ShareAPIController.php 39 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2016, ownCloud, Inc.
  5. *
  6. * @author Bjoern Schiessle <bjoern@schiessle.org>
  7. * @author Joas Schilling <coding@schilljs.com>
  8. * @author Lukas Reschke <lukas@statuscode.ch>
  9. * @author Maxence Lange <maxence@nextcloud.com>
  10. * @author Michael Jobst <mjobst+github@tecratech.de>
  11. * @author Robin Appelman <robin@icewind.nl>
  12. * @author Roeland Jago Douma <roeland@famdouma.nl>
  13. * @author Vincent Petry <pvince81@owncloud.com>
  14. *
  15. * @license AGPL-3.0
  16. *
  17. * This code is free software: you can redistribute it and/or modify
  18. * it under the terms of the GNU Affero General Public License, version 3,
  19. * as published by the Free Software Foundation.
  20. *
  21. * This program is distributed in the hope that it will be useful,
  22. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  23. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  24. * GNU Affero General Public License for more details.
  25. *
  26. * You should have received a copy of the GNU Affero General Public License, version 3,
  27. * along with this program. If not, see <http://www.gnu.org/licenses/>
  28. *
  29. */
  30. namespace OCA\Files_Sharing\Controller;
  31. use OCA\Files\Helper;
  32. use OCP\App\IAppManager;
  33. use OCP\AppFramework\Http\DataResponse;
  34. use OCP\AppFramework\OCS\OCSBadRequestException;
  35. use OCP\AppFramework\OCS\OCSException;
  36. use OCP\AppFramework\OCS\OCSForbiddenException;
  37. use OCP\AppFramework\OCS\OCSNotFoundException;
  38. use OCP\AppFramework\OCSController;
  39. use OCP\AppFramework\QueryException;
  40. use OCP\Constants;
  41. use OCP\Files\Node;
  42. use OCP\Files\NotFoundException;
  43. use OCP\IConfig;
  44. use OCP\IGroupManager;
  45. use OCP\IL10N;
  46. use OCP\IUserManager;
  47. use OCP\IRequest;
  48. use OCP\IServerContainer;
  49. use OCP\IURLGenerator;
  50. use OCP\Files\IRootFolder;
  51. use OCP\Lock\LockedException;
  52. use OCP\Share;
  53. use OCP\Share\IManager;
  54. use OCP\Share\Exceptions\ShareNotFound;
  55. use OCP\Share\Exceptions\GenericShareException;
  56. use OCP\Lock\ILockingProvider;
  57. use OCP\Share\IShare;
  58. use OCA\Files_Sharing\External\Storage;
  59. /**
  60. * Class Share20OCS
  61. *
  62. * @package OCA\Files_Sharing\API
  63. */
  64. class ShareAPIController extends OCSController {
  65. /** @var IManager */
  66. private $shareManager;
  67. /** @var IGroupManager */
  68. private $groupManager;
  69. /** @var IUserManager */
  70. private $userManager;
  71. /** @var IRootFolder */
  72. private $rootFolder;
  73. /** @var IURLGenerator */
  74. private $urlGenerator;
  75. /** @var string */
  76. private $currentUser;
  77. /** @var IL10N */
  78. private $l;
  79. /** @var \OCP\Files\Node */
  80. private $lockedNode;
  81. /** @var IConfig */
  82. private $config;
  83. /** @var IAppManager */
  84. private $appManager;
  85. /** @var IServerContainer */
  86. private $serverContainer;
  87. /**
  88. * Share20OCS constructor.
  89. *
  90. * @param string $appName
  91. * @param IRequest $request
  92. * @param IManager $shareManager
  93. * @param IGroupManager $groupManager
  94. * @param IUserManager $userManager
  95. * @param IRootFolder $rootFolder
  96. * @param IURLGenerator $urlGenerator
  97. * @param string $userId
  98. * @param IL10N $l10n
  99. * @param IConfig $config
  100. * @param IAppManager $appManager
  101. * @param IServerContainer $serverContainer
  102. */
  103. public function __construct(
  104. string $appName,
  105. IRequest $request,
  106. IManager $shareManager,
  107. IGroupManager $groupManager,
  108. IUserManager $userManager,
  109. IRootFolder $rootFolder,
  110. IURLGenerator $urlGenerator,
  111. string $userId = null,
  112. IL10N $l10n,
  113. IConfig $config,
  114. IAppManager $appManager,
  115. IServerContainer $serverContainer
  116. ) {
  117. parent::__construct($appName, $request);
  118. $this->shareManager = $shareManager;
  119. $this->userManager = $userManager;
  120. $this->groupManager = $groupManager;
  121. $this->request = $request;
  122. $this->rootFolder = $rootFolder;
  123. $this->urlGenerator = $urlGenerator;
  124. $this->currentUser = $userId;
  125. $this->l = $l10n;
  126. $this->config = $config;
  127. $this->appManager = $appManager;
  128. $this->serverContainer = $serverContainer;
  129. }
  130. /**
  131. * Convert an IShare to an array for OCS output
  132. *
  133. * @param \OCP\Share\IShare $share
  134. * @param Node|null $recipientNode
  135. * @return array
  136. * @throws NotFoundException In case the node can't be resolved.
  137. *
  138. * @suppress PhanUndeclaredClassMethod
  139. */
  140. protected function formatShare(\OCP\Share\IShare $share, Node $recipientNode = null): array {
  141. $sharedBy = $this->userManager->get($share->getSharedBy());
  142. $shareOwner = $this->userManager->get($share->getShareOwner());
  143. $result = [
  144. 'id' => $share->getId(),
  145. 'share_type' => $share->getShareType(),
  146. 'uid_owner' => $share->getSharedBy(),
  147. 'displayname_owner' => $sharedBy !== null ? $sharedBy->getDisplayName() : $share->getSharedBy(),
  148. 'permissions' => $share->getPermissions(),
  149. 'stime' => $share->getShareTime()->getTimestamp(),
  150. 'parent' => null,
  151. 'expiration' => null,
  152. 'token' => null,
  153. 'uid_file_owner' => $share->getShareOwner(),
  154. 'note' => $share->getNote(),
  155. 'label' => $share->getLabel(),
  156. 'displayname_file_owner' => $shareOwner !== null ? $shareOwner->getDisplayName() : $share->getShareOwner(),
  157. ];
  158. $userFolder = $this->rootFolder->getUserFolder($this->currentUser);
  159. if ($recipientNode) {
  160. $node = $recipientNode;
  161. } else {
  162. $nodes = $userFolder->getById($share->getNodeId());
  163. if (empty($nodes)) {
  164. // fallback to guessing the path
  165. $node = $userFolder->get($share->getTarget());
  166. if ($node === null || $share->getTarget() === '') {
  167. throw new NotFoundException();
  168. }
  169. } else {
  170. $node = $nodes[0];
  171. }
  172. }
  173. $result['path'] = $userFolder->getRelativePath($node->getPath());
  174. if ($node instanceOf \OCP\Files\Folder) {
  175. $result['item_type'] = 'folder';
  176. } else {
  177. $result['item_type'] = 'file';
  178. }
  179. $result['mimetype'] = $node->getMimetype();
  180. $result['storage_id'] = $node->getStorage()->getId();
  181. $result['storage'] = $node->getStorage()->getCache()->getNumericStorageId();
  182. $result['item_source'] = $node->getId();
  183. $result['file_source'] = $node->getId();
  184. $result['file_parent'] = $node->getParent()->getId();
  185. $result['file_target'] = $share->getTarget();
  186. $expiration = $share->getExpirationDate();
  187. if ($expiration !== null) {
  188. $result['expiration'] = $expiration->format('Y-m-d 00:00:00');
  189. }
  190. if ($share->getShareType() === Share::SHARE_TYPE_USER) {
  191. $sharedWith = $this->userManager->get($share->getSharedWith());
  192. $result['share_with'] = $share->getSharedWith();
  193. $result['share_with_displayname'] = $sharedWith !== null ? $sharedWith->getDisplayName() : $share->getSharedWith();
  194. } else if ($share->getShareType() === Share::SHARE_TYPE_GROUP) {
  195. $group = $this->groupManager->get($share->getSharedWith());
  196. $result['share_with'] = $share->getSharedWith();
  197. $result['share_with_displayname'] = $group !== null ? $group->getDisplayName() : $share->getSharedWith();
  198. } else if ($share->getShareType() === Share::SHARE_TYPE_LINK) {
  199. // "share_with" and "share_with_displayname" for passwords of link
  200. // shares was deprecated in Nextcloud 15, use "password" instead.
  201. $result['share_with'] = $share->getPassword();
  202. $result['share_with_displayname'] = $share->getPassword();
  203. $result['password'] = $share->getPassword();
  204. $result['send_password_by_talk'] = $share->getSendPasswordByTalk();
  205. $result['token'] = $share->getToken();
  206. $result['url'] = $this->urlGenerator->linkToRouteAbsolute('files_sharing.sharecontroller.showShare', ['token' => $share->getToken()]);
  207. } else if ($share->getShareType() === Share::SHARE_TYPE_REMOTE || $share->getShareType() === Share::SHARE_TYPE_REMOTE_GROUP) {
  208. $result['share_with'] = $share->getSharedWith();
  209. $result['share_with_displayname'] = $this->getDisplayNameFromAddressBook($share->getSharedWith(), 'CLOUD');
  210. $result['token'] = $share->getToken();
  211. } else if ($share->getShareType() === Share::SHARE_TYPE_EMAIL) {
  212. $result['share_with'] = $share->getSharedWith();
  213. $result['password'] = $share->getPassword();
  214. $result['send_password_by_talk'] = $share->getSendPasswordByTalk();
  215. $result['share_with_displayname'] = $this->getDisplayNameFromAddressBook($share->getSharedWith(), 'EMAIL');
  216. $result['token'] = $share->getToken();
  217. } else if ($share->getShareType() === Share::SHARE_TYPE_CIRCLE) {
  218. // getSharedWith() returns either "name (type, owner)" or
  219. // "name (type, owner) [id]", depending on the Circles app version.
  220. $hasCircleId = (substr($share->getSharedWith(), -1) === ']');
  221. $result['share_with_displayname'] = $share->getSharedWithDisplayName();
  222. if (empty($result['share_with_displayname'])) {
  223. $displayNameLength = ($hasCircleId? strrpos($share->getSharedWith(), ' '): strlen($share->getSharedWith()));
  224. $result['share_with_displayname'] = substr($share->getSharedWith(), 0, $displayNameLength);
  225. }
  226. $result['share_with_avatar'] = $share->getSharedWithAvatar();
  227. $shareWithStart = ($hasCircleId? strrpos($share->getSharedWith(), '[') + 1: 0);
  228. $shareWithLength = ($hasCircleId? -1: strpos($share->getSharedWith(), ' '));
  229. if (is_bool($shareWithLength)) {
  230. $shareWithLength = -1;
  231. }
  232. $result['share_with'] = substr($share->getSharedWith(), $shareWithStart, $shareWithLength);
  233. } else if ($share->getShareType() === Share::SHARE_TYPE_ROOM) {
  234. $result['share_with'] = $share->getSharedWith();
  235. $result['share_with_displayname'] = '';
  236. try {
  237. $result = array_merge($result, $this->getRoomShareHelper()->formatShare($share));
  238. } catch (QueryException $e) {
  239. }
  240. }
  241. $result['mail_send'] = $share->getMailSend() ? 1 : 0;
  242. $result['hide_download'] = $share->getHideDownload() ? 1 : 0;
  243. return $result;
  244. }
  245. /**
  246. * Check if one of the users address books knows the exact property, if
  247. * yes we return the full name.
  248. *
  249. * @param string $query
  250. * @param string $property
  251. * @return string
  252. */
  253. private function getDisplayNameFromAddressBook(string $query, string $property): string {
  254. // FIXME: If we inject the contacts manager it gets initialized bofore any address books are registered
  255. $result = \OC::$server->getContactsManager()->search($query, [$property]);
  256. foreach ($result as $r) {
  257. foreach($r[$property] as $value) {
  258. if ($value === $query) {
  259. return $r['FN'];
  260. }
  261. }
  262. }
  263. return $query;
  264. }
  265. /**
  266. * Get a specific share by id
  267. *
  268. * @NoAdminRequired
  269. *
  270. * @param string $id
  271. * @return DataResponse
  272. * @throws OCSNotFoundException
  273. */
  274. public function getShare(string $id): DataResponse {
  275. try {
  276. $share = $this->getShareById($id);
  277. } catch (ShareNotFound $e) {
  278. throw new OCSNotFoundException($this->l->t('Wrong share ID, share doesn\'t exist'));
  279. }
  280. if ($this->canAccessShare($share)) {
  281. try {
  282. $share = $this->formatShare($share);
  283. return new DataResponse([$share]);
  284. } catch (NotFoundException $e) {
  285. //Fall trough
  286. }
  287. }
  288. throw new OCSNotFoundException($this->l->t('Wrong share ID, share doesn\'t exist'));
  289. }
  290. /**
  291. * Delete a share
  292. *
  293. * @NoAdminRequired
  294. *
  295. * @param string $id
  296. * @return DataResponse
  297. * @throws OCSNotFoundException
  298. */
  299. public function deleteShare(string $id): DataResponse {
  300. try {
  301. $share = $this->getShareById($id);
  302. } catch (ShareNotFound $e) {
  303. throw new OCSNotFoundException($this->l->t('Wrong share ID, share doesn\'t exist'));
  304. }
  305. try {
  306. $this->lock($share->getNode());
  307. } catch (LockedException $e) {
  308. throw new OCSNotFoundException($this->l->t('could not delete share'));
  309. }
  310. if (!$this->canAccessShare($share)) {
  311. throw new OCSNotFoundException($this->l->t('Could not delete share'));
  312. }
  313. if (($share->getShareType() === Share::SHARE_TYPE_GROUP ||
  314. $share->getShareType() === Share::SHARE_TYPE_ROOM) &&
  315. $share->getShareOwner() !== $this->currentUser &&
  316. $share->getSharedBy() !== $this->currentUser) {
  317. $this->shareManager->deleteFromSelf($share, $this->currentUser);
  318. } else {
  319. $this->shareManager->deleteShare($share);
  320. }
  321. return new DataResponse();
  322. }
  323. /**
  324. * @NoAdminRequired
  325. *
  326. * @param string $path
  327. * @param int $permissions
  328. * @param int $shareType
  329. * @param string $shareWith
  330. * @param string $publicUpload
  331. * @param string $password
  332. * @param string $sendPasswordByTalk
  333. * @param string $expireDate
  334. * @param string $label
  335. *
  336. * @return DataResponse
  337. * @throws NotFoundException
  338. * @throws OCSBadRequestException
  339. * @throws OCSException
  340. * @throws OCSForbiddenException
  341. * @throws OCSNotFoundException
  342. * @throws \OCP\Files\InvalidPathException
  343. * @suppress PhanUndeclaredClassMethod
  344. */
  345. public function createShare(
  346. string $path = null,
  347. int $permissions = null,
  348. int $shareType = -1,
  349. string $shareWith = null,
  350. string $publicUpload = 'false',
  351. string $password = '',
  352. string $sendPasswordByTalk = null,
  353. string $expireDate = '',
  354. string $label = ''
  355. ): DataResponse {
  356. $share = $this->shareManager->newShare();
  357. if ($permissions === null) {
  358. $permissions = $this->config->getAppValue('core', 'shareapi_default_permissions', Constants::PERMISSION_ALL);
  359. }
  360. // Verify path
  361. if ($path === null) {
  362. throw new OCSNotFoundException($this->l->t('Please specify a file or folder path'));
  363. }
  364. $userFolder = $this->rootFolder->getUserFolder($this->currentUser);
  365. try {
  366. $path = $userFolder->get($path);
  367. } catch (NotFoundException $e) {
  368. throw new OCSNotFoundException($this->l->t('Wrong path, file/folder doesn\'t exist'));
  369. }
  370. $share->setNode($path);
  371. try {
  372. $this->lock($share->getNode());
  373. } catch (LockedException $e) {
  374. throw new OCSNotFoundException($this->l->t('Could not create share'));
  375. }
  376. if ($permissions < 0 || $permissions > Constants::PERMISSION_ALL) {
  377. throw new OCSNotFoundException($this->l->t('invalid permissions'));
  378. }
  379. // Shares always require read permissions
  380. $permissions |= Constants::PERMISSION_READ;
  381. if ($path instanceof \OCP\Files\File) {
  382. // Single file shares should never have delete or create permissions
  383. $permissions &= ~Constants::PERMISSION_DELETE;
  384. $permissions &= ~Constants::PERMISSION_CREATE;
  385. }
  386. /*
  387. * Hack for https://github.com/owncloud/core/issues/22587
  388. * We check the permissions via webdav. But the permissions of the mount point
  389. * do not equal the share permissions. Here we fix that for federated mounts.
  390. */
  391. if ($path->getStorage()->instanceOfStorage(Storage::class)) {
  392. $permissions &= ~($permissions & ~$path->getPermissions());
  393. }
  394. if ($shareType === Share::SHARE_TYPE_USER) {
  395. // Valid user is required to share
  396. if ($shareWith === null || !$this->userManager->userExists($shareWith)) {
  397. throw new OCSNotFoundException($this->l->t('Please specify a valid user'));
  398. }
  399. $share->setSharedWith($shareWith);
  400. $share->setPermissions($permissions);
  401. } else if ($shareType === Share::SHARE_TYPE_GROUP) {
  402. if (!$this->shareManager->allowGroupSharing()) {
  403. throw new OCSNotFoundException($this->l->t('Group sharing is disabled by the administrator'));
  404. }
  405. // Valid group is required to share
  406. if ($shareWith === null || !$this->groupManager->groupExists($shareWith)) {
  407. throw new OCSNotFoundException($this->l->t('Please specify a valid group'));
  408. }
  409. $share->setSharedWith($shareWith);
  410. $share->setPermissions($permissions);
  411. } else if ($shareType === Share::SHARE_TYPE_LINK) {
  412. //Can we even share links?
  413. if (!$this->shareManager->shareApiAllowLinks()) {
  414. throw new OCSNotFoundException($this->l->t('Public link sharing is disabled by the administrator'));
  415. }
  416. if ($publicUpload === 'true') {
  417. // Check if public upload is allowed
  418. if (!$this->shareManager->shareApiLinkAllowPublicUpload()) {
  419. throw new OCSForbiddenException($this->l->t('Public upload disabled by the administrator'));
  420. }
  421. // Public upload can only be set for folders
  422. if ($path instanceof \OCP\Files\File) {
  423. throw new OCSNotFoundException($this->l->t('Public upload is only possible for publicly shared folders'));
  424. }
  425. $share->setPermissions(
  426. Constants::PERMISSION_READ |
  427. Constants::PERMISSION_CREATE |
  428. Constants::PERMISSION_UPDATE |
  429. Constants::PERMISSION_DELETE
  430. );
  431. } else {
  432. $share->setPermissions(Constants::PERMISSION_READ);
  433. }
  434. // Set password
  435. if ($password !== '') {
  436. $share->setPassword($password);
  437. }
  438. if (!empty($label)) {
  439. $share->setLabel($label);
  440. }
  441. if ($sendPasswordByTalk === 'true') {
  442. if (!$this->appManager->isEnabledForUser('spreed')) {
  443. throw new OCSForbiddenException($this->l->t('Sharing %s sending the password by Nextcloud Talk failed because Nextcloud Talk is not enabled', [$path->getPath()]));
  444. }
  445. $share->setSendPasswordByTalk(true);
  446. }
  447. //Expire date
  448. if ($expireDate !== '') {
  449. try {
  450. $expireDate = $this->parseDate($expireDate);
  451. $share->setExpirationDate($expireDate);
  452. } catch (\Exception $e) {
  453. throw new OCSNotFoundException($this->l->t('Invalid date, date format must be YYYY-MM-DD'));
  454. }
  455. }
  456. } else if ($shareType === Share::SHARE_TYPE_REMOTE) {
  457. if (!$this->shareManager->outgoingServer2ServerSharesAllowed()) {
  458. throw new OCSForbiddenException($this->l->t('Sharing %1$s failed because the back end does not allow shares from type %2$s', [$path->getPath(), $shareType]));
  459. }
  460. $share->setSharedWith($shareWith);
  461. $share->setPermissions($permissions);
  462. } else if ($shareType === Share::SHARE_TYPE_REMOTE_GROUP) {
  463. if (!$this->shareManager->outgoingServer2ServerGroupSharesAllowed()) {
  464. throw new OCSForbiddenException($this->l->t('Sharing %1$s failed because the back end does not allow shares from type %2$s', [$path->getPath(), $shareType]));
  465. }
  466. $share->setSharedWith($shareWith);
  467. $share->setPermissions($permissions);
  468. } else if ($shareType === Share::SHARE_TYPE_EMAIL) {
  469. if ($share->getNodeType() === 'file') {
  470. $share->setPermissions(Constants::PERMISSION_READ);
  471. } else {
  472. $share->setPermissions($permissions);
  473. }
  474. $share->setSharedWith($shareWith);
  475. if ($sendPasswordByTalk === 'true') {
  476. if (!$this->appManager->isEnabledForUser('spreed')) {
  477. throw new OCSForbiddenException($this->l->t('Sharing %s sending the password by Nextcloud Talk failed because Nextcloud Talk is not enabled', [$path->getPath()]));
  478. }
  479. $share->setSendPasswordByTalk(true);
  480. }
  481. } else if ($shareType === Share::SHARE_TYPE_CIRCLE) {
  482. if (!\OC::$server->getAppManager()->isEnabledForUser('circles') || !class_exists('\OCA\Circles\ShareByCircleProvider')) {
  483. throw new OCSNotFoundException($this->l->t('You cannot share to a Circle if the app is not enabled'));
  484. }
  485. $circle = \OCA\Circles\Api\v1\Circles::detailsCircle($shareWith);
  486. // Valid circle is required to share
  487. if ($circle === null) {
  488. throw new OCSNotFoundException($this->l->t('Please specify a valid circle'));
  489. }
  490. $share->setSharedWith($shareWith);
  491. $share->setPermissions($permissions);
  492. } else if ($shareType === Share::SHARE_TYPE_ROOM) {
  493. try {
  494. $this->getRoomShareHelper()->createShare($share, $shareWith, $permissions, $expireDate);
  495. } catch (QueryException $e) {
  496. throw new OCSForbiddenException($this->l->t('Sharing %s failed because the back end does not support room shares', [$path->getPath()]));
  497. }
  498. } else {
  499. throw new OCSBadRequestException($this->l->t('Unknown share type'));
  500. }
  501. $share->setShareType($shareType);
  502. $share->setSharedBy($this->currentUser);
  503. try {
  504. $share = $this->shareManager->createShare($share);
  505. } catch (GenericShareException $e) {
  506. $code = $e->getCode() === 0 ? 403 : $e->getCode();
  507. throw new OCSException($e->getHint(), $code);
  508. } catch (\Exception $e) {
  509. throw new OCSForbiddenException($e->getMessage(), $e);
  510. }
  511. $output = $this->formatShare($share);
  512. return new DataResponse($output);
  513. }
  514. /**
  515. * @param \OCP\Files\File|\OCP\Files\Folder $node
  516. * @param boolean $includeTags
  517. * @return DataResponse
  518. */
  519. private function getSharedWithMe($node = null, bool $includeTags): DataResponse {
  520. $userShares = $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_USER, $node, -1, 0);
  521. $groupShares = $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_GROUP, $node, -1, 0);
  522. $circleShares = $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_CIRCLE, $node, -1, 0);
  523. $roomShares = $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_ROOM, $node, -1, 0);
  524. $shares = array_merge($userShares, $groupShares, $circleShares, $roomShares);
  525. $shares = array_filter($shares, function (IShare $share) {
  526. return $share->getShareOwner() !== $this->currentUser;
  527. });
  528. $formatted = [];
  529. foreach ($shares as $share) {
  530. if ($this->canAccessShare($share)) {
  531. try {
  532. $formatted[] = $this->formatShare($share);
  533. } catch (NotFoundException $e) {
  534. // Ignore this share
  535. }
  536. }
  537. }
  538. if ($includeTags) {
  539. $formatted = Helper::populateTags($formatted, 'file_source', \OC::$server->getTagManager());
  540. }
  541. return new DataResponse($formatted);
  542. }
  543. /**
  544. * @param \OCP\Files\Folder $folder
  545. * @return DataResponse
  546. * @throws OCSBadRequestException
  547. */
  548. private function getSharesInDir(Node $folder): DataResponse {
  549. if (!($folder instanceof \OCP\Files\Folder)) {
  550. throw new OCSBadRequestException($this->l->t('Not a directory'));
  551. }
  552. $nodes = $folder->getDirectoryListing();
  553. /** @var \OCP\Share\IShare[] $shares */
  554. $shares = [];
  555. foreach ($nodes as $node) {
  556. $shares = array_merge($shares, $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_USER, $node, false, -1, 0));
  557. $shares = array_merge($shares, $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_GROUP, $node, false, -1, 0));
  558. $shares = array_merge($shares, $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_LINK, $node, false, -1, 0));
  559. if($this->shareManager->shareProviderExists(Share::SHARE_TYPE_EMAIL)) {
  560. $shares = array_merge($shares, $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_EMAIL, $node, false, -1, 0));
  561. }
  562. if ($this->shareManager->outgoingServer2ServerSharesAllowed()) {
  563. $shares = array_merge($shares, $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_REMOTE, $node, false, -1, 0));
  564. }
  565. $shares = array_merge($shares, $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_ROOM, $node, false, -1, 0));
  566. }
  567. $formatted = [];
  568. foreach ($shares as $share) {
  569. try {
  570. $formatted[] = $this->formatShare($share);
  571. } catch (NotFoundException $e) {
  572. //Ignore this share
  573. }
  574. }
  575. return new DataResponse($formatted);
  576. }
  577. /**
  578. * The getShares function.
  579. *
  580. * @NoAdminRequired
  581. *
  582. * @param string $shared_with_me
  583. * @param string $reshares
  584. * @param string $subfiles
  585. * @param string $path
  586. *
  587. * - Get shares by the current user
  588. * - Get shares by the current user and reshares (?reshares=true)
  589. * - Get shares with the current user (?shared_with_me=true)
  590. * - Get shares for a specific path (?path=...)
  591. * - Get all shares in a folder (?subfiles=true&path=..)
  592. *
  593. * @return DataResponse
  594. * @throws OCSNotFoundException
  595. */
  596. public function getShares(
  597. string $shared_with_me = 'false',
  598. string $reshares = 'false',
  599. string $subfiles = 'false',
  600. string $path = null,
  601. string $include_tags = 'false'
  602. ): DataResponse {
  603. if ($path !== null) {
  604. $userFolder = $this->rootFolder->getUserFolder($this->currentUser);
  605. try {
  606. $path = $userFolder->get($path);
  607. $this->lock($path);
  608. } catch (\OCP\Files\NotFoundException $e) {
  609. throw new OCSNotFoundException($this->l->t('Wrong path, file/folder doesn\'t exist'));
  610. } catch (LockedException $e) {
  611. throw new OCSNotFoundException($this->l->t('Could not lock path'));
  612. }
  613. }
  614. $include_tags = $include_tags === 'true';
  615. if ($shared_with_me === 'true') {
  616. $result = $this->getSharedWithMe($path, $include_tags);
  617. return $result;
  618. }
  619. if ($subfiles === 'true') {
  620. $result = $this->getSharesInDir($path);
  621. return $result;
  622. }
  623. if ($reshares === 'true') {
  624. $reshares = true;
  625. } else {
  626. $reshares = false;
  627. }
  628. // Get all shares
  629. $userShares = $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_USER, $path, $reshares, -1, 0);
  630. $groupShares = $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_GROUP, $path, $reshares, -1, 0);
  631. $linkShares = $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_LINK, $path, $reshares, -1, 0);
  632. if ($this->shareManager->shareProviderExists(Share::SHARE_TYPE_EMAIL)) {
  633. $mailShares = $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_EMAIL, $path, $reshares, -1, 0);
  634. } else {
  635. $mailShares = [];
  636. }
  637. if ($this->shareManager->shareProviderExists(Share::SHARE_TYPE_CIRCLE)) {
  638. $circleShares = $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_CIRCLE, $path, $reshares, -1, 0);
  639. } else {
  640. $circleShares = [];
  641. }
  642. $roomShares = $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_ROOM, $path, $reshares, -1, 0);
  643. $shares = array_merge($userShares, $groupShares, $linkShares, $mailShares, $circleShares, $roomShares);
  644. if ($this->shareManager->outgoingServer2ServerSharesAllowed()) {
  645. $federatedShares = $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_REMOTE, $path, $reshares, -1, 0);
  646. $shares = array_merge($shares, $federatedShares);
  647. }
  648. if ($this->shareManager->outgoingServer2ServerGroupSharesAllowed()) {
  649. $federatedShares = $this->shareManager->getSharesBy($this->currentUser, Share::SHARE_TYPE_REMOTE_GROUP, $path, $reshares, -1, 0);
  650. $shares = array_merge($shares, $federatedShares);
  651. }
  652. $formatted = $miniFormatted = [];
  653. $resharingRight = false;
  654. foreach ($shares as $share) {
  655. /** @var IShare $share */
  656. try {
  657. $format = $this->formatShare($share, $path);
  658. $formatted[] = $format;
  659. if ($share->getSharedBy() === $this->currentUser) {
  660. $miniFormatted[] = $format;
  661. }
  662. if (!$resharingRight && $this->shareProviderResharingRights($this->currentUser, $share, $path)) {
  663. $resharingRight = true;
  664. }
  665. } catch (\Exception $e) {
  666. //Ignore share
  667. }
  668. }
  669. if (!$resharingRight) {
  670. $formatted = $miniFormatted;
  671. }
  672. if ($include_tags) {
  673. $formatted = Helper::populateTags($formatted, 'file_source', \OC::$server->getTagManager());
  674. }
  675. return new DataResponse($formatted);
  676. }
  677. /**
  678. * @NoAdminRequired
  679. *
  680. * @param string $id
  681. * @param int $permissions
  682. * @param string $password
  683. * @param string $sendPasswordByTalk
  684. * @param string $publicUpload
  685. * @param string $expireDate
  686. * @param string $note
  687. * @param string $label
  688. * @param string $hideDownload
  689. * @return DataResponse
  690. * @throws LockedException
  691. * @throws NotFoundException
  692. * @throws OCSBadRequestException
  693. * @throws OCSForbiddenException
  694. * @throws OCSNotFoundException
  695. */
  696. public function updateShare(
  697. string $id,
  698. int $permissions = null,
  699. string $password = null,
  700. string $sendPasswordByTalk = null,
  701. string $publicUpload = null,
  702. string $expireDate = null,
  703. string $note = null,
  704. string $label = null,
  705. string $hideDownload = null
  706. ): DataResponse {
  707. try {
  708. $share = $this->getShareById($id);
  709. } catch (ShareNotFound $e) {
  710. throw new OCSNotFoundException($this->l->t('Wrong share ID, share doesn\'t exist'));
  711. }
  712. $this->lock($share->getNode());
  713. if (!$this->canAccessShare($share, false)) {
  714. throw new OCSNotFoundException($this->l->t('Wrong share ID, share doesn\'t exist'));
  715. }
  716. if ($share->getShareOwner() !== $this->currentUser && $share->getSharedBy() !== $this->currentUser) {
  717. throw new OCSForbiddenException('You are not allowed to edit incoming shares');
  718. }
  719. if ($permissions === null &&
  720. $password === null &&
  721. $sendPasswordByTalk === null &&
  722. $publicUpload === null &&
  723. $expireDate === null &&
  724. $note === null &&
  725. $label === null &&
  726. $hideDownload === null
  727. ) {
  728. throw new OCSBadRequestException($this->l->t('Wrong or no update parameter given'));
  729. }
  730. if($note !== null) {
  731. $share->setNote($note);
  732. }
  733. /*
  734. * expirationdate, password and publicUpload only make sense for link shares
  735. */
  736. if ($share->getShareType() === Share::SHARE_TYPE_LINK) {
  737. // Update hide download state
  738. if ($hideDownload === 'true') {
  739. $share->setHideDownload(true);
  740. } else if ($hideDownload === 'false') {
  741. $share->setHideDownload(false);
  742. }
  743. $newPermissions = null;
  744. if ($publicUpload === 'true') {
  745. $newPermissions = Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE;
  746. } else if ($publicUpload === 'false') {
  747. $newPermissions = Constants::PERMISSION_READ;
  748. }
  749. if ($permissions !== null) {
  750. $newPermissions = (int)$permissions;
  751. $newPermissions = $newPermissions & ~Constants::PERMISSION_SHARE;
  752. }
  753. if ($newPermissions !== null &&
  754. !in_array($newPermissions, [
  755. Constants::PERMISSION_READ,
  756. Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE, // legacy
  757. Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE, // correct
  758. Constants::PERMISSION_CREATE, // hidden file list
  759. Constants::PERMISSION_READ | Constants::PERMISSION_UPDATE, // allow to edit single files
  760. ], true)
  761. ) {
  762. throw new OCSBadRequestException($this->l->t('Can\'t change permissions for public share links'));
  763. }
  764. if (
  765. // legacy
  766. $newPermissions === (Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE) ||
  767. // correct
  768. $newPermissions === (Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE)
  769. ) {
  770. if (!$this->shareManager->shareApiLinkAllowPublicUpload()) {
  771. throw new OCSForbiddenException($this->l->t('Public upload disabled by the administrator'));
  772. }
  773. if (!($share->getNode() instanceof \OCP\Files\Folder)) {
  774. throw new OCSBadRequestException($this->l->t('Public upload is only possible for publicly shared folders'));
  775. }
  776. // normalize to correct public upload permissions
  777. $newPermissions = Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE;
  778. }
  779. if ($newPermissions !== null) {
  780. $share->setPermissions($newPermissions);
  781. $permissions = $newPermissions;
  782. }
  783. if ($expireDate === '') {
  784. $share->setExpirationDate(null);
  785. } else if ($expireDate !== null) {
  786. try {
  787. $expireDate = $this->parseDate($expireDate);
  788. } catch (\Exception $e) {
  789. throw new OCSBadRequestException($e->getMessage(), $e);
  790. }
  791. $share->setExpirationDate($expireDate);
  792. }
  793. if ($password === '') {
  794. $share->setPassword(null);
  795. } else if ($password !== null) {
  796. $share->setPassword($password);
  797. }
  798. if ($label !== null) {
  799. $share->setLabel($label);
  800. }
  801. if ($sendPasswordByTalk === 'true') {
  802. if (!$this->appManager->isEnabledForUser('spreed')) {
  803. throw new OCSForbiddenException($this->l->t('Sharing sending the password by Nextcloud Talk failed because Nextcloud Talk is not enabled'));
  804. }
  805. $share->setSendPasswordByTalk(true);
  806. } else if ($sendPasswordByTalk !== null) {
  807. $share->setSendPasswordByTalk(false);
  808. }
  809. } else {
  810. if ($permissions !== null) {
  811. $permissions = (int)$permissions;
  812. $share->setPermissions($permissions);
  813. }
  814. if ($share->getShareType() === Share::SHARE_TYPE_EMAIL) {
  815. if ($password === '') {
  816. $share->setPassword(null);
  817. } else if ($password !== null) {
  818. $share->setPassword($password);
  819. }
  820. if ($sendPasswordByTalk === 'true') {
  821. if (!$this->appManager->isEnabledForUser('spreed')) {
  822. throw new OCSForbiddenException($this->l->t('Sharing sending the password by Nextcloud Talk failed because Nextcloud Talk is not enabled'));
  823. }
  824. $share->setSendPasswordByTalk(true);
  825. } else {
  826. $share->setSendPasswordByTalk(false);
  827. }
  828. }
  829. if ($expireDate === '') {
  830. $share->setExpirationDate(null);
  831. } else if ($expireDate !== null) {
  832. try {
  833. $expireDate = $this->parseDate($expireDate);
  834. } catch (\Exception $e) {
  835. throw new OCSBadRequestException($e->getMessage(), $e);
  836. }
  837. $share->setExpirationDate($expireDate);
  838. }
  839. }
  840. if ($permissions !== null && $share->getShareOwner() !== $this->currentUser) {
  841. /* Check if this is an incoming share */
  842. $incomingShares = $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_USER, $share->getNode(), -1, 0);
  843. $incomingShares = array_merge($incomingShares, $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_GROUP, $share->getNode(), -1, 0));
  844. $incomingShares = array_merge($incomingShares, $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_ROOM, $share->getNode(), -1, 0));
  845. /** @var \OCP\Share\IShare[] $incomingShares */
  846. if (!empty($incomingShares)) {
  847. $maxPermissions = 0;
  848. foreach ($incomingShares as $incomingShare) {
  849. $maxPermissions |= $incomingShare->getPermissions();
  850. }
  851. if ($share->getPermissions() & ~$maxPermissions) {
  852. throw new OCSNotFoundException($this->l->t('Cannot increase permissions'));
  853. }
  854. }
  855. }
  856. try {
  857. $share = $this->shareManager->updateShare($share);
  858. } catch (\Exception $e) {
  859. throw new OCSBadRequestException($e->getMessage(), $e);
  860. }
  861. return new DataResponse($this->formatShare($share));
  862. }
  863. /**
  864. * @suppress PhanUndeclaredClassMethod
  865. */
  866. protected function canAccessShare(\OCP\Share\IShare $share, bool $checkGroups = true): bool {
  867. // A file with permissions 0 can't be accessed by us. So Don't show it
  868. if ($share->getPermissions() === 0) {
  869. return false;
  870. }
  871. // Owner of the file and the sharer of the file can always get share
  872. if ($share->getShareOwner() === $this->currentUser ||
  873. $share->getSharedBy() === $this->currentUser
  874. ) {
  875. return true;
  876. }
  877. // If the share is shared with you (or a group you are a member of)
  878. if ($share->getShareType() === Share::SHARE_TYPE_USER &&
  879. $share->getSharedWith() === $this->currentUser
  880. ) {
  881. return true;
  882. }
  883. if ($checkGroups && $share->getShareType() === Share::SHARE_TYPE_GROUP) {
  884. $sharedWith = $this->groupManager->get($share->getSharedWith());
  885. $user = $this->userManager->get($this->currentUser);
  886. if ($user !== null && $sharedWith !== null && $sharedWith->inGroup($user)) {
  887. return true;
  888. }
  889. }
  890. if ($share->getShareType() === Share::SHARE_TYPE_CIRCLE) {
  891. // TODO: have a sanity check like above?
  892. return true;
  893. }
  894. if ($share->getShareType() === Share::SHARE_TYPE_ROOM) {
  895. try {
  896. return $this->getRoomShareHelper()->canAccessShare($share, $this->currentUser);
  897. } catch (QueryException $e) {
  898. return false;
  899. }
  900. }
  901. return false;
  902. }
  903. /**
  904. * Make sure that the passed date is valid ISO 8601
  905. * So YYYY-MM-DD
  906. * If not throw an exception
  907. *
  908. * @param string $expireDate
  909. *
  910. * @throws \Exception
  911. * @return \DateTime
  912. */
  913. private function parseDate(string $expireDate): \DateTime {
  914. try {
  915. $date = new \DateTime($expireDate);
  916. } catch (\Exception $e) {
  917. throw new \Exception('Invalid date. Format must be YYYY-MM-DD');
  918. }
  919. if ($date === false) {
  920. throw new \Exception('Invalid date. Format must be YYYY-MM-DD');
  921. }
  922. $date->setTime(0, 0, 0);
  923. return $date;
  924. }
  925. /**
  926. * Since we have multiple providers but the OCS Share API v1 does
  927. * not support this we need to check all backends.
  928. *
  929. * @param string $id
  930. * @return \OCP\Share\IShare
  931. * @throws ShareNotFound
  932. */
  933. private function getShareById(string $id): IShare {
  934. $share = null;
  935. // First check if it is an internal share.
  936. try {
  937. $share = $this->shareManager->getShareById('ocinternal:' . $id, $this->currentUser);
  938. return $share;
  939. } catch (ShareNotFound $e) {
  940. // Do nothing, just try the other share type
  941. }
  942. try {
  943. if ($this->shareManager->shareProviderExists(Share::SHARE_TYPE_CIRCLE)) {
  944. $share = $this->shareManager->getShareById('ocCircleShare:' . $id, $this->currentUser);
  945. return $share;
  946. }
  947. } catch (ShareNotFound $e) {
  948. // Do nothing, just try the other share type
  949. }
  950. try {
  951. if ($this->shareManager->shareProviderExists(Share::SHARE_TYPE_EMAIL)) {
  952. $share = $this->shareManager->getShareById('ocMailShare:' . $id, $this->currentUser);
  953. return $share;
  954. }
  955. } catch (ShareNotFound $e) {
  956. // Do nothing, just try the other share type
  957. }
  958. try {
  959. $share = $this->shareManager->getShareById('ocRoomShare:' . $id, $this->currentUser);
  960. return $share;
  961. } catch (ShareNotFound $e) {
  962. // Do nothing, just try the other share type
  963. }
  964. if (!$this->shareManager->outgoingServer2ServerSharesAllowed()) {
  965. throw new ShareNotFound();
  966. }
  967. $share = $this->shareManager->getShareById('ocFederatedSharing:' . $id, $this->currentUser);
  968. return $share;
  969. }
  970. /**
  971. * Lock a Node
  972. *
  973. * @param \OCP\Files\Node $node
  974. * @throws LockedException
  975. */
  976. private function lock(\OCP\Files\Node $node) {
  977. $node->lock(ILockingProvider::LOCK_SHARED);
  978. $this->lockedNode = $node;
  979. }
  980. /**
  981. * Cleanup the remaining locks
  982. * @throws @LockedException
  983. */
  984. public function cleanup() {
  985. if ($this->lockedNode !== null) {
  986. $this->lockedNode->unlock(ILockingProvider::LOCK_SHARED);
  987. }
  988. }
  989. /**
  990. * Returns the helper of ShareAPIController for room shares.
  991. *
  992. * If the Talk application is not enabled or the helper is not available
  993. * a QueryException is thrown instead.
  994. *
  995. * @return \OCA\Spreed\Share\Helper\ShareAPIController
  996. * @throws QueryException
  997. */
  998. private function getRoomShareHelper() {
  999. if (!$this->appManager->isEnabledForUser('spreed')) {
  1000. throw new QueryException();
  1001. }
  1002. return $this->serverContainer->query('\OCA\Spreed\Share\Helper\ShareAPIController');
  1003. }
  1004. /**
  1005. * Returns if we can find resharing rights in an IShare object for a specific user.
  1006. *
  1007. * @suppress PhanUndeclaredClassMethod
  1008. *
  1009. * @param string $userId
  1010. * @param IShare $share
  1011. * @param Node $node
  1012. * @return bool
  1013. * @throws NotFoundException
  1014. * @throws \OCP\Files\InvalidPathException
  1015. */
  1016. private function shareProviderResharingRights(string $userId, IShare $share, $node): bool {
  1017. if ($share->getShareOwner() === $userId) {
  1018. return true;
  1019. }
  1020. // we check that current user have parent resharing rights on the current file
  1021. if ($node !== null && ($node->getPermissions() & \OCP\Constants::PERMISSION_SHARE) !== 0) {
  1022. return true;
  1023. }
  1024. if ((\OCP\Constants::PERMISSION_SHARE & $share->getPermissions()) === 0) {
  1025. return false;
  1026. }
  1027. if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER && $share->getSharedWith() === $userId) {
  1028. return true;
  1029. }
  1030. if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP && $this->groupManager->isInGroup($userId, $share->getSharedWith())) {
  1031. return true;
  1032. }
  1033. if ($share->getShareType() === \OCP\Share::SHARE_TYPE_CIRCLE && \OC::$server->getAppManager()->isEnabledForUser('circles') &&
  1034. class_exists('\OCA\Circles\Api\v1\Circles')) {
  1035. $hasCircleId = (substr($share->getSharedWith(), -1) === ']');
  1036. $shareWithStart = ($hasCircleId ? strrpos($share->getSharedWith(), '[') + 1 : 0);
  1037. $shareWithLength = ($hasCircleId ? -1 : strpos($share->getSharedWith(), ' '));
  1038. if (is_bool($shareWithLength)) {
  1039. $shareWithLength = -1;
  1040. }
  1041. $sharedWith = substr($share->getSharedWith(), $shareWithStart, $shareWithLength);
  1042. try {
  1043. $member = \OCA\Circles\Api\v1\Circles::getMember($sharedWith, $userId, 1);
  1044. if ($member->getLevel() >= 4) {
  1045. return true;
  1046. }
  1047. return false;
  1048. } catch (QueryException $e) {
  1049. return false;
  1050. }
  1051. }
  1052. return false;
  1053. }
  1054. }