/**
* Get the permissions granted for a shared file
*
* @param string $target Shared target file path
* @return int CRUDS permissions granted
*/
public function getPermissions($target = '')
{
if (!$this->isValid()) {
return 0;
}
$permissions = $this->superShare->getPermissions();
// part files and the mount point always have delete permissions
if ($target === '' || pathinfo($target, PATHINFO_EXTENSION) === 'part') {
$permissions |= \OCP\Constants::PERMISSION_DELETE;
}
if (\OCP\Util::isSharingDisabledForUser()) {
$permissions &= ~\OCP\Constants::PERMISSION_SHARE;
}
return $permissions;
}
/**
* Update a share
*
* @param IShare $share
* @return IShare The share object
*/
public function update(IShare $share)
{
/*
* We allow updating the permissions of federated shares
*/
$qb = $this->dbConnection->getQueryBuilder();
$qb->update('share')->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))->execute();
return $share;
}
/**
* @inheritdoc
*/
public function move(\OCP\Share\IShare $share, $recipient)
{
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER) {
// Just update the target
$qb = $this->dbConn->getQueryBuilder();
$qb->update('share')->set('file_target', $qb->createNamedParameter($share->getTarget()))->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->execute();
} else {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP) {
// Check if there is a usergroup share
$qb = $this->dbConn->getQueryBuilder();
$stmt = $qb->select('id')->from('share')->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_USERGROUP)))->andWhere($qb->expr()->eq('share_with', $qb->createNamedParameter($recipient)))->andWhere($qb->expr()->eq('parent', $qb->createNamedParameter($share->getId())))->setMaxResults(1)->execute();
$data = $stmt->fetch();
$stmt->closeCursor();
if ($data === false) {
// No usergroup share yet. Create one.
$qb = $this->dbConn->getQueryBuilder();
$qb->insert('share')->values(['share_type' => $qb->createNamedParameter(self::SHARE_TYPE_USERGROUP), 'share_with' => $qb->createNamedParameter($recipient), 'uid_owner' => $qb->createNamedParameter($share->getShareOwner()), 'uid_initiator' => $qb->createNamedParameter($share->getSharedBy()), 'parent' => $qb->createNamedParameter($share->getId()), 'item_type' => $qb->createNamedParameter($share->getNode() instanceof File ? 'file' : 'folder'), 'item_source' => $qb->createNamedParameter($share->getNode()->getId()), 'file_source' => $qb->createNamedParameter($share->getNode()->getId()), 'file_target' => $qb->createNamedParameter($share->getTarget()), 'permissions' => $qb->createNamedParameter($share->getPermissions()), 'stime' => $qb->createNamedParameter($share->getShareTime()->getTimestamp())])->execute();
} else {
// Already a usergroup share. Update it.
$qb = $this->dbConn->getQueryBuilder();
$qb->update('share')->set('file_target', $qb->createNamedParameter($share->getTarget()))->where($qb->expr()->eq('id', $qb->createNamedParameter($data['id'])))->execute();
}
}
}
return $share;
}
/**
* Check for pre share requirements for link shares
*
* @param \OCP\Share\IShare $share
* @throws \Exception
*/
protected function linkCreateChecks(\OCP\Share\IShare $share)
{
// Are link shares allowed?
if (!$this->shareApiAllowLinks()) {
throw new \Exception('Link sharing not allowed');
}
// Link shares by definition can't have share permissions
if ($share->getPermissions() & \OCP\Constants::PERMISSION_SHARE) {
throw new \InvalidArgumentException('Link shares can\'t have reshare permissions');
}
// We don't allow deletion on link shares
if ($share->getPermissions() & \OCP\Constants::PERMISSION_DELETE) {
throw new \InvalidArgumentException('Link shares can\'t have delete permissions');
}
// Check if public upload is allowed
if (!$this->shareApiLinkAllowPublicUpload() && $share->getPermissions() & (\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE)) {
throw new \InvalidArgumentException('Public upload not allowed');
}
}
/**
* @param \OCP\Share\IShare $share
* @return bool
*/
protected function canAccessShare(\OCP\Share\IShare $share)
{
// A file with permissions 0 can't be accessed by us. So Don't show it
if ($share->getPermissions() === 0) {
return false;
}
// Owner of the file and the sharer of the file can always get share
if ($share->getShareOwner() === $this->currentUser->getUID() || $share->getSharedBy() === $this->currentUser->getUID()) {
return true;
}
// If the share is shared with you (or a group you are a member of)
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER && $share->getSharedWith() === $this->currentUser->getUID()) {
return true;
}
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP) {
$sharedWith = $this->groupManager->get($share->getSharedWith());
if ($sharedWith->inGroup($this->currentUser)) {
return true;
}
}
return false;
}
/**
* Update a share
*
* @param IShare $share
* @return IShare The share object
*/
public function update(IShare $share)
{
/*
* We allow updating the permissions of federated shares
*/
$qb = $this->dbConnection->getQueryBuilder();
$qb->update('share')->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))->execute();
// send the updated permission to the owner/initiator, if they are not the same
if ($share->getShareOwner() !== $share->getSharedBy()) {
$this->sendPermissionUpdate($share);
}
return $share;
}
/**
* Update a share
*
* @param \OCP\Share\IShare $share
* @return \OCP\Share\IShare The share object
*/
public function update(\OCP\Share\IShare $share)
{
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER) {
/*
* We allow updating the recipient on user shares.
*/
$qb = $this->dbConn->getQueryBuilder();
$qb->update('share')->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->set('share_with', $qb->createNamedParameter($share->getSharedWith()->getUID()))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()->getUID()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()->getUID()))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->set('item_source', $qb->createNamedParameter($share->getNode()->getId()))->set('file_source', $qb->createNamedParameter($share->getNode()->getId()))->execute();
} else {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP) {
$qb = $this->dbConn->getQueryBuilder();
$qb->update('share')->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()->getUID()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()->getUID()))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->set('item_source', $qb->createNamedParameter($share->getNode()->getId()))->set('file_source', $qb->createNamedParameter($share->getNode()->getId()))->execute();
/*
* Update all user defined group shares
*/
$qb = $this->dbConn->getQueryBuilder();
$qb->update('share')->where($qb->expr()->eq('parent', $qb->createNamedParameter($share->getId())))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()->getUID()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()->getUID()))->set('item_source', $qb->createNamedParameter($share->getNode()->getId()))->set('file_source', $qb->createNamedParameter($share->getNode()->getId()))->execute();
/*
* Now update the permissions for all children that have not set it to 0
*/
$qb = $this->dbConn->getQueryBuilder();
$qb->update('share')->where($qb->expr()->eq('parent', $qb->createNamedParameter($share->getId())))->andWhere($qb->expr()->neq('permissions', $qb->createNamedParameter(0)))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->execute();
} else {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) {
$qb = $this->dbConn->getQueryBuilder();
$qb->update('share')->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->set('share_with', $qb->createNamedParameter($share->getPassword()))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()->getUID()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()->getUID()))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->set('item_source', $qb->createNamedParameter($share->getNode()->getId()))->set('file_source', $qb->createNamedParameter($share->getNode()->getId()))->set('token', $qb->createNamedParameter($share->getToken()))->set('expiration', $qb->createNamedParameter($share->getExpirationDate(), IQueryBuilder::PARAM_DATE))->execute();
}
}
}
return $share;
}
