share.php 7.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244
  1. <?php
  2. /**
  3. * ownCloud
  4. *
  5. * @author Michael Gapczynski
  6. * @copyright 2012 Michael Gapczynski mtgap@owncloud.com
  7. *
  8. * This library is free software; you can redistribute it and/or
  9. * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
  10. * License as published by the Free Software Foundation; either
  11. * version 3 of the License, or any later version.
  12. *
  13. * This library is distributed in the hope that it will be useful,
  14. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16. * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
  17. *
  18. * You should have received a copy of the GNU Affero General Public
  19. * License along with this library. If not, see <http://www.gnu.org/licenses/>.
  20. */
  21. OC_JSON::checkLoggedIn();
  22. OCP\JSON::callCheck();
  23. OC_App::loadApps();
  24. if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSource'])) {
  25. switch ($_POST['action']) {
  26. case 'share':
  27. if (isset($_POST['shareType']) && isset($_POST['shareWith']) && isset($_POST['permissions'])) {
  28. try {
  29. $shareType = (int)$_POST['shareType'];
  30. $shareWith = $_POST['shareWith'];
  31. if ($shareType === OCP\Share::SHARE_TYPE_LINK && $shareWith == '') {
  32. $shareWith = null;
  33. }
  34. $token = OCP\Share::shareItem(
  35. $_POST['itemType'],
  36. $_POST['itemSource'],
  37. $shareType,
  38. $shareWith,
  39. $_POST['permissions']
  40. );
  41. if (is_string($token)) {
  42. OC_JSON::success(array('data' => array('token' => $token)));
  43. } else {
  44. OC_JSON::success();
  45. }
  46. } catch (Exception $exception) {
  47. OC_JSON::error(array('data' => array('message' => $exception->getMessage())));
  48. }
  49. }
  50. break;
  51. case 'unshare':
  52. if (isset($_POST['shareType']) && isset($_POST['shareWith'])) {
  53. if ((int)$_POST['shareType'] === OCP\Share::SHARE_TYPE_LINK && $_POST['shareWith'] == '') {
  54. $shareWith = null;
  55. } else {
  56. $shareWith = $_POST['shareWith'];
  57. }
  58. $return = OCP\Share::unshare($_POST['itemType'], $_POST['itemSource'], $_POST['shareType'], $shareWith);
  59. ($return) ? OC_JSON::success() : OC_JSON::error();
  60. }
  61. break;
  62. case 'setPermissions':
  63. if (isset($_POST['shareType']) && isset($_POST['shareWith']) && isset($_POST['permissions'])) {
  64. $return = OCP\Share::setPermissions(
  65. $_POST['itemType'],
  66. $_POST['itemSource'],
  67. $_POST['shareType'],
  68. $_POST['shareWith'],
  69. $_POST['permissions']
  70. );
  71. ($return) ? OC_JSON::success() : OC_JSON::error();
  72. }
  73. break;
  74. case 'setExpirationDate':
  75. if (isset($_POST['date'])) {
  76. $return = OCP\Share::setExpirationDate($_POST['itemType'], $_POST['itemSource'], $_POST['date']);
  77. ($return) ? OC_JSON::success() : OC_JSON::error();
  78. }
  79. break;
  80. case 'email':
  81. // read post variables
  82. $user = OCP\USER::getUser();
  83. $displayName = OCP\User::getDisplayName();
  84. $type = $_POST['itemType'];
  85. $link = $_POST['link'];
  86. $file = $_POST['file'];
  87. $to_address = $_POST['toaddress'];
  88. // enable l10n support
  89. $l = OC_L10N::get('core');
  90. // setup the email
  91. $subject = (string)$l->t('%s shared »%s« with you', array($displayName, $file));
  92. $content = new OC_Template("core", "mail", "");
  93. $content->assign ('link', $link);
  94. $content->assign ('type', $type);
  95. $content->assign ('user_displayname', $displayName);
  96. $content->assign ('filename', $file);
  97. $text = $content->fetchPage();
  98. $content = new OC_Template("core", "altmail", "");
  99. $content->assign ('link', $link);
  100. $content->assign ('type', $type);
  101. $content->assign ('user_displayname', $displayName);
  102. $content->assign ('filename', $file);
  103. $alttext = $content->fetchPage();
  104. $default_from = OCP\Util::getDefaultEmailAddress('sharing-noreply');
  105. $from_address = OCP\Config::getUserValue($user, 'settings', 'email', $default_from );
  106. // send it out now
  107. try {
  108. OCP\Util::sendMail($to_address, $to_address, $subject, $text, $from_address, $displayName, 1, $alttext);
  109. OCP\JSON::success();
  110. } catch (Exception $exception) {
  111. OCP\JSON::error(array('data' => array('message' => OC_Util::sanitizeHTML($exception->getMessage()))));
  112. }
  113. break;
  114. }
  115. } else if (isset($_GET['fetch'])) {
  116. switch ($_GET['fetch']) {
  117. case 'getItemsSharedStatuses':
  118. if (isset($_GET['itemType'])) {
  119. $return = OCP\Share::getItemsShared($_GET['itemType'], OCP\Share::FORMAT_STATUSES);
  120. is_array($return) ? OC_JSON::success(array('data' => $return)) : OC_JSON::error();
  121. }
  122. break;
  123. case 'getItem':
  124. if (isset($_GET['itemType'])
  125. && isset($_GET['itemSource'])
  126. && isset($_GET['checkReshare'])
  127. && isset($_GET['checkShares'])) {
  128. if ($_GET['checkReshare'] == 'true') {
  129. $reshare = OCP\Share::getItemSharedWithBySource(
  130. $_GET['itemType'],
  131. $_GET['itemSource'],
  132. OCP\Share::FORMAT_NONE,
  133. null,
  134. true
  135. );
  136. } else {
  137. $reshare = false;
  138. }
  139. if ($_GET['checkShares'] == 'true') {
  140. $shares = OCP\Share::getItemShared(
  141. $_GET['itemType'],
  142. $_GET['itemSource'],
  143. OCP\Share::FORMAT_NONE,
  144. null,
  145. true
  146. );
  147. } else {
  148. $shares = false;
  149. }
  150. OC_JSON::success(array('data' => array('reshare' => $reshare, 'shares' => $shares)));
  151. }
  152. break;
  153. case 'getShareWith':
  154. if (isset($_GET['search'])) {
  155. $sharePolicy = OC_Appconfig::getValue('core', 'shareapi_share_policy', 'global');
  156. $shareWith = array();
  157. // if (OC_App::isEnabled('contacts')) {
  158. // // TODO Add function to contacts to only get the 'fullname' column to improve performance
  159. // $ids = OC_Contacts_Addressbook::activeIds();
  160. // foreach ($ids as $id) {
  161. // $vcards = OC_Contacts_VCard::all($id);
  162. // foreach ($vcards as $vcard) {
  163. // $contact = $vcard['fullname'];
  164. // if (stripos($contact, $_GET['search']) !== false
  165. // && (!isset($_GET['itemShares'])
  166. // || !isset($_GET['itemShares'][OCP\Share::SHARE_TYPE_CONTACT])
  167. // || !is_array($_GET['itemShares'][OCP\Share::SHARE_TYPE_CONTACT])
  168. // || !in_array($contact, $_GET['itemShares'][OCP\Share::SHARE_TYPE_CONTACT]))) {
  169. // $shareWith[] = array('label' => $contact, 'value' => array('shareType' => 5, 'shareWith' => $vcard['id']));
  170. // }
  171. // }
  172. // }
  173. // }
  174. $groups = OC_Group::getGroups($_GET['search']);
  175. if ($sharePolicy == 'groups_only') {
  176. $usergroups = OC_Group::getUserGroups(OC_User::getUser());
  177. $groups = array_intersect($groups, $usergroups);
  178. }
  179. $count = 0;
  180. $users = array();
  181. $limit = 0;
  182. $offset = 0;
  183. while ($count < 15 && count($users) == $limit) {
  184. $limit = 15 - $count;
  185. if ($sharePolicy == 'groups_only') {
  186. $users = OC_Group::DisplayNamesInGroups($groups, $_GET['search'], $limit, $offset);
  187. } else {
  188. $users = OC_User::getDisplayNames($_GET['search'], $limit, $offset);
  189. }
  190. $offset += $limit;
  191. foreach ($users as $uid => $displayName) {
  192. if ((!isset($_GET['itemShares'])
  193. || !is_array($_GET['itemShares'][OCP\Share::SHARE_TYPE_USER])
  194. || !in_array($uid, $_GET['itemShares'][OCP\Share::SHARE_TYPE_USER]))
  195. && $uid != OC_User::getUser()) {
  196. $shareWith[] = array(
  197. 'label' => $displayName,
  198. 'value' => array('shareType' => OCP\Share::SHARE_TYPE_USER,
  199. 'shareWith' => $uid)
  200. );
  201. $count++;
  202. }
  203. }
  204. }
  205. $count = 0;
  206. // enable l10n support
  207. $l = OC_L10N::get('core');
  208. foreach ($groups as $group) {
  209. if ($count < 15) {
  210. if (!isset($_GET['itemShares'])
  211. || !isset($_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])
  212. || !is_array($_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])
  213. || !in_array($group, $_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])) {
  214. $shareWith[] = array(
  215. 'label' => $group.' ('.$l->t('group').')',
  216. 'value' => array(
  217. 'shareType' => OCP\Share::SHARE_TYPE_GROUP,
  218. 'shareWith' => $group
  219. )
  220. );
  221. $count++;
  222. }
  223. } else {
  224. break;
  225. }
  226. }
  227. OC_JSON::success(array('data' => $shareWith));
  228. }
  229. break;
  230. }
  231. }