From e273ac4a59f2ca2b1004d815696097bfb591fb55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= Date: Wed, 8 Aug 2018 17:15:35 +0200 Subject: [PATCH] Include the token of shares with public rooms in share API responses MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Only shares with public rooms can be accessed using the token, so there is no point in returning the token for shares with other types of rooms. Signed-off-by: Daniel Calviño Sánchez --- lib/Share/Helper/ShareAPIController.php | 4 +++ .../features/bootstrap/SharingContext.php | 4 +++ .../features/sharing/create.feature | 9 ++++++ .../features/sharing/delete.feature | 2 ++ .../features/sharing/hooks.feature | 7 +++++ .../features/sharing/update.feature | 28 +++++++++++++++++++ 6 files changed, 54 insertions(+) diff --git a/lib/Share/Helper/ShareAPIController.php b/lib/Share/Helper/ShareAPIController.php index 21087350eb5..e46c3019b58 100644 --- a/lib/Share/Helper/ShareAPIController.php +++ b/lib/Share/Helper/ShareAPIController.php @@ -102,6 +102,10 @@ public function formatShare(IShare $share): array { $result['share_with_displayname'] = $roomName; + if ($room->getType() === Room::PUBLIC_CALL) { + $result['token'] = $share->getToken(); + } + return $result; } diff --git a/tests/integration/features/bootstrap/SharingContext.php b/tests/integration/features/bootstrap/SharingContext.php index 86d80a9fa6c..9e2b1616f71 100644 --- a/tests/integration/features/bootstrap/SharingContext.php +++ b/tests/integration/features/bootstrap/SharingContext.php @@ -753,6 +753,10 @@ private function assertFieldIsInReturnedShare(string $field, string $contentExpe if ($contentExpected === 'A_NUMBER') { PHPUnit_Framework_Assert::assertTrue(is_numeric((string)$returnedShare->$field), "Field '$field' is not a number: " . $returnedShare->$field); + } else if ($contentExpected === 'A_TOKEN') { + // A token is composed by 15 characters from + // ISecureRandom::CHAR_HUMAN_READABLE. + PHPUnit_Framework_Assert::assertRegExp('/^[abcdefgijkmnopqrstwxyzABCDEFGHJKLMNPQRSTWXYZ23456789]{15}$/', (string)$returnedShare->$field, "Field '$field' is not a token"); } else if (strpos($contentExpected, 'REGEXP ') === 0) { PHPUnit_Framework_Assert::assertRegExp(substr($contentExpected, strlen('REGEXP ')), (string)$returnedShare->$field, "Field '$field' does not match"); } else { diff --git a/tests/integration/features/sharing/create.feature b/tests/integration/features/sharing/create.feature index 2657db98c3d..80ba025daf4 100644 --- a/tests/integration/features/sharing/create.feature +++ b/tests/integration/features/sharing/create.feature @@ -170,6 +170,7 @@ Feature: create | file_target | /welcome.txt | | share_with | own public room | | share_with_displayname | Own public room | + | token | A_TOKEN | And user "participant2" gets last share And share is returned with | uid_owner | participant1 | @@ -181,6 +182,7 @@ Feature: create | file_target | /welcome (2).txt | | share_with | own public room | | share_with_displayname | Own public room | + | token | A_TOKEN | And user "participant3" gets last share And share is returned with | uid_owner | participant1 | @@ -192,6 +194,7 @@ Feature: create | file_target | /welcome (2).txt | | share_with | own public room | | share_with_displayname | Own public room | + | token | A_TOKEN | Scenario: create share with a public room invited to Given user "participant2" creates room "public room invited to" @@ -210,6 +213,7 @@ Feature: create | file_target | /welcome.txt | | share_with | public room invited to | | share_with_displayname | Public room invited to | + | token | A_TOKEN | And user "participant2" gets last share And share is returned with | uid_owner | participant1 | @@ -221,6 +225,7 @@ Feature: create | file_target | /welcome (2).txt | | share_with | public room invited to | | share_with_displayname | Public room invited to | + | token | A_TOKEN | And user "participant3" gets last share And share is returned with | uid_owner | participant1 | @@ -232,6 +237,7 @@ Feature: create | file_target | /welcome (2).txt | | share_with | public room invited to | | share_with_displayname | Public room invited to | + | token | A_TOKEN | Scenario: create share with a public room self joined to Given user "participant2" creates room "public room self joined to" @@ -250,6 +256,7 @@ Feature: create | file_target | /welcome.txt | | share_with | public room self joined to | | share_with_displayname | Public room self joined to | + | token | A_TOKEN | And user "participant2" gets last share And share is returned with | uid_owner | participant1 | @@ -261,6 +268,7 @@ Feature: create | file_target | /welcome (2).txt | | share_with | public room self joined to | | share_with_displayname | Public room self joined to | + | token | A_TOKEN | And user "participant3" gets last share And share is returned with | uid_owner | participant1 | @@ -272,6 +280,7 @@ Feature: create | file_target | /welcome (2).txt | | share_with | public room self joined to | | share_with_displayname | Public room self joined to | + | token | A_TOKEN | Scenario: create share with a public room not joined to Given user "participant2" creates room "public room not joined to" diff --git a/tests/integration/features/sharing/delete.feature b/tests/integration/features/sharing/delete.feature index 527796c0628..9c3a52bd10d 100644 --- a/tests/integration/features/sharing/delete.feature +++ b/tests/integration/features/sharing/delete.feature @@ -190,6 +190,7 @@ Feature: delete | file_target | /welcome.txt | | share_with | public room not joined to | | share_with_displayname | Public room not joined to | + | token | A_TOKEN | And user "participant3" gets last share And share is returned with | uid_owner | participant2 | @@ -201,6 +202,7 @@ Feature: delete | file_target | /welcome (2).txt | | share_with | public room not joined to | | share_with_displayname | Public room not joined to | + | token | A_TOKEN | diff --git a/tests/integration/features/sharing/hooks.feature b/tests/integration/features/sharing/hooks.feature index 8a4d9ef37c3..e07fe11fab1 100644 --- a/tests/integration/features/sharing/hooks.feature +++ b/tests/integration/features/sharing/hooks.feature @@ -43,6 +43,7 @@ Feature: hooks | file_target | /welcome (2).txt | | share_with | public room | | share_with_displayname | Public room | + | token | A_TOKEN | @@ -116,6 +117,7 @@ Feature: hooks | file_target | /welcome (2).txt | | share_with | public room | | share_with_displayname | Public room | + | token | A_TOKEN | And user "participant2" gets last share And share is returned with | uid_owner | participant2 | @@ -127,6 +129,7 @@ Feature: hooks | file_target | /welcome.txt | | share_with | public room | | share_with_displayname | Public room | + | token | A_TOKEN | Scenario: leave public room self joined to after sharing a file Given user "participant1" creates room "public room" @@ -318,6 +321,7 @@ Feature: hooks | file_target | /welcome.txt | | share_with | public room | | share_with_displayname | Public room | + | token | A_TOKEN | And user "participant2" gets last share And the OCS status code should be "404" @@ -340,6 +344,7 @@ Feature: hooks | file_target | /welcome.txt | | share_with | public room | | share_with_displayname | Public room | + | token | A_TOKEN | And user "participant2" gets last share And the OCS status code should be "404" @@ -611,6 +616,7 @@ Feature: hooks | file_target | /welcome (2).txt | | share_with | public room | | share_with_displayname | Public room | + | token | A_TOKEN | Scenario: join sharee again to public room after a file was shared and moved by the sharee and the sharee left the room Given user "participant1" creates room "public room" @@ -633,6 +639,7 @@ Feature: hooks | file_target | /welcome (2).txt | | share_with | public room | | share_with_displayname | Public room | + | token | A_TOKEN | diff --git a/tests/integration/features/sharing/update.feature b/tests/integration/features/sharing/update.feature index d861380dedf..f03a5a6f087 100644 --- a/tests/integration/features/sharing/update.feature +++ b/tests/integration/features/sharing/update.feature @@ -215,6 +215,7 @@ Feature: update | file_target | /welcome.txt | | share_with | own public room | | share_with_displayname | Own public room | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant1" gets last share @@ -228,6 +229,7 @@ Feature: update | file_target | /welcome.txt | | share_with | own public room | | share_with_displayname | Own public room | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant2" gets last share @@ -241,6 +243,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | own public room | | share_with_displayname | Own public room | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant3" gets last share @@ -254,6 +257,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | own public room | | share_with_displayname | Own public room | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | @@ -277,6 +281,7 @@ Feature: update | file_target | /welcome.txt | | share_with | public room invited to | | share_with_displayname | Public room invited to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant1" gets last share @@ -290,6 +295,7 @@ Feature: update | file_target | /welcome.txt | | share_with | public room invited to | | share_with_displayname | Public room invited to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant2" gets last share @@ -303,6 +309,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room invited to | | share_with_displayname | Public room invited to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant3" gets last share @@ -316,6 +323,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room invited to | | share_with_displayname | Public room invited to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | @@ -339,6 +347,7 @@ Feature: update | file_target | /welcome.txt | | share_with | public room self joined to | | share_with_displayname | Public room self joined to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant1" gets last share @@ -352,6 +361,7 @@ Feature: update | file_target | /welcome.txt | | share_with | public room self joined to | | share_with_displayname | Public room self joined to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant2" gets last share @@ -365,6 +375,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room self joined to | | share_with_displayname | Public room self joined to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant3" gets last share @@ -378,6 +389,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room self joined to | | share_with_displayname | Public room self joined to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | @@ -472,6 +484,7 @@ Feature: update | file_target | /welcome.txt | | share_with | public room not joined to | | share_with_displayname | Public room not joined to | + | token | A_TOKEN | And user "participant3" gets last share And share is returned with | uid_owner | participant2 | @@ -483,6 +496,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room not joined to | | share_with_displayname | Public room not joined to | + | token | A_TOKEN | @@ -749,6 +763,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | own public room | | share_with_displayname | Own public room | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant1" gets last share @@ -762,6 +777,7 @@ Feature: update | file_target | /welcome.txt | | share_with | own public room | | share_with_displayname | Own public room | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant2" gets last share @@ -775,6 +791,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | own public room | | share_with_displayname | Own public room | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant3" gets last share @@ -788,6 +805,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | own public room | | share_with_displayname | Own public room | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | @@ -811,6 +829,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room invited to | | share_with_displayname | Public room invited to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant1" gets last share @@ -824,6 +843,7 @@ Feature: update | file_target | /welcome.txt | | share_with | public room invited to | | share_with_displayname | Public room invited to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant2" gets last share @@ -837,6 +857,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room invited to | | share_with_displayname | Public room invited to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant3" gets last share @@ -850,6 +871,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room invited to | | share_with_displayname | Public room invited to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | @@ -873,6 +895,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room self joined to | | share_with_displayname | Public room self joined to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant1" gets last share @@ -886,6 +909,7 @@ Feature: update | file_target | /welcome.txt | | share_with | public room self joined to | | share_with_displayname | Public room self joined to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant2" gets last share @@ -899,6 +923,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room self joined to | | share_with_displayname | Public room self joined to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | And user "participant3" gets last share @@ -912,6 +937,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room self joined to | | share_with_displayname | Public room self joined to | + | token | A_TOKEN | | permissions | 1 | | expiration | +3 days | @@ -939,6 +965,7 @@ Feature: update | file_target | /welcome.txt | | share_with | public room no longer joined to | | share_with_displayname | Public room no longer joined to | + | token | A_TOKEN | And user "participant2" gets last share And the OCS status code should be "404" And the HTTP status code should be "200" @@ -953,6 +980,7 @@ Feature: update | file_target | /welcome (2).txt | | share_with | public room no longer joined to | | share_with_displayname | Public room no longer joined to | + | token | A_TOKEN |