nextcloud/passman
1
1
Fork 0
mirror of https://github.com/nextcloud/passman.git synced 2025-12-16 21:27:33 +08:00
Code Issues Projects Releases Packages Wiki Activity

Sharing api endpoints

Browse source 
Sharing db interfacing logics
Some minor db changes
This commit is contained in:
Marcos Zuriaga 2016-10-02 13:48:23 +02:00
parent b5d7ed9418
commit b828f7dbd1
No known key found for this signature in database
GPG key ID: 7D15585354D072FF
10 changed files with 169 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
appinfo/database.xml
View file

@ -433,12 +433,6 @@
<notnull>false</notnull> <notnull>false</notnull>
<length>64</length> <length>64</length>
</field> </field>
<field>
<name>group_id</name>
<type>text</type>
<notnull>false</notnull>
<length>64</length>
</field>
<field> <field>
<name>created</name> <name>created</name>
<type>integer</type> <type>integer</type>
@ -496,6 +490,12 @@
<notnull>true</notnull> <notnull>true</notnull>
<length>64</length> <length>64</length>
</field> </field>
<field>
<name>target_user_id</name>
<type>text</type>
<notnull>false</notnull>
<length>64</length>
</field>
<field> <field>
<name>target_vault_id</name> <name>target_vault_id</name>
<type>integer</type> <type>integer</type>

2
appinfo/info.xml
View file

@ -5,7 +5,7 @@
<description>A password manager for Nextcloud</description> <description>A password manager for Nextcloud</description>
<licence>AGPL</licence> <licence>AGPL</licence>
<author>Sander Brand</author> <author>Sander Brand</author>
<version>1.0.2.15</version> <version>1.0.2.17</version>
<namespace>Passman</namespace> <namespace>Passman</namespace>
<category>other</category> <category>other</category>
<website>https://github.com/nextcloud/passman/</website> <website>https://github.com/nextcloud/passman/</website>

2
appinfo/routes.php
View file

@ -50,6 +50,8 @@ return [
['name' => 'share#search', 'url' => '/api/v2/sharing/search', 'verb' => 'POST'], ['name' => 'share#search', 'url' => '/api/v2/sharing/search', 'verb' => 'POST'],
['name' => 'share#getVaultsByUser', 'url' => '/api/v2/sharing/vaults/{user_id}', 'verb' => 'GET'], ['name' => 'share#getVaultsByUser', 'url' => '/api/v2/sharing/vaults/{user_id}', 'verb' => 'GET'],
['name' => 'share#applyIntermediateShare', 'url' => '/api/v2/sharing/share', 'verb' => 'POST'], ['name' => 'share#applyIntermediateShare', 'url' => '/api/v2/sharing/share', 'verb' => 'POST'],
['name' => 'share#savePendingRequest', 'url' => '/api/v2/sharing/save' 'verb' => 'POST'],
['name' => 'share#getPendingRequests', 'url' => '/api/v2/sharing/pending', 'verb' => 'POST'],
//Internal API //Internal API

8
controller/sharecontroller.php
View file

@ -113,4 +113,12 @@ class ShareController extends ApiController {
$link, $this->userId, Activity::TYPE_ITEM_ACTION); $link, $this->userId, Activity::TYPE_ITEM_ACTION);
} }
public function savePendingRequest($item_guid, $target_vault_guid, $final_shared_key) {
$this->shareService->applyShare($item_guid, $target_vault_guid, $final_shared_key);
}
public function getPendingRequests() {
return new JSONResponse($this->shareService->getUserPendingRequests());
}
} }

44
lib/Db/ShareRequest.php
View file

@ -9,6 +9,7 @@
namespace OCA\Passman\Db; namespace OCA\Passman\Db;
use OCA\Passman\Utility\PermissionEntity;
use OCP\AppFramework\Db\Entity; use OCP\AppFramework\Db\Entity;
/** /**
@ -18,6 +19,8 @@ use OCP\AppFramework\Db\Entity;
* @method integer getItemId() * @method integer getItemId()
* @method void setItemGuid(string $value) * @method void setItemGuid(string $value)
* @method string getItemGuid() * @method string getItemGuid()
* @method void setTargetUserId(string $value)
* @method string getTargetUserId()
* @method void setTargetVaultId(integer $value) * @method void setTargetVaultId(integer $value)
* @method integer getTargetVaultId() * @method integer getTargetVaultId()
* @method void setTargetVaultGuid(integer $value) * @method void setTargetVaultGuid(integer $value)
@ -30,14 +33,12 @@ use OCP\AppFramework\Db\Entity;
* @method integer getCreated() * @method integer getCreated()
*/ */
class ShareRequest extends Entity implements \JsonSerializable { class ShareRequest extends PermissionEntity implements \JsonSerializable {
CONST READ = 0b00000001;
CONST WRITE = 0b00000010;
CONST OWNER = 0b10000000;
protected protected
$itemId, $itemId,
$itemGuid, $itemGuid,
$targetUserId,
$targetVaultId, $targetVaultId,
$targetVaultGuid, $targetVaultGuid,
$sharedKey, $sharedKey,
@ -51,37 +52,6 @@ class ShareRequest extends Entity implements \JsonSerializable {
$this->addType('permissions', 'integer'); $this->addType('permissions', 'integer');
} }
/**
* Checks wether a user matches one or more permissions at once
* @param $permission
* @return bool
*/
public function hasPermission($permission) {
$tmp = $this->getPermissions();
$tmp = $tmp & $permission;
return $tmp == $permission;
}
/**
* Adds the given permission or permissions set to the user current permissions
* @param $permission
*/
public function addPermission($permission) {
$tmp = $this->getPermissions();
$tmp = $tmp | $permission;
$this->setPermissions($tmp);
}
/**
* Takes the given permission or permissions out from the user
* @param $permission
*/
public function removePermission($permission) {
$tmp = $this->getPermissions();
$tmp = $tmp & !$permission;
$this->setPermissions($tmp);
}
/** /**
* Specify data which should be serialized to JSON * Specify data which should be serialized to JSON
* @link http://php.net/manual/en/jsonserializable.jsonserialize.php * @link http://php.net/manual/en/jsonserializable.jsonserialize.php
@ -95,6 +65,10 @@ class ShareRequest extends Entity implements \JsonSerializable {
'req_id' => $this->getId(), 'req_id' => $this->getId(),
'item_id' => $this->getItemId(), 'item_id' => $this->getItemId(),
'item_guid' => $this->getItemGuid(), 'item_guid' => $this->getItemGuid(),
'target_user_id' => $this->getTargetUserId(),
'target_vault_id' => $this->getTargetVaultId(),
'target_vault_guid' => $this->getTargetVaultGuid(),
'item_guid' => $this->getItemGuid(),
'shared_key' => $this->getSharedKey(), 'shared_key' => $this->getSharedKey(),
'permissions' => $this->getPermissions(), 'permissions' => $this->getPermissions(),
'created' => $this->getCreated(), 'created' => $this->getCreated(),

28
lib/Db/ShareRequestMapper.php
View file

@ -24,4 +24,32 @@ class ShareRequestMapper extends Mapper {
public function createRequest(ShareRequest $request){ public function createRequest(ShareRequest $request){
return $this->insert($request); return $this->insert($request);
} }
/**
* Obtains a request by the given item and vault GUID pair
* @param $item_guid
* @param $target_vault_guid
* @return ShareRequest
*/
public function getRequestByGuid($item_guid, $target_vault_guid){
$q = "SELECT * FROM *PREFIX*" . self::TABLE_NAME . " WHERE item_guid = ? AND target_vault_guid = ?";
return $this->findEntity($q, [$item_guid, $target_vault_guid]);
}
public function cleanItemRequestsForUser($item_id, $target_user_id){
$req = new ShareRequest();
$req->setItemId($item_id);
$req->setTargetUserId($target_user_id);
return $this->delete($req);
}
/**
* Obtains all pending share requests for the given user ID
* @param $user_id
* @return ShareRequest[]
*/
public function getUserPendingRequests($user_id){
$q = "SELECT * FROM *PREFIX*{{self::TABLE_NAME }} WHERE user_id = ?";
return $this->findEntities($q, [$user_id]);
}
} }

23
lib/Db/SharingACL.php
View file

@ -7,6 +7,7 @@
namespace OCA\Passman\Db; namespace OCA\Passman\Db;
use OCA\Passman\Utility\PermissionEntity;
use OCP\AppFramework\Db\Entity; use OCP\AppFramework\Db\Entity;
/** /**
@ -18,19 +19,35 @@ use OCP\AppFramework\Db\Entity;
* @method string getItemGuid() * @method string getItemGuid()
* @method void setUserId(string $value) * @method void setUserId(string $value)
* @method string getUserid() * @method string getUserid()
* @method void setGroupId(string $value)
* @method string getGroupId()
* @method void setCreated(integer $value) * @method void setCreated(integer $value)
* @method integer getCreated() * @method integer getCreated()
* @method void setExpire(integer $value) * @method void setExpire(integer $value)
* @method integer getExpire() * @method integer getExpire()
* @method void setPermissions(integer $value) * @method void setPermissions(integer $value)
* @method integer getPermissions() * @method integer getPermissions()
* @method void setVaultId(integer $value)
* @method integer getVaultId()
* @method void setVaultGuid(string $vault)
* @method string getVaultGuid()
* @method void setSharedKey(string $value)
* @method string getSharedKey()
*/ */
class SharingACL extends Entity implements \JsonSerializable class SharingACL extends PermissionEntity implements \JsonSerializable
{ {
protected
$itemId,
$itemGuid,
$userId,
$created,
$expire,
$permissions,
$vaultId,
$vaultGuid,
$sharedKey;
public function __construct() { public function __construct() {
// add types in constructor // add types in constructor
$this->addType('itemId', 'integer'); $this->addType('itemId', 'integer');

7
lib/Db/SharingACLMapper.php
View file

@ -14,8 +14,7 @@ use OCP\IDBConnection;
use OCP\IUser; use OCP\IUser;
use OCA\Passman\Utility\Utils; use OCA\Passman\Utility\Utils;
class SharingACLMapper extends Mapper class SharingACLMapper extends Mapper {
{
const TABLE_NAME = '`*PREFIX*passman_sharing_acl`'; const TABLE_NAME = '`*PREFIX*passman_sharing_acl`';
public function __construct(IDBConnection $db, Utils $utils) { public function __construct(IDBConnection $db, Utils $utils) {
@ -34,4 +33,8 @@ class SharingACLMapper extends Mapper
return $this->findEntities($sql, [$userId, $item_guid]); return $this->findEntities($sql, [$userId, $item_guid]);
} }
public function createACLEntry(SharingACL $acl){
return $this->insert($acl);
}
} }

41
lib/Service/ShareService.php
View file

@ -11,6 +11,7 @@ namespace OCA\Passman\Service;
use OCA\Passman\Db\ShareRequest; use OCA\Passman\Db\ShareRequest;
use OCA\Passman\Db\ShareRequestMapper; use OCA\Passman\Db\ShareRequestMapper;
use OCA\Passman\Db\SharingACL;
use OCA\Passman\Db\SharingACLMapper; use OCA\Passman\Db\SharingACLMapper;
class ShareService { class ShareService {
@ -24,12 +25,11 @@ class ShareService {
/** /**
* Creates requests for all the items on the request array of objects. * Creates requests for all the items on the request array of objects.
* This array objects must follow this spec: * This array must follow this spec:
* { * user_id: The target user id
* vault_id: The id of the target vault * vault_id: The id of the target vault
* guid: The guid of the target vault * guid: The guid of the target vault
* key: The shared key cyphered with the target vault RSA public key * key: The shared key cyphered with the target vault RSA public key
* }
* @param $target_item_id string The shared item ID * @param $target_item_id string The shared item ID
* @param $target_item_guid string The shared item GUID * @param $target_item_guid string The shared item GUID
* @param $request_array array * @param $request_array array
@ -43,6 +43,7 @@ class ShareService {
$t = new ShareRequest(); $t = new ShareRequest();
$t->setItemId($target_item_id); $t->setItemId($target_item_id);
$t->setItemGuid($target_item_guid); $t->setItemGuid($target_item_guid);
$t->setTargetUserId($req['user_id']);
$t->setTargetVaultId($req['vault_id']); $t->setTargetVaultId($req['vault_id']);
$t->setTargetVaultGuid($req['guid']); $t->setTargetVaultGuid($req['guid']);
$t->setSharedKey($req['key']); $t->setSharedKey($req['key']);
@ -52,4 +53,38 @@ class ShareService {
} }
return $requests; return $requests;
} }
/**
* Applies the given share, defaults to no expire
* @param $item_guid
* @param $target_vault_guid
* @param $final_shared_key
*/
public function applyShare($item_guid, $target_vault_guid, $final_shared_key){
$request = $this->shareRequest->getRequestByGuid($item_guid, $target_vault_guid);
$permissions = $request->getPermissions();
$acl = new SharingACL();
$acl->setItemId($request->getItemId());
$acl->setItemGuid($request->getItemGuid());
$acl->setUserId($request->getTargetUserId());
$acl->setCreated($request->getCreated());
$acl->setExpire(0);
$acl->setPermissions($permissions);
$acl->setVaultId($request->getTargetVaultId());
$acl->getVaultGuid($request->getTargetVaultGuid());
$acl->setSharedKey($final_shared_key);
$this->sharingACL->createACLEntry($acl);
$this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId());
}
/**
* Obtains pending requests for the given user ID
* @param $user_id
* @return \OCA\Passman\Db\ShareRequest[]
*/
public function getUserPendingRequests($user_id){
return $this->shareRequest->getUserPendingRequests($user_id);
}
} }

49
lib/Utility/PermissionEntity.php Normal file
View file

@ -0,0 +1,49 @@
<?php
/**
* Created by PhpStorm.
* User: wolfi
* Date: 2/10/16
* Time: 13:27
*/
namespace OCA\Passman\Utility;
use OCP\AppFramework\Db\Entity;
class PermissionEntity extends Entity {
CONST READ = 0b00000001;
CONST WRITE = 0b00000010;
CONST OWNER = 0b10000000;
/**
* Checks wether a user matches one or more permissions at once
* @param $permission
* @return bool
*/
public function hasPermission($permission) {
$tmp = $this->getPermissions();
$tmp = $tmp & $permission;
return $tmp == $permission;
}
/**
* Adds the given permission or permissions set to the user current permissions
* @param $permission
*/
public function addPermission($permission) {
$tmp = $this->getPermissions();
$tmp = $tmp | $permission;
$this->setPermissions($tmp);
}
/**
* Takes the given permission or permissions out from the user
* @param $permission
*/
public function removePermission($permission) {
$tmp = $this->getPermissions();
$tmp = $tmp & !$permission;
$this->setPermissions($tmp);
}
}