share->getToken());
- }
- }
- /**
- * remove share from table
- *
- * @param IShare $share
- */
- public function removeShareFromTable(IShare $share) {
- $this->removeShareFromTableById($share->getId());
- }
- /**
- * remove share from table
- *
- * @param string $shareId
- */
- private function removeShareFromTableById($shareId) {
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->delete('share')
- ->where($qb->expr()->eq('id', $qb->createNamedParameter($shareId)))
- ->andWhere($qb->expr()->neq('share_type', $qb->createNamedParameter(IShare::TYPE_CIRCLE)));
- $qb->executeStatement();
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->delete('federated_reshares')
- ->where($qb->expr()->eq('share_id', $qb->createNamedParameter($shareId)));
- $qb->executeStatement();
- }
- /**
- * @inheritdoc
- */
- public function deleteFromSelf(IShare $share, $recipient) {
- // nothing to do here. Technically deleteFromSelf in the context of federated
- // shares is a umount of an external storage. This is handled here
- // apps/files_sharing/lib/external/manager.php
- // TODO move this code over to this app
- }
- public function restore(IShare $share, string $recipient): IShare {
- throw new GenericShareException('not implemented');
- }
- public function getSharesInFolder($userId, Folder $node, $reshares, $shallow = true) {
- if (!$shallow) {
- throw new \Exception('non-shallow getSharesInFolder is no longer supported');
- }
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->select('*')
- ->from('share', 's')
- ->andWhere($qb->expr()->orX(
- $qb->expr()->eq('item_type', $qb->createNamedParameter('file')),
- $qb->expr()->eq('item_type', $qb->createNamedParameter('folder'))
- ))
- ->andWhere(
- $qb->expr()->eq('share_type', $qb->createNamedParameter(IShare::TYPE_REMOTE))
- );
- /**
- * Reshares for this user are shares where they are the owner.
- */
- if ($reshares === false) {
- $qb->andWhere($qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId)));
- } else {
- $qb->andWhere(
- $qb->expr()->orX(
- $qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
- $qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId))
- )
- );
- }
- $qb->innerJoin('s', 'filecache', 'f', $qb->expr()->eq('s.file_source', 'f.fileid'));
- $qb->andWhere($qb->expr()->eq('f.parent', $qb->createNamedParameter($node->getId())));
- $qb->orderBy('id');
- $cursor = $qb->executeQuery();
- $shares = [];
- while ($data = $cursor->fetch()) {
- $shares[$data['fileid']][] = $this->createShareObject($data);
- }
- $cursor->closeCursor();
- return $shares;
- }
- /**
- * @inheritdoc
- */
- public function getSharesBy($userId, $shareType, $node, $reshares, $limit, $offset) {
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->select('*')
- ->from('share');
- $qb->andWhere($qb->expr()->eq('share_type', $qb->createNamedParameter($shareType)));
- /**
- * Reshares for this user are shares where they are the owner.
- */
- if ($reshares === false) {
- //Special case for old shares created via the web UI
- $or1 = $qb->expr()->andX(
- $qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
- $qb->expr()->isNull('uid_initiator')
- );
- $qb->andWhere(
- $qb->expr()->orX(
- $qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId)),
- $or1
- )
- );
- } else {
- $qb->andWhere(
- $qb->expr()->orX(
- $qb->expr()->eq('uid_owner', $qb->createNamedParameter($userId)),
- $qb->expr()->eq('uid_initiator', $qb->createNamedParameter($userId))
- )
- );
- }
- if ($node !== null) {
- $qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
- }
- if ($limit !== -1) {
- $qb->setMaxResults($limit);
- }
- $qb->setFirstResult($offset);
- $qb->orderBy('id');
- $cursor = $qb->executeQuery();
- $shares = [];
- while ($data = $cursor->fetch()) {
- $shares[] = $this->createShareObject($data);
- }
- $cursor->closeCursor();
- return $shares;
- }
- /**
- * @inheritdoc
- */
- public function getShareById($id, $recipientId = null) {
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->select('*')
- ->from('share')
- ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
- ->andWhere($qb->expr()->in('share_type', $qb->createNamedParameter($this->supportedShareType, IQueryBuilder::PARAM_INT_ARRAY)));
- $cursor = $qb->executeQuery();
- $data = $cursor->fetch();
- $cursor->closeCursor();
- if ($data === false) {
- throw new ShareNotFound('Can not find share with ID: ' . $id);
- }
- try {
- $share = $this->createShareObject($data);
- } catch (InvalidShare $e) {
- throw new ShareNotFound();
- }
- return $share;
- }
- /**
- * Get shares for a given path
- *
- * @param Node $path
- * @return IShare[]
- */
- public function getSharesByPath(Node $path) {
- $qb = $this->dbConnection->getQueryBuilder();
- // get federated user shares
- $cursor = $qb->select('*')
- ->from('share')
- ->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($path->getId())))
- ->andWhere($qb->expr()->in('share_type', $qb->createNamedParameter($this->supportedShareType, IQueryBuilder::PARAM_INT_ARRAY)))
- ->executeQuery();
- $shares = [];
- while ($data = $cursor->fetch()) {
- $shares[] = $this->createShareObject($data);
- }
- $cursor->closeCursor();
- return $shares;
- }
- /**
- * @inheritdoc
- */
- public function getSharedWith($userId, $shareType, $node, $limit, $offset) {
- /** @var IShare[] $shares */
- $shares = [];
- //Get shares directly with this user
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->select('*')
- ->from('share');
- // Order by id
- $qb->orderBy('id');
- // Set limit and offset
- if ($limit !== -1) {
- $qb->setMaxResults($limit);
- }
- $qb->setFirstResult($offset);
- $qb->where($qb->expr()->in('share_type', $qb->createNamedParameter($this->supportedShareType, IQueryBuilder::PARAM_INT_ARRAY)));
- $qb->andWhere($qb->expr()->eq('share_with', $qb->createNamedParameter($userId)));
- // Filter by node if provided
- if ($node !== null) {
- $qb->andWhere($qb->expr()->eq('file_source', $qb->createNamedParameter($node->getId())));
- }
- $cursor = $qb->executeQuery();
- while ($data = $cursor->fetch()) {
- $shares[] = $this->createShareObject($data);
- }
- $cursor->closeCursor();
- return $shares;
- }
- /**
- * Get a share by token
- *
- * @param string $token
- * @return IShare
- * @throws ShareNotFound
- */
- public function getShareByToken($token) {
- $qb = $this->dbConnection->getQueryBuilder();
- $cursor = $qb->select('*')
- ->from('share')
- ->where($qb->expr()->in('share_type', $qb->createNamedParameter($this->supportedShareType, IQueryBuilder::PARAM_INT_ARRAY)))
- ->andWhere($qb->expr()->eq('token', $qb->createNamedParameter($token)))
- ->executeQuery();
- $data = $cursor->fetch();
- if ($data === false) {
- throw new ShareNotFound('Share not found', $this->l->t('Could not find share'));
- }
- try {
- $share = $this->createShareObject($data);
- } catch (InvalidShare $e) {
- throw new ShareNotFound('Share not found', $this->l->t('Could not find share'));
- }
- return $share;
- }
- /**
- * get database row of a give share
- *
- * @param $id
- * @return array
- * @throws ShareNotFound
- */
- private function getRawShare($id) {
- // Now fetch the inserted share and create a complete share object
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->select('*')
- ->from('share')
- ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)));
- $cursor = $qb->executeQuery();
- $data = $cursor->fetch();
- $cursor->closeCursor();
- if ($data === false) {
- throw new ShareNotFound;
- }
- return $data;
- }
- /**
- * Create a share object from an database row
- *
- * @param array $data
- * @return IShare
- * @throws InvalidShare
- * @throws ShareNotFound
- */
- private function createShareObject($data) {
- $share = new Share($this->rootFolder, $this->userManager);
- $share->setId((int)$data['id'])
- ->setShareType((int)$data['share_type'])
- ->setPermissions((int)$data['permissions'])
- ->setTarget($data['file_target'])
- ->setMailSend((bool)$data['mail_send'])
- ->setToken($data['token']);
- $shareTime = new \DateTime();
- $shareTime->setTimestamp((int)$data['stime']);
- $share->setShareTime($shareTime);
- $share->setSharedWith($data['share_with']);
- if ($data['uid_initiator'] !== null) {
- $share->setShareOwner($data['uid_owner']);
- $share->setSharedBy($data['uid_initiator']);
- } else {
- //OLD SHARE
- $share->setSharedBy($data['uid_owner']);
- $path = $this->getNode($share->getSharedBy(), (int)$data['file_source']);
- $owner = $path->getOwner();
- $share->setShareOwner($owner->getUID());
- }
- $share->setNodeId((int)$data['file_source']);
- $share->setNodeType($data['item_type']);
- $share->setProviderId($this->identifier());
- if ($data['expiration'] !== null) {
- $expiration = \DateTime::createFromFormat('Y-m-d H:i:s', $data['expiration']);
- $share->setExpirationDate($expiration);
- }
- return $share;
- }
- /**
- * Get the node with file $id for $user
- *
- * @param string $userId
- * @param int $id
- * @return Node
- * @throws InvalidShare
- */
- private function getNode($userId, $id) {
- try {
- $userFolder = $this->rootFolder->getUserFolder($userId);
- } catch (NotFoundException $e) {
- throw new InvalidShare();
- }
- $node = $userFolder->getFirstNodeById($id);
- if (!$node) {
- throw new InvalidShare();
- }
- return $node;
- }
- /**
- * A user is deleted from the system
- * So clean up the relevant shares.
- *
- * @param string $uid
- * @param int $shareType
- */
- public function userDeleted($uid, $shareType) {
- //TODO: probably a good idea to send unshare info to remote servers
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->delete('share')
- ->where($qb->expr()->eq('share_type', $qb->createNamedParameter(IShare::TYPE_REMOTE)))
- ->andWhere($qb->expr()->eq('uid_owner', $qb->createNamedParameter($uid)))
- ->executeStatement();
- }
- /**
- * This provider does not handle groups
- *
- * @param string $gid
- */
- public function groupDeleted($gid) {
- // We don't handle groups here
- }
- /**
- * This provider does not handle groups
- *
- * @param string $uid
- * @param string $gid
- */
- public function userDeletedFromGroup($uid, $gid) {
- // We don't handle groups here
- }
- /**
- * check if users from other Nextcloud instances are allowed to mount public links share by this instance
- *
- * @return bool
- */
- public function isOutgoingServer2serverShareEnabled() {
- if ($this->gsConfig->onlyInternalFederation()) {
- return false;
- }
- $result = $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes');
- return ($result === 'yes');
- }
- /**
- * check if users are allowed to mount public links from other Nextclouds
- *
- * @return bool
- */
- public function isIncomingServer2serverShareEnabled() {
- if ($this->gsConfig->onlyInternalFederation()) {
- return false;
- }
- $result = $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes');
- return ($result === 'yes');
- }
- /**
- * check if users from other Nextcloud instances are allowed to send federated group shares
- *
- * @return bool
- */
- public function isOutgoingServer2serverGroupShareEnabled() {
- if ($this->gsConfig->onlyInternalFederation()) {
- return false;
- }
- $result = $this->config->getAppValue('files_sharing', 'outgoing_server2server_group_share_enabled', 'no');
- return ($result === 'yes');
- }
- /**
- * check if users are allowed to receive federated group shares
- *
- * @return bool
- */
- public function isIncomingServer2serverGroupShareEnabled() {
- if ($this->gsConfig->onlyInternalFederation()) {
- return false;
- }
- $result = $this->config->getAppValue('files_sharing', 'incoming_server2server_group_share_enabled', 'no');
- return ($result === 'yes');
- }
- /**
- * check if federated group sharing is supported, therefore the OCM API need to be enabled
- *
- * @return bool
- */
- public function isFederatedGroupSharingSupported() {
- return $this->cloudFederationProviderManager->isReady();
- }
- /**
- * Check if querying sharees on the lookup server is enabled
- *
- * @return bool
- */
- public function isLookupServerQueriesEnabled() {
- // in a global scale setup we should always query the lookup server
- if ($this->gsConfig->isGlobalScaleEnabled()) {
- return true;
- }
- $result = $this->config->getAppValue('files_sharing', 'lookupServerEnabled', 'yes');
- return ($result === 'yes');
- }
- /**
- * Check if it is allowed to publish user specific data to the lookup server
- *
- * @return bool
- */
- public function isLookupServerUploadEnabled() {
- // in a global scale setup the admin is responsible to keep the lookup server up-to-date
- if ($this->gsConfig->isGlobalScaleEnabled()) {
- return false;
- }
- $result = $this->config->getAppValue('files_sharing', 'lookupServerUploadEnabled', 'yes');
- return ($result === 'yes');
- }
- /**
- * @inheritdoc
- */
- public function getAccessList($nodes, $currentAccess) {
- $ids = [];
- foreach ($nodes as $node) {
- $ids[] = $node->getId();
- }
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->select('share_with', 'token', 'file_source')
- ->from('share')
- ->where($qb->expr()->eq('share_type', $qb->createNamedParameter(IShare::TYPE_REMOTE)))
- ->andWhere($qb->expr()->in('file_source', $qb->createNamedParameter($ids, IQueryBuilder::PARAM_INT_ARRAY)))
- ->andWhere($qb->expr()->orX(
- $qb->expr()->eq('item_type', $qb->createNamedParameter('file')),
- $qb->expr()->eq('item_type', $qb->createNamedParameter('folder'))
- ));
- $cursor = $qb->executeQuery();
- if ($currentAccess === false) {
- $remote = $cursor->fetch() !== false;
- $cursor->closeCursor();
- return ['remote' => $remote];
- }
- $remote = [];
- while ($row = $cursor->fetch()) {
- $remote[$row['share_with']] = [
- 'node_id' => $row['file_source'],
- 'token' => $row['token'],
- ];
- }
- $cursor->closeCursor();
- return ['remote' => $remote];
- }
- public function getAllShares(): iterable {
- $qb = $this->dbConnection->getQueryBuilder();
- $qb->select('*')
- ->from('share')
- ->where(
- $qb->expr()->orX(
- $qb->expr()->eq('share_type', $qb->createNamedParameter(IShare::TYPE_REMOTE)),
- $qb->expr()->eq('share_type', $qb->createNamedParameter(IShare::TYPE_REMOTE_GROUP))
- )
- );
- $cursor = $qb->executeQuery();
- while ($data = $cursor->fetch()) {
- try {
- $share = $this->createShareObject($data);
- } catch (InvalidShare $e) {
- continue;
- } catch (ShareNotFound $e) {
- continue;
- }
- yield $share;
- }
- $cursor->closeCursor();
- }
- }
|