123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337 |
- <?php
- /**
- * @copyright Copyright (c) 2019 Julius Härtl <jus@bitgrid.net>
- *
- * @author Christoph Wurst <christoph@winzerhof-wurst.at>
- * @author Julius Härtl <jus@bitgrid.net>
- * @author Robin Appelman <robin@icewind.nl>
- * @author Tobias Kaminsky <tobias@kaminsky.me>
- *
- * @license GNU AGPL version 3 or any later version
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- */
- namespace OC\DirectEditing;
- use \OCP\DirectEditing\IManager;
- use \OCP\Files\Folder;
- use Doctrine\DBAL\FetchMode;
- use OCP\AppFramework\Http\NotFoundResponse;
- use OCP\AppFramework\Http\Response;
- use OCP\AppFramework\Http\TemplateResponse;
- use OCP\Constants;
- use OCP\DB\QueryBuilder\IQueryBuilder;
- use OCP\DirectEditing\ACreateFromTemplate;
- use OCP\DirectEditing\IEditor;
- use OCP\DirectEditing\IToken;
- use OCP\Encryption\IManager as EncryptionManager;
- use OCP\Files\File;
- use OCP\Files\IRootFolder;
- use OCP\Files\Node;
- use OCP\Files\NotFoundException;
- use OCP\IDBConnection;
- use OCP\IL10N;
- use OCP\IUserSession;
- use OCP\L10N\IFactory;
- use OCP\Security\ISecureRandom;
- use OCP\Share\IShare;
- use Throwable;
- use function array_key_exists;
- use function in_array;
- class Manager implements IManager {
- private const TOKEN_CLEANUP_TIME = 12 * 60 * 60 ;
- public const TABLE_TOKENS = 'direct_edit';
- /** @var IEditor[] */
- private $editors = [];
- /** @var IDBConnection */
- private $connection;
- /** @var IUserSession */
- private $userSession;
- /** @var ISecureRandom */
- private $random;
- /** @var string|null */
- private $userId;
- /** @var IRootFolder */
- private $rootFolder;
- /** @var IL10N */
- private $l10n;
- /** @var EncryptionManager */
- private $encryptionManager;
- public function __construct(
- ISecureRandom $random,
- IDBConnection $connection,
- IUserSession $userSession,
- IRootFolder $rootFolder,
- IFactory $l10nFactory,
- EncryptionManager $encryptionManager
- ) {
- $this->random = $random;
- $this->connection = $connection;
- $this->userSession = $userSession;
- $this->userId = $userSession->getUser() ? $userSession->getUser()->getUID() : null;
- $this->rootFolder = $rootFolder;
- $this->l10n = $l10nFactory->get('lib');
- $this->encryptionManager = $encryptionManager;
- }
- public function registerDirectEditor(IEditor $directEditor): void {
- $this->editors[$directEditor->getId()] = $directEditor;
- }
- public function getEditors(): array {
- return $this->editors;
- }
- public function getTemplates(string $editor, string $type): array {
- if (!array_key_exists($editor, $this->editors)) {
- throw new \RuntimeException('No matching editor found');
- }
- $templates = [];
- foreach ($this->editors[$editor]->getCreators() as $creator) {
- if ($creator->getId() === $type) {
- $templates = [
- 'empty' => [
- 'id' => 'empty',
- 'title' => $this->l10n->t('Empty file'),
- 'preview' => null
- ]
- ];
- if ($creator instanceof ACreateFromTemplate) {
- $templates = $creator->getTemplates();
- }
- $templates = array_map(function ($template) use ($creator) {
- $template['extension'] = $creator->getExtension();
- $template['mimetype'] = $creator->getMimetype();
- return $template;
- }, $templates);
- }
- }
- $return = [];
- $return['templates'] = $templates;
- return $return;
- }
- public function create(string $path, string $editorId, string $creatorId, $templateId = null): string {
- $userFolder = $this->rootFolder->getUserFolder($this->userId);
- if ($userFolder->nodeExists($path)) {
- throw new \RuntimeException('File already exists');
- } else {
- if (!$userFolder->nodeExists(dirname($path))) {
- throw new \RuntimeException('Invalid path');
- }
- /** @var Folder $folder */
- $folder = $userFolder->get(dirname($path));
- $file = $folder->newFile(basename($path));
- $editor = $this->getEditor($editorId);
- $creators = $editor->getCreators();
- foreach ($creators as $creator) {
- if ($creator->getId() === $creatorId) {
- $creator->create($file, $creatorId, $templateId);
- return $this->createToken($editorId, $file, $path);
- }
- }
- }
- throw new \RuntimeException('No creator found');
- }
- public function open(string $filePath, string $editorId = null, ?int $fileId = null): string {
- $userFolder = $this->rootFolder->getUserFolder($this->userId);
- $file = $userFolder->get($filePath);
- if ($fileId !== null && $file instanceof Folder) {
- $files = $file->getById($fileId);
- // Workaround to always open files with edit permissions if multiple occurences of
- // the same file id are in the user home, ideally we should also track the path of the file when opening
- usort($files, function (Node $a, Node $b) {
- return ($b->getPermissions() & Constants::PERMISSION_UPDATE) <=> ($a->getPermissions() & Constants::PERMISSION_UPDATE);
- });
- $file = array_shift($files);
- }
- if (!$file instanceof File) {
- throw new NotFoundException();
- }
- $filePath = $userFolder->getRelativePath($file->getPath());
- if ($editorId === null) {
- $editorId = $this->findEditorForFile($file);
- }
- if (!array_key_exists($editorId, $this->editors)) {
- throw new \RuntimeException("Editor $editorId is unknown");
- }
- return $this->createToken($editorId, $file, $filePath);
- }
- private function findEditorForFile(File $file) {
- foreach ($this->editors as $editor) {
- if (in_array($file->getMimeType(), $editor->getMimetypes())) {
- return $editor->getId();
- }
- }
- throw new \RuntimeException('No default editor found for files mimetype');
- }
- public function edit(string $token): Response {
- try {
- /** @var IEditor $editor */
- $tokenObject = $this->getToken($token);
- if ($tokenObject->hasBeenAccessed()) {
- throw new \RuntimeException('Token has already been used and can only be used for followup requests');
- }
- $editor = $this->getEditor($tokenObject->getEditor());
- $this->accessToken($token);
- } catch (Throwable $throwable) {
- $this->invalidateToken($token);
- return new NotFoundResponse();
- }
- try {
- $this->invokeTokenScope($tokenObject->getUser());
- return $editor->open($tokenObject);
- } finally {
- $this->revertTokenScope();
- }
- }
- public function editSecure(File $file, string $editorId): TemplateResponse {
- // TODO: Implementation in follow up
- }
- private function getEditor($editorId): IEditor {
- if (!array_key_exists($editorId, $this->editors)) {
- throw new \RuntimeException('No editor found');
- }
- return $this->editors[$editorId];
- }
- public function getToken(string $token): IToken {
- $query = $this->connection->getQueryBuilder();
- $query->select('*')->from(self::TABLE_TOKENS)
- ->where($query->expr()->eq('token', $query->createNamedParameter($token, IQueryBuilder::PARAM_STR)));
- $result = $query->execute();
- if ($tokenRow = $result->fetch(FetchMode::ASSOCIATIVE)) {
- return new Token($this, $tokenRow);
- }
- throw new \RuntimeException('Failed to validate the token');
- }
- public function cleanup(): int {
- $query = $this->connection->getQueryBuilder();
- $query->delete(self::TABLE_TOKENS)
- ->where($query->expr()->lt('timestamp', $query->createNamedParameter(time() - self::TOKEN_CLEANUP_TIME)));
- return $query->execute();
- }
- public function refreshToken(string $token): bool {
- $query = $this->connection->getQueryBuilder();
- $query->update(self::TABLE_TOKENS)
- ->set('timestamp', $query->createNamedParameter(time(), IQueryBuilder::PARAM_INT))
- ->where($query->expr()->eq('token', $query->createNamedParameter($token, IQueryBuilder::PARAM_STR)));
- $result = $query->execute();
- return $result !== 0;
- }
- public function invalidateToken(string $token): bool {
- $query = $this->connection->getQueryBuilder();
- $query->delete(self::TABLE_TOKENS)
- ->where($query->expr()->eq('token', $query->createNamedParameter($token, IQueryBuilder::PARAM_STR)));
- $result = $query->execute();
- return $result !== 0;
- }
- public function accessToken(string $token): bool {
- $query = $this->connection->getQueryBuilder();
- $query->update(self::TABLE_TOKENS)
- ->set('accessed', $query->createNamedParameter(true, IQueryBuilder::PARAM_BOOL))
- ->set('timestamp', $query->createNamedParameter(time(), IQueryBuilder::PARAM_INT))
- ->where($query->expr()->eq('token', $query->createNamedParameter($token, IQueryBuilder::PARAM_STR)));
- $result = $query->execute();
- return $result !== 0;
- }
- public function invokeTokenScope($userId): void {
- \OC_User::setIncognitoMode(true);
- \OC_User::setUserId($userId);
- }
- public function revertTokenScope(): void {
- $this->userSession->setUser(null);
- \OC_User::setIncognitoMode(false);
- }
- public function createToken($editorId, File $file, string $filePath, IShare $share = null): string {
- $token = $this->random->generate(64, ISecureRandom::CHAR_HUMAN_READABLE);
- $query = $this->connection->getQueryBuilder();
- $query->insert(self::TABLE_TOKENS)
- ->values([
- 'token' => $query->createNamedParameter($token),
- 'editor_id' => $query->createNamedParameter($editorId),
- 'file_id' => $query->createNamedParameter($file->getId()),
- 'file_path' => $query->createNamedParameter($filePath),
- 'user_id' => $query->createNamedParameter($this->userId),
- 'share_id' => $query->createNamedParameter($share !== null ? $share->getId(): null),
- 'timestamp' => $query->createNamedParameter(time())
- ]);
- $query->execute();
- return $token;
- }
- /**
- * @param $userId
- * @param $fileId
- * @param null $filePath
- * @return Node
- * @throws NotFoundException
- */
- public function getFileForToken($userId, $fileId, $filePath = null): Node {
- $userFolder = $this->rootFolder->getUserFolder($userId);
- if ($filePath !== null) {
- return $userFolder->get($filePath);
- }
- $files = $userFolder->getById($fileId);
- if (count($files) === 0) {
- throw new NotFoundException('File nound found by id ' . $fileId);
- }
- return $files[0];
- }
- public function isEnabled(): bool {
- if (!$this->encryptionManager->isEnabled()) {
- return true;
- }
- try {
- $moduleId = $this->encryptionManager->getDefaultEncryptionModuleId();
- $module = $this->encryptionManager->getEncryptionModule($moduleId);
- /** @var \OCA\Encryption\Util $util */
- $util = \OC::$server->get(\OCA\Encryption\Util::class);
- if ($module->isReadyForUser($this->userId) && $util->isMasterKeyEnabled()) {
- return true;
- }
- } catch (Throwable $e) {
- }
- return false;
- }
- }
|