/** * Get the permissions granted for a shared file * * @param string $target Shared target file path * @return int CRUDS permissions granted */ public function getPermissions($target = '') { if (!$this->isValid()) { return 0; } $permissions = $this->superShare->getPermissions(); // part files and the mount point always have delete permissions if ($target === '' || pathinfo($target, PATHINFO_EXTENSION) === 'part') { $permissions |= \OCP\Constants::PERMISSION_DELETE; } if (\OCP\Util::isSharingDisabledForUser()) { $permissions &= ~\OCP\Constants::PERMISSION_SHARE; } return $permissions; }
/** * Update a share * * @param IShare $share * @return IShare The share object */ public function update(IShare $share) { /* * We allow updating the permissions of federated shares */ $qb = $this->dbConnection->getQueryBuilder(); $qb->update('share')->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))->execute(); return $share; }
/** * @inheritdoc */ public function move(\OCP\Share\IShare $share, $recipient) { if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER) { // Just update the target $qb = $this->dbConn->getQueryBuilder(); $qb->update('share')->set('file_target', $qb->createNamedParameter($share->getTarget()))->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->execute(); } else { if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP) { // Check if there is a usergroup share $qb = $this->dbConn->getQueryBuilder(); $stmt = $qb->select('id')->from('share')->where($qb->expr()->eq('share_type', $qb->createNamedParameter(self::SHARE_TYPE_USERGROUP)))->andWhere($qb->expr()->eq('share_with', $qb->createNamedParameter($recipient)))->andWhere($qb->expr()->eq('parent', $qb->createNamedParameter($share->getId())))->setMaxResults(1)->execute(); $data = $stmt->fetch(); $stmt->closeCursor(); if ($data === false) { // No usergroup share yet. Create one. $qb = $this->dbConn->getQueryBuilder(); $qb->insert('share')->values(['share_type' => $qb->createNamedParameter(self::SHARE_TYPE_USERGROUP), 'share_with' => $qb->createNamedParameter($recipient), 'uid_owner' => $qb->createNamedParameter($share->getShareOwner()), 'uid_initiator' => $qb->createNamedParameter($share->getSharedBy()), 'parent' => $qb->createNamedParameter($share->getId()), 'item_type' => $qb->createNamedParameter($share->getNode() instanceof File ? 'file' : 'folder'), 'item_source' => $qb->createNamedParameter($share->getNode()->getId()), 'file_source' => $qb->createNamedParameter($share->getNode()->getId()), 'file_target' => $qb->createNamedParameter($share->getTarget()), 'permissions' => $qb->createNamedParameter($share->getPermissions()), 'stime' => $qb->createNamedParameter($share->getShareTime()->getTimestamp())])->execute(); } else { // Already a usergroup share. Update it. $qb = $this->dbConn->getQueryBuilder(); $qb->update('share')->set('file_target', $qb->createNamedParameter($share->getTarget()))->where($qb->expr()->eq('id', $qb->createNamedParameter($data['id'])))->execute(); } } } return $share; }
/** * Check for pre share requirements for link shares * * @param \OCP\Share\IShare $share * @throws \Exception */ protected function linkCreateChecks(\OCP\Share\IShare $share) { // Are link shares allowed? if (!$this->shareApiAllowLinks()) { throw new \Exception('Link sharing not allowed'); } // Link shares by definition can't have share permissions if ($share->getPermissions() & \OCP\Constants::PERMISSION_SHARE) { throw new \InvalidArgumentException('Link shares can\'t have reshare permissions'); } // We don't allow deletion on link shares if ($share->getPermissions() & \OCP\Constants::PERMISSION_DELETE) { throw new \InvalidArgumentException('Link shares can\'t have delete permissions'); } // Check if public upload is allowed if (!$this->shareApiLinkAllowPublicUpload() && $share->getPermissions() & (\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE)) { throw new \InvalidArgumentException('Public upload not allowed'); } }
/** * @param \OCP\Share\IShare $share * @return bool */ protected function canAccessShare(\OCP\Share\IShare $share) { // A file with permissions 0 can't be accessed by us. So Don't show it if ($share->getPermissions() === 0) { return false; } // Owner of the file and the sharer of the file can always get share if ($share->getShareOwner() === $this->currentUser->getUID() || $share->getSharedBy() === $this->currentUser->getUID()) { return true; } // If the share is shared with you (or a group you are a member of) if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER && $share->getSharedWith() === $this->currentUser->getUID()) { return true; } if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP) { $sharedWith = $this->groupManager->get($share->getSharedWith()); if ($sharedWith->inGroup($this->currentUser)) { return true; } } return false; }
/** * Update a share * * @param IShare $share * @return IShare The share object */ public function update(IShare $share) { /* * We allow updating the permissions of federated shares */ $qb = $this->dbConnection->getQueryBuilder(); $qb->update('share')->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))->execute(); // send the updated permission to the owner/initiator, if they are not the same if ($share->getShareOwner() !== $share->getSharedBy()) { $this->sendPermissionUpdate($share); } return $share; }
/** * Update a share * * @param \OCP\Share\IShare $share * @return \OCP\Share\IShare The share object */ public function update(\OCP\Share\IShare $share) { if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER) { /* * We allow updating the recipient on user shares. */ $qb = $this->dbConn->getQueryBuilder(); $qb->update('share')->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->set('share_with', $qb->createNamedParameter($share->getSharedWith()->getUID()))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()->getUID()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()->getUID()))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->set('item_source', $qb->createNamedParameter($share->getNode()->getId()))->set('file_source', $qb->createNamedParameter($share->getNode()->getId()))->execute(); } else { if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP) { $qb = $this->dbConn->getQueryBuilder(); $qb->update('share')->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()->getUID()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()->getUID()))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->set('item_source', $qb->createNamedParameter($share->getNode()->getId()))->set('file_source', $qb->createNamedParameter($share->getNode()->getId()))->execute(); /* * Update all user defined group shares */ $qb = $this->dbConn->getQueryBuilder(); $qb->update('share')->where($qb->expr()->eq('parent', $qb->createNamedParameter($share->getId())))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()->getUID()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()->getUID()))->set('item_source', $qb->createNamedParameter($share->getNode()->getId()))->set('file_source', $qb->createNamedParameter($share->getNode()->getId()))->execute(); /* * Now update the permissions for all children that have not set it to 0 */ $qb = $this->dbConn->getQueryBuilder(); $qb->update('share')->where($qb->expr()->eq('parent', $qb->createNamedParameter($share->getId())))->andWhere($qb->expr()->neq('permissions', $qb->createNamedParameter(0)))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->execute(); } else { if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) { $qb = $this->dbConn->getQueryBuilder(); $qb->update('share')->where($qb->expr()->eq('id', $qb->createNamedParameter($share->getId())))->set('share_with', $qb->createNamedParameter($share->getPassword()))->set('uid_owner', $qb->createNamedParameter($share->getShareOwner()->getUID()))->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()->getUID()))->set('permissions', $qb->createNamedParameter($share->getPermissions()))->set('item_source', $qb->createNamedParameter($share->getNode()->getId()))->set('file_source', $qb->createNamedParameter($share->getNode()->getId()))->set('token', $qb->createNamedParameter($share->getToken()))->set('expiration', $qb->createNamedParameter($share->getExpirationDate(), IQueryBuilder::PARAM_DATE))->execute(); } } } return $share; }