mirror of
https://github.com/nextcloud/passman.git
synced 2025-01-01 04:51:44 +08:00
Api endpoint to get the public link credentials
This commit is contained in:
parent
1a1cf3e1bc
commit
eadcdcabb0
4 changed files with 55 additions and 2 deletions
|
@ -57,6 +57,7 @@ return [
|
||||||
['name' => 'share#deleteShareRequest', 'url' => '/api/v2/sharing/decline/{share_request_id}', 'verb' => 'DELETE'],
|
['name' => 'share#deleteShareRequest', 'url' => '/api/v2/sharing/decline/{share_request_id}', 'verb' => 'DELETE'],
|
||||||
['name' => 'share#getVaultItems', 'url' => '/api/v2/sharing/vault/{vault_guid}/get', 'verb' => 'GET'],
|
['name' => 'share#getVaultItems', 'url' => '/api/v2/sharing/vault/{vault_guid}/get', 'verb' => 'GET'],
|
||||||
['name' => 'share#getRevisions', 'url' => '/api/v2/sharing/revisions/{item_guid}', 'verb' => 'GET'],
|
['name' => 'share#getRevisions', 'url' => '/api/v2/sharing/revisions/{item_guid}', 'verb' => 'GET'],
|
||||||
|
['name' => 'share#getCredentialData', 'url' => '/api/v2/sharing/credential/{credential_guid}', 'verb' => 'GET'],
|
||||||
|
|
||||||
//Internal API
|
//Internal API
|
||||||
['name' => 'internal#remind', 'url' => '/api/internal/notifications/remind/{credential_id}', 'verb' => 'POST'],
|
['name' => 'internal#remind', 'url' => '/api/internal/notifications/remind/{credential_id}', 'verb' => 'POST'],
|
||||||
|
|
|
@ -16,6 +16,8 @@ use OCA\Passman\Db\Vault;
|
||||||
use OCA\Passman\Service\CredentialService;
|
use OCA\Passman\Service\CredentialService;
|
||||||
use OCA\Passman\Service\NotificationService;
|
use OCA\Passman\Service\NotificationService;
|
||||||
use OCA\Passman\Service\ShareService;
|
use OCA\Passman\Service\ShareService;
|
||||||
|
use OCP\AppFramework\Db\DoesNotExistException;
|
||||||
|
use OCP\AppFramework\Http\NotFoundResponse;
|
||||||
use OCP\IRequest;
|
use OCP\IRequest;
|
||||||
use OCP\AppFramework\Http\JSONResponse;
|
use OCP\AppFramework\Http\JSONResponse;
|
||||||
use OCP\AppFramework\ApiController;
|
use OCP\AppFramework\ApiController;
|
||||||
|
@ -221,6 +223,11 @@ class ShareController extends ApiController {
|
||||||
return new JSONResponse($results);
|
return new JSONResponse($results);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param $item_guid
|
||||||
|
* @return JSONResponse
|
||||||
|
* @NoAdminRequired
|
||||||
|
*/
|
||||||
public function getRevisions($item_guid){
|
public function getRevisions($item_guid){
|
||||||
return new JSONResponse($this->shareService->getItemHistory($this->userId, $item_guid));
|
return new JSONResponse($this->shareService->getItemHistory($this->userId, $item_guid));
|
||||||
}
|
}
|
||||||
|
@ -233,6 +240,11 @@ class ShareController extends ApiController {
|
||||||
return new JSONResponse($this->shareService->getSharedItems($this->userId->getUID(), $vault_guid));
|
return new JSONResponse($this->shareService->getSharedItems($this->userId->getUID(), $vault_guid));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param $share_request_id
|
||||||
|
* @return JSONResponse
|
||||||
|
* @NoAdminRequired
|
||||||
|
*/
|
||||||
public function deleteShareRequest($share_request_id){
|
public function deleteShareRequest($share_request_id){
|
||||||
$sr = $this->shareService->getShareRequestById($share_request_id);
|
$sr = $this->shareService->getShareRequestById($share_request_id);
|
||||||
$notification = array(
|
$notification = array(
|
||||||
|
@ -258,4 +270,20 @@ class ShareController extends ApiController {
|
||||||
return new JSONResponse(array('result'=> true));
|
return new JSONResponse(array('result'=> true));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param $credential_guid
|
||||||
|
* @return JSONResponse
|
||||||
|
* @NoAdminRequired
|
||||||
|
* @NoCSRFRequired
|
||||||
|
* @PublicPage
|
||||||
|
*/
|
||||||
|
public function getCredentialData($credential_guid) {
|
||||||
|
try {
|
||||||
|
$credential = $this->shareService->getSharedItem($this->userId, $credential_guid);
|
||||||
|
return new JSONResponse($credential);
|
||||||
|
}
|
||||||
|
catch (DoesNotExistException $ex){
|
||||||
|
return new NotFoundResponse();
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
|
@ -57,8 +57,16 @@ class SharingACLMapper extends Mapper {
|
||||||
* @return SharingACL
|
* @return SharingACL
|
||||||
*/
|
*/
|
||||||
public function getItemACL($user_id, $item_guid) {
|
public function getItemACL($user_id, $item_guid) {
|
||||||
$q = "SELECT * FROM " . self::TABLE_NAME . " WHERE user_id = ? AND item_guid = ?";
|
$q = "SELECT * FROM " . self::TABLE_NAME . " WHERE item_guid = ? AND ";
|
||||||
return $this->findEntity($q, [$user_id, $item_guid]);
|
$filter = [$item_guid];
|
||||||
|
if ($user_id == null){
|
||||||
|
$q .= 'user_id is null';
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$q .= 'user_id = ? ';
|
||||||
|
$filter[] = $user_id;
|
||||||
|
}
|
||||||
|
return $this->findEntity($q, $filter);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -119,6 +119,22 @@ class ShareService {
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function getSharedItem($user_id, $item_guid){
|
||||||
|
$acl = $this->sharingACL->getItemACL($user_id, $item_guid);
|
||||||
|
|
||||||
|
// Check if the user can read the credential, probably unnecesary, but just to be sure
|
||||||
|
if (!$acl->hasPermission(SharingACL::READ)) return null;
|
||||||
|
|
||||||
|
$return = $acl->jsonSerialize();
|
||||||
|
$tmp['credential_data'] = $this->credential->getCredentialById($acl->getItemId())->jsonSerialize();
|
||||||
|
|
||||||
|
if (!$acl->hasPermission(SharingACL::FILES)) unset($tmp['credential_data']['files']);
|
||||||
|
unset($tmp['credential_data']['shared_key']);
|
||||||
|
$return[] = $tmp;
|
||||||
|
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets history from the given item checking the user's permissions to access it
|
* Gets history from the given item checking the user's permissions to access it
|
||||||
* @param $user_id
|
* @param $user_id
|
||||||
|
|
Loading…
Reference in a new issue