sharingACL = $sharingACL; $this->shareRequest = $shareRequest; $this->credential = $credentials; $this->revisions = $revisions; } /** * Creates requests for all the items on the request array of objects. * This array must follow this spec: * user_id: The target user id * vault_id: The id of the target vault * guid: The guid of the target vault * key: The shared key cyphered with the target vault RSA public key * @param $target_item_id string The shared item ID * @param $target_item_guid string The shared item GUID * @param $request_array array * @param $permissions integer Must be created with a bitmask from options on the ShareRequest class * @return array Array of sharing requests */ public function createBulkRequests($target_item_id, $target_item_guid, $request_array, $permissions, $credential_owner) { $created = (new \DateTime())->getTimestamp(); $requests = array(); foreach ($request_array as $req){ $t = new ShareRequest(); $t->setItemId($target_item_id); $t->setItemGuid($target_item_guid); $t->setTargetUserId($req['user_id']); $t->setTargetVaultId($req['vault_id']); $t->setTargetVaultGuid($req['guid']); $t->setSharedKey($req['key']); $t->setPermissions($permissions); $t->setCreated($created); $t->setFromUserId($credential_owner); array_push($requests, $this->shareRequest->createRequest($t)); } return $requests; } public function createACLEntry(SharingACL $acl){ if ($acl->getCreated() == null) $acl->setCreated((new \DateTime())->getTimestamp()); return $this->sharingACL->createACLEntry($acl); } /** * Applies the given share, defaults to no expire * @param $item_guid * @param $target_vault_guid * @param $final_shared_key */ public function applyShare($item_guid, $target_vault_guid, $final_shared_key){ $request = $this->shareRequest->getRequestByGuid($item_guid, $target_vault_guid); $permissions = $request->getPermissions(); $acl = new SharingACL(); $acl->setItemId($request->getItemId()); $acl->setItemGuid($request->getItemGuid()); $acl->setUserId($request->getTargetUserId()); $acl->setCreated($request->getCreated()); $acl->setExpire(0); $acl->setPermissions($permissions); $acl->setVaultId($request->getTargetVaultId()); $acl->setVaultGuid($request->getTargetVaultGuid()); $acl->setSharedKey($final_shared_key); $this->sharingACL->createACLEntry($acl); $this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId()); } /** * Obtains pending requests for the given user ID * @param $user_id * @return \OCA\Passman\Db\ShareRequest[] */ public function getUserPendingRequests($user_id){ return $this->shareRequest->getUserPendingRequests($user_id); } public function getSharedItems($user_id, $vault_guid){ $entries = $this->sharingACL->getVaultEntries($user_id, $vault_guid); $return = []; foreach ($entries as $entry){ // Check if the user can read the credential, probably unnecesary, but just to be sure if (!$entry->hasPermission(SharingACL::READ)) continue; $tmp = $entry->jsonSerialize(); $tmp['credential_data'] = $this->credential->getCredentialById($entry->getItemId())->jsonSerialize(); if (!$entry->hasPermission(SharingACL::FILES)) unset($tmp['credential_data']['files']); unset($tmp['credential_data']['shared_key']); $return[] = $tmp; } return $return; } public function getSharedItem($user_id, $item_guid){ $acl = $this->sharingACL->getItemACL($user_id, $item_guid); // Check if the user can read the credential, probably unnecesary, but just to be sure if (!$acl->hasPermission(SharingACL::READ)) throw new DoesNotExistException("Item not found or wrong access level"); $tmp = $acl->jsonSerialize(); $tmp['credential_data'] = $this->credential->getCredentialById($acl->getItemId())->jsonSerialize(); if (!$acl->hasPermission(SharingACL::FILES)) unset($tmp['credential_data']['files']); unset($tmp['credential_data']['shared_key']); return $tmp; } /** * Gets history from the given item checking the user's permissions to access it * @param $user_id * @param $item_guid * @return CredentialRevision[] */ public function getItemHistory($user_id, $item_guid) { $acl = $this->sharingACL->getItemACL($user_id, $item_guid); if (!$acl->hasPermission(SharingACL::READ | SharingACL::HISTORY)) return []; return $this->revisions->getRevisions($acl->getItemId()); } /** * Deletes an share reuqest by id * @param ShareRequest $request * @return \OCA\Passman\Db\ShareRequest[] */ public function cleanItemRequestsForUser(ShareRequest $request){ return $this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId()); } /** * Get an share request by id */ public function getShareRequestById($id){ return $this->shareRequest->getShareRequestById($id); } /* * Get an share request by $item_guid and $target_vault_guid * */ public function getRequestByGuid($item_guid, $target_vault_guid) { return $this->shareRequest->getRequestByGuid($item_guid, $target_vault_guid); } /** * Get the access control list by item guid * * @param string $item_guid * @return \OCA\Passman\Db\SharingACL[] */ public function getCredentialAclList($item_guid) { return $this->sharingACL->getCredentialAclList($item_guid); } /** * Gets the ACL on the credential for the user * @param $user_id * @param $item_guid * @return SharingACL */ public function getCredentialAclForUser($user_id, $item_guid){ return $this->sharingACL->getItemACL($user_id, $item_guid); } /** * Get pending share requests by guid * * @param string $item_guid * @return \OCA\Passman\Db\ShareRequest[] */ public function getShareRequestsByGuid($item_guid) { return $this->shareRequest->getShareRequestsByGuid($item_guid); } /** * Get pending share requests by guid * * @param ShareRequest $request * @return \OCA\Passman\Db\ShareRequest[] */ public function deleteShareRequest(ShareRequest $request) { return $this->shareRequest->deleteShareRequest($request); } /** * Get pending share requests by guid * * @param ShareRequest $request * @return \OCA\Passman\Db\ShareRequest[] */ public function deleteShareACL(SharingACL $ACL) { return $this->sharingACL->deleteShareACL($ACL); } }