API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 22nd, 2019
124
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.56 KB | None | 0 0
raw download clone embed print report
  1. //Nova verze 14
  2. public function updateShare(
  3. string $id,
  4. int $permissions = null,
  5. string $password = null,
  6. string $sendPasswordByTalk = null,
  7. string $publicUpload = null,
  8. string $expireDate = null,
  9. string $note = null,
  10. string $label = null,
  11. string $hideDownload = null
  12. ): DataResponse {
  13. try {
  14. $share = $this->getShareById($id);
  15. } catch (ShareNotFound $e) {
  16. throw new OCSNotFoundException($this->l->t('Wrong share ID, share doesn\'t exist'));
  17. }
  18. $this->lock($share->getNode());
  19. if (!$this->canAccessShare($share, false)) {
  20. throw new OCSNotFoundException($this->l->t('Wrong share ID, share doesn\'t exist'));
  21. }
  22. if ($share->getShareOwner() !== $this->currentUser && $share->getSharedBy() !== $this->currentUser) {
  23. throw new OCSForbiddenException('You are not allowed to edit incoming shares');
  24. }
  25. if ($permissions === null &&
  26. $password === null &&
  27. $sendPasswordByTalk === null &&
  28. $publicUpload === null &&
  29. $expireDate === null &&
  30. $note === null &&
  31. $label === null &&
  32. $hideDownload === null
  33. ) {
  34. throw new OCSBadRequestException($this->l->t('Wrong or no update parameter given'));
  35. }
  36. if($note !== null) {
  37. $share->setNote($note);
  38. }
  39. /*
  40. * expirationdate, password and publicUpload only make sense for link shares
  41. */
  42. if ($share->getShareType() === Share::SHARE_TYPE_LINK) {
  43. // Update hide download state
  44. if ($hideDownload === 'true') {
  45. $share->setHideDownload(true);
  46. } else if ($hideDownload === 'false') {
  47. $share->setHideDownload(false);
  48. }
  49. $newPermissions = null;
  50. if ($publicUpload === 'true') {
  51. $newPermissions = Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE;
  52. } else if ($publicUpload === 'false') {
  53. $newPermissions = Constants::PERMISSION_READ;
  54. }
  55. if ($permissions !== null) {
  56. $newPermissions = (int)$permissions;
  57. $newPermissions = $newPermissions & ~Constants::PERMISSION_SHARE;
  58. }
  59. if ($newPermissions !== null &&
  60. !in_array($newPermissions, [
  61. Constants::PERMISSION_READ,
  62. Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE, // legacy
  63. Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE, // correct
  64. Constants::PERMISSION_CREATE, // hidden file list
  65. Constants::PERMISSION_READ | Constants::PERMISSION_UPDATE, // allow to edit single files
  66. ], true)
  67. ) {
  68. throw new OCSBadRequestException($this->l->t('Can\'t change permissions for public share links'));
  69. }
  70. if (
  71. // legacy
  72. $newPermissions === (Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE) ||
  73. // correct
  74. $newPermissions === (Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE)
  75. ) {
  76. if (!$this->shareManager->shareApiLinkAllowPublicUpload()) {
  77. throw new OCSForbiddenException($this->l->t('Public upload disabled by the administrator'));
  78. }
  79. if (!($share->getNode() instanceof \OCP\Files\Folder)) {
  80. throw new OCSBadRequestException($this->l->t('Public upload is only possible for publicly shared folders'));
  81. }
  82. // normalize to correct public upload permissions
  83. $newPermissions = Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE;
  84. }
  85. if ($newPermissions !== null) {
  86. $share->setPermissions($newPermissions);
  87. $permissions = $newPermissions;
  88. }
  89. if ($expireDate === '') {
  90. $share->setExpirationDate(null);
  91. } else if ($expireDate !== null) {
  92. try {
  93. $expireDate = $this->parseDate($expireDate);
  94. } catch (\Exception $e) {
  95. throw new OCSBadRequestException($e->getMessage(), $e);
  96. }
  97. $share->setExpirationDate($expireDate);
  98. }
  99. if ($password === '') {
  100. $share->setPassword(null);
  101. } else if ($password !== null) {
  102. $share->setPassword($password);
  103. }
  104. if ($label !== null) {
  105. $share->setLabel($label);
  106. }
  107. if ($sendPasswordByTalk === 'true') {
  108. if (!$this->appManager->isEnabledForUser('spreed')) {
  109. throw new OCSForbiddenException($this->l->t('Sharing sending the password by Nextcloud Talk failed because Nextcloud Talk is not enabled'));
  110. }
  111. $share->setSendPasswordByTalk(true);
  112. } else if ($sendPasswordByTalk !== null) {
  113. $share->setSendPasswordByTalk(false);
  114. }
  115. } else {
  116. if ($permissions !== null) {
  117. $permissions = (int)$permissions;
  118. $share->setPermissions($permissions);
  119. }
  120. if ($share->getShareType() === Share::SHARE_TYPE_EMAIL) {
  121. if ($password === '') {
  122. $share->setPassword(null);
  123. } else if ($password !== null) {
  124. $share->setPassword($password);
  125. }
  126. if ($sendPasswordByTalk === 'true') {
  127. if (!$this->appManager->isEnabledForUser('spreed')) {
  128. throw new OCSForbiddenException($this->l->t('Sharing sending the password by Nextcloud Talk failed because Nextcloud Talk is not enabled'));
  129. }
  130. $share->setSendPasswordByTalk(true);
  131. } else {
  132. $share->setSendPasswordByTalk(false);
  133. }
  134. }
  135. if ($expireDate === '') {
  136. $share->setExpirationDate(null);
  137. } else if ($expireDate !== null) {
  138. try {
  139. $expireDate = $this->parseDate($expireDate);
  140. } catch (\Exception $e) {
  141. throw new OCSBadRequestException($e->getMessage(), $e);
  142. }
  143. $share->setExpirationDate($expireDate);
  144. }
  145. }
  146. if ($permissions !== null && $share->getShareOwner() !== $this->currentUser) {
  147. /* Check if this is an incoming share */
  148. $incomingShares = $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_USER, $share->getNode(), -1, 0);
  149. $incomingShares = array_merge($incomingShares, $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_GROUP, $share->getNode(), -1, 0));
  150. $incomingShares = array_merge($incomingShares, $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_ROOM, $share->getNode(), -1, 0));
  151. /** @var \OCP\Share\IShare[] $incomingShares */
  152. if (!empty($incomingShares)) {
  153. $maxPermissions = 0;
  154. foreach ($incomingShares as $incomingShare) {
  155. $maxPermissions |= $incomingShare->getPermissions();
  156. }
  157. if ($share->getPermissions() & ~$maxPermissions) {
  158. throw new OCSNotFoundException($this->l->t('Cannot increase permissions'));
  159. }
  160. }
  161. }
  162. try {
  163. $share = $this->shareManager->updateShare($share);
  164. } catch (\Exception $e) {
  165. throw new OCSBadRequestException($e->getMessage(), $e);
  166. }
  167. return new DataResponse($this->formatShare($share));
  168. }
  169. /**
  170. * @suppress PhanUndeclaredClassMethod
  171. */
  172. protected function canAccessShare(\OCP\Share\IShare $share, bool $checkGroups = true): bool {
  173. // A file with permissions 0 can't be accessed by us. So Don't show it
  174. if ($share->getPermissions() === 0) {
  175. return false;
  176. }
  177. // Owner of the file and the sharer of the file can always get share
  178. if ($share->getShareOwner() === $this->currentUser ||
  179. $share->getSharedBy() === $this->currentUser
  180. ) {
  181. return true;
  182. }
  183. // If the share is shared with you (or a group you are a member of)
  184. if ($share->getShareType() === Share::SHARE_TYPE_USER &&
  185. $share->getSharedWith() === $this->currentUser
  186. ) {
  187. return true;
  188. }
  189. if ($checkGroups && $share->getShareType() === Share::SHARE_TYPE_GROUP) {
  190. $sharedWith = $this->groupManager->get($share->getSharedWith());
  191. $user = $this->userManager->get($this->currentUser);
  192. if ($user !== null && $sharedWith !== null && $sharedWith->inGroup($user)) {
  193. return true;
  194. }
  195. }
  196. if ($share->getShareType() === Share::SHARE_TYPE_CIRCLE) {
  197. // TODO: have a sanity check like above?
  198. return true;
  199. }
  200. if ($share->getShareType() === Share::SHARE_TYPE_ROOM) {
  201. try {
  202. return $this->getRoomShareHelper()->canAccessShare($share, $this->currentUser);
  203. } catch (QueryException $e) {
  204. return false;
  205. }
  206. }
  207. return false;
  208. }
  209. /**
  210. * Make sure that the passed date is valid ISO 8601
  211. * So YYYY-MM-DD
  212. * If not throw an exception
  213. *
  214. * @param string $expireDate
  215. *
  216. * @throws \Exception
  217. * @return \DateTime
  218. */
  219. private function parseDate(string $expireDate): \DateTime {
  220. try {
  221. $date = new \DateTime($expireDate);
  222. } catch (\Exception $e) {
  223. throw new \Exception('Invalid date. Format must be YYYY-MM-DD');
  224. }
  225. if ($date === false) {
  226. throw new \Exception('Invalid date. Format must be YYYY-MM-DD');
  227. }
  228. $date->setTime(0, 0, 0);
  229. return $date;
  230. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!