Merge pull request #26727 from nextcloud/group-exclude-link-share

Add option to exclude groups from creating link shares
This commit is contained in:
Morris Jobke 2021-05-21 15:35:39 +02:00 committed by GitHub
commit f1dbabd910
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 253 additions and 179 deletions

View File

@ -55,6 +55,7 @@ use OCP\IL10N;
use OCP\IRequest;
use OCP\IURLGenerator;
use OCP\IUserSession;
use OCP\Share\IManager;
/**
* Class ViewController
@ -86,6 +87,8 @@ class ViewController extends Controller {
private $initialState;
/** @var ITemplateManager */
private $templateManager;
/** @var IManager */
private $shareManager;
public function __construct(string $appName,
IRequest $request,
@ -98,7 +101,8 @@ class ViewController extends Controller {
IRootFolder $rootFolder,
Helper $activityHelper,
IInitialState $initialState,
ITemplateManager $templateManager
ITemplateManager $templateManager,
IManager $shareManager
) {
parent::__construct($appName, $request);
$this->appName = $appName;
@ -113,6 +117,7 @@ class ViewController extends Controller {
$this->activityHelper = $activityHelper;
$this->initialState = $initialState;
$this->templateManager = $templateManager;
$this->shareManager = $shareManager;
}
/**
@ -302,7 +307,7 @@ class ViewController extends Controller {
$params['owner'] = $storageInfo['owner'] ?? '';
$params['ownerDisplayName'] = $storageInfo['ownerDisplayName'] ?? '';
$params['isPublic'] = false;
$params['allowShareWithLink'] = $this->config->getAppValue('core', 'shareapi_allow_links', 'yes');
$params['allowShareWithLink'] = $this->shareManager->shareApiAllowLinks() ? 'yes' : 'no';
$params['defaultFileSorting'] = $this->config->getUserValue($user, 'files', 'file_sorting', 'name');
$params['defaultFileSortingDirection'] = $this->config->getUserValue($user, 'files', 'file_sorting_direction', 'asc');
$params['showgridview'] = $this->config->getUserValue($user, 'files', 'show_grid', false);

View File

@ -22,10 +22,14 @@
*
*/
use OCP\Share\IManager;
$config = \OC::$server->getConfig();
$userSession = \OC::$server->getUserSession();
// TODO: move this to the generated config.js
$publicUploadEnabled = $config->getAppValue('core', 'shareapi_allow_public_upload', 'yes');
/** @var IManager $shareManager */
$shareManager = \OC::$server->get(IManager::class);
$publicUploadEnabled = $shareManager->shareApiLinkAllowPublicUpload() ? 'yes' : 'no';;
$showgridview = $config->getUserValue($userSession->getUser()->getUID(), 'files', 'show_grid', false);
$isIE = OC_Util::isIe();

View File

@ -48,6 +48,7 @@ use OCP\IRequest;
use OCP\IURLGenerator;
use OCP\IUser;
use OCP\IUserSession;
use OCP\Share\IManager;
use OCP\Template;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Test\TestCase;
@ -84,6 +85,8 @@ class ViewControllerTest extends TestCase {
private $initialState;
/** @var ITemplateManager|\PHPUnit\Framework\MockObject\MockObject */
private $templateManager;
/** @var IManager|\PHPUnit\Framework\MockObject\MockObject */
private $shareManager;
protected function setUp(): void {
parent::setUp();
@ -105,6 +108,7 @@ class ViewControllerTest extends TestCase {
$this->activityHelper = $this->createMock(Helper::class);
$this->initialState = $this->createMock(IInitialState::class);
$this->templateManager = $this->createMock(ITemplateManager::class);
$this->shareManager = $this->createMock(IManager::class);
$this->viewController = $this->getMockBuilder('\OCA\Files\Controller\ViewController')
->setConstructorArgs([
'files',
@ -119,6 +123,7 @@ class ViewControllerTest extends TestCase {
$this->activityHelper,
$this->initialState,
$this->templateManager,
$this->shareManager,
])
->setMethods([
'getStorageInfo',
@ -153,6 +158,8 @@ class ViewControllerTest extends TestCase {
->expects($this->any())
->method('getAppValue')
->willReturnArgument(2);
$this->shareManager->method('shareApiAllowLinks')
->willReturn(true);
$nav = new Template('files', 'appnavigation');
$nav->assign('usage_relative', 123);

View File

@ -56,7 +56,9 @@ use OCP\Group\Events\UserAddedEvent;
use OCP\IDBConnection;
use OCP\IGroup;
use OCP\IServerContainer;
use OCP\IUserSession;
use OCP\Share\Events\ShareCreatedEvent;
use OCP\Share\IManager;
use OCP\Util;
use Psr\Container\ContainerInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
@ -166,20 +168,24 @@ class Application extends App {
}
protected function setupSharingMenus() {
$config = \OC::$server->getConfig();
/** @var IManager $shareManager */
$shareManager = \OC::$server->get(IManager::class);
if ($config->getAppValue('core', 'shareapi_enabled', 'yes') !== 'yes' || !class_exists('\OCA\Files\App')) {
if (!$shareManager->shareApiEnabled() || !class_exists('\OCA\Files\App')) {
return;
}
// show_Quick_Access stored as string
\OCA\Files\App::getNavigationManager()->add(function () {
$config = \OC::$server->getConfig();
\OCA\Files\App::getNavigationManager()->add(function () use ($shareManager) {
$l = \OC::$server->getL10N('files_sharing');
/** @var IUserSession $userSession */
$userSession = \OC::$server->get(IUserSession::class);
$user = $userSession->getUser();
$userId = $user ? $user->getUID() : null;
$sharingSublistArray = [];
if (\OCP\Util::isSharingDisabledForUser() === false) {
if ($shareManager->sharingDisabledForUser($userId) === false) {
$sharingSublistArray[] = [
'id' => 'sharingout',
'appname' => 'files_sharing',
@ -197,9 +203,9 @@ class Application extends App {
'name' => $l->t('Shared with you'),
];
if (\OCP\Util::isSharingDisabledForUser() === false) {
if ($shareManager->sharingDisabledForUser($userId) === false) {
// Check if sharing by link is enabled
if ($config->getAppValue('core', 'shareapi_allow_links', 'yes') === 'yes') {
if ($shareManager->shareApiAllowLinks()) {
$sharingSublistArray[] = [
'id' => 'sharinglinks',
'appname' => 'files_sharing',

View File

@ -28,6 +28,7 @@ namespace OCA\Files_Sharing;
use OCP\Capabilities\ICapability;
use OCP\Constants;
use OCP\IConfig;
use OCP\Share\IManager;
/**
* Class Capabilities
@ -38,9 +39,12 @@ class Capabilities implements ICapability {
/** @var IConfig */
private $config;
/** @var IManager */
private $shareManager;
public function __construct(IConfig $config) {
public function __construct(IConfig $config, IManager $shareManager) {
$this->config = $config;
$this->shareManager = $shareManager;
}
/**
@ -51,7 +55,7 @@ class Capabilities implements ICapability {
public function getCapabilities() {
$res = [];
if ($this->config->getAppValue('core', 'shareapi_enabled', 'yes') !== 'yes') {
if (!$this->shareManager->shareApiEnabled()) {
$res['api_enabled'] = false;
$res['public'] = ['enabled' => false];
$res['user'] = ['send_mail' => false];
@ -60,10 +64,10 @@ class Capabilities implements ICapability {
$res['api_enabled'] = true;
$public = [];
$public['enabled'] = $this->config->getAppValue('core', 'shareapi_allow_links', 'yes') === 'yes';
$public['enabled'] = $this->shareManager->shareApiAllowLinks();
if ($public['enabled']) {
$public['password'] = [];
$public['password']['enforced'] = ($this->config->getAppValue('core', 'shareapi_enforce_links_password', 'no') === 'yes');
$public['password']['enforced'] = $this->shareManager->shareApiLinkEnforcePassword();
if ($public['password']['enforced']) {
$public['password']['askForOptionalPassword'] = false;
@ -73,28 +77,28 @@ class Capabilities implements ICapability {
$public['expire_date'] = [];
$public['multiple_links'] = true;
$public['expire_date']['enabled'] = $this->config->getAppValue('core', 'shareapi_default_expire_date', 'no') === 'yes';
$public['expire_date']['enabled'] = $this->shareManager->shareApiLinkDefaultExpireDate();
if ($public['expire_date']['enabled']) {
$public['expire_date']['days'] = $this->config->getAppValue('core', 'shareapi_expire_after_n_days', '7');
$public['expire_date']['enforced'] = $this->config->getAppValue('core', 'shareapi_enforce_expire_date', 'no') === 'yes';
$public['expire_date']['days'] = $this->shareManager->shareApiLinkDefaultExpireDays();
$public['expire_date']['enforced'] = $this->shareManager->shareApiLinkDefaultExpireDateEnforced();
}
$public['expire_date_internal'] = [];
$public['expire_date_internal']['enabled'] = $this->config->getAppValue('core', 'shareapi_default_internal_expire_date', 'no') === 'yes';
$public['expire_date_internal']['enabled'] = $this->shareManager->shareApiInternalDefaultExpireDate();
if ($public['expire_date_internal']['enabled']) {
$public['expire_date_internal']['days'] = $this->config->getAppValue('core', 'shareapi_internal_expire_after_n_days', '7');
$public['expire_date_internal']['enforced'] = $this->config->getAppValue('core', 'shareapi_enforce_internal_expire_date', 'no') === 'yes';
$public['expire_date_internal']['days'] = $this->shareManager->shareApiInternalDefaultExpireDays();
$public['expire_date_internal']['enforced'] = $this->shareManager->shareApiInternalDefaultExpireDateEnforced();
}
$public['expire_date_remote'] = [];
$public['expire_date_remote']['enabled'] = $this->config->getAppValue('core', 'shareapi_default_remote_expire_date', 'no') === 'yes';
$public['expire_date_remote']['enabled'] = $this->shareManager->shareApiRemoteDefaultExpireDate();
if ($public['expire_date_remote']['enabled']) {
$public['expire_date_remote']['days'] = $this->config->getAppValue('core', 'shareapi_remote_expire_after_n_days', '7');
$public['expire_date_remote']['enforced'] = $this->config->getAppValue('core', 'shareapi_enforce_remote_expire_date', 'no') === 'yes';
$public['expire_date_remote']['days'] = $this->shareManager->shareApiRemoteDefaultExpireDays();
$public['expire_date_remote']['enforced'] = $this->shareManager->shareApiRemoteDefaultExpireDateEnforced();
}
$public['send_mail'] = $this->config->getAppValue('core', 'shareapi_allow_public_notification', 'no') === 'yes';
$public['upload'] = $this->config->getAppValue('core', 'shareapi_allow_public_upload', 'yes') === 'yes';
$public['upload'] = $this->shareManager->shareApiLinkAllowPublicUpload();
$public['upload_files_drop'] = $public['upload'];
}
$res['public'] = $public;
@ -106,17 +110,17 @@ class Capabilities implements ICapability {
// deprecated in favour of 'group', but we need to keep it for now
// in order to stay compatible with older clients
$res['group_sharing'] = $this->config->getAppValue('core', 'shareapi_allow_group_sharing', 'yes') === 'yes';
$res['group_sharing'] = $this->shareManager->allowGroupSharing();
$res['group'] = [];
$res['group']['enabled'] = $this->config->getAppValue('core', 'shareapi_allow_group_sharing', 'yes') === 'yes';
$res['group']['enabled'] = $this->shareManager->allowGroupSharing();
$res['group']['expire_date']['enabled'] = true;
$res['default_permissions'] = (int)$this->config->getAppValue('core', 'shareapi_default_permissions', Constants::PERMISSION_ALL);
}
//Federated sharing
$res['federation'] = [
'outgoing' => $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'yes',
'outgoing' => $this->shareManager->outgoingServer2ServerSharesAllowed(),
'incoming' => $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') === 'yes',
// old bogus one, expire_date was not working before, keeping for compatibility
'expire_date' => ['enabled' => true],

View File

@ -27,8 +27,24 @@
namespace OCA\Files_Sharing\Tests;
use OC\Share20\Manager;
use OCA\Files_Sharing\Capabilities;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\Files\IRootFolder;
use OCP\Files\Mount\IMountManager;
use OCP\IConfig;
use OCP\IGroupManager;
use OCP\IL10N;
use OCP\ILogger;
use OCP\IURLGenerator;
use OCP\IUserManager;
use OCP\IUserSession;
use OCP\L10N\IFactory;
use OCP\Mail\IMailer;
use OCP\Security\IHasher;
use OCP\Security\ISecureRandom;
use OCP\Share\IProviderFactory;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
/**
* Class CapabilitiesTest
@ -60,7 +76,26 @@ class CapabilitiesTest extends \Test\TestCase {
private function getResults(array $map) {
$config = $this->getMockBuilder(IConfig::class)->disableOriginalConstructor()->getMock();
$config->method('getAppValue')->willReturnMap($map);
$cap = new Capabilities($config);
$shareManager = new Manager(
$this->createMock(ILogger::class),
$config,
$this->createMock(ISecureRandom::class),
$this->createMock(IHasher::class),
$this->createMock(IMountManager::class),
$this->createMock(IGroupManager::class),
$this->createMock(IL10N::class),
$this->createMock(IFactory::class),
$this->createMock(IProviderFactory::class),
$this->createMock(IUserManager::class),
$this->createMock(IRootFolder::class),
$this->createMock(EventDispatcherInterface::class),
$this->createMock(IMailer::class),
$this->createMock(IURLGenerator::class),
$this->createMock(\OC_Defaults::class),
$this->createMock(IEventDispatcher::class),
$this->createMock(IUserSession::class)
);
$cap = new Capabilities($config, $shareManager);
$result = $this->getFilesSharingPart($cap->getCapabilities());
return $result;
}

View File

@ -1,5 +1,5 @@
window.addEventListener('DOMContentLoaded', function(){
$('#excludedGroups').each(function (index, element) {
$('#excludedGroups,#linksExcludedGroups').each(function (index, element) {
OC.Settings.setupGroupsSelect($(element));
$(element).change(function(ev) {
var groups = ev.val || [];

View File

@ -64,11 +64,15 @@ class Sharing implements ISettings {
$excludedGroups = $this->config->getAppValue('core', 'shareapi_exclude_groups_list', '');
$excludeGroupsList = !is_null(json_decode($excludedGroups))
? implode('|', json_decode($excludedGroups, true)) : '';
$linksExcludedGroups = $this->config->getAppValue('core', 'shareapi_allow_links_exclude_groups', '');
$linksExcludeGroupsList = !is_null(json_decode($linksExcludedGroups))
? implode('|', json_decode($linksExcludedGroups, true)) : '';
$parameters = [
// Built-In Sharing
'allowGroupSharing' => $this->config->getAppValue('core', 'shareapi_allow_group_sharing', 'yes'),
'allowLinks' => $this->config->getAppValue('core', 'shareapi_allow_links', 'yes'),
'allowLinksExcludeGroups' => $linksExcludeGroupsList,
'allowPublicUpload' => $this->config->getAppValue('core', 'shareapi_allow_public_upload', 'yes'),
'allowResharing' => $this->config->getAppValue('core', 'shareapi_allow_resharing', 'yes'),
'allowShareDialogUserEnumeration' => $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes'),

View File

@ -138,6 +138,14 @@
<p class="<?php if ($_['shareAPIEnabled'] === 'no') {
p('hidden');
}?>">
<p class="indent">
<?php p($l->t('Exclude groups from creating link shares:'));?>
</p>
<p id="selectLinksExcludedGroups" class="indent <?php if ($_['allowLinks'] === 'no') {
p('hidden');
} ?>">
<input name="shareapi_allow_links_exclude_groups" type="hidden" id="linksExcludedGroups" value="<?php p($_['allowLinksExcludeGroups']) ?>" style="width: 400px" class="noJSAutoUpdate"/>
</p>
<input type="checkbox" name="shareapi_allow_resharing" id="allowResharing" class="checkbox"
value="1" <?php if ($_['allowResharing'] === 'yes') {
print_unescaped('checked="checked"');
@ -176,7 +184,7 @@
} ?>">
<input name="shareapi_exclude_groups_list" type="hidden" id="excludedGroups" value="<?php p($_['shareExcludedGroupsList']) ?>" style="width: 400px" class="noJSAutoUpdate"/>
<br />
<em><?php p($l->t('These groups will still be able to receive shares, but not to initiate them.')); ?></em>
<em><?php p($l->t('These groups will still be able to receive shares, but not to initiate them.')); ?></em>
</p>
<p class="<?php if ($_['shareAPIEnabled'] === 'no') {

View File

@ -90,6 +90,8 @@ class SharingTest extends TestCase {
['core', 'shareapi_remote_expire_after_n_days', '7', '7'],
['core', 'shareapi_enforce_remote_expire_date', 'no', 'no'],
]);
$this->shareManager->method('shareWithGroupMembersOnly')
->willReturn(false);
$expected = new TemplateResponse(
'settings',
@ -121,6 +123,7 @@ class SharingTest extends TestCase {
'shareDefaultRemoteExpireDateSet' => 'no',
'shareRemoteExpireAfterNDays' => '7',
'shareRemoteEnforceExpireDate' => 'no',
'allowLinksExcludeGroups' => '',
],
''
);
@ -156,6 +159,8 @@ class SharingTest extends TestCase {
['core', 'shareapi_remote_expire_after_n_days', '7', '7'],
['core', 'shareapi_enforce_remote_expire_date', 'no', 'no'],
]);
$this->shareManager->method('shareWithGroupMembersOnly')
->willReturn(false);
$expected = new TemplateResponse(
'settings',
@ -187,6 +192,7 @@ class SharingTest extends TestCase {
'shareDefaultRemoteExpireDateSet' => 'no',
'shareRemoteExpireAfterNDays' => '7',
'shareRemoteEnforceExpireDate' => 'no',
'allowLinksExcludeGroups' => '',
],
''
);

View File

@ -1234,7 +1234,8 @@ class Server extends ServerContainer implements IServerContainer {
$c->get(IMailer::class),
$c->get(IURLGenerator::class),
$c->get('ThemingDefaults'),
$c->get(IEventDispatcher::class)
$c->get(IEventDispatcher::class),
$c->get(IUserSession::class)
);
return $manager;

View File

@ -57,6 +57,7 @@ use OCP\ILogger;
use OCP\IURLGenerator;
use OCP\IUser;
use OCP\IUserManager;
use OCP\IUserSession;
use OCP\L10N\IFactory;
use OCP\Mail\IMailer;
use OCP\Security\Events\ValidatePasswordPolicyEvent;
@ -104,8 +105,6 @@ class Manager implements IManager {
private $sharingDisabledForUsersCache;
/** @var EventDispatcherInterface */
private $legacyDispatcher;
/** @var LegacyHooks */
private $legacyHooks;
/** @var IMailer */
private $mailer;
/** @var IURLGenerator */
@ -114,44 +113,26 @@ class Manager implements IManager {
private $defaults;
/** @var IEventDispatcher */
private $dispatcher;
private $userSession;
/**
* Manager constructor.
*
* @param ILogger $logger
* @param IConfig $config
* @param ISecureRandom $secureRandom
* @param IHasher $hasher
* @param IMountManager $mountManager
* @param IGroupManager $groupManager
* @param IL10N $l
* @param IFactory $l10nFactory
* @param IProviderFactory $factory
* @param IUserManager $userManager
* @param IRootFolder $rootFolder
* @param EventDispatcherInterface $eventDispatcher
* @param IMailer $mailer
* @param IURLGenerator $urlGenerator
* @param \OC_Defaults $defaults
*/
public function __construct(
ILogger $logger,
IConfig $config,
ISecureRandom $secureRandom,
IHasher $hasher,
IMountManager $mountManager,
IGroupManager $groupManager,
IL10N $l,
IFactory $l10nFactory,
IProviderFactory $factory,
IUserManager $userManager,
IRootFolder $rootFolder,
EventDispatcherInterface $legacyDispatcher,
IMailer $mailer,
IURLGenerator $urlGenerator,
\OC_Defaults $defaults,
IEventDispatcher $dispatcher
ILogger $logger,
IConfig $config,
ISecureRandom $secureRandom,
IHasher $hasher,
IMountManager $mountManager,
IGroupManager $groupManager,
IL10N $l,
IFactory $l10nFactory,
IProviderFactory $factory,
IUserManager $userManager,
IRootFolder $rootFolder,
EventDispatcherInterface $legacyDispatcher,
IMailer $mailer,
IURLGenerator $urlGenerator,
\OC_Defaults $defaults,
IEventDispatcher $dispatcher,
IUserSession $userSession
) {
$this->logger = $logger;
$this->config = $config;
@ -166,11 +147,11 @@ class Manager implements IManager {
$this->rootFolder = $rootFolder;
$this->legacyDispatcher = $legacyDispatcher;
$this->sharingDisabledForUsersCache = new CappedMemoryCache();
$this->legacyHooks = new LegacyHooks($this->legacyDispatcher);
$this->mailer = $mailer;
$this->urlGenerator = $urlGenerator;
$this->defaults = $defaults;
$this->dispatcher = $dispatcher;
$this->userSession = $userSession;
}
/**
@ -274,7 +255,7 @@ class Manager implements IManager {
// And it should be a file or a folder
if (!($share->getNode() instanceof \OCP\Files\File) &&
!($share->getNode() instanceof \OCP\Files\Folder)) {
!($share->getNode() instanceof \OCP\Files\Folder)) {
throw new \InvalidArgumentException('Path should be either a file or a folder');
}
@ -422,13 +403,13 @@ class Manager implements IManager {
}
if ($fullId === null && $expirationDate === null && $defaultExpireDate) {
$expirationDate = new \DateTime();
$expirationDate->setTime(0,0,0);
$expirationDate->setTime(0, 0, 0);
$days = (int)$this->config->getAppValue('core', $configProp, (string)$defaultExpireDays);
if ($days > $defaultExpireDays) {
$days = $defaultExpireDays;
}
$expirationDate->add(new \DateInterval('P'.$days.'D'));
$expirationDate->add(new \DateInterval('P' . $days . 'D'));
}
// If we enforce the expiration date check that is does not exceed
@ -498,13 +479,13 @@ class Manager implements IManager {
if ($fullId === null && $expirationDate === null && $this->shareApiLinkDefaultExpireDate()) {
$expirationDate = new \DateTime();
$expirationDate->setTime(0,0,0);
$expirationDate->setTime(0, 0, 0);
$days = (int)$this->config->getAppValue('core', 'link_defaultExpDays', $this->shareApiLinkDefaultExpireDays());
if ($days > $this->shareApiLinkDefaultExpireDays()) {
$days = $this->shareApiLinkDefaultExpireDays();
}
$expirationDate->add(new \DateInterval('P'.$days.'D'));
$expirationDate->add(new \DateInterval('P' . $days . 'D'));
}
// If we enforce the expiration date check that is does not exceed
@ -553,8 +534,8 @@ class Manager implements IManager {
$sharedWith = $this->userManager->get($share->getSharedWith());
// Verify we can share with this user
$groups = array_intersect(
$this->groupManager->getUserGroupIds($sharedBy),
$this->groupManager->getUserGroupIds($sharedWith)
$this->groupManager->getUserGroupIds($sharedBy),
$this->groupManager->getUserGroupIds($sharedWith)
);
if (empty($groups)) {
$message_t = $this->l->t('Sharing is only allowed with group members');
@ -919,7 +900,7 @@ class Manager implements IManager {
'%1$s via %2$s',
[
$initiatorDisplayName,
$instanceName
$instanceName,
]
);
$message->setFrom([\OCP\Util::getDefaultEmailAddress($instanceName) => $senderName]);
@ -1102,7 +1083,7 @@ class Manager implements IManager {
* @since 9.0.0
*/
public function acceptShare(IShare $share, string $recipientId): IShare {
[$providerId, ] = $this->splitFullId($share->getFullId());
[$providerId,] = $this->splitFullId($share->getFullId());
$provider = $this->factory->getProvider($providerId);
if (!method_exists($provider, 'acceptShare')) {
@ -1127,10 +1108,10 @@ class Manager implements IManager {
*/
private function updateSharePasswordIfNeeded(IShare $share, IShare $originalShare) {
$passwordsAreDifferent = ($share->getPassword() !== $originalShare->getPassword()) &&
(($share->getPassword() !== null && $originalShare->getPassword() === null) ||
($share->getPassword() === null && $originalShare->getPassword() !== null) ||
($share->getPassword() !== null && $originalShare->getPassword() !== null &&
!$this->hasher->verify($share->getPassword(), $originalShare->getPassword())));
(($share->getPassword() !== null && $originalShare->getPassword() === null) ||
($share->getPassword() === null && $originalShare->getPassword() !== null) ||
($share->getPassword() !== null && $originalShare->getPassword() !== null &&
!$this->hasher->verify($share->getPassword(), $originalShare->getPassword())));
// Password updated.
if ($passwordsAreDifferent) {
@ -1225,7 +1206,7 @@ class Manager implements IManager {
* @param string $recipientId
*/
public function deleteFromSelf(IShare $share, $recipientId) {
[$providerId, ] = $this->splitFullId($share->getFullId());
[$providerId,] = $this->splitFullId($share->getFullId());
$provider = $this->factory->getProvider($providerId);
$provider->deleteFromSelf($share, $recipientId);
@ -1234,7 +1215,7 @@ class Manager implements IManager {
}
public function restoreShare(IShare $share, string $recipientId): IShare {
[$providerId, ] = $this->splitFullId($share->getFullId());
[$providerId,] = $this->splitFullId($share->getFullId());
$provider = $this->factory->getProvider($providerId);
return $provider->restore($share, $recipientId);
@ -1264,7 +1245,7 @@ class Manager implements IManager {
}
}
[$providerId, ] = $this->splitFullId($share->getFullId());
[$providerId,] = $this->splitFullId($share->getFullId());
$provider = $this->factory->getProvider($providerId);
return $provider->move($share, $recipientId);
@ -1291,8 +1272,8 @@ class Manager implements IManager {
*/
public function getSharesBy($userId, $shareType, $path = null, $reshares = false, $limit = 50, $offset = 0) {
if ($path !== null &&
!($path instanceof \OCP\Files\File) &&
!($path instanceof \OCP\Files\Folder)) {
!($path instanceof \OCP\Files\File) &&
!($path instanceof \OCP\Files\Folder)) {
throw new \InvalidArgumentException('invalid path');
}
@ -1533,8 +1514,8 @@ class Manager implements IManager {
*/
public function checkPassword(IShare $share, $password) {
$passwordProtected = $share->getShareType() !== IShare::TYPE_LINK
|| $share->getShareType() !== IShare::TYPE_EMAIL
|| $share->getShareType() !== IShare::TYPE_CIRCLE;
|| $share->getShareType() !== IShare::TYPE_EMAIL
|| $share->getShareType() !== IShare::TYPE_CIRCLE;
if (!$passwordProtected) {
//TODO maybe exception?
return false;
@ -1756,7 +1737,20 @@ class Manager implements IManager {
* @return bool
*/
public function shareApiAllowLinks() {
return $this->config->getAppValue('core', 'shareapi_allow_links', 'yes') === 'yes';
if ($this->config->getAppValue('core', 'shareapi_allow_links', 'yes') !== 'yes') {
return false;
}
$user = $this->userSession->getUser();
if ($user) {
$excludedGroups = json_decode($this->config->getAppValue('core', 'shareapi_allow_links_exclude_groups', '[]'));
if ($excludedGroups) {
$userGroups = $this->groupManager->getUserGroupIds($user);
return !(bool)array_intersect($excludedGroups, $userGroups);
}
}
return true;
}
/**
@ -1780,6 +1774,7 @@ class Manager implements IManager {
/**
* Is default link expire date enforced
*`
*
* @return bool
*/
public function shareApiLinkDefaultExpireDateEnforced() {
@ -1790,6 +1785,7 @@ class Manager implements IManager {
/**
* Number of default link expire days
*
* @return int
*/
public function shareApiLinkDefaultExpireDays() {
@ -1836,6 +1832,7 @@ class Manager implements IManager {
/**
* Number of default expire days
*
* @return int
*/
public function shareApiInternalDefaultExpireDays(): int {
@ -1844,6 +1841,7 @@ class Manager implements IManager {
/**
* Number of default expire days for remote shares
*
* @return int
*/
public function shareApiRemoteDefaultExpireDays(): int {
@ -1861,6 +1859,7 @@ class Manager implements IManager {
/**
* check if user can only share with group members
*
* @return bool
*/
public function shareWithGroupMembersOnly() {
@ -1869,6 +1868,7 @@ class Manager implements IManager {
/**
* Check if users can share with groups
*
* @return bool
*/
public function allowGroupSharing() {

View File

@ -72,6 +72,7 @@ use OCP\IGroupManager;
use OCP\ILogger;
use OCP\IUser;
use OCP\IUserSession;
use OCP\Share\IManager;
use Psr\Log\LoggerInterface;
class OC_Util {
@ -336,8 +337,9 @@ class OC_Util {
* @suppress PhanDeprecatedFunction
*/
public static function isPublicLinkPasswordRequired() {
$enforcePassword = \OC::$server->getConfig()->getAppValue('core', 'shareapi_enforce_links_password', 'no');
return $enforcePassword === 'yes';
/** @var IManager $shareManager */
$shareManager = \OC::$server->get(IManager::class);
return $shareManager->shareApiLinkEnforcePassword();
}
/**
@ -348,25 +350,10 @@ class OC_Util {
* @return bool
*/
public static function isSharingDisabledForUser(IConfig $config, IGroupManager $groupManager, $user) {
if ($config->getAppValue('core', 'shareapi_exclude_groups', 'no') === 'yes') {
$groupsList = $config->getAppValue('core', 'shareapi_exclude_groups_list', '');
$excludedGroups = json_decode($groupsList);
if (is_null($excludedGroups)) {
$excludedGroups = explode(',', $groupsList);
$newValue = json_encode($excludedGroups);
$config->setAppValue('core', 'shareapi_exclude_groups_list', $newValue);
}
$usersGroups = $groupManager->getUserGroupIds($user);
if (!empty($usersGroups)) {
$remainingGroups = array_diff($usersGroups, $excludedGroups);
// if the user is only in groups which are disabled for sharing then
// sharing is also disabled for the user
if (empty($remainingGroups)) {
return true;
}
}
}
return false;
/** @var IManager $shareManager */
$shareManager = \OC::$server->get(IManager::class);
$userId = $user ? $user->getUID() : null;
return $shareManager->sharingDisabledForUser($userId);
}
/**
@ -376,14 +363,9 @@ class OC_Util {
* @suppress PhanDeprecatedFunction
*/
public static function isDefaultExpireDateEnforced() {
$isDefaultExpireDateEnabled = \OC::$server->getConfig()->getAppValue('core', 'shareapi_default_expire_date', 'no');
$enforceDefaultExpireDate = false;
if ($isDefaultExpireDateEnabled === 'yes') {
$value = \OC::$server->getConfig()->getAppValue('core', 'shareapi_enforce_expire_date', 'no');
$enforceDefaultExpireDate = $value === 'yes';
}
return $enforceDefaultExpireDate;
/** @var IManager $shareManager */
$shareManager = \OC::$server->get(IManager::class);
return $shareManager->shareApiLinkDefaultExpireDateEnforced();
}
/**

View File

@ -346,6 +346,54 @@ interface IManager {
*/
public function shareApiLinkDefaultExpireDays();
/**
* Is default internal expire date enabled
*
* @return bool
* @since 22.0.0
*/
public function shareApiInternalDefaultExpireDate(): bool;
/**
* Is default remote expire date enabled
*
* @return bool
* @since 22.0.0
*/
public function shareApiRemoteDefaultExpireDate(): bool;
/**
* Is default expire date enforced
*
* @return bool
* @since 22.0.0
*/
public function shareApiInternalDefaultExpireDateEnforced(): bool;
/**
* Is default expire date enforced for remote shares
*
* @return bool
* @since 22.0.0
*/
public function shareApiRemoteDefaultExpireDateEnforced(): bool;
/**
* Number of default expire days
*
* @return int
* @since 22.0.0
*/
public function shareApiInternalDefaultExpireDays(): int;
/**
* Number of default expire days for remote shares
*
* @return int
* @since 22.0.0
*/
public function shareApiRemoteDefaultExpireDays(): int;
/**
* Allow public upload on link shares
*

View File

@ -45,6 +45,7 @@ use OCP\IServerContainer;
use OCP\IURLGenerator;
use OCP\IUser;
use OCP\IUserManager;
use OCP\IUserSession;
use OCP\L10N\IFactory;
use OCP\Mail\IMailer;
use OCP\Security\Events\ValidatePasswordPolicyEvent;
@ -104,6 +105,7 @@ class ManagerTest extends \Test\TestCase {
protected $urlGenerator;
/** @var \OC_Defaults|MockObject */
protected $defaults;
protected $userSession;
protected function setUp(): void {
$this->logger = $this->createMock(ILogger::class);
@ -119,6 +121,7 @@ class ManagerTest extends \Test\TestCase {
$this->urlGenerator = $this->createMock(IURLGenerator::class);
$this->defaults = $this->createMock(\OC_Defaults::class);
$this->dispatcher = $this->createMock(IEventDispatcher::class);
$this->userSession = $this->createMock(IUserSession::class);
$this->l10nFactory = $this->createMock(IFactory::class);
$this->l = $this->createMock(IL10N::class);
@ -149,7 +152,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
$this->dispatcher
$this->dispatcher,
$this->userSession
);
$this->defaultProvider = $this->createMock(DefaultShareProvider::class);
@ -178,7 +182,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
$this->dispatcher
$this->dispatcher,
$this->userSession
]);
}
@ -2690,7 +2695,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
$this->dispatcher
$this->dispatcher,
$this->userSession
);
$share = $this->createMock(IShare::class);
@ -2734,7 +2740,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
$this->dispatcher
$this->dispatcher,
$this->userSession
);
$share = $this->createMock(IShare::class);
@ -2785,7 +2792,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
$this->dispatcher
$this->dispatcher,
$this->userSession
);
$share = $this->createMock(IShare::class);
@ -4123,7 +4131,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
$this->dispatcher
$this->dispatcher,
$this->userSession
);
$this->assertSame($expected,
$manager->shareProviderExists($shareType)
@ -4156,7 +4165,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
$this->dispatcher
$this->dispatcher,
$this->userSession
);
$factory->setProvider($this->defaultProvider);
@ -4220,7 +4230,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
$this->dispatcher
$this->dispatcher,
$this->userSession
);
$factory->setProvider($this->defaultProvider);
@ -4336,7 +4347,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
$this->dispatcher
$this->dispatcher,
$this->userSession
);
$factory->setProvider($this->defaultProvider);
@ -4461,7 +4473,8 @@ class ManagerTest extends \Test\TestCase {
$this->mailer,
$this->urlGenerator,
$this->defaults,
$this->dispatcher
$this->dispatcher,
$this->userSession
);
$factory->setProvider($this->defaultProvider);

View File

@ -10,8 +10,6 @@ namespace Test;
use OC_Util;
use OCP\App\IAppManager;
use OCP\IConfig;
use OCP\IUser;
/**
* Class UtilTest
@ -171,53 +169,6 @@ class UtilTest extends \Test\TestCase {
];
}
/**
* @dataProvider dataProviderForTestIsSharingDisabledForUser
* @param array $groups existing groups
* @param array $membership groups the user belong to
* @param array $excludedGroups groups which should be excluded from sharing
* @param bool $expected expected result
*/
public function testIsSharingDisabledForUser($groups, $membership, $excludedGroups, $expected) {
$config = $this->getMockBuilder(IConfig::class)->disableOriginalConstructor()->getMock();
$groupManager = $this->getMockBuilder('OCP\IGroupManager')->disableOriginalConstructor()->getMock();
$user = $this->getMockBuilder(IUser::class)->disableOriginalConstructor()->getMock();
$config
->expects($this->at(0))
->method('getAppValue')
->with('core', 'shareapi_exclude_groups', 'no')
->willReturn('yes');
$config
->expects($this->at(1))
->method('getAppValue')
->with('core', 'shareapi_exclude_groups_list')
->willReturn(json_encode($excludedGroups));
$groupManager
->expects($this->at(0))
->method('getUserGroupIds')
->with($user)
->willReturn($membership);
$result = \OC_Util::isSharingDisabledForUser($config, $groupManager, $user);
$this->assertSame($expected, $result);
}
public function dataProviderForTestIsSharingDisabledForUser() {
return [
// existing groups, groups the user belong to, groups excluded from sharing, expected result
[['g1', 'g2', 'g3'], [], ['g1'], false],
[['g1', 'g2', 'g3'], [], [], false],
[['g1', 'g2', 'g3'], ['g2'], ['g1'], false],
[['g1', 'g2', 'g3'], ['g2'], [], false],
[['g1', 'g2', 'g3'], ['g1', 'g2'], ['g1'], false],
[['g1', 'g2', 'g3'], ['g1', 'g2'], ['g1', 'g2'], true],
[['g1', 'g2', 'g3'], ['g1', 'g2'], ['g1', 'g2', 'g3'], true],
];
}
/**
* Test default apps
*