Merge pull request #888 from nextcloud/backport/866/stable22

[stable22] enforce password on new share

Author: ArtificialOwl

lib/AppInfo/Application.php

@@ -40,8 +40,10 @@
 use OCA\Circles\Events\CircleMemberAddedEvent;
 use OCA\Circles\Events\Files\CreatingFileShareEvent;
 use OCA\Circles\Events\Files\FileShareCreatedEvent;
+use OCA\Circles\Events\Files\PreparingFileShareEvent;
 use OCA\Circles\Events\MembershipsCreatedEvent;
 use OCA\Circles\Events\MembershipsRemovedEvent;
+use OCA\Circles\Events\PreparingCircleMemberEvent;
 use OCA\Circles\Events\RemovingCircleMemberEvent;
 use OCA\Circles\Events\RequestingCircleMemberEvent;
 use OCA\Circles\Handlers\WebfingerHandler;
@@ -52,7 +54,9 @@
 use OCA\Circles\Listeners\Examples\ExampleRequestingCircleMember;
 use OCA\Circles\Listeners\Files\AddingMemberSendMail as ListenerFilesAddingMemberSendMail;
 use OCA\Circles\Listeners\Files\CreatingShareSendMail as ListenerFilesCreatingShareSendMail;
+use OCA\Circles\Listeners\Files\PreparingShareSendMail as ListenerFilesPreparingShareSendMail;
 use OCA\Circles\Listeners\Files\MemberAddedSendMail as ListenerFilesMemberAddedSendMail;
+use OCA\Circles\Listeners\Files\PreparingMemberSendMail as ListenerFilesPreparingMemberSendMail;
 use OCA\Circles\Listeners\Files\RemovingMember as ListenerFilesRemovingMember;
 use OCA\Circles\Listeners\Files\ShareCreatedSendMail as ListenerFilesShareCreatedSendMail;
 use OCA\Circles\Listeners\GroupCreated;
@@ -141,6 +145,10 @@ public function register(IRegistrationContext $context): void {
 		$context->registerEventListener(UserRemovedEvent::class, GroupMemberRemoved::class);
 
 		// Local Events (for Files/Shares/Notifications management)
+		$context->registerEventListener(
+			PreparingCircleMemberEvent::class,
+			ListenerFilesPreparingMemberSendMail::class
+		);
 		$context->registerEventListener(
 			AddingCircleMemberEvent::class,
 			ListenerFilesAddingMemberSendMail::class
@@ -149,6 +157,10 @@ public function register(IRegistrationContext $context): void {
 			CircleMemberAddedEvent::class,
 			ListenerFilesMemberAddedSendMail::class
 		);
+		$context->registerEventListener(
+			PreparingFileShareEvent::class,
+			ListenerFilesPreparingShareSendMail::class
+		);
 		$context->registerEventListener(
 			CreatingFileShareEvent::class,
 			ListenerFilesCreatingShareSendMail::class

lib/Db/CoreQueryBuilder.php

@@ -1044,6 +1044,13 @@ public function limitToShareToken(string $alias, string $token): void {
 		$this->leftJoinShareToken($alias);
 
 		$aliasShareToken = $this->generateAlias($alias, self::TOKEN, $options);
+		$this->generateSelectAlias(
+			CoreRequestBuilder::$tables[CoreRequestBuilder::TABLE_TOKEN],
+			$aliasShareToken,
+			$aliasShareToken,
+			[]
+		);
+
 		$this->limit('token', $token, $aliasShareToken);
 	}
 

lib/Db/MountRequest.php

@@ -37,7 +37,7 @@
 use OCA\Circles\Model\Mount;
 
 /**
- * Class GSSharesRequest
+ * Class MountRequest
  *
  * @package OCA\Circles\Db
  */
@@ -49,16 +49,14 @@ class MountRequest extends MountRequestBuilder {
 	 * @param Mount $mount
 	 */
 	public function save(Mount $mount): void {
-		// TODO: fix hash
-		$hash = $this->token();
 		$qb = $this->getMountInsertSql();
 		$qb->setValue('circle_id', $qb->createNamedParameter($mount->getCircleId()))
 		   ->setValue('mount_id', $qb->createNamedParameter($mount->getMountId()))
 		   ->setValue('single_id', $qb->createNamedParameter($mount->getOwner()->getSingleId()))
 		   ->setValue('token', $qb->createNamedParameter($mount->getToken()))
 		   ->setValue('parent', $qb->createNamedParameter($mount->getParent()))
 		   ->setValue('mountpoint', $qb->createNamedParameter($mount->getMountPoint()))
-		   ->setValue('mountpoint_hash', $qb->createNamedParameter($hash));
+		   ->setValue('mountpoint_hash', $qb->createNamedParameter(md5($mount->getMountPoint())));
 
 		$qb->execute();
 	}

lib/Events/Files/PreparingFileShareEvent.php

@@ -0,0 +1,59 @@
+<?php
+
+
+declare(strict_types=1);
+
+
+/**
+ * Circles - Bring cloud-users closer together.
+ *
+ * This file is licensed under the Affero General Public License version 3 or
+ * later. See the COPYING file.
+ *
+ * @author Maxence Lange <[email protected]>
+ * @copyright 2021
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+
+namespace OCA\Circles\Events\Files;
+
+use OCA\Circles\Events\CircleGenericEvent;
+use OCA\Circles\Model\Federated\FederatedEvent;
+use OCA\Circles\Model\Mount;
+
+/**
+ * Class PreparingFileShareEvent
+ *
+ * @package OCA\Circles\Events\Files
+ */
+class PreparingFileShareEvent extends CircleGenericEvent {
+
+
+	/** @var Mount */
+	private $mount;
+
+
+	/**
+	 * PreparingFileShareEvent constructor.
+	 *
+	 * @param FederatedEvent $federatedEvent
+	 */
+	public function __construct(FederatedEvent $federatedEvent) {
+		parent::__construct($federatedEvent);
+	}
+}

lib/Events/PreparingCircleMemberEvent.php

@@ -0,0 +1,56 @@
+<?php
+
+declare(strict_types=1);
+
+
+/**
+ * Circles - Bring cloud-users closer together.
+ *
+ * This file is licensed under the Affero General Public License version 3 or
+ * later. See the COPYING file.
+ *
+ * @author Maxence Lange <[email protected]>
+ * @copyright 2021
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+
+namespace OCA\Circles\Events;
+
+use OCA\Circles\Model\Federated\FederatedEvent;
+
+/**
+ * Class PreparingCircleMemberEvent
+ *
+ * This event is called when one or multiple members are added to a Circle.
+ *
+ * This event is called on the master instance of the circle, before AddingCircleMemberEvent.
+ *
+ * @package OCA\Circles\Events
+ */
+class PreparingCircleMemberEvent extends CircleMemberGenericEvent {
+
+
+	/**
+	 * PreparingCircleMemberEvent constructor.
+	 *
+	 * @param FederatedEvent $federatedEvent
+	 */
+	public function __construct(FederatedEvent $federatedEvent) {
+		parent::__construct($federatedEvent);
+	}
+}

lib/FederatedItems/Files/FileShare.php

@@ -32,7 +32,6 @@
 namespace OCA\Circles\FederatedItems\Files;
 
 use ArtificialOwl\MySmallPhpTools\Exceptions\InvalidItemException;
-use ArtificialOwl\MySmallPhpTools\Exceptions\ItemNotFoundException;
 use ArtificialOwl\MySmallPhpTools\Exceptions\UnknownTypeException;
 use ArtificialOwl\MySmallPhpTools\Traits\Nextcloud\nc22\TNC22Logger;
 use ArtificialOwl\MySmallPhpTools\Traits\TStringTools;
@@ -94,24 +93,26 @@ public function __construct(
 	 * @param FederatedEvent $event
 	 */
 	public function verify(FederatedEvent $event): void {
-		// TODO: check and improve
-		// TODO: Could we use a share lock ?
+		// TODO: check (origin of file ?) and improve
+		// TODO: Use a share lock
+
+		$this->eventService->fileSharePreparing($event);
 	}
 
 
 	/**
 	 * @param FederatedEvent $event
 	 *
+	 * @throws CircleNotFoundException
 	 * @throws InvalidItemException
 	 * @throws UnknownTypeException
-	 * @throws CircleNotFoundException
-	 * @throws ItemNotFoundException
 	 */
 	public function manage(FederatedEvent $event): void {
 		$mount = null;
 		if (!$this->configService->isLocalInstance($event->getOrigin())) {
 			/** @var ShareWrapper $wrappedShare */
 			$wrappedShare = $event->getParams()->gObj('wrappedShare', ShareWrapper::class);
+
 			$mount = new Mount();
 			$mount->fromShare($wrappedShare);
 			$mount->setMountId($this->token(15));

lib/FederatedItems/MassiveMemberAdd.php

@@ -81,6 +81,11 @@ public function verify(FederatedEvent $event): void {
 
 		$event->setMembers($filtered);
 		$event->setOutcome($this->serializeArray($filtered));
+
+		foreach ($event->getMembers() as $member) {
+			$event->setMember($member);
+			$this->eventService->memberPreparing($event);
+		}
 	}
 
 

lib/FederatedItems/SingleMemberAdd.php

@@ -76,9 +76,9 @@
 use OCP\IUserManager;
 
 /**
- * Class MemberAdd
+ * Class SingleMemberAdd
  *
- * @package OCA\Circles\GlobalScale
+ * @package OCA\Circles\FederatedItems
  */
 class SingleMemberAdd implements
 	IFederatedItem,
@@ -182,35 +182,7 @@ public function verify(FederatedEvent $event): void {
 		$event->setMembers([$member]);
 		$event->setOutcome($this->serialize($member));
 
-		return;
-
-
-//		$member = $this->membersRequest->getFreshNewMember(
-//			$circle->getUniqueId(), $ident, $eventMember->getType(), $eventMember->getInstance()
-//		);
-//		$member->hasToBeInviteAble()
-//
-//		$this->membersService->addMemberBasedOnItsType($circle, $member);
-//
-//		$password = '';
-//		$sendPasswordByMail = false;
-//		if ($this->configService->enforcePasswordProtection($circle)) {
-//			if ($circle->getSetting('password_single_enabled') === 'true') {
-//				$password = $circle->getPasswordSingle();
-//			} else {
-//				$sendPasswordByMail = true;
-//				$password = $this->miscService->token(15);
-//			}
-//		}
-//
-//		$event->setData(
-//			new SimpleDataStore(
-//				[
-//					'password'       => $password,
-//					'passwordByMail' => $sendPasswordByMail
-//				]
-//			)
-//		);
+		$this->eventService->memberPreparing($event);
 	}
 
 
@@ -234,7 +206,7 @@ public function manage(FederatedEvent $event): void {
 			$this->eventService->memberAdding($event);
 		}
 
-//
+
 //		//
 //		// TODO: verifiez comment se passe le cached name sur un member_add
 //		//

lib/Listeners/Files/AddingMemberSendMail.php

@@ -46,7 +46,7 @@
 use OCP\EventDispatcher\IEventListener;
 
 /**
- * Class AddingMember
+ * Class AddingMemberSendMail
  *
  * @package OCA\Circles\Listeners\Files
  */
@@ -101,19 +101,19 @@ public function handle(Event $event): void {
 			return;
 		}
 
-		$result = [];
 		$member = $event->getMember();
-
 		if ($member->getUserType() === Member::TYPE_CIRCLE) {
 			$members = $member->getBasedOn()->getInheritedMembers();
 		} else {
 			$members = [$member];
 		}
 
 		$circle = $event->getCircle();
+		$federatedEvent = $event->getFederatedEvent();
 		$shares = $this->shareWrapperService->getSharesToCircle($circle->getSingleId());
+		$hashedPasswords = $federatedEvent->getParams()->gArray('hashedPasswords');
 
-		/** @var Member[] $members */
+		$result = [];
 		foreach ($members as $member) {
 			if ($member->getUserType() !== Member::TYPE_MAIL
 				&& $member->getUserType() !== Member::TYPE_CONTACT
@@ -124,13 +124,17 @@ public function handle(Event $event): void {
 			$files = [];
 			foreach ($shares as $share) {
 				try {
-					$shareToken = $this->shareTokenService->generateShareToken($share, $member);
+					$shareToken = $this->shareTokenService->generateShareToken(
+						$share,
+						$member,
+						$this->get($member->getSingleId(), $hashedPasswords)
+					);
 				} catch (Exception $e) {
 					continue;
 				}
 
 				$share->setShareToken($shareToken);
-				$files[] = $share;
+				$files[] = clone $share;
 			}
 
 			$result[$member->getId()] = [
@@ -139,6 +143,6 @@ public function handle(Event $event): void {
 			];
 		}
 
-		$event->getFederatedEvent()->setResultEntry('files', $result);
+		$federatedEvent->addResultEntry('files', $result);
 	}
 }