Api endpoint to get the public link credentials

This commit is contained in:
Marcos Zuriaga 2016-10-03 22:43:36 +02:00
parent 1a1cf3e1bc
commit eadcdcabb0
No known key found for this signature in database
GPG key ID: 7D15585354D072FF
4 changed files with 55 additions and 2 deletions

View file

@ -57,6 +57,7 @@ return [
['name' => 'share#deleteShareRequest', 'url' => '/api/v2/sharing/decline/{share_request_id}', 'verb' => 'DELETE'], ['name' => 'share#deleteShareRequest', 'url' => '/api/v2/sharing/decline/{share_request_id}', 'verb' => 'DELETE'],
['name' => 'share#getVaultItems', 'url' => '/api/v2/sharing/vault/{vault_guid}/get', 'verb' => 'GET'], ['name' => 'share#getVaultItems', 'url' => '/api/v2/sharing/vault/{vault_guid}/get', 'verb' => 'GET'],
['name' => 'share#getRevisions', 'url' => '/api/v2/sharing/revisions/{item_guid}', 'verb' => 'GET'], ['name' => 'share#getRevisions', 'url' => '/api/v2/sharing/revisions/{item_guid}', 'verb' => 'GET'],
['name' => 'share#getCredentialData', 'url' => '/api/v2/sharing/credential/{credential_guid}', 'verb' => 'GET'],
//Internal API //Internal API
['name' => 'internal#remind', 'url' => '/api/internal/notifications/remind/{credential_id}', 'verb' => 'POST'], ['name' => 'internal#remind', 'url' => '/api/internal/notifications/remind/{credential_id}', 'verb' => 'POST'],

View file

@ -16,6 +16,8 @@ use OCA\Passman\Db\Vault;
use OCA\Passman\Service\CredentialService; use OCA\Passman\Service\CredentialService;
use OCA\Passman\Service\NotificationService; use OCA\Passman\Service\NotificationService;
use OCA\Passman\Service\ShareService; use OCA\Passman\Service\ShareService;
use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Http\NotFoundResponse;
use OCP\IRequest; use OCP\IRequest;
use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\ApiController; use OCP\AppFramework\ApiController;
@ -221,6 +223,11 @@ class ShareController extends ApiController {
return new JSONResponse($results); return new JSONResponse($results);
} }
/**
* @param $item_guid
* @return JSONResponse
* @NoAdminRequired
*/
public function getRevisions($item_guid){ public function getRevisions($item_guid){
return new JSONResponse($this->shareService->getItemHistory($this->userId, $item_guid)); return new JSONResponse($this->shareService->getItemHistory($this->userId, $item_guid));
} }
@ -233,6 +240,11 @@ class ShareController extends ApiController {
return new JSONResponse($this->shareService->getSharedItems($this->userId->getUID(), $vault_guid)); return new JSONResponse($this->shareService->getSharedItems($this->userId->getUID(), $vault_guid));
} }
/**
* @param $share_request_id
* @return JSONResponse
* @NoAdminRequired
*/
public function deleteShareRequest($share_request_id){ public function deleteShareRequest($share_request_id){
$sr = $this->shareService->getShareRequestById($share_request_id); $sr = $this->shareService->getShareRequestById($share_request_id);
$notification = array( $notification = array(
@ -258,4 +270,20 @@ class ShareController extends ApiController {
return new JSONResponse(array('result'=> true)); return new JSONResponse(array('result'=> true));
} }
/**
* @param $credential_guid
* @return JSONResponse
* @NoAdminRequired
* @NoCSRFRequired
* @PublicPage
*/
public function getCredentialData($credential_guid) {
try {
$credential = $this->shareService->getSharedItem($this->userId, $credential_guid);
return new JSONResponse($credential);
}
catch (DoesNotExistException $ex){
return new NotFoundResponse();
}
}
} }

View file

@ -57,8 +57,16 @@ class SharingACLMapper extends Mapper {
* @return SharingACL * @return SharingACL
*/ */
public function getItemACL($user_id, $item_guid) { public function getItemACL($user_id, $item_guid) {
$q = "SELECT * FROM " . self::TABLE_NAME . " WHERE user_id = ? AND item_guid = ?"; $q = "SELECT * FROM " . self::TABLE_NAME . " WHERE item_guid = ? AND ";
return $this->findEntity($q, [$user_id, $item_guid]); $filter = [$item_guid];
if ($user_id == null){
$q .= 'user_id is null';
}
else {
$q .= 'user_id = ? ';
$filter[] = $user_id;
}
return $this->findEntity($q, $filter);
} }
/** /**

View file

@ -119,6 +119,22 @@ class ShareService {
return $return; return $return;
} }
public function getSharedItem($user_id, $item_guid){
$acl = $this->sharingACL->getItemACL($user_id, $item_guid);
// Check if the user can read the credential, probably unnecesary, but just to be sure
if (!$acl->hasPermission(SharingACL::READ)) return null;
$return = $acl->jsonSerialize();
$tmp['credential_data'] = $this->credential->getCredentialById($acl->getItemId())->jsonSerialize();
if (!$acl->hasPermission(SharingACL::FILES)) unset($tmp['credential_data']['files']);
unset($tmp['credential_data']['shared_key']);
$return[] = $tmp;
return $return;
}
/** /**
* Gets history from the given item checking the user's permissions to access it * Gets history from the given item checking the user's permissions to access it
* @param $user_id * @param $user_id