Julius Härtl
@@ -32,6 +32,7 @@ class Acl extends RelationalEntity {
|
||||
|
||||
const PERMISSION_TYPE_USER = 0;
|
||||
const PERMISSION_TYPE_GROUP = 1;
|
||||
const PERMISSION_TYPE_CIRCLE = 7;
|
||||
|
||||
protected $participant;
|
||||
protected $type;
|
||||
|
||||
@@ -24,6 +24,7 @@
|
||||
namespace OCA\Deck\Db;
|
||||
|
||||
use OCP\AppFramework\Db\DoesNotExistException;
|
||||
use OCP\AppFramework\QueryException;
|
||||
use OCP\IDBConnection;
|
||||
use OCP\IUserManager;
|
||||
use OCP\IGroupManager;
|
||||
@@ -36,6 +37,8 @@ class BoardMapper extends DeckMapper implements IPermissionMapper {
|
||||
private $userManager;
|
||||
private $groupManager;
|
||||
|
||||
private $circlesEnabled;
|
||||
|
||||
public function __construct(
|
||||
IDBConnection $db,
|
||||
LabelMapper $labelMapper,
|
||||
@@ -50,6 +53,8 @@ class BoardMapper extends DeckMapper implements IPermissionMapper {
|
||||
$this->stackMapper = $stackMapper;
|
||||
$this->userManager = $userManager;
|
||||
$this->groupManager = $groupManager;
|
||||
|
||||
$this->circlesEnabled = \OC::$server->getAppManager()->isEnabledForUser('circles');
|
||||
}
|
||||
|
||||
|
||||
@@ -136,6 +141,35 @@ class BoardMapper extends DeckMapper implements IPermissionMapper {
|
||||
return $entries;
|
||||
}
|
||||
|
||||
public function findAllByCircles($userId, $limit = null, $offset = null) {
|
||||
if (!$this->circlesEnabled) {
|
||||
return [];
|
||||
}
|
||||
$circles = array_map(function($circle) {
|
||||
return $circle->getUniqueId();
|
||||
}, \OCA\Circles\Api\v1\Circles::joinedCircles('', true));
|
||||
if (count($circles) === 0) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$sql = 'SELECT boards.id, title, owner, color, archived, deleted_at, 2 as shared, last_modified FROM `*PREFIX*deck_boards` as boards ' .
|
||||
'INNER JOIN `*PREFIX*deck_board_acl` as acl ON boards.id=acl.board_id WHERE owner != ? AND type=? AND (';
|
||||
for ($i = 0, $iMax = count($circles); $i < $iMax; $i++) {
|
||||
$sql .= 'acl.participant = ? ';
|
||||
if (count($circles) > 1 && $i < count($circles) - 1) {
|
||||
$sql .= ' OR ';
|
||||
}
|
||||
}
|
||||
$sql .= ');';
|
||||
$entries = $this->findEntities($sql, array_merge([$userId, Acl::PERMISSION_TYPE_CIRCLE], $circles), $limit, $offset);
|
||||
/* @var Board $entry */
|
||||
foreach ($entries as $entry) {
|
||||
$acl = $this->aclMapper->findAll($entry->id);
|
||||
$entry->setAcl($acl);
|
||||
}
|
||||
return $entries;
|
||||
}
|
||||
|
||||
public function findAll() {
|
||||
$sql = 'SELECT id from *PREFIX*deck_boards;';
|
||||
return $this->findEntities($sql);
|
||||
@@ -200,6 +234,20 @@ class BoardMapper extends DeckMapper implements IPermissionMapper {
|
||||
\OC::$server->getLogger()->debug('Group ' . $acl->getId() . ' not found when mapping acl ' . $acl->getParticipant());
|
||||
return null;
|
||||
}
|
||||
// TODO: get circles list
|
||||
if ($acl->getType() === Acl::PERMISSION_TYPE_CIRCLE) {
|
||||
try {
|
||||
$circle = \OCA\Circles\Api\v1\Circles::detailsCircle($acl->getParticipant());
|
||||
if ($circle) {
|
||||
return new Circle($circle);
|
||||
}
|
||||
} catch (QueryException $e) {
|
||||
} catch (\Exception $e) {
|
||||
// TODO catch not found
|
||||
}
|
||||
return null;
|
||||
}
|
||||
// TODO: get circles list
|
||||
throw new \Exception('Unknown permission type for mapping Acl');
|
||||
});
|
||||
}
|
||||
|
||||
45
lib/Db/Circle.php
Normal file
45
lib/Db/Circle.php
Normal file
@@ -0,0 +1,45 @@
|
||||
<?php
|
||||
/**
|
||||
* @copyright Copyright (c) 2017 Julius Härtl <jus@bitgrid.net>
|
||||
*
|
||||
* @author Julius Härtl <jus@bitgrid.net>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\Deck\Db;
|
||||
|
||||
|
||||
class Circle extends RelationalObject {
|
||||
|
||||
/** @var \OCA\Circles\Model\Circle */
|
||||
protected $object;
|
||||
|
||||
public function __construct(\OCA\Circles\Model\Circle $circle) {
|
||||
$primaryKey = $circle->getUniqueId();
|
||||
parent::__construct($primaryKey, $circle);
|
||||
}
|
||||
|
||||
public function getObjectSerialization() {
|
||||
return [
|
||||
'uid' => $this->object->getUniqueId(),
|
||||
'displayname' => $this->object->getName(),
|
||||
'typeString' => $this->object->getTypeString(),
|
||||
'circleOwner' => $this->object->getOwner()
|
||||
];
|
||||
}
|
||||
}
|
||||
@@ -97,7 +97,8 @@ class BoardService {
|
||||
$userInfo = $this->getBoardPrerequisites();
|
||||
$userBoards = $this->boardMapper->findAllByUser($userInfo['user'], null, null, $since);
|
||||
$groupBoards = $this->boardMapper->findAllByGroups($userInfo['user'], $userInfo['groups'],null, null, $since);
|
||||
$complete = array_merge($userBoards, $groupBoards);
|
||||
$circleBoards = $this->boardMapper->findAllByCircles($userInfo['user'], null, null, $since);
|
||||
$complete = array_merge($userBoards, $groupBoards, $circleBoards);
|
||||
$result = [];
|
||||
/** @var Board $item */
|
||||
foreach ($complete as &$item) {
|
||||
|
||||
@@ -33,6 +33,7 @@ use OCA\Deck\NoPermissionException;
|
||||
use OCP\AppFramework\Db\DoesNotExistException;
|
||||
use OCP\AppFramework\Db\Entity;
|
||||
use OCP\AppFramework\Db\MultipleObjectsReturnedException;
|
||||
use OCP\AppFramework\QueryException;
|
||||
use OCP\IConfig;
|
||||
use OCP\IGroupManager;
|
||||
use OCP\ILogger;
|
||||
@@ -61,6 +62,8 @@ class PermissionService {
|
||||
/** @var array */
|
||||
private $users = [];
|
||||
|
||||
private $circlesEnabled = false;
|
||||
|
||||
public function __construct(
|
||||
ILogger $logger,
|
||||
AclMapper $aclMapper,
|
||||
@@ -79,6 +82,8 @@ class PermissionService {
|
||||
$this->shareManager = $shareManager;
|
||||
$this->config = $config;
|
||||
$this->userId = $userId;
|
||||
|
||||
$this->circlesEnabled = \OC::$server->getAppManager()->isEnabledForUser('circles');
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -182,6 +187,16 @@ class PermissionService {
|
||||
if ($acl->getType() === Acl::PERMISSION_TYPE_USER && $acl->getParticipant() === $this->userId) {
|
||||
return $acl->getPermission($permission);
|
||||
}
|
||||
|
||||
if ($this->circlesEnabled && $acl->getType() === Acl::PERMISSION_TYPE_CIRCLE) {
|
||||
try {
|
||||
\OCA\Circles\Api\v1\Circles::getMember($acl->getParticipant(), $this->userId, 1);
|
||||
return $acl->getPermission($permission);
|
||||
} catch (\Exception $e) {
|
||||
// TODO: getMember doesn't work for personal circles
|
||||
$this->logger->info('Member not found in circle that was accessed. This should not happen.');
|
||||
}
|
||||
}
|
||||
}
|
||||
// check for groups
|
||||
$hasGroupPermission = false;
|
||||
|
||||
Reference in New Issue
Block a user