/**
* Check for pre share requirements for user shares
*
* @param IShare $share
* @throws \Exception
*/
protected function userCreateChecks(IShare $share)
{
// Check if we can share with group members only
if ($this->shareWithGroupMembersOnly()) {
// Verify we can share with this user
$groups = array_intersect($this->groupManager->getUserGroupIds($share->getSharedBy()), $this->groupManager->getUserGroupIds($share->getSharedWith()));
if (empty($groups)) {
throw new \Exception('Only sharing with group members is allowed');
}
}
/*
* TODO: Could be costly, fix
*
* Also this is not what we want in the future.. then we want to squash identical shares.
*/
$provider = $this->factory->getProviderForType(\OCP\Share::SHARE_TYPE_USER);
$existingShares = $provider->getSharesByPath($share->getPath());
foreach ($existingShares as $existingShare) {
// Identical share already existst
if ($existingShare->getSharedWith() === $share->getSharedWith()) {
throw new \Exception('Path already shared with this user');
}
// The share is already shared with this user via a group share
if ($existingShare->getShareType() === \OCP\Share::SHARE_TYPE_GROUP && $existingShare->getSharedWith()->inGroup($share->getSharedWith()) && $existingShare->getShareOwner() !== $share->getShareOwner()) {
throw new \Exception('Path already shared with this user');
}
}
}
/**
* Share a path
*
* @param IShare $share
* @return IShare The share object
* @throws ShareNotFound
* @throws \Exception
*/
public function create(IShare $share)
{
$qb = $this->dbConn->getQueryBuilder();
$qb->insert('share');
$qb->setValue('share_type', $qb->createNamedParameter($share->getShareType()));
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER) {
//Set the UID of the user we share with
$qb->setValue('share_with', $qb->createNamedParameter($share->getSharedWith()->getUID()));
} else {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP) {
//Set the GID of the group we share with
$qb->setValue('share_with', $qb->createNamedParameter($share->getSharedWith()->getGID()));
} else {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) {
//Set the token of the share
$qb->setValue('token', $qb->createNamedParameter($share->getToken()));
//If a password is set store it
if ($share->getPassword() !== null) {
$qb->setValue('share_with', $qb->createNamedParameter($share->getPassword()));
}
//If an expiration date is set store it
if ($share->getExpirationDate() !== null) {
$qb->setValue('expiration', $qb->createNamedParameter($share->getExpirationDate(), 'datetime'));
}
} else {
throw new \Exception('invalid share type!');
}
}
}
// Set what is shares
$qb->setValue('item_type', $qb->createParameter('itemType'));
if ($share->getPath() instanceof \OCP\Files\File) {
$qb->setParameter('itemType', 'file');
} else {
$qb->setParameter('itemType', 'folder');
}
// Set the file id
$qb->setValue('item_source', $qb->createNamedParameter($share->getPath()->getId()));
$qb->setValue('file_source', $qb->createNamedParameter($share->getPath()->getId()));
// set the permissions
$qb->setValue('permissions', $qb->createNamedParameter($share->getPermissions()));
// Set who created this share
$qb->setValue('uid_initiator', $qb->createNamedParameter($share->getSharedBy()->getUID()));
// Set who is the owner of this file/folder (and this the owner of the share)
$qb->setValue('uid_owner', $qb->createNamedParameter($share->getShareOwner()->getUID()));
// Set the file target
$qb->setValue('file_target', $qb->createNamedParameter($share->getTarget()));
// Set the time this share was created
$qb->setValue('stime', $qb->createNamedParameter(time()));
// insert the data and fetch the id of the share
$this->dbConn->beginTransaction();
$qb->execute();
$id = $this->dbConn->lastInsertId('*PREFIX*share');
$this->dbConn->commit();
// Now fetch the inserted share and create a complete share object
$qb = $this->dbConn->getQueryBuilder();
$qb->select('*')->from('*PREFIX*share')->where($qb->expr()->eq('id', $qb->createNamedParameter($id)));
$cursor = $qb->execute();
$data = $cursor->fetch();
$cursor->closeCursor();
if ($data === false) {
throw new ShareNotFound();
}
$share = $this->createShare($data);
return $share;
}
/**
* @param IShare $share
* @return bool
*/
protected function canAccessShare(IShare $share)
{
// A file with permissions 0 can't be accessed by us. So Don't show it
if ($share->getPermissions() === 0) {
return false;
}
// Owner of the file and the sharer of the file can always get share
if ($share->getShareOwner() === $this->currentUser || $share->getSharedBy() === $this->currentUser) {
return true;
}
// If the share is shared with you (or a group you are a member of)
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER && $share->getSharedWith() === $this->currentUser) {
return true;
}
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP && $share->getSharedWith()->inGroup($this->currentUser)) {
return true;
}
return false;
}
/**
* Unshare a share from the recipient. If this is a group share
* this means we need a special entry in the share db.
*
* @param IShare $share
* @param IUser $recipient
* @throws BackendError
* @throws ProviderException
*/
public function deleteFromSelf(IShare $share, IUser $recipient)
{
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP) {
/** @var IGroup $group */
$group = $share->getSharedWith();
if (!$group->inGroup($recipient)) {
throw new ProviderException('Recipient not in receiving group');
}
// Try to fetch user specific share
$qb = $this->dbConn->getQueryBuilder();
$stmt = $qb->select('*')->from('share')->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_USERGROUP)))->andWhere($qb->expr()->eq('share_with', $qb->createNamedParameter($recipient->getUID())))->andWhere($qb->expr()->eq('parent', $qb->createNamedParameter($share->getId())))->execute();
$data = $stmt->fetch();
/*
* Check if there already is a user specific group share.
* If there is update it (if required).
*/
if ($data === false) {
$qb = $this->dbConn->getQueryBuilder();
$type = $share->getPath() instanceof \OCP\Files\File ? 'file' : 'folder';
//Insert new share
$qb->insert('share')->values(['share_type' => $qb->createNamedParameter(self::SHARE_TYPE_USERGROUP), 'share_with' => $qb->createNamedParameter($recipient->getUID()), 'uid_owner' => $qb->createNamedParameter($share->getShareOwner()->getUID()), 'uid_initiator' => $qb->createNamedParameter($share->getSharedBy()->getUID()), 'parent' => $qb->createNamedParameter($share->getId()), 'item_type' => $qb->createNamedParameter($type), 'item_source' => $qb->createNamedParameter($share->getPath()->getId()), 'file_source' => $qb->createNamedParameter($share->getPath()->getId()), 'file_target' => $qb->createNamedParameter($share->getTarget()), 'permissions' => $qb->createNamedParameter(0), 'stime' => $qb->createNamedParameter($share->getSharetime())])->execute();
} else {
if ($data['permissions'] !== 0) {
// Update existing usergroup share
$qb = $this->dbConn->getQueryBuilder();
$qb->update('share')->set('permissions', $qb->createNamedParameter(0))->where($qb->expr()->eq('id', $qb->createNamedParameter($data['id'])))->execute();
}
}
} else {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER) {
if ($share->getSharedWith() !== $recipient) {
throw new ProviderException('Recipient does not match');
}
// We can just delete user and link shares
$this->delete($share);
} else {
throw new ProviderException('Invalid shareType');
}
}
}
