2013-10-28 19:22:06 +00:00
|
|
|
<?php
|
|
|
|
/**
|
2015-03-26 10:44:34 +00:00
|
|
|
* @author Joas Schilling <nickvergessen@owncloud.com>
|
|
|
|
* @author Lukas Reschke <lukas@owncloud.com>
|
|
|
|
* @author Morris Jobke <hey@morrisjobke.de>
|
|
|
|
* @author Thomas Müller <thomas.mueller@tmit.eu>
|
|
|
|
* @author Vincent Petry <pvince81@owncloud.com>
|
2013-10-28 19:22:06 +00:00
|
|
|
*
|
2015-03-26 10:44:34 +00:00
|
|
|
* @copyright Copyright (c) 2015, ownCloud, Inc.
|
|
|
|
* @license AGPL-3.0
|
2013-10-28 19:22:06 +00:00
|
|
|
*
|
2015-03-26 10:44:34 +00:00
|
|
|
* This code is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
|
|
* as published by the Free Software Foundation.
|
2013-10-28 19:22:06 +00:00
|
|
|
*
|
2015-03-26 10:44:34 +00:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
2013-10-28 19:22:06 +00:00
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
2015-03-26 10:44:34 +00:00
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
2013-10-28 19:22:06 +00:00
|
|
|
*
|
2015-03-26 10:44:34 +00:00
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
2013-10-28 19:22:06 +00:00
|
|
|
*
|
|
|
|
*/
|
2015-02-26 10:37:37 +00:00
|
|
|
|
2014-05-04 13:51:08 +00:00
|
|
|
OCP\JSON::checkAppEnabled('files_sharing');
|
2013-10-28 19:22:06 +00:00
|
|
|
|
|
|
|
if(!isset($_GET['t'])){
|
2014-05-04 13:51:08 +00:00
|
|
|
\OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST);
|
2015-04-09 10:36:10 +00:00
|
|
|
\OCP\Util::writeLog('core-preview', 'No token parameter was passed', \OCP\Util::DEBUG);
|
2013-10-28 19:22:06 +00:00
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
$token = $_GET['t'];
|
|
|
|
|
|
|
|
$password = null;
|
|
|
|
if (isset($_POST['password'])) {
|
|
|
|
$password = $_POST['password'];
|
|
|
|
}
|
|
|
|
|
|
|
|
$relativePath = null;
|
|
|
|
if (isset($_GET['dir'])) {
|
|
|
|
$relativePath = $_GET['dir'];
|
|
|
|
}
|
|
|
|
|
2014-04-03 18:57:06 +00:00
|
|
|
$sortAttribute = isset( $_GET['sort'] ) ? $_GET['sort'] : 'name';
|
|
|
|
$sortDirection = isset( $_GET['sortdirection'] ) ? ($_GET['sortdirection'] === 'desc') : false;
|
|
|
|
|
2013-10-28 19:22:06 +00:00
|
|
|
$data = \OCA\Files_Sharing\Helper::setupFromToken($token, $relativePath, $password);
|
|
|
|
|
|
|
|
$linkItem = $data['linkItem'];
|
|
|
|
// Load the files
|
|
|
|
$dir = $data['realPath'];
|
|
|
|
|
|
|
|
$dir = \OC\Files\Filesystem::normalizePath($dir);
|
|
|
|
if (!\OC\Files\Filesystem::is_dir($dir . '/')) {
|
2014-05-04 13:52:25 +00:00
|
|
|
\OC_Response::setStatus(\OC_Response::STATUS_NOT_FOUND);
|
2013-10-28 19:22:06 +00:00
|
|
|
\OCP\JSON::error(array('success' => false));
|
|
|
|
exit();
|
|
|
|
}
|
|
|
|
|
|
|
|
$data = array();
|
|
|
|
|
|
|
|
// make filelist
|
2014-04-03 18:57:06 +00:00
|
|
|
$files = \OCA\Files\Helper::getFiles($dir, $sortAttribute, $sortDirection);
|
2013-10-28 19:22:06 +00:00
|
|
|
|
|
|
|
$formattedFiles = array();
|
|
|
|
foreach ($files as $file) {
|
|
|
|
$entry = \OCA\Files\Helper::formatFileInfo($file);
|
2015-01-26 16:10:58 +00:00
|
|
|
// for now
|
|
|
|
unset($entry['directory']);
|
|
|
|
// do not disclose share owner
|
|
|
|
unset($entry['shareOwner']);
|
2015-07-04 05:27:56 +00:00
|
|
|
// do not disclose if something is a remote shares
|
|
|
|
unset($entry['mountType']);
|
|
|
|
unset($entry['icon']);
|
2014-11-25 15:28:41 +00:00
|
|
|
$entry['permissions'] = \OCP\Constants::PERMISSION_READ;
|
2013-10-28 19:22:06 +00:00
|
|
|
$formattedFiles[] = $entry;
|
|
|
|
}
|
|
|
|
|
|
|
|
$data['directory'] = $relativePath;
|
|
|
|
$data['files'] = $formattedFiles;
|
|
|
|
$data['dirToken'] = $linkItem['token'];
|
|
|
|
|
|
|
|
$permissions = $linkItem['permissions'];
|
|
|
|
|
|
|
|
// if globally disabled
|
2014-10-17 10:08:31 +00:00
|
|
|
if (\OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes') === 'no') {
|
2013-10-28 19:22:06 +00:00
|
|
|
// only allow reading
|
2014-11-25 15:28:41 +00:00
|
|
|
$permissions = \OCP\Constants::PERMISSION_READ;
|
2013-10-28 19:22:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
$data['permissions'] = $permissions;
|
|
|
|
|
|
|
|
OCP\JSON::success(array('data' => $data));
|