123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442 |
- <?php
- /**
- * @copyright Copyright (c) 2016, ownCloud, Inc.
- * @copyright Copyright (c) 2017, Georg Ehrke <oc.list@georgehrke.com>
- *
- * @author Georg Ehrke <oc.list@georgehrke.com>
- * @author Robin Appelman <robin@icewind.nl>
- * @author Thomas Müller <thomas.mueller@tmit.eu>
- *
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
- namespace OCA\DAV\DAV;
- use Exception;
- use OCP\DB\QueryBuilder\IQueryBuilder;
- use OCP\IDBConnection;
- use OCP\IUser;
- use Sabre\DAV\PropertyStorage\Backend\BackendInterface;
- use Sabre\DAV\PropFind;
- use Sabre\DAV\PropPatch;
- use Sabre\DAV\Tree;
- use Sabre\DAV\Xml\Property\Complex;
- use function array_intersect;
- class CustomPropertiesBackend implements BackendInterface {
- /** @var string */
- private const TABLE_NAME = 'properties';
- /**
- * Value is stored as string.
- */
- public const PROPERTY_TYPE_STRING = 1;
- /**
- * Value is stored as XML fragment.
- */
- public const PROPERTY_TYPE_XML = 2;
- /**
- * Value is stored as a property object.
- */
- public const PROPERTY_TYPE_OBJECT = 3;
- /**
- * Ignored properties
- *
- * @var string[]
- */
- private const IGNORED_PROPERTIES = [
- '{DAV:}getcontentlength',
- '{DAV:}getcontenttype',
- '{DAV:}getetag',
- '{DAV:}quota-used-bytes',
- '{DAV:}quota-available-bytes',
- '{http://owncloud.org/ns}permissions',
- '{http://owncloud.org/ns}downloadURL',
- '{http://owncloud.org/ns}dDC',
- '{http://owncloud.org/ns}size',
- '{http://nextcloud.org/ns}is-encrypted',
- // Currently, returning null from any propfind handler would still trigger the backend,
- // so we add all known Nextcloud custom properties in here to avoid that
- // text app
- '{http://nextcloud.org/ns}rich-workspace',
- '{http://nextcloud.org/ns}rich-workspace-file',
- // groupfolders
- '{http://nextcloud.org/ns}acl-enabled',
- '{http://nextcloud.org/ns}acl-can-manage',
- '{http://nextcloud.org/ns}acl-list',
- '{http://nextcloud.org/ns}inherited-acl-list',
- '{http://nextcloud.org/ns}group-folder-id',
- // files_lock
- '{http://nextcloud.org/ns}lock',
- '{http://nextcloud.org/ns}lock-owner-type',
- '{http://nextcloud.org/ns}lock-owner',
- '{http://nextcloud.org/ns}lock-owner-displayname',
- '{http://nextcloud.org/ns}lock-owner-editor',
- '{http://nextcloud.org/ns}lock-time',
- '{http://nextcloud.org/ns}lock-timeout',
- '{http://nextcloud.org/ns}lock-token',
- ];
- /**
- * Properties set by one user, readable by all others
- *
- * @var string[]
- */
- private const PUBLISHED_READ_ONLY_PROPERTIES = [
- '{urn:ietf:params:xml:ns:caldav}calendar-availability',
- ];
- /**
- * @var Tree
- */
- private $tree;
- /**
- * @var IDBConnection
- */
- private $connection;
- /**
- * @var IUser
- */
- private $user;
- /**
- * Properties cache
- *
- * @var array
- */
- private $userCache = [];
- /**
- * @param Tree $tree node tree
- * @param IDBConnection $connection database connection
- * @param IUser $user owner of the tree and properties
- */
- public function __construct(
- Tree $tree,
- IDBConnection $connection,
- IUser $user) {
- $this->tree = $tree;
- $this->connection = $connection;
- $this->user = $user;
- }
- /**
- * Fetches properties for a path.
- *
- * @param string $path
- * @param PropFind $propFind
- * @return void
- */
- public function propFind($path, PropFind $propFind) {
- $requestedProps = $propFind->get404Properties();
- // these might appear
- $requestedProps = array_diff(
- $requestedProps,
- self::IGNORED_PROPERTIES
- );
- // substr of calendars/ => path is inside the CalDAV component
- // two '/' => this a calendar (no calendar-home nor calendar object)
- if (substr($path, 0, 10) === 'calendars/' && substr_count($path, '/') === 2) {
- $allRequestedProps = $propFind->getRequestedProperties();
- $customPropertiesForShares = [
- '{DAV:}displayname',
- '{urn:ietf:params:xml:ns:caldav}calendar-description',
- '{urn:ietf:params:xml:ns:caldav}calendar-timezone',
- '{http://apple.com/ns/ical/}calendar-order',
- '{http://apple.com/ns/ical/}calendar-color',
- '{urn:ietf:params:xml:ns:caldav}schedule-calendar-transp',
- ];
- foreach ($customPropertiesForShares as $customPropertyForShares) {
- if (in_array($customPropertyForShares, $allRequestedProps)) {
- $requestedProps[] = $customPropertyForShares;
- }
- }
- }
- if (empty($requestedProps)) {
- return;
- }
- // First fetch the published properties (set by another user), then get the ones set by
- // the current user. If both are set then the latter as priority.
- foreach ($this->getPublishedProperties($path, $requestedProps) as $propName => $propValue) {
- $propFind->set($propName, $propValue);
- }
- foreach ($this->getUserProperties($path, $requestedProps) as $propName => $propValue) {
- $propFind->set($propName, $propValue);
- }
- }
- /**
- * Updates properties for a path
- *
- * @param string $path
- * @param PropPatch $propPatch
- *
- * @return void
- */
- public function propPatch($path, PropPatch $propPatch) {
- $propPatch->handleRemaining(function ($changedProps) use ($path) {
- return $this->updateProperties($path, $changedProps);
- });
- }
- /**
- * This method is called after a node is deleted.
- *
- * @param string $path path of node for which to delete properties
- */
- public function delete($path) {
- $statement = $this->connection->prepare(
- 'DELETE FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ?'
- );
- $statement->execute([$this->user->getUID(), $this->formatPath($path)]);
- $statement->closeCursor();
- unset($this->userCache[$path]);
- }
- /**
- * This method is called after a successful MOVE
- *
- * @param string $source
- * @param string $destination
- *
- * @return void
- */
- public function move($source, $destination) {
- $statement = $this->connection->prepare(
- 'UPDATE `*PREFIX*properties` SET `propertypath` = ?' .
- ' WHERE `userid` = ? AND `propertypath` = ?'
- );
- $statement->execute([$this->formatPath($destination), $this->user->getUID(), $this->formatPath($source)]);
- $statement->closeCursor();
- }
- /**
- * @param string $path
- * @param string[] $requestedProperties
- *
- * @return array
- */
- private function getPublishedProperties(string $path, array $requestedProperties): array {
- $allowedProps = array_intersect(self::PUBLISHED_READ_ONLY_PROPERTIES, $requestedProperties);
- if (empty($allowedProps)) {
- return [];
- }
- $qb = $this->connection->getQueryBuilder();
- $qb->select('*')
- ->from(self::TABLE_NAME)
- ->where($qb->expr()->eq('propertypath', $qb->createNamedParameter($path)));
- $result = $qb->executeQuery();
- $props = [];
- while ($row = $result->fetch()) {
- $props[$row['propertyname']] = $this->decodeValueFromDatabase($row['propertyvalue'], $row['valuetype']);
- }
- $result->closeCursor();
- return $props;
- }
- /**
- * Returns a list of properties for the given path and current user
- *
- * @param string $path
- * @param array $requestedProperties requested properties or empty array for "all"
- * @return array
- * @note The properties list is a list of propertynames the client
- * requested, encoded as xmlnamespace#tagName, for example:
- * http://www.example.org/namespace#author If the array is empty, all
- * properties should be returned
- */
- private function getUserProperties(string $path, array $requestedProperties) {
- if (isset($this->userCache[$path])) {
- return $this->userCache[$path];
- }
- // TODO: chunking if more than 1000 properties
- $sql = 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ?';
- $whereValues = [$this->user->getUID(), $this->formatPath($path)];
- $whereTypes = [null, null];
- if (!empty($requestedProperties)) {
- // request only a subset
- $sql .= ' AND `propertyname` in (?)';
- $whereValues[] = $requestedProperties;
- $whereTypes[] = \Doctrine\DBAL\Connection::PARAM_STR_ARRAY;
- }
- $result = $this->connection->executeQuery(
- $sql,
- $whereValues,
- $whereTypes
- );
- $props = [];
- while ($row = $result->fetch()) {
- $props[$row['propertyname']] = $this->decodeValueFromDatabase($row['propertyvalue'], $row['valuetype']);
- }
- $result->closeCursor();
- $this->userCache[$path] = $props;
- return $props;
- }
- /**
- * @throws Exception
- */
- private function updateProperties(string $path, array $properties): bool {
- // TODO: use "insert or update" strategy ?
- $existing = $this->getUserProperties($path, []);
- try {
- $this->connection->beginTransaction();
- foreach ($properties as $propertyName => $propertyValue) {
- // common parameters for all queries
- $dbParameters = [
- 'userid' => $this->user->getUID(),
- 'propertyPath' => $this->formatPath($path),
- 'propertyName' => $propertyName
- ];
- // If it was null, we need to delete the property
- if (is_null($propertyValue)) {
- if (array_key_exists($propertyName, $existing)) {
- $deleteQuery = $deleteQuery ?? $this->createDeleteQuery();
- $deleteQuery
- ->setParameters($dbParameters)
- ->executeStatement();
- }
- } else {
- [$value, $valueType] = $this->encodeValueForDatabase($propertyValue);
- $dbParameters['propertyValue'] = $value;
- $dbParameters['valueType'] = $valueType;
- if (!array_key_exists($propertyName, $existing)) {
- $insertQuery = $insertQuery ?? $this->createInsertQuery();
- $insertQuery
- ->setParameters($dbParameters)
- ->executeStatement();
- } else {
- $updateQuery = $updateQuery ?? $this->createUpdateQuery();
- $updateQuery
- ->setParameters($dbParameters)
- ->executeStatement();
- }
- }
- }
- $this->connection->commit();
- unset($this->userCache[$path]);
- } catch (Exception $e) {
- $this->connection->rollBack();
- throw $e;
- }
- return true;
- }
- /**
- * long paths are hashed to ensure they fit in the database
- *
- * @param string $path
- * @return string
- */
- private function formatPath(string $path): string {
- if (strlen($path) > 250) {
- return sha1($path);
- }
- return $path;
- }
- /**
- * @param mixed $value
- * @return array
- */
- private function encodeValueForDatabase($value): array {
- if (is_scalar($value)) {
- $valueType = self::PROPERTY_TYPE_STRING;
- } elseif ($value instanceof Complex) {
- $valueType = self::PROPERTY_TYPE_XML;
- $value = $value->getXml();
- } else {
- $valueType = self::PROPERTY_TYPE_OBJECT;
- $value = serialize($value);
- }
- return [$value, $valueType];
- }
- /**
- * @return mixed|Complex|string
- */
- private function decodeValueFromDatabase(string $value, int $valueType) {
- switch ($valueType) {
- case self::PROPERTY_TYPE_XML:
- return new Complex($value);
- case self::PROPERTY_TYPE_OBJECT:
- return unserialize($value);
- case self::PROPERTY_TYPE_STRING:
- default:
- return $value;
- }
- }
- private function createDeleteQuery(): IQueryBuilder {
- $deleteQuery = $this->connection->getQueryBuilder();
- $deleteQuery->delete('properties')
- ->where($deleteQuery->expr()->eq('userid', $deleteQuery->createParameter('userid')))
- ->andWhere($deleteQuery->expr()->eq('propertypath', $deleteQuery->createParameter('propertyPath')))
- ->andWhere($deleteQuery->expr()->eq('propertyname', $deleteQuery->createParameter('propertyName')));
- return $deleteQuery;
- }
- private function createInsertQuery(): IQueryBuilder {
- $insertQuery = $this->connection->getQueryBuilder();
- $insertQuery->insert('properties')
- ->values([
- 'userid' => $insertQuery->createParameter('userid'),
- 'propertypath' => $insertQuery->createParameter('propertyPath'),
- 'propertyname' => $insertQuery->createParameter('propertyName'),
- 'propertyvalue' => $insertQuery->createParameter('propertyValue'),
- 'valuetype' => $insertQuery->createParameter('valueType'),
- ]);
- return $insertQuery;
- }
- private function createUpdateQuery(): IQueryBuilder {
- $updateQuery = $this->connection->getQueryBuilder();
- $updateQuery->update('properties')
- ->set('propertyvalue', $updateQuery->createParameter('propertyValue'))
- ->set('valuetype', $updateQuery->createParameter('valueType'))
- ->where($updateQuery->expr()->eq('userid', $updateQuery->createParameter('userid')))
- ->andWhere($updateQuery->expr()->eq('propertypath', $updateQuery->createParameter('propertyPath')))
- ->andWhere($updateQuery->expr()->eq('propertyname', $updateQuery->createParameter('propertyName')));
- return $updateQuery;
- }
- }
|