diff --git a/core/Controller/CollaborationResourcesController.php b/core/Controller/CollaborationResourcesController.php index b56d67d845..bd8c8442ae 100644 --- a/core/Controller/CollaborationResourcesController.php +++ b/core/Controller/CollaborationResourcesController.php @@ -31,19 +31,26 @@ use OCP\Collaboration\Resources\IManager; use OCP\Collaboration\Resources\IResource; use OCP\Collaboration\Resources\ResourceException; use OCP\IRequest; +use OCP\IUserSession; class CollaborationResourcesController extends OCSController { + /** @var IManager */ private $manager; + /** @var IUserSession */ + private $userSession; + public function __construct( - $appName, + string $appName, IRequest $request, - IManager $manager + IManager $manager, + IUserSession $userSession ) { parent::__construct($appName, $request); $this->manager = $manager; + $this->userSession = $userSession; } /** @@ -54,7 +61,7 @@ class CollaborationResourcesController extends OCSController { protected function getCollection(int $collectionId): ICollection { $collection = $this->manager->getCollection($collectionId); - if (false) { // TODO auth checking + if (!$collection->canAccess($this->userSession->getUser())) { throw new CollectionException('Not found'); } @@ -141,12 +148,15 @@ class CollaborationResourcesController extends OCSController { */ public function getCollectionsByResource(string $resourceType, string $resourceId): DataResponse { try { - // TODO auth checking $resource = $this->manager->getResource($resourceType, $resourceId); } catch (CollectionException $e) { return new DataResponse([], Http::STATUS_NOT_FOUND); } + if (!$resource->canAccess($this->userSession->getUser())) { + return new DataResponse([], Http::STATUS_NOT_FOUND); + } + return new DataResponse(array_map([$this, 'prepareCollection'], $resource->getCollections())); } @@ -157,7 +167,8 @@ class CollaborationResourcesController extends OCSController { protected function prepareResources(IResource $resource): array { return [ 'type' => $resource->getType(), - 'id' => $resource->getId() + 'id' => $resource->getId(), + 'name' => $resource->getName(), ]; } } diff --git a/lib/private/Collaboration/Resources/Collection.php b/lib/private/Collaboration/Resources/Collection.php index 8509b4442d..e89f62c051 100644 --- a/lib/private/Collaboration/Resources/Collection.php +++ b/lib/private/Collaboration/Resources/Collection.php @@ -30,6 +30,7 @@ use OCP\Collaboration\Resources\ICollection; use OCP\Collaboration\Resources\IResource; use OCP\DB\QueryBuilder\IQueryBuilder; use OCP\IDBConnection; +use OCP\IUser; class Collection implements ICollection { @@ -131,6 +132,23 @@ class Collection implements ICollection { } } + /** + * Can a user/guest access the collection + * + * @param IUser $user + * @return bool + * @since 15.0.0 + */ + public function canAccess(IUser $user = null): bool { + foreach ($this->getResources() as $resource) { + if ($resource->canAccess($user)) { + return true; + } + } + + return false; + } + protected function isSameResource(IResource $resource1, IResource $resource2): bool { return $resource1->getType() === $resource2->getType() && $resource1->getId() === $resource2->getId(); diff --git a/lib/private/Collaboration/Resources/Manager.php b/lib/private/Collaboration/Resources/Manager.php index e36c4ab1d3..8302d4a100 100644 --- a/lib/private/Collaboration/Resources/Manager.php +++ b/lib/private/Collaboration/Resources/Manager.php @@ -25,8 +25,11 @@ namespace OC\Collaboration\Resources; use OCP\Collaboration\Resources\ICollection; use OCP\Collaboration\Resources\IManager; +use OCP\Collaboration\Resources\IProvider; use OCP\Collaboration\Resources\IResource; +use OCP\Collaboration\Resources\ResourceException; use OCP\IDBConnection; +use OCP\IUser; class Manager implements IManager { @@ -55,4 +58,51 @@ class Manager implements IManager { public function getResource(string $type, string $id): IResource { return new Resource($this, $this->connection, $type, $id); } + + /** + * @return IProvider[] + * @since 15.0.0 + */ + public function getProviders(): array { + return []; + } + + /** + * Get the display name of a resource + * + * @param IResource $resource + * @return string + * @since 15.0.0 + */ + public function getName(IResource $resource): string { + foreach ($this->getProviders() as $provider) { + try { + return $provider->getName($resource); + } catch (ResourceException $e) { + } + } + + return ''; + } + + /** + * Can a user/guest access the collection + * + * @param IResource $resource + * @param IUser $user + * @return bool + * @since 15.0.0 + */ + public function canAccess(IResource $resource, IUser $user = null): bool { + foreach ($this->getProviders() as $provider) { + try { + if ($provider->canAccess($resource, $user)) { + return true; + } + } catch (ResourceException $e) { + } + } + + return false; + } } diff --git a/lib/private/Collaboration/Resources/Resource.php b/lib/private/Collaboration/Resources/Resource.php index 0eda8ba55c..144af6d358 100644 --- a/lib/private/Collaboration/Resources/Resource.php +++ b/lib/private/Collaboration/Resources/Resource.php @@ -26,7 +26,9 @@ namespace OC\Collaboration\Resources; use OCP\Collaboration\Resources\ICollection; use OCP\Collaboration\Resources\IManager; use OCP\Collaboration\Resources\IResource; +use OCP\Collaboration\Resources\ResourceException; use OCP\IDBConnection; +use OCP\IUser; class Resource implements IResource { @@ -42,6 +44,9 @@ class Resource implements IResource { /** @var string */ protected $id; + /** @var string|null */ + protected $name; + public function __construct(IManager $manager, IDBConnection $connection, string $type, string $id) { $this->manager = $manager; $this->connection = $connection; @@ -65,6 +70,29 @@ class Resource implements IResource { return $this->id; } + /** + * @return string + * @since 15.0.0 + */ + public function getName(): string { + if ($this->name === null) { + $this->name = $this->manager->getName($this); + } + + return $this->name; + } + + /** + * Can a user/guest access the resource + * + * @param IUser $user + * @return bool + * @since 15.0.0 + */ + public function canAccess(IUser $user = null): bool { + return $this->manager->canAccess($this, $user); + } + /** * @return ICollection[] * @since 15.0.0 diff --git a/lib/public/Collaboration/Resources/ICollection.php b/lib/public/Collaboration/Resources/ICollection.php index 408ec67401..0859ee3397 100644 --- a/lib/public/Collaboration/Resources/ICollection.php +++ b/lib/public/Collaboration/Resources/ICollection.php @@ -22,6 +22,8 @@ declare(strict_types=1); namespace OCP\Collaboration\Resources; +use OCP\IUser; + /** * @since 15.0.0 */ @@ -49,4 +51,13 @@ interface ICollection { * @since 15.0.0 */ public function removeResource(IResource $resource); + + /** + * Can a user/guest access the collection + * + * @param IUser $user + * @return bool + * @since 15.0.0 + */ + public function canAccess(IUser $user = null): bool; } diff --git a/lib/public/Collaboration/Resources/IProvider.php b/lib/public/Collaboration/Resources/IProvider.php index eac92733de..bf33811300 100644 --- a/lib/public/Collaboration/Resources/IProvider.php +++ b/lib/public/Collaboration/Resources/IProvider.php @@ -22,7 +22,27 @@ declare(strict_types=1); namespace OCP\Collaboration\Resources; +use OCP\IUser; interface IProvider { + /** + * Get the display name of a resource + * + * @param IResource $resource + * @return string + * @since 15.0.0 + */ + public function getName(IResource $resource): string; + + /** + * Can a user/guest access the collection + * + * @param IResource $resource + * @param IUser $user + * @return bool + * @since 15.0.0 + */ + public function canAccess(IResource $resource, IUser $user = null): bool; + } diff --git a/lib/public/Collaboration/Resources/IResource.php b/lib/public/Collaboration/Resources/IResource.php index 9f8628c0d4..242ad9432d 100644 --- a/lib/public/Collaboration/Resources/IResource.php +++ b/lib/public/Collaboration/Resources/IResource.php @@ -22,6 +22,8 @@ declare(strict_types=1); namespace OCP\Collaboration\Resources; +use OCP\IUser; + /** * @since 15.0.0 */ @@ -39,6 +41,21 @@ interface IResource { */ public function getId(): string; + /** + * @return string + * @since 15.0.0 + */ + public function getName(): string; + + /** + * Can a user/guest access the resource + * + * @param IUser $user + * @return bool + * @since 15.0.0 + */ + public function canAccess(IUser $user = null): bool; + /** * @return ICollection[] * @since 15.0.0