Move public webdav auth over to share manager

The public webdav auth should use the shiny new share manager.
owncloud · Apr 8, 2016 · 375f6fc · 375f6fc
1 parent bd3bde2
commit 375f6fc
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 50 deletions.
diff --git a/apps/dav/appinfo/v1/publicwebdav.php b/apps/dav/appinfo/v1/publicwebdav.php
@@ -32,7 +32,11 @@
 OC_Util::obEnd();
 
 // Backends
-$authBackend = new OCA\DAV\Connector\PublicAuth(\OC::$server->getConfig(), \OC::$server->getRequest());
+$authBackend = new OCA\DAV\Connector\PublicAuth(
+	\OC::$server->getRequest(),
+	\OC::$server->getShareManager(),
+	\OC::$server->getSession()
+);
 
 $serverFactory = new OCA\DAV\Connector\Sabre\ServerFactory(
 	\OC::$server->getConfig(),
@@ -56,10 +60,9 @@
 	}
 
 	$share = $authBackend->getShare();
-	$rootShare = \OCP\Share::resolveReShare($share);
-	$owner = $rootShare['uid_owner'];
-	$isWritable = $share['permissions'] & (\OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_CREATE);
-	$fileId = $share['file_source'];
+	$owner = $share->getShareOwner();
+	$isWritable = $share->getPermissions() & (\OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_CREATE);
+	$fileId = $share->getNodeId();
 
 	if (!$isWritable) {
 		\OC\Files\Filesystem::addStorageWrapper('readonly', function ($mountPoint, $storage) {

diff --git a/apps/dav/lib/connector/publicauth.php b/apps/dav/lib/connector/publicauth.php
@@ -26,31 +26,41 @@
 
 namespace OCA\DAV\Connector;
 
-use OCP\IConfig;
 use OCP\IRequest;
+use OCP\ISession;
+use OCP\Share\Exceptions\ShareNotFound;
+use OCP\Share\IManager;
 
+/**
+ * Class PublicAuth
+ *
+ * @package OCA\DAV\Connector
+ */
 class PublicAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
 
-	/**
-	 * @var \OCP\IConfig
-	 */
-	private $config;
-
+	/** @var \OCP\Share\IShare */
 	private $share;
 
-	/**
-	 * @var IRequest
-	 */
+	/** @var IManager */
+	private $shareManager;
+
+	/** @var ISession */
+	private $session;
+
+	/** @var IRequest */
 	private $request;
 
 	/**
-	 * @param \OCP\IConfig $config
 	 * @param IRequest $request
+	 * @param IManager $shareManager
+	 * @param ISession $session
 	 */
-	public function __construct(IConfig $config,
-								IRequest $request) {
-		$this->config = $config;
+	public function __construct(IRequest $request,
+								IManager $shareManager,
+								ISession $session) {
 		$this->request = $request;
+		$this->shareManager = $shareManager;
+		$this->session = $session;
 	}
 
 	/**
@@ -66,42 +76,23 @@ public function __construct(IConfig $config,
 	 * @throws \Sabre\DAV\Exception\NotAuthenticated
 	 */
 	protected function validateUserPass($username, $password) {
-		$linkItem = \OCP\Share::getShareByToken($username, false);
-		\OC_User::setIncognitoMode(true);
-		$this->share = $linkItem;
-		if (!$linkItem) {
+		try {
+			$share = $this->shareManager->getShareByToken($username);
+		} catch (ShareNotFound $e) {
 			return false;
 		}
 
-		if ((int)$linkItem['share_type'] === \OCP\Share::SHARE_TYPE_LINK &&
-			$this->config->getAppValue('core', 'shareapi_allow_public_upload', 'yes') !== 'yes') {
-			$this->share['permissions'] &= ~(\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE);
-		}
+		$this->share = $share;
 
-		// check if the share is password protected
-		if (isset($linkItem['share_with'])) {
-			if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_LINK) {
-				// Check Password
-				$newHash = '';
-				if(\OC::$server->getHasher()->verify($password, $linkItem['share_with'], $newHash)) {
-					/**
-					 * FIXME: Migrate old hashes to new hash format
-					 * Due to the fact that there is no reasonable functionality to update the password
-					 * of an existing share no migration is yet performed there.
-					 * The only possibility is to update the existing share which will result in a new
-					 * share ID and is a major hack.
-					 *
-					 * In the future the migration should be performed once there is a proper method
-					 * to update the share's password. (for example `$share->updatePassword($password)`
-					 *
-					 * @link https://github.com/owncloud/core/issues/10671
-					 */
-					if(!empty($newHash)) {
+		\OC_User::setIncognitoMode(true);
 
-					}
+		// check if the share is password protected
+		if ($share->getPassword() !== null) {
+			if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) {
+				if ($this->shareManager->checkPassword($share, $password)) {
 					return true;
-				} else if (\OC::$server->getSession()->exists('public_link_authenticated')
-					&& \OC::$server->getSession()->get('public_link_authenticated') === $linkItem['id']) {
+				} else if ($this->session->exists('public_link_authenticated')
+					&& $this->session->get('public_link_authenticated') === $share->getId()) {
 					return true;
 				} else {
 					if (in_array('XMLHttpRequest', explode(',', $this->request->getHeader('X-Requested-With')))) {
@@ -112,7 +103,7 @@ protected function validateUserPass($username, $password) {
 					}
 					return false;
 				}
-			} else if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_REMOTE) {
+			} else if ($share->getShareType() === \OCP\Share::SHARE_TYPE_REMOTE) {
 				return true;
 			} else {
 				return false;
@@ -123,7 +114,7 @@ protected function validateUserPass($username, $password) {
 	}
 
 	/**
-	 * @return array
+	 * @return \OCP\Share\IShare
 	 */
 	public function getShare() {
 		return $this->share;