diff --git a/lib/Service/ShareService.php b/lib/Service/ShareService.php index bc55e5bf..f9dfd8d0 100644 --- a/lib/Service/ShareService.php +++ b/lib/Service/ShareService.php @@ -17,116 +17,114 @@ use OCA\Passman\Db\SharingACL; use OCA\Passman\Db\SharingACLMapper; class ShareService { - private $sharingACL; - private $shareRequest; - private $credential; + private $sharingACL; + private $shareRequest; + private $credential; - public function __construct(SharingACLMapper $sharingACL, ShareRequestMapper $shareRequest, CredentialMapper $credentials) { - $this->sharingACL = $sharingACL; - $this->shareRequest = $shareRequest; - $this->credential = $credentials; - } + public function __construct(SharingACLMapper $sharingACL, ShareRequestMapper $shareRequest, CredentialMapper $credentials) { + $this->sharingACL = $sharingACL; + $this->shareRequest = $shareRequest; + $this->credential = $credentials; + } - /** - * Creates requests for all the items on the request array of objects. - * This array must follow this spec: - * user_id: The target user id - * vault_id: The id of the target vault - * guid: The guid of the target vault - * key: The shared key cyphered with the target vault RSA public key - * - * @param $target_item_id string The shared item ID - * @param $target_item_guid string The shared item GUID - * @param $request_array array - * @param $permissions integer Must be created with a bitmask from options on the ShareRequest class - * @return array Array of sharing requests - */ - public function createBulkRequests($target_item_id, $target_item_guid, $request_array, $permissions, $credential_owner) { - $created = (new \DateTime())->getTimestamp(); + /** + * Creates requests for all the items on the request array of objects. + * This array must follow this spec: + * user_id: The target user id + * vault_id: The id of the target vault + * guid: The guid of the target vault + * key: The shared key cyphered with the target vault RSA public key + * @param $target_item_id string The shared item ID + * @param $target_item_guid string The shared item GUID + * @param $request_array array + * @param $permissions integer Must be created with a bitmask from options on the ShareRequest class + * @return array Array of sharing requests + */ + public function createBulkRequests($target_item_id, $target_item_guid, $request_array, $permissions, $credential_owner) { + $created = (new \DateTime())->getTimestamp(); $requests = array(); - foreach ($request_array as $req) { - $t = new ShareRequest(); - $t->setItemId($target_item_id); - $t->setItemGuid($target_item_guid); - $t->setTargetUserId($req['user_id']); - $t->setTargetVaultId($req['vault_id']); - $t->setTargetVaultGuid($req['guid']); - $t->setSharedKey($req['key']); - $t->setPermissions($permissions); - $t->setCreated($created); + foreach ($request_array as $req){ + $t = new ShareRequest(); + $t->setItemId($target_item_id); + $t->setItemGuid($target_item_guid); + $t->setTargetUserId($req['user_id']); + $t->setTargetVaultId($req['vault_id']); + $t->setTargetVaultGuid($req['guid']); + $t->setSharedKey($req['key']); + $t->setPermissions($permissions); + $t->setCreated($created); $t->setFromUserId($credential_owner); array_push($requests, $this->shareRequest->createRequest($t)); - } - return $requests; - } + } + return $requests; + } - /** - * Applies the given share, defaults to no expire - * - * @param $item_guid - * @param $target_vault_guid - * @param $final_shared_key - */ - public function applyShare($item_guid, $target_vault_guid, $final_shared_key) { - $request = $this->shareRequest->getRequestByGuid($item_guid, $target_vault_guid); - $permissions = $request->getPermissions(); + /** + * Applies the given share, defaults to no expire + * @param $item_guid + * @param $target_vault_guid + * @param $final_shared_key + */ + public function applyShare($item_guid, $target_vault_guid, $final_shared_key){ + $request = $this->shareRequest->getRequestByGuid($item_guid, $target_vault_guid); + $permissions = $request->getPermissions(); - $acl = new SharingACL(); - $acl->setItemId($request->getItemId()); - $acl->setItemGuid($request->getItemGuid()); - $acl->setUserId($request->getTargetUserId()); - $acl->setCreated($request->getCreated()); - $acl->setExpire(0); - $acl->setPermissions($permissions); - $acl->setVaultId($request->getTargetVaultId()); - $acl->setVaultGuid($request->getTargetVaultGuid()); - $acl->setSharedKey($final_shared_key); + $acl = new SharingACL(); + $acl->setItemId($request->getItemId()); + $acl->setItemGuid($request->getItemGuid()); + $acl->setUserId($request->getTargetUserId()); + $acl->setCreated($request->getCreated()); + $acl->setExpire(0); + $acl->setPermissions($permissions); + $acl->setVaultId($request->getTargetVaultId()); + $acl->setVaultGuid($request->getTargetVaultGuid()); + $acl->setSharedKey($final_shared_key); - $this->sharingACL->createACLEntry($acl); - $this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId()); - } + $this->sharingACL->createACLEntry($acl); + $this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId()); + } - /** - * Obtains pending requests for the given user ID - * - * @param $user_id - * @return \OCA\Passman\Db\ShareRequest[] - */ - public function getUserPendingRequests($user_id) { - return $this->shareRequest->getUserPendingRequests($user_id); - } + /** + * Obtains pending requests for the given user ID + * @param $user_id + * @return \OCA\Passman\Db\ShareRequest[] + */ + public function getUserPendingRequests($user_id){ + return $this->shareRequest->getUserPendingRequests($user_id); + } - public function getSharedItems($user_id, $vault_guid) { - $entries = $this->sharingACL->getVaultEntries($user_id, $vault_guid); + public function getSharedItems($user_id, $vault_guid){ + $entries = $this->sharingACL->getVaultEntries($user_id, $vault_guid); - $return = []; - foreach ($entries as $entry) { - // Check if the user can read the credential, probably unnecesary, but just to be sure - if (!$entry->hasPermission(SharingACL::READ)) continue; + $return = []; + foreach ($entries as $entry){ + // Check if the user can read the credential, probably unnecesary, but just to be sure + if (!$entry->hasPermission(SharingACL::READ)) continue; - $tmp = $entry->jsonSerialize(); - $tmp['credential_data'] = $this->credential->getCredentialById($entry->getItemId())->jsonSerialize(); - unset($tmp['credential_data']['shared_key']); - $return[] = $tmp; - } - return $return; - } + $tmp = $entry->jsonSerialize(); + $tmp['credential_data'] = $this->credential->getCredentialById($entry->getItemId())->jsonSerialize(); + + if (!$entry->hasPermission(SharingACL::FILES)) unset($tmp['credential_data']['files']); + unset($tmp['credential_data']['shared_key']); + $return[] = $tmp; + } + return $return; + } /** * Deletes an share reuqest by id - * * @param ShareRequest $request * @return \OCA\Passman\Db\ShareRequest[] */ - public function cleanItemRequestsForUser(ShareRequest $request) { + public function cleanItemRequestsForUser(ShareRequest $request){ return $this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId()); } /** * Get an share request by id */ - public function getShareRequestById($id) { + public function getShareRequestById($id){ return $this->shareRequest->getShareRequestById($id); }