public function testCreatePublicLinkExpireDateInvalidPast() { $config = \OC::$server->getConfig(); $date = new \DateTime(); $date->sub(new \DateInterval('P8D')); $_POST['path'] = $this->folder; $_POST['shareType'] = \OCP\Share::SHARE_TYPE_LINK; $_POST['expireDate'] = $date->format('Y-m-d'); $result = \OCA\Files_Sharing\API\Local::createShare([]); $this->assertFalse($result->succeeded()); $this->assertEquals(404, $result->getStatusCode()); $this->assertEquals('Cannot set expiration date. Expiration date is in the past', $result->getMeta()['message']); $config->setAppValue('core', 'shareapi_default_expire_date', 'no'); $config->setAppValue('core', 'shareapi_enforce_expire_date', 'no'); }
public function createShare($params) { return \OCA\Files_Sharing\API\Local::createShare($params); }
/** * @return \OC_OCS_Result */ public function createShare() { $share = $this->shareManager->newShare(); // Verify path $path = $this->request->getParam('path', null); if ($path === null) { return new \OC_OCS_Result(null, 404, 'please specify a file or folder path'); } $userFolder = $this->rootFolder->getUserFolder($this->currentUser->getUID()); try { $path = $userFolder->get($path); } catch (\OCP\Files\NotFoundException $e) { return new \OC_OCS_Result(null, 404, 'wrong path, file/folder doesn\'t exist'); } $share->setPath($path); // Parse permissions (if available) $permissions = $this->request->getParam('permissions', null); if ($permissions === null) { $permissions = \OCP\Constants::PERMISSION_ALL; } else { $permissions = (int) $permissions; } if ($permissions < 0 || $permissions > \OCP\Constants::PERMISSION_ALL) { return new \OC_OCS_Result(null, 404, 'invalid permissions'); } // Shares always require read permissions $permissions |= \OCP\Constants::PERMISSION_READ; if ($path instanceof \OCP\Files\File) { // Single file shares should never have delete or create permissions $permissions &= ~\OCP\Constants::PERMISSION_DELETE; $permissions &= ~\OCP\Constants::PERMISSION_CREATE; } $shareWith = $this->request->getParam('shareWith', null); $shareType = (int) $this->request->getParam('shareType', '-1'); if ($shareType === \OCP\Share::SHARE_TYPE_USER) { // Valid user is required to share if ($shareWith === null || !$this->userManager->userExists($shareWith)) { return new \OC_OCS_Result(null, 404, 'please specify a valid user'); } $share->setSharedWith($this->userManager->get($shareWith)); $share->setPermissions($permissions); } else { if ($shareType === \OCP\Share::SHARE_TYPE_GROUP) { // Valid group is required to share if ($shareWith === null || !$this->groupManager->groupExists($shareWith)) { return new \OC_OCS_Result(null, 404, 'please specify a valid group'); } $share->setSharedWith($this->groupManager->get($shareWith)); $share->setPermissions($permissions); } else { if ($shareType === \OCP\Share::SHARE_TYPE_LINK) { //Can we even share links? if (!$this->shareManager->shareApiAllowLinks()) { return new \OC_OCS_Result(null, 404, 'public link sharing is disabled by the administrator'); } $publicUpload = $this->request->getParam('publicUpload', null); if ($publicUpload === 'true') { // Check if public upload is allowed if (!$this->shareManager->shareApiLinkAllowPublicUpload()) { return new \OC_OCS_Result(null, 403, '"public upload disabled by the administrator'); } // Public upload can only be set for folders if ($path instanceof \OCP\Files\File) { return new \OC_OCS_Result(null, 404, '"public upload is only possible for public shared folders'); } $share->setPermissions(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE); } else { $share->setPermissions(\OCP\Constants::PERMISSION_READ); } // Set password $share->setPassword($this->request->getParam('password', null)); //Expire date $expireDate = $this->request->getParam('expireDate', null); if ($expireDate !== null) { try { $expireDate = $this->parseDate($expireDate); $share->setExpirationDate($expireDate); } catch (\Exception $e) { return new \OC_OCS_Result(null, 404, 'Invalid Date. Format must be YYYY-MM-DD.'); } } } else { if ($shareType === \OCP\Share::SHARE_TYPE_REMOTE) { //fixme Remote shares are handled by old code path for now return \OCA\Files_Sharing\API\Local::createShare([]); } else { return new \OC_OCS_Result(null, 400, "unknown share type"); } } } } $share->setShareType($shareType); $share->setSharedBy($this->currentUser); try { $share = $this->shareManager->createShare($share); } catch (\OC\HintException $e) { $code = $e->getCode() === 0 ? 403 : $e->getCode(); return new \OC_OCS_Result(null, $code, $e->getHint()); } catch (\Exception $e) { return new \OC_OCS_Result(null, 403, $e->getMessage()); } $share = $this->formatShare($share); return new \OC_OCS_Result($share); }
/** * @medium */ function testSharePermissions() { // sharing file to a user should work if shareapi_exclude_groups is set // to no \OC::$server->getAppConfig()->setValue('core', 'shareapi_exclude_groups', 'no'); $_POST['path'] = $this->filename; $_POST['shareWith'] = \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2; $_POST['shareType'] = \OCP\Share::SHARE_TYPE_USER; $result = \OCA\Files_Sharing\API\Local::createShare(array()); $this->assertTrue($result->succeeded()); $data = $result->getData(); $share = $this->getShareFromId($data['id']); $items = \OCP\Share::getItemShared('file', $share['item_source']); $this->assertTrue(!empty($items)); $fileinfo = $this->view->getFileInfo($this->filename); $result = \OCP\Share::unshare('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2); $this->assertTrue($result); // exclude groups, but not the group the user belongs to. Sharing should still work \OC::$server->getAppConfig()->setValue('core', 'shareapi_exclude_groups', 'yes'); \OC::$server->getAppConfig()->setValue('core', 'shareapi_exclude_groups_list', 'admin,group1,group2'); $_POST['path'] = $this->filename; $_POST['shareWith'] = \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2; $_POST['shareType'] = \OCP\Share::SHARE_TYPE_USER; $result = \OCA\Files_Sharing\API\Local::createShare(array()); $this->assertTrue($result->succeeded()); $data = $result->getData(); $share = $this->getShareFromId($data['id']); $items = \OCP\Share::getItemShared('file', $share['item_source']); $this->assertTrue(!empty($items)); $fileinfo = $this->view->getFileInfo($this->filename); $result = \OCP\Share::unshare('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2); $this->assertTrue($result); // now we exclude the group the user belongs to ('group'), sharing should fail now \OC::$server->getAppConfig()->setValue('core', 'shareapi_exclude_groups_list', 'admin,group'); $_POST['path'] = $this->filename; $_POST['shareWith'] = \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2; $_POST['shareType'] = \OCP\Share::SHARE_TYPE_USER; $result = \OCA\Files_Sharing\API\Local::createShare(array()); $this->assertFalse($result->succeeded()); // cleanup \OC::$server->getAppConfig()->setValue('core', 'shareapi_exclude_groups', 'no'); \OC::$server->getAppConfig()->setValue('core', 'shareapi_exclude_groups_list', ''); }
/** * @medium * @depends testCreateShare */ function testPublicLinkUrl() { // simulate a post request $_POST['path'] = $this->folder; $_POST['shareType'] = \OCP\Share::SHARE_TYPE_LINK; $result = \OCA\Files_Sharing\API\Local::createShare([]); $this->assertTrue($result->succeeded()); $data = $result->getData(); // check if we have a token $this->assertTrue(is_string($data['token'])); $id = $data['id']; // check for correct link $url = \OC::$server->getURLGenerator()->getAbsoluteURL('/index.php/s/' . $data['token']); $this->assertEquals($url, $data['url']); // check for link in getall shares $result = \OCA\Files_Sharing\API\Local::getAllShares([]); $this->assertTrue($result->succeeded()); $data = $result->getData(); $this->assertEquals($url, current($data)['url']); // check for path $_GET['path'] = $this->folder; $result = \OCA\Files_Sharing\API\Local::getAllShares([]); $this->assertTrue($result->succeeded()); $data = $result->getData(); $this->assertEquals($url, current($data)['url']); // check in share id $result = \OCA\Files_Sharing\API\Local::getShare(['id' => $id]); $this->assertTrue($result->succeeded()); $data = $result->getData(); $this->assertEquals($url, current($data)['url']); //Clean up share $fileinfo = $this->view->getFileInfo($this->folder); \OCP\Share::unshare('folder', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_LINK, null); }