passman/controller/sharecontroller.php

<?php
/**
 * Nextcloud - passman
 *
 * This file is licensed under the Affero General Public License version 3 or
 * later. See the COPYING file.
 *
 * @author Sander Brand <brantje@gmail.com>
 * @copyright Sander Brand 2016
 */

namespace OCA\Passman\Controller;

use OCA\Passman\Db\ShareRequest;
use OCA\Passman\Db\Vault;
use OCA\Passman\Service\CredentialService;
use OCA\Passman\Service\NotificationService;
use OCA\Passman\Service\ShareService;
use OCP\IRequest;
use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\ApiController;

use OCP\IGroup;
use OCP\IGroupManager;
use OCP\IUserManager;
use OCP\IUser;

use OCA\Passman\Service\VaultService;
use OCA\Passman\Service\ActivityService;
use OCA\Passman\Activity;


class ShareController extends ApiController {
	private $userId;
	private $activityService;
	private $groupManager;
	private $userManager;
	private $vaultService;
	private $shareService;
	private $credentialService;
	private $notificationService;

	private $limit = 50;
	private $offset = 0;

	public function __construct($AppName,
								IRequest $request,
								$UserId,
								IGroupManager $groupManager,
								IUserManager $userManager,
								ActivityService $activityService,
								VaultService $vaultService,
								ShareService $shareService,
								CredentialService $credentialService,
								NotificationService $notificationService
	) {
		parent::__construct($AppName, $request);

		$this->userId = $UserId;
		$this->userManager = $userManager;
		$this->groupManager = $groupManager;
		$this->activityService = $activityService;
		$this->vaultService = $vaultService;
		$this->shareService = $shareService;
		$this->credentialService = $credentialService;
		$this->notificationService = $notificationService;
	}


	/**
	 * @NoAdminRequired
	 */
	public function applyIntermediateShare($item_id, $item_guid, $vaults, $permissions) {
		/**
		 * Assemble notification
		 */
		$credential = $this->credentialService->getCredentialById($item_id, $this->userId->getUID());
		$credential_owner = $credential->getUserId();
		$result = $this->shareService->createBulkRequests($item_id, $item_guid, $vaults, $permissions, $credential_owner);
		if ($credential) {
			$processed_users = array();

			foreach ($result as $vault){
				if(!in_array($vault->getTargetUserId(), $processed_users)){
					$target_user = $vault->getTargetUserId();
					$notification = array(
						'from_user' => ucfirst($this->userId->getDisplayName()),
						'credential_label' => $credential->getLabel(),
						'credential_id' => $credential->getId(),
						'item_id' => $credential->getId(),
						'target_user' => $target_user,
						'req_id' => $vault->getId()
					);
					$this->notificationService->credentialSharedNotification(
						$notification
					);
					array_push($processed_users, $target_user);
				}
			}


		}
		return new JSONResponse($result);
	}

	/**
	 * @NoAdminRequired
	 */
	public function searchUsers($search) {
		$users = array();
		$usersTmp = $this->userManager->searchDisplayName($search, $this->limit, $this->offset);

		foreach ($usersTmp as $user) {
			if ($this->userId != $user->getUID() && count($this->vaultService->getByUser($user->getUID())) >= 1) {
				$users[] = array(
					'text' => $user->getDisplayName(),
					'uid' => $user->getUID(),
					'type' => 'user'
				);
			}
		}
		return $users;
	}


	/**
	 * @NoAdminRequired
	 */
	public function search($search) {
		$user_search = $this->searchUsers($search);
		return new JSONResponse($user_search);
	}


	/**
	 * @NoAdminRequired
	 */
	public function getVaultsByUser($user_id) {
		$user_vaults = $this->vaultService->getByUser($user_id);
		$result = array();
		foreach ($user_vaults as $vault) {
			array_push($result,
				array(
					'vault_id' => $vault->getId(),
					'guid' => $vault->getGuid(),
					'public_sharing_key' => $vault->getPublicSharingKey(),
					'user_id' => $user_id,
				));
		}
		return new JSONResponse($result);
	}

    /**
     * @NoAdminRequired
     * @param $credential
     */
	public function share($credential) {

		$link = '';
		$this->activityService->add(
			'item_shared', array($credential->label, $this->userId),
			'', array(),
			$link, $this->userId, Activity::TYPE_ITEM_ACTION);
	}

	/**
	 * @NoAdminRequired
	 */
	public function savePendingRequest($item_guid, $target_vault_guid, $final_shared_key) {
		$sr = $this->shareService->getRequestByGuid($item_guid, $target_vault_guid);

		$manager = \OC::$server->getNotificationManager();
		$notification = $manager->createNotification();
		$notification->setApp('passman')
			->setObject('passman_share_request', $sr->getId())
			->setUser($this->userId->getUID());
		$manager->markProcessed($notification);

		$notification = array(
			'from_user' => ucfirst($this->userId->getDisplayName()),
			'credential_label' => $this->credentialService->getCredentialLabelById($sr->getItemId())->getLabel(),
			'target_user' => $sr->getFromUserId(),
			'req_id' => $sr->getId()
		);

		$this->notificationService->credentialAcceptedSharedNotification(
			$notification
		);


		$this->shareService->applyShare($item_guid, $target_vault_guid, $final_shared_key);
	}

	/**
	 * @NoAdminRequired
	 */
	public function getPendingRequests() {
		$requests = $this->shareService->getUserPendingRequests($this->userId->getUID());
		$results = array();
		foreach ($requests as $request){
			$result = $request->jsonSerialize();
			$c = $this->credentialService->getCredentialLabelById($request->getItemId());
			$result['credential_label'] = $c->getLabel();
			array_push($results, $result);
		}
		return new JSONResponse($results);
	}

    /**
     * Obtains the list of credentials shared with this vault
     * @NoAdminRequired
     */
	public function getVaultItems($vault_guid){
        $this->shareService->getSharedItems($this->userId->getUID(), $vault_guid);
    }

	public function deleteShareRequest($share_request_id){
		$sr = $this->shareService->getShareRequestById($share_request_id);
		$notification = array(
			'from_user' => ucfirst($this->userId->getDisplayName()),
			'credential_label' => $this->credentialService->getCredentialLabelById($sr->getItemId())->getLabel(),
			'target_user' => $sr->getFromUserId(),
			'req_id' => $sr->getId()
		);
		$this->notificationService->credentialDeclinedSharedNotification(
			$notification
		);


		$manager = \OC::$server->getNotificationManager();
		$notification = $manager->createNotification();
		$notification->setApp('passman')
			->setObject('passman_share_request', $share_request_id)
			->setUser($this->userId->getUID());
		$manager->markProcessed($notification);
		//@TODO load other requests and delete them by item id.

		$this->shareService->cleanItemRequestsForUser($sr);
		return new JSONResponse(array('result'=> true));
	}

}
Add search for users 2016-09-23 18:02:41 +08:00			`<?php`
			`/**`
			`* Nextcloud - passman`
			`*`
			`* This file is licensed under the Affero General Public License version 3 or`
			`* later. See the COPYING file.`
			`*`
			`* @author Sander Brand <brantje@gmail.com>`
			`* @copyright Sander Brand 2016`
			`*/`

			`namespace OCA\Passman\Controller;`

Decline sharing request 2016-10-02 23:19:12 +08:00			`use OCA\Passman\Db\ShareRequest;`
Get user vaults, returns id, guid, public key 2016-09-27 02:36:51 +08:00			`use OCA\Passman\Db\Vault;`
Send notification to user 2016-10-02 20:41:38 +08:00			`use OCA\Passman\Service\CredentialService;`
			`use OCA\Passman\Service\NotificationService;`
Sharing action api Some db changes for sharing Sharing route added Other minor changes 2016-10-02 07:56:36 +08:00			`use OCA\Passman\Service\ShareService;`
Add search for users 2016-09-23 18:02:41 +08:00			`use OCP\IRequest;`
			`use OCP\AppFramework\Http\JSONResponse;`
			`use OCP\AppFramework\ApiController;`

			`use OCP\IGroup;`
			`use OCP\IGroupManager;`
			`use OCP\IUserManager;`
			`use OCP\IUser;`

			`use OCA\Passman\Service\VaultService;`
Fix searching users / groups 2016-09-24 21:58:02 +08:00			`use OCA\Passman\Service\ActivityService;`
Add link sharing settings 2016-10-02 19:35:49 +08:00			`use OCA\Passman\Activity;`
Fix searching users / groups 2016-09-24 21:58:02 +08:00
Add search for users 2016-09-23 18:02:41 +08:00
			`class ShareController extends ApiController {`
			`private $userId;`
Add example for activity shared item 2016-09-23 23:03:36 +08:00			`private $activityService;`
Add search for users 2016-09-23 18:02:41 +08:00			`private $groupManager;`
			`private $userManager;`
Get user vaults, returns id, guid, public key 2016-09-27 02:36:51 +08:00			`private $vaultService;`
Send notification to user 2016-10-02 20:41:38 +08:00			`private $shareService;`
			`private $credentialService;`
			`private $notificationService;`
Sharing action api Some db changes for sharing Sharing route added Other minor changes 2016-10-02 07:56:36 +08:00
Add search for users 2016-09-23 18:02:41 +08:00			`private $limit = 50;`
			`private $offset = 0;`

			`public function __construct($AppName,`
			`IRequest $request,`
Fix error 500 2016-09-27 03:23:24 +08:00			`$UserId,`
Add search for users 2016-09-23 18:02:41 +08:00			`IGroupManager $groupManager,`
Add example for activity shared item 2016-09-23 23:03:36 +08:00			`IUserManager $userManager,`
Get user vaults, returns id, guid, public key 2016-09-27 02:36:51 +08:00			`ActivityService $activityService,`
Sharing action api Some db changes for sharing Sharing route added Other minor changes 2016-10-02 07:56:36 +08:00			`VaultService $vaultService,`
Send notification to user 2016-10-02 20:41:38 +08:00			`ShareService $shareService,`
			`CredentialService $credentialService,`
			`NotificationService $notificationService`
Add search for users 2016-09-23 18:02:41 +08:00			`) {`
			`parent::__construct($AppName, $request);`
Send notification to user 2016-10-02 20:41:38 +08:00
Add search for users 2016-09-23 18:02:41 +08:00			`$this->userId = $UserId;`
			`$this->userManager = $userManager;`
			`$this->groupManager = $groupManager;`
Add example for activity shared item 2016-09-23 23:03:36 +08:00			`$this->activityService = $activityService;`
Get user vaults, returns id, guid, public key 2016-09-27 02:36:51 +08:00			`$this->vaultService = $vaultService;`
Send notification to user 2016-10-02 20:41:38 +08:00			`$this->shareService = $shareService;`
			`$this->credentialService = $credentialService;`
			`$this->notificationService = $notificationService;`
Add search for users 2016-09-23 18:02:41 +08:00			`}`

Begin to implement accept shared credential 2016-10-02 21:39:52 +08:00
			`/**`
			`* @NoAdminRequired`
			`*/`
Send notification to user 2016-10-02 20:41:38 +08:00			`public function applyIntermediateShare($item_id, $item_guid, $vaults, $permissions) {`
			`/**`
			`* Assemble notification`
			`*/`
			`$credential = $this->credentialService->getCredentialById($item_id, $this->userId->getUID());`
Show dialog with incoming share requests 2016-10-02 22:10:04 +08:00			`$credential_owner = $credential->getUserId();`
			`$result = $this->shareService->createBulkRequests($item_id, $item_guid, $vaults, $permissions, $credential_owner);`
Send notification to user 2016-10-02 20:41:38 +08:00			`if ($credential) {`
			`$processed_users = array();`

			`foreach ($result as $vault){`
			`if(!in_array($vault->getTargetUserId(), $processed_users)){`
			`$target_user = $vault->getTargetUserId();`
			`$notification = array(`
			`'from_user' => ucfirst($this->userId->getDisplayName()),`
			`'credential_label' => $credential->getLabel(),`
			`'credential_id' => $credential->getId(),`
			`'item_id' => $credential->getId(),`
			`'target_user' => $target_user,`
			`'req_id' => $vault->getId()`
			`);`
			`$this->notificationService->credentialSharedNotification(`
			`$notification`
			`);`
			`array_push($processed_users, $target_user);`
			`}`
			`}`


			`}`
			`return new JSONResponse($result);`
			`}`
Add search for users 2016-09-23 18:02:41 +08:00
Begin to implement accept shared credential 2016-10-02 21:39:52 +08:00			`/**`
			`* @NoAdminRequired`
			`*/`
Add search for users 2016-09-23 18:02:41 +08:00			`public function searchUsers($search) {`
			`$users = array();`
			`$usersTmp = $this->userManager->searchDisplayName($search, $this->limit, $this->offset);`

			`foreach ($usersTmp as $user) {`
Send notification to user 2016-10-02 20:41:38 +08:00			`if ($this->userId != $user->getUID() && count($this->vaultService->getByUser($user->getUID())) >= 1) {`
Hide current user from user search 2016-09-27 01:20:48 +08:00			`$users[] = array(`
			`'text' => $user->getDisplayName(),`
			`'uid' => $user->getUID(),`
			`'type' => 'user'`
			`);`
			`}`
Add search for users 2016-09-23 18:02:41 +08:00			`}`
Remove group search, check if an user has vaults 2016-10-02 16:53:15 +08:00			`return $users;`
Add search for users 2016-09-23 18:02:41 +08:00			`}`


			`/**`
			`* @NoAdminRequired`
			`*/`
			`public function search($search) {`
Remove group search, check if an user has vaults 2016-10-02 16:53:15 +08:00			`$user_search = $this->searchUsers($search);`
			`return new JSONResponse($user_search);`
Add search for users 2016-09-23 18:02:41 +08:00			`}`


Get user vaults, returns id, guid, public key 2016-09-27 02:36:51 +08:00			`/**`
			`* @NoAdminRequired`
			`*/`
Send notification to user 2016-10-02 20:41:38 +08:00			`public function getVaultsByUser($user_id) {`
Get user vaults, returns id, guid, public key 2016-09-27 02:36:51 +08:00			`$user_vaults = $this->vaultService->getByUser($user_id);`
			`$result = array();`
Send notification to user 2016-10-02 20:41:38 +08:00			`foreach ($user_vaults as $vault) {`
Get user vaults, returns id, guid, public key 2016-09-27 02:36:51 +08:00			`array_push($result,`
			`array(`
Sharing action api Some db changes for sharing Sharing route added Other minor changes 2016-10-02 07:56:36 +08:00			`'vault_id' => $vault->getId(),`
Get user vaults, returns id, guid, public key 2016-09-27 02:36:51 +08:00			`'guid' => $vault->getGuid(),`
			`'public_sharing_key' => $vault->getPublicSharingKey(),`
			`'user_id' => $user_id,`
			`));`
			`}`
			`return new JSONResponse($result);`
			`}`

Sharing API progress 2016-10-02 23:32:22 +08:00			`/**`
			`* @NoAdminRequired`
			`* @param $credential`
			`*/`
Send notification to user 2016-10-02 20:41:38 +08:00			`public function share($credential) {`
Add example for activity shared item 2016-09-23 23:03:36 +08:00
			`$link = '';`
			`$this->activityService->add(`
			`'item_shared', array($credential->label, $this->userId),`
			`'', array(),`
			`$link, $this->userId, Activity::TYPE_ITEM_ACTION);`
			`}`

Begin to implement accept shared credential 2016-10-02 21:39:52 +08:00			`/**`
			`* @NoAdminRequired`
			`*/`
Sharing api endpoints Sharing db interfacing logics Some minor db changes 2016-10-02 19:48:23 +08:00			`public function savePendingRequest($item_guid, $target_vault_guid, $final_shared_key) {`
On accept share mark notification as read 2016-10-03 00:42:43 +08:00			`$sr = $this->shareService->getRequestByGuid($item_guid, $target_vault_guid);`

			`$manager = \OC::$server->getNotificationManager();`
			`$notification = $manager->createNotification();`
			`$notification->setApp('passman')`
			`->setObject('passman_share_request', $sr->getId())`
			`->setUser($this->userId->getUID());`
			`$manager->markProcessed($notification);`

Send a notification on accept share request 2016-10-03 00:47:02 +08:00			`$notification = array(`
			`'from_user' => ucfirst($this->userId->getDisplayName()),`
			`'credential_label' => $this->credentialService->getCredentialLabelById($sr->getItemId())->getLabel(),`
			`'target_user' => $sr->getFromUserId(),`
			`'req_id' => $sr->getId()`
			`);`

			`$this->notificationService->credentialAcceptedSharedNotification(`
			`$notification`
			`);`


Send notification to user 2016-10-02 20:41:38 +08:00			`$this->shareService->applyShare($item_guid, $target_vault_guid, $final_shared_key);`
			`}`
Sharing api endpoints Sharing db interfacing logics Some minor db changes 2016-10-02 19:48:23 +08:00
Begin to implement accept shared credential 2016-10-02 21:39:52 +08:00			`/**`
			`* @NoAdminRequired`
			`*/`
Sharing api endpoints Sharing db interfacing logics Some minor db changes 2016-10-02 19:48:23 +08:00			`public function getPendingRequests() {`
Begin to implement accept shared credential 2016-10-02 21:39:52 +08:00			`$requests = $this->shareService->getUserPendingRequests($this->userId->getUID());`
			`$results = array();`
			`foreach ($requests as $request){`
			`$result = $request->jsonSerialize();`
			`$c = $this->credentialService->getCredentialLabelById($request->getItemId());`
			`$result['credential_label'] = $c->getLabel();`
			`array_push($results, $result);`
			`}`
			`return new JSONResponse($results);`
Send notification to user 2016-10-02 20:41:38 +08:00			`}`
Sharing api endpoints Sharing db interfacing logics Some minor db changes 2016-10-02 19:48:23 +08:00
Sharing API progress 2016-10-02 23:32:22 +08:00			`/**`
			`* Obtains the list of credentials shared with this vault`
			`* @NoAdminRequired`
			`*/`
Api endpoint to get items shared with a vault 2016-10-03 01:04:19 +08:00			`public function getVaultItems($vault_guid){`
Fix select statements 2016-10-03 01:18:40 +08:00			`$this->shareService->getSharedItems($this->userId->getUID(), $vault_guid);`
Sharing API progress 2016-10-02 23:32:22 +08:00			`}`

Decline sharing request 2016-10-02 23:19:12 +08:00			`public function deleteShareRequest($share_request_id){`
Send a notification when a user declines sharing 2016-10-03 00:22:12 +08:00			`$sr = $this->shareService->getShareRequestById($share_request_id);`
			`$notification = array(`
			`'from_user' => ucfirst($this->userId->getDisplayName()),`
			`'credential_label' => $this->credentialService->getCredentialLabelById($sr->getItemId())->getLabel(),`
			`'target_user' => $sr->getFromUserId(),`
			`'req_id' => $sr->getId()`
			`);`
			`$this->notificationService->credentialDeclinedSharedNotification(`
			`$notification`
			`);`


Decline sharing request 2016-10-02 23:19:12 +08:00			`$manager = \OC::$server->getNotificationManager();`
			`$notification = $manager->createNotification();`
			`$notification->setApp('passman')`
			`->setObject('passman_share_request', $share_request_id)`
			`->setUser($this->userId->getUID());`
			`$manager->markProcessed($notification);`
Revert "Decline from notification works!" This reverts commit 5809b23811e515c38589a23f815a13c1b723c0c0. 2016-10-02 23:38:19 +08:00			`//@TODO load other requests and delete them by item id.`
Send a notification when a user declines sharing 2016-10-03 00:22:12 +08:00
Fixes for cleanItemRequestsForUser 2016-10-03 00:01:41 +08:00			`$this->shareService->cleanItemRequestsForUser($sr);`
			`return new JSONResponse(array('result'=> true));`
Decline sharing request 2016-10-02 23:19:12 +08:00			`}`

Add search for users 2016-09-23 18:02:41 +08:00			`}`