/**
* @return \OC_OCS_Result
*/
public function search()
{
$search = isset($_GET['search']) ? (string) $_GET['search'] : '';
$itemType = isset($_GET['itemType']) ? (string) $_GET['itemType'] : null;
$page = isset($_GET['page']) ? (int) $_GET['page'] : 1;
$perPage = isset($_GET['perPage']) ? (int) $_GET['perPage'] : 200;
if ($perPage <= 0) {
return new \OC_OCS_Result(null, Http::STATUS_BAD_REQUEST, 'Invalid perPage argument');
}
if ($page <= 0) {
return new \OC_OCS_Result(null, Http::STATUS_BAD_REQUEST, 'Invalid page');
}
$shareTypes = [Share::SHARE_TYPE_USER];
if ($this->shareManager->allowGroupSharing()) {
$shareTypes[] = Share::SHARE_TYPE_GROUP;
}
$shareTypes[] = Share::SHARE_TYPE_REMOTE;
if (isset($_GET['shareType']) && is_array($_GET['shareType'])) {
$shareTypes = array_intersect($shareTypes, $_GET['shareType']);
sort($shareTypes);
} else {
if (isset($_GET['shareType']) && is_numeric($_GET['shareType'])) {
$shareTypes = array_intersect($shareTypes, [(int) $_GET['shareType']]);
sort($shareTypes);
}
}
if (in_array(Share::SHARE_TYPE_REMOTE, $shareTypes) && !$this->isRemoteSharingAllowed($itemType)) {
// Remove remote shares from type array, because it is not allowed.
$shareTypes = array_diff($shareTypes, [Share::SHARE_TYPE_REMOTE]);
}
$this->shareWithGroupOnly = $this->config->getAppValue('core', 'shareapi_only_share_with_group_members', 'no') === 'yes';
$this->shareeEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
$this->limit = (int) $perPage;
$this->offset = $perPage * ($page - 1);
return $this->searchSharees($search, $itemType, $shareTypes, $page, $perPage);
}
/**
* @return \OC_OCS_Result
*/
public function createShare()
{
$share = $this->shareManager->newShare();
if (!$this->shareManager->shareApiEnabled()) {
return new \OC_OCS_Result(null, 404, $this->l->t('Share API is disabled'));
}
// Verify path
$path = $this->request->getParam('path', null);
if ($path === null) {
return new \OC_OCS_Result(null, 404, $this->l->t('Please specify a file or folder path'));
}
$userFolder = $this->rootFolder->getUserFolder($this->currentUser->getUID());
try {
$path = $userFolder->get($path);
} catch (NotFoundException $e) {
return new \OC_OCS_Result(null, 404, $this->l->t('Wrong path, file/folder doesn\'t exist'));
}
$share->setNode($path);
try {
$share->getNode()->lock(ILockingProvider::LOCK_SHARED);
} catch (LockedException $e) {
return new \OC_OCS_Result(null, 404, 'Could not create share');
}
// Parse permissions (if available)
$permissions = $this->request->getParam('permissions', null);
if ($permissions === null) {
$permissions = \OCP\Constants::PERMISSION_ALL;
} else {
$permissions = (int) $permissions;
}
if ($permissions < 0 || $permissions > \OCP\Constants::PERMISSION_ALL) {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, 404, 'invalid permissions');
}
// Shares always require read permissions
$permissions |= \OCP\Constants::PERMISSION_READ;
if ($path instanceof \OCP\Files\File) {
// Single file shares should never have delete or create permissions
$permissions &= ~\OCP\Constants::PERMISSION_DELETE;
$permissions &= ~\OCP\Constants::PERMISSION_CREATE;
}
/*
* Hack for https://github.com/owncloud/core/issues/22587
* We check the permissions via webdav. But the permissions of the mount point
* do not equal the share permissions. Here we fix that for federated mounts.
*/
if ($path->getStorage()->instanceOfStorage('OCA\\Files_Sharing\\External\\Storage')) {
$permissions &= ~($permissions & ~$path->getPermissions());
}
$shareWith = $this->request->getParam('shareWith', null);
$shareType = (int) $this->request->getParam('shareType', '-1');
if ($shareType === \OCP\Share::SHARE_TYPE_USER) {
// Valid user is required to share
if ($shareWith === null || !$this->userManager->userExists($shareWith)) {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, 404, $this->l->t('Please specify a valid user'));
}
$share->setSharedWith($shareWith);
$share->setPermissions($permissions);
} else {
if ($shareType === \OCP\Share::SHARE_TYPE_GROUP) {
if (!$this->shareManager->allowGroupSharing()) {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, 404, $this->l->t('Group sharing is disabled by the administrator'));
}
// Valid group is required to share
if ($shareWith === null || !$this->groupManager->groupExists($shareWith)) {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, 404, $this->l->t('Please specify a valid group'));
}
$share->setSharedWith($shareWith);
$share->setPermissions($permissions);
} else {
if ($shareType === \OCP\Share::SHARE_TYPE_LINK) {
//Can we even share links?
if (!$this->shareManager->shareApiAllowLinks()) {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, 404, $this->l->t('Public link sharing is disabled by the administrator'));
}
/*
* For now we only allow 1 link share.
* Return the existing link share if this is a duplicate
*/
$existingShares = $this->shareManager->getSharesBy($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_LINK, $path, false, 1, 0);
if (!empty($existingShares)) {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result($this->formatShare($existingShares[0]));
}
$publicUpload = $this->request->getParam('publicUpload', null);
if ($publicUpload === 'true') {
// Check if public upload is allowed
if (!$this->shareManager->shareApiLinkAllowPublicUpload()) {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, 403, $this->l->t('Public upload disabled by the administrator'));
}
// Public upload can only be set for folders
if ($path instanceof \OCP\Files\File) {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, 404, $this->l->t('Public upload is only possible for publicly shared folders'));
}
$share->setPermissions(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE);
} else {
$share->setPermissions(\OCP\Constants::PERMISSION_READ);
}
// Set password
$password = $this->request->getParam('password', '');
if ($password !== '') {
$share->setPassword($password);
}
//Expire date
$expireDate = $this->request->getParam('expireDate', '');
if ($expireDate !== '') {
try {
$expireDate = $this->parseDate($expireDate);
$share->setExpirationDate($expireDate);
} catch (\Exception $e) {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, 404, $this->l->t('Invalid date, date format must be YYYY-MM-DD'));
}
}
} else {
if ($shareType === \OCP\Share::SHARE_TYPE_REMOTE) {
if (!$this->shareManager->outgoingServer2ServerSharesAllowed()) {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, 403, $this->l->t('Sharing %s failed because the back end does not allow shares from type %s', [$path->getPath(), $shareType]));
}
$share->setSharedWith($shareWith);
$share->setPermissions($permissions);
} else {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, 400, $this->l->t('Unknown share type'));
}
}
}
}
$share->setShareType($shareType);
$share->setSharedBy($this->currentUser->getUID());
try {
$share = $this->shareManager->createShare($share);
} catch (GenericShareException $e) {
$code = $e->getCode() === 0 ? 403 : $e->getCode();
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, $code, $e->getHint());
} catch (\Exception $e) {
$share->getNode()->unlock(ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result(null, 403, $e->getMessage());
}
$output = $this->formatShare($share);
$share->getNode()->unlock(\OCP\Lock\ILockingProvider::LOCK_SHARED);
return new \OC_OCS_Result($output);
}
