// The standard case, files are uploaded through logged in users :)
OCP\JSON::checkLoggedIn();
$dir = isset($_POST['dir']) ? $_POST['dir'] : "";
if (!$dir || empty($dir) || $dir === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
die;
}
} else {
// TODO: ideally this code should be in files_sharing/ajax/upload.php
// and the upload/file transfer code needs to be refactored into a utility method
// that could be used there
\OC_User::setIncognitoMode(true);
// return only read permissions for public upload
$allowedPermissions = OCP\PERMISSION_READ;
$publicDirectory = !empty($_POST['subdir']) ? $_POST['subdir'] : '/';
$linkItem = OCP\Share::getShareByToken($_POST['dirToken']);
if ($linkItem === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Invalid Token')))));
die;
}
if (!($linkItem['permissions'] & OCP\PERMISSION_CREATE)) {
OCP\JSON::checkLoggedIn();
} else {
// resolve reshares
$rootLinkItem = OCP\Share::resolveReShare($linkItem);
OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
// Setup FS with owner
OC_Util::tearDownFS();
OC_Util::setupFS($rootLinkItem['uid_owner']);
// The token defines the target directory (security reasons)
$path = \OC\Files\Filesystem::getPath($linkItem['file_source']);
<?php
// Load other apps for file previews
OC_App::loadApps();
$appConfig = \OC::$server->getAppConfig();
if ($appConfig->getValue('core', 'shareapi_allow_links', 'yes') !== 'yes') {
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');
$tmpl->printPage();
exit;
}
if (isset($_GET['t'])) {
$token = $_GET['t'];
$linkItem = OCP\Share::getShareByToken($token, false);
if (is_array($linkItem) && isset($linkItem['uid_owner'])) {
// seems to be a valid share
$type = $linkItem['item_type'];
$fileSource = $linkItem['file_source'];
$shareOwner = $linkItem['uid_owner'];
$path = null;
$rootLinkItem = OCP\Share::resolveReShare($linkItem);
if (isset($rootLinkItem['uid_owner'])) {
OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
OC_Util::tearDownFS();
OC_Util::setupFS($rootLinkItem['uid_owner']);
$path = \OC\Files\Filesystem::getPath($linkItem['file_source']);
}
}
}
if (isset($path)) {
if (!isset($linkItem['item_type'])) {
public function testShareItemWithLink()
{
OC_User::setUserId($this->user1);
$token = OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_LINK, null, \OCP\Constants::PERMISSION_READ);
$this->assertInternalType('string', $token, 'Failed asserting that user 1 successfully shared text.txt as link with token.');
// testGetShareByTokenNoExpiration
$row = $this->getShareByValidToken($token);
$this->assertEmpty($row['expiration'], 'Failed asserting that the returned row does not have an expiration date.');
// testGetShareByTokenExpirationValid
$this->assertTrue(OCP\Share::setExpirationDate('test', 'test.txt', $this->dateInFuture, ''), 'Failed asserting that user 1 successfully set a future expiration date for the test.txt share.');
$row = $this->getShareByValidToken($token);
$this->assertNotEmpty($row['expiration'], 'Failed asserting that the returned row has an expiration date.');
// manipulate share table and set expire date to the past
$query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `expiration` = ? WHERE `item_type` = ? AND `item_source` = ? AND `uid_owner` = ? AND `share_type` = ?');
$query->bindValue(1, new \DateTime($this->dateInPast), 'datetime');
$query->bindValue(2, 'test');
$query->bindValue(3, 'test.txt');
$query->bindValue(4, $this->user1);
$query->bindValue(5, \OCP\Share::SHARE_TYPE_LINK);
$query->execute();
$this->assertFalse(OCP\Share::getShareByToken($token), 'Failed asserting that an expired share could not be found.');
}
// Load other apps for file previews
OC_App::loadApps();
function fileCmp($a, $b)
{
if ($a['type'] == 'dir' and $b['type'] != 'dir') {
return -1;
} elseif ($a['type'] != 'dir' and $b['type'] == 'dir') {
return 1;
} else {
return strnatcasecmp($a['name'], $b['name']);
}
}
if (isset($_GET['t'])) {
$token = $_GET['t'];
$linkItem = OCP\Share::getShareByToken($token);
if (is_array($linkItem) && isset($linkItem['uid_owner'])) {
// seems to be a valid share
$type = $linkItem['item_type'];
$fileSource = $linkItem['file_source'];
$shareOwner = $linkItem['uid_owner'];
$path = null;
$rootLinkItem = OCP\Share::resolveReShare($linkItem);
$fileOwner = $rootLinkItem['uid_owner'];
if (isset($fileOwner)) {
OC_Util::tearDownFS();
OC_Util::setupFS($fileOwner);
$path = \OC\Files\Filesystem::getPath($linkItem['file_source']);
}
}
}
$l = \OC::$server->getL10N('files');
if (empty($_POST['dirToken'])) {
// The standard case, files are uploaded through logged in users :)
OCP\JSON::checkLoggedIn();
$dir = isset($_POST['dir']) ? (string) $_POST['dir'] : '';
if (!$dir || empty($dir) || $dir === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
die;
}
} else {
// TODO: ideally this code should be in files_sharing/ajax/upload.php
// and the upload/file transfer code needs to be refactored into a utility method
// that could be used there
\OC_User::setIncognitoMode(true);
$publicDirectory = !empty($_POST['subdir']) ? (string) $_POST['subdir'] : '/';
$linkItem = OCP\Share::getShareByToken((string) $_POST['dirToken']);
if ($linkItem === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Invalid Token')))));
die;
}
if (!($linkItem['permissions'] & \OCP\Constants::PERMISSION_CREATE)) {
OCP\JSON::checkLoggedIn();
} else {
// resolve reshares
$rootLinkItem = OCP\Share::resolveReShare($linkItem);
OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
// Setup FS with owner
OC_Util::tearDownFS();
OC_Util::setupFS($rootLinkItem['uid_owner']);
// The token defines the target directory (security reasons)
$path = \OC\Files\Filesystem::getPath($linkItem['file_source']);
public function testShareItemWithLink()
{
OC_User::setUserId($this->user1);
$token = OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_LINK, null, OCP\PERMISSION_READ);
$this->assertInternalType('string', $token, 'Failed asserting that user 1 successfully shared text.txt as link with token.');
// testGetShareByTokenNoExpiration
$row = $this->getShareByValidToken($token);
$this->assertEmpty($row['expiration'], 'Failed asserting that the returned row does not have an expiration date.');
// testGetShareByTokenExpirationValid
$this->assertTrue(OCP\Share::setExpirationDate('test', 'test.txt', $this->dateInFuture), 'Failed asserting that user 1 successfully set a future expiration date for the test.txt share.');
$row = $this->getShareByValidToken($token);
$this->assertNotEmpty($row['expiration'], 'Failed asserting that the returned row has an expiration date.');
// testGetShareByTokenExpirationExpired
$this->assertTrue(OCP\Share::setExpirationDate('test', 'test.txt', $this->dateInPast), 'Failed asserting that user 1 successfully set a past expiration date for the test.txt share.');
$this->assertFalse(OCP\Share::getShareByToken($token), 'Failed asserting that an expired share could not be found.');
}
