From b4ed5e9c76758687d32f9a6837aa50bf8f067fd3 Mon Sep 17 00:00:00 2001 From: Marcos Zuriaga Date: Mon, 3 Oct 2016 17:20:57 +0200 Subject: [PATCH] Added api endpoint to get revisions of shared items --- appinfo/routes.php | 2 +- controller/sharecontroller.php | 4 ++++ lib/Db/CredentialRevisionMapper.php | 11 ++++++++--- lib/Db/SharingACLMapper.php | 12 ++++++++++++ lib/Service/CredentialRevisionService.php | 2 +- lib/Service/ShareService.php | 16 +++++++++++++++- lib/Utility/PermissionEntity.php | 1 + 7 files changed, 42 insertions(+), 6 deletions(-) diff --git a/appinfo/routes.php b/appinfo/routes.php index 193de7a1..f7642f4b 100644 --- a/appinfo/routes.php +++ b/appinfo/routes.php @@ -56,7 +56,7 @@ return [ ['name' => 'share#getPendingRequests', 'url' => '/api/v2/sharing/pending', 'verb' => 'GET'], ['name' => 'share#deleteShareRequest', 'url' => '/api/v2/sharing/decline/{share_request_id}', 'verb' => 'DELETE'], ['name' => 'share#getVaultItems', 'url' => '/api/v2/sharing/vault/{vault_guid}/get', 'verb' => 'GET'], - + ['name' => 'share#getRevisions', 'url' => '/api/v2/sharing/revisions/{item_guid}', 'verb' => 'GET'], //Internal API ['name' => 'internal#remind', 'url' => '/api/internal/notifications/remind/{credential_id}', 'verb' => 'POST'], diff --git a/controller/sharecontroller.php b/controller/sharecontroller.php index 4a3d82f9..1afdab0d 100644 --- a/controller/sharecontroller.php +++ b/controller/sharecontroller.php @@ -221,6 +221,10 @@ class ShareController extends ApiController { return new JSONResponse($results); } + public function getRevisions($item_guid){ + return new JSONResponse($this->shareService->getItemHistory($this->userId, $item_guid)); + } + /** * Obtains the list of credentials shared with this vault * @NoAdminRequired diff --git a/lib/Db/CredentialRevisionMapper.php b/lib/Db/CredentialRevisionMapper.php index 1fa46e7c..641f1294 100644 --- a/lib/Db/CredentialRevisionMapper.php +++ b/lib/Db/CredentialRevisionMapper.php @@ -27,10 +27,15 @@ class CredentialRevisionMapper extends Mapper { * @throws \OCP\AppFramework\Db\DoesNotExistException if not found * @throws \OCP\AppFramework\Db\MultipleObjectsReturnedException if more than one result */ - public function getRevisions($credential_id, $user_id) { + public function getRevisions($credential_id, $user_id = null) { $sql = 'SELECT * FROM `*PREFIX*passman_revisions` ' . - 'WHERE `credential_id` = ? and `user_id` = ? '; - return $this->findEntities($sql, [$credential_id, $user_id]); + 'WHERE `credential_id` = ?'; + $params = [$credential_id]; + if ($user_id !== null) { + $sql.= ' and `user_id` = ? '; + $params[] = $user_id; + } + return $this->findEntities($sql, $params); } public function create($credential, $userId, $credential_id) { diff --git a/lib/Db/SharingACLMapper.php b/lib/Db/SharingACLMapper.php index 1d4e67d9..13ee3c93 100644 --- a/lib/Db/SharingACLMapper.php +++ b/lib/Db/SharingACLMapper.php @@ -4,6 +4,7 @@ * User: wolfi * Date: 24/09/16 * Time: 14:20 + * This file is part of passman, licensed under AGPLv3 */ namespace OCA\Passman\Db; @@ -49,6 +50,17 @@ class SharingACLMapper extends Mapper { return $this->findEntities($q, [$user_id, $vault_id]); } + /** + * Gets the acl for a given item guid + * @param $user_id + * @param $item_guid + * @return SharingACL + */ + public function getItemACL($user_id, $item_guid) { + $q = "SELECT * FROM " . self::TABLE_NAME . " WHERE user_id = ? AND item_guid = ?"; + return $this->findEntity($q, [$user_id, $item_guid]); + } + /** * Gets the currently accepted share requests from the given user for the given vault guid * @param $user_id diff --git a/lib/Service/CredentialRevisionService.php b/lib/Service/CredentialRevisionService.php index 4320014d..6f86ba97 100644 --- a/lib/Service/CredentialRevisionService.php +++ b/lib/Service/CredentialRevisionService.php @@ -29,7 +29,7 @@ class CredentialRevisionService { return $this->credentialRevisionMapper->create($credential, $userId, $credential_id); } - public function getRevisions($credential_id, $user_id){ + public function getRevisions($credential_id, $user_id = null){ return $this->credentialRevisionMapper->getRevisions($credential_id, $user_id); } diff --git a/lib/Service/ShareService.php b/lib/Service/ShareService.php index f9dfd8d0..aad1b7bf 100644 --- a/lib/Service/ShareService.php +++ b/lib/Service/ShareService.php @@ -20,11 +20,18 @@ class ShareService { private $sharingACL; private $shareRequest; private $credential; + private $revisions; - public function __construct(SharingACLMapper $sharingACL, ShareRequestMapper $shareRequest, CredentialMapper $credentials) { + public function __construct( + SharingACLMapper $sharingACL, + ShareRequestMapper $shareRequest, + CredentialMapper $credentials, + CredentialRevisionService $revisions + ) { $this->sharingACL = $sharingACL; $this->shareRequest = $shareRequest; $this->credential = $credentials; + $this->revisions = $revisions; } /** @@ -111,6 +118,13 @@ class ShareService { return $return; } + public function getItemHistory($user_id, $item_guid) { + $acl = $this->sharingACL->getItemACL($user_id, $item_guid); + if (!$acl->hasPermission(SharingACL::READ | SharingACL::HISTORY)) return []; + + return $this->revisions->getRevisions($acl->getItemId()); + } + /** * Deletes an share reuqest by id diff --git a/lib/Utility/PermissionEntity.php b/lib/Utility/PermissionEntity.php index 6304b3dd..2a5078f0 100644 --- a/lib/Utility/PermissionEntity.php +++ b/lib/Utility/PermissionEntity.php @@ -4,6 +4,7 @@ * User: wolfi * Date: 2/10/16 * Time: 13:27 + * This file is part of passman, licensed under AGPLv3 */ namespace OCA\Passman\Utility;