mirror of
https://github.com/nextcloud/passman.git
synced 2025-01-01 04:51:44 +08:00
Format file
This commit is contained in:
parent
995348e36b
commit
13197c583c
2 changed files with 149 additions and 142 deletions
|
@ -395,7 +395,7 @@ class ShareController extends ApiController {
|
|||
} catch (DoesNotExistException $exception) {
|
||||
|
||||
}
|
||||
|
||||
|
||||
if ($acl === null) {
|
||||
$sr = $this->shareService->getPendingShareRequestsForCredential($item_guid, $user_id);
|
||||
foreach ($sr as $shareRequest) {
|
||||
|
|
|
@ -19,170 +19,176 @@ use OCA\Passman\Db\SharingACLMapper;
|
|||
use OCP\AppFramework\Db\DoesNotExistException;
|
||||
|
||||
class ShareService {
|
||||
private $sharingACL;
|
||||
private $shareRequest;
|
||||
private $credential;
|
||||
private $revisions;
|
||||
private $sharingACL;
|
||||
private $shareRequest;
|
||||
private $credential;
|
||||
private $revisions;
|
||||
|
||||
public function __construct(
|
||||
SharingACLMapper $sharingACL,
|
||||
ShareRequestMapper $shareRequest,
|
||||
CredentialMapper $credentials,
|
||||
CredentialRevisionService $revisions
|
||||
) {
|
||||
$this->sharingACL = $sharingACL;
|
||||
$this->shareRequest = $shareRequest;
|
||||
$this->credential = $credentials;
|
||||
$this->revisions = $revisions;
|
||||
}
|
||||
public function __construct(
|
||||
SharingACLMapper $sharingACL,
|
||||
ShareRequestMapper $shareRequest,
|
||||
CredentialMapper $credentials,
|
||||
CredentialRevisionService $revisions
|
||||
) {
|
||||
$this->sharingACL = $sharingACL;
|
||||
$this->shareRequest = $shareRequest;
|
||||
$this->credential = $credentials;
|
||||
$this->revisions = $revisions;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates requests for all the items on the request array of objects.
|
||||
* This array must follow this spec:
|
||||
* user_id: The target user id
|
||||
* vault_id: The id of the target vault
|
||||
* guid: The guid of the target vault
|
||||
* key: The shared key cyphered with the target vault RSA public key
|
||||
* @param $target_item_id string The shared item ID
|
||||
* @param $target_item_guid string The shared item GUID
|
||||
* @param $request_array array
|
||||
* @param $permissions integer Must be created with a bitmask from options on the ShareRequest class
|
||||
* @return array Array of sharing requests
|
||||
*/
|
||||
public function createBulkRequests($target_item_id, $target_item_guid, $request_array, $permissions, $credential_owner) {
|
||||
$created = (new \DateTime())->getTimestamp();
|
||||
/**
|
||||
* Creates requests for all the items on the request array of objects.
|
||||
* This array must follow this spec:
|
||||
* user_id: The target user id
|
||||
* vault_id: The id of the target vault
|
||||
* guid: The guid of the target vault
|
||||
* key: The shared key cyphered with the target vault RSA public key
|
||||
*
|
||||
* @param $target_item_id string The shared item ID
|
||||
* @param $target_item_guid string The shared item GUID
|
||||
* @param $request_array array
|
||||
* @param $permissions integer Must be created with a bitmask from options on the ShareRequest class
|
||||
* @return array Array of sharing requests
|
||||
*/
|
||||
public function createBulkRequests($target_item_id, $target_item_guid, $request_array, $permissions, $credential_owner) {
|
||||
$created = (new \DateTime())->getTimestamp();
|
||||
$requests = array();
|
||||
foreach ($request_array as $req){
|
||||
$t = new ShareRequest();
|
||||
$t->setItemId($target_item_id);
|
||||
$t->setItemGuid($target_item_guid);
|
||||
$t->setTargetUserId($req['user_id']);
|
||||
$t->setTargetVaultId($req['vault_id']);
|
||||
$t->setTargetVaultGuid($req['guid']);
|
||||
$t->setSharedKey($req['key']);
|
||||
$t->setPermissions($permissions);
|
||||
$t->setCreated($created);
|
||||
foreach ($request_array as $req) {
|
||||
$t = new ShareRequest();
|
||||
$t->setItemId($target_item_id);
|
||||
$t->setItemGuid($target_item_guid);
|
||||
$t->setTargetUserId($req['user_id']);
|
||||
$t->setTargetVaultId($req['vault_id']);
|
||||
$t->setTargetVaultGuid($req['guid']);
|
||||
$t->setSharedKey($req['key']);
|
||||
$t->setPermissions($permissions);
|
||||
$t->setCreated($created);
|
||||
$t->setFromUserId($credential_owner);
|
||||
array_push($requests, $this->shareRequest->createRequest($t));
|
||||
}
|
||||
return $requests;
|
||||
}
|
||||
}
|
||||
return $requests;
|
||||
}
|
||||
|
||||
public function createACLEntry(SharingACL $acl){
|
||||
if ($acl->getCreated() == null) $acl->setCreated((new \DateTime())->getTimestamp());
|
||||
return $this->sharingACL->createACLEntry($acl);
|
||||
}
|
||||
public function createACLEntry(SharingACL $acl) {
|
||||
if ($acl->getCreated() == null) $acl->setCreated((new \DateTime())->getTimestamp());
|
||||
return $this->sharingACL->createACLEntry($acl);
|
||||
}
|
||||
|
||||
/**
|
||||
* Applies the given share, defaults to no expire
|
||||
* @param $item_guid
|
||||
* @param $target_vault_guid
|
||||
* @param $final_shared_key
|
||||
*/
|
||||
public function applyShare($item_guid, $target_vault_guid, $final_shared_key){
|
||||
$request = $this->shareRequest->getRequestByItemAndVaultGuid($item_guid, $target_vault_guid);
|
||||
$permissions = $request->getPermissions();
|
||||
/**
|
||||
* Applies the given share, defaults to no expire
|
||||
*
|
||||
* @param $item_guid
|
||||
* @param $target_vault_guid
|
||||
* @param $final_shared_key
|
||||
*/
|
||||
public function applyShare($item_guid, $target_vault_guid, $final_shared_key) {
|
||||
$request = $this->shareRequest->getRequestByItemAndVaultGuid($item_guid, $target_vault_guid);
|
||||
$permissions = $request->getPermissions();
|
||||
|
||||
$acl = new SharingACL();
|
||||
$acl->setItemId($request->getItemId());
|
||||
$acl->setItemGuid($request->getItemGuid());
|
||||
$acl->setUserId($request->getTargetUserId());
|
||||
$acl->setCreated($request->getCreated());
|
||||
$acl->setExpire(0);
|
||||
$acl->setPermissions($permissions);
|
||||
$acl->setVaultId($request->getTargetVaultId());
|
||||
$acl->setVaultGuid($request->getTargetVaultGuid());
|
||||
$acl->setSharedKey($final_shared_key);
|
||||
$acl = new SharingACL();
|
||||
$acl->setItemId($request->getItemId());
|
||||
$acl->setItemGuid($request->getItemGuid());
|
||||
$acl->setUserId($request->getTargetUserId());
|
||||
$acl->setCreated($request->getCreated());
|
||||
$acl->setExpire(0);
|
||||
$acl->setPermissions($permissions);
|
||||
$acl->setVaultId($request->getTargetVaultId());
|
||||
$acl->setVaultGuid($request->getTargetVaultGuid());
|
||||
$acl->setSharedKey($final_shared_key);
|
||||
|
||||
$this->sharingACL->createACLEntry($acl);
|
||||
$this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId());
|
||||
}
|
||||
$this->sharingACL->createACLEntry($acl);
|
||||
$this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId());
|
||||
}
|
||||
|
||||
/**
|
||||
* Obtains pending requests for the given user ID
|
||||
* @param $user_id
|
||||
* @return \OCA\Passman\Db\ShareRequest[]
|
||||
*/
|
||||
public function getUserPendingRequests($user_id){
|
||||
return $this->shareRequest->getUserPendingRequests($user_id);
|
||||
}
|
||||
/**
|
||||
* Obtains pending requests for the given user ID
|
||||
*
|
||||
* @param $user_id
|
||||
* @return \OCA\Passman\Db\ShareRequest[]
|
||||
*/
|
||||
public function getUserPendingRequests($user_id) {
|
||||
return $this->shareRequest->getUserPendingRequests($user_id);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get shared credentials from a user
|
||||
* @param $user_id
|
||||
* @param $vault_guid
|
||||
/**
|
||||
* Get shared credentials from a user
|
||||
*
|
||||
* @param $user_id
|
||||
* @param $vault_guid
|
||||
* @return \OCA\Passman\Db\SharingACL[]
|
||||
*/
|
||||
public function getSharedItems($user_id, $vault_guid){
|
||||
$entries = $this->sharingACL->getVaultEntries($user_id, $vault_guid);
|
||||
*/
|
||||
public function getSharedItems($user_id, $vault_guid) {
|
||||
$entries = $this->sharingACL->getVaultEntries($user_id, $vault_guid);
|
||||
|
||||
$return = [];
|
||||
foreach ($entries as $entry){
|
||||
// Check if the user can read the credential, probably unnecesary, but just to be sure
|
||||
if (!$entry->hasPermission(SharingACL::READ)) continue;
|
||||
$return = [];
|
||||
foreach ($entries as $entry) {
|
||||
// Check if the user can read the credential, probably unnecesary, but just to be sure
|
||||
if (!$entry->hasPermission(SharingACL::READ)) continue;
|
||||
|
||||
$tmp = $entry->jsonSerialize();
|
||||
$tmp['credential_data'] = $this->credential->getCredentialById($entry->getItemId())->jsonSerialize();
|
||||
$tmp = $entry->jsonSerialize();
|
||||
$tmp['credential_data'] = $this->credential->getCredentialById($entry->getItemId())->jsonSerialize();
|
||||
|
||||
if (!$entry->hasPermission(SharingACL::FILES)) unset($tmp['credential_data']['files']);
|
||||
unset($tmp['credential_data']['shared_key']);
|
||||
$return[] = $tmp;
|
||||
}
|
||||
return $return;
|
||||
}
|
||||
if (!$entry->hasPermission(SharingACL::FILES)) unset($tmp['credential_data']['files']);
|
||||
unset($tmp['credential_data']['shared_key']);
|
||||
$return[] = $tmp;
|
||||
}
|
||||
return $return;
|
||||
}
|
||||
|
||||
/*
|
||||
* Gets the acl for a given item guid
|
||||
* @param $user_id
|
||||
* @param $item_guid
|
||||
* @return SharingACL
|
||||
*/
|
||||
public function getACL($user_id, $item_guid){
|
||||
/*
|
||||
* Gets the acl for a given item guid
|
||||
* @param $user_id
|
||||
* @param $item_guid
|
||||
* @return SharingACL
|
||||
*/
|
||||
public function getACL($user_id, $item_guid) {
|
||||
return $this->sharingACL->getItemACL($user_id, $item_guid);
|
||||
}
|
||||
|
||||
public function getSharedItem($user_id, $item_guid){
|
||||
$acl = $this->sharingACL->getItemACL($user_id, $item_guid);
|
||||
public function getSharedItem($user_id, $item_guid) {
|
||||
$acl = $this->sharingACL->getItemACL($user_id, $item_guid);
|
||||
|
||||
// Check if the user can read the credential, probably unnecesary, but just to be sure
|
||||
if (!$acl->hasPermission(SharingACL::READ)) throw new DoesNotExistException("Item not found or wrong access level");
|
||||
// Check if the user can read the credential, probably unnecesary, but just to be sure
|
||||
if (!$acl->hasPermission(SharingACL::READ)) throw new DoesNotExistException("Item not found or wrong access level");
|
||||
|
||||
$tmp = $acl->jsonSerialize();
|
||||
$tmp['credential_data'] = $this->credential->getCredentialById($acl->getItemId())->jsonSerialize();
|
||||
$tmp = $acl->jsonSerialize();
|
||||
$tmp['credential_data'] = $this->credential->getCredentialById($acl->getItemId())->jsonSerialize();
|
||||
|
||||
if (!$acl->hasPermission(SharingACL::FILES)) unset($tmp['credential_data']['files']);
|
||||
unset($tmp['credential_data']['shared_key']);
|
||||
if (!$acl->hasPermission(SharingACL::FILES)) unset($tmp['credential_data']['files']);
|
||||
unset($tmp['credential_data']['shared_key']);
|
||||
|
||||
return $tmp;
|
||||
}
|
||||
return $tmp;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets history from the given item checking the user's permissions to access it
|
||||
* @param $user_id
|
||||
* @param $item_guid
|
||||
* @return CredentialRevision[]
|
||||
*/
|
||||
public function getItemHistory($user_id, $item_guid) {
|
||||
$acl = $this->sharingACL->getItemACL($user_id, $item_guid);
|
||||
if (!$acl->hasPermission(SharingACL::READ | SharingACL::HISTORY)) return [];
|
||||
/**
|
||||
* Gets history from the given item checking the user's permissions to access it
|
||||
*
|
||||
* @param $user_id
|
||||
* @param $item_guid
|
||||
* @return CredentialRevision[]
|
||||
*/
|
||||
public function getItemHistory($user_id, $item_guid) {
|
||||
$acl = $this->sharingACL->getItemACL($user_id, $item_guid);
|
||||
if (!$acl->hasPermission(SharingACL::READ | SharingACL::HISTORY)) return [];
|
||||
|
||||
return $this->revisions->getRevisions($acl->getItemId());
|
||||
}
|
||||
return $this->revisions->getRevisions($acl->getItemId());
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Deletes an share reuqest by id
|
||||
*
|
||||
* @param ShareRequest $request
|
||||
* @return \OCA\Passman\Db\ShareRequest[]
|
||||
*/
|
||||
public function cleanItemRequestsForUser(ShareRequest $request){
|
||||
public function cleanItemRequestsForUser(ShareRequest $request) {
|
||||
return $this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId());
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an share request by id
|
||||
*/
|
||||
public function getShareRequestById($id){
|
||||
public function getShareRequestById($id) {
|
||||
return $this->shareRequest->getShareRequestById($id);
|
||||
}
|
||||
|
||||
|
@ -204,19 +210,20 @@ class ShareService {
|
|||
return $this->sharingACL->getCredentialAclList($item_guid);
|
||||
}
|
||||
|
||||
public function getCredentialPendingAclList($item_guid){
|
||||
return $this->shareRequest->getRequestsByItemGuid($item_guid);
|
||||
}
|
||||
public function getCredentialPendingAclList($item_guid) {
|
||||
return $this->shareRequest->getRequestsByItemGuid($item_guid);
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the ACL on the credential for the user
|
||||
* @param $user_id
|
||||
* @param $item_guid
|
||||
* @return SharingACL
|
||||
*/
|
||||
public function getCredentialAclForUser($user_id, $item_guid){
|
||||
return $this->sharingACL->getItemACL($user_id, $item_guid);
|
||||
}
|
||||
/**
|
||||
* Gets the ACL on the credential for the user
|
||||
*
|
||||
* @param $user_id
|
||||
* @param $item_guid
|
||||
* @return SharingACL
|
||||
*/
|
||||
public function getCredentialAclForUser($user_id, $item_guid) {
|
||||
return $this->sharingACL->getItemACL($user_id, $item_guid);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get pending share requests by guid
|
||||
|
@ -249,11 +256,11 @@ class ShareService {
|
|||
}
|
||||
|
||||
|
||||
public function updateCredentialACL(SharingACL $sharingACL){
|
||||
public function updateCredentialACL(SharingACL $sharingACL) {
|
||||
return $this->sharingACL->updateCredentialACL($sharingACL);
|
||||
}
|
||||
|
||||
public function updateCredentialShareRequest(ShareRequest $shareRequest){
|
||||
public function updateCredentialShareRequest(ShareRequest $shareRequest) {
|
||||
return $this->shareRequest->updateShareRequest($shareRequest);
|
||||
}
|
||||
|
||||
|
@ -264,7 +271,7 @@ class ShareService {
|
|||
* @param ShareRequest $request
|
||||
* @return \OCA\Passman\Db\ShareRequest[]
|
||||
*/
|
||||
public function getPendingShareRequestsForCredential($item_guid, $user_id){
|
||||
public function getPendingShareRequestsForCredential($item_guid, $user_id) {
|
||||
return $this->shareRequest->getPendingShareRequests($item_guid, $user_id);
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue