/** * @param String $shareId * @param array $shareMeta * @param AJXP_Node $node * @throws Exception * @return array|bool */ public function shareToJson($shareId, $shareMeta, $node = null) { $messages = ConfService::getMessages(); $jsonData = array(); $elementWatch = false; if ($shareMeta["type"] == "file") { require_once "class.LegacyPubliclet.php"; $jsonData = LegacyPubliclet::publicletToJson($shareId, $shareMeta, $this->getShareStore(), $this->getPublicAccessManager(), $this->watcher, $node); } else { if ($shareMeta["type"] == "minisite" || $shareMeta["type"] == "repository") { $repoId = $shareId; if (strpos($repoId, "repo-") === 0) { // Legacy $repoId = str_replace("repo-", "", $repoId); $shareMeta["type"] = "repository"; } $minisite = $shareMeta["type"] == "minisite"; if ($minisite) { $shareLink = $this->getShareStore()->loadShareObject($shareId); $repoId = $shareLink->getRepositoryId(); } $notExistsData = array("error" => true, "repositoryId" => $repoId, "users_number" => 0, "label" => "Error - Cannot find shared data", "description" => "Cannot find repository", "entries" => array(), "element_watch" => false, "repository_url" => ""); $repo = ConfService::getRepositoryById($repoId); if ($repoId == null || $repo == null && $node != null) { if ($minisite) { $this->getShareStore()->getMetaManager()->removeShareFromMeta($node, $shareId); } return $notExistsData; } try { $this->getShareStore()->testUserCanEditShare($repo->getOwner(), $repo->options); } catch (Exception $e) { $notExistsData["label"] = $e->getMessage(); return $notExistsData; } if ($this->watcher != false && $node != null) { $elementWatch = $this->watcher->hasWatchOnNode(new AJXP_Node("pydio://" . $repoId . "/"), AuthService::getLoggedUser()->getId(), MetaWatchRegister::$META_WATCH_NAMESPACE); } if ($node != null) { $sharedEntries = $this->getRightsManager()->computeSharedRepositoryAccessRights($repoId, true, new AJXP_Node("pydio://" . $repoId . "/")); } else { $sharedEntries = $this->getRightsManager()->computeSharedRepositoryAccessRights($repoId, true, null); } if (empty($sharedEntries) && $minisite) { $this->getShareStore()->getMetaManager()->removeShareFromMeta($node, $shareId); return $notExistsData; } $cFilter = $repo->getContentFilter(); if (!empty($cFilter)) { $cFilter = $cFilter->toArray(); } $jsonData = array("repositoryId" => $repoId, "users_number" => AuthService::countUsersForRepository($repoId), "label" => $repo->getDisplay(), "description" => $repo->getDescription(), "entries" => $sharedEntries, "element_watch" => $elementWatch, "repository_url" => AJXP_Utils::getWorkspaceShortcutURL($repo) . "/", "content_filter" => $cFilter, "share_owner" => $repo->getOwner(), "share_scope" => isset($repo->options["SHARE_ACCESS"]) ? $repo->options["SHARE_ACCESS"] : "private"); if ($minisite && isset($shareLink)) { $shareLink->setAdditionalMeta($shareMeta); $jsonData["minisite"] = $shareLink->getJsonData($this->getPublicAccessManager(), $messages); } } } return $jsonData; }
/** * @param string $repoId * @param array $newUsers * @param array $newGroups * @param AJXP_Node|null $watcherNode */ public function unregisterRemovedUsers($repoId, $newUsers, $newGroups, $watcherNode = null) { $confDriver = ConfService::getConfStorageImpl(); $currentRights = $this->computeSharedRepositoryAccessRights($repoId, false, $watcherNode); $originalUsers = array_keys($currentRights["USERS"]); $removeUsers = array_diff($originalUsers, array_keys($newUsers)); if (count($removeUsers)) { foreach ($removeUsers as $user) { if (AuthService::userExists($user)) { $userObject = $confDriver->createUserObject($user); $userObject->personalRole->setAcl($repoId, ""); $userObject->save("superuser"); } if ($this->watcher !== false && $watcherNode !== null) { $this->watcher->removeWatchFromFolder($watcherNode, $user, true); } } } $originalGroups = array_keys($currentRights["GROUPS"]); $removeGroups = array_diff($originalGroups, array_keys($newGroups)); if (count($removeGroups)) { foreach ($removeGroups as $groupId) { $role = AuthService::getRole($groupId); if ($role !== false) { $role->setAcl($repoId, ""); AuthService::updateRole($role); } } } }
/** * @param string $shareId * @param ShareStore $shareStore * @param PublicAccessManager $publicAccessManager * @param MetaWatchRegister|null $watcher * @return array|false * @throws Exception */ public static function publicletToJson($shareId, $shareMeta, $shareStore, $publicAccessManager, $watcher, $node) { $messages = ConfService::getMessages(); $elementWatch = false; $pData = $shareStore->loadShare($shareId); if (!count($pData)) { return false; } foreach ($shareStore->modifiableShareKeys as $key) { if (isset($pData[$key])) { $shareMeta[$key] = $pData[$key]; } } if ($pData["OWNER_ID"] != AuthService::getLoggedUser()->getId() && !AuthService::getLoggedUser()->isAdmin()) { throw new Exception($messages["share_center.48"]); } if (isset($shareMeta["short_form_url"])) { $link = $shareMeta["short_form_url"]; } else { $link = $publicAccessManager->buildPublicLink($shareId); } if ($watcher != false && $node != null) { $result = array(); $elementWatch = $watcher->hasWatchOnNode($node, AuthService::getLoggedUser()->getId(), MetaWatchRegister::$META_WATCH_USERS_NAMESPACE, $result); if ($elementWatch && !in_array($shareId, $result)) { $elementWatch = false; } } $jsonData = array_merge(array("element_id" => $shareId, "publiclet_link" => $link, "download_counter" => $shareStore->getCurrentDownloadCounter($shareId), "download_limit" => $pData["DOWNLOAD_LIMIT"], "expire_time" => $pData["EXPIRE_TIME"] != 0 ? date($messages["date_format"], $pData["EXPIRE_TIME"]) : 0, "has_password" => !empty($pData["PASSWORD"]), "element_watch" => $elementWatch, "is_expired" => $shareStore->isShareExpired($shareId, $pData)), $shareMeta); return $jsonData; }
/** * @param Array $httpVars * @param Repository $repository * @param AbstractAccessDriver $accessDriver * @param null $uniqueUser * @throws Exception * @return int|Repository */ public function createSharedRepository($httpVars, $repository, $accessDriver, $uniqueUser = null) { // ERRORS // 100 : missing args // 101 : repository label already exists // 102 : user already exists // 103 : current user is not allowed to share // SUCCESS // 200 if (!isset($httpVars["repo_label"]) || $httpVars["repo_label"] == "") { return 100; } $foldersharing = $this->getFilteredOption("ENABLE_FOLDER_SHARING", $this->repository->getId()); if (isset($foldersharing) && $foldersharing === false) { return 103; } $loggedUser = AuthService::getLoggedUser(); $actRights = $loggedUser->mergedRole->listActionsStatesFor($repository); if (isset($actRights["share"]) && $actRights["share"] === false) { return 103; } $users = array(); $uRights = array(); $uPasses = array(); $groups = array(); $index = 0; $prefix = $this->getFilteredOption("SHARED_USERS_TMP_PREFIX", $this->repository->getId()); while (isset($httpVars["user_" . $index])) { $eType = $httpVars["entry_type_" . $index]; $rightString = ($httpVars["right_read_" . $index] == "true" ? "r" : "") . ($httpVars["right_write_" . $index] == "true" ? "w" : ""); if ($this->watcher !== false) { $uWatch = $httpVars["right_watch_" . $index] == "true" ? true : false; } if (empty($rightString)) { $index++; continue; } if ($eType == "user") { $u = AJXP_Utils::decodeSecureMagic($httpVars["user_" . $index], AJXP_SANITIZE_EMAILCHARS); if (!AuthService::userExists($u) && !isset($httpVars["user_pass_" . $index])) { $index++; continue; } else { if (AuthService::userExists($u) && isset($httpVars["user_pass_" . $index])) { throw new Exception("User {$u} already exists, please choose another name."); } } if (!AuthService::userExists($u, "r") && !empty($prefix) && strpos($u, $prefix) !== 0) { $u = $prefix . $u; } $users[] = $u; } else { $u = AJXP_Utils::decodeSecureMagic($httpVars["user_" . $index]); if (strpos($u, "/AJXP_TEAM/") === 0) { $confDriver = ConfService::getConfStorageImpl(); if (method_exists($confDriver, "teamIdToUsers")) { $teamUsers = $confDriver->teamIdToUsers(str_replace("/AJXP_TEAM/", "", $u)); foreach ($teamUsers as $userId) { $users[] = $userId; $uRights[$userId] = $rightString; if ($this->watcher !== false) { $uWatches[$userId] = $uWatch; } } } $index++; continue; } else { $groups[] = $u; } } $uRights[$u] = $rightString; $uPasses[$u] = isset($httpVars["user_pass_" . $index]) ? $httpVars["user_pass_" . $index] : ""; if ($this->watcher !== false) { $uWatches[$u] = $uWatch; } $index++; } $label = AJXP_Utils::decodeSecureMagic($httpVars["repo_label"]); $description = AJXP_Utils::decodeSecureMagic($httpVars["repo_description"]); if (isset($httpVars["repository_id"])) { $editingRepo = ConfService::getRepositoryById($httpVars["repository_id"]); } // CHECK USER & REPO DOES NOT ALREADY EXISTS if ($this->getFilteredOption("AVOID_SHARED_FOLDER_SAME_LABEL", $this->repository->getId()) == true) { $repos = ConfService::getRepositoriesList(); foreach ($repos as $obj) { if ($obj->getDisplay() == $label && (!isset($editingRepo) || $editingRepo != $obj)) { return 101; } } } $confDriver = ConfService::getConfStorageImpl(); foreach ($users as $userName) { if (AuthService::userExists($userName)) { // check that it's a child user $userObject = $confDriver->createUserObject($userName); if (ConfService::getCoreConf("ALLOW_CROSSUSERS_SHARING", "conf") != true && (!$userObject->hasParent() || $userObject->getParent() != $loggedUser->id)) { return 102; } } else { if ($httpVars["create_guest_user"] != "true" && !ConfService::getCoreConf("USER_CREATE_USERS", "conf") || AuthService::isReservedUserId($userName)) { return 102; } if (!isset($httpVars["shared_pass"]) || $httpVars["shared_pass"] == "") { return 100; } } } // CREATE SHARED OPTIONS $options = $accessDriver->makeSharedRepositoryOptions($httpVars, $repository); $customData = array(); foreach ($httpVars as $key => $value) { if (substr($key, 0, strlen("PLUGINS_DATA_")) == "PLUGINS_DATA_") { $customData[substr($key, strlen("PLUGINS_DATA_"))] = $value; } } if (count($customData)) { $options["PLUGINS_DATA"] = $customData; } if (isset($editingRepo)) { $newRepo = $editingRepo; if ($editingRepo->getDisplay() != $label) { $newRepo->setDisplay($label); ConfService::replaceRepository($httpVars["repository_id"], $newRepo); } $editingRepo->setDescription($description); } else { if ($repository->getOption("META_SOURCES")) { $options["META_SOURCES"] = $repository->getOption("META_SOURCES"); foreach ($options["META_SOURCES"] as $index => $data) { if (isset($data["USE_SESSION_CREDENTIALS"]) && $data["USE_SESSION_CREDENTIALS"] === true) { $options["META_SOURCES"][$index]["ENCODED_CREDENTIALS"] = AJXP_Safe::getEncodedCredentialString(); } } } $newRepo = $repository->createSharedChild($label, $options, $repository->id, $loggedUser->id, null); $gPath = $loggedUser->getGroupPath(); if (!empty($gPath) && !ConfService::getCoreConf("CROSSUSERS_ALLGROUPS", "conf")) { $newRepo->setGroupPath($gPath); } $newRepo->setDescription($description); ConfService::addRepository($newRepo); } $file = AJXP_Utils::decodeSecureMagic($httpVars["file"]); if (isset($editingRepo)) { $currentRights = $this->computeSharedRepositoryAccessRights($httpVars["repository_id"], false, $this->urlBase . $file); $originalUsers = array_keys($currentRights["USERS"]); $removeUsers = array_diff($originalUsers, $users); if (count($removeUsers)) { foreach ($removeUsers as $user) { if (AuthService::userExists($user)) { $userObject = $confDriver->createUserObject($user); $userObject->personalRole->setAcl($newRepo->getUniqueId(), ""); $userObject->save("superuser"); } } } $originalGroups = array_keys($currentRights["GROUPS"]); $removeGroups = array_diff($originalGroups, $groups); if (count($removeGroups)) { foreach ($removeGroups as $groupId) { $role = AuthService::getRole("AJXP_GRP_" . AuthService::filterBaseGroup($groupId)); if ($role !== false) { $role->setAcl($newRepo->getUniqueId(), ""); AuthService::updateRole($role); } } } } foreach ($users as $userName) { if (AuthService::userExists($userName, "r")) { // check that it's a child user $userObject = $confDriver->createUserObject($userName); } else { if (ConfService::getAuthDriverImpl()->getOption("TRANSMIT_CLEAR_PASS")) { $pass = $uPasses[$userName]; } else { $pass = md5($uPasses[$userName]); } $limit = $loggedUser->personalRole->filterParameterValue("core.conf", "USER_SHARED_USERS_LIMIT", AJXP_REPO_SCOPE_ALL, ""); if (!empty($limit) && intval($limit) > 0) { $count = count(ConfService::getConfStorageImpl()->getUserChildren($loggedUser->getId())); if ($count >= $limit) { $mess = ConfService::getMessages(); throw new Exception($mess['483']); } } AuthService::createUser($userName, $pass); $userObject = $confDriver->createUserObject($userName); $userObject->personalRole->clearAcls(); $userObject->setParent($loggedUser->id); $userObject->setGroupPath($loggedUser->getGroupPath()); $userObject->setProfile("shared"); if (isset($httpVars["minisite"])) { $mess = ConfService::getMessages(); $userObject->personalRole->setParameterValue("core.conf", "USER_DISPLAY_NAME", "[" . $mess["share_center.109"] . "] " . $newRepo->getDisplay()); } AJXP_Controller::applyHook("user.after_create", array($userObject)); } // CREATE USER WITH NEW REPO RIGHTS $userObject->personalRole->setAcl($newRepo->getUniqueId(), $uRights[$userName]); if (isset($httpVars["minisite"])) { $newRole = new AJXP_Role("AJXP_SHARED-" . $newRepo->getUniqueId()); $r = AuthService::getRole("MINISITE"); if (is_a($r, "AJXP_Role")) { if ($httpVars["disable_download"]) { $f = AuthService::getRole("MINISITE_NODOWNLOAD"); if (is_a($f, "AJXP_Role")) { $r = $f->override($r); } } $allData = $r->getDataArray(); $newData = $newRole->getDataArray(); if (isset($allData["ACTIONS"][AJXP_REPO_SCOPE_SHARED])) { $newData["ACTIONS"][$newRepo->getUniqueId()] = $allData["ACTIONS"][AJXP_REPO_SCOPE_SHARED]; } if (isset($allData["PARAMETERS"][AJXP_REPO_SCOPE_SHARED])) { $newData["PARAMETERS"][$newRepo->getUniqueId()] = $allData["PARAMETERS"][AJXP_REPO_SCOPE_SHARED]; } $newRole->bunchUpdate($newData); AuthService::updateRole($newRole); $userObject->addRole($newRole); } } $userObject->save("superuser"); if ($this->watcher !== false) { // Register a watch on the current folder for shared user if ($uWatches[$userName] == "true") { $this->watcher->setWatchOnFolder(new AJXP_Node($this->urlBase . $file), $userName, MetaWatchRegister::$META_WATCH_USERS_CHANGE, array(AuthService::getLoggedUser()->getId())); } else { $this->watcher->removeWatchFromFolder(new AJXP_Node($this->urlBase . $file), $userName, true); } } } if ($this->watcher !== false) { // Register a watch on the new repository root for current user if ($httpVars["self_watch_folder"] == "true") { $this->watcher->setWatchOnFolder(new AJXP_Node($this->baseProtocol . "://" . $newRepo->getUniqueId() . "/"), AuthService::getLoggedUser()->getId(), MetaWatchRegister::$META_WATCH_BOTH); } else { $this->watcher->removeWatchFromFolder(new AJXP_Node($this->baseProtocol . "://" . $newRepo->getUniqueId() . "/"), AuthService::getLoggedUser()->getId()); } } foreach ($groups as $group) { $grRole = AuthService::getRole("AJXP_GRP_" . AuthService::filterBaseGroup($group), true); $grRole->setAcl($newRepo->getUniqueId(), $uRights[$group]); AuthService::updateRole($grRole); } if (array_key_exists("minisite", $httpVars) && $httpVars["minisite"] != true) { AJXP_Controller::applyHook("node.share.create", array('type' => 'repository', 'repository' => &$repository, 'accessDriver' => &$accessDriver, 'new_repository' => &$newRepo)); } return $newRepo; }
/** * @param String $shareId * @param Array $shareData * @param AJXP_Node $node * @throws Exception * @return array|bool */ public function shareToJson($shareId, $shareData, $node = null) { $messages = ConfService::getMessages(); $jsonData = array(); $elementWatch = false; if ($shareData["type"] == "file") { $pData = $this->getShareStore()->loadShare($shareId); if (!count($pData)) { return false; } foreach ($this->getShareStore()->modifiableShareKeys as $key) { if (isset($pData[$key])) { $shareData[$key] = $pData[$key]; } } if ($pData["OWNER_ID"] != AuthService::getLoggedUser()->getId() && !AuthService::getLoggedUser()->isAdmin()) { throw new Exception($messages["share_center.48"]); } if (isset($shareData["short_form_url"])) { $link = $shareData["short_form_url"]; } else { $link = $this->buildPublicletLink($shareId); } if ($this->watcher != false && $node != null) { $result = array(); $elementWatch = $this->watcher->hasWatchOnNode($node, AuthService::getLoggedUser()->getId(), MetaWatchRegister::$META_WATCH_USERS_NAMESPACE, $result); if ($elementWatch && !in_array($shareId, $result)) { $elementWatch = false; } } $jsonData = array_merge(array("element_id" => $shareId, "publiclet_link" => $link, "download_counter" => $this->getShareStore()->getCurrentDownloadCounter($shareId), "download_limit" => $pData["DOWNLOAD_LIMIT"], "expire_time" => $pData["EXPIRE_TIME"] != 0 ? date($messages["date_format"], $pData["EXPIRE_TIME"]) : 0, "has_password" => !empty($pData["PASSWORD"]), "element_watch" => $elementWatch, "is_expired" => $this->shareStore->isShareExpired($shareId, $pData)), $shareData); } else { if ($shareData["type"] == "minisite" || $shareData["type"] == "repository") { $repoId = $shareId; if (strpos($repoId, "repo-") === 0) { // Legacy $repoId = str_replace("repo-", "", $repoId); $shareData["type"] = "repository"; } $minisite = $shareData["type"] == "minisite"; $minisiteIsPublic = false; $dlDisabled = false; $minisiteLink = ''; if ($minisite) { $minisiteData = $this->getShareStore()->loadShare($shareId); $repoId = $minisiteData["REPOSITORY"]; $minisiteIsPublic = isset($minisiteData["PRELOG_USER"]); $dlDisabled = isset($minisiteData["DOWNLOAD_DISABLED"]) && $minisiteData["DOWNLOAD_DISABLED"] === true; if (isset($shareData["short_form_url"])) { $minisiteLink = $shareData["short_form_url"]; } else { $minisiteLink = $this->buildPublicletLink($shareId); } } $notExistsData = array("error" => true, "repositoryId" => $repoId, "users_number" => 0, "label" => "Error - Cannot find shared data", "description" => "Cannot find repository", "entries" => array(), "element_watch" => false, "repository_url" => ""); $repo = ConfService::getRepositoryById($repoId); if ($repoId == null || $repo == null && $node != null) { if ($minisite) { $this->removeShareFromMeta($node, $shareId); } return $notExistsData; } else { if (!AuthService::getLoggedUser()->isAdmin() && $repo->getOwner() != AuthService::getLoggedUser()->getId()) { return $notExistsData; } } if ($this->watcher != false && $node != null) { $elementWatch = $this->watcher->hasWatchOnNode(new AJXP_Node($this->baseProtocol . "://" . $repoId . "/"), AuthService::getLoggedUser()->getId(), MetaWatchRegister::$META_WATCH_NAMESPACE); } if ($node != null) { $sharedEntries = $this->computeSharedRepositoryAccessRights($repoId, true, $node->getUrl()); } else { $sharedEntries = $this->computeSharedRepositoryAccessRights($repoId, true, null); } $cFilter = $repo->getContentFilter(); if (!empty($cFilter)) { $cFilter = $cFilter->toArray(); } $jsonData = array("repositoryId" => $repoId, "users_number" => AuthService::countUsersForRepository($repoId), "label" => $repo->getDisplay(), "description" => $repo->getDescription(), "entries" => $sharedEntries, "element_watch" => $elementWatch, "repository_url" => AJXP_Utils::detectServerURL(true) . "?goto=" . $repo->getSlug() . "/", "content_filter" => $cFilter); if (isset($minisiteData)) { if (!empty($minisiteData["DOWNLOAD_LIMIT"]) && !$dlDisabled) { $jsonData["download_counter"] = $this->getShareStore()->getCurrentDownloadCounter($shareId); $jsonData["download_limit"] = $minisiteData["DOWNLOAD_LIMIT"]; } if (!empty($minisiteData["EXPIRE_TIME"])) { $delta = $minisiteData["EXPIRE_TIME"] - time(); $days = round($delta / (60 * 60 * 24)); $jsonData["expire_time"] = date($messages["date_format"], $minisiteData["EXPIRE_TIME"]); $jsonData["expire_after"] = $days; } else { $jsonData["expire_after"] = 0; } $jsonData["is_expired"] = $this->shareStore->isShareExpired($shareId, $minisiteData); if (isset($minisiteData["AJXP_TEMPLATE_NAME"])) { $jsonData["minisite_layout"] = $minisiteData["AJXP_TEMPLATE_NAME"]; } if (!$minisiteIsPublic) { $jsonData["has_password"] = true; } $jsonData["minisite"] = array("public" => $minisiteIsPublic ? "true" : "false", "public_link" => $minisiteLink, "disable_download" => $dlDisabled, "hash" => $shareId, "hash_is_shorten" => isset($shareData["short_form_url"])); foreach ($this->getShareStore()->modifiableShareKeys as $key) { if (isset($minisiteData[$key])) { $jsonData[$key] = $minisiteData[$key]; } } } } } return $jsonData; }
/** * @param MetaWatchRegister|false $watcher * @param ShareRightsManager $rightsManager * @param PublicAccessManager $publicAccessManager * @param array $messages * @return array|false */ public function toJson($watcher, $rightsManager, $publicAccessManager, $messages) { $repoRootNode = new AJXP_Node("pydio://" . $this->getRepositoryId() . "/"); $elementWatch = false; if ($watcher != false) { $elementWatch = $watcher->hasWatchOnNode($repoRootNode, AuthService::getLoggedUser()->getId(), MetaWatchRegister::$META_WATCH_NAMESPACE); } $sharedEntries = $rightsManager->computeSharedRepositoryAccessRights($this->getRepositoryId(), true, $repoRootNode); if (empty($sharedEntries)) { return false; } $cFilter = $this->getRepository()->getContentFilter(); if (!empty($cFilter)) { $cFilter = $cFilter->toArray(); } $jsonData = array("repositoryId" => $this->getRepositoryId(), "users_number" => AuthService::countUsersForRepository($this->getRepositoryId()), "label" => $this->getRepository()->getDisplay(), "description" => $this->getRepository()->getDescription(), "entries" => $sharedEntries, "element_watch" => $elementWatch, "repository_url" => AJXP_Utils::getWorkspaceShortcutURL($this->getRepository()) . "/", "content_filter" => $cFilter, "share_owner" => $this->getOwner(), "share_scope" => $this->getVisibilityScope()); $jsonData["links"] = array(); foreach ($this->shareLinks as $shareLink) { $uniqueUser = $shareLink->getUniqueUser(); $found = false; foreach ($sharedEntries as $entry) { if ($entry["ID"] == $uniqueUser) { $found = true; } } if (!$found) { // STRANGE, THE ASSOCIATED USER IS MISSING error_log("Found shareLink orphan with uniqueUser " . $uniqueUser); continue; } $jsonData["links"][$shareLink->getHash()] = $shareLink->getJsonData($publicAccessManager, $messages); } return $jsonData; }