From eadcdcabb04a7f398c1ba1a3a58f1c3b96c72e12 Mon Sep 17 00:00:00 2001
From: Marcos Zuriaga <wolfi@wolfi.es>
Date: Mon, 3 Oct 2016 22:43:36 +0200
Subject: [PATCH] Api endpoint to get the public link credentials

---
 appinfo/routes.php             |  1 +
 controller/sharecontroller.php | 28 ++++++++++++++++++++++++++++
 lib/Db/SharingACLMapper.php    | 12 ++++++++++--
 lib/Service/ShareService.php   | 16 ++++++++++++++++
 4 files changed, 55 insertions(+), 2 deletions(-)

diff --git a/appinfo/routes.php b/appinfo/routes.php
index f7642f4b..3922dea9 100644
--- a/appinfo/routes.php
+++ b/appinfo/routes.php
@@ -57,6 +57,7 @@ return [
         ['name' => 'share#deleteShareRequest', 'url' => '/api/v2/sharing/decline/{share_request_id}', 'verb' => 'DELETE'],
         ['name' => 'share#getVaultItems', 'url' => '/api/v2/sharing/vault/{vault_guid}/get', 'verb' => 'GET'],
         ['name' => 'share#getRevisions', 'url' => '/api/v2/sharing/revisions/{item_guid}', 'verb' => 'GET'],
+        ['name' => 'share#getCredentialData', 'url' => '/api/v2/sharing/credential/{credential_guid}', 'verb' => 'GET'],
 
 		//Internal API
 		['name' => 'internal#remind', 'url' => '/api/internal/notifications/remind/{credential_id}', 'verb' => 'POST'],
diff --git a/controller/sharecontroller.php b/controller/sharecontroller.php
index 1afdab0d..32ed3712 100644
--- a/controller/sharecontroller.php
+++ b/controller/sharecontroller.php
@@ -16,6 +16,8 @@ use OCA\Passman\Db\Vault;
 use OCA\Passman\Service\CredentialService;
 use OCA\Passman\Service\NotificationService;
 use OCA\Passman\Service\ShareService;
+use OCP\AppFramework\Db\DoesNotExistException;
+use OCP\AppFramework\Http\NotFoundResponse;
 use OCP\IRequest;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\AppFramework\ApiController;
@@ -221,6 +223,11 @@ class ShareController extends ApiController {
 		return new JSONResponse($results);
 	}
 
+    /**
+     * @param $item_guid
+     * @return JSONResponse
+     * @NoAdminRequired
+     */
 	public function getRevisions($item_guid){
 	    return new JSONResponse($this->shareService->getItemHistory($this->userId, $item_guid));
     }
@@ -233,6 +240,11 @@ class ShareController extends ApiController {
 		return new JSONResponse($this->shareService->getSharedItems($this->userId->getUID(), $vault_guid));
     }
 
+    /**
+     * @param $share_request_id
+     * @return JSONResponse
+     * @NoAdminRequired
+     */
 	public function deleteShareRequest($share_request_id){
 		$sr = $this->shareService->getShareRequestById($share_request_id);
 		$notification = array(
@@ -258,4 +270,20 @@ class ShareController extends ApiController {
 		return new JSONResponse(array('result'=> true));
 	}
 
+    /**
+     * @param $credential_guid
+     * @return JSONResponse
+     * @NoAdminRequired
+     * @NoCSRFRequired
+     * @PublicPage
+     */
+	public function getCredentialData($credential_guid) {
+	    try {
+            $credential = $this->shareService->getSharedItem($this->userId, $credential_guid);
+            return new JSONResponse($credential);
+        }
+        catch (DoesNotExistException $ex){
+            return new NotFoundResponse();
+        }
+    }
 }
\ No newline at end of file
diff --git a/lib/Db/SharingACLMapper.php b/lib/Db/SharingACLMapper.php
index 13ee3c93..3ded3fc8 100644
--- a/lib/Db/SharingACLMapper.php
+++ b/lib/Db/SharingACLMapper.php
@@ -57,8 +57,16 @@ class SharingACLMapper extends Mapper {
      * @return SharingACL
      */
     public function getItemACL($user_id, $item_guid) {
-        $q = "SELECT * FROM " . self::TABLE_NAME . " WHERE user_id = ? AND item_guid = ?";
-        return $this->findEntity($q, [$user_id, $item_guid]);
+        $q = "SELECT * FROM " . self::TABLE_NAME . " WHERE item_guid = ? AND ";
+        $filter = [$item_guid];
+        if ($user_id == null){
+            $q .= 'user_id is null';
+        }
+        else {
+            $q .= 'user_id = ? ';
+            $filter[] = $user_id;
+        }
+        return $this->findEntity($q, $filter);
     }
 
     /**
diff --git a/lib/Service/ShareService.php b/lib/Service/ShareService.php
index 1f7f9345..1010d996 100644
--- a/lib/Service/ShareService.php
+++ b/lib/Service/ShareService.php
@@ -119,6 +119,22 @@ class ShareService {
         return $return;
     }
 
+    public function getSharedItem($user_id, $item_guid){
+        $acl = $this->sharingACL->getItemACL($user_id, $item_guid);
+
+        // Check if the user can read the credential, probably unnecesary, but just to be sure
+        if (!$acl->hasPermission(SharingACL::READ)) return null;
+
+        $return = $acl->jsonSerialize();
+        $tmp['credential_data'] = $this->credential->getCredentialById($acl->getItemId())->jsonSerialize();
+
+        if (!$acl->hasPermission(SharingACL::FILES)) unset($tmp['credential_data']['files']);
+        unset($tmp['credential_data']['shared_key']);
+        $return[] = $tmp;
+
+        return $return;
+    }
+
     /**
      * Gets history from the given item checking the user's permissions to access it
      * @param $user_id