/**
* Background scanner main job
* @return null
*/
public function run()
{
if (!$this->initFS()) {
return;
}
// locate files that are not checked yet
$dirMimetypeId = \OC::$server->getMimeTypeLoader()->getId('httpd/unix-directory');
$sql = 'SELECT `*PREFIX*filecache`.`fileid`, `*PREFIX*storages`.*' . ' FROM `*PREFIX*filecache`' . ' LEFT JOIN `*PREFIX*files_antivirus` ON `*PREFIX*files_antivirus`.`fileid` = `*PREFIX*filecache`.`fileid`' . ' JOIN `*PREFIX*storages` ON `*PREFIX*storages`.`numeric_id` = `*PREFIX*filecache`.`storage`' . ' WHERE `mimetype` != ?' . ' AND (`*PREFIX*storages`.`id` LIKE ? OR `*PREFIX*storages`.`id` LIKE ?)' . ' AND (`*PREFIX*files_antivirus`.`fileid` IS NULL OR `mtime` > `check_time`)' . ' AND `path` LIKE ?';
$stmt = \OCP\DB::prepare($sql, 5);
try {
$result = $stmt->execute(array($dirMimetypeId, 'local::%', 'home::%', 'files/%'));
if (\OCP\DB::isError($result)) {
\OCP\Util::writeLog('files_antivirus', __METHOD__ . 'DB error: ' . \OCP\DB::getErrorMessage($result), \OCP\Util::ERROR);
return;
}
} catch (\Exception $e) {
\OCP\Util::writeLog('files_antivirus', __METHOD__ . ', exception: ' . $e->getMessage(), \OCP\Util::ERROR);
return;
}
$view = new \OC\Files\View('/');
while ($row = $result->fetchRow()) {
$path = $view->getPath($row['fileid']);
if (!is_null($path)) {
$item = new Item($this->l10n, $view, $path, $row['fileid']);
$scanner = $this->scannerFactory->getScanner();
$status = $scanner->scan($item);
$status->dispatch($item, true);
}
}
\OC_Util::tearDownFS();
}
/**
* Background scanner main job
* @return null
*/
public function run()
{
if (!$this->initFS()) {
return;
}
// locate files that are not checked yet
$dirMimeTypeId = \OC::$server->getMimeTypeLoader()->getId('httpd/unix-directory');
try {
$qb = \OC::$server->getDatabaseConnection()->getQueryBuilder();
$qb->select(['fc.fileid'])->from('filecache', 'fc')->leftJoin('fc', 'files_antivirus', 'fa', $qb->expr()->eq('fa.fileid', 'fc.fileid'))->innerJoin('fc', 'storages', 'ss', $qb->expr()->andX($qb->expr()->eq('fc.storage', 'ss.numeric_id'), $qb->expr()->orX($qb->expr()->like('ss.id', $qb->expr()->literal('local::%')), $qb->expr()->like('ss.id', $qb->expr()->literal('home::%')))))->where($qb->expr()->neq('fc.mimetype', $qb->expr()->literal($dirMimeTypeId)))->andWhere($qb->expr()->orX($qb->expr()->isNull('fa.fileid'), $qb->expr()->gt('fc.mtime', 'fa.check_time')))->andWhere($qb->expr()->like('fc.path', $qb->expr()->literal('files/%')))->andWhere($qb->expr()->neq('fc.size', '0'))->setMaxResults(5);
$result = $qb->execute();
} catch (\Exception $e) {
\OC::$server->getLogger()->error(__METHOD__ . ', exception: ' . $e->getMessage(), ['app' => 'files_antivirus']);
return;
}
$view = new \OC\Files\View('');
try {
while ($row = $result->fetch()) {
$path = $view->getPath($row['fileid']);
if (!is_null($path)) {
$item = new Item($this->l10n, $view, $path, $row['fileid']);
$scanner = $this->scannerFactory->getScanner();
$status = $scanner->scan($item);
$status->dispatch($item, true);
}
}
} catch (\Exception $e) {
\OC::$server->getLogger()->error(__METHOD__ . ', exception: ' . $e->getMessage(), ['app' => 'files_antivirus']);
}
\OC_Util::tearDownFS();
}
public function generateFileToken($fileId, $version)
{
// Get the FS view of the current user.
$view = \OC\Files\Filesystem::getView();
// Get the virtual path (if the file is shared).
$path = $view->getPath($fileId);
if (!$view->is_file($path) || !$view->isUpdatable($path)) {
throw new \Exception('Invalid fileId.');
}
// Figure out the real owner, if not us.
$owner = $view->getOwner($path);
// Create a view into the owner's FS.
$view = new \OC\Files\View('/' . $owner . '/files');
// Find the real path.
$path = $view->getPath($fileId);
if (!$view->is_file($path)) {
throw new \Exception('Invalid fileId.');
}
$editor = \OC::$server->getUserSession()->getUser()->getUID();
$token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_UPPER . \OCP\Security\ISecureRandom::CHAR_DIGITS);
\OC::$server->getLogger()->debug('Issuing token for {editor} file {fileId}, version {version} owned by {owner}, path {path}: {token}', ['owner' => $owner, 'editor' => $editor, 'fileId' => $fileId, 'version' => $version, 'path' => $path, 'token' => $token]);
$wopi = new \OCA\Richdocuments\Db\Wopi([$owner, $editor, $fileId, $version, $path, $token, time() + self::TOKEN_LIFETIME_SECONDS]);
if (!$wopi->insert()) {
throw new \Exception('Failed to add wopi token into database');
}
return $token;
}
public static function getUidAndFilename($filename)
{
$uid = \OC\Files\Filesystem::getOwner($filename);
\OC\Files\Filesystem::initMountPoints($uid);
if ($uid != \OCP\User::getUser()) {
$info = \OC\Files\Filesystem::getFileInfo($filename);
$ownerView = new \OC\Files\View('/' . $uid . '/files');
$filename = $ownerView->getPath($info['fileid']);
}
return array($uid, $filename);
}
/**
* @param string $filename
* @return array
* @throws \OC\User\NoUserException
*/
public static function getUidAndFilename($filename)
{
$uid = \OC\Files\Filesystem::getOwner($filename);
\OC\Files\Filesystem::initMountPoints($uid);
if ($uid != \OCP\User::getUser()) {
$info = \OC\Files\Filesystem::getFileInfo($filename);
$ownerView = new \OC\Files\View('/' . $uid . '/files');
try {
$filename = $ownerView->getPath($info['fileid']);
} catch (NotFoundException $e) {
$filename = null;
}
}
return [$uid, $filename];
}
\OCP\Util::writeLog('core-preview', 'Passed token parameter is not valid', \OCP\Util::DEBUG);
exit;
}
if (!isset($linkedItem['uid_owner']) || !isset($linkedItem['file_source'])) {
\OC_Response::setStatus(\OC_Response::STATUS_INTERNAL_SERVER_ERROR);
\OCP\Util::writeLog('core-preview', 'Passed token seems to be valid, but it does not contain all necessary information . ("' . $token . '")', \OCP\Util::WARN);
exit;
}
$rootLinkItem = OCP\Share::resolveReShare($linkedItem);
$userId = $rootLinkItem['uid_owner'];
OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
\OC_Util::setupFS($userId);
\OC\Files\Filesystem::initMountPoints($userId);
$view = new \OC\Files\View('/' . $userId . '/files');
$pathId = $linkedItem['file_source'];
$path = $view->getPath($pathId);
if ($path === null) {
\OC_Response::setStatus(\OC_Response::STATUS_NOT_FOUND);
\OCP\Util::writeLog('core-preview', 'Could not resolve file for shared item', \OCP\Util::WARN);
exit;
}
$pathInfo = $view->getFileInfo($path);
$sharedFile = null;
if ($linkedItem['item_type'] === 'folder') {
$isValid = \OC\Files\Filesystem::isValidPath($file);
if (!$isValid) {
\OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST);
\OCP\Util::writeLog('core-preview', 'Passed filename is not valid, might be malicious (file:"' . $file . '";ip:"' . \OC::$server->getRequest()->getRemoteAddress() . '")', \OCP\Util::WARN);
exit;
}
$sharedFile = \OC\Files\Filesystem::normalizePath($file);
/**
* @brief get uid of the owners of the file and the path to the file
* @param string $path Path of the file to check
* @throws \Exception
* @note $shareFilePath must be relative to data/UID/files. Files
* relative to /Shared are also acceptable
* @return array
*/
public function getUidAndFilename($path)
{
$view = new \OC\Files\View($this->userFilesDir);
$fileOwnerUid = $view->getOwner($path);
// handle public access
if ($this->isPublic) {
$filename = $path;
$fileOwnerUid = $GLOBALS['fileOwner'];
return array($fileOwnerUid, $filename);
} else {
// Check that UID is valid
if (!\OCP\User::userExists($fileOwnerUid)) {
throw new \Exception('Could not find owner (UID = "' . var_export($fileOwnerUid, 1) . '") of file "' . $path . '"');
}
// NOTE: Bah, this dependency should be elsewhere
\OC\Files\Filesystem::initMountPoints($fileOwnerUid);
// If the file owner is the currently logged in user
if ($fileOwnerUid === $this->userId) {
// Assume the path supplied is correct
$filename = $path;
} else {
$info = $view->getFileInfo($path);
$ownerView = new \OC\Files\View('/' . $fileOwnerUid . '/files');
// Fetch real file path from DB
$filename = $ownerView->getPath($info['fileid']);
// TODO: Check that this returns a path without including the user data dir
}
return array($fileOwnerUid, \OC_Filesystem::normalizePath($filename));
}
}
/**
* @expectedException \OCP\Files\NotFoundException
*/
function testGetPathNotExisting()
{
$storage1 = $this->getTestStorage();
\OC\Files\Filesystem::mount($storage1, [], '/');
$rootView = new \OC\Files\View('');
$cachedData = $rootView->getFileInfo('/foo.txt');
/** @var int $id1 */
$id1 = $cachedData['fileid'];
$folderView = new \OC\Files\View('/substorage');
$this->assertNull($folderView->getPath($id1));
}
$view = new \OC\Files\View('/' . $owner . '/files');
// second part is the (duplicated) share name
list($folderId, , $img) = explode('/', $img, 3);
$shareInfo = \OCP\Share::getItemSharedWithBySource('file', $folderId);
if ($shareInfo) {
$sharedFolder = $view->getPath($folderId);
if ($sharedFolder) {
$img = $sharedFolder . '/' . $img;
} else {
\OC_Response::setStatus(404);
exit;
}
} else {
\OC_Response::setStatus(403);
exit;
}
}
}
session_write_close();
if (is_array($linkItem) && isset($linkItem['uid_owner'])) {
// prepend path to share
$ownerView = new \OC\Files\View('/' . $owner . '/files');
$path = $ownerView->getPath($linkItem['file_source']);
if ($path === null) {
exit;
}
$img = $path . '/' . $img;
}
$square = isset($_GET['square']) ? (bool) $_GET['square'] : false;
$image = new \OCA\Gallery\Thumbnail('/' . $img, $owner, $square);
$image->show();
$result = $mailNotification->sendLinkShareMail($to_address, $file, $link, $expiration);
if (empty($result)) {
// Get the token from the link
$linkParts = explode('/', $link);
$token = array_pop($linkParts);
// Get the share for the token
$share = \OCP\Share::getShareByToken($token, false);
if ($share !== false) {
$currentUser = \OC::$server->getUserSession()->getUser()->getUID();
$file = '/' . ltrim($file, '/');
// Check whether share belongs to the user and whether the file is the same
if ($share['file_target'] === $file && $share['uid_owner'] === $currentUser) {
// Get the path for the user
$view = new \OC\Files\View('/' . $currentUser . '/files');
$fileId = (int) $share['item_source'];
$path = $view->getPath((int) $share['item_source']);
if ($path !== null) {
$event = \OC::$server->getActivityManager()->generateEvent();
$event->setApp(\OCA\Files_Sharing\Activity::FILES_SHARING_APP)->setType(\OCA\Files_Sharing\Activity::TYPE_SHARED)->setAuthor($currentUser)->setAffectedUser($currentUser)->setObject('files', $fileId, $path)->setSubject(\OCA\Files_Sharing\Activity::SUBJECT_SHARED_EMAIL, [$path, $to_address]);
\OC::$server->getActivityManager()->publish($event);
}
}
}
\OCP\JSON::success();
} else {
$l = \OC::$server->getL10N('core');
OCP\JSON::error(array('data' => array('message' => $l->t("Couldn't send mail to following users: %s ", implode(', ', $result)))));
}
break;
}
} else {
* later.
* See the COPYING-README file.
*/
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('gallery');
session_write_close();
list($owner, $img) = explode('/', $_GET['file'], 2);
if ($owner !== OC_User::getUser()) {
\OC\Files\Filesystem::initMountPoints($owner);
$parts = explode('/', $img, 3);
if (count($parts) === 3) {
list($shareId, , $img) = $parts;
} else {
$shareId = $parts[0];
$img = '';
}
if (OCP\Share::getItemSharedWith('gallery', $shareId)) {
$ownerView = new \OC\Files\View('/' . $owner . '/files');
$sharedGallery = $ownerView->getPath($shareId);
if ($img) {
$img = $sharedGallery . '/' . $img;
} else {
$img = $sharedGallery;
}
} else {
OC_JSON::error('no such file');
die;
}
}
$image = new \OCA\Gallery\AlbumThumbnail('/' . $img, $owner);
$image->show();
$images = \OC\Files\Filesystem::searchByMime('image');
$user = \OC_User::getUser();
foreach ($images as &$image) {
$image['path'] = $user . $image['path'];
}
$shared = array();
$sharedSources = OCP\Share::getItemsSharedWith('gallery');
$users = array();
foreach ($sharedSources as $sharedSource) {
$owner = $sharedSource['uid_owner'];
if (array_search($owner, $users) === false) {
$users[] = $owner;
}
\OC\Files\Filesystem::initMountPoints($owner);
$ownerView = new \OC\Files\View('/' . $owner . '/files');
$path = $ownerView->getPath($sharedSource['item_source']);
if ($path) {
$shareName = basename($path);
$shareView = new \OC\Files\View('/' . $owner . '/files' . $path);
$sharedImages = $shareView->searchByMime('image');
foreach ($sharedImages as $sharedImage) {
$sharedImage['path'] = $owner . '/' . $sharedSource['item_source'] . '/' . $shareName . $sharedImage['path'];
$images[] = $sharedImage;
}
}
}
$displayNames = array();
foreach ($users as $user) {
$displayNames[$user] = \OCP\User::getDisplayName($user);
}
OCP\JSON::setContentTypeHeader();
public static function getSharesFromItem($target)
{
$result = array();
$owner = \OC\Files\Filesystem::getOwner($target);
\OC\Files\Filesystem::initMountPoints($owner);
$info = \OC\Files\Filesystem::getFileInfo($target);
$ownerView = new \OC\Files\View('/' . $owner . '/files');
if ($owner != \OCP\User::getUser()) {
$path = $ownerView->getPath($info['fileid']);
} else {
$path = $target;
}
$ids = array();
while ($path !== dirname($path)) {
$info = $ownerView->getFileInfo($path);
if ($info instanceof \OC\Files\FileInfo) {
$ids[] = $info['fileid'];
} else {
\OCP\Util::writeLog('sharing', 'No fileinfo available for: ' . $path, \OCP\Util::WARN);
}
$path = dirname($path);
}
if (!empty($ids)) {
$idList = array_chunk($ids, 99, true);
foreach ($idList as $subList) {
$statement = "SELECT `share_with`, `share_type`, `file_target` FROM `*PREFIX*share` WHERE `file_source` IN (" . implode(',', $subList) . ") AND `share_type` IN (0, 1, 2)";
$query = \OCP\DB::prepare($statement);
$r = $query->execute();
$result = array_merge($result, $r->fetchAll());
}
}
return $result;
}
/**
* get uid of the owners of the file and the path to the file
* @param string $path Path of the file to check
* @throws \Exception
* @note $shareFilePath must be relative to data/UID/files. Files
* relative to /Shared are also acceptable
* @return array
*/
public function getUidAndFilename($path)
{
$pathinfo = pathinfo($path);
$partfile = false;
$parentFolder = false;
if (array_key_exists('extension', $pathinfo) && $pathinfo['extension'] === 'part') {
// if the real file exists we check this file
$filePath = $this->userFilesDir . '/' . $pathinfo['dirname'] . '/' . $pathinfo['filename'];
if ($this->view->file_exists($filePath)) {
$pathToCheck = $pathinfo['dirname'] . '/' . $pathinfo['filename'];
} else {
// otherwise we look for the parent
$pathToCheck = $pathinfo['dirname'];
$parentFolder = true;
}
$partfile = true;
} else {
$pathToCheck = $path;
}
$view = new \OC\Files\View($this->userFilesDir);
$fileOwnerUid = $view->getOwner($pathToCheck);
// handle public access
if ($this->isPublic) {
return array($this->userId, $path);
} else {
// Check that UID is valid
if (!\OCP\User::userExists($fileOwnerUid)) {
throw new \Exception('Could not find owner (UID = "' . var_export($fileOwnerUid, 1) . '") of file "' . $path . '"');
}
// NOTE: Bah, this dependency should be elsewhere
\OC\Files\Filesystem::initMountPoints($fileOwnerUid);
// If the file owner is the currently logged in user
if ($fileOwnerUid === $this->userId) {
// Assume the path supplied is correct
$filename = $path;
} else {
$info = $view->getFileInfo($pathToCheck);
$ownerView = new \OC\Files\View('/' . $fileOwnerUid . '/files');
// Fetch real file path from DB
$filename = $ownerView->getPath($info['fileid']);
if ($parentFolder) {
$filename = $filename . '/' . $pathinfo['filename'];
}
if ($partfile) {
$filename = $filename . '.' . $pathinfo['extension'];
}
}
return array($fileOwnerUid, \OC\Files\Filesystem::normalizePath($filename));
}
}
/**
* Return the source
*
* @param string $path
* @return array
*/
protected function getSourcePathAndOwner($path)
{
$uidOwner = \OC\Files\Filesystem::getOwner($path);
if ($uidOwner != $this->currentUser) {
\OC\Files\Filesystem::initMountPoints($uidOwner);
$info = \OC\Files\Filesystem::getFileInfo($path);
$ownerView = new \OC\Files\View('/' . $uidOwner . '/files');
$path = $ownerView->getPath($info['fileid']);
}
return array($path, $uidOwner);
}
/**
* unshare file/folder from a user with whom you shared the file before
*/
public static function postUnshare($params)
{
if (\OCP\App::isEnabled('files_encryption') === false) {
return true;
}
if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') {
$view = new \OC\Files\View('/');
$userId = $params['uidOwner'];
$userView = new \OC\Files\View('/' . $userId . '/files');
$util = new Util($view, $userId);
$path = $userView->getPath($params['fileSource']);
// for group shares get a list of the group members
if ($params['shareType'] === \OCP\Share::SHARE_TYPE_GROUP) {
$userIds = \OC_Group::usersInGroup($params['shareWith']);
} else {
if ($params['shareType'] === \OCP\Share::SHARE_TYPE_LINK || $params['shareType'] === \OCP\Share::SHARE_TYPE_REMOTE) {
$userIds = array($util->getPublicShareKeyId());
} else {
$userIds = array($params['shareWith']);
}
}
$mountManager = \OC\Files\Filesystem::getMountManager();
$mount = $mountManager->find('/' . $userId . '/files' . $path);
$mountPoint = $mount->getMountPoint();
// if we unshare a folder we need a list of all (sub-)files
if ($params['itemType'] === 'folder') {
$allFiles = $util->getAllFiles($path, $mountPoint);
} else {
$allFiles = array($path);
}
foreach ($allFiles as $path) {
// check if the user still has access to the file, otherwise delete share key
$sharingUsers = $util->getSharingUsersArray(true, $path);
// Unshare every user who no longer has access to the file
$delUsers = array_diff($userIds, $sharingUsers);
$keyPath = Keymanager::getKeyPath($view, $util, $path);
// delete share key
Keymanager::delShareKey($view, $delUsers, $keyPath, $userId, $path);
}
}
}
/**
* get file owner and path
* @param string $filename
* @return string[] with the owner's uid and the owner's path
*/
private static function getUidAndFilename($filename) {
$uid = \OC\Files\Filesystem::getOwner($filename);
\OC\Files\Filesystem::initMountPoints($uid);
$filename = (strpos($filename, '/') !== 0) ? '/' . $filename : $filename;
if ($uid != \OCP\User::getUser()) {
$info = \OC\Files\Filesystem::getFileInfo($filename);
if (!$info) {
return array($uid, '/files' . $filename);
}
$ownerView = new \OC\Files\View('/' . $uid . '/files');
$filename = $ownerView->getPath($info['fileid']);
}
return array($uid, '/files' . $filename);
}
/**
* @medium
*/
function testGetPath()
{
$storage1 = $this->getTestStorage();
$storage2 = $this->getTestStorage();
$storage3 = $this->getTestStorage();
\OC\Files\Filesystem::mount($storage1, array(), '/');
\OC\Files\Filesystem::mount($storage2, array(), '/substorage');
\OC\Files\Filesystem::mount($storage3, array(), '/folder/anotherstorage');
$rootView = new \OC\Files\View('');
$cachedData = $rootView->getFileInfo('/foo.txt');
$id1 = $cachedData['fileid'];
$this->assertEquals('/foo.txt', $rootView->getPath($id1));
$cachedData = $rootView->getFileInfo('/substorage/foo.txt');
$id2 = $cachedData['fileid'];
$this->assertEquals('/substorage/foo.txt', $rootView->getPath($id2));
$folderView = new \OC\Files\View('/substorage');
$this->assertEquals('/foo.txt', $folderView->getPath($id2));
$this->assertNull($folderView->getPath($id1));
}
/**
* Return the source
*
* @param string $path
* @return array
*/
public static function getSourcePathAndOwner($path)
{
$uidOwner = \OC\Files\Filesystem::getOwner($path);
if ($uidOwner != \OCP\User::getUser()) {
\OC\Files\Filesystem::initMountPoints($uidOwner);
$info = \OC\Files\Filesystem::getFileInfo($path);
$ownerView = new \OC\Files\View('/' . $uidOwner . '/files');
$path = $ownerView->getPath($info['fileid']);
}
return array($path, $uidOwner);
}
