Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //Nova verze 14
- public function updateShare(
- string $id,
- int $permissions = null,
- string $password = null,
- string $sendPasswordByTalk = null,
- string $publicUpload = null,
- string $expireDate = null,
- string $note = null,
- string $label = null,
- string $hideDownload = null
- ): DataResponse {
- try {
- $share = $this->getShareById($id);
- } catch (ShareNotFound $e) {
- throw new OCSNotFoundException($this->l->t('Wrong share ID, share doesn\'t exist'));
- }
- $this->lock($share->getNode());
- if (!$this->canAccessShare($share, false)) {
- throw new OCSNotFoundException($this->l->t('Wrong share ID, share doesn\'t exist'));
- }
- if ($share->getShareOwner() !== $this->currentUser && $share->getSharedBy() !== $this->currentUser) {
- throw new OCSForbiddenException('You are not allowed to edit incoming shares');
- }
- if ($permissions === null &&
- $password === null &&
- $sendPasswordByTalk === null &&
- $publicUpload === null &&
- $expireDate === null &&
- $note === null &&
- $label === null &&
- $hideDownload === null
- ) {
- throw new OCSBadRequestException($this->l->t('Wrong or no update parameter given'));
- }
- if($note !== null) {
- $share->setNote($note);
- }
- /*
- * expirationdate, password and publicUpload only make sense for link shares
- */
- if ($share->getShareType() === Share::SHARE_TYPE_LINK) {
- // Update hide download state
- if ($hideDownload === 'true') {
- $share->setHideDownload(true);
- } else if ($hideDownload === 'false') {
- $share->setHideDownload(false);
- }
- $newPermissions = null;
- if ($publicUpload === 'true') {
- $newPermissions = Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE;
- } else if ($publicUpload === 'false') {
- $newPermissions = Constants::PERMISSION_READ;
- }
- if ($permissions !== null) {
- $newPermissions = (int)$permissions;
- $newPermissions = $newPermissions & ~Constants::PERMISSION_SHARE;
- }
- if ($newPermissions !== null &&
- !in_array($newPermissions, [
- Constants::PERMISSION_READ,
- Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE, // legacy
- Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE, // correct
- Constants::PERMISSION_CREATE, // hidden file list
- Constants::PERMISSION_READ | Constants::PERMISSION_UPDATE, // allow to edit single files
- ], true)
- ) {
- throw new OCSBadRequestException($this->l->t('Can\'t change permissions for public share links'));
- }
- if (
- // legacy
- $newPermissions === (Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE) ||
- // correct
- $newPermissions === (Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE)
- ) {
- if (!$this->shareManager->shareApiLinkAllowPublicUpload()) {
- throw new OCSForbiddenException($this->l->t('Public upload disabled by the administrator'));
- }
- if (!($share->getNode() instanceof \OCP\Files\Folder)) {
- throw new OCSBadRequestException($this->l->t('Public upload is only possible for publicly shared folders'));
- }
- // normalize to correct public upload permissions
- $newPermissions = Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE;
- }
- if ($newPermissions !== null) {
- $share->setPermissions($newPermissions);
- $permissions = $newPermissions;
- }
- if ($expireDate === '') {
- $share->setExpirationDate(null);
- } else if ($expireDate !== null) {
- try {
- $expireDate = $this->parseDate($expireDate);
- } catch (\Exception $e) {
- throw new OCSBadRequestException($e->getMessage(), $e);
- }
- $share->setExpirationDate($expireDate);
- }
- if ($password === '') {
- $share->setPassword(null);
- } else if ($password !== null) {
- $share->setPassword($password);
- }
- if ($label !== null) {
- $share->setLabel($label);
- }
- if ($sendPasswordByTalk === 'true') {
- if (!$this->appManager->isEnabledForUser('spreed')) {
- throw new OCSForbiddenException($this->l->t('Sharing sending the password by Nextcloud Talk failed because Nextcloud Talk is not enabled'));
- }
- $share->setSendPasswordByTalk(true);
- } else if ($sendPasswordByTalk !== null) {
- $share->setSendPasswordByTalk(false);
- }
- } else {
- if ($permissions !== null) {
- $permissions = (int)$permissions;
- $share->setPermissions($permissions);
- }
- if ($share->getShareType() === Share::SHARE_TYPE_EMAIL) {
- if ($password === '') {
- $share->setPassword(null);
- } else if ($password !== null) {
- $share->setPassword($password);
- }
- if ($sendPasswordByTalk === 'true') {
- if (!$this->appManager->isEnabledForUser('spreed')) {
- throw new OCSForbiddenException($this->l->t('Sharing sending the password by Nextcloud Talk failed because Nextcloud Talk is not enabled'));
- }
- $share->setSendPasswordByTalk(true);
- } else {
- $share->setSendPasswordByTalk(false);
- }
- }
- if ($expireDate === '') {
- $share->setExpirationDate(null);
- } else if ($expireDate !== null) {
- try {
- $expireDate = $this->parseDate($expireDate);
- } catch (\Exception $e) {
- throw new OCSBadRequestException($e->getMessage(), $e);
- }
- $share->setExpirationDate($expireDate);
- }
- }
- if ($permissions !== null && $share->getShareOwner() !== $this->currentUser) {
- /* Check if this is an incoming share */
- $incomingShares = $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_USER, $share->getNode(), -1, 0);
- $incomingShares = array_merge($incomingShares, $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_GROUP, $share->getNode(), -1, 0));
- $incomingShares = array_merge($incomingShares, $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_ROOM, $share->getNode(), -1, 0));
- /** @var \OCP\Share\IShare[] $incomingShares */
- if (!empty($incomingShares)) {
- $maxPermissions = 0;
- foreach ($incomingShares as $incomingShare) {
- $maxPermissions |= $incomingShare->getPermissions();
- }
- if ($share->getPermissions() & ~$maxPermissions) {
- throw new OCSNotFoundException($this->l->t('Cannot increase permissions'));
- }
- }
- }
- try {
- $share = $this->shareManager->updateShare($share);
- } catch (\Exception $e) {
- throw new OCSBadRequestException($e->getMessage(), $e);
- }
- return new DataResponse($this->formatShare($share));
- }
- /**
- * @suppress PhanUndeclaredClassMethod
- */
- protected function canAccessShare(\OCP\Share\IShare $share, bool $checkGroups = true): bool {
- // A file with permissions 0 can't be accessed by us. So Don't show it
- if ($share->getPermissions() === 0) {
- return false;
- }
- // Owner of the file and the sharer of the file can always get share
- if ($share->getShareOwner() === $this->currentUser ||
- $share->getSharedBy() === $this->currentUser
- ) {
- return true;
- }
- // If the share is shared with you (or a group you are a member of)
- if ($share->getShareType() === Share::SHARE_TYPE_USER &&
- $share->getSharedWith() === $this->currentUser
- ) {
- return true;
- }
- if ($checkGroups && $share->getShareType() === Share::SHARE_TYPE_GROUP) {
- $sharedWith = $this->groupManager->get($share->getSharedWith());
- $user = $this->userManager->get($this->currentUser);
- if ($user !== null && $sharedWith !== null && $sharedWith->inGroup($user)) {
- return true;
- }
- }
- if ($share->getShareType() === Share::SHARE_TYPE_CIRCLE) {
- // TODO: have a sanity check like above?
- return true;
- }
- if ($share->getShareType() === Share::SHARE_TYPE_ROOM) {
- try {
- return $this->getRoomShareHelper()->canAccessShare($share, $this->currentUser);
- } catch (QueryException $e) {
- return false;
- }
- }
- return false;
- }
- /**
- * Make sure that the passed date is valid ISO 8601
- * So YYYY-MM-DD
- * If not throw an exception
- *
- * @param string $expireDate
- *
- * @throws \Exception
- * @return \DateTime
- */
- private function parseDate(string $expireDate): \DateTime {
- try {
- $date = new \DateTime($expireDate);
- } catch (\Exception $e) {
- throw new \Exception('Invalid date. Format must be YYYY-MM-DD');
- }
- if ($date === false) {
- throw new \Exception('Invalid date. Format must be YYYY-MM-DD');
- }
- $date->setTime(0, 0, 0);
- return $date;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement