1
0

Backend.php 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
  5. * SPDX-License-Identifier: AGPL-3.0-or-later
  6. */
  7. namespace OCA\DAV\CardDAV\Activity;
  8. use OCA\DAV\CardDAV\Activity\Provider\Addressbook;
  9. use OCP\Activity\IEvent;
  10. use OCP\Activity\IManager as IActivityManager;
  11. use OCP\App\IAppManager;
  12. use OCP\IGroup;
  13. use OCP\IGroupManager;
  14. use OCP\IUser;
  15. use OCP\IUserManager;
  16. use OCP\IUserSession;
  17. use Sabre\CardDAV\Plugin;
  18. use Sabre\VObject\Reader;
  19. class Backend {
  20. /** @var IActivityManager */
  21. protected $activityManager;
  22. /** @var IGroupManager */
  23. protected $groupManager;
  24. /** @var IUserSession */
  25. protected $userSession;
  26. /** @var IAppManager */
  27. protected $appManager;
  28. /** @var IUserManager */
  29. protected $userManager;
  30. public function __construct(IActivityManager $activityManager,
  31. IGroupManager $groupManager,
  32. IUserSession $userSession,
  33. IAppManager $appManager,
  34. IUserManager $userManager) {
  35. $this->activityManager = $activityManager;
  36. $this->groupManager = $groupManager;
  37. $this->userSession = $userSession;
  38. $this->appManager = $appManager;
  39. $this->userManager = $userManager;
  40. }
  41. /**
  42. * Creates activities when an addressbook was creates
  43. *
  44. * @param array $addressbookData
  45. */
  46. public function onAddressbookCreate(array $addressbookData): void {
  47. $this->triggerAddressbookActivity(Addressbook::SUBJECT_ADD, $addressbookData);
  48. }
  49. /**
  50. * Creates activities when a calendar was updated
  51. *
  52. * @param array $addressbookData
  53. * @param array $shares
  54. * @param array $properties
  55. */
  56. public function onAddressbookUpdate(array $addressbookData, array $shares, array $properties): void {
  57. $this->triggerAddressbookActivity(Addressbook::SUBJECT_UPDATE, $addressbookData, $shares, $properties);
  58. }
  59. /**
  60. * Creates activities when a calendar was deleted
  61. *
  62. * @param array $addressbookData
  63. * @param array $shares
  64. */
  65. public function onAddressbookDelete(array $addressbookData, array $shares): void {
  66. $this->triggerAddressbookActivity(Addressbook::SUBJECT_DELETE, $addressbookData, $shares);
  67. }
  68. /**
  69. * Creates activities for all related users when a calendar was touched
  70. *
  71. * @param string $action
  72. * @param array $addressbookData
  73. * @param array $shares
  74. * @param array $changedProperties
  75. */
  76. protected function triggerAddressbookActivity(string $action, array $addressbookData, array $shares = [], array $changedProperties = []): void {
  77. if (!isset($addressbookData['principaluri'])) {
  78. return;
  79. }
  80. $principalUri = $addressbookData['principaluri'];
  81. // We are not interested in changes from the system addressbook
  82. if ($principalUri === 'principals/system/system') {
  83. return;
  84. }
  85. $principal = explode('/', $principalUri);
  86. $owner = array_pop($principal);
  87. $currentUser = $this->userSession->getUser();
  88. if ($currentUser instanceof IUser) {
  89. $currentUser = $currentUser->getUID();
  90. } else {
  91. $currentUser = $owner;
  92. }
  93. $event = $this->activityManager->generateEvent();
  94. $event->setApp('dav')
  95. ->setObject('addressbook', (int)$addressbookData['id'])
  96. ->setType('contacts')
  97. ->setAuthor($currentUser);
  98. $changedVisibleInformation = array_intersect([
  99. '{DAV:}displayname',
  100. '{' . Plugin::NS_CARDDAV . '}addressbook-description',
  101. ], array_keys($changedProperties));
  102. if (empty($shares) || ($action === Addressbook::SUBJECT_UPDATE && empty($changedVisibleInformation))) {
  103. $users = [$owner];
  104. } else {
  105. $users = $this->getUsersForShares($shares);
  106. $users[] = $owner;
  107. }
  108. foreach ($users as $user) {
  109. if ($action === Addressbook::SUBJECT_DELETE && !$this->userManager->userExists($user)) {
  110. // Avoid creating addressbook_delete activities for deleted users
  111. continue;
  112. }
  113. $event->setAffectedUser($user)
  114. ->setSubject(
  115. $user === $currentUser ? $action . '_self' : $action,
  116. [
  117. 'actor' => $currentUser,
  118. 'addressbook' => [
  119. 'id' => (int)$addressbookData['id'],
  120. 'uri' => $addressbookData['uri'],
  121. 'name' => $addressbookData['{DAV:}displayname'],
  122. ],
  123. ]
  124. );
  125. $this->activityManager->publish($event);
  126. }
  127. }
  128. /**
  129. * Creates activities for all related users when an addressbook was (un-)shared
  130. *
  131. * @param array $addressbookData
  132. * @param array $shares
  133. * @param array $add
  134. * @param array $remove
  135. */
  136. public function onAddressbookUpdateShares(array $addressbookData, array $shares, array $add, array $remove): void {
  137. $principal = explode('/', $addressbookData['principaluri']);
  138. $owner = $principal[2];
  139. $currentUser = $this->userSession->getUser();
  140. if ($currentUser instanceof IUser) {
  141. $currentUser = $currentUser->getUID();
  142. } else {
  143. $currentUser = $owner;
  144. }
  145. $event = $this->activityManager->generateEvent();
  146. $event->setApp('dav')
  147. ->setObject('addressbook', (int)$addressbookData['id'])
  148. ->setType('contacts')
  149. ->setAuthor($currentUser);
  150. foreach ($remove as $principal) {
  151. // principal:principals/users/test
  152. $parts = explode(':', $principal, 2);
  153. if ($parts[0] !== 'principal') {
  154. continue;
  155. }
  156. $principal = explode('/', $parts[1]);
  157. if ($principal[1] === 'users') {
  158. $this->triggerActivityUser(
  159. $principal[2],
  160. $event,
  161. $addressbookData,
  162. Addressbook::SUBJECT_UNSHARE_USER,
  163. Addressbook::SUBJECT_DELETE . '_self'
  164. );
  165. if ($owner !== $principal[2]) {
  166. $parameters = [
  167. 'actor' => $event->getAuthor(),
  168. 'addressbook' => [
  169. 'id' => (int)$addressbookData['id'],
  170. 'uri' => $addressbookData['uri'],
  171. 'name' => $addressbookData['{DAV:}displayname'],
  172. ],
  173. 'user' => $principal[2],
  174. ];
  175. if ($owner === $event->getAuthor()) {
  176. $subject = Addressbook::SUBJECT_UNSHARE_USER . '_you';
  177. } elseif ($principal[2] === $event->getAuthor()) {
  178. $subject = Addressbook::SUBJECT_UNSHARE_USER . '_self';
  179. } else {
  180. $event->setAffectedUser($event->getAuthor())
  181. ->setSubject(Addressbook::SUBJECT_UNSHARE_USER . '_you', $parameters);
  182. $this->activityManager->publish($event);
  183. $subject = Addressbook::SUBJECT_UNSHARE_USER . '_by';
  184. }
  185. $event->setAffectedUser($owner)
  186. ->setSubject($subject, $parameters);
  187. $this->activityManager->publish($event);
  188. }
  189. } elseif ($principal[1] === 'groups') {
  190. $this->triggerActivityGroup($principal[2], $event, $addressbookData, Addressbook::SUBJECT_UNSHARE_USER);
  191. $parameters = [
  192. 'actor' => $event->getAuthor(),
  193. 'addressbook' => [
  194. 'id' => (int)$addressbookData['id'],
  195. 'uri' => $addressbookData['uri'],
  196. 'name' => $addressbookData['{DAV:}displayname'],
  197. ],
  198. 'group' => $principal[2],
  199. ];
  200. if ($owner === $event->getAuthor()) {
  201. $subject = Addressbook::SUBJECT_UNSHARE_GROUP . '_you';
  202. } else {
  203. $event->setAffectedUser($event->getAuthor())
  204. ->setSubject(Addressbook::SUBJECT_UNSHARE_GROUP . '_you', $parameters);
  205. $this->activityManager->publish($event);
  206. $subject = Addressbook::SUBJECT_UNSHARE_GROUP . '_by';
  207. }
  208. $event->setAffectedUser($owner)
  209. ->setSubject($subject, $parameters);
  210. $this->activityManager->publish($event);
  211. }
  212. }
  213. foreach ($add as $share) {
  214. if ($this->isAlreadyShared($share['href'], $shares)) {
  215. continue;
  216. }
  217. // principal:principals/users/test
  218. $parts = explode(':', $share['href'], 2);
  219. if ($parts[0] !== 'principal') {
  220. continue;
  221. }
  222. $principal = explode('/', $parts[1]);
  223. if ($principal[1] === 'users') {
  224. $this->triggerActivityUser($principal[2], $event, $addressbookData, Addressbook::SUBJECT_SHARE_USER);
  225. if ($owner !== $principal[2]) {
  226. $parameters = [
  227. 'actor' => $event->getAuthor(),
  228. 'addressbook' => [
  229. 'id' => (int)$addressbookData['id'],
  230. 'uri' => $addressbookData['uri'],
  231. 'name' => $addressbookData['{DAV:}displayname'],
  232. ],
  233. 'user' => $principal[2],
  234. ];
  235. if ($owner === $event->getAuthor()) {
  236. $subject = Addressbook::SUBJECT_SHARE_USER . '_you';
  237. } else {
  238. $event->setAffectedUser($event->getAuthor())
  239. ->setSubject(Addressbook::SUBJECT_SHARE_USER . '_you', $parameters);
  240. $this->activityManager->publish($event);
  241. $subject = Addressbook::SUBJECT_SHARE_USER . '_by';
  242. }
  243. $event->setAffectedUser($owner)
  244. ->setSubject($subject, $parameters);
  245. $this->activityManager->publish($event);
  246. }
  247. } elseif ($principal[1] === 'groups') {
  248. $this->triggerActivityGroup($principal[2], $event, $addressbookData, Addressbook::SUBJECT_SHARE_USER);
  249. $parameters = [
  250. 'actor' => $event->getAuthor(),
  251. 'addressbook' => [
  252. 'id' => (int)$addressbookData['id'],
  253. 'uri' => $addressbookData['uri'],
  254. 'name' => $addressbookData['{DAV:}displayname'],
  255. ],
  256. 'group' => $principal[2],
  257. ];
  258. if ($owner === $event->getAuthor()) {
  259. $subject = Addressbook::SUBJECT_SHARE_GROUP . '_you';
  260. } else {
  261. $event->setAffectedUser($event->getAuthor())
  262. ->setSubject(Addressbook::SUBJECT_SHARE_GROUP . '_you', $parameters);
  263. $this->activityManager->publish($event);
  264. $subject = Addressbook::SUBJECT_SHARE_GROUP . '_by';
  265. }
  266. $event->setAffectedUser($owner)
  267. ->setSubject($subject, $parameters);
  268. $this->activityManager->publish($event);
  269. }
  270. }
  271. }
  272. /**
  273. * Checks if a calendar is already shared with a principal
  274. *
  275. * @param string $principal
  276. * @param array[] $shares
  277. * @return bool
  278. */
  279. protected function isAlreadyShared(string $principal, array $shares): bool {
  280. foreach ($shares as $share) {
  281. if ($principal === $share['href']) {
  282. return true;
  283. }
  284. }
  285. return false;
  286. }
  287. /**
  288. * Creates the given activity for all members of the given group
  289. *
  290. * @param string $gid
  291. * @param IEvent $event
  292. * @param array $properties
  293. * @param string $subject
  294. */
  295. protected function triggerActivityGroup(string $gid, IEvent $event, array $properties, string $subject): void {
  296. $group = $this->groupManager->get($gid);
  297. if ($group instanceof IGroup) {
  298. foreach ($group->getUsers() as $user) {
  299. // Exclude current user
  300. if ($user->getUID() !== $event->getAuthor()) {
  301. $this->triggerActivityUser($user->getUID(), $event, $properties, $subject);
  302. }
  303. }
  304. }
  305. }
  306. /**
  307. * Creates the given activity for the given user
  308. *
  309. * @param string $user
  310. * @param IEvent $event
  311. * @param array $properties
  312. * @param string $subject
  313. * @param string $subjectSelf
  314. */
  315. protected function triggerActivityUser(string $user, IEvent $event, array $properties, string $subject, string $subjectSelf = ''): void {
  316. $event->setAffectedUser($user)
  317. ->setSubject(
  318. $user === $event->getAuthor() && $subjectSelf ? $subjectSelf : $subject,
  319. [
  320. 'actor' => $event->getAuthor(),
  321. 'addressbook' => [
  322. 'id' => (int)$properties['id'],
  323. 'uri' => $properties['uri'],
  324. 'name' => $properties['{DAV:}displayname'],
  325. ],
  326. ]
  327. );
  328. $this->activityManager->publish($event);
  329. }
  330. /**
  331. * Creates activities when a card was created/updated/deleted
  332. *
  333. * @param string $action
  334. * @param array $addressbookData
  335. * @param array $shares
  336. * @param array $cardData
  337. */
  338. public function triggerCardActivity(string $action, array $addressbookData, array $shares, array $cardData): void {
  339. if (!isset($addressbookData['principaluri'])) {
  340. return;
  341. }
  342. $principalUri = $addressbookData['principaluri'];
  343. // We are not interested in changes from the system addressbook
  344. if ($principalUri === 'principals/system/system') {
  345. return;
  346. }
  347. $principal = explode('/', $principalUri);
  348. $owner = array_pop($principal);
  349. $currentUser = $this->userSession->getUser();
  350. if ($currentUser instanceof IUser) {
  351. $currentUser = $currentUser->getUID();
  352. } else {
  353. $currentUser = $owner;
  354. }
  355. $card = $this->getCardNameAndId($cardData);
  356. $event = $this->activityManager->generateEvent();
  357. $event->setApp('dav')
  358. ->setObject('addressbook', (int)$addressbookData['id'])
  359. ->setType('contacts')
  360. ->setAuthor($currentUser);
  361. $users = $this->getUsersForShares($shares);
  362. $users[] = $owner;
  363. // Users for share can return the owner itself if the calendar is published
  364. foreach (array_unique($users) as $user) {
  365. $params = [
  366. 'actor' => $event->getAuthor(),
  367. 'addressbook' => [
  368. 'id' => (int)$addressbookData['id'],
  369. 'uri' => $addressbookData['uri'],
  370. 'name' => $addressbookData['{DAV:}displayname'],
  371. ],
  372. 'card' => [
  373. 'id' => $card['id'],
  374. 'name' => $card['name'],
  375. ],
  376. ];
  377. $event->setAffectedUser($user)
  378. ->setSubject(
  379. $user === $currentUser ? $action . '_self' : $action,
  380. $params
  381. );
  382. $this->activityManager->publish($event);
  383. }
  384. }
  385. /**
  386. * @param array $cardData
  387. * @return string[]
  388. */
  389. protected function getCardNameAndId(array $cardData): array {
  390. $vObject = Reader::read($cardData['carddata']);
  391. return ['id' => (string)$vObject->UID, 'name' => (string)($vObject->FN ?? '')];
  392. }
  393. /**
  394. * Get all users that have access to a given calendar
  395. *
  396. * @param array $shares
  397. * @return string[]
  398. */
  399. protected function getUsersForShares(array $shares): array {
  400. $users = $groups = [];
  401. foreach ($shares as $share) {
  402. $principal = explode('/', $share['{http://owncloud.org/ns}principal']);
  403. if ($principal[1] === 'users') {
  404. $users[] = $principal[2];
  405. } elseif ($principal[1] === 'groups') {
  406. $groups[] = $principal[2];
  407. }
  408. }
  409. if (!empty($groups)) {
  410. foreach ($groups as $gid) {
  411. $group = $this->groupManager->get($gid);
  412. if ($group instanceof IGroup) {
  413. foreach ($group->getUsers() as $user) {
  414. $users[] = $user->getUID();
  415. }
  416. }
  417. }
  418. }
  419. return array_unique($users);
  420. }
  421. }