nextcloud/apps/files_external/lib/Lib/StorageConfig.php

431 lines
8.7 KiB
PHP
Raw Normal View History

<?php
/**
* @author Jesús Macias <jmacias@solidgear.es>
2016-01-12 17:02:16 +03:00
* @author Lukas Reschke <lukas@owncloud.com>
* @author Robin Appelman <icewind@owncloud.com>
* @author Robin McCorkell <robin@mccorkell.me.uk>
2015-03-26 13:44:34 +03:00
* @author Vincent Petry <pvince81@owncloud.com>
*
2016-01-12 17:02:16 +03:00
* @copyright Copyright (c) 2016, ownCloud, Inc.
2015-03-26 13:44:34 +03:00
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
2016-05-13 12:56:47 +03:00
namespace OCA\Files_External\Lib;
use OCA\Files_External\Lib\Auth\IUserProvided;
use \OCA\Files_External\Lib\Backend\Backend;
Authentication mechanisms for external storage backends A backend can now specify generic authentication schemes that it supports, instead of specifying the parameters for its authentication method directly. This allows multiple authentication mechanisms to be implemented for a single scheme, providing altered functionality. This commit introduces the backend framework for this feature, and so at this point the UI will be broken as the frontend does not specify the required information. Terminology: - authentication scheme Parameter interface for the authentication method. A backend supporting the 'password' scheme accepts two parameters, 'user' and 'password'. - authentication mechanism Specific mechanism implementing a scheme. Basic mechanisms may forward configuration options directly to the backend, more advanced ones may lookup parameters or retrieve them from the session New dropdown selector for external storage configurations to select the authentication mechanism to be used. Authentication mechanisms can have visibilities, just like backends. The API was extended too to make it easier to add/remove visibilities. In addition, the concept of 'allowed visibility' has been introduced, so a backend/auth mechanism can force a maximum visibility level (e.g. Local storage type) that cannot be overridden by configuration in the web UI. An authentication mechanism is a fully instantiated implementation. This allows an implementation to have dependencies injected into it, e.g. an \OCP\IDB for database operations. When a StorageConfig is being prepared for mounting, the authentication mechanism implementation has manipulateStorage() called, which inserts the relevant authentication method options into the storage ready for mounting.
2015-08-12 12:54:03 +03:00
use \OCA\Files_External\Lib\Auth\AuthMechanism;
/**
* External storage configuration
*/
class StorageConfig implements \JsonSerializable {
const MOUNT_TYPE_ADMIN = 1;
const MOUNT_TYPE_PERSONAl = 2;
/**
* Storage config id
*
* @var int
*/
private $id;
/**
* Backend
*
* @var Backend
*/
private $backend;
Authentication mechanisms for external storage backends A backend can now specify generic authentication schemes that it supports, instead of specifying the parameters for its authentication method directly. This allows multiple authentication mechanisms to be implemented for a single scheme, providing altered functionality. This commit introduces the backend framework for this feature, and so at this point the UI will be broken as the frontend does not specify the required information. Terminology: - authentication scheme Parameter interface for the authentication method. A backend supporting the 'password' scheme accepts two parameters, 'user' and 'password'. - authentication mechanism Specific mechanism implementing a scheme. Basic mechanisms may forward configuration options directly to the backend, more advanced ones may lookup parameters or retrieve them from the session New dropdown selector for external storage configurations to select the authentication mechanism to be used. Authentication mechanisms can have visibilities, just like backends. The API was extended too to make it easier to add/remove visibilities. In addition, the concept of 'allowed visibility' has been introduced, so a backend/auth mechanism can force a maximum visibility level (e.g. Local storage type) that cannot be overridden by configuration in the web UI. An authentication mechanism is a fully instantiated implementation. This allows an implementation to have dependencies injected into it, e.g. an \OCP\IDB for database operations. When a StorageConfig is being prepared for mounting, the authentication mechanism implementation has manipulateStorage() called, which inserts the relevant authentication method options into the storage ready for mounting.
2015-08-12 12:54:03 +03:00
/**
* Authentication mechanism
*
* @var AuthMechanism
*/
private $authMechanism;
/**
* Backend options
*
* @var array
*/
private $backendOptions = [];
/**
* Mount point path, relative to the user's "files" folder
*
* @var string
*/
private $mountPoint;
/**
* Storage status
*
* @var int
*/
private $status;
2015-09-16 18:58:26 +03:00
/**
* Status message
*
* @var string
*/
private $statusMessage;
/**
* Priority
*
* @var int
*/
private $priority;
/**
* List of users who have access to this storage
*
* @var array
*/
private $applicableUsers = [];
/**
* List of groups that have access to this storage
*
* @var array
*/
private $applicableGroups = [];
/**
* Mount-specific options
*
* @var array
*/
private $mountOptions = [];
/**
* Whether it's a personal or admin mount
*
* @var int
*/
private $type;
/**
* Creates a storage config
*
* @param int|null $id config id or null for a new config
*/
public function __construct($id = null) {
$this->id = $id;
$this->mountOptions['enable_sharing'] = false;
}
/**
* Returns the configuration id
*
* @return int
*/
public function getId() {
return $this->id;
}
/**
* Sets the configuration id
*
* @param int $id configuration id
*/
public function setId($id) {
$this->id = $id;
}
/**
* Returns mount point path relative to the user's
* "files" folder.
*
* @return string path
*/
public function getMountPoint() {
return $this->mountPoint;
}
/**
* Sets mount point path relative to the user's
* "files" folder.
* The path will be normalized.
*
* @param string $mountPoint path
*/
public function setMountPoint($mountPoint) {
$this->mountPoint = \OC\Files\Filesystem::normalizePath($mountPoint);
}
/**
* @return Backend
*/
public function getBackend() {
return $this->backend;
}
/**
2015-12-08 11:45:20 +03:00
* @param Backend $backend
*/
public function setBackend(Backend $backend) {
$this->backend= $backend;
}
Authentication mechanisms for external storage backends A backend can now specify generic authentication schemes that it supports, instead of specifying the parameters for its authentication method directly. This allows multiple authentication mechanisms to be implemented for a single scheme, providing altered functionality. This commit introduces the backend framework for this feature, and so at this point the UI will be broken as the frontend does not specify the required information. Terminology: - authentication scheme Parameter interface for the authentication method. A backend supporting the 'password' scheme accepts two parameters, 'user' and 'password'. - authentication mechanism Specific mechanism implementing a scheme. Basic mechanisms may forward configuration options directly to the backend, more advanced ones may lookup parameters or retrieve them from the session New dropdown selector for external storage configurations to select the authentication mechanism to be used. Authentication mechanisms can have visibilities, just like backends. The API was extended too to make it easier to add/remove visibilities. In addition, the concept of 'allowed visibility' has been introduced, so a backend/auth mechanism can force a maximum visibility level (e.g. Local storage type) that cannot be overridden by configuration in the web UI. An authentication mechanism is a fully instantiated implementation. This allows an implementation to have dependencies injected into it, e.g. an \OCP\IDB for database operations. When a StorageConfig is being prepared for mounting, the authentication mechanism implementation has manipulateStorage() called, which inserts the relevant authentication method options into the storage ready for mounting.
2015-08-12 12:54:03 +03:00
/**
* @return AuthMechanism
*/
public function getAuthMechanism() {
return $this->authMechanism;
}
/**
2015-12-08 11:45:20 +03:00
* @param AuthMechanism $authMechanism
Authentication mechanisms for external storage backends A backend can now specify generic authentication schemes that it supports, instead of specifying the parameters for its authentication method directly. This allows multiple authentication mechanisms to be implemented for a single scheme, providing altered functionality. This commit introduces the backend framework for this feature, and so at this point the UI will be broken as the frontend does not specify the required information. Terminology: - authentication scheme Parameter interface for the authentication method. A backend supporting the 'password' scheme accepts two parameters, 'user' and 'password'. - authentication mechanism Specific mechanism implementing a scheme. Basic mechanisms may forward configuration options directly to the backend, more advanced ones may lookup parameters or retrieve them from the session New dropdown selector for external storage configurations to select the authentication mechanism to be used. Authentication mechanisms can have visibilities, just like backends. The API was extended too to make it easier to add/remove visibilities. In addition, the concept of 'allowed visibility' has been introduced, so a backend/auth mechanism can force a maximum visibility level (e.g. Local storage type) that cannot be overridden by configuration in the web UI. An authentication mechanism is a fully instantiated implementation. This allows an implementation to have dependencies injected into it, e.g. an \OCP\IDB for database operations. When a StorageConfig is being prepared for mounting, the authentication mechanism implementation has manipulateStorage() called, which inserts the relevant authentication method options into the storage ready for mounting.
2015-08-12 12:54:03 +03:00
*/
public function setAuthMechanism(AuthMechanism $authMechanism) {
$this->authMechanism = $authMechanism;
}
/**
* Returns the external storage backend-specific options
*
* @return array backend options
*/
public function getBackendOptions() {
return $this->backendOptions;
}
/**
* Sets the external storage backend-specific options
*
* @param array $backendOptions backend options
*/
public function setBackendOptions($backendOptions) {
if($this->getBackend() instanceof Backend) {
$parameters = $this->getBackend()->getParameters();
foreach($backendOptions as $key => $value) {
if(isset($parameters[$key])) {
switch ($parameters[$key]->getType()) {
case \OCA\Files_External\Lib\DefinitionParameter::VALUE_BOOLEAN:
$value = (bool)$value;
break;
}
$backendOptions[$key] = $value;
}
}
}
$this->backendOptions = $backendOptions;
}
/**
* @param string $key
* @return mixed
*/
public function getBackendOption($key) {
if (isset($this->backendOptions[$key])) {
return $this->backendOptions[$key];
}
return null;
}
/**
* @param string $key
* @param mixed $value
*/
public function setBackendOption($key, $value) {
$this->backendOptions[$key] = $value;
}
/**
* Returns the mount priority
*
* @return int priority
*/
public function getPriority() {
return $this->priority;
}
/**
* Sets the mount priotity
*
* @param int $priority priority
*/
public function setPriority($priority) {
$this->priority = $priority;
}
/**
* Returns the users for which to mount this storage
*
* @return array applicable users
*/
public function getApplicableUsers() {
return $this->applicableUsers;
}
/**
* Sets the users for which to mount this storage
*
* @param array|null $applicableUsers applicable users
*/
public function setApplicableUsers($applicableUsers) {
if (is_null($applicableUsers)) {
$applicableUsers = [];
}
$this->applicableUsers = $applicableUsers;
}
/**
* Returns the groups for which to mount this storage
*
* @return array applicable groups
*/
public function getApplicableGroups() {
return $this->applicableGroups;
}
/**
* Sets the groups for which to mount this storage
*
* @param array|null $applicableGroups applicable groups
*/
public function setApplicableGroups($applicableGroups) {
if (is_null($applicableGroups)) {
$applicableGroups = [];
}
$this->applicableGroups = $applicableGroups;
}
/**
* Returns the mount-specific options
*
* @return array mount specific options
*/
public function getMountOptions() {
return $this->mountOptions;
}
/**
* Sets the mount-specific options
*
* @param array $mountOptions applicable groups
*/
public function setMountOptions($mountOptions) {
if (is_null($mountOptions)) {
$mountOptions = [];
}
$this->mountOptions = $mountOptions;
}
/**
* @param string $key
* @return mixed
*/
public function getMountOption($key) {
if (isset($this->mountOptions[$key])) {
return $this->mountOptions[$key];
}
return null;
}
/**
* @param string $key
* @param mixed $value
*/
public function setMountOption($key, $value) {
$this->mountOptions[$key] = $value;
}
/**
2015-09-16 18:58:26 +03:00
* Gets the storage status, whether the config worked last time
*
* @return int $status status
*/
public function getStatus() {
return $this->status;
}
2015-09-16 18:58:26 +03:00
/**
* Gets the message describing the storage status
*
* @return string|null
*/
public function getStatusMessage() {
return $this->statusMessage;
}
/**
* Sets the storage status, whether the config worked last time
*
* @param int $status status
2015-09-16 18:58:26 +03:00
* @param string|null $message optional message
*/
2015-09-16 18:58:26 +03:00
public function setStatus($status, $message = null) {
$this->status = $status;
2015-09-16 18:58:26 +03:00
$this->statusMessage = $message;
}
/**
* @return int self::MOUNT_TYPE_ADMIN or self::MOUNT_TYPE_PERSONAl
*/
public function getType() {
return $this->type;
}
/**
* @param int $type self::MOUNT_TYPE_ADMIN or self::MOUNT_TYPE_PERSONAl
*/
public function setType($type) {
$this->type = $type;
}
/**
* Serialize config to JSON
*
* @return array
*/
public function jsonSerialize() {
$result = [];
if (!is_null($this->id)) {
$result['id'] = $this->id;
}
$result['mountPoint'] = $this->mountPoint;
$result['backend'] = $this->backend->getIdentifier();
$result['authMechanism'] = $this->authMechanism->getIdentifier();
$result['backendOptions'] = $this->backendOptions;
if (!is_null($this->priority)) {
$result['priority'] = $this->priority;
}
if (!empty($this->applicableUsers)) {
$result['applicableUsers'] = $this->applicableUsers;
}
if (!empty($this->applicableGroups)) {
$result['applicableGroups'] = $this->applicableGroups;
}
if (!empty($this->mountOptions)) {
$result['mountOptions'] = $this->mountOptions;
}
if (!is_null($this->status)) {
$result['status'] = $this->status;
}
2015-09-16 18:58:26 +03:00
if (!is_null($this->statusMessage)) {
$result['statusMessage'] = $this->statusMessage;
}
$result['userProvided'] = $this->authMechanism instanceof IUserProvided;
$result['type'] = ($this->getType() === self::MOUNT_TYPE_PERSONAl) ? 'personal': 'system';
return $result;
}
}