1
0

share.php 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332
  1. <?php
  2. /**
  3. * @author Arthur Schiwon <blizzz@owncloud.com>
  4. * @author Bart Visscher <bartv@thisnet.nl>
  5. * @author Björn Schießle <schiessle@owncloud.com>
  6. * @author dampfklon <me@dampfklon.de>
  7. * @author Jan-Christoph Borchardt <hey@jancborchardt.net>
  8. * @author Joas Schilling <nickvergessen@owncloud.com>
  9. * @author Jörn Friedrich Dreyer <jfd@butonic.de>
  10. * @author Lukas Reschke <lukas@owncloud.com>
  11. * @author Michael Gapczynski <GapczynskiM@gmail.com>
  12. * @author Morris Jobke <hey@morrisjobke.de>
  13. * @author Ramiro Aparicio <rapariciog@gmail.com>
  14. * @author Robin Appelman <icewind@owncloud.com>
  15. * @author Thomas Müller <thomas.mueller@tmit.eu>
  16. * @author Thomas Tanghus <thomas@tanghus.net>
  17. * @author Vincent Petry <pvince81@owncloud.com>
  18. *
  19. * @copyright Copyright (c) 2015, ownCloud, Inc.
  20. * @license AGPL-3.0
  21. *
  22. * This code is free software: you can redistribute it and/or modify
  23. * it under the terms of the GNU Affero General Public License, version 3,
  24. * as published by the Free Software Foundation.
  25. *
  26. * This program is distributed in the hope that it will be useful,
  27. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  28. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  29. * GNU Affero General Public License for more details.
  30. *
  31. * You should have received a copy of the GNU Affero General Public License, version 3,
  32. * along with this program. If not, see <http://www.gnu.org/licenses/>
  33. *
  34. */
  35. OC_JSON::checkLoggedIn();
  36. OCP\JSON::callCheck();
  37. $defaults = new \OCP\Defaults();
  38. if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSource'])) {
  39. switch ($_POST['action']) {
  40. case 'share':
  41. if (isset($_POST['shareType']) && isset($_POST['shareWith']) && isset($_POST['permissions'])) {
  42. try {
  43. $shareType = (int)$_POST['shareType'];
  44. $shareWith = $_POST['shareWith'];
  45. $itemSourceName = isset($_POST['itemSourceName']) ? (string)$_POST['itemSourceName'] : null;
  46. if ($shareType === OCP\Share::SHARE_TYPE_LINK && $shareWith == '') {
  47. $shareWith = null;
  48. }
  49. $itemSourceName=(isset($_POST['itemSourceName'])) ? (string)$_POST['itemSourceName']:'';
  50. $token = OCP\Share::shareItem(
  51. $_POST['itemType'],
  52. $_POST['itemSource'],
  53. $shareType,
  54. $shareWith,
  55. $_POST['permissions'],
  56. $itemSourceName,
  57. (!empty($_POST['expirationDate']) ? new \DateTime((string)$_POST['expirationDate']) : null)
  58. );
  59. if (is_string($token)) {
  60. OC_JSON::success(array('data' => array('token' => $token)));
  61. } else {
  62. OC_JSON::success();
  63. }
  64. } catch (Exception $exception) {
  65. OC_JSON::error(array('data' => array('message' => $exception->getMessage())));
  66. }
  67. }
  68. break;
  69. case 'unshare':
  70. if (isset($_POST['shareType']) && isset($_POST['shareWith'])) {
  71. if ((int)$_POST['shareType'] === OCP\Share::SHARE_TYPE_LINK && $_POST['shareWith'] == '') {
  72. $shareWith = null;
  73. } else {
  74. $shareWith = (string)$_POST['shareWith'];
  75. }
  76. $return = OCP\Share::unshare((string)$_POST['itemType'],(string) $_POST['itemSource'], (int)$_POST['shareType'], $shareWith);
  77. ($return) ? OC_JSON::success() : OC_JSON::error();
  78. }
  79. break;
  80. case 'setPermissions':
  81. if (isset($_POST['shareType']) && isset($_POST['shareWith']) && isset($_POST['permissions'])) {
  82. $return = OCP\Share::setPermissions(
  83. (string)$_POST['itemType'],
  84. (string)$_POST['itemSource'],
  85. (int)$_POST['shareType'],
  86. (string)$_POST['shareWith'],
  87. (int)$_POST['permissions']
  88. );
  89. ($return) ? OC_JSON::success() : OC_JSON::error();
  90. }
  91. break;
  92. case 'setExpirationDate':
  93. if (isset($_POST['date'])) {
  94. try {
  95. $return = OCP\Share::setExpirationDate((string)$_POST['itemType'], (string)$_POST['itemSource'], (string)$_POST['date']);
  96. ($return) ? OC_JSON::success() : OC_JSON::error();
  97. } catch (\Exception $e) {
  98. OC_JSON::error(array('data' => array('message' => $e->getMessage())));
  99. }
  100. }
  101. break;
  102. case 'informRecipients':
  103. $l = \OC::$server->getL10N('core');
  104. $shareType = (int) $_POST['shareType'];
  105. $itemType = (string)$_POST['itemType'];
  106. $itemSource = (string)$_POST['itemSource'];
  107. $recipient = (string)$_POST['recipient'];
  108. if($shareType === \OCP\Share::SHARE_TYPE_USER) {
  109. $recipientList[] = $recipient;
  110. } elseif ($shareType === \OCP\Share::SHARE_TYPE_GROUP) {
  111. $recipientList = \OC_Group::usersInGroup($recipient);
  112. }
  113. // don't send a mail to the user who shared the file
  114. $recipientList = array_diff($recipientList, array(\OCP\User::getUser()));
  115. $mailNotification = new OC\Share\MailNotifications();
  116. $result = $mailNotification->sendInternalShareMail($recipientList, $itemSource, $itemType);
  117. \OCP\Share::setSendMailStatus($itemType, $itemSource, $shareType, $recipient, true);
  118. if (empty($result)) {
  119. OCP\JSON::success();
  120. } else {
  121. OCP\JSON::error(array(
  122. 'data' => array(
  123. 'message' => $l->t("Couldn't send mail to following users: %s ",
  124. implode(', ', $result)
  125. )
  126. )
  127. ));
  128. }
  129. break;
  130. case 'informRecipientsDisabled':
  131. $itemSource = (string)$_POST['itemSource'];
  132. $shareType = (int)$_POST['shareType'];
  133. $itemType = (string)$_POST['itemType'];
  134. $recipient = (string)$_POST['recipient'];
  135. \OCP\Share::setSendMailStatus($itemType, $itemSource, $shareType, $recipient, false);
  136. OCP\JSON::success();
  137. break;
  138. case 'email':
  139. // read post variables
  140. $link = (string)$_POST['link'];
  141. $file = (string)$_POST['file'];
  142. $to_address = (string)$_POST['toaddress'];
  143. $mailNotification = new \OC\Share\MailNotifications();
  144. $expiration = null;
  145. if (isset($_POST['expiration']) && $_POST['expiration'] !== '') {
  146. try {
  147. $date = new DateTime((string)$_POST['expiration']);
  148. $expiration = $date->getTimestamp();
  149. } catch (Exception $e) {
  150. \OCP\Util::writeLog('sharing', "Couldn't read date: " . $e->getMessage(), \OCP\Util::ERROR);
  151. }
  152. }
  153. $result = $mailNotification->sendLinkShareMail($to_address, $file, $link, $expiration);
  154. if(empty($result)) {
  155. \OCP\JSON::success();
  156. } else {
  157. $l = \OC::$server->getL10N('core');
  158. OCP\JSON::error(array(
  159. 'data' => array(
  160. 'message' => $l->t("Couldn't send mail to following users: %s ",
  161. implode(', ', $result)
  162. )
  163. )
  164. ));
  165. }
  166. break;
  167. }
  168. } else if (isset($_GET['fetch'])) {
  169. switch ($_GET['fetch']) {
  170. case 'getItemsSharedStatuses':
  171. if (isset($_GET['itemType'])) {
  172. $return = OCP\Share::getItemsShared((string)$_GET['itemType'], OCP\Share::FORMAT_STATUSES);
  173. is_array($return) ? OC_JSON::success(array('data' => $return)) : OC_JSON::error();
  174. }
  175. break;
  176. case 'getItem':
  177. if (isset($_GET['itemType'])
  178. && isset($_GET['itemSource'])
  179. && isset($_GET['checkReshare'])
  180. && isset($_GET['checkShares'])) {
  181. if ($_GET['checkReshare'] == 'true') {
  182. $reshare = OCP\Share::getItemSharedWithBySource(
  183. (string)$_GET['itemType'],
  184. (string)$_GET['itemSource'],
  185. OCP\Share::FORMAT_NONE,
  186. null,
  187. true
  188. );
  189. } else {
  190. $reshare = false;
  191. }
  192. if ($_GET['checkShares'] == 'true') {
  193. $shares = OCP\Share::getItemShared(
  194. (string)$_GET['itemType'],
  195. (string)$_GET['itemSource'],
  196. OCP\Share::FORMAT_NONE,
  197. null,
  198. true
  199. );
  200. } else {
  201. $shares = false;
  202. }
  203. OC_JSON::success(array('data' => array('reshare' => $reshare, 'shares' => $shares)));
  204. }
  205. break;
  206. case 'getShareWithEmail':
  207. $result = array();
  208. if (isset($_GET['search'])) {
  209. $cm = OC::$server->getContactsManager();
  210. if (!is_null($cm) && $cm->isEnabled()) {
  211. $contacts = $cm->search((string)$_GET['search'], array('FN', 'EMAIL'));
  212. foreach ($contacts as $contact) {
  213. if (!isset($contact['EMAIL'])) {
  214. continue;
  215. }
  216. $emails = $contact['EMAIL'];
  217. if (!is_array($emails)) {
  218. $emails = array($emails);
  219. }
  220. foreach($emails as $email) {
  221. $result[] = array(
  222. 'id' => $contact['id'],
  223. 'email' => $email,
  224. 'displayname' => $contact['FN'],
  225. );
  226. }
  227. }
  228. }
  229. }
  230. OC_JSON::success(array('data' => $result));
  231. break;
  232. case 'getShareWith':
  233. if (isset($_GET['search'])) {
  234. $shareWithinGroupOnly = OC\Share\Share::shareWithGroupMembersOnly();
  235. $shareWith = array();
  236. $groups = OC_Group::getGroups((string)$_GET['search']);
  237. if ($shareWithinGroupOnly) {
  238. $usergroups = OC_Group::getUserGroups(OC_User::getUser());
  239. $groups = array_intersect($groups, $usergroups);
  240. }
  241. $count = 0;
  242. $users = array();
  243. $limit = 0;
  244. $offset = 0;
  245. while ($count < 15 && count($users) == $limit) {
  246. $limit = 15 - $count;
  247. if ($shareWithinGroupOnly) {
  248. $users = OC_Group::displayNamesInGroups($usergroups, (string)$_GET['search'], $limit, $offset);
  249. } else {
  250. $users = OC_User::getDisplayNames((string)$_GET['search'], $limit, $offset);
  251. }
  252. $offset += $limit;
  253. foreach ($users as $uid => $displayName) {
  254. if ((!isset($_GET['itemShares'])
  255. || !is_array((string)$_GET['itemShares'][OCP\Share::SHARE_TYPE_USER])
  256. || !in_array($uid, (string)$_GET['itemShares'][OCP\Share::SHARE_TYPE_USER]))
  257. && $uid != OC_User::getUser()) {
  258. $shareWith[] = array(
  259. 'label' => $displayName,
  260. 'value' => array(
  261. 'shareType' => OCP\Share::SHARE_TYPE_USER,
  262. 'shareWith' => $uid)
  263. );
  264. $count++;
  265. }
  266. }
  267. }
  268. $count = 0;
  269. // enable l10n support
  270. $l = \OC::$server->getL10N('core');
  271. foreach ($groups as $group) {
  272. if ($count < 15) {
  273. if (!isset($_GET['itemShares'])
  274. || !isset($_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])
  275. || !is_array((string)$_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])
  276. || !in_array($group, (string)$_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])) {
  277. $shareWith[] = array(
  278. 'label' => $group,
  279. 'value' => array(
  280. 'shareType' => OCP\Share::SHARE_TYPE_GROUP,
  281. 'shareWith' => $group
  282. )
  283. );
  284. $count++;
  285. }
  286. } else {
  287. break;
  288. }
  289. }
  290. // allow user to add unknown remote addresses for server-to-server share
  291. $backend = \OCP\Share::getBackend((string)$_GET['itemType']);
  292. if ($backend->isShareTypeAllowed(\OCP\Share::SHARE_TYPE_REMOTE)) {
  293. if (substr_count((string)$_GET['search'], '@') === 1) {
  294. $shareWith[] = array(
  295. 'label' => (string)$_GET['search'],
  296. 'value' => array(
  297. 'shareType' => \OCP\Share::SHARE_TYPE_REMOTE,
  298. 'shareWith' => (string)$_GET['search']
  299. )
  300. );
  301. }
  302. }
  303. $sorter = new \OC\Share\SearchResultSorter((string)$_GET['search'],
  304. 'label',
  305. new \OC\Log());
  306. usort($shareWith, array($sorter, 'sort'));
  307. OC_JSON::success(array('data' => $shareWith));
  308. }
  309. break;
  310. }
  311. }