/**
* Validates a username and password
*
* This method should return true or false depending on if login
* succeeded.
*
* @param string $username
* @param string $password
*
* @return bool
*/
protected function validateUserPass($username, $password)
{
$linkItem = \OCP\Share::getShareByToken($username, false);
\OC_User::setIncognitoMode(true);
$this->share = $linkItem;
if (!$linkItem) {
return false;
}
// check if the share is password protected
if (isset($linkItem['share_with'])) {
if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_LINK) {
// Check Password
$forcePortable = CRYPT_BLOWFISH != 1;
$hasher = new \PasswordHash(8, $forcePortable);
if (!$hasher->CheckPassword($password . $this->config->getSystemValue('passwordsalt', ''), $linkItem['share_with'])) {
return false;
} else {
return true;
}
} else {
return false;
}
} else {
return true;
}
}
protected function tearDown()
{
\OC_User::setIncognitoMode(false);
// Set old user
\OC_User::setUserId($this->oldUser);
\OC_Util::setupFS($this->oldUser);
parent::tearDown();
}
public static function showShare($args)
{
\OC_Util::checkAppEnabled('files_sharing');
$token = $args['token'];
\OC_App::loadApp('files_sharing');
\OC_User::setIncognitoMode(true);
require_once \OC_App::getAppPath('files_sharing') . '/public.php';
}
protected function tearDown()
{
\OC_Util::tearDownFS();
\OC_User::setUserId('');
Filesystem::tearDown();
\OC_User::deleteUser($this->user);
\OC_User::setIncognitoMode(false);
\OC::$server->getSession()->set('public_link_authenticated', '');
// Set old user
\OC_User::setUserId($this->oldUser);
\OC_Util::setupFS($this->oldUser);
}
/**
* Sets up the filesystem and user for public sharing
* @param string $token string share token
* @param string $relativePath optional path relative to the share
* @param string $password optional password
* @return array
*/
public static function setupFromToken($token, $relativePath = null, $password = null)
{
\OC_User::setIncognitoMode(true);
$linkItem = \OCP\Share::getShareByToken($token, !$password);
if ($linkItem === false || $linkItem['item_type'] !== 'file' && $linkItem['item_type'] !== 'folder') {
\OC_Response::setStatus(404);
\OCP\Util::writeLog('core-preview', 'Passed token parameter is not valid', \OCP\Util::DEBUG);
exit;
}
if (!isset($linkItem['uid_owner']) || !isset($linkItem['file_source'])) {
\OC_Response::setStatus(500);
\OCP\Util::writeLog('core-preview', 'Passed token seems to be valid, but it does not contain all necessary information . ("' . $token . '")', \OCP\Util::WARN);
exit;
}
$rootLinkItem = \OCP\Share::resolveReShare($linkItem);
$path = null;
if (isset($rootLinkItem['uid_owner'])) {
\OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
\OC_Util::tearDownFS();
\OC_Util::setupFS($rootLinkItem['uid_owner']);
}
try {
$path = Filesystem::getPath($linkItem['file_source']);
} catch (NotFoundException $e) {
\OCP\Util::writeLog('share', 'could not resolve linkItem', \OCP\Util::DEBUG);
\OC_Response::setStatus(404);
\OCP\JSON::error(array('success' => false));
exit;
}
if (!isset($linkItem['item_type'])) {
\OCP\Util::writeLog('share', 'No item type set for share id: ' . $linkItem['id'], \OCP\Util::ERROR);
\OC_Response::setStatus(404);
\OCP\JSON::error(array('success' => false));
exit;
}
if (isset($linkItem['share_with']) && (int) $linkItem['share_type'] === \OCP\Share::SHARE_TYPE_LINK) {
if (!self::authenticate($linkItem, $password)) {
\OC_Response::setStatus(403);
\OCP\JSON::error(array('success' => false));
exit;
}
}
$basePath = $path;
if ($relativePath !== null && Filesystem::isReadable($basePath . $relativePath)) {
$path .= Filesystem::normalizePath($relativePath);
}
return array('linkItem' => $linkItem, 'basePath' => $basePath, 'realPath' => $path);
}
/**
* Validates a username and password
*
* This method should return true or false depending on if login
* succeeded.
*
* @param string $username
* @param string $password
*
* @return bool
*/
protected function validateUserPass($username, $password)
{
$linkItem = \OCP\Share::getShareByToken($username, false);
\OC_User::setIncognitoMode(true);
$this->share = $linkItem;
if (!$linkItem) {
return false;
}
// check if the share is password protected
if (isset($linkItem['share_with'])) {
if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_LINK) {
// Check Password
$newHash = '';
if (\OC::$server->getHasher()->verify($password, $linkItem['share_with'], $newHash)) {
/**
* FIXME: Migrate old hashes to new hash format
* Due to the fact that there is no reasonable functionality to update the password
* of an existing share no migration is yet performed there.
* The only possibility is to update the existing share which will result in a new
* share ID and is a major hack.
*
* In the future the migration should be performed once there is a proper method
* to update the share's password. (for example `$share->updatePassword($password)`
*
* @link https://github.com/owncloud/core/issues/10671
*/
if (!empty($newHash)) {
}
return true;
} else {
if (\OC::$server->getSession()->exists('public_link_authenticated') && \OC::$server->getSession()->get('public_link_authenticated') === $linkItem['id']) {
return true;
} else {
return false;
}
}
} else {
if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_REMOTE) {
return true;
} else {
return false;
}
}
} else {
return true;
}
}
/**
* Validates a username and password
*
* This method should return true or false depending on if login
* succeeded.
*
* @param string $username
* @param string $password
*
* @return bool
* @throws \Sabre\DAV\Exception\NotAuthenticated
*/
protected function validateUserPass($username, $password)
{
try {
$share = $this->shareManager->getShareByToken($username);
} catch (ShareNotFound $e) {
return false;
}
$this->share = $share;
\OC_User::setIncognitoMode(true);
// check if the share is password protected
if ($share->getPassword() !== null) {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) {
if ($this->shareManager->checkPassword($share, $password)) {
return true;
} else {
if ($this->session->exists('public_link_authenticated') && $this->session->get('public_link_authenticated') === (string) $share->getId()) {
return true;
} else {
if (in_array('XMLHttpRequest', explode(',', $this->request->getHeader('X-Requested-With')))) {
// do not re-authenticate over ajax, use dummy auth name to prevent browser popup
http_response_code(401);
header('WWW-Authenticate', 'DummyBasic realm="' . $this->realm . '"');
throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
}
return false;
}
}
} else {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_REMOTE) {
return true;
} else {
return false;
}
}
} else {
return true;
}
}
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
OCP\JSON::checkAppEnabled('files_sharing');
\OC_User::setIncognitoMode(true);
$file = array_key_exists('file', $_GET) ? (string) $_GET['file'] : '';
$maxX = array_key_exists('x', $_GET) ? (int) $_GET['x'] : '32';
$maxY = array_key_exists('y', $_GET) ? (int) $_GET['y'] : '32';
$scalingUp = array_key_exists('scalingup', $_GET) ? (bool) $_GET['scalingup'] : true;
$token = array_key_exists('t', $_GET) ? (string) $_GET['t'] : '';
$keepAspect = array_key_exists('a', $_GET) ? true : false;
if ($token === '') {
\OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST);
\OCP\Util::writeLog('core-preview', 'No token parameter was passed', \OCP\Util::DEBUG);
exit;
}
$linkedItem = \OCP\Share::getShareByToken($token);
if ($linkedItem === false || $linkedItem['item_type'] !== 'file' && $linkedItem['item_type'] !== 'folder') {
\OC_Response::setStatus(\OC_Response::STATUS_NOT_FOUND);
\OCP\Util::writeLog('core-preview', 'Passed token parameter is not valid', \OCP\Util::DEBUG);
/**
* @PublicPage
* @NoCSRFRequired
*
* @param string $token
* @param string $files
* @param string $path
* @return void|RedirectResponse
*/
public function downloadShare($token, $files = null, $path = '')
{
\OC_User::setIncognitoMode(true);
$linkItem = OCP\Share::getShareByToken($token, false);
// Share is password protected - check whether the user is permitted to access the share
if (isset($linkItem['share_with'])) {
if (!Helper::authenticate($linkItem)) {
return new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.authenticate', array('token' => $token)));
}
}
$originalSharePath = self::getPath($token);
if (isset($originalSharePath) && Filesystem::isReadable($originalSharePath . $path)) {
$originalSharePath = Filesystem::normalizePath($originalSharePath . $path);
$type = \OC\Files\Filesystem::is_dir($originalSharePath) ? 'folder' : 'file';
$args = $type === 'folder' ? array('dir' => $originalSharePath) : array('dir' => dirname($originalSharePath), 'scrollto' => basename($originalSharePath));
$linkToFile = \OCP\Util::linkToAbsolute('files', 'index.php', $args);
$subject = $type === 'folder' ? Activity::SUBJECT_PUBLIC_SHARED_FOLDER_DOWNLOADED : Activity::SUBJECT_PUBLIC_SHARED_FILE_DOWNLOADED;
$this->activityManager->publishActivity('files_sharing', $subject, array($originalSharePath), '', array(), $originalSharePath, $linkToFile, $linkItem['uid_owner'], Activity::TYPE_PUBLIC_LINKS, Activity::PRIORITY_MEDIUM);
}
if (!is_null($files)) {
// download selected files
$files_list = json_decode($files);
// in case we get only a single file
if ($files_list === NULL) {
$files_list = array($files);
}
// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
// after dispatching the request which results in a "Cannot modify header information" notice.
OC_Files::get($originalSharePath, $files_list, $_SERVER['REQUEST_METHOD'] == 'HEAD');
exit;
} else {
// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
// after dispatching the request which results in a "Cannot modify header information" notice.
OC_Files::get(dirname($originalSharePath), basename($originalSharePath), $_SERVER['REQUEST_METHOD'] == 'HEAD');
exit;
}
}
/**
* @PublicPage
* @NoCSRFRequired
*
* @param string $token
* @param string $files
* @param string $path
* @return void|RedirectResponse
*/
public function downloadShare($token, $files = null, $path = '')
{
\OC_User::setIncognitoMode(true);
$linkItem = OCP\Share::getShareByToken($token, false);
// Share is password protected - check whether the user is permitted to access the share
if (isset($linkItem['share_with'])) {
if (!Helper::authenticate($linkItem)) {
return new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.authenticate', array('token' => $token)));
}
}
$files_list = null;
if (!is_null($files)) {
// download selected files
$files_list = json_decode($files);
// in case we get only a single file
if ($files_list === null) {
$files_list = array($files);
}
}
$originalSharePath = self::getPath($token);
// Create the activities
if (isset($originalSharePath) && Filesystem::isReadable($originalSharePath . $path)) {
$originalSharePath = Filesystem::normalizePath($originalSharePath . $path);
$isDir = \OC\Files\Filesystem::is_dir($originalSharePath);
$activities = [];
if (!$isDir) {
// Single file public share
$activities[$originalSharePath] = Activity::SUBJECT_PUBLIC_SHARED_FILE_DOWNLOADED;
} else {
if (!empty($files_list)) {
// Only some files are downloaded
foreach ($files_list as $file) {
$filePath = Filesystem::normalizePath($originalSharePath . '/' . $file);
$isDir = \OC\Files\Filesystem::is_dir($filePath);
$activities[$filePath] = $isDir ? Activity::SUBJECT_PUBLIC_SHARED_FOLDER_DOWNLOADED : Activity::SUBJECT_PUBLIC_SHARED_FILE_DOWNLOADED;
}
} else {
// The folder is downloaded
$activities[$originalSharePath] = Activity::SUBJECT_PUBLIC_SHARED_FOLDER_DOWNLOADED;
}
}
foreach ($activities as $filePath => $subject) {
$this->activityManager->publishActivity('files_sharing', $subject, array($filePath), '', array(), $filePath, '', $linkItem['uid_owner'], Activity::TYPE_PUBLIC_LINKS, Activity::PRIORITY_MEDIUM);
}
}
// download selected files
if (!is_null($files)) {
// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
// after dispatching the request which results in a "Cannot modify header information" notice.
OC_Files::get($originalSharePath, $files_list, $_SERVER['REQUEST_METHOD'] == 'HEAD');
exit;
} else {
// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
// after dispatching the request which results in a "Cannot modify header information" notice.
OC_Files::get(dirname($originalSharePath), basename($originalSharePath), $_SERVER['REQUEST_METHOD'] == 'HEAD');
exit;
}
}
protected function tearDown()
{
\OC_Util::tearDownFS();
\OC_User::setUserId('');
Filesystem::tearDown();
$user = \OC::$server->getUserManager()->get($this->user);
if ($user !== null) {
$user->delete();
}
\OC_User::setIncognitoMode(false);
\OC::$server->getSession()->set('public_link_authenticated', '');
// Set old user
\OC_User::setUserId($this->oldUser);
\OC_Util::setupFS($this->oldUser);
parent::tearDown();
}
public static function init()
{
// calculate the root directories
OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4));
// register autoloader
$loaderStart = microtime(true);
require_once __DIR__ . '/autoloader.php';
self::$loader = new \OC\Autoloader([OC::$SERVERROOT . '/lib/private/legacy']);
if (defined('PHPUNIT_RUN')) {
self::$loader->addValidRoot(OC::$SERVERROOT . '/tests');
}
spl_autoload_register(array(self::$loader, 'load'));
$loaderEnd = microtime(true);
self::$CLI = php_sapi_name() == 'cli';
// Add default composer PSR-4 autoloader
self::$composerAutoloader = (require_once OC::$SERVERROOT . '/lib/composer/autoload.php');
try {
self::initPaths();
// setup 3rdparty autoloader
$vendorAutoLoad = OC::$SERVERROOT . '/3rdparty/autoload.php';
if (!file_exists($vendorAutoLoad)) {
throw new \RuntimeException('Composer autoloader not found, unable to continue. Check the folder "3rdparty". Running "git submodule update --init" will initialize the git submodule that handles the subfolder "3rdparty".');
}
require_once $vendorAutoLoad;
} catch (\RuntimeException $e) {
if (!self::$CLI) {
OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
}
// we can't use the template error page here, because this needs the
// DI container which isn't available yet
print $e->getMessage();
exit;
}
// setup the basic server
self::$server = new \OC\Server(\OC::$WEBROOT, self::$config);
\OC::$server->getEventLogger()->log('autoloader', 'Autoloader', $loaderStart, $loaderEnd);
\OC::$server->getEventLogger()->start('boot', 'Initialize');
// Don't display errors and log them
error_reporting(E_ALL | E_STRICT);
@ini_set('display_errors', 0);
@ini_set('log_errors', 1);
date_default_timezone_set('UTC');
//try to configure php to enable big file uploads.
//this doesn´t work always depending on the webserver and php configuration.
//Let´s try to overwrite some defaults anyway
//try to set the maximum execution time to 60min
@set_time_limit(3600);
@ini_set('max_execution_time', 3600);
@ini_set('max_input_time', 3600);
//try to set the maximum filesize to 10G
@ini_set('upload_max_filesize', '10G');
@ini_set('post_max_size', '10G');
@ini_set('file_uploads', '50');
self::setRequiredIniValues();
self::handleAuthHeaders();
self::registerAutoloaderCache();
// initialize intl fallback is necessary
\Patchwork\Utf8\Bootup::initIntl();
OC_Util::isSetLocaleWorking();
if (!defined('PHPUNIT_RUN')) {
OC\Log\ErrorHandler::setLogger(\OC::$server->getLogger());
$debug = \OC::$server->getConfig()->getSystemValue('debug', false);
OC\Log\ErrorHandler::register($debug);
}
// register the stream wrappers
stream_wrapper_register('fakedir', 'OC\\Files\\Stream\\Dir');
stream_wrapper_register('static', 'OC\\Files\\Stream\\StaticStream');
stream_wrapper_register('close', 'OC\\Files\\Stream\\Close');
stream_wrapper_register('quota', 'OC\\Files\\Stream\\Quota');
stream_wrapper_register('oc', 'OC\\Files\\Stream\\OC');
\OC::$server->getEventLogger()->start('init_session', 'Initialize session');
OC_App::loadApps(array('session'));
if (!self::$CLI) {
self::initSession();
}
\OC::$server->getEventLogger()->end('init_session');
self::checkConfig();
self::checkInstalled();
OC_Response::addSecurityHeaders();
if (self::$server->getRequest()->getServerProtocol() === 'https') {
ini_set('session.cookie_secure', true);
}
if (!defined('OC_CONSOLE')) {
$errors = OC_Util::checkServer(\OC::$server->getConfig());
if (count($errors) > 0) {
if (self::$CLI) {
// Convert l10n string into regular string for usage in database
$staticErrors = [];
foreach ($errors as $error) {
echo $error['error'] . "\n";
echo $error['hint'] . "\n\n";
$staticErrors[] = ['error' => (string) $error['error'], 'hint' => (string) $error['hint']];
}
try {
\OC::$server->getConfig()->setAppValue('core', 'cronErrors', json_encode($staticErrors));
} catch (\Exception $e) {
echo 'Writing to database failed';
}
exit(1);
} else {
OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
OC_Template::printGuestPage('', 'error', array('errors' => $errors));
exit;
}
} elseif (self::$CLI && \OC::$server->getConfig()->getSystemValue('installed', false)) {
\OC::$server->getConfig()->deleteAppValue('core', 'cronErrors');
}
}
//try to set the session lifetime
$sessionLifeTime = self::getSessionLifeTime();
@ini_set('gc_maxlifetime', (string) $sessionLifeTime);
$systemConfig = \OC::$server->getSystemConfig();
// User and Groups
if (!$systemConfig->getValue("installed", false)) {
self::$server->getSession()->set('user_id', '');
}
OC_User::useBackend(new \OC\User\Database());
OC_Group::useBackend(new \OC\Group\Database());
// Subscribe to the hook
\OCP\Util::connectHook('\\OCA\\Files_Sharing\\API\\Server2Server', 'preLoginNameUsedAsUserName', '\\OC\\User\\Database', 'preLoginNameUsedAsUserName');
//setup extra user backends
if (!self::checkUpgrade(false)) {
OC_User::setupBackends();
} else {
// Run upgrades in incognito mode
OC_User::setIncognitoMode(true);
}
self::registerCacheHooks();
self::registerFilesystemHooks();
if ($systemConfig->getValue('enable_previews', true)) {
self::registerPreviewHooks();
}
self::registerShareHooks();
self::registerLogRotate();
self::registerEncryptionWrapper();
self::registerEncryptionHooks();
//make sure temporary files are cleaned up
$tmpManager = \OC::$server->getTempManager();
register_shutdown_function(array($tmpManager, 'clean'));
$lockProvider = \OC::$server->getLockingProvider();
register_shutdown_function(array($lockProvider, 'releaseAll'));
// Check whether the sample configuration has been copied
if ($systemConfig->getValue('copied_sample_config', false)) {
$l = \OC::$server->getL10N('lib');
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
OC_Template::printErrorPage($l->t('Sample configuration detected'), $l->t('It has been detected that the sample configuration has been copied. This can break your installation and is unsupported. Please read the documentation before performing changes on config.php'));
return;
}
$request = \OC::$server->getRequest();
$host = $request->getInsecureServerHost();
/**
* if the host passed in headers isn't trusted
* FIXME: Should not be in here at all :see_no_evil:
*/
if (!OC::$CLI && self::$server->getConfig()->getSystemValue('overwritehost') === '' && !\OC::$server->getTrustedDomainHelper()->isTrustedDomain($host) && self::$server->getConfig()->getSystemValue('installed', false)) {
header('HTTP/1.1 400 Bad Request');
header('Status: 400 Bad Request');
\OC::$server->getLogger()->warning('Trusted domain error. "{remoteAddress}" tried to access using "{host}" as host.', ['app' => 'core', 'remoteAddress' => $request->getRemoteAddress(), 'host' => $host]);
$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
$tmpl->assign('domain', $host);
$tmpl->printPage();
exit;
}
\OC::$server->getEventLogger()->end('boot');
}
/**
* @PublicPage
* @NoCSRFRequired
*
* @param string $token
* @param string $files
* @param string $path
* @param string $downloadStartSecret
* @return void|RedirectResponse
*/
public function downloadShare($token, $files = null, $path = '', $downloadStartSecret = '')
{
\OC_User::setIncognitoMode(true);
$share = $this->shareManager->getShareByToken($token);
// Share is password protected - check whether the user is permitted to access the share
if ($share->getPassword() !== null && !$this->linkShareAuth($share)) {
return new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.authenticate', ['token' => $token]));
}
$files_list = null;
if (!is_null($files)) {
// download selected files
$files_list = json_decode($files);
// in case we get only a single file
if ($files_list === null) {
$files_list = [$files];
}
}
$userFolder = $this->rootFolder->getUserFolder($share->getShareOwner()->getUID());
$originalSharePath = $userFolder->getRelativePath($share->getNode()->getPath());
// Single file share
if ($share->getNode() instanceof \OCP\Files\File) {
// Single file download
$event = $this->activityManager->generateEvent();
$event->setApp('files_sharing')->setType(Activity::TYPE_PUBLIC_LINKS)->setSubject(Activity::SUBJECT_PUBLIC_SHARED_FILE_DOWNLOADED, [$userFolder->getRelativePath($share->getNode()->getPath())])->setAffectedUser($share->getShareOwner()->getUID())->setObject('files', $share->getNode()->getId(), $userFolder->getRelativePath($share->getNode()->getPath()));
$this->activityManager->publish($event);
} else {
/** @var \OCP\Files\Folder $node */
$node = $share->getNode();
// Try to get the path
if ($path !== '') {
try {
$node = $node->get($path);
} catch (NotFoundException $e) {
return new NotFoundResponse();
}
}
$originalSharePath = $userFolder->getRelativePath($node->getPath());
if ($node instanceof \OCP\Files\File) {
// Single file download
$event = $this->activityManager->generateEvent();
$event->setApp('files_sharing')->setType(Activity::TYPE_PUBLIC_LINKS)->setSubject(Activity::SUBJECT_PUBLIC_SHARED_FILE_DOWNLOADED, [$userFolder->getRelativePath($node->getPath())])->setAffectedUser($share->getShareOwner()->getUID())->setObject('files', $node->getId(), $userFolder->getRelativePath($node->getPath()));
$this->activityManager->publish($event);
} else {
if (!empty($files_list)) {
/** @var \OCP\Files\Folder $node */
// Subset of files is downloaded
foreach ($files_list as $file) {
$subNode = $node->get($file);
$event = $this->activityManager->generateEvent();
$event->setApp('files_sharing')->setType(Activity::TYPE_PUBLIC_LINKS)->setAffectedUser($share->getShareOwner()->getUID())->setObject('files', $subNode->getId(), $userFolder->getRelativePath($subNode->getPath()));
if ($subNode instanceof \OCP\Files\File) {
$event->setSubject(Activity::SUBJECT_PUBLIC_SHARED_FILE_DOWNLOADED, [$userFolder->getRelativePath($subNode->getPath())]);
} else {
$event->setSubject(Activity::SUBJECT_PUBLIC_SHARED_FOLDER_DOWNLOADED, [$userFolder->getRelativePath($subNode->getPath())]);
}
$this->activityManager->publish($event);
}
} else {
// The folder is downloaded
$event = $this->activityManager->generateEvent();
$event->setApp('files_sharing')->setType(Activity::TYPE_PUBLIC_LINKS)->setSubject(Activity::SUBJECT_PUBLIC_SHARED_FOLDER_DOWNLOADED, [$userFolder->getRelativePath($node->getPath())])->setAffectedUser($share->getShareOwner()->getUID())->setObject('files', $node->getId(), $userFolder->getRelativePath($node->getPath()));
$this->activityManager->publish($event);
}
}
}
/* FIXME: We should do this all nicely in OCP */
OC_Util::tearDownFS();
OC_Util::setupFS($share->getShareOwner()->getUID());
/**
* this sets a cookie to be able to recognize the start of the download
* the content must not be longer than 32 characters and must only contain
* alphanumeric characters
*/
if (!empty($downloadStartSecret) && !isset($downloadStartSecret[32]) && preg_match('!^[a-zA-Z0-9]+$!', $downloadStartSecret) === 1) {
// FIXME: set on the response once we use an actual app framework response
setcookie('ocDownloadStarted', $downloadStartSecret, time() + 20, '/');
}
// download selected files
if (!is_null($files)) {
// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
// after dispatching the request which results in a "Cannot modify header information" notice.
OC_Files::get($originalSharePath, $files_list, $_SERVER['REQUEST_METHOD'] == 'HEAD');
exit;
} else {
// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
// after dispatching the request which results in a "Cannot modify header information" notice.
OC_Files::get(dirname($originalSharePath), basename($originalSharePath), $_SERVER['REQUEST_METHOD'] == 'HEAD');
exit;
}
}
/**
* Validates a token to make sure its linked to a valid resource
*
* Uses Share 2.0
*
* @fixme setIncognitoMode in 8.1 https://github.com/owncloud/core/pull/12912
*
* @param string $token
*
* @throws CheckException
* @return IShare
*/
private function getShare($token)
{
// Allows a logged in user to access public links
\OC_User::setIncognitoMode(true);
try {
$share = $this->shareManager->getShareByToken($token);
} catch (ShareNotFound $e) {
throw new CheckException($e->getMessage(), Http::STATUS_NOT_FOUND);
}
$this->checkShareIsValid($share, $token);
$this->checkItemType($share);
return $share;
}
/**
* Validates a token to make sure its linked to a valid resource
*
* Logic mostly duplicated from @see \OCA\Files_Sharing\Helper
*
* @fixme setIncognitoMode in 8.1 https://github.com/owncloud/core/pull/12912
*
* @param string $token
*
* @return array
*
* @throws CheckException
*/
private function getLinkItem($token)
{
// Allows a logged in user to access public links
\OC_User::setIncognitoMode(true);
$linkItem = Share::getShareByToken($token, false);
$this->checkLinkItemExists($linkItem);
$this->checkLinkItemIsValid($linkItem, $token);
$this->checkItemType($linkItem);
// Checks passed, let's store the linkItem
return $linkItem;
}
