nextcloud/apps/files_sharing/ajax/external.php

<?php
/**
 * @author Björn Schießle <bjoern@schiessle.org>
 * @author Joas Schilling <nickvergessen@owncloud.com>
 * @author Lukas Reschke <lukas@statuscode.ch>
 * @author Morris Jobke <hey@morrisjobke.de>
 * @author Robin Appelman <icewind@owncloud.com>
 * @author Roeland Jago Douma <rullzer@owncloud.com>
 * @author Vincent Petry <pvince81@owncloud.com>
 *
 * @copyright Copyright (c) 2016, ownCloud, Inc.
 * @license AGPL-3.0
 *
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */

OCP\JSON::callCheck();
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('files_sharing');

$l = \OC::$server->getL10N('files_sharing');

$federatedSharingApp = new \OCA\FederatedFileSharing\AppInfo\Application('federatedfilesharing');
$federatedShareProvider = $federatedSharingApp->getFederatedShareProvider();

// check if server admin allows to mount public links from other servers
if ($federatedShareProvider->isIncomingServer2serverShareEnabled() === false) {
	\OCP\JSON::error(array('data' => array('message' => $l->t('Server to server sharing is not enabled on this server'))));
	exit();
}

$token = $_POST['token'];
$remote = $_POST['remote'];
$owner = $_POST['owner'];
$ownerDisplayName = $_POST['ownerDisplayName'];
$name = $_POST['name'];
$password = $_POST['password'];

// Check for invalid name
if(!\OCP\Util::isValidFileName($name)) {
	\OCP\JSON::error(array('data' => array('message' => $l->t('The mountpoint name contains invalid characters.'))));
	exit();
}

$currentUser = \OC::$server->getUserSession()->getUser()->getUID();
$currentServer = \OC::$server->getURLGenerator()->getAbsoluteURL('/');
if (\OC\Share\Helper::isSameUserOnSameServer($owner, $remote, $currentUser, $currentServer )) {
	\OCP\JSON::error(array('data' => array('message' => $l->t('Not allowed to create a federated share with the same user server'))));
	exit();
}

$discoveryManager = new \OCA\FederatedFileSharing\DiscoveryManager(
	\OC::$server->getMemCacheFactory(),
	\OC::$server->getHTTPClientService()
);
$externalManager = new \OCA\Files_Sharing\External\Manager(
		\OC::$server->getDatabaseConnection(),
		\OC\Files\Filesystem::getMountManager(),
		\OC\Files\Filesystem::getLoader(),
		\OC::$server->getHTTPHelper(),
		\OC::$server->getNotificationManager(),
		$discoveryManager,
		\OC::$server->getUserSession()->getUser()->getUID()
);

// check for ssl cert
if (substr($remote, 0, 5) === 'https') {
	try {
		\OC::$server->getHTTPClientService()->newClient()->get($remote, [
			'timeout' => 10,
			'connect_timeout' => 10,
		])->getBody();
	} catch (\Exception $e) {
		\OCP\JSON::error(array('data' => array('message' => $l->t('Invalid or untrusted SSL certificate'))));
		exit;
	}
}

$mount = $externalManager->addShare($remote, $token, $password, $name, $ownerDisplayName, true);

/**
 * @var \OCA\Files_Sharing\External\Storage $storage
 */
$storage = $mount->getStorage();
try {
	// check if storage exists
	$storage->checkStorageAvailability();
} catch (\OCP\Files\StorageInvalidException $e) {
	// note: checkStorageAvailability will already remove the invalid share
	\OCP\Util::writeLog(
		'files_sharing',
		'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(),
		\OCP\Util::DEBUG
	);
	\OCP\JSON::error(
		array(
			'data' => array(
				'message' => $l->t('Could not authenticate to remote share, password might be wrong')
			)
		)
	);
	exit();
} catch (\Exception $e) {
	\OCP\Util::writeLog(
		'files_sharing',
		'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(),
		\OCP\Util::DEBUG
	);
	$externalManager->removeShare($mount->getMountPoint());
	\OCP\JSON::error(array('data' => array('message' => $l->t('Storage not valid'))));
	exit();
}
$result = $storage->file_exists('');
if ($result) {
	try {
		$storage->getScanner()->scanAll();
		\OCP\JSON::success();
	} catch (\OCP\Files\StorageInvalidException $e) {
		\OCP\Util::writeLog(
			'files_sharing',
			'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(),
			\OCP\Util::DEBUG
		);
		\OCP\JSON::error(array('data' => array('message' => $l->t('Storage not valid'))));
	} catch (\Exception $e) {
		\OCP\Util::writeLog(
			'files_sharing',
			'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(),
			\OCP\Util::DEBUG
		);
		\OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t add remote share'))));
	}
} else {
	$externalManager->removeShare($mount->getMountPoint());
	\OCP\Util::writeLog(
		'files_sharing',
		'Couldn\'t add remote share',
		\OCP\Util::DEBUG
	);
	\OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t add remote share'))));
}
Add interface for accpeting external shares 2014-05-09 19:06:08 +04:00			`<?php`
			`/**`
Update license headers 2016-05-26 20:56:05 +03:00			`* @author Björn Schießle <bjoern@schiessle.org>`
update licence headers via script 2015-10-05 21:54:56 +03:00			`* @author Joas Schilling <nickvergessen@owncloud.com>`
Update license headers 2016-05-26 20:56:05 +03:00			`* @author Lukas Reschke <lukas@statuscode.ch>`
Update license headers 2015-03-26 13:44:34 +03:00			`* @author Morris Jobke <hey@morrisjobke.de>`
			`* @author Robin Appelman <icewind@owncloud.com>`
Update license headers 2015-10-26 15:54:55 +03:00			`* @author Roeland Jago Douma <rullzer@owncloud.com>`
Update license headers 2015-03-26 13:44:34 +03:00			`* @author Vincent Petry <pvince81@owncloud.com>`
			`*`
Happy new year! 2016-01-12 17:02:16 +03:00			`* @copyright Copyright (c) 2016, ownCloud, Inc.`
Update license headers 2015-03-26 13:44:34 +03:00			`* @license AGPL-3.0`
			`*`
			`* This code is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License, version 3,`
			`* as published by the Free Software Foundation.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License, version 3,`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>`
			`*`
Add interface for accpeting external shares 2014-05-09 19:06:08 +04:00			`*/`
Revert "Updating license headers" This reverts commit 6a1a4880f0d556fb090f19a5019fec31916f5c36. 2015-02-26 13:37:37 +03:00
Add interface for accpeting external shares 2014-05-09 19:06:08 +04:00			`OCP\JSON::callCheck();`
			`OCP\JSON::checkLoggedIn();`
Add some safety checks 2014-06-16 14:42:28 +04:00			`OCP\JSON::checkAppEnabled('files_sharing');`
Add interface for accpeting external shares 2014-05-09 19:06:08 +04:00
Use public api for getting l10n 2014-08-31 12:05:59 +04:00			`$l = \OC::$server->getL10N('files_sharing');`
add settings to disable server to server sharing 2014-06-12 21:49:52 +04:00
move federated sharing settings to the federatedfilesharing app 2016-04-18 19:17:08 +03:00			`$federatedSharingApp = new \OCA\FederatedFileSharing\AppInfo\Application('federatedfilesharing');`
			`$federatedShareProvider = $federatedSharingApp->getFederatedShareProvider();`

add settings to disable server to server sharing 2014-06-12 21:49:52 +04:00			`// check if server admin allows to mount public links from other servers`
move federated sharing settings to the federatedfilesharing app 2016-04-18 19:17:08 +03:00			`if ($federatedShareProvider->isIncomingServer2serverShareEnabled() === false) {`
add settings to disable server to server sharing 2014-06-12 21:49:52 +04:00			`\OCP\JSON::error(array('data' => array('message' => $l->t('Server to server sharing is not enabled on this server'))));`
			`exit();`
			`}`

Add interface for accpeting external shares 2014-05-09 19:06:08 +04:00			`$token = $_POST['token'];`
			`$remote = $_POST['remote'];`
			`$owner = $_POST['owner'];`
show display name but internally use the user name 2015-12-14 18:04:05 +03:00			`$ownerDisplayName = $_POST['ownerDisplayName'];`
Add interface for accpeting external shares 2014-05-09 19:06:08 +04:00			`$name = $_POST['name'];`
			`$password = $_POST['password'];`

Check for blacklisted characters Fixes https://github.com/owncloud/core/issues/11264 (This should in future get moved to the mountpoint class - but that is something for @icewind1991 ;-)) 2014-09-23 21:30:32 +04:00			`// Check for invalid name`
			`if(!\OCP\Util::isValidFileName($name)) {`
			`\OCP\JSON::error(array('data' => array('message' => $l->t('The mountpoint name contains invalid characters.'))));`
			`exit();`
			`}`

don't allow to create a federated share if source and target server are the same 2015-12-09 14:00:00 +03:00			`$currentUser = \OC::$server->getUserSession()->getUser()->getUID();`
			`$currentServer = \OC::$server->getURLGenerator()->getAbsoluteURL('/');`
			`if (\OC\Share\Helper::isSameUserOnSameServer($owner, $remote, $currentUser, $currentServer )) {`
			`\OCP\JSON::error(array('data' => array('message' => $l->t('Not allowed to create a federated share with the same user server'))));`
			`exit();`
			`}`

Add autodiscovery support to server-to-server sharing Adds autodiscovery support to server-to-server sharing as specified in the specification. If no discovery data is found it is using the fallback ownCloud endpoints for legacy support. 2016-02-25 22:46:01 +03:00			`$discoveryManager = new \OCA\FederatedFileSharing\DiscoveryManager(`
			`\OC::$server->getMemCacheFactory(),`
			`\OC::$server->getHTTPClientService()`
			`);`
Add interface for accpeting external shares 2014-05-09 19:06:08 +04:00			`$externalManager = new \OCA\Files_Sharing\External\Manager(`
Next step in server-to-server sharing next generation, see #12285 Beside some small improvements and bug fixes this will probably the final state for OC8. To test this you need to set up two ownCloud instances. Let's say: URL: myPC/firstOwnCloud user: user1 URL: myPC/secondOwnCloud user: user2 Now user1 can share a file with user2 by entering the username and the URL to the second ownCloud to the share-drop-down, in this case "user2@myPC/secondOwnCloud". The next time user2 login he will get a notification that he received a server-to-server share with the option to accept/decline it. If he accept it the share will be mounted. In both cases a event will be send back to user1 and add a notification to the activity stream that the share was accepted/declined. If user1 decides to unshare the file again from user2 the share will automatically be removed from the second ownCloud server and user2 will see a notification in his activity stream that user1@myPC/firstOwnCloud has unshared the file/folder from him. 2014-12-04 21:51:04 +03:00			`\OC::$server->getDatabaseConnection(),`
			`\OC\Files\Filesystem::getMountManager(),`
			`\OC\Files\Filesystem::getLoader(),`
use uid provided by setupfs hook to mount server2server shares, otherwise mount will fail for public link shares 2015-01-20 02:35:47 +03:00			`\OC::$server->getHTTPHelper(),`
Scrap the notifications when the share is accepted or declined 2015-09-01 19:56:09 +03:00			`\OC::$server->getNotificationManager(),`
Fix Scrutinizer issues 2016-03-01 00:44:40 +03:00			`$discoveryManager,`
use uid provided by setupfs hook to mount server2server shares, otherwise mount will fail for public link shares 2015-01-20 02:35:47 +03:00			`\OC::$server->getUserSession()->getUser()->getUID()`
Add interface for accpeting external shares 2014-05-09 19:06:08 +04:00			`);`

Give a better error message for external shares with self-signed ssl certificates 2014-08-13 18:46:04 +04:00			`// check for ssl cert`
Move away from private static deprecated functio 2015-04-02 17:59:47 +03:00			`if (substr($remote, 0, 5) === 'https') {`
			`try {`
Add timeouts to make the UI usable again when a remote share is unreachable 2016-06-15 17:30:24 +03:00			`\OC::$server->getHTTPClientService()->newClient()->get($remote, [`
Increase fed share timeout from 3 to 10 + unit tests 2016-06-21 18:37:44 +03:00			`'timeout' => 10,`
			`'connect_timeout' => 10,`
Add timeouts to make the UI usable again when a remote share is unreachable 2016-06-15 17:30:24 +03:00			`])->getBody();`
Move away from private static deprecated functio 2015-04-02 17:59:47 +03:00			`} catch (\Exception $e) {`
			`\OCP\JSON::error(array('data' => array('message' => $l->t('Invalid or untrusted SSL certificate'))));`
			`exit;`
			`}`
			`}`

show display name but internally use the user name 2015-12-14 18:04:05 +03:00			`$mount = $externalManager->addShare($remote, $token, $password, $name, $ownerDisplayName, true);`
Catch storage exception in scanner for remote shares Whenever an exception occurs during scan of a remote share, the share is checked for availability. If the storage is gone, it will be removed automatically. Also, getDirectoryContent() will now skip unavailable storages. 2015-01-20 21:45:32 +03:00
Move away from private static deprecated functio 2015-04-02 17:59:47 +03:00			`/**`
			`* @var \OCA\Files_Sharing\External\Storage $storage`
			`*/`
			`$storage = $mount->getStorage();`
			`try {`
			`// check if storage exists`
			`$storage->checkStorageAvailability();`
			`} catch (\OCP\Files\StorageInvalidException $e) {`
			`// note: checkStorageAvailability will already remove the invalid share`
			`\OCP\Util::writeLog(`
			`'files_sharing',`
			`'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(),`
			`\OCP\Util::DEBUG`
			`);`
			`\OCP\JSON::error(`
			`array(`
			`'data' => array(`
			`'message' => $l->t('Could not authenticate to remote share, password might be wrong')`
			`)`
			`)`
			`);`
			`exit();`
			`} catch (\Exception $e) {`
			`\OCP\Util::writeLog(`
			`'files_sharing',`
			`'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(),`
			`\OCP\Util::DEBUG`
			`);`
			`$externalManager->removeShare($mount->getMountPoint());`
			`\OCP\JSON::error(array('data' => array('message' => $l->t('Storage not valid'))));`
			`exit();`
			`}`
			`$result = $storage->file_exists('');`
			`if ($result) {`
Catch storage exception in scanner for remote shares Whenever an exception occurs during scan of a remote share, the share is checked for availability. If the storage is gone, it will be removed automatically. Also, getDirectoryContent() will now skip unavailable storages. 2015-01-20 21:45:32 +03:00			`try {`
Move away from private static deprecated functio 2015-04-02 17:59:47 +03:00			`$storage->getScanner()->scanAll();`
			`\OCP\JSON::success();`
Catch storage exception in scanner for remote shares Whenever an exception occurs during scan of a remote share, the share is checked for availability. If the storage is gone, it will be removed automatically. Also, getDirectoryContent() will now skip unavailable storages. 2015-01-20 21:45:32 +03:00			`} catch (\OCP\Files\StorageInvalidException $e) {`
			`\OCP\Util::writeLog(`
			`'files_sharing',`
			`'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(),`
			`\OCP\Util::DEBUG`
			`);`
Move away from private static deprecated functio 2015-04-02 17:59:47 +03:00			`\OCP\JSON::error(array('data' => array('message' => $l->t('Storage not valid'))));`
Catch storage exception in scanner for remote shares Whenever an exception occurs during scan of a remote share, the share is checked for availability. If the storage is gone, it will be removed automatically. Also, getDirectoryContent() will now skip unavailable storages. 2015-01-20 21:45:32 +03:00			`} catch (\Exception $e) {`
			`\OCP\Util::writeLog(`
			`'files_sharing',`
			`'Invalid remote storage: ' . get_class($e) . ': ' . $e->getMessage(),`
			`\OCP\Util::DEBUG`
			`);`
			`\OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t add remote share'))));`
Give a better error message for external shares with self-signed ssl certificates 2014-08-13 18:46:04 +04:00			`}`
Move away from private static deprecated functio 2015-04-02 17:59:47 +03:00			`} else {`
			`$externalManager->removeShare($mount->getMountPoint());`
			`\OCP\Util::writeLog(`
			`'files_sharing',`
			`'Couldn\'t add remote share',`
			`\OCP\Util::DEBUG`
			`);`
			`\OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t add remote share'))));`
Scan the entire remote share at once by requesting the full file tree from the remote server 2014-05-19 18:39:57 +04:00			`}`
Move away from private static deprecated functio 2015-04-02 17:59:47 +03:00