Commit graph

207 commits

Author SHA1 Message Date
Joas Schilling
3ff3c338c9 Merge pull request #5734 from nextcloud/only-readable-chars-in-share-tokens
Only use readable chars in Share Tokens
2017-07-19 16:40:18 +02:00
Lukas Reschke
d8ec399454
Run phan over code base
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-19 10:28:11 +02:00
Joas Schilling
984933e586
Only use readable chars in Share Tokens
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-18 15:44:34 +02:00
Pauli Järvinen
8dce97a3e1 Fix emitting of legacy hook post_unshare
- When a file was unshared, the legacy hook pre_unshare fired twice and the hook post_unshare did not fire at all. This was obviously a copy-paste error.

Signed-off-by: Pauli Järvinen <pauli.jarvinen@gmail.com>
2017-07-16 13:13:15 +03:00
Maxence Lange
6e7be6acfd upstream
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
2017-07-11 13:21:24 +02:00
Jan-Christoph Borchardt
fd63577089 Improve wording of various error messages
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-06-21 14:51:59 -05:00
Jan-Philipp Litza
0b066d9297 Fix 500 Internal Server Error on writing
In some not yet completely determined configurations, the following error could occur while writing a file:

Error: Call to a member function getUsers() on null
    /var/www/nextcloud/lib/private/Share20/Manager.php - line 1277: OC\Share20\DefaultShareProvider->getAccessList(Array, true)
    /var/www/nextcloud/lib/private/Share20/ShareHelper.php - line 51: OC\Share20\Manager->getAccessList(Object(OC\Files\Node\Folder), true, true)
    /var/www/nextcloud/apps/activity/lib/FilesHooks.php - line 616: OC\Share20\ShareHelper->getPathsForAccessList(Object(OC\Files\Node\File))
    /var/www/nextcloud/apps/activity/lib/FilesHooks.php - line 196: OCA\Activity\FilesHooks->getUserPathsFromPath('/path/to/file', 'user')
    /var/www/nextcloud/apps/activity/lib/FilesHooks.php - line 157: OCA\Activity\FilesHooks->addNotificationsForFileAction('/path/to/file', 'file_changed', 'changed_self', 'changed_by')
    /var/www/nextcloud/apps/activity/lib/FilesHooksStatic.php - line 55: OCA\Activity\FilesHooks->fileUpdate('/path/to/file')
    /var/www/nextcloud/lib/private/legacy/hook.php - line 106: OCA\Activity\FilesHooksStatic fileUpdate(Array)
    /var/www/nextcloud/lib/private/Files/View.php - line 1245: OC_Hook emit('OC_Filesystem', 'post_update', Array)
    /var/www/nextcloud/lib/private/Files/View.php - line 1173: OC\Files\View->runHooks(Array, '/path/to/file', true)
    /var/www/nextcloud/lib/private/Files/View.php - line 679: OC\Files\View->basicOperation('file_put_conten...', '/path/to/file', Array, '<?xml version="...')
    /var/www/nextcloud/lib/private/Files/Node/File.php - line 64: OC\Files\View->file_put_contents('/path/to/file', '<?xml version="...')
    [...]

Signed-off-by: Jan-Philipp Litza <janphilipp@litza.de>
2017-06-16 11:38:22 +02:00
Joas Schilling
0f8c1b13a3
Fix unknown share token
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-13 18:44:50 +02:00
Robin Appelman
f707a40f19
filter missing groups in share provider
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-06-12 15:46:19 +02:00
Bjoern Schiessle
7c2d473d76
add new config switched for the global scale architecture
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-29 18:19:28 +02:00
Roeland Jago Douma
82c9eb1c56 Merge pull request #4462 from danxuliu/fix-sharing-password-protected-link
Fix sharing a password protected link
2017-04-25 14:12:44 +02:00
Daniel Calviño Sánchez
faea890b87 Extract updateSharePasswordIfNeeded function
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 13:38:36 +02:00
Daniel Calviño Sánchez
51e658da2a Join if block to preceding if chain
If getShareType() returns "email" it can not also return "user", "group"
nor "link", so the if block can be added to the preceding if chain.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 13:17:46 +02:00
Daniel Calviño Sánchez
dcc8cce28b Fix double hashing of shared link passwords
The plain text password for a shared links was hashed and, then, the
hashed password was hashed again and set as the final password. Due to
this the password introduced in the "Authenticate" page for the shared
link was always a wrong password, and thus the file could not be
accessed.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Morris Jobke
c54a59d51e
Remove unused use statements
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-22 19:23:31 -05:00
Bjoern Schiessle
972b4c04e2
respect password policy for auto generated passwords
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-20 16:33:26 +02:00
Bjoern Schiessle
d8dcd72118
allow admin to enforce password on mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-20 16:33:26 +02:00
Roeland Jago Douma
ae2db5e60d
Get proper accesslist for userFolder
If the accesslist is requested for a users root folder we should
properly construct the path

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-20 10:28:32 +02:00
Lukas Reschke
203ef88509
Add "Reply-To" on ShareByMailProvider mails
Fixes https://github.com/nextcloud/server/issues/4209

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-18 22:23:07 +02:00
Roeland Jago Douma
b96297e9cc
Do not set full path if not currentAccess
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:53 +02:00
Joas Schilling
f57ef55249
Add samples to the docs
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:53 +02:00
Joas Schilling
29f2088a7b
Catch exceptions and use as many results as possible
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:53 +02:00
Joas Schilling
629b7c0fc3
Adjust docs and make !$currentAccess simpler
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling
5b57bb955b
Fix default share provider
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling
2fcf334c6a
Fix tests for ShareHelper
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling
3c1365c0d1
Fix returned paths for remote shares
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:51 +02:00
Joas Schilling
cf7c320949
Also return the token
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:51 +02:00
Joas Schilling
91e650791d
Return the paths for the users without setting them all up
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma
12afd7d1d5
Add mail element to access list
* Each provider just returns what they have so adding an element won't
require changing everything
* Added tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma
2cbac3357b
Offload acceslist creation to providers
* This allows for effective queries.
* Introduce currentAccess parameter to speciy if the users needs to have
currently acces (deleted incomming group share). (For notifications)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma
97f8ca6595
Added ShareHelper
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
Roeland Jago Douma
88299ec27c
Added to public interface
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
Roeland Jago Douma
7dcc98eb20
Add owner to access list
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
Roeland Jago Douma
d84df15590
Add getAccessList to ShareManager
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:48 +02:00
Roeland Jago Douma
53bca14a27
Do proper DI
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-11 15:04:01 +02:00
Bjoern Schiessle
449011dae7
remove discovery manager in favour of the OCSDiscoveryService
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-11 15:04:01 +02:00
Robin Appelman
a555672f21
properly quota table names in getSharesInFolder
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-04-10 17:59:40 +02:00
Bjoern Schiessle
3323d01db1
update unit tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:43:59 +02:00
Bjoern Schiessle
dac6826ad7
setting to disable sending password by mail
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:33 +02:00
Bjoern Schiessle
b84fd7c361
set expire date for all share types
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle
3cc0d15f92
add secure drop functionallity to mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle
c191173d59
allow password protected mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle
0d5147bd49
add new password column to the share table in order to set passwords for share by mails
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:20:49 +02:00
Joas Schilling
348d97dfd6 Merge pull request #3844 from nextcloud/unshare_event
Unshare event
2017-03-21 16:57:09 +01:00
Joas Schilling
35f6b8716e Merge pull request #3884 from nextcloud/downstream-26956
Skip null groups in group manager
2017-03-20 12:27:38 +01:00
Maxence Lange
69694012ab shares-circles
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
2017-03-17 18:48:33 -01:00
Roeland Jago Douma
85601259fb
Add LegacyHooks
Use a helper class to listen to the eventDispatcher calls from the share
manager to emit the old \OC_Hooks

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-17 08:50:56 +01:00
Roeland Jago Douma
5c9baf4ae2
Add unshare event
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-17 08:41:34 +01:00
Vincent Petry
377fdf3860
Skip null groups in group manager (#26871) (#26956)
* Skip null groups in group manager (#26871)

* Skip null groups in group manager

* Also skip null groups in group manager's search function

* Add more group null checks in sharing code

* Add unit tests for null group safety in group manager

* Add unit tests for sharing code null group checks

* Added tests for null groups handling in sharing code

* Ignore moveShare optional repair in mount provider

In some cases, data is inconsistent in the oc_share table due to legacy
data. The mount provider might attempt to make it consistent but if the
target group does not exist any more it cannot work. In such case we
simply ignore the exception as it is not critical. Keeping the
exception would break user accounts as they would be unable to use
their filesystem.

* Adjust null group handing + tests

* Fix new group manager tests

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-17 00:07:03 -06:00
Andrius
708b62f223 Fix detecting deleted shares in object store
While using the object store, the shares, that are moved to trashbin were still detected as accessible and cause broken shares to be shown in file/folder listing.
2017-03-09 14:36:20 +02:00
Joas Schilling
7f54013fdb
Fix return type of share provider
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-01 13:45:04 +01:00
Maxence Lange
cfb40941c4
Fix condition
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-26 11:45:17 -06:00
Robin Appelman
fa49c4a13b
Add a single public api for resolving a cloud id to a user and remote and back
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-02-08 15:17:02 +01:00
Bjoern Schiessle
a45137bbca
also create mail share if public links are disabled
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-04 13:45:29 +01:00
Bjoern Schiessle
9d3de74b2d
no need to throw a exception we catch two lines later
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-12-22 11:01:34 +01:00
Roeland Jago Douma
e9727440dd
Only don't resolve public links
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-12-20 08:52:46 +01:00
Lukas Reschke
5983c68462
Don't resolve public share token if public sharing is disabled
Otherwise disabling sharing does prevent access to the view controllers but one can still access the shares using the public preview route or the public WebDAV endpoint.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-20 08:52:46 +01:00
phisch
fc67606d39
commit transaction after select query
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-16 17:44:33 +01:00
Robin Appelman
14a561ddad
always use numeric storage id in cacheentry
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-12-13 12:53:38 +01:00
Joas Schilling
815d349afe
Make sure $provider is defined when we use it
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-07 07:11:32 +01:00
Roeland Jago Douma
97d18b155b
Handle unavailable share providers more graceful
If the sharebymail app (or the federatedshareprovider app) are disabled
this kills a lot of stuff. So we should handle a share provider not
begin available a bit more graceful.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-12-05 19:40:37 +01:00
Joas Schilling
73007c401e
Also return the ShareByMail provider when getting all
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-30 09:21:58 +01:00
Robin Appelman
5acbdf1e36
also work with group shares
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-17 23:30:50 +01:00
Robin Appelman
2f03fcab4a
let the share backend get the node cacheentry to save queries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-17 18:48:38 +01:00
Bjoern Schiessle
25bcd71d02
add activity if a file was shared by mail
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-08 15:58:52 +01:00
Bjoern Schiessle
1e930df91f
find and show share-by mail links
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:41 +01:00
Bjoern Schiessle
31c8c38bd6
send mail for share-by-mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:40 +01:00
Bjoern Schiessle
318160647a
add method to check if a share provider for a given type is loaded
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:39 +01:00
Bjoern Schiessle
a17c6a485d
add share by mail share provider
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:51:11 +01:00
Roeland Jago Douma
fc4d0a86ef
Fix merging backend results
* Merge share types correctly
* Filter share types
* Order share types

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-01 12:16:05 +01:00
Roeland Jago Douma
5a00870a2b
Stricter signature
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-31 20:19:14 +01:00
Robin Appelman
3692769b0a
Add getShareTypesInFolder to optimize folder listening
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-10-31 15:55:40 +01:00
Robin Appelman
240538d9e6
reuse share node when creating a share
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-12 16:12:36 +02:00
Robin Appelman
37eded7e7c
Always unlock node after trying to create a share
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-12 16:12:29 +02:00
Morris Jobke
e5fd9c1e1a Merge pull request #1640 from nextcloud/less_queries_group_share
More efficient group share resolving
2016-10-10 09:26:11 +02:00
Roeland Jago Douma
990f4a182d
More efficient group share resolving
When resolving a group share to the user group share we used to do this
on a per share basis. Now we try to do this for all group shares at
once. Of course still chunked.

Before: N incomming group shares this would mean 1 + N queries
Now: N incomming roups shares this would mean 1 + 1 queries

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-06 19:31:28 +02:00
Vincent Petry
626daabb56
Prefilter inaccessible shares in DefaultShareProvider::getSharedWith()
The DefaultShareProvider now does a DB-level check to find out whether
file_source is accessible at all (deleted file) or whether it's in the
trashbin of a home storage.

One small corner case where the home storage id is in md5 form cannot
be covered properly with this approach.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-06 13:57:58 +02:00
Joas Schilling
ba87db3fcc
Fix others 2016-07-21 18:13:57 +02:00
Lukas Reschke
6670d37658 Merge remote-tracking branch 'upstream/master' into master-sync-upstream 2016-06-27 18:23:00 +02:00
Bjoern Schiessle
d4989c8037
remove old hook, no longer needed 2016-06-27 14:05:27 +02:00
Bjoern Schiessle
630e4b1b46
check password for link shares 2016-06-27 14:05:27 +02:00
Vincent Petry
955635c7aa Add explicit delete permission to link shares
Link shares always allowed deletion, however internally the permissions
were stored as 7 which lacked delete permissions. This created an
inconsistency in the Webdav permissions.

This fix makes sure we include delete permissions in the share
permissions, which now become 15.

In case a client is still passing 7 for legacy reasons, it gets
converted automatically to 15.
2016-06-24 09:48:48 +02:00
Lukas Reschke
2b493e2f9d
Merge remote-tracking branch 'upstream/master' into master-sync-upstream 2016-06-21 11:18:22 +02:00
Roeland Jago Douma
28d070730d
Fix case with no user 2016-06-14 11:34:41 +02:00
Roeland Jago Douma
ae3d0d96fe
Optimize isSharingDisabledForuser 2016-06-14 10:17:06 +02:00
Bjoern Schiessle
bb54ab0db8
add hide file list option 2016-06-09 15:15:17 +02:00
Lukas Reschke
aba539703c
Update license headers 2016-05-26 19:57:24 +02:00
Björn Schießle
7b25839bd5
use share initiator as fall back to access the file
in case of federated re-shares the owner can be a remote user.
Therefore we can't always use to owner to access the local file
2016-05-20 21:15:15 +02:00
Björn Schießle
e10105474f
move federated sharing settings to the federatedfilesharing app 2016-04-22 14:55:40 +02:00
Roeland Jago Douma
afa37d363f
Fix related logic 2016-04-19 14:04:00 +02:00
Roeland Jago Douma
6144ced7a0
Move post_removeFromGroup to shareManager
The last sharing hook to be moved over.

* Added unit tests
* Removed old tests that relied on old behaviour
* Removed old hooks.php
2016-04-13 15:00:12 +02:00
Roeland Jago Douma
55497e09a9
Make shareproviders use the lazy root folder 2016-04-13 11:23:07 +02:00
Björn Schießle
f17ad18865
set $share to null if getShareByToken() failed 2016-04-12 17:26:09 +02:00
Roeland Douma
495a964ca2 Migrate post_groupDelete hook to share manager (#23841)
The hook now calls the share manager that will call the responsible
shareProvider to do the proper cleanup.

* Unit tests added

Again nothing should change it is just to cleanup old code
2016-04-12 09:46:25 +02:00
Morris Jobke
929a28421a Merge pull request #23798 from owncloud/federated-unshare-background-job
re-try to send unshare notification if remote server is not available
2016-04-11 11:13:00 +02:00
Roeland Jago Douma
bd3bde2f3b
Set proper permissions on link share
If we do not allow public upload we should limit the permissions on
links shares upon retrieval.

* Added unit test
* Allow fetching federated shares by token as well
2016-04-08 14:17:05 +02:00
Bjoern Schiessle
fbd5c28c39 re-try to send unshare notification if remote server is not available 2016-04-08 11:32:04 +02:00
Joas Schilling
0de15a86f0 Merge pull request #23773 from owncloud/share_move_delete_user_hook
Migrate post_userDelete hook to share manager
2016-04-07 13:01:10 +02:00
Roeland Jago Douma
e0cee43cf0 Migrate post_userDelete hook to share manager
This makes the post_userDelete hook call the sharemanager. This will
cleanup to and from this user.

* All shares owned by this user
* All shares with this user (user)
* All custom group shares
* All link share initiated by this user (to avoid invisible link shares)

Unit tests are added for the defaultshare provider as well as the
federated share provider
2016-04-04 14:15:38 +02:00
Roeland Jago Douma
d3959ee152 Share type 2 is private
This was added to the factory for legacy reasons when converting from
old to new sharing code. It is not used anymore so can be deleted. Which
means we no longer expose internal types.
2016-04-04 09:00:06 +02:00
Roeland Jago Douma
2f4294e781 Add setId and setProviderID to the public interface
Fixes #23337

We only allow the id to be set once!
2016-03-30 22:55:03 +02:00
Roeland Jago Douma
9ce5e4b01f Non moveable mount points should always be UPDATE+DELETE shareable
Fixes #23536

The new sharing code is much stricter in checking permissions. However
for non moveable mounts the permissions UPDATE+DELETE are not reported
on the mount point.

This is just a quick fix.

* Updated unit tests
2016-03-30 13:33:16 +02:00
Roeland Jago Douma
da1dbb52e4 Remove dead function
This was used when we did not have lazy shares yet. Now that we no
longer support legacy shares this can go.
2016-03-23 07:58:17 +01:00
Roeland Jago Douma
b26b8d17eb Remove support for old shares in the default share provider
In 9.0 we converted the old shares to the new shares. So for 9.1 we can
savely remove the fallback code.

This code was required when there was no initiator set.

* Fixed unit tests
2016-03-23 07:58:17 +01:00
Roeland Jago Douma
52826d0e24 Block group sharing in API and in share manager
* Fix tests
2016-03-22 17:13:34 +01:00
Roeland Jago Douma
195efc12eb Add config to sharemanager 2016-03-22 17:13:34 +01:00
Roeland Jago Douma
c6edbfecbe Move (new) sharing over to composer autoloader 2016-03-20 14:12:36 +01:00