Merge branch 'shareMiddleware'

controller/sharecontroller.php

@@ -20,9 +20,7 @@ use OCA\Passman\Service\SettingsService;
 use OCA\Passman\Service\ShareService;
 use OCA\Passman\Utility\NotFoundJSONResponse;
 use OCA\Passman\Utility\Utils;
-use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Http\NotFoundResponse;
-use OCP\IConfig;
 use OCP\IRequest;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\AppFramework\ApiController;
@@ -87,11 +85,6 @@ class ShareController extends ApiController {
 	 * @NoCSRFRequired
 	 */
 	public function createPublicShare($item_id, $item_guid, $permissions, $expire_timestamp, $expire_views) {
-
-		if (!$this->settings->isEnabled('link_sharing_enabled')) {
-			return new JSONResponse(array());
-		}
-
 		try {
 			$credential = $this->credentialService->getCredentialByGUID($item_guid);
 		} catch (\Exception $exception) {
@@ -128,9 +121,6 @@ class ShareController extends ApiController {
 	 * @NoCSRFRequired
 	 */
 	public function applyIntermediateShare($item_id, $item_guid, $vaults, $permissions) {
-		if (!$this->settings->isEnabled('user_sharing_enabled')) {
-			return new JSONResponse(array());
-		}
 		/**
 		 * Assemble notification
 		 */
@@ -223,9 +213,6 @@ class ShareController extends ApiController {
 	 * @NoCSRFRequired
 	 */
 	public function unshareCredential($item_guid) {
-		if (!$this->settings->isEnabled('user_sharing_enabled')) {
-			return new JSONResponse(array());
-		}
 		$acl_list = $this->shareService->getCredentialAclList($item_guid);
 		$request_list = $this->shareService->getShareRequestsByGuid($item_guid);
 		foreach ($acl_list as $ACL) {
@@ -340,9 +327,6 @@ class ShareController extends ApiController {
 	 * @NoCSRFRequired
 	 */
 	public function getPendingRequests() {
-		if (!$this->settings->isEnabled('user_sharing_enabled')) {
-			return new JSONResponse(array());
-		}
 		try {
 			$requests = $this->shareService->getUserPendingRequests($this->userId->getUID());
 			$results = array();
@@ -379,10 +363,6 @@ class ShareController extends ApiController {
 	 * @NoCSRFRequired
 	 */
 	public function getVaultItems($vault_guid) {
-		if (!$this->settings->isEnabled('user_sharing_enabled')) {
-			return new JSONResponse(array());
-		}
-
 		try {
 			return new JSONResponse($this->shareService->getSharedItems($this->userId->getUID(), $vault_guid));
 		} catch (\Exception $ex) {
@@ -433,9 +413,6 @@ class ShareController extends ApiController {
 	 * @PublicPage
 	 */
 	public function getPublicCredentialData($credential_guid) {
-		if (!$this->settings->isEnabled('user_sharing_enabled')) {
-			return new JSONResponse(array());
-		}
 		//@TODO Check expire date
 		$acl = $this->shareService->getACL(null, $credential_guid);
 

js/app/controllers/credential.js

@@ -198,7 +198,7 @@
 					$scope.settings = SettingsService.getSettings();
 				};
 
-				if(!SettingsService.getSetting('user_sharing_enabled')){
+				if(!SettingsService.getSetting('settings_loaded')){
 					$rootScope.$on('settings_loaded', function () {
 						settingsLoaded();
 					});

js/app/controllers/share.js

@@ -64,7 +64,7 @@
 					}
 				};
 
-				if(!SettingsService.getSetting('user_sharing_enabled')){
+				if(!SettingsService.getSetting('settings_loaded')){
 					$rootScope.$on('settings_loaded', function () {
 						settingsLoaded();
 					});

lib/AppInfo/Application.php

@@ -22,12 +22,14 @@
  */
 
 namespace OCA\Passman\AppInfo;
+
 use OC\Files\View;
 
 use OCA\Passman\Controller\CredentialController;
 use OCA\Passman\Controller\PageController;
 use OCA\Passman\Controller\ShareController;
 use OCA\Passman\Controller\VaultController;
+use OCA\Passman\Middleware\ShareMiddleware;
 use OCA\Passman\Service\ActivityService;
 use OCA\Passman\Service\CronService;
 use OCA\Passman\Service\CredentialService;
@@ -43,22 +45,31 @@ use OCP\IDBConnection;
 use OCP\AppFramework\App;
 use OCP\IL10N;
 use OCP\Util;
+
 class Application extends App {
-	public function __construct () {
+	public function __construct() {
 		parent::__construct('passman');
 		$container = $this->getContainer();
 		// Allow automatic DI for the View, until we migrated to Nodes API
-		$container->registerService(View::class, function() {
+		$container->registerService(View::class, function () {
 			return new View('');
 		}, false);
-		$container->registerService('isCLI', function() {
+		$container->registerService('isCLI', function () {
 			return \OC::$CLI;
 		});
 
+		/**
+		 * Middleware
+		 */
+		$container->registerService('ShareMiddleware', function ($c) {
+			return new ShareMiddleware($c->query('SettingsService'));
+		});
+		$container->registerMiddleware('ShareMiddleware');
+
 		/**
 		 * Controllers
 		 */
-		$container->registerService('ShareController', function($c) {
+		$container->registerService('ShareController', function ($c) {
 			$container = $this->getContainer();
 			$server = $container->getServer();
 			return new ShareController(
@@ -78,7 +89,6 @@ class Application extends App {
 		});
 
 
-
 		/** Cron **/
 		$container->registerService('CronService', function ($c) {
 			return new CronService(
@@ -95,7 +105,7 @@ class Application extends App {
 			return new Db();
 		});
 
-		$container->registerService('Logger', function($c) {
+		$container->registerService('Logger', function ($c) {
 			return $c->query('ServerContainer')->getLogger();
 		});
 

lib/Service/SettingsService.php

@@ -61,6 +61,7 @@ class SettingsService {
 			'check_version' => intval($this->config->getAppValue('passman', 'check_version', 1)),
 			'https_check' => intval($this->config->getAppValue('passman', 'https_check', 1)),
 			'disable_contextmenu' => intval($this->config->getAppValue('passman', 'disable_contextmenu', 1)),
+			'settings_loaded' => 1
 		);
 		return $this->settings;
 	}

middleware/sharemiddleware.php

@@ -0,0 +1,49 @@
+<?php
+
+namespace OCA\Passman\Middleware;
+
+use OCA\Passman\Controller\ShareController;
+use OCA\Passman\Service\SettingsService;
+use OCP\AppFramework\Http\JSONResponse;
+use \OCP\AppFramework\Middleware;
+use OCP\AppFramework\Http;
+
+class ShareMiddleware extends Middleware {
+
+	private $settings;
+
+	public function __construct(SettingsService $config) {
+		$this->settings = $config;
+	}
+
+
+	public function beforeController($controller, $methodName) {
+		if ($controller instanceof ShareController) {
+			$http_response_code = \OCP\AppFramework\Http::STATUS_FORBIDDEN;
+			$result = 'FORBIDDEN';
+
+			if (in_array($methodName, array('updateSharedCredentialACL', 'getFile', 'getItemAcl'))) {
+				$sharing_enabled = ($this->settings->isEnabled('link_sharing_enabled') || $this->settings->isEnabled('user_sharing_enabled'));
+			} else {
+				$publicMethods = array('createPublicShare', 'getPublicCredentialData');
+				$setting = (in_array($methodName, $publicMethods)) ? 'link_sharing_enabled' : 'user_sharing_enabled';
+				$sharing_enabled = ($this->settings->isEnabled($setting));
+				if ($methodName === 'getVaultItems' || $methodName === 'getPendingRequests') {
+					$http_response_code = Http::STATUS_OK;
+					$result = array();
+				}
+			}
+
+
+			if (!$sharing_enabled) {
+				$response = new JSONResponse($result);
+				http_response_code($http_response_code);
+				header('Passman-sharing: disabled');
+				header('Passman-method: ShareController.' . $methodName);
+				die($response->render());
+			}
+		}
+	}
+}
+
+