2011-06-12 00:14:24 +04:00
< ? php
/**
* ownCloud
*
* @ author Michael Gapczynski
* @ copyright 2011 Michael Gapczynski GapczynskiM @ gmail . com
*
* This library is free software ; you can redistribute it and / or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation ; either
* version 3 of the License , or any later version .
*
* This library is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details .
*
* You should have received a copy of the GNU Affero General Public
* License along with this library . If not , see < http :// www . gnu . org / licenses />.
*
*/
/**
* This class manages shared items within the database .
*/
2011-07-31 03:40:19 +04:00
class OC_Share {
2011-07-31 00:03:32 +04:00
const WRITE = 1 ;
const DELETE = 2 ;
2011-08-18 02:00:37 +04:00
const UNSHARED = - 1 ;
2011-08-17 04:21:18 +04:00
const PUBLICLINK = " public " ;
private $token ;
2011-07-31 00:03:32 +04:00
2011-06-12 00:14:24 +04:00
/**
* Share an item , adds an entry into the database
2011-08-13 01:22:32 +04:00
* @ param $source The source location of the item
2011-08-13 04:49:44 +04:00
* @ param $uid_shared_with The user or group to share the item with
2011-08-13 01:22:32 +04:00
* @ param $permissions The permissions , use the constants WRITE and DELETE
2011-06-12 00:14:24 +04:00
*/
2011-08-16 01:37:16 +04:00
public function __construct ( $source , $uid_shared_with , $permissions ) {
2011-08-13 01:22:32 +04:00
$uid_owner = OC_User :: getUser ();
2011-08-17 04:21:18 +04:00
$query = OC_DB :: prepare ( " INSERT INTO *PREFIX*sharing VALUES(?,?,?,?,?) " );
if ( $uid_shared_with == self :: PUBLICLINK ) {
$token = sha1 ( " $uid_shared_with - $source " );
$query -> execute ( array ( $uid_owner , self :: PUBLICLINK , $source , $token , $permissions ));
$this -> token = $token ;
2011-08-13 04:49:44 +04:00
} else {
2011-08-17 04:21:18 +04:00
if ( OC_Group :: groupExists ( $uid_shared_with )) {
$gid = $uid_shared_with ;
$uid_shared_with = OC_Group :: usersInGroup ( $gid );
// Remove the owner from the list of users in the group
$uid_shared_with = array_diff ( $uid_shared_with , array ( $uid_owner ));
} else if ( OC_User :: userExists ( $uid_shared_with )) {
$gid = null ;
$uid_shared_with = array ( $uid_shared_with );
} else {
throw new Exception ( $uid_shared_with . " is not a user " );
2011-08-13 04:49:44 +04:00
}
2011-08-17 04:21:18 +04:00
foreach ( $uid_shared_with as $uid ) {
// Check if this item is already shared with the user
$checkSource = OC_DB :: prepare ( " SELECT source FROM *PREFIX*sharing WHERE source = ? AND uid_shared_with " . self :: getUsersAndGroups ( $uid ));
$resultCheckSource = $checkSource -> execute ( array ( $source , $uid )) -> fetchAll ();
// TODO Check if the source is inside a folder
if ( count ( $resultCheckSource ) > 0 && ! isset ( $gid )) {
throw new Exception ( " This item is already shared with " . $uid );
2011-08-13 04:49:44 +04:00
}
2011-08-17 04:21:18 +04:00
// Check if the target already exists for the user, if it does append a number to the name
2011-08-24 19:59:03 +04:00
$sharedFolder = " / " . $uid . " /files/Shared " ;
$target = $sharedFolder . " / " . basename ( $source );
2011-08-17 04:21:18 +04:00
if ( self :: getSource ( $target )) {
if ( $pos = strrpos ( $target , " . " )) {
$name = substr ( $target , 0 , $pos );
$ext = substr ( $target , $pos );
} else {
$name = $target ;
$ext = " " ;
}
$counter = 1 ;
while ( $checkTarget !== false ) {
$newTarget = $name . " _ " . $counter . $ext ;
$checkTarget = self :: getSource ( $newTarget );
$counter ++ ;
}
$target = $newTarget ;
2011-08-13 04:49:44 +04:00
}
2011-08-17 04:21:18 +04:00
if ( isset ( $gid )) {
$uid = $uid . " @ " . $gid ;
}
$query -> execute ( array ( $uid_owner , $uid , $source , $target , $permissions ));
2011-08-24 19:59:03 +04:00
// Clear the folder size cache for the 'Shared' folder
$clearFolderSize = OC_DB :: prepare ( " DELETE FROM *PREFIX*foldersize WHERE path = ? " );
$clearFolderSize -> execute ( array ( $sharedFolder ));
2011-06-12 00:14:24 +04:00
}
}
}
2011-07-29 03:42:02 +04:00
2011-07-29 04:28:22 +04:00
/**
* Remove any duplicate or trailing '/' from the path
* @ return A clean path
*/
private static function cleanPath ( $path ) {
$path = rtrim ( $path , " / " );
return preg_replace ( '{(/)\1+}' , " / " , $path );
}
2011-07-29 03:42:02 +04:00
/**
2011-08-16 01:37:16 +04:00
* Generate a string to be used for searching for uid_shared_with that handles both users and groups
* @ param $uid ( Optional ) The uid to get the user groups for , a gid to get the users in a group , or if not set the current user
* @ return An IN operator as a string
2011-07-29 03:42:02 +04:00
*/
2011-08-16 01:37:16 +04:00
private static function getUsersAndGroups ( $uid = null ) {
$in = " IN( " ;
if ( isset ( $uid ) && OC_Group :: groupExists ( $uid )) {
$users = OC_Group :: usersInGroup ( $uid );
foreach ( $users as $user ) {
// Add a comma only if the the current element isn't the last
if ( $user !== end ( $users )) {
$in .= " ' " . $user . " @ " . $uid . " ', " ;
} else {
$in .= " ' " . $user . " @ " . $uid . " ' " ;
}
}
} else if ( isset ( $uid )) {
// TODO Check if this is necessary, only constructor needs it as IN. It would be better for other queries to just return =$uid
2011-08-17 02:34:02 +04:00
$in .= " ' " . $uid . " ' " ;
2011-08-16 01:37:16 +04:00
$groups = OC_Group :: getUserGroups ( $uid );
foreach ( $groups as $group ) {
$in .= " , ' " . $uid . " @ " . $group . " ' " ;
}
} else {
$uid = OC_User :: getUser ();
$in .= " ' " . $uid . " ' " ;
$groups = OC_Group :: getUserGroups ( $uid );
foreach ( $groups as $group ) {
$in .= " , ' " . $uid . " @ " . $group . " ' " ;
}
2011-08-14 20:16:14 +04:00
}
2011-08-18 23:35:11 +04:00
$in .= " , ' " . self :: PUBLICLINK . " ' " ;
2011-08-14 20:16:14 +04:00
$in .= " ) " ;
return $in ;
2011-07-29 03:42:02 +04:00
}
2011-07-15 05:04:09 +04:00
/**
* Create a new entry in the database for a file inside a shared folder
*
* $oldTarget and $newTarget may be the same value . $oldTarget exists in case the file is being moved outside of the folder
*
* @ param $oldTarget The current target location
* @ param $newTarget The new target location
*/
public static function pullOutOfFolder ( $oldTarget , $newTarget ) {
$folders = self :: getParentFolders ( $oldTarget );
2011-07-16 21:06:59 +04:00
$source = $folders [ 'source' ] . substr ( $oldTarget , strlen ( $folders [ 'target' ]));
2011-07-15 05:04:09 +04:00
$item = self :: getItem ( $folders [ 'target' ]);
$query = OC_DB :: prepare ( " INSERT INTO *PREFIX*sharing VALUES(?,?,?,?,?) " );
2011-07-31 03:40:19 +04:00
$query -> execute ( array ( $item [ 0 ][ 'uid_owner' ], OC_User :: getUser (), $source , $newTarget , $item [ 0 ][ 'permissions' ]));
2011-07-15 05:04:09 +04:00
}
2011-06-12 00:14:24 +04:00
/**
2011-07-15 03:24:48 +04:00
* Get the item with the specified target location
* @ param $target The target location of the item
* @ return An array with the item
*/
public static function getItem ( $target ) {
2011-07-29 04:28:22 +04:00
$target = self :: cleanPath ( $target );
2011-07-31 00:03:32 +04:00
$query = OC_DB :: prepare ( " SELECT uid_owner, source, permissions FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with = ? LIMIT 1 " );
2011-07-31 03:40:19 +04:00
return $query -> execute ( array ( $target , OC_User :: getUser ())) -> fetchAll ();
2011-06-12 00:14:24 +04:00
}
2011-08-02 20:19:49 +04:00
/**
* Get the item with the specified source location
* @ param $source The source location of the item
* @ return An array with the users and permissions the item is shared with
*/
public static function getMySharedItem ( $source ) {
$source = self :: cleanPath ( $source );
$query = OC_DB :: prepare ( " SELECT uid_shared_with, permissions FROM *PREFIX*sharing WHERE source = ? AND uid_owner = ? " );
return $query -> execute ( array ( $source , OC_User :: getUser ())) -> fetchAll ();
}
2011-08-22 20:37:44 +04:00
2011-06-12 00:14:24 +04:00
/**
2011-07-15 03:24:48 +04:00
* Get all items the current user is sharing
* @ return An array with all items the user is sharing
2011-06-12 00:14:24 +04:00
*/
2011-07-15 03:24:48 +04:00
public static function getMySharedItems () {
2011-07-31 00:03:32 +04:00
$query = OC_DB :: prepare ( " SELECT uid_shared_with, source, permissions FROM *PREFIX*sharing WHERE uid_owner = ? " );
2011-07-31 03:40:19 +04:00
return $query -> execute ( array ( OC_User :: getUser ())) -> fetchAll ();
2011-06-12 00:14:24 +04:00
}
2011-08-22 20:37:44 +04:00
2011-06-12 00:14:24 +04:00
/**
2011-07-15 03:24:48 +04:00
* Get the items within a shared folder that have their own entry for the purpose of name , location , or permissions that differ from the folder itself
*
2011-07-23 22:41:01 +04:00
* Works for both target and source folders . Can be used for getting all items shared with you e . g . pass '/MTGap/files'
2011-07-15 03:24:48 +04:00
*
2011-07-23 22:41:01 +04:00
* @ param $folder The folder of the items to look for
* @ return An array with all items in the database that are in the folder
2011-07-15 03:24:48 +04:00
*/
2011-07-23 22:41:01 +04:00
public static function getItemsInFolder ( $folder ) {
2011-07-29 04:28:22 +04:00
$folder = self :: cleanPath ( $folder );
2011-07-15 03:24:48 +04:00
// Append '/' in order to filter out the folder itself if not already there
2011-07-23 22:41:01 +04:00
if ( substr ( $folder , - 1 ) !== " / " ) {
$folder .= " / " ;
2011-06-12 00:14:24 +04:00
}
2011-07-23 22:41:01 +04:00
$length = strlen ( $folder );
2011-08-18 01:43:15 +04:00
$query = OC_DB :: prepare ( " SELECT uid_owner, source, target, permissions FROM *PREFIX*sharing WHERE SUBSTR(source, 1, ?) = ? OR SUBSTR(target, 1, ?) = ? AND uid_shared_with " . self :: getUsersAndGroups ());
2011-08-14 20:16:14 +04:00
return $query -> execute ( array ( $length , $folder , $length , $folder )) -> fetchAll ();
2011-06-12 00:14:24 +04:00
}
2011-08-22 20:37:44 +04:00
2011-07-06 23:17:03 +04:00
/**
2011-07-15 03:24:48 +04:00
* Get the source and target parent folders of the specified target location
* @ param $target The target location of the item
* @ return An array with the keys 'source' and 'target' with the values of the source and target parent folders
2011-07-06 20:12:29 +04:00
*/
2011-07-15 03:24:48 +04:00
public static function getParentFolders ( $target ) {
2011-07-29 04:28:22 +04:00
$target = self :: cleanPath ( $target );
2011-08-16 01:37:16 +04:00
$query = OC_DB :: prepare ( " SELECT source FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with " . self :: getUsersAndGroups () . " LIMIT 1 " );
2011-07-15 03:24:48 +04:00
// Prevent searching for user directory e.g. '/MTGap/files'
$userDirectory = substr ( $target , 0 , strpos ( $target , " files " ) + 5 );
2011-08-16 01:37:16 +04:00
$target = dirname ( $target );
$result = array ();
2011-07-15 03:24:48 +04:00
while ( $target != " " && $target != " / " && $target != " . " && $target != $userDirectory ) {
2011-07-15 05:04:09 +04:00
// Check if the parent directory of this target location is shared
2011-08-14 20:16:14 +04:00
$result = $query -> execute ( array ( $target )) -> fetchAll ();
2011-07-15 03:24:48 +04:00
if ( count ( $result ) > 0 ) {
break ;
}
2011-08-16 01:37:16 +04:00
$target = dirname ( $target );
2011-07-15 03:24:48 +04:00
}
if ( count ( $result ) > 0 ) {
// Return both the source folder and the target folder
return array ( " source " => $result [ 0 ][ 'source' ], " target " => $target );
} else {
return false ;
}
2011-07-06 20:12:29 +04:00
}
2011-07-15 03:24:48 +04:00
2011-06-16 22:40:21 +04:00
/**
2011-07-15 03:24:48 +04:00
* Get the source location of the item at the specified target location
* @ param $target The target location of the item
* @ return Source location or false if target location is not valid
2011-06-16 22:40:21 +04:00
*/
public static function getSource ( $target ) {
2011-07-29 04:28:22 +04:00
$target = self :: cleanPath ( $target );
2011-08-16 01:37:16 +04:00
$query = OC_DB :: prepare ( " SELECT source FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with " . self :: getUsersAndGroups () . " LIMIT 1 " );
2011-08-14 20:16:14 +04:00
$result = $query -> execute ( array ( $target )) -> fetchAll ();
2011-06-25 03:38:39 +04:00
if ( count ( $result ) > 0 ) {
2011-06-26 06:00:52 +04:00
return $result [ 0 ][ 'source' ];
2011-06-25 03:38:39 +04:00
} else {
2011-07-15 03:24:48 +04:00
$folders = self :: getParentFolders ( $target );
2011-07-31 00:03:32 +04:00
if ( $folders == true ) {
2011-07-13 04:18:08 +04:00
return $folders [ 'source' ] . substr ( $target , strlen ( $folders [ 'target' ]));
2011-07-31 00:03:32 +04:00
} else {
return false ;
2011-07-13 04:18:08 +04:00
}
2011-07-06 20:12:29 +04:00
}
}
2011-07-15 03:24:48 +04:00
/**
2011-07-31 00:03:32 +04:00
* Get the user ' s permissions for the item at the specified target location
2011-07-15 03:24:48 +04:00
* @ param $target The target location of the item
2011-07-31 00:03:32 +04:00
* @ return The permissions , use bitwise operators to check against the constants WRITE and DELETE
2011-07-15 03:24:48 +04:00
*/
2011-07-31 00:03:32 +04:00
public static function getPermissions ( $target ) {
2011-07-29 04:28:22 +04:00
$target = self :: cleanPath ( $target );
2011-08-16 01:37:16 +04:00
$query = OC_DB :: prepare ( " SELECT permissions FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with " . self :: getUsersAndGroups () . " LIMIT 1 " );
2011-08-14 20:16:14 +04:00
$result = $query -> execute ( array ( $target )) -> fetchAll ();
2011-07-15 03:24:48 +04:00
if ( count ( $result ) > 0 ) {
2011-07-31 00:03:32 +04:00
return $result [ 0 ][ 'permissions' ];
2011-07-06 20:12:29 +04:00
} else {
2011-08-17 20:58:09 +04:00
$folders = self :: getParentFolders ( $target );
2011-07-31 00:03:32 +04:00
if ( $folders == true ) {
2011-08-17 20:58:09 +04:00
$result = $query -> execute ( array ( $folders [ 'target' ])) -> fetchAll ();
2011-07-31 00:03:32 +04:00
if ( count ( $result ) > 0 ) {
return $result [ 0 ][ 'permissions' ];
}
2011-07-06 20:12:29 +04:00
} else {
2011-07-15 03:24:48 +04:00
return false ;
2011-07-06 20:12:29 +04:00
}
}
2011-06-16 22:40:21 +04:00
}
2011-07-09 02:21:20 +04:00
/**
2011-08-17 05:32:51 +04:00
* Get the token for a public link
* @ return The token of the public link , a sha1 hash
*/
public function getToken () {
return $this -> token ;
}
/**
* Get the token for a public link
* @ param $source The source location of the item
* @ return The token of the public link , a sha1 hash
*/
public static function getTokenFromSource ( $source ) {
$query = OC_DB :: prepare ( " SELECT target FROM *PREFIX*sharing WHERE source = ? AND uid_shared_with = ? AND uid_owner = ? LIMIT 1 " );
$result = $query -> execute ( array ( $source , self :: PUBLICLINK , OC_User :: getUser ())) -> fetchAll ();
if ( count ( $result ) > 0 ) {
return $result [ 0 ][ 'target' ];
} else {
return false ;
}
}
2011-06-26 06:00:52 +04:00
/**
* Set the target location to a new value
2011-07-15 03:24:48 +04:00
*
2011-07-15 05:04:09 +04:00
* You must use the pullOutOfFolder () function to change the target location of a file inside a shared folder if the target location differs from the folder
2011-07-15 03:24:48 +04:00
*
2011-06-26 06:00:52 +04:00
* @ param $oldTarget The current target location
* @ param $newTarget The new target location
*/
public static function setTarget ( $oldTarget , $newTarget ) {
2011-07-29 04:28:22 +04:00
$oldTarget = self :: cleanPath ( $oldTarget );
$newTarget = self :: cleanPath ( $newTarget );
2011-08-16 01:37:16 +04:00
$query = OC_DB :: prepare ( " UPDATE *PREFIX*sharing SET target = REPLACE(target, ?, ?) WHERE uid_shared_with " . self :: getUsersAndGroups ());
$query -> execute ( array ( $oldTarget , $newTarget ));
2011-06-26 06:00:52 +04:00
}
2011-08-22 20:37:44 +04:00
2011-06-12 00:14:24 +04:00
/**
2011-07-31 00:03:32 +04:00
* Change the permissions for the specified item and user
2011-07-15 03:24:48 +04:00
*
2011-07-31 00:03:32 +04:00
* You must construct a new shared item to change the permissions of a file inside a shared folder if the permissions differ from the folder
2011-07-15 03:24:48 +04:00
*
* @ param $source The source location of the item
2011-07-31 00:03:32 +04:00
* @ param $uid_shared_with The user to change the permissions for
* @ param $permissions The permissions , use the constants WRITE and DELETE
2011-07-15 03:24:48 +04:00
*/
2011-07-31 00:03:32 +04:00
public static function setPermissions ( $source , $uid_shared_with , $permissions ) {
2011-07-29 04:28:22 +04:00
$source = self :: cleanPath ( $source );
2011-08-16 01:37:16 +04:00
$query = OC_DB :: prepare ( " UPDATE *PREFIX*sharing SET permissions = ? WHERE SUBSTR(source, 1, ?) = ? AND uid_owner = ? AND uid_shared_with " . self :: getUsersAndGroups ( $uid_shared_with ));
$query -> execute ( array ( $permissions , strlen ( $source ), $source , OC_User :: getUser ()));
2011-06-12 00:14:24 +04:00
}
2011-08-22 20:37:44 +04:00
2011-06-12 00:14:24 +04:00
/**
2011-07-15 03:24:48 +04:00
* Unshare the item , removes it from all specified users
*
2011-07-15 05:04:09 +04:00
* You must use the pullOutOfFolder () function to unshare a file inside a shared folder and set $newTarget to nothing
2011-07-15 03:24:48 +04:00
*
* @ param $source The source location of the item
* @ param $uid_shared_with Array of users to unshare the item from
*/
public static function unshare ( $source , $uid_shared_with ) {
2011-07-29 04:28:22 +04:00
$source = self :: cleanPath ( $source );
2011-08-16 01:37:16 +04:00
$query = OC_DB :: prepare ( " DELETE FROM *PREFIX*sharing WHERE SUBSTR(source, 1, ?) = ? AND uid_owner = ? AND uid_shared_with " . self :: getUsersAndGroups ( $uid_shared_with ));
$query -> execute ( array ( strlen ( $source ), $source , OC_User :: getUser ()));
2011-06-12 00:14:24 +04:00
}
2011-08-22 20:37:44 +04:00
2011-07-15 03:24:48 +04:00
/**
* Unshare the item from the current user , removes it only from the database and doesn ' t touch the source file
*
2011-08-22 19:31:47 +04:00
* You must use the pullOutOfFolder () function before you call unshareFromMySelf () and set the delete parameter to false to unshare from self a file inside a shared folder
2011-07-15 03:24:48 +04:00
*
* @ param $target The target location of the item
2011-08-22 19:31:47 +04:00
* @ param $delete ( Optional ) If true delete the entry from the database , if false the permission is set to UNSHARED
2011-07-15 03:24:48 +04:00
*/
2011-08-18 01:43:15 +04:00
public static function unshareFromMySelf ( $target , $delete = true ) {
2011-07-29 04:28:22 +04:00
$target = self :: cleanPath ( $target );
2011-08-18 01:43:15 +04:00
if ( $delete ) {
$query = OC_DB :: prepare ( " DELETE FROM *PREFIX*sharing WHERE SUBSTR(target, 1, ?) = ? AND uid_shared_with " . self :: getUsersAndGroups ());
$query -> execute ( array ( strlen ( $target ), $target ));
} else {
$query = OC_DB :: prepare ( " UPDATE *PREFIX*sharing SET permissions = ? WHERE SUBSTR(target, 1, ?) = ? AND uid_shared_with " . self :: getUsersAndGroups ());
2011-08-18 02:00:37 +04:00
$query -> execute ( array ( self :: UNSHARED , strlen ( $target ), $target ));
2011-08-18 01:43:15 +04:00
}
2011-07-15 03:24:48 +04:00
}
2011-07-19 00:36:34 +04:00
/**
* Remove the item from the database , the owner deleted the file
2011-08-22 20:37:44 +04:00
* @ param $arguments Array of arguments passed from OC_Hook
2011-07-19 00:36:34 +04:00
*/
public static function deleteItem ( $arguments ) {
2011-08-22 20:37:44 +04:00
$source = " / " . OC_User :: getUser () . " /files " . self :: cleanPath ( $arguments [ 'path' ]);
2011-07-23 04:41:16 +04:00
$query = OC_DB :: prepare ( " DELETE FROM *PREFIX*sharing WHERE SUBSTR(source, 1, ?) = ? AND uid_owner = ? " );
2011-07-31 03:40:19 +04:00
$query -> execute ( array ( strlen ( $source ), $source , OC_User :: getUser ()));
2011-07-19 00:36:34 +04:00
}
/**
* Rename the item in the database , the owner renamed the file
2011-08-22 20:37:44 +04:00
* @ param $arguments Array of arguments passed from OC_Hook
2011-07-19 00:36:34 +04:00
*/
public static function renameItem ( $arguments ) {
2011-08-22 20:37:44 +04:00
$oldSource = " / " . OC_User :: getUser () . " /files " . self :: cleanPath ( $arguments [ 'oldpath' ]);
$newSource = " / " . OC_User :: getUser () . " /files " . self :: cleanPath ( $arguments [ 'newpath' ]);
$query = OC_DB :: prepare ( " UPDATE *PREFIX*sharing SET source = REPLACE(source, ?, ?) WHERE uid_owner = ? " );
$query -> execute ( array ( $oldSource , $newSource , OC_User :: getUser ()));
2011-07-19 00:36:34 +04:00
}
2011-06-12 00:14:24 +04:00
}
?>