1
0

Manager.php 58 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  5. * SPDX-License-Identifier: AGPL-3.0-only
  6. */
  7. namespace OC\Share20;
  8. use OC\Files\Mount\MoveableMount;
  9. use OC\KnownUser\KnownUserService;
  10. use OC\Share20\Exception\ProviderException;
  11. use OCA\Files_Sharing\AppInfo\Application;
  12. use OCP\EventDispatcher\IEventDispatcher;
  13. use OCP\Files\File;
  14. use OCP\Files\Folder;
  15. use OCP\Files\IRootFolder;
  16. use OCP\Files\Mount\IMountManager;
  17. use OCP\Files\Node;
  18. use OCP\HintException;
  19. use OCP\IConfig;
  20. use OCP\IDateTimeZone;
  21. use OCP\IGroupManager;
  22. use OCP\IL10N;
  23. use OCP\IURLGenerator;
  24. use OCP\IUser;
  25. use OCP\IUserManager;
  26. use OCP\IUserSession;
  27. use OCP\L10N\IFactory;
  28. use OCP\Mail\IMailer;
  29. use OCP\Security\Events\ValidatePasswordPolicyEvent;
  30. use OCP\Security\IHasher;
  31. use OCP\Security\ISecureRandom;
  32. use OCP\Share;
  33. use OCP\Share\Events\BeforeShareDeletedEvent;
  34. use OCP\Share\Events\ShareAcceptedEvent;
  35. use OCP\Share\Events\ShareCreatedEvent;
  36. use OCP\Share\Events\ShareDeletedEvent;
  37. use OCP\Share\Events\ShareDeletedFromSelfEvent;
  38. use OCP\Share\Exceptions\AlreadySharedException;
  39. use OCP\Share\Exceptions\GenericShareException;
  40. use OCP\Share\Exceptions\ShareNotFound;
  41. use OCP\Share\IManager;
  42. use OCP\Share\IProviderFactory;
  43. use OCP\Share\IShare;
  44. use OCP\Share\IShareProvider;
  45. use OCP\Share\IShareProviderSupportsAccept;
  46. use OCP\Share\IShareProviderWithNotification;
  47. use Psr\Log\LoggerInterface;
  48. /**
  49. * This class is the communication hub for all sharing related operations.
  50. */
  51. class Manager implements IManager {
  52. private IL10N|null $l;
  53. private LegacyHooks $legacyHooks;
  54. public function __construct(
  55. private LoggerInterface $logger,
  56. private IConfig $config,
  57. private ISecureRandom $secureRandom,
  58. private IHasher $hasher,
  59. private IMountManager $mountManager,
  60. private IGroupManager $groupManager,
  61. private IFactory $l10nFactory,
  62. private IProviderFactory $factory,
  63. private IUserManager $userManager,
  64. private IRootFolder $rootFolder,
  65. private IMailer $mailer,
  66. private IURLGenerator $urlGenerator,
  67. private \OC_Defaults $defaults,
  68. private IEventDispatcher $dispatcher,
  69. private IUserSession $userSession,
  70. private KnownUserService $knownUserService,
  71. private ShareDisableChecker $shareDisableChecker,
  72. private IDateTimeZone $dateTimeZone
  73. ) {
  74. $this->l = $this->l10nFactory->get('lib');
  75. // The constructor of LegacyHooks registers the listeners of share events
  76. // do not remove if those are not properly migrated
  77. $this->legacyHooks = new LegacyHooks($this->dispatcher);
  78. }
  79. /**
  80. * Convert from a full share id to a tuple (providerId, shareId)
  81. *
  82. * @param string $id
  83. * @return string[]
  84. */
  85. private function splitFullId($id) {
  86. return explode(':', $id, 2);
  87. }
  88. /**
  89. * Verify if a password meets all requirements
  90. *
  91. * @param string $password
  92. * @throws \Exception
  93. */
  94. protected function verifyPassword($password) {
  95. if ($password === null) {
  96. // No password is set, check if this is allowed.
  97. if ($this->shareApiLinkEnforcePassword()) {
  98. throw new \InvalidArgumentException('Passwords are enforced for link and mail shares');
  99. }
  100. return;
  101. }
  102. // Let others verify the password
  103. try {
  104. $this->dispatcher->dispatchTyped(new ValidatePasswordPolicyEvent($password));
  105. } catch (HintException $e) {
  106. throw new \Exception($e->getHint());
  107. }
  108. }
  109. /**
  110. * Check for generic requirements before creating a share
  111. *
  112. * @param IShare $share
  113. * @throws \InvalidArgumentException
  114. * @throws GenericShareException
  115. *
  116. * @suppress PhanUndeclaredClassMethod
  117. */
  118. protected function generalCreateChecks(IShare $share, bool $isUpdate = false) {
  119. if ($share->getShareType() === IShare::TYPE_USER) {
  120. // We expect a valid user as sharedWith for user shares
  121. if (!$this->userManager->userExists($share->getSharedWith())) {
  122. throw new \InvalidArgumentException('SharedWith is not a valid user');
  123. }
  124. } elseif ($share->getShareType() === IShare::TYPE_GROUP) {
  125. // We expect a valid group as sharedWith for group shares
  126. if (!$this->groupManager->groupExists($share->getSharedWith())) {
  127. throw new \InvalidArgumentException('SharedWith is not a valid group');
  128. }
  129. } elseif ($share->getShareType() === IShare::TYPE_LINK) {
  130. // No check for TYPE_EMAIL here as we have a recipient for them
  131. if ($share->getSharedWith() !== null) {
  132. throw new \InvalidArgumentException('SharedWith should be empty');
  133. }
  134. } elseif ($share->getShareType() === IShare::TYPE_EMAIL) {
  135. if ($share->getSharedWith() === null) {
  136. throw new \InvalidArgumentException('SharedWith should not be empty');
  137. }
  138. } elseif ($share->getShareType() === IShare::TYPE_REMOTE) {
  139. if ($share->getSharedWith() === null) {
  140. throw new \InvalidArgumentException('SharedWith should not be empty');
  141. }
  142. } elseif ($share->getShareType() === IShare::TYPE_REMOTE_GROUP) {
  143. if ($share->getSharedWith() === null) {
  144. throw new \InvalidArgumentException('SharedWith should not be empty');
  145. }
  146. } elseif ($share->getShareType() === IShare::TYPE_CIRCLE) {
  147. $circle = \OCA\Circles\Api\v1\Circles::detailsCircle($share->getSharedWith());
  148. if ($circle === null) {
  149. throw new \InvalidArgumentException('SharedWith is not a valid circle');
  150. }
  151. } elseif ($share->getShareType() === IShare::TYPE_ROOM) {
  152. } elseif ($share->getShareType() === IShare::TYPE_DECK) {
  153. } elseif ($share->getShareType() === IShare::TYPE_SCIENCEMESH) {
  154. } else {
  155. // We cannot handle other types yet
  156. throw new \InvalidArgumentException('unknown share type');
  157. }
  158. // Verify the initiator of the share is set
  159. if ($share->getSharedBy() === null) {
  160. throw new \InvalidArgumentException('SharedBy should be set');
  161. }
  162. // Cannot share with yourself
  163. if ($share->getShareType() === IShare::TYPE_USER &&
  164. $share->getSharedWith() === $share->getSharedBy()) {
  165. throw new \InvalidArgumentException('Cannot share with yourself');
  166. }
  167. // The path should be set
  168. if ($share->getNode() === null) {
  169. throw new \InvalidArgumentException('Path should be set');
  170. }
  171. // And it should be a file or a folder
  172. if (!($share->getNode() instanceof \OCP\Files\File) &&
  173. !($share->getNode() instanceof \OCP\Files\Folder)) {
  174. throw new \InvalidArgumentException('Path should be either a file or a folder');
  175. }
  176. // And you cannot share your rootfolder
  177. if ($this->userManager->userExists($share->getSharedBy())) {
  178. $userFolder = $this->rootFolder->getUserFolder($share->getSharedBy());
  179. } else {
  180. $userFolder = $this->rootFolder->getUserFolder($share->getShareOwner());
  181. }
  182. if ($userFolder->getId() === $share->getNode()->getId()) {
  183. throw new \InvalidArgumentException('You cannot share your root folder');
  184. }
  185. // Check if we actually have share permissions
  186. if (!$share->getNode()->isShareable()) {
  187. $message_t = $this->l->t('You are not allowed to share %s', [$share->getNode()->getName()]);
  188. throw new GenericShareException($message_t, $message_t, 404);
  189. }
  190. // Permissions should be set
  191. if ($share->getPermissions() === null) {
  192. throw new \InvalidArgumentException('A share requires permissions');
  193. }
  194. $permissions = 0;
  195. $nodesForUser = $userFolder->getById($share->getNodeId());
  196. foreach ($nodesForUser as $node) {
  197. if ($node->getInternalPath() === '' && !$node->getMountPoint() instanceof MoveableMount) {
  198. // for the root of non-movable mount, the permissions we see if limited by the mount itself,
  199. // so we instead use the "raw" permissions from the storage
  200. $permissions |= $node->getStorage()->getPermissions('');
  201. } else {
  202. $permissions |= $node->getPermissions();
  203. }
  204. }
  205. // Check that we do not share with more permissions than we have
  206. if ($share->getPermissions() & ~$permissions) {
  207. $path = $userFolder->getRelativePath($share->getNode()->getPath());
  208. $message_t = $this->l->t('Cannot increase permissions of %s', [$path]);
  209. throw new GenericShareException($message_t, $message_t, 404);
  210. }
  211. // Check that read permissions are always set
  212. // Link shares are allowed to have no read permissions to allow upload to hidden folders
  213. $noReadPermissionRequired = $share->getShareType() === IShare::TYPE_LINK
  214. || $share->getShareType() === IShare::TYPE_EMAIL;
  215. if (!$noReadPermissionRequired &&
  216. ($share->getPermissions() & \OCP\Constants::PERMISSION_READ) === 0) {
  217. throw new \InvalidArgumentException('Shares need at least read permissions');
  218. }
  219. if ($share->getNode() instanceof \OCP\Files\File) {
  220. if ($share->getPermissions() & \OCP\Constants::PERMISSION_DELETE) {
  221. $message_t = $this->l->t('Files cannot be shared with delete permissions');
  222. throw new GenericShareException($message_t);
  223. }
  224. if ($share->getPermissions() & \OCP\Constants::PERMISSION_CREATE) {
  225. $message_t = $this->l->t('Files cannot be shared with create permissions');
  226. throw new GenericShareException($message_t);
  227. }
  228. }
  229. }
  230. /**
  231. * Validate if the expiration date fits the system settings
  232. *
  233. * @param IShare $share The share to validate the expiration date of
  234. * @return IShare The modified share object
  235. * @throws GenericShareException
  236. * @throws \InvalidArgumentException
  237. * @throws \Exception
  238. */
  239. protected function validateExpirationDateInternal(IShare $share) {
  240. $isRemote = $share->getShareType() === IShare::TYPE_REMOTE || $share->getShareType() === IShare::TYPE_REMOTE_GROUP;
  241. $expirationDate = $share->getExpirationDate();
  242. if ($isRemote) {
  243. $defaultExpireDate = $this->shareApiRemoteDefaultExpireDate();
  244. $defaultExpireDays = $this->shareApiRemoteDefaultExpireDays();
  245. $configProp = 'remote_defaultExpDays';
  246. $isEnforced = $this->shareApiRemoteDefaultExpireDateEnforced();
  247. } else {
  248. $defaultExpireDate = $this->shareApiInternalDefaultExpireDate();
  249. $defaultExpireDays = $this->shareApiInternalDefaultExpireDays();
  250. $configProp = 'internal_defaultExpDays';
  251. $isEnforced = $this->shareApiInternalDefaultExpireDateEnforced();
  252. }
  253. // If $expirationDate is falsy, noExpirationDate is true and expiration not enforced
  254. // Then skip expiration date validation as null is accepted
  255. if(!$share->getNoExpirationDate() || $isEnforced) {
  256. if ($expirationDate !== null) {
  257. $expirationDate->setTimezone($this->dateTimeZone->getTimeZone());
  258. $expirationDate->setTime(0, 0, 0);
  259. $date = new \DateTime('now', $this->dateTimeZone->getTimeZone());
  260. $date->setTime(0, 0, 0);
  261. if ($date >= $expirationDate) {
  262. $message = $this->l->t('Expiration date is in the past');
  263. throw new GenericShareException($message, $message, 404);
  264. }
  265. }
  266. // If expiredate is empty set a default one if there is a default
  267. $fullId = null;
  268. try {
  269. $fullId = $share->getFullId();
  270. } catch (\UnexpectedValueException $e) {
  271. // This is a new share
  272. }
  273. if ($fullId === null && $expirationDate === null && $defaultExpireDate) {
  274. $expirationDate = new \DateTime('now', $this->dateTimeZone->getTimeZone());
  275. $expirationDate->setTime(0, 0, 0);
  276. $days = (int)$this->config->getAppValue('core', $configProp, (string)$defaultExpireDays);
  277. if ($days > $defaultExpireDays) {
  278. $days = $defaultExpireDays;
  279. }
  280. $expirationDate->add(new \DateInterval('P' . $days . 'D'));
  281. }
  282. // If we enforce the expiration date check that is does not exceed
  283. if ($isEnforced) {
  284. if (empty($expirationDate)) {
  285. throw new \InvalidArgumentException('Expiration date is enforced');
  286. }
  287. $date = new \DateTime('now', $this->dateTimeZone->getTimeZone());
  288. $date->setTime(0, 0, 0);
  289. $date->add(new \DateInterval('P' . $defaultExpireDays . 'D'));
  290. if ($date < $expirationDate) {
  291. $message = $this->l->n('Cannot set expiration date more than %n day in the future', 'Cannot set expiration date more than %n days in the future', $defaultExpireDays);
  292. throw new GenericShareException($message, $message, 404);
  293. }
  294. }
  295. }
  296. $accepted = true;
  297. $message = '';
  298. \OCP\Util::emitHook('\OC\Share', 'verifyExpirationDate', [
  299. 'expirationDate' => &$expirationDate,
  300. 'accepted' => &$accepted,
  301. 'message' => &$message,
  302. 'passwordSet' => $share->getPassword() !== null,
  303. ]);
  304. if (!$accepted) {
  305. throw new \Exception($message);
  306. }
  307. $share->setExpirationDate($expirationDate);
  308. return $share;
  309. }
  310. /**
  311. * Validate if the expiration date fits the system settings
  312. *
  313. * @param IShare $share The share to validate the expiration date of
  314. * @return IShare The modified share object
  315. * @throws GenericShareException
  316. * @throws \InvalidArgumentException
  317. * @throws \Exception
  318. */
  319. protected function validateExpirationDateLink(IShare $share) {
  320. $expirationDate = $share->getExpirationDate();
  321. $isEnforced = $this->shareApiLinkDefaultExpireDateEnforced();
  322. // If $expirationDate is falsy, noExpirationDate is true and expiration not enforced
  323. // Then skip expiration date validation as null is accepted
  324. if(!($share->getNoExpirationDate() && !$isEnforced)) {
  325. if ($expirationDate !== null) {
  326. $expirationDate->setTimezone($this->dateTimeZone->getTimeZone());
  327. $expirationDate->setTime(0, 0, 0);
  328. $date = new \DateTime('now', $this->dateTimeZone->getTimeZone());
  329. $date->setTime(0, 0, 0);
  330. if ($date >= $expirationDate) {
  331. $message = $this->l->t('Expiration date is in the past');
  332. throw new GenericShareException($message, $message, 404);
  333. }
  334. }
  335. // If expiredate is empty set a default one if there is a default
  336. $fullId = null;
  337. try {
  338. $fullId = $share->getFullId();
  339. } catch (\UnexpectedValueException $e) {
  340. // This is a new share
  341. }
  342. if ($fullId === null && $expirationDate === null && $this->shareApiLinkDefaultExpireDate()) {
  343. $expirationDate = new \DateTime('now', $this->dateTimeZone->getTimeZone());
  344. $expirationDate->setTime(0, 0, 0);
  345. $days = (int)$this->config->getAppValue('core', 'link_defaultExpDays', (string)$this->shareApiLinkDefaultExpireDays());
  346. if ($days > $this->shareApiLinkDefaultExpireDays()) {
  347. $days = $this->shareApiLinkDefaultExpireDays();
  348. }
  349. $expirationDate->add(new \DateInterval('P' . $days . 'D'));
  350. }
  351. // If we enforce the expiration date check that is does not exceed
  352. if ($isEnforced) {
  353. if (empty($expirationDate)) {
  354. throw new \InvalidArgumentException('Expiration date is enforced');
  355. }
  356. $date = new \DateTime('now', $this->dateTimeZone->getTimeZone());
  357. $date->setTime(0, 0, 0);
  358. $date->add(new \DateInterval('P' . $this->shareApiLinkDefaultExpireDays() . 'D'));
  359. if ($date < $expirationDate) {
  360. $message = $this->l->n('Cannot set expiration date more than %n day in the future', 'Cannot set expiration date more than %n days in the future', $this->shareApiLinkDefaultExpireDays());
  361. throw new GenericShareException($message, $message, 404);
  362. }
  363. }
  364. }
  365. $accepted = true;
  366. $message = '';
  367. \OCP\Util::emitHook('\OC\Share', 'verifyExpirationDate', [
  368. 'expirationDate' => &$expirationDate,
  369. 'accepted' => &$accepted,
  370. 'message' => &$message,
  371. 'passwordSet' => $share->getPassword() !== null,
  372. ]);
  373. if (!$accepted) {
  374. throw new \Exception($message);
  375. }
  376. $share->setExpirationDate($expirationDate);
  377. return $share;
  378. }
  379. /**
  380. * Check for pre share requirements for user shares
  381. *
  382. * @param IShare $share
  383. * @throws \Exception
  384. */
  385. protected function userCreateChecks(IShare $share) {
  386. // Check if we can share with group members only
  387. if ($this->shareWithGroupMembersOnly()) {
  388. $sharedBy = $this->userManager->get($share->getSharedBy());
  389. $sharedWith = $this->userManager->get($share->getSharedWith());
  390. // Verify we can share with this user
  391. $groups = array_intersect(
  392. $this->groupManager->getUserGroupIds($sharedBy),
  393. $this->groupManager->getUserGroupIds($sharedWith)
  394. );
  395. // optional excluded groups
  396. $excludedGroups = $this->shareWithGroupMembersOnlyExcludeGroupsList();
  397. $groups = array_diff($groups, $excludedGroups);
  398. if (empty($groups)) {
  399. $message_t = $this->l->t('Sharing is only allowed with group members');
  400. throw new \Exception($message_t);
  401. }
  402. }
  403. /*
  404. * TODO: Could be costly, fix
  405. *
  406. * Also this is not what we want in the future.. then we want to squash identical shares.
  407. */
  408. $provider = $this->factory->getProviderForType(IShare::TYPE_USER);
  409. $existingShares = $provider->getSharesByPath($share->getNode());
  410. foreach ($existingShares as $existingShare) {
  411. // Ignore if it is the same share
  412. try {
  413. if ($existingShare->getFullId() === $share->getFullId()) {
  414. continue;
  415. }
  416. } catch (\UnexpectedValueException $e) {
  417. //Shares are not identical
  418. }
  419. // Identical share already exists
  420. if ($existingShare->getSharedWith() === $share->getSharedWith() && $existingShare->getShareType() === $share->getShareType()) {
  421. $message = $this->l->t('Sharing %s failed, because this item is already shared with the account %s', [$share->getNode()->getName(), $share->getSharedWithDisplayName()]);
  422. throw new AlreadySharedException($message, $existingShare);
  423. }
  424. // The share is already shared with this user via a group share
  425. if ($existingShare->getShareType() === IShare::TYPE_GROUP) {
  426. $group = $this->groupManager->get($existingShare->getSharedWith());
  427. if (!is_null($group)) {
  428. $user = $this->userManager->get($share->getSharedWith());
  429. if ($group->inGroup($user) && $existingShare->getShareOwner() !== $share->getShareOwner()) {
  430. $message = $this->l->t('Sharing %s failed, because this item is already shared with the account %s', [$share->getNode()->getName(), $share->getSharedWithDisplayName()]);
  431. throw new AlreadySharedException($message, $existingShare);
  432. }
  433. }
  434. }
  435. }
  436. }
  437. /**
  438. * Check for pre share requirements for group shares
  439. *
  440. * @param IShare $share
  441. * @throws \Exception
  442. */
  443. protected function groupCreateChecks(IShare $share) {
  444. // Verify group shares are allowed
  445. if (!$this->allowGroupSharing()) {
  446. throw new \Exception('Group sharing is now allowed');
  447. }
  448. // Verify if the user can share with this group
  449. if ($this->shareWithGroupMembersOnly()) {
  450. $sharedBy = $this->userManager->get($share->getSharedBy());
  451. $sharedWith = $this->groupManager->get($share->getSharedWith());
  452. // optional excluded groups
  453. $excludedGroups = $this->shareWithGroupMembersOnlyExcludeGroupsList();
  454. if (is_null($sharedWith) || in_array($share->getSharedWith(), $excludedGroups) || !$sharedWith->inGroup($sharedBy)) {
  455. throw new \Exception('Sharing is only allowed within your own groups');
  456. }
  457. }
  458. /*
  459. * TODO: Could be costly, fix
  460. *
  461. * Also this is not what we want in the future.. then we want to squash identical shares.
  462. */
  463. $provider = $this->factory->getProviderForType(IShare::TYPE_GROUP);
  464. $existingShares = $provider->getSharesByPath($share->getNode());
  465. foreach ($existingShares as $existingShare) {
  466. try {
  467. if ($existingShare->getFullId() === $share->getFullId()) {
  468. continue;
  469. }
  470. } catch (\UnexpectedValueException $e) {
  471. //It is a new share so just continue
  472. }
  473. if ($existingShare->getSharedWith() === $share->getSharedWith() && $existingShare->getShareType() === $share->getShareType()) {
  474. throw new AlreadySharedException('Path is already shared with this group', $existingShare);
  475. }
  476. }
  477. }
  478. /**
  479. * Check for pre share requirements for link shares
  480. *
  481. * @param IShare $share
  482. * @throws \Exception
  483. */
  484. protected function linkCreateChecks(IShare $share) {
  485. // Are link shares allowed?
  486. if (!$this->shareApiAllowLinks()) {
  487. throw new \Exception('Link sharing is not allowed');
  488. }
  489. // Check if public upload is allowed
  490. if ($share->getNodeType() === 'folder' && !$this->shareApiLinkAllowPublicUpload() &&
  491. ($share->getPermissions() & (\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE))) {
  492. throw new \InvalidArgumentException('Public upload is not allowed');
  493. }
  494. }
  495. /**
  496. * To make sure we don't get invisible link shares we set the parent
  497. * of a link if it is a reshare. This is a quick word around
  498. * until we can properly display multiple link shares in the UI
  499. *
  500. * See: https://github.com/owncloud/core/issues/22295
  501. *
  502. * FIXME: Remove once multiple link shares can be properly displayed
  503. *
  504. * @param IShare $share
  505. */
  506. protected function setLinkParent(IShare $share) {
  507. // No sense in checking if the method is not there.
  508. if (method_exists($share, 'setParent')) {
  509. $storage = $share->getNode()->getStorage();
  510. if ($storage->instanceOfStorage('\OCA\Files_Sharing\ISharedStorage')) {
  511. /** @var \OCA\Files_Sharing\SharedStorage $storage */
  512. $share->setParent($storage->getShareId());
  513. }
  514. }
  515. }
  516. /**
  517. * @param File|Folder $path
  518. */
  519. protected function pathCreateChecks($path) {
  520. // Make sure that we do not share a path that contains a shared mountpoint
  521. if ($path instanceof \OCP\Files\Folder) {
  522. $mounts = $this->mountManager->findIn($path->getPath());
  523. foreach ($mounts as $mount) {
  524. if ($mount->getStorage()->instanceOfStorage('\OCA\Files_Sharing\ISharedStorage')) {
  525. throw new \InvalidArgumentException('Path contains files shared with you');
  526. }
  527. }
  528. }
  529. }
  530. /**
  531. * Check if the user that is sharing can actually share
  532. *
  533. * @param IShare $share
  534. * @throws \Exception
  535. */
  536. protected function canShare(IShare $share) {
  537. if (!$this->shareApiEnabled()) {
  538. throw new \Exception('Sharing is disabled');
  539. }
  540. if ($this->sharingDisabledForUser($share->getSharedBy())) {
  541. throw new \Exception('Sharing is disabled for you');
  542. }
  543. }
  544. /**
  545. * Share a path
  546. *
  547. * @param IShare $share
  548. * @return IShare The share object
  549. * @throws \Exception
  550. *
  551. * TODO: handle link share permissions or check them
  552. */
  553. public function createShare(IShare $share) {
  554. $this->canShare($share);
  555. $this->generalCreateChecks($share);
  556. // Verify if there are any issues with the path
  557. $this->pathCreateChecks($share->getNode());
  558. /*
  559. * On creation of a share the owner is always the owner of the path
  560. * Except for mounted federated shares.
  561. */
  562. $storage = $share->getNode()->getStorage();
  563. if ($storage->instanceOfStorage('OCA\Files_Sharing\External\Storage')) {
  564. $parent = $share->getNode()->getParent();
  565. while ($parent->getStorage()->instanceOfStorage('OCA\Files_Sharing\External\Storage')) {
  566. $parent = $parent->getParent();
  567. }
  568. $share->setShareOwner($parent->getOwner()->getUID());
  569. } else {
  570. if ($share->getNode()->getOwner()) {
  571. $share->setShareOwner($share->getNode()->getOwner()->getUID());
  572. } else {
  573. $share->setShareOwner($share->getSharedBy());
  574. }
  575. }
  576. try {
  577. // Verify share type
  578. if ($share->getShareType() === IShare::TYPE_USER) {
  579. $this->userCreateChecks($share);
  580. // Verify the expiration date
  581. $share = $this->validateExpirationDateInternal($share);
  582. } elseif ($share->getShareType() === IShare::TYPE_GROUP) {
  583. $this->groupCreateChecks($share);
  584. // Verify the expiration date
  585. $share = $this->validateExpirationDateInternal($share);
  586. } elseif ($share->getShareType() === IShare::TYPE_REMOTE || $share->getShareType() === IShare::TYPE_REMOTE_GROUP) {
  587. // Verify the expiration date
  588. $share = $this->validateExpirationDateInternal($share);
  589. } elseif ($share->getShareType() === IShare::TYPE_LINK
  590. || $share->getShareType() === IShare::TYPE_EMAIL) {
  591. $this->linkCreateChecks($share);
  592. $this->setLinkParent($share);
  593. // For now ignore a set token.
  594. $share->setToken(
  595. $this->secureRandom->generate(
  596. \OC\Share\Constants::TOKEN_LENGTH,
  597. \OCP\Security\ISecureRandom::CHAR_HUMAN_READABLE
  598. )
  599. );
  600. // Verify the expiration date
  601. $share = $this->validateExpirationDateLink($share);
  602. // Verify the password
  603. $this->verifyPassword($share->getPassword());
  604. // If a password is set. Hash it!
  605. if ($share->getShareType() === IShare::TYPE_LINK
  606. && $share->getPassword() !== null) {
  607. $share->setPassword($this->hasher->hash($share->getPassword()));
  608. }
  609. }
  610. // Cannot share with the owner
  611. if ($share->getShareType() === IShare::TYPE_USER &&
  612. $share->getSharedWith() === $share->getShareOwner()) {
  613. throw new \InvalidArgumentException('Cannot share with the share owner');
  614. }
  615. // Generate the target
  616. $defaultShareFolder = $this->config->getSystemValue('share_folder', '/');
  617. $allowCustomShareFolder = $this->config->getSystemValueBool('sharing.allow_custom_share_folder', true);
  618. if ($allowCustomShareFolder) {
  619. $shareFolder = $this->config->getUserValue($share->getSharedWith(), Application::APP_ID, 'share_folder', $defaultShareFolder);
  620. } else {
  621. $shareFolder = $defaultShareFolder;
  622. }
  623. $target = $shareFolder . '/' . $share->getNode()->getName();
  624. $target = \OC\Files\Filesystem::normalizePath($target);
  625. $share->setTarget($target);
  626. // Pre share event
  627. $event = new Share\Events\BeforeShareCreatedEvent($share);
  628. $this->dispatcher->dispatchTyped($event);
  629. if ($event->isPropagationStopped() && $event->getError()) {
  630. throw new \Exception($event->getError());
  631. }
  632. $oldShare = $share;
  633. $provider = $this->factory->getProviderForType($share->getShareType());
  634. $share = $provider->create($share);
  635. // Reuse the node we already have
  636. $share->setNode($oldShare->getNode());
  637. // Reset the target if it is null for the new share
  638. if ($share->getTarget() === '') {
  639. $share->setTarget($target);
  640. }
  641. } catch (AlreadySharedException $e) {
  642. // if a share for the same target already exists, dont create a new one, but do trigger the hooks and notifications again
  643. $oldShare = $share;
  644. // Reuse the node we already have
  645. $share = $e->getExistingShare();
  646. $share->setNode($oldShare->getNode());
  647. }
  648. // Post share event
  649. $this->dispatcher->dispatchTyped(new ShareCreatedEvent($share));
  650. // Send email if needed
  651. if ($this->config->getSystemValueBool('sharing.enable_share_mail', true)) {
  652. if ($share->getMailSend()) {
  653. $provider = $this->factory->getProviderForType($share->getShareType());
  654. if ($provider instanceof IShareProviderWithNotification) {
  655. $provider->sendMailNotification($share);
  656. } else {
  657. $this->logger->debug('Share notification not sent because the provider does not support it.', ['app' => 'share']);
  658. }
  659. } else {
  660. $this->logger->debug('Share notification not sent because mailsend is false.', ['app' => 'share']);
  661. }
  662. } else {
  663. $this->logger->debug('Share notification not sent because sharing notification emails is disabled.', ['app' => 'share']);
  664. }
  665. return $share;
  666. }
  667. /**
  668. * Update a share
  669. *
  670. * @param IShare $share
  671. * @return IShare The share object
  672. * @throws \InvalidArgumentException
  673. */
  674. public function updateShare(IShare $share) {
  675. $expirationDateUpdated = false;
  676. $this->canShare($share);
  677. try {
  678. $originalShare = $this->getShareById($share->getFullId());
  679. } catch (\UnexpectedValueException $e) {
  680. throw new \InvalidArgumentException('Share does not have a full id');
  681. }
  682. // We cannot change the share type!
  683. if ($share->getShareType() !== $originalShare->getShareType()) {
  684. throw new \InvalidArgumentException('Cannot change share type');
  685. }
  686. // We can only change the recipient on user shares
  687. if ($share->getSharedWith() !== $originalShare->getSharedWith() &&
  688. $share->getShareType() !== IShare::TYPE_USER) {
  689. throw new \InvalidArgumentException('Can only update recipient on user shares');
  690. }
  691. // Cannot share with the owner
  692. if ($share->getShareType() === IShare::TYPE_USER &&
  693. $share->getSharedWith() === $share->getShareOwner()) {
  694. throw new \InvalidArgumentException('Cannot share with the share owner');
  695. }
  696. $this->generalCreateChecks($share, true);
  697. if ($share->getShareType() === IShare::TYPE_USER) {
  698. $this->userCreateChecks($share);
  699. if ($share->getExpirationDate() != $originalShare->getExpirationDate()) {
  700. //Verify the expiration date
  701. $this->validateExpirationDateInternal($share);
  702. $expirationDateUpdated = true;
  703. }
  704. } elseif ($share->getShareType() === IShare::TYPE_GROUP) {
  705. $this->groupCreateChecks($share);
  706. if ($share->getExpirationDate() != $originalShare->getExpirationDate()) {
  707. //Verify the expiration date
  708. $this->validateExpirationDateInternal($share);
  709. $expirationDateUpdated = true;
  710. }
  711. } elseif ($share->getShareType() === IShare::TYPE_LINK
  712. || $share->getShareType() === IShare::TYPE_EMAIL) {
  713. $this->linkCreateChecks($share);
  714. // The new password is not set again if it is the same as the old
  715. // one, unless when switching from sending by Talk to sending by
  716. // mail.
  717. $plainTextPassword = $share->getPassword();
  718. $updatedPassword = $this->updateSharePasswordIfNeeded($share, $originalShare);
  719. /**
  720. * Cannot enable the getSendPasswordByTalk if there is no password set
  721. */
  722. if (empty($plainTextPassword) && $share->getSendPasswordByTalk()) {
  723. throw new \InvalidArgumentException('Cannot enable sending the password by Talk with an empty password');
  724. }
  725. /**
  726. * If we're in a mail share, we need to force a password change
  727. * as either the user is not aware of the password or is already (received by mail)
  728. * Thus the SendPasswordByTalk feature would not make sense
  729. */
  730. if (!$updatedPassword && $share->getShareType() === IShare::TYPE_EMAIL) {
  731. if (!$originalShare->getSendPasswordByTalk() && $share->getSendPasswordByTalk()) {
  732. throw new \InvalidArgumentException('Cannot enable sending the password by Talk without setting a new password');
  733. }
  734. if ($originalShare->getSendPasswordByTalk() && !$share->getSendPasswordByTalk()) {
  735. throw new \InvalidArgumentException('Cannot disable sending the password by Talk without setting a new password');
  736. }
  737. }
  738. if ($share->getExpirationDate() != $originalShare->getExpirationDate()) {
  739. // Verify the expiration date
  740. $this->validateExpirationDateLink($share);
  741. $expirationDateUpdated = true;
  742. }
  743. } elseif ($share->getShareType() === IShare::TYPE_REMOTE || $share->getShareType() === IShare::TYPE_REMOTE_GROUP) {
  744. if ($share->getExpirationDate() != $originalShare->getExpirationDate()) {
  745. //Verify the expiration date
  746. $this->validateExpirationDateInternal($share);
  747. $expirationDateUpdated = true;
  748. }
  749. }
  750. $this->pathCreateChecks($share->getNode());
  751. // Now update the share!
  752. $provider = $this->factory->getProviderForType($share->getShareType());
  753. if ($share->getShareType() === IShare::TYPE_EMAIL) {
  754. $share = $provider->update($share, $plainTextPassword);
  755. } else {
  756. $share = $provider->update($share);
  757. }
  758. if ($expirationDateUpdated === true) {
  759. \OC_Hook::emit(Share::class, 'post_set_expiration_date', [
  760. 'itemType' => $share->getNode() instanceof \OCP\Files\File ? 'file' : 'folder',
  761. 'itemSource' => $share->getNode()->getId(),
  762. 'date' => $share->getExpirationDate(),
  763. 'uidOwner' => $share->getSharedBy(),
  764. ]);
  765. }
  766. if ($share->getPassword() !== $originalShare->getPassword()) {
  767. \OC_Hook::emit(Share::class, 'post_update_password', [
  768. 'itemType' => $share->getNode() instanceof \OCP\Files\File ? 'file' : 'folder',
  769. 'itemSource' => $share->getNode()->getId(),
  770. 'uidOwner' => $share->getSharedBy(),
  771. 'token' => $share->getToken(),
  772. 'disabled' => is_null($share->getPassword()),
  773. ]);
  774. }
  775. if ($share->getPermissions() !== $originalShare->getPermissions()) {
  776. if ($this->userManager->userExists($share->getShareOwner())) {
  777. $userFolder = $this->rootFolder->getUserFolder($share->getShareOwner());
  778. } else {
  779. $userFolder = $this->rootFolder->getUserFolder($share->getSharedBy());
  780. }
  781. \OC_Hook::emit(Share::class, 'post_update_permissions', [
  782. 'itemType' => $share->getNode() instanceof \OCP\Files\File ? 'file' : 'folder',
  783. 'itemSource' => $share->getNode()->getId(),
  784. 'shareType' => $share->getShareType(),
  785. 'shareWith' => $share->getSharedWith(),
  786. 'uidOwner' => $share->getSharedBy(),
  787. 'permissions' => $share->getPermissions(),
  788. 'attributes' => $share->getAttributes() !== null ? $share->getAttributes()->toArray() : null,
  789. 'path' => $userFolder->getRelativePath($share->getNode()->getPath()),
  790. ]);
  791. }
  792. return $share;
  793. }
  794. /**
  795. * Accept a share.
  796. *
  797. * @param IShare $share
  798. * @param string $recipientId
  799. * @return IShare The share object
  800. * @throws \InvalidArgumentException Thrown if the provider does not implement `IShareProviderSupportsAccept`
  801. * @since 9.0.0
  802. */
  803. public function acceptShare(IShare $share, string $recipientId): IShare {
  804. [$providerId,] = $this->splitFullId($share->getFullId());
  805. $provider = $this->factory->getProvider($providerId);
  806. if (!($provider instanceof IShareProviderSupportsAccept)) {
  807. throw new \InvalidArgumentException('Share provider does not support accepting');
  808. }
  809. /** @var IShareProvider&IShareProviderSupportsAccept $provider */
  810. $provider->acceptShare($share, $recipientId);
  811. $event = new ShareAcceptedEvent($share);
  812. $this->dispatcher->dispatchTyped($event);
  813. return $share;
  814. }
  815. /**
  816. * Updates the password of the given share if it is not the same as the
  817. * password of the original share.
  818. *
  819. * @param IShare $share the share to update its password.
  820. * @param IShare $originalShare the original share to compare its
  821. * password with.
  822. * @return boolean whether the password was updated or not.
  823. */
  824. private function updateSharePasswordIfNeeded(IShare $share, IShare $originalShare) {
  825. $passwordsAreDifferent = ($share->getPassword() !== $originalShare->getPassword()) &&
  826. (($share->getPassword() !== null && $originalShare->getPassword() === null) ||
  827. ($share->getPassword() === null && $originalShare->getPassword() !== null) ||
  828. ($share->getPassword() !== null && $originalShare->getPassword() !== null &&
  829. !$this->hasher->verify($share->getPassword(), $originalShare->getPassword())));
  830. // Password updated.
  831. if ($passwordsAreDifferent) {
  832. //Verify the password
  833. $this->verifyPassword($share->getPassword());
  834. // If a password is set. Hash it!
  835. if (!empty($share->getPassword())) {
  836. $share->setPassword($this->hasher->hash($share->getPassword()));
  837. if ($share->getShareType() === IShare::TYPE_EMAIL) {
  838. // Shares shared by email have temporary passwords
  839. $this->setSharePasswordExpirationTime($share);
  840. }
  841. return true;
  842. } else {
  843. // Empty string and null are seen as NOT password protected
  844. $share->setPassword(null);
  845. if ($share->getShareType() === IShare::TYPE_EMAIL) {
  846. $share->setPasswordExpirationTime(null);
  847. }
  848. return true;
  849. }
  850. } else {
  851. // Reset the password to the original one, as it is either the same
  852. // as the "new" password or a hashed version of it.
  853. $share->setPassword($originalShare->getPassword());
  854. }
  855. return false;
  856. }
  857. /**
  858. * Set the share's password expiration time
  859. */
  860. private function setSharePasswordExpirationTime(IShare $share): void {
  861. if (!$this->config->getSystemValueBool('sharing.enable_mail_link_password_expiration', false)) {
  862. // Sets password expiration date to NULL
  863. $share->setPasswordExpirationTime();
  864. return;
  865. }
  866. // Sets password expiration date
  867. $expirationTime = null;
  868. $now = new \DateTime();
  869. $expirationInterval = $this->config->getSystemValue('sharing.mail_link_password_expiration_interval', 3600);
  870. $expirationTime = $now->add(new \DateInterval('PT' . $expirationInterval . 'S'));
  871. $share->setPasswordExpirationTime($expirationTime);
  872. }
  873. /**
  874. * Delete all the children of this share
  875. * FIXME: remove once https://github.com/owncloud/core/pull/21660 is in
  876. *
  877. * @param IShare $share
  878. * @return IShare[] List of deleted shares
  879. */
  880. protected function deleteChildren(IShare $share) {
  881. $deletedShares = [];
  882. $provider = $this->factory->getProviderForType($share->getShareType());
  883. foreach ($provider->getChildren($share) as $child) {
  884. $this->dispatcher->dispatchTyped(new BeforeShareDeletedEvent($child));
  885. $deletedChildren = $this->deleteChildren($child);
  886. $deletedShares = array_merge($deletedShares, $deletedChildren);
  887. $provider->delete($child);
  888. $this->dispatcher->dispatchTyped(new ShareDeletedEvent($child));
  889. $deletedShares[] = $child;
  890. }
  891. return $deletedShares;
  892. }
  893. /**
  894. * Delete a share
  895. *
  896. * @param IShare $share
  897. * @throws ShareNotFound
  898. * @throws \InvalidArgumentException
  899. */
  900. public function deleteShare(IShare $share) {
  901. try {
  902. $share->getFullId();
  903. } catch (\UnexpectedValueException $e) {
  904. throw new \InvalidArgumentException('Share does not have a full id');
  905. }
  906. $this->dispatcher->dispatchTyped(new BeforeShareDeletedEvent($share));
  907. // Get all children and delete them as well
  908. $this->deleteChildren($share);
  909. // Do the actual delete
  910. $provider = $this->factory->getProviderForType($share->getShareType());
  911. $provider->delete($share);
  912. $this->dispatcher->dispatchTyped(new ShareDeletedEvent($share));
  913. }
  914. /**
  915. * Unshare a file as the recipient.
  916. * This can be different from a regular delete for example when one of
  917. * the users in a groups deletes that share. But the provider should
  918. * handle this.
  919. *
  920. * @param IShare $share
  921. * @param string $recipientId
  922. */
  923. public function deleteFromSelf(IShare $share, $recipientId) {
  924. [$providerId,] = $this->splitFullId($share->getFullId());
  925. $provider = $this->factory->getProvider($providerId);
  926. $provider->deleteFromSelf($share, $recipientId);
  927. $event = new ShareDeletedFromSelfEvent($share);
  928. $this->dispatcher->dispatchTyped($event);
  929. }
  930. public function restoreShare(IShare $share, string $recipientId): IShare {
  931. [$providerId,] = $this->splitFullId($share->getFullId());
  932. $provider = $this->factory->getProvider($providerId);
  933. return $provider->restore($share, $recipientId);
  934. }
  935. /**
  936. * @inheritdoc
  937. */
  938. public function moveShare(IShare $share, $recipientId) {
  939. if ($share->getShareType() === IShare::TYPE_LINK
  940. || $share->getShareType() === IShare::TYPE_EMAIL) {
  941. throw new \InvalidArgumentException('Cannot change target of link share');
  942. }
  943. if ($share->getShareType() === IShare::TYPE_USER && $share->getSharedWith() !== $recipientId) {
  944. throw new \InvalidArgumentException('Invalid recipient');
  945. }
  946. if ($share->getShareType() === IShare::TYPE_GROUP) {
  947. $sharedWith = $this->groupManager->get($share->getSharedWith());
  948. if (is_null($sharedWith)) {
  949. throw new \InvalidArgumentException('Group "' . $share->getSharedWith() . '" does not exist');
  950. }
  951. $recipient = $this->userManager->get($recipientId);
  952. if (!$sharedWith->inGroup($recipient)) {
  953. throw new \InvalidArgumentException('Invalid recipient');
  954. }
  955. }
  956. [$providerId,] = $this->splitFullId($share->getFullId());
  957. $provider = $this->factory->getProvider($providerId);
  958. return $provider->move($share, $recipientId);
  959. }
  960. public function getSharesInFolder($userId, Folder $node, $reshares = false, $shallow = true) {
  961. $providers = $this->factory->getAllProviders();
  962. if (!$shallow) {
  963. throw new \Exception("non-shallow getSharesInFolder is no longer supported");
  964. }
  965. return array_reduce($providers, function ($shares, IShareProvider $provider) use ($userId, $node, $reshares) {
  966. $newShares = $provider->getSharesInFolder($userId, $node, $reshares);
  967. foreach ($newShares as $fid => $data) {
  968. if (!isset($shares[$fid])) {
  969. $shares[$fid] = [];
  970. }
  971. $shares[$fid] = array_merge($shares[$fid], $data);
  972. }
  973. return $shares;
  974. }, []);
  975. }
  976. /**
  977. * @inheritdoc
  978. */
  979. public function getSharesBy($userId, $shareType, $path = null, $reshares = false, $limit = 50, $offset = 0) {
  980. if ($path !== null &&
  981. !($path instanceof \OCP\Files\File) &&
  982. !($path instanceof \OCP\Files\Folder)) {
  983. throw new \InvalidArgumentException('invalid path');
  984. }
  985. try {
  986. $provider = $this->factory->getProviderForType($shareType);
  987. } catch (ProviderException $e) {
  988. return [];
  989. }
  990. $shares = $provider->getSharesBy($userId, $shareType, $path, $reshares, $limit, $offset);
  991. /*
  992. * Work around so we don't return expired shares but still follow
  993. * proper pagination.
  994. */
  995. $shares2 = [];
  996. while (true) {
  997. $added = 0;
  998. foreach ($shares as $share) {
  999. try {
  1000. $this->checkShare($share);
  1001. } catch (ShareNotFound $e) {
  1002. //Ignore since this basically means the share is deleted
  1003. continue;
  1004. }
  1005. $added++;
  1006. $shares2[] = $share;
  1007. if (count($shares2) === $limit) {
  1008. break;
  1009. }
  1010. }
  1011. // If we did not fetch more shares than the limit then there are no more shares
  1012. if (count($shares) < $limit) {
  1013. break;
  1014. }
  1015. if (count($shares2) === $limit) {
  1016. break;
  1017. }
  1018. // If there was no limit on the select we are done
  1019. if ($limit === -1) {
  1020. break;
  1021. }
  1022. $offset += $added;
  1023. // Fetch again $limit shares
  1024. $shares = $provider->getSharesBy($userId, $shareType, $path, $reshares, $limit, $offset);
  1025. // No more shares means we are done
  1026. if (empty($shares)) {
  1027. break;
  1028. }
  1029. }
  1030. $shares = $shares2;
  1031. return $shares;
  1032. }
  1033. /**
  1034. * @inheritdoc
  1035. */
  1036. public function getSharedWith($userId, $shareType, $node = null, $limit = 50, $offset = 0) {
  1037. try {
  1038. $provider = $this->factory->getProviderForType($shareType);
  1039. } catch (ProviderException $e) {
  1040. return [];
  1041. }
  1042. $shares = $provider->getSharedWith($userId, $shareType, $node, $limit, $offset);
  1043. // remove all shares which are already expired
  1044. foreach ($shares as $key => $share) {
  1045. try {
  1046. $this->checkShare($share);
  1047. } catch (ShareNotFound $e) {
  1048. unset($shares[$key]);
  1049. }
  1050. }
  1051. return $shares;
  1052. }
  1053. /**
  1054. * @inheritdoc
  1055. */
  1056. public function getDeletedSharedWith($userId, $shareType, $node = null, $limit = 50, $offset = 0) {
  1057. $shares = $this->getSharedWith($userId, $shareType, $node, $limit, $offset);
  1058. // Only get deleted shares
  1059. $shares = array_filter($shares, function (IShare $share) {
  1060. return $share->getPermissions() === 0;
  1061. });
  1062. // Only get shares where the owner still exists
  1063. $shares = array_filter($shares, function (IShare $share) {
  1064. return $this->userManager->userExists($share->getShareOwner());
  1065. });
  1066. return $shares;
  1067. }
  1068. /**
  1069. * @inheritdoc
  1070. */
  1071. public function getShareById($id, $recipient = null) {
  1072. if ($id === null) {
  1073. throw new ShareNotFound();
  1074. }
  1075. [$providerId, $id] = $this->splitFullId($id);
  1076. try {
  1077. $provider = $this->factory->getProvider($providerId);
  1078. } catch (ProviderException $e) {
  1079. throw new ShareNotFound();
  1080. }
  1081. $share = $provider->getShareById($id, $recipient);
  1082. $this->checkShare($share);
  1083. return $share;
  1084. }
  1085. /**
  1086. * Get all the shares for a given path
  1087. *
  1088. * @param \OCP\Files\Node $path
  1089. * @param int $page
  1090. * @param int $perPage
  1091. *
  1092. * @return Share[]
  1093. */
  1094. public function getSharesByPath(\OCP\Files\Node $path, $page = 0, $perPage = 50) {
  1095. return [];
  1096. }
  1097. /**
  1098. * Get the share by token possible with password
  1099. *
  1100. * @param string $token
  1101. * @return IShare
  1102. *
  1103. * @throws ShareNotFound
  1104. */
  1105. public function getShareByToken($token) {
  1106. // tokens cannot be valid local user names
  1107. if ($this->userManager->userExists($token)) {
  1108. throw new ShareNotFound();
  1109. }
  1110. $share = null;
  1111. try {
  1112. if ($this->shareApiAllowLinks()) {
  1113. $provider = $this->factory->getProviderForType(IShare::TYPE_LINK);
  1114. $share = $provider->getShareByToken($token);
  1115. }
  1116. } catch (ProviderException $e) {
  1117. } catch (ShareNotFound $e) {
  1118. }
  1119. // If it is not a link share try to fetch a federated share by token
  1120. if ($share === null) {
  1121. try {
  1122. $provider = $this->factory->getProviderForType(IShare::TYPE_REMOTE);
  1123. $share = $provider->getShareByToken($token);
  1124. } catch (ProviderException $e) {
  1125. } catch (ShareNotFound $e) {
  1126. }
  1127. }
  1128. // If it is not a link share try to fetch a mail share by token
  1129. if ($share === null && $this->shareProviderExists(IShare::TYPE_EMAIL)) {
  1130. try {
  1131. $provider = $this->factory->getProviderForType(IShare::TYPE_EMAIL);
  1132. $share = $provider->getShareByToken($token);
  1133. } catch (ProviderException $e) {
  1134. } catch (ShareNotFound $e) {
  1135. }
  1136. }
  1137. if ($share === null && $this->shareProviderExists(IShare::TYPE_CIRCLE)) {
  1138. try {
  1139. $provider = $this->factory->getProviderForType(IShare::TYPE_CIRCLE);
  1140. $share = $provider->getShareByToken($token);
  1141. } catch (ProviderException $e) {
  1142. } catch (ShareNotFound $e) {
  1143. }
  1144. }
  1145. if ($share === null && $this->shareProviderExists(IShare::TYPE_ROOM)) {
  1146. try {
  1147. $provider = $this->factory->getProviderForType(IShare::TYPE_ROOM);
  1148. $share = $provider->getShareByToken($token);
  1149. } catch (ProviderException $e) {
  1150. } catch (ShareNotFound $e) {
  1151. }
  1152. }
  1153. if ($share === null) {
  1154. throw new ShareNotFound($this->l->t('The requested share does not exist anymore'));
  1155. }
  1156. $this->checkShare($share);
  1157. /*
  1158. * Reduce the permissions for link or email shares if public upload is not enabled
  1159. */
  1160. if (($share->getShareType() === IShare::TYPE_LINK || $share->getShareType() === IShare::TYPE_EMAIL)
  1161. && $share->getNodeType() === 'folder' && !$this->shareApiLinkAllowPublicUpload()) {
  1162. $share->setPermissions($share->getPermissions() & ~(\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE));
  1163. }
  1164. return $share;
  1165. }
  1166. /**
  1167. * Check expire date and disabled owner
  1168. *
  1169. * @throws ShareNotFound
  1170. */
  1171. protected function checkShare(IShare $share): void {
  1172. if ($share->isExpired()) {
  1173. $this->deleteShare($share);
  1174. throw new ShareNotFound($this->l->t('The requested share does not exist anymore'));
  1175. }
  1176. if ($this->config->getAppValue('files_sharing', 'hide_disabled_user_shares', 'no') === 'yes') {
  1177. $uids = array_unique([$share->getShareOwner(),$share->getSharedBy()]);
  1178. foreach ($uids as $uid) {
  1179. $user = $this->userManager->get($uid);
  1180. if ($user?->isEnabled() === false) {
  1181. throw new ShareNotFound($this->l->t('The requested share comes from a disabled user'));
  1182. }
  1183. }
  1184. }
  1185. }
  1186. /**
  1187. * Verify the password of a public share
  1188. *
  1189. * @param IShare $share
  1190. * @param ?string $password
  1191. * @return bool
  1192. */
  1193. public function checkPassword(IShare $share, $password) {
  1194. // if there is no password on the share object / passsword is null, there is nothing to check
  1195. if ($password === null || $share->getPassword() === null) {
  1196. return false;
  1197. }
  1198. // Makes sure password hasn't expired
  1199. $expirationTime = $share->getPasswordExpirationTime();
  1200. if ($expirationTime !== null && $expirationTime < new \DateTime()) {
  1201. return false;
  1202. }
  1203. $newHash = '';
  1204. if (!$this->hasher->verify($password, $share->getPassword(), $newHash)) {
  1205. return false;
  1206. }
  1207. if (!empty($newHash)) {
  1208. $share->setPassword($newHash);
  1209. $provider = $this->factory->getProviderForType($share->getShareType());
  1210. $provider->update($share);
  1211. }
  1212. return true;
  1213. }
  1214. /**
  1215. * @inheritdoc
  1216. */
  1217. public function userDeleted($uid) {
  1218. $types = [IShare::TYPE_USER, IShare::TYPE_GROUP, IShare::TYPE_LINK, IShare::TYPE_REMOTE, IShare::TYPE_EMAIL];
  1219. foreach ($types as $type) {
  1220. try {
  1221. $provider = $this->factory->getProviderForType($type);
  1222. } catch (ProviderException $e) {
  1223. continue;
  1224. }
  1225. $provider->userDeleted($uid, $type);
  1226. }
  1227. }
  1228. /**
  1229. * @inheritdoc
  1230. */
  1231. public function groupDeleted($gid) {
  1232. $provider = $this->factory->getProviderForType(IShare::TYPE_GROUP);
  1233. $provider->groupDeleted($gid);
  1234. $excludedGroups = $this->config->getAppValue('core', 'shareapi_exclude_groups_list', '');
  1235. if ($excludedGroups === '') {
  1236. return;
  1237. }
  1238. $excludedGroups = json_decode($excludedGroups, true);
  1239. if (json_last_error() !== JSON_ERROR_NONE) {
  1240. return;
  1241. }
  1242. $excludedGroups = array_diff($excludedGroups, [$gid]);
  1243. $this->config->setAppValue('core', 'shareapi_exclude_groups_list', json_encode($excludedGroups));
  1244. }
  1245. /**
  1246. * @inheritdoc
  1247. */
  1248. public function userDeletedFromGroup($uid, $gid) {
  1249. $provider = $this->factory->getProviderForType(IShare::TYPE_GROUP);
  1250. $provider->userDeletedFromGroup($uid, $gid);
  1251. }
  1252. /**
  1253. * Get access list to a path. This means
  1254. * all the users that can access a given path.
  1255. *
  1256. * Consider:
  1257. * -root
  1258. * |-folder1 (23)
  1259. * |-folder2 (32)
  1260. * |-fileA (42)
  1261. *
  1262. * fileA is shared with user1 and user1@server1 and email1@maildomain1
  1263. * folder2 is shared with group2 (user4 is a member of group2)
  1264. * folder1 is shared with user2 (renamed to "folder (1)") and user2@server2
  1265. * and email2@maildomain2
  1266. *
  1267. * Then the access list to '/folder1/folder2/fileA' with $currentAccess is:
  1268. * [
  1269. * users => [
  1270. * 'user1' => ['node_id' => 42, 'node_path' => '/fileA'],
  1271. * 'user4' => ['node_id' => 32, 'node_path' => '/folder2'],
  1272. * 'user2' => ['node_id' => 23, 'node_path' => '/folder (1)'],
  1273. * ],
  1274. * remote => [
  1275. * 'user1@server1' => ['node_id' => 42, 'token' => 'SeCr3t'],
  1276. * 'user2@server2' => ['node_id' => 23, 'token' => 'FooBaR'],
  1277. * ],
  1278. * public => bool
  1279. * mail => [
  1280. * 'email1@maildomain1' => ['node_id' => 42, 'token' => 'aBcDeFg'],
  1281. * 'email2@maildomain2' => ['node_id' => 23, 'token' => 'hIjKlMn'],
  1282. * ]
  1283. * ]
  1284. *
  1285. * The access list to '/folder1/folder2/fileA' **without** $currentAccess is:
  1286. * [
  1287. * users => ['user1', 'user2', 'user4'],
  1288. * remote => bool,
  1289. * public => bool
  1290. * mail => ['email1@maildomain1', 'email2@maildomain2']
  1291. * ]
  1292. *
  1293. * This is required for encryption/activity
  1294. *
  1295. * @param \OCP\Files\Node $path
  1296. * @param bool $recursive Should we check all parent folders as well
  1297. * @param bool $currentAccess Ensure the recipient has access to the file (e.g. did not unshare it)
  1298. * @return array
  1299. */
  1300. public function getAccessList(\OCP\Files\Node $path, $recursive = true, $currentAccess = false) {
  1301. $owner = $path->getOwner();
  1302. if ($owner === null) {
  1303. return [];
  1304. }
  1305. $owner = $owner->getUID();
  1306. if ($currentAccess) {
  1307. $al = ['users' => [], 'remote' => [], 'public' => false, 'mail' => []];
  1308. } else {
  1309. $al = ['users' => [], 'remote' => false, 'public' => false, 'mail' => []];
  1310. }
  1311. if (!$this->userManager->userExists($owner)) {
  1312. return $al;
  1313. }
  1314. //Get node for the owner and correct the owner in case of external storage
  1315. $userFolder = $this->rootFolder->getUserFolder($owner);
  1316. if ($path->getId() !== $userFolder->getId() && !$userFolder->isSubNode($path)) {
  1317. $path = $userFolder->getFirstNodeById($path->getId());
  1318. if ($path === null || $path->getOwner() === null) {
  1319. return [];
  1320. }
  1321. $owner = $path->getOwner()->getUID();
  1322. }
  1323. $providers = $this->factory->getAllProviders();
  1324. /** @var Node[] $nodes */
  1325. $nodes = [];
  1326. if ($currentAccess) {
  1327. $ownerPath = $path->getPath();
  1328. $ownerPath = explode('/', $ownerPath, 4);
  1329. if (count($ownerPath) < 4) {
  1330. $ownerPath = '';
  1331. } else {
  1332. $ownerPath = $ownerPath[3];
  1333. }
  1334. $al['users'][$owner] = [
  1335. 'node_id' => $path->getId(),
  1336. 'node_path' => '/' . $ownerPath,
  1337. ];
  1338. } else {
  1339. $al['users'][] = $owner;
  1340. }
  1341. // Collect all the shares
  1342. while ($path->getPath() !== $userFolder->getPath()) {
  1343. $nodes[] = $path;
  1344. if (!$recursive) {
  1345. break;
  1346. }
  1347. $path = $path->getParent();
  1348. }
  1349. foreach ($providers as $provider) {
  1350. $tmp = $provider->getAccessList($nodes, $currentAccess);
  1351. foreach ($tmp as $k => $v) {
  1352. if (isset($al[$k])) {
  1353. if (is_array($al[$k])) {
  1354. if ($currentAccess) {
  1355. $al[$k] += $v;
  1356. } else {
  1357. $al[$k] = array_merge($al[$k], $v);
  1358. $al[$k] = array_unique($al[$k]);
  1359. $al[$k] = array_values($al[$k]);
  1360. }
  1361. } else {
  1362. $al[$k] = $al[$k] || $v;
  1363. }
  1364. } else {
  1365. $al[$k] = $v;
  1366. }
  1367. }
  1368. }
  1369. return $al;
  1370. }
  1371. /**
  1372. * Create a new share
  1373. *
  1374. * @return IShare
  1375. */
  1376. public function newShare() {
  1377. return new \OC\Share20\Share($this->rootFolder, $this->userManager);
  1378. }
  1379. /**
  1380. * Is the share API enabled
  1381. *
  1382. * @return bool
  1383. */
  1384. public function shareApiEnabled() {
  1385. return $this->config->getAppValue('core', 'shareapi_enabled', 'yes') === 'yes';
  1386. }
  1387. /**
  1388. * Is public link sharing enabled
  1389. *
  1390. * @return bool
  1391. */
  1392. public function shareApiAllowLinks() {
  1393. if ($this->config->getAppValue('core', 'shareapi_allow_links', 'yes') !== 'yes') {
  1394. return false;
  1395. }
  1396. $user = $this->userSession->getUser();
  1397. if ($user) {
  1398. $excludedGroups = json_decode($this->config->getAppValue('core', 'shareapi_allow_links_exclude_groups', '[]'));
  1399. if ($excludedGroups) {
  1400. $userGroups = $this->groupManager->getUserGroupIds($user);
  1401. return !(bool)array_intersect($excludedGroups, $userGroups);
  1402. }
  1403. }
  1404. return true;
  1405. }
  1406. /**
  1407. * Is password on public link requires
  1408. *
  1409. * @param bool Check group membership exclusion
  1410. * @return bool
  1411. */
  1412. public function shareApiLinkEnforcePassword(bool $checkGroupMembership = true) {
  1413. $excludedGroups = $this->config->getAppValue('core', 'shareapi_enforce_links_password_excluded_groups', '');
  1414. if ($excludedGroups !== '' && $checkGroupMembership) {
  1415. $excludedGroups = json_decode($excludedGroups);
  1416. $user = $this->userSession->getUser();
  1417. if ($user) {
  1418. $userGroups = $this->groupManager->getUserGroupIds($user);
  1419. if ((bool)array_intersect($excludedGroups, $userGroups)) {
  1420. return false;
  1421. }
  1422. }
  1423. }
  1424. return $this->config->getAppValue('core', 'shareapi_enforce_links_password', 'no') === 'yes';
  1425. }
  1426. /**
  1427. * Is default link expire date enabled
  1428. *
  1429. * @return bool
  1430. */
  1431. public function shareApiLinkDefaultExpireDate() {
  1432. return $this->config->getAppValue('core', 'shareapi_default_expire_date', 'no') === 'yes';
  1433. }
  1434. /**
  1435. * Is default link expire date enforced
  1436. *`
  1437. *
  1438. * @return bool
  1439. */
  1440. public function shareApiLinkDefaultExpireDateEnforced() {
  1441. return $this->shareApiLinkDefaultExpireDate() &&
  1442. $this->config->getAppValue('core', 'shareapi_enforce_expire_date', 'no') === 'yes';
  1443. }
  1444. /**
  1445. * Number of default link expire days
  1446. *
  1447. * @return int
  1448. */
  1449. public function shareApiLinkDefaultExpireDays() {
  1450. return (int)$this->config->getAppValue('core', 'shareapi_expire_after_n_days', '7');
  1451. }
  1452. /**
  1453. * Is default internal expire date enabled
  1454. *
  1455. * @return bool
  1456. */
  1457. public function shareApiInternalDefaultExpireDate(): bool {
  1458. return $this->config->getAppValue('core', 'shareapi_default_internal_expire_date', 'no') === 'yes';
  1459. }
  1460. /**
  1461. * Is default remote expire date enabled
  1462. *
  1463. * @return bool
  1464. */
  1465. public function shareApiRemoteDefaultExpireDate(): bool {
  1466. return $this->config->getAppValue('core', 'shareapi_default_remote_expire_date', 'no') === 'yes';
  1467. }
  1468. /**
  1469. * Is default expire date enforced
  1470. *
  1471. * @return bool
  1472. */
  1473. public function shareApiInternalDefaultExpireDateEnforced(): bool {
  1474. return $this->shareApiInternalDefaultExpireDate() &&
  1475. $this->config->getAppValue('core', 'shareapi_enforce_internal_expire_date', 'no') === 'yes';
  1476. }
  1477. /**
  1478. * Is default expire date enforced for remote shares
  1479. *
  1480. * @return bool
  1481. */
  1482. public function shareApiRemoteDefaultExpireDateEnforced(): bool {
  1483. return $this->shareApiRemoteDefaultExpireDate() &&
  1484. $this->config->getAppValue('core', 'shareapi_enforce_remote_expire_date', 'no') === 'yes';
  1485. }
  1486. /**
  1487. * Number of default expire days
  1488. *
  1489. * @return int
  1490. */
  1491. public function shareApiInternalDefaultExpireDays(): int {
  1492. return (int)$this->config->getAppValue('core', 'shareapi_internal_expire_after_n_days', '7');
  1493. }
  1494. /**
  1495. * Number of default expire days for remote shares
  1496. *
  1497. * @return int
  1498. */
  1499. public function shareApiRemoteDefaultExpireDays(): int {
  1500. return (int)$this->config->getAppValue('core', 'shareapi_remote_expire_after_n_days', '7');
  1501. }
  1502. /**
  1503. * Allow public upload on link shares
  1504. *
  1505. * @return bool
  1506. */
  1507. public function shareApiLinkAllowPublicUpload() {
  1508. return $this->config->getAppValue('core', 'shareapi_allow_public_upload', 'yes') === 'yes';
  1509. }
  1510. /**
  1511. * check if user can only share with group members
  1512. *
  1513. * @return bool
  1514. */
  1515. public function shareWithGroupMembersOnly() {
  1516. return $this->config->getAppValue('core', 'shareapi_only_share_with_group_members', 'no') === 'yes';
  1517. }
  1518. /**
  1519. * If shareWithGroupMembersOnly is enabled, return an optional
  1520. * list of groups that must be excluded from the principle of
  1521. * belonging to the same group.
  1522. *
  1523. * @return array
  1524. */
  1525. public function shareWithGroupMembersOnlyExcludeGroupsList() {
  1526. if (!$this->shareWithGroupMembersOnly()) {
  1527. return [];
  1528. }
  1529. $excludeGroups = $this->config->getAppValue('core', 'shareapi_only_share_with_group_members_exclude_group_list', '');
  1530. return json_decode($excludeGroups, true) ?? [];
  1531. }
  1532. /**
  1533. * Check if users can share with groups
  1534. *
  1535. * @return bool
  1536. */
  1537. public function allowGroupSharing() {
  1538. return $this->config->getAppValue('core', 'shareapi_allow_group_sharing', 'yes') === 'yes';
  1539. }
  1540. public function allowEnumeration(): bool {
  1541. return $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
  1542. }
  1543. public function limitEnumerationToGroups(): bool {
  1544. return $this->allowEnumeration() &&
  1545. $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
  1546. }
  1547. public function limitEnumerationToPhone(): bool {
  1548. return $this->allowEnumeration() &&
  1549. $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
  1550. }
  1551. public function allowEnumerationFullMatch(): bool {
  1552. return $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match', 'yes') === 'yes';
  1553. }
  1554. public function matchEmail(): bool {
  1555. return $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match_email', 'yes') === 'yes';
  1556. }
  1557. public function ignoreSecondDisplayName(): bool {
  1558. return $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_dn', 'no') === 'yes';
  1559. }
  1560. public function currentUserCanEnumerateTargetUser(?IUser $currentUser, IUser $targetUser): bool {
  1561. if ($this->allowEnumerationFullMatch()) {
  1562. return true;
  1563. }
  1564. if (!$this->allowEnumeration()) {
  1565. return false;
  1566. }
  1567. if (!$this->limitEnumerationToPhone() && !$this->limitEnumerationToGroups()) {
  1568. // Enumeration is enabled and not restricted: OK
  1569. return true;
  1570. }
  1571. if (!$currentUser instanceof IUser) {
  1572. // Enumeration restrictions require an account
  1573. return false;
  1574. }
  1575. // Enumeration is limited to phone match
  1576. if ($this->limitEnumerationToPhone() && $this->knownUserService->isKnownToUser($currentUser->getUID(), $targetUser->getUID())) {
  1577. return true;
  1578. }
  1579. // Enumeration is limited to groups
  1580. if ($this->limitEnumerationToGroups()) {
  1581. $currentUserGroupIds = $this->groupManager->getUserGroupIds($currentUser);
  1582. $targetUserGroupIds = $this->groupManager->getUserGroupIds($targetUser);
  1583. if (!empty(array_intersect($currentUserGroupIds, $targetUserGroupIds))) {
  1584. return true;
  1585. }
  1586. }
  1587. return false;
  1588. }
  1589. /**
  1590. * Copied from \OC_Util::isSharingDisabledForUser
  1591. *
  1592. * TODO: Deprecate function from OC_Util
  1593. *
  1594. * @param string $userId
  1595. * @return bool
  1596. */
  1597. public function sharingDisabledForUser($userId) {
  1598. return $this->shareDisableChecker->sharingDisabledForUser($userId);
  1599. }
  1600. /**
  1601. * @inheritdoc
  1602. */
  1603. public function outgoingServer2ServerSharesAllowed() {
  1604. return $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'yes';
  1605. }
  1606. /**
  1607. * @inheritdoc
  1608. */
  1609. public function outgoingServer2ServerGroupSharesAllowed() {
  1610. return $this->config->getAppValue('files_sharing', 'outgoing_server2server_group_share_enabled', 'no') === 'yes';
  1611. }
  1612. /**
  1613. * @inheritdoc
  1614. */
  1615. public function shareProviderExists($shareType) {
  1616. try {
  1617. $this->factory->getProviderForType($shareType);
  1618. } catch (ProviderException $e) {
  1619. return false;
  1620. }
  1621. return true;
  1622. }
  1623. public function registerShareProvider(string $shareProviderClass): void {
  1624. $this->factory->registerProvider($shareProviderClass);
  1625. }
  1626. public function getAllShares(): iterable {
  1627. $providers = $this->factory->getAllProviders();
  1628. foreach ($providers as $provider) {
  1629. yield from $provider->getAllShares();
  1630. }
  1631. }
  1632. }