Implement API endpoints for controlling shares

Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2019-12-29 15:18:36 +01:00 · 2019-12-29 15:18:36 +01:00 · edb17388e6
parent 9127aec61f
commit edb17388e6
5 changed files with 395 additions and 12 deletions
--- a/lib/Controller/FoldersController.php
+++ b/lib/Controller/FoldersController.php
@ -8,15 +8,18 @@ use OCA\Bookmarks\Db\FolderMapper;
 use OCA\Bookmarks\Db\PublicFolder;
 use OCA\Bookmarks\Db\PublicFolderMapper;
 use OCA\Bookmarks\Db\Share;
+use OCA\Bookmarks\Db\SharedFolder;
 use OCA\Bookmarks\Db\SharedFolderMapper;
 use OCA\Bookmarks\Db\ShareMapper;
 use OCA\Bookmarks\Exception\ChildrenOrderValidationError;
 use OCA\Bookmarks\Service\Authorizer;
+use OCP\IGroup;
 use OCP\AppFramework\ApiController;
 use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Db\MultipleObjectsReturnedException;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\JSONResponse;
+use OCP\IGroupManager;

 class FoldersController extends ApiController {
 	private $userId;
@ -43,7 +46,12 @@ class FoldersController extends ApiController {
 	 */
 	private $authorizer;

-	public function __construct($appName, $request, $userId, FolderMapper $folderMapper, BookmarkMapper $bookmarkMapper, PublicFolderMapper $publicFolderMapper, SharedFolderMapper $sharedFolderMapper, ShareMapper $shareMapper, Authorizer $authorizer) {
+	/**
+	 * @var IGroupManager
+	 */
+	private $groupManager;
+
+	public function __construct($appName, $request, $userId, FolderMapper $folderMapper, BookmarkMapper $bookmarkMapper, PublicFolderMapper $publicFolderMapper, SharedFolderMapper $sharedFolderMapper, ShareMapper $shareMapper, Authorizer $authorizer, IGroupManager $groupManager) {
 		parent::__construct($appName, $request);
 		$this->userId = $userId;
 		$this->folderMapper = $folderMapper;
@ -52,6 +60,7 @@ class FoldersController extends ApiController {
 		$this->sharedFolderMapper = $sharedFolderMapper;
 		$this->shareMapper = $shareMapper;
 		$this->authorizer = $authorizer;
+		$this->groupManager = $groupManager;
 	}

 	/**
@ -448,14 +457,162 @@ class FoldersController extends ApiController {
 		if (!Authorizer::hasPermission(Authorizer::PERM_RESHARE, $this->authorizer->getPermissionsForFolder($folderId, $this->userId, $this->request))) {
 			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
 		}
-		try {
-			$publicFolder = $this->publicFolderMapper->findByFolder($folderId);
-		} catch (DoesNotExistException $e) {
-			return new Http\DataResponse(['status' => 'success']);
-		} catch (MultipleObjectsReturnedException $e) {
-			return new Http\DataResponse(['status' => 'error', 'data' => 'Internal error'], Http::STATUS_BAD_REQUEST);
-		}
+		$publicFolder = $this->publicFolderMapper->findByFolder($folderId);
 		$this->publicFolderMapper->delete($publicFolder);
 		return new Http\DataResponse(['status' => 'success', 'item' => $publicFolder->getId()]);
 	}
+
+	/**
+	 * @param $shareId
+	 * @return Http\DataResponse
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 * @CORS
+	 */
+	public function getShare($shareId) {
+		try {
+			$share = $this->shareMapper->find($shareId);
+		} catch (DoesNotExistException $e) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
+		} catch (MultipleObjectsReturnedException $e) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
+		}
+		if (!Authorizer::hasPermission(Authorizer::PERM_READ, $this->authorizer->getPermissionsForFolder($share->getFolderId(), $this->userId, $this->request))) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
+		}
+		return new Http\DataResponse(['status' => 'success', 'item' => $share->toArray()]);
+	}
+
+	/**
+	 * @param int $folderId
+	 * @return Http\DataResponse
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 * @CORS
+	 */
+	public function getShares($folderId) {
+		if (!Authorizer::hasPermission(Authorizer::PERM_RESHARE, $this->authorizer->getPermissionsForFolder($folderId, $this->userId, $this->request))) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
+		}
+		$shares = $this->shareMapper->findByFolder($folderId);
+		return new Http\DataResponse(['status' => 'success', 'data' => array_map(function(Share $share) {
+			return $share->toArray();
+		}, $shares)]);
+	}
+
+	/**
+	 * @param int $folderId
+	 * @param $participant
+	 * @param $type
+	 * @param bool $canWrite
+	 * @param bool $canShare
+	 * @return Http\DataResponse
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 * @CORS
+	 */
+	public function createShare($folderId, $participant, $type, $canWrite = false, $canShare = false) {
+		if (!Authorizer::hasPermission(Authorizer::PERM_RESHARE, $this->authorizer->getPermissionsForFolder($folderId, $this->userId, $this->request))) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
+		}
+		try {
+			$folder = $this->folderMapper->find($folderId);
+		} catch (DoesNotExistException $e) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Could not find folder'], Http::STATUS_BAD_REQUEST);
+		} catch (MultipleObjectsReturnedException $e) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Could not find folder'], Http::STATUS_BAD_REQUEST);
+		}
+
+		$share = new Share();
+		$share->setFolderId($folderId);
+		$share->setOwner($folder->getUserId());
+		$share->setParticipant($participant);
+		if ($type !== ShareMapper::TYPE_USER && $type !== ShareMapper::TYPE_GROUP) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Invalid share type'], Http::STATUS_BAD_REQUEST);
+		}
+		$share->setType($type);
+		$share->setCanWrite($canWrite);
+		$share->setCanShare($canShare);
+		$this->shareMapper->insert($share);
+
+		if ($type === ShareMapper::TYPE_USER) {
+			$this->_addSharedFolder($share, $folder, $participant);
+		}else if ($type === ShareMapper::TYPE_GROUP){
+			$group = $this->groupManager->get($participant);
+			$users = $group->getUsers();
+			foreach($users as $user) {
+				$this->_addSharedFolder($share, $folder, $user->getUID());
+			}
+		}
+		return new Http\DataResponse(['status' => 'success', 'item' => $share->toArray()]);
+	}
+
+	/**
+	 * @param Share $share
+	 * @param Folder $folder
+	 * @param string $userId
+	 */
+	private function _addSharedFolder(Share $share, Folder $folder, string $userId) {
+		$sharedFolder = new SharedFolder();
+		$sharedFolder->setShareId($share->getId());
+		$sharedFolder->setTitle($folder->getTitle());
+		$sharedFolder->setParentFolder(-1);
+		$sharedFolder->setUserId($userId);
+		$sharedFolder->setIndex(0);
+		$this->sharedFolderMapper->insert($sharedFolder);
+	}
+
+	/**
+	 * @param $shareId
+	 * @param bool $canWrite
+	 * @param bool $canShare
+	 * @return Http\DataResponse
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 * @CORS
+	 */
+	public function editShare($shareId, $canWrite = false, $canShare = false) {
+		try {
+			$share = $this->shareMapper->find($shareId);
+		} catch (DoesNotExistException $e) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
+		} catch (MultipleObjectsReturnedException $e) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
+		}
+		if (!Authorizer::hasPermission(Authorizer::PERM_RESHARE, $this->authorizer->getPermissionsForFolder($share->getFolderId(), $this->userId, $this->request))) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
+		}
+
+		$share->setCanWrite($canWrite);
+		$share->setCanShare($canShare);
+		$this->shareMapper->update($share);
+
+		return new Http\DataResponse(['status' => 'success', 'item' => $share->toArray()]);
+	}
+
+	/**
+	 * @param int $shareId
+	 * @return Http\DataResponse
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 * @CORS
+	 */
+	public function deleteShare($shareId) {
+		try {
+			$share = $this->shareMapper->find($shareId);
+		} catch (DoesNotExistException $e) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
+		} catch (MultipleObjectsReturnedException $e) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
+		}
+		if (!Authorizer::hasPermission(Authorizer::PERM_RESHARE, $this->authorizer->getPermissionsForFolder($share->getFolderId(), $this->userId, $this->request))) {
+			return new Http\DataResponse(['status' => 'error', 'data' => 'Insufficient permissions'], Http::STATUS_BAD_REQUEST);
+		}
+		$sharedFolders = $this->sharedFolderMapper->findByShare($shareId);
+		foreach($sharedFolders as $sharedFolder) {
+			$this->sharedFolderMapper->delete($sharedFolder);
+		}
+		$this->shareMapper->delete($share);
+		return new Http\DataResponse(['status' => 'success']);
+	}
 }
--- a/lib/Controller/InternalFoldersController.php
+++ b/lib/Controller/InternalFoldersController.php
@ -148,4 +148,46 @@ class InternalFoldersController extends ApiController {
 	public function deleteFolderPublicToken($folderId) {
 		return $this->controller->deleteFolderPublicToken($folderId);
 	}
+
+	/**
+	 * @param int $folderId
+	 * @return DataResponse
+	 * @NoAdminRequired
+	 */
+	public function getShares($folderId) {
+		return $this->controller->getShares($folderId);
+	}
+
+	/**
+	 * @param int $folderId
+	 * @param $participant
+	 * @param $type
+	 * @param bool $canWrite
+	 * @param bool $canShare
+	 * @return DataResponse
+	 * @NoAdminRequired
+	 */
+	public function createShare($folderId, $participant, $type, $canWrite = false, $canShare = false) {
+		return $this->controller->createShare($folderId, $participant, $type, $canWrite, $canShare);
+	}
+
+	/**
+	 * @param $shareId
+	 * @param bool $canWrite
+	 * @param bool $canShare
+	 * @return DataResponse
+	 * @NoAdminRequired
+	 */
+	public function editShare($shareId, $canWrite = false, $canShare = false) {
+		return $this->editShare($shareId, $canWrite, $canShare);
+	}
+
+	/**
+	 * @param int $shareId
+	 * @return DataResponse
+	 * @NoAdminRequired
+	 */
+	public function deleteShare($shareId) {
+		return $this->deleteShare($shareId);
+	}
 }
--- a/lib/Db/Share.php
+++ b/lib/Db/Share.php
@ -26,4 +26,8 @@ class Share extends Entity {
 		$this->addType('canShare', 'boolean');
 		$this->addType('createdAt', 'integer');
 	}
+
+	public function toArray() {
+		return ['id' => $this->id, 'folderId' => $this->folderId, 'owner' => $this->owner, 'participant' => $this->participant, 'type' => $this->type, 'canWrite' => $this->canWrite, 'canShare' => $this->canShare, 'createdAt' => $this->createdAt];
+	}
 }
--- a/lib/Db/SharedFolderMapper.php
+++ b/lib/Db/SharedFolderMapper.php
@ -30,6 +30,18 @@ class SharedFolderMapper extends QBMapper {
 		$this->db = $db;
 	}

+	/**
+	 * @param int $shareId
+	 * @return Entity[]
+	 */
+	public function findByShare(int $shareId) {
+		$qb = $this->db->getQueryBuilder();
+		$qb->select(SharedFolder::$columns)
+			->from('bookmarks_shared')
+			->where($qb->expr()->eq('share_id', $qb->createPositionalParameter($shareId)));
+		return $this->findEntities($qb);
+	}
+
 	/**
 	 * @param int $folderId
 	 * @return Entity[]
--- a/tests/FolderControllerTest.php
+++ b/tests/FolderControllerTest.php
@ -26,8 +26,10 @@ use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\AppFramework\Utility\ITimeFactory;
+use OCP\IGroupManager;
 use OCP\IRequest;
 use \OCP\IURLGenerator;
+use OCP\IUserManager;
 use PHPUnit\Framework\TestCase;

 /**
@ -76,6 +78,11 @@ class FolderControllerTest extends TestCase {
 	 */
 	private $publicFolderMapper;

+	/**
+	 * @var IGroupManager
+	 */
+	private $groupManager;
+
 	private $bookmark1Id;
 	private $bookmark2Id;

@ -119,15 +126,22 @@ class FolderControllerTest extends TestCase {
 		$this->publicFolderMapper = \OC::$server->query(PublicFolderMapper::class);
 		$this->shareMapper = \OC::$server->query(ShareMapper::class);
 		$this->sharedFolderMapper = \OC::$server->query(SharedFolderMapper::class);
+		$this->groupManager = \OC::$server->query(IGroupManager::class);
+
+		/** @var IUserManager */
+		$userManager = \OC::$server->query(IUserManager::class);
+
+		$this->group = $this->groupManager->createGroup('foobar');
+		$this->group->addUser($userManager->get($this->otherUser));

 		$authorizer1 = \OC::$server->query(Authorizer::class);
 		$authorizer2 = \OC::$server->query(Authorizer::class);
 		$authorizer3 = \OC::$server->query(Authorizer::class);

-		$this->controller = new FoldersController('bookmarks', $this->request, $this->userId, $this->folderMapper, $this->bookmarkMapper, $this->publicFolderMapper, $this->sharedFolderMapper, $this->shareMapper, $authorizer1);
-		$this->otherController = new FoldersController('bookmarks', $this->request, $this->otherUserId, $this->folderMapper, $this->bookmarkMapper, $this->publicFolderMapper, $this->sharedFolderMapper, $this->shareMapper, $authorizer2);
-		$this->public = new FoldersController('bookmarks', $this->publicRequest, null, $this->folderMapper, $this->bookmarkMapper, $this->publicFolderMapper, $this->sharedFolderMapper, $this->shareMapper, $authorizer3);
-		$this->noauth = new FoldersController('bookmarks', $this->request, null, $this->folderMapper, $this->bookmarkMapper, $this->publicFolderMapper, $this->sharedFolderMapper, $this->shareMapper, $authorizer3);
+		$this->controller = new FoldersController('bookmarks', $this->request, $this->userId, $this->folderMapper, $this->bookmarkMapper, $this->publicFolderMapper, $this->sharedFolderMapper, $this->shareMapper, $authorizer1, $this->groupManager);
+		$this->otherController = new FoldersController('bookmarks', $this->request, $this->otherUserId, $this->folderMapper, $this->bookmarkMapper, $this->publicFolderMapper, $this->sharedFolderMapper, $this->shareMapper, $authorizer2, $this->groupManager);
+		$this->public = new FoldersController('bookmarks', $this->publicRequest, null, $this->folderMapper, $this->bookmarkMapper, $this->publicFolderMapper, $this->sharedFolderMapper, $this->shareMapper, $authorizer3, $this->groupManager);
+		$this->noauth = new FoldersController('bookmarks', $this->request, null, $this->folderMapper, $this->bookmarkMapper, $this->publicFolderMapper, $this->sharedFolderMapper, $this->shareMapper, $authorizer3, $this->groupManager);
 	}

 	public function setupBookmarks() {
@ -566,6 +580,160 @@ class FolderControllerTest extends TestCase {
 		$this->assertCount(0, $data['data'][0]['children']);
 	}

+	/**
+	 * @param $participant
+	 * @param $type
+	 * @param $canWrite
+	 * @param $canShare
+	 * @dataProvider shareDataProvider
+	 */
+	public function testCreateShare($participant, $type, $canWrite, $canShare) {
+		$this->cleanDB();
+		$this->setupBookmarks();
+		$res = $this->controller->createShare($this->folder1->getId(), $participant, $type, $canWrite, $canShare);
+		$data = $res->getData();
+		$this->assertEquals('success', $data['status']);
+	}
+
+	/**
+	 * @param $participant
+	 * @param $type
+	 * @param $canWrite
+	 * @param $canShare
+	 * @dataProvider shareDataProvider
+	 * @depends testCreateShare
+	 */
+	public function testGetShare($participant, $type, $canWrite, $canShare) {
+		$this->cleanDB();
+		$this->setupBookmarks();
+		$res = $this->controller->createShare($this->folder1->getId(), $participant, $type, $canWrite, $canShare);
+		$data = $res->getData();
+		$this->assertEquals('success', $data['status']);
+		$res = $this->controller->getShare($data['item']['id']);
+		$data = $res->getData();
+		$this->assertEquals('success', $data['status']);
+		$res = $this->otherController->getShare($data['item']['id']);
+		$data = $res->getData();
+		$this->assertEquals('success', $data['status']);
+	}
+
+	/**
+	 * @param $participant
+	 * @param $type
+	 * @param $canWrite
+	 * @param $canShare
+	 * @dataProvider shareDataProvider
+	 * @depends testCreateShare
+	 */
+	public function testGetShares($participant, $type, $canWrite, $canShare) {
+		$this->cleanDB();
+		$this->setupBookmarks();
+		$res = $this->controller->createShare($this->folder1->getId(), $participant, $type, $canWrite, $canShare);
+		$data = $res->getData();
+		$this->assertEquals('success', $data['status']);
+		$shareId = $data['item']['id'];
+		$res = $this->controller->getShares($this->folder1->getId());
+		$data = $res->getData();
+		$this->assertEquals('success', $data['status']);
+		$this->assertEquals($shareId, $data['data'][0]['id']);
+
+		$res = $this->otherController->getShares($this->folder1->getId());
+		$data = $res->getData();
+		if ($canShare) {
+			$this->assertEquals('success', $data['status']);
+			$this->assertEquals($shareId, $data['data'][0]['id']);
+		}else{
+			$this->assertEquals('error', $data['status']);
+		}
+	}
+
+	/**
+	 * @param $participant
+	 * @param $type
+	 * @param $canWrite
+	 * @param $canShare
+	 * @dataProvider shareDataProvider
+	 * @depends testCreateShare
+	 */
+	public function testEditShare($participant, $type, $canWrite, $canShare) {
+		$this->cleanDB();
+		$this->setupBookmarks();
+		$res = $this->controller->createShare($this->folder1->getId(), $participant, $type, $canWrite, $canShare);
+		$data = $res->getData();
+		$this->assertEquals('success', $data['status']);
+		$shareId = $data['item']['id'];
+
+		$res = $this->otherController->editShare($shareId, false, false);
+		$data = $res->getData();
+		if ($canShare) {
+			$this->assertEquals('success', $data['status']);
+		}else{
+			$this->assertEquals('error', $data['status']);
+		}
+
+		$res = $this->controller->editShare($shareId, false, false);
+		$data = $res->getData();
+		$this->assertEquals('success', $data['status']);
+	}
+
+	/**
+	 * @param $participant
+	 * @param $type
+	 * @param $canWrite
+	 * @param $canShare
+	 * @dataProvider shareDataProvider
+	 * @depends testCreateShare
+	 */
+	public function testDeleteShareOwner($participant, $type, $canWrite, $canShare) {
+		$this->cleanDB();
+		$this->setupBookmarks();
+		$res = $this->controller->createShare($this->folder1->getId(), $participant, $type, $canWrite, $canShare);
+		$data = $res->getData();
+		$this->assertEquals('success', $data['status']);
+		$shareId = $data['item']['id'];
+
+		$res = $this->controller->deleteShare($shareId);
+		$data = $res->getData();
+		$this->assertEquals('success', $data['status']);
+	}
+
+	/**
+	 * @param $participant
+	 * @param $type
+	 * @param $canWrite
+	 * @param $canShare
+	 * @dataProvider shareDataProvider
+	 * @depends testCreateShare
+	 */
+	public function testDeleteShareSharee($participant, $type, $canWrite, $canShare) {
+		$this->cleanDB();
+		$this->setupBookmarks();
+		$res = $this->controller->createShare($this->folder1->getId(), $participant, $type, $canWrite, $canShare);
+		$data = $res->getData();
+		$this->assertEquals('success', $data['status']);
+		$shareId = $data['item']['id'];
+
+		$res = $this->otherController->deleteShare($shareId);
+		$data = $res->getData();
+		if ($canShare) {
+			$this->assertEquals('success', $data['status']);
+		}else{
+			$this->assertEquals('error', $data['status']);
+		}
+	}
+
+	/**
+	 * @return array
+	 */
+	function shareDataProvider() {
+		return [
+			['otheruser', ShareMapper::TYPE_USER, true, false],
+			['otheruser', ShareMapper::TYPE_USER, true, true],
+			['foobar', ShareMapper::TYPE_GROUP, true, false],
+			['foobar', ShareMapper::TYPE_GROUP, true, true],
+		];
+	}
+
 	public function cleanDB() {
 		$query1 = \OC_DB::prepare('DELETE FROM *PREFIX*bookmarks');
 		$query1->execute();