IManager.php 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  5. * SPDX-License-Identifier: AGPL-3.0-only
  6. */
  7. namespace OCP\Share;
  8. use OCP\Files\Folder;
  9. use OCP\Files\Node;
  10. use OCP\IUser;
  11. use OCP\Share\Exceptions\GenericShareException;
  12. use OCP\Share\Exceptions\ShareNotFound;
  13. /**
  14. * This interface allows to manage sharing files between users and groups.
  15. *
  16. * This interface must not be implemented in your application but
  17. * instead should be used as a service and injected in your code with
  18. * dependency injection.
  19. *
  20. * @since 9.0.0
  21. */
  22. interface IManager {
  23. /**
  24. * Create a Share
  25. *
  26. * @param IShare $share
  27. * @return IShare The share object
  28. * @throws \Exception
  29. * @since 9.0.0
  30. */
  31. public function createShare(IShare $share);
  32. /**
  33. * Update a share.
  34. * The target of the share can't be changed this way: use moveShare
  35. * The share can't be removed this way (permission 0): use deleteShare
  36. * The state can't be changed this way: use acceptShare
  37. *
  38. * @param IShare $share
  39. * @return IShare The share object
  40. * @throws \InvalidArgumentException
  41. * @since 9.0.0
  42. */
  43. public function updateShare(IShare $share);
  44. /**
  45. * Accept a share.
  46. *
  47. * @param IShare $share
  48. * @param string $recipientId
  49. * @return IShare The share object
  50. * @throws \InvalidArgumentException
  51. * @since 18.0.0
  52. */
  53. public function acceptShare(IShare $share, string $recipientId): IShare;
  54. /**
  55. * Delete a share
  56. *
  57. * @param IShare $share
  58. * @throws ShareNotFound
  59. * @throws \InvalidArgumentException
  60. * @since 9.0.0
  61. */
  62. public function deleteShare(IShare $share);
  63. /**
  64. * Unshare a file as the recipient.
  65. * This can be different from a regular delete for example when one of
  66. * the users in a groups deletes that share. But the provider should
  67. * handle this.
  68. *
  69. * @param IShare $share
  70. * @param string $recipientId
  71. * @since 9.0.0
  72. */
  73. public function deleteFromSelf(IShare $share, $recipientId);
  74. /**
  75. * Restore the share when it has been deleted
  76. * Certain share types can be restored when they have been deleted
  77. * but the provider should properly handle this\
  78. *
  79. * @param IShare $share The share to restore
  80. * @param string $recipientId The user to restore the share for
  81. * @return IShare The restored share object
  82. * @throws GenericShareException In case restoring the share failed
  83. *
  84. * @since 14.0.0
  85. */
  86. public function restoreShare(IShare $share, string $recipientId): IShare;
  87. /**
  88. * Move the share as a recipient of the share.
  89. * This is updating the share target. So where the recipient has the share mounted.
  90. *
  91. * @param IShare $share
  92. * @param string $recipientId
  93. * @return IShare
  94. * @throws \InvalidArgumentException If $share is a link share or the $recipient does not match
  95. * @since 9.0.0
  96. */
  97. public function moveShare(IShare $share, $recipientId);
  98. /**
  99. * Get all shares shared by (initiated) by the provided user in a folder.
  100. *
  101. * @param string $userId
  102. * @param Folder $node
  103. * @param bool $reshares
  104. * @param bool $shallow Whether the method should stop at the first level, or look into sub-folders.
  105. * @return IShare[][] [$fileId => IShare[], ...]
  106. * @since 11.0.0
  107. */
  108. public function getSharesInFolder($userId, Folder $node, $reshares = false, $shallow = true);
  109. /**
  110. * Get shares shared by (initiated) by the provided user.
  111. *
  112. * @param string $userId
  113. * @param int $shareType
  114. * @param Node|null $path
  115. * @param bool $reshares
  116. * @param int $limit The maximum number of returned results, -1 for all results
  117. * @param int $offset
  118. * @return IShare[]
  119. * @since 9.0.0
  120. */
  121. public function getSharesBy($userId, $shareType, $path = null, $reshares = false, $limit = 50, $offset = 0);
  122. /**
  123. * Get shares shared with $user.
  124. * Filter by $node if provided
  125. *
  126. * @param string $userId
  127. * @param int $shareType
  128. * @param Node|null $node
  129. * @param int $limit The maximum number of shares returned, -1 for all
  130. * @param int $offset
  131. * @return IShare[]
  132. * @since 9.0.0
  133. */
  134. public function getSharedWith($userId, $shareType, $node = null, $limit = 50, $offset = 0);
  135. /**
  136. * Get deleted shares shared with $user.
  137. * Filter by $node if provided
  138. *
  139. * @param string $userId
  140. * @param int $shareType
  141. * @param Node|null $node
  142. * @param int $limit The maximum number of shares returned, -1 for all
  143. * @param int $offset
  144. * @return IShare[]
  145. * @since 14.0.0
  146. */
  147. public function getDeletedSharedWith($userId, $shareType, $node = null, $limit = 50, $offset = 0);
  148. /**
  149. * Retrieve a share by the share id.
  150. * If the recipient is set make sure to retrieve the file for that user.
  151. * This makes sure that if a user has moved/deleted a group share this
  152. * is reflected.
  153. *
  154. * @param string $id
  155. * @param string|null $recipient userID of the recipient
  156. * @return IShare
  157. * @throws ShareNotFound
  158. * @since 9.0.0
  159. */
  160. public function getShareById($id, $recipient = null);
  161. /**
  162. * Get the share by token possible with password
  163. *
  164. * @param string $token
  165. * @return IShare
  166. * @throws ShareNotFound
  167. * @since 9.0.0
  168. */
  169. public function getShareByToken($token);
  170. /**
  171. * Verify the password of a public share
  172. *
  173. * @param IShare $share
  174. * @param ?string $password
  175. * @return bool
  176. * @since 9.0.0
  177. */
  178. public function checkPassword(IShare $share, $password);
  179. /**
  180. * The user with UID is deleted.
  181. * All share providers have to cleanup the shares with this user as well
  182. * as shares owned by this user.
  183. * Shares only initiated by this user are fine.
  184. *
  185. * @param string $uid
  186. * @since 9.1.0
  187. */
  188. public function userDeleted($uid);
  189. /**
  190. * The group with $gid is deleted
  191. * We need to clear up all shares to this group
  192. *
  193. * @param string $gid
  194. * @since 9.1.0
  195. */
  196. public function groupDeleted($gid);
  197. /**
  198. * The user $uid is deleted from the group $gid
  199. * All user specific group shares have to be removed
  200. *
  201. * @param string $uid
  202. * @param string $gid
  203. * @since 9.1.0
  204. */
  205. public function userDeletedFromGroup($uid, $gid);
  206. /**
  207. * Get access list to a path. This means
  208. * all the users that can access a given path.
  209. *
  210. * Consider:
  211. * -root
  212. * |-folder1 (23)
  213. * |-folder2 (32)
  214. * |-fileA (42)
  215. *
  216. * fileA is shared with user1 and user1@server1 and email1@maildomain1
  217. * folder2 is shared with group2 (user4 is a member of group2)
  218. * folder1 is shared with user2 (renamed to "folder (1)") and user2@server2
  219. * and email2@maildomain2
  220. *
  221. * Then the access list to '/folder1/folder2/fileA' with $currentAccess is:
  222. * [
  223. * users => [
  224. * 'user1' => ['node_id' => 42, 'node_path' => '/fileA'],
  225. * 'user4' => ['node_id' => 32, 'node_path' => '/folder2'],
  226. * 'user2' => ['node_id' => 23, 'node_path' => '/folder (1)'],
  227. * ],
  228. * remote => [
  229. * 'user1@server1' => ['node_id' => 42, 'token' => 'SeCr3t'],
  230. * 'user2@server2' => ['node_id' => 23, 'token' => 'FooBaR'],
  231. * ],
  232. * public => bool
  233. * mail => [
  234. * 'email1@maildomain1' => ['node_id' => 42, 'token' => 'aBcDeFg'],
  235. * 'email2@maildomain2' => ['node_id' => 23, 'token' => 'hIjKlMn'],
  236. * ]
  237. *
  238. * The access list to '/folder1/folder2/fileA' **without** $currentAccess is:
  239. * [
  240. * users => ['user1', 'user2', 'user4'],
  241. * remote => bool,
  242. * public => bool
  243. * mail => ['email1@maildomain1', 'email2@maildomain2']
  244. * ]
  245. *
  246. * This is required for encryption/activity
  247. *
  248. * @param \OCP\Files\Node $path
  249. * @param bool $recursive Should we check all parent folders as well
  250. * @param bool $currentAccess Should the user have currently access to the file
  251. * @return array
  252. * @since 12
  253. */
  254. public function getAccessList(\OCP\Files\Node $path, $recursive = true, $currentAccess = false);
  255. /**
  256. * Instantiates a new share object. This is to be passed to
  257. * createShare.
  258. *
  259. * @return IShare
  260. * @since 9.0.0
  261. */
  262. public function newShare();
  263. /**
  264. * Is the share API enabled
  265. *
  266. * @return bool
  267. * @since 9.0.0
  268. */
  269. public function shareApiEnabled();
  270. /**
  271. * Is public link sharing enabled
  272. *
  273. * @return bool
  274. * @since 9.0.0
  275. */
  276. public function shareApiAllowLinks();
  277. /**
  278. * Is password on public link required
  279. *
  280. * @param bool $checkGroupMembership Check group membership exclusion
  281. * @return bool
  282. * @since 9.0.0
  283. * @since 24.0.0 Added optional $checkGroupMembership parameter
  284. */
  285. public function shareApiLinkEnforcePassword(bool $checkGroupMembership = true);
  286. /**
  287. * Is default expire date enabled
  288. *
  289. * @return bool
  290. * @since 9.0.0
  291. */
  292. public function shareApiLinkDefaultExpireDate();
  293. /**
  294. * Is default expire date enforced
  295. *`
  296. * @return bool
  297. * @since 9.0.0
  298. */
  299. public function shareApiLinkDefaultExpireDateEnforced();
  300. /**
  301. * Number of default expire days
  302. *
  303. * @return int
  304. * @since 9.0.0
  305. */
  306. public function shareApiLinkDefaultExpireDays();
  307. /**
  308. * Is default internal expire date enabled
  309. *
  310. * @return bool
  311. * @since 22.0.0
  312. */
  313. public function shareApiInternalDefaultExpireDate(): bool;
  314. /**
  315. * Is default remote expire date enabled
  316. *
  317. * @return bool
  318. * @since 22.0.0
  319. */
  320. public function shareApiRemoteDefaultExpireDate(): bool;
  321. /**
  322. * Is default expire date enforced
  323. *
  324. * @return bool
  325. * @since 22.0.0
  326. */
  327. public function shareApiInternalDefaultExpireDateEnforced(): bool;
  328. /**
  329. * Is default expire date enforced for remote shares
  330. *
  331. * @return bool
  332. * @since 22.0.0
  333. */
  334. public function shareApiRemoteDefaultExpireDateEnforced(): bool;
  335. /**
  336. * Number of default expire days
  337. *
  338. * @return int
  339. * @since 22.0.0
  340. */
  341. public function shareApiInternalDefaultExpireDays(): int;
  342. /**
  343. * Number of default expire days for remote shares
  344. *
  345. * @return int
  346. * @since 22.0.0
  347. */
  348. public function shareApiRemoteDefaultExpireDays(): int;
  349. /**
  350. * Allow public upload on link shares
  351. *
  352. * @return bool
  353. * @since 9.0.0
  354. */
  355. public function shareApiLinkAllowPublicUpload();
  356. /**
  357. * check if user can only share with group members
  358. * @return bool
  359. * @since 9.0.0
  360. */
  361. public function shareWithGroupMembersOnly();
  362. /**
  363. * If shareWithGroupMembersOnly is enabled, return an optional
  364. * list of groups that must be excluded from the principle of
  365. * belonging to the same group.
  366. * @return array
  367. * @since 27.0.0
  368. */
  369. public function shareWithGroupMembersOnlyExcludeGroupsList();
  370. /**
  371. * Check if users can share with groups
  372. * @return bool
  373. * @since 9.0.1
  374. */
  375. public function allowGroupSharing();
  376. /**
  377. * Check if user enumeration is allowed
  378. *
  379. * @return bool
  380. * @since 19.0.0
  381. */
  382. public function allowEnumeration(): bool;
  383. /**
  384. * Check if user enumeration is limited to the users groups
  385. *
  386. * @return bool
  387. * @since 19.0.0
  388. */
  389. public function limitEnumerationToGroups(): bool;
  390. /**
  391. * Check if user enumeration is limited to the phonebook matches
  392. *
  393. * @return bool
  394. * @since 21.0.1
  395. */
  396. public function limitEnumerationToPhone(): bool;
  397. /**
  398. * Check if user enumeration is allowed to return on full match
  399. *
  400. * @return bool
  401. * @since 21.0.1
  402. */
  403. public function allowEnumerationFullMatch(): bool;
  404. /**
  405. * Check if the search should match the email
  406. *
  407. * @return bool
  408. * @since 25.0.0
  409. */
  410. public function matchEmail(): bool;
  411. /**
  412. * Check if the search should ignore the second in parentheses display name if there is any
  413. *
  414. * @return bool
  415. * @since 25.0.0
  416. */
  417. public function ignoreSecondDisplayName(): bool;
  418. /**
  419. * Check if the current user can enumerate the target user
  420. *
  421. * @param IUser|null $currentUser
  422. * @param IUser $targetUser
  423. * @return bool
  424. * @since 23.0.0
  425. */
  426. public function currentUserCanEnumerateTargetUser(?IUser $currentUser, IUser $targetUser): bool;
  427. /**
  428. * Check if sharing is disabled for the given user
  429. *
  430. * @param string $userId
  431. * @return bool
  432. * @since 9.0.0
  433. */
  434. public function sharingDisabledForUser($userId);
  435. /**
  436. * Check if outgoing server2server shares are allowed
  437. * @return bool
  438. * @since 9.0.0
  439. */
  440. public function outgoingServer2ServerSharesAllowed();
  441. /**
  442. * Check if outgoing server2server shares are allowed
  443. * @return bool
  444. * @since 14.0.0
  445. */
  446. public function outgoingServer2ServerGroupSharesAllowed();
  447. /**
  448. * Check if a given share provider exists
  449. * @param int $shareType
  450. * @return bool
  451. * @since 11.0.0
  452. */
  453. public function shareProviderExists($shareType);
  454. /**
  455. * @param string $shareProviderClass
  456. * @since 21.0.0
  457. */
  458. public function registerShareProvider(string $shareProviderClass): void;
  459. /**
  460. * @Internal
  461. *
  462. * Get all the shares as iterable to reduce memory overhead
  463. * Note, since this opens up database cursors the iterable should
  464. * be fully itterated.
  465. *
  466. * @return iterable
  467. * @since 18.0.0
  468. */
  469. public function getAllShares(): iterable;
  470. }