123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558 |
- <?php
- /**
- * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
- * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
- * SPDX-License-Identifier: AGPL-3.0-only
- */
- namespace OCA\Files_Sharing;
- use OC\Files\Cache\CacheDependencies;
- use OC\Files\Cache\FailedCache;
- use OC\Files\Cache\NullWatcher;
- use OC\Files\ObjectStore\HomeObjectStoreStorage;
- use OC\Files\Storage\Common;
- use OC\Files\Storage\FailedStorage;
- use OC\Files\Storage\Home;
- use OC\Files\Storage\Storage;
- use OC\Files\Storage\Wrapper\Jail;
- use OC\Files\Storage\Wrapper\PermissionsMask;
- use OC\Files\Storage\Wrapper\Wrapper;
- use OC\Files\View;
- use OC\Share\Share;
- use OC\User\NoUserException;
- use OCA\Files_External\Config\ConfigAdapter;
- use OCA\Files_Sharing\ISharedStorage as LegacyISharedStorage;
- use OCP\Constants;
- use OCP\Files\Cache\ICache;
- use OCP\Files\Cache\ICacheEntry;
- use OCP\Files\Cache\IScanner;
- use OCP\Files\Cache\IWatcher;
- use OCP\Files\Config\IUserMountCache;
- use OCP\Files\Folder;
- use OCP\Files\IHomeStorage;
- use OCP\Files\IRootFolder;
- use OCP\Files\NotFoundException;
- use OCP\Files\Storage\IDisableEncryptionStorage;
- use OCP\Files\Storage\ILockingStorage;
- use OCP\Files\Storage\ISharedStorage;
- use OCP\Files\Storage\IStorage;
- use OCP\Lock\ILockingProvider;
- use OCP\Share\IShare;
- use OCP\Util;
- use Psr\Log\LoggerInterface;
- /**
- * Convert target path to source path and pass the function call to the correct storage provider
- */
- class SharedStorage extends Jail implements LegacyISharedStorage, ISharedStorage, IDisableEncryptionStorage {
- /** @var IShare */
- private $superShare;
- /** @var IShare[] */
- private $groupedShares;
- /**
- * @var View
- */
- private $ownerView;
- private $initialized = false;
- /**
- * @var ICacheEntry
- */
- private $sourceRootInfo;
- /** @var string */
- private $user;
- private LoggerInterface $logger;
- /** @var IStorage */
- private $nonMaskedStorage;
- private array $mountOptions = [];
- /** @var boolean */
- private $sharingDisabledForUser;
- /** @var ?Folder $ownerUserFolder */
- private $ownerUserFolder = null;
- private string $sourcePath = '';
- private static int $initDepth = 0;
- /**
- * @psalm-suppress NonInvariantDocblockPropertyType
- * @var ?Storage $storage
- */
- protected $storage;
- public function __construct(array $parameters) {
- $this->ownerView = $parameters['ownerView'];
- $this->logger = \OC::$server->get(LoggerInterface::class);
- $this->superShare = $parameters['superShare'];
- $this->groupedShares = $parameters['groupedShares'];
- $this->user = $parameters['user'];
- if (isset($parameters['sharingDisabledForUser'])) {
- $this->sharingDisabledForUser = $parameters['sharingDisabledForUser'];
- } else {
- $this->sharingDisabledForUser = false;
- }
- parent::__construct([
- 'storage' => null,
- 'root' => null,
- ]);
- }
- /**
- * @return ICacheEntry
- */
- private function getSourceRootInfo() {
- if (is_null($this->sourceRootInfo)) {
- if (is_null($this->superShare->getNodeCacheEntry())) {
- $this->init();
- $this->sourceRootInfo = $this->nonMaskedStorage->getCache()->get($this->rootPath);
- } else {
- $this->sourceRootInfo = $this->superShare->getNodeCacheEntry();
- }
- }
- return $this->sourceRootInfo;
- }
- /**
- * @psalm-assert Storage $this->storage
- */
- private function init() {
- if ($this->initialized) {
- if (!$this->storage) {
- // marked as initialized but no storage set
- // this is probably because some code path has caused recursion during the share setup
- // we setup a "failed storage" so `getWrapperStorage` doesn't return null.
- // If the share setup completes after this the "failed storage" will be overwritten by the correct one
- $this->logger->warning('Possible share setup recursion detected');
- $this->storage = new FailedStorage(['exception' => new \Exception('Possible share setup recursion detected')]);
- $this->cache = new FailedCache();
- $this->rootPath = '';
- }
- return;
- }
- $this->initialized = true;
- self::$initDepth++;
- try {
- if (self::$initDepth > 10) {
- throw new \Exception('Maximum share depth reached');
- }
- /** @var IRootFolder $rootFolder */
- $rootFolder = \OC::$server->get(IRootFolder::class);
- $this->ownerUserFolder = $rootFolder->getUserFolder($this->superShare->getShareOwner());
- $sourceId = $this->superShare->getNodeId();
- $ownerNodes = $this->ownerUserFolder->getById($sourceId);
- if (count($ownerNodes) === 0) {
- $this->storage = new FailedStorage(['exception' => new NotFoundException("File by id $sourceId not found")]);
- $this->cache = new FailedCache();
- $this->rootPath = '';
- } else {
- foreach ($ownerNodes as $ownerNode) {
- $nonMaskedStorage = $ownerNode->getStorage();
- // check if potential source node would lead to a recursive share setup
- if ($nonMaskedStorage instanceof Wrapper && $nonMaskedStorage->isWrapperOf($this)) {
- continue;
- }
- $this->nonMaskedStorage = $nonMaskedStorage;
- $this->sourcePath = $ownerNode->getPath();
- $this->rootPath = $ownerNode->getInternalPath();
- $this->cache = null;
- break;
- }
- if (!$this->nonMaskedStorage) {
- // all potential source nodes would have been recursive
- throw new \Exception('recursive share detected');
- }
- $this->storage = new PermissionsMask([
- 'storage' => $this->nonMaskedStorage,
- 'mask' => $this->superShare->getPermissions(),
- ]);
- }
- } catch (NotFoundException $e) {
- // original file not accessible or deleted, set FailedStorage
- $this->storage = new FailedStorage(['exception' => $e]);
- $this->cache = new FailedCache();
- $this->rootPath = '';
- } catch (NoUserException $e) {
- // sharer user deleted, set FailedStorage
- $this->storage = new FailedStorage(['exception' => $e]);
- $this->cache = new FailedCache();
- $this->rootPath = '';
- } catch (\Exception $e) {
- $this->storage = new FailedStorage(['exception' => $e]);
- $this->cache = new FailedCache();
- $this->rootPath = '';
- $this->logger->error($e->getMessage(), ['exception' => $e]);
- }
- if (!$this->nonMaskedStorage) {
- $this->nonMaskedStorage = $this->storage;
- }
- self::$initDepth--;
- }
- public function instanceOfStorage(string $class): bool {
- if ($class === '\OC\Files\Storage\Common' || $class == Common::class) {
- return true;
- }
- if (in_array($class, [
- '\OC\Files\Storage\Home',
- '\OC\Files\ObjectStore\HomeObjectStoreStorage',
- '\OCP\Files\IHomeStorage',
- Home::class,
- HomeObjectStoreStorage::class,
- IHomeStorage::class
- ])) {
- return false;
- }
- return parent::instanceOfStorage($class);
- }
- /**
- * @return string
- */
- public function getShareId() {
- return $this->superShare->getId();
- }
- private function isValid(): bool {
- return $this->getSourceRootInfo() && ($this->getSourceRootInfo()->getPermissions() & Constants::PERMISSION_SHARE) === Constants::PERMISSION_SHARE;
- }
- public function getId(): string {
- return 'shared::' . $this->getMountPoint();
- }
- public function getPermissions(string $path = ''): int {
- if (!$this->isValid()) {
- return 0;
- }
- $permissions = parent::getPermissions($path) & $this->superShare->getPermissions();
- // part files and the mount point always have delete permissions
- if ($path === '' || pathinfo($path, PATHINFO_EXTENSION) === 'part') {
- $permissions |= Constants::PERMISSION_DELETE;
- }
- if ($this->sharingDisabledForUser) {
- $permissions &= ~Constants::PERMISSION_SHARE;
- }
- return $permissions;
- }
- public function isCreatable(string $path): bool {
- return (bool)($this->getPermissions($path) & Constants::PERMISSION_CREATE);
- }
- public function isReadable(string $path): bool {
- if (!$this->isValid()) {
- return false;
- }
- if (!$this->file_exists($path)) {
- return false;
- }
- /** @var IStorage $storage */
- /** @var string $internalPath */
- [$storage, $internalPath] = $this->resolvePath($path);
- return $storage->isReadable($internalPath);
- }
- public function isUpdatable(string $path): bool {
- return (bool)($this->getPermissions($path) & Constants::PERMISSION_UPDATE);
- }
- public function isDeletable(string $path): bool {
- return (bool)($this->getPermissions($path) & Constants::PERMISSION_DELETE);
- }
- public function isSharable(string $path): bool {
- if (Util::isSharingDisabledForUser() || !Share::isResharingAllowed()) {
- return false;
- }
- return (bool)($this->getPermissions($path) & Constants::PERMISSION_SHARE);
- }
- public function fopen(string $path, string $mode) {
- $source = $this->getUnjailedPath($path);
- switch ($mode) {
- case 'r+':
- case 'rb+':
- case 'w+':
- case 'wb+':
- case 'x+':
- case 'xb+':
- case 'a+':
- case 'ab+':
- case 'w':
- case 'wb':
- case 'x':
- case 'xb':
- case 'a':
- case 'ab':
- $creatable = $this->isCreatable(dirname($path));
- $updatable = $this->isUpdatable($path);
- // if neither permissions given, no need to continue
- if (!$creatable && !$updatable) {
- if (pathinfo($path, PATHINFO_EXTENSION) === 'part') {
- $updatable = $this->isUpdatable(dirname($path));
- }
- if (!$updatable) {
- return false;
- }
- }
- $exists = $this->file_exists($path);
- // if a file exists, updatable permissions are required
- if ($exists && !$updatable) {
- return false;
- }
- // part file is allowed if !$creatable but the final file is $updatable
- if (pathinfo($path, PATHINFO_EXTENSION) !== 'part') {
- if (!$exists && !$creatable) {
- return false;
- }
- }
- }
- $info = [
- 'target' => $this->getMountPoint() . '/' . $path,
- 'source' => $source,
- 'mode' => $mode,
- ];
- Util::emitHook('\OC\Files\Storage\Shared', 'fopen', $info);
- return $this->nonMaskedStorage->fopen($this->getUnjailedPath($path), $mode);
- }
- public function rename(string $source, string $target): bool {
- $this->init();
- $isPartFile = pathinfo($source, PATHINFO_EXTENSION) === 'part';
- $targetExists = $this->file_exists($target);
- $sameFolder = dirname($source) === dirname($target);
- if ($targetExists || ($sameFolder && !$isPartFile)) {
- if (!$this->isUpdatable('')) {
- return false;
- }
- } else {
- if (!$this->isCreatable('')) {
- return false;
- }
- }
- return $this->nonMaskedStorage->rename($this->getUnjailedPath($source), $this->getUnjailedPath($target));
- }
- /**
- * return mount point of share, relative to data/user/files
- *
- * @return string
- */
- public function getMountPoint(): string {
- return $this->superShare->getTarget();
- }
- public function setMountPoint(string $path): void {
- $this->superShare->setTarget($path);
- foreach ($this->groupedShares as $share) {
- $share->setTarget($path);
- }
- }
- /**
- * get the user who shared the file
- *
- * @return string
- */
- public function getSharedFrom(): string {
- return $this->superShare->getShareOwner();
- }
- public function getShare(): IShare {
- return $this->superShare;
- }
- /**
- * return share type, can be "file" or "folder"
- *
- * @return string
- */
- public function getItemType(): string {
- return $this->superShare->getNodeType();
- }
- public function getCache(string $path = '', ?IStorage $storage = null): ICache {
- if ($this->cache) {
- return $this->cache;
- }
- if (!$storage) {
- $storage = $this;
- }
- $sourceRoot = $this->getSourceRootInfo();
- if ($this->storage instanceof FailedStorage) {
- return new FailedCache();
- }
- $this->cache = new Cache(
- $storage,
- $sourceRoot,
- \OC::$server->get(CacheDependencies::class),
- $this->getShare()
- );
- return $this->cache;
- }
- public function getScanner(string $path = '', ?IStorage $storage = null): IScanner {
- if (!$storage) {
- $storage = $this;
- }
- return new Scanner($storage);
- }
- public function getOwner(string $path): string|false {
- return $this->superShare->getShareOwner();
- }
- public function getWatcher(string $path = '', ?IStorage $storage = null): IWatcher {
- if ($this->watcher) {
- return $this->watcher;
- }
- // Get node information
- $node = $this->getShare()->getNodeCacheEntry();
- if ($node) {
- /** @var IUserMountCache $userMountCache */
- $userMountCache = \OC::$server->get(IUserMountCache::class);
- $mounts = $userMountCache->getMountsForStorageId($node->getStorageId());
- foreach ($mounts as $mount) {
- // If the share is originating from an external storage
- if ($mount->getMountProvider() === ConfigAdapter::class) {
- // Propagate original storage scan
- $this->watcher = parent::getWatcher($path, $storage);
- return $this->watcher;
- }
- }
- }
- // cache updating is handled by the share source
- $this->watcher = new NullWatcher();
- return $this->watcher;
- }
- /**
- * unshare complete storage, also the grouped shares
- *
- * @return bool
- */
- public function unshareStorage(): bool {
- foreach ($this->groupedShares as $share) {
- \OC::$server->getShareManager()->deleteFromSelf($share, $this->user);
- }
- return true;
- }
- public function acquireLock(string $path, int $type, ILockingProvider $provider): void {
- /** @var ILockingStorage $targetStorage */
- [$targetStorage, $targetInternalPath] = $this->resolvePath($path);
- $targetStorage->acquireLock($targetInternalPath, $type, $provider);
- // lock the parent folders of the owner when locking the share as recipient
- if ($path === '') {
- $sourcePath = $this->ownerUserFolder->getRelativePath($this->sourcePath);
- $this->ownerView->lockFile(dirname($sourcePath), ILockingProvider::LOCK_SHARED, true);
- }
- }
- public function releaseLock(string $path, int $type, ILockingProvider $provider): void {
- /** @var ILockingStorage $targetStorage */
- [$targetStorage, $targetInternalPath] = $this->resolvePath($path);
- $targetStorage->releaseLock($targetInternalPath, $type, $provider);
- // unlock the parent folders of the owner when unlocking the share as recipient
- if ($path === '') {
- $sourcePath = $this->ownerUserFolder->getRelativePath($this->sourcePath);
- $this->ownerView->unlockFile(dirname($sourcePath), ILockingProvider::LOCK_SHARED, true);
- }
- }
- public function changeLock(string $path, int $type, ILockingProvider $provider): void {
- /** @var ILockingStorage $targetStorage */
- [$targetStorage, $targetInternalPath] = $this->resolvePath($path);
- $targetStorage->changeLock($targetInternalPath, $type, $provider);
- }
- public function getAvailability(): array {
- // shares do not participate in availability logic
- return [
- 'available' => true,
- 'last_checked' => 0,
- ];
- }
- public function setAvailability(bool $isAvailable): void {
- // shares do not participate in availability logic
- }
- public function getSourceStorage() {
- $this->init();
- return $this->nonMaskedStorage;
- }
- public function getWrapperStorage(): Storage {
- $this->init();
- /**
- * @psalm-suppress DocblockTypeContradiction
- */
- if (!$this->storage) {
- $message = 'no storage set after init for share ' . $this->getShareId();
- $this->logger->error($message);
- $this->storage = new FailedStorage(['exception' => new \Exception($message)]);
- }
- return $this->storage;
- }
- public function file_get_contents(string $path): string|false {
- $info = [
- 'target' => $this->getMountPoint() . '/' . $path,
- 'source' => $this->getUnjailedPath($path),
- ];
- Util::emitHook('\OC\Files\Storage\Shared', 'file_get_contents', $info);
- return parent::file_get_contents($path);
- }
- public function file_put_contents(string $path, mixed $data): int|float|false {
- $info = [
- 'target' => $this->getMountPoint() . '/' . $path,
- 'source' => $this->getUnjailedPath($path),
- ];
- Util::emitHook('\OC\Files\Storage\Shared', 'file_put_contents', $info);
- return parent::file_put_contents($path, $data);
- }
- public function setMountOptions(array $options): void {
- /* Note: This value is never read */
- $this->mountOptions = $options;
- }
- public function getUnjailedPath(string $path): string {
- $this->init();
- return parent::getUnjailedPath($path);
- }
- }
|