Skip to content

Commit

Permalink
feat(federatedfilesharing): auto-accept shares from trusted servers
Browse files Browse the repository at this point in the history
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
  • Loading branch information
skjnldsv committed Dec 26, 2024
1 parent 873d150 commit ff6f6e6
Show file tree
Hide file tree
Showing 6 changed files with 47 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,6 @@
#[OpenAPI(scope: OpenAPI::SCOPE_FEDERATION)]
class RequestHandlerController extends OCSController {

/** @var string */
private $shareTable = 'share';

public function __construct(
string $appName,
IRequest $request,
Expand Down
5 changes: 5 additions & 0 deletions apps/federatedfilesharing/lib/FederatedShareProvider.php
Original file line number Diff line number Diff line change
Expand Up @@ -999,6 +999,11 @@ public function isLookupServerUploadEnabled() {
return ($result === 'yes');
}

public function isFederatedTrustedShareAutoAccept() {
$result = $this->config->getAppValue('files_sharing', 'federatedTrustedShareAutoAccept', 'yes');
return ($result === 'yes');
}

/**
* @inheritdoc
*/
Expand Down
13 changes: 13 additions & 0 deletions apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
use OC\Files\Filesystem;
use OCA\FederatedFileSharing\AddressHandler;
use OCA\FederatedFileSharing\FederatedShareProvider;
use OCA\Federation\TrustedServers;
use OCA\Files_Sharing\Activity\Providers\RemoteShares;
use OCA\Files_Sharing\External\Manager;
use OCA\GlobalSiteSelector\Service\SlaveService;
Expand Down Expand Up @@ -66,6 +67,7 @@ public function __construct(
private LoggerInterface $logger,
private IFilenameValidator $filenameValidator,
private readonly IProviderFactory $shareProviderFactory,
private TrustedServers $trustedServers,
) {
}

Expand Down Expand Up @@ -163,6 +165,11 @@ public function shareReceived(ICloudFederationShare $share) {
->setObject('remote_share', $shareId, $name);
\OC::$server->getActivityManager()->publish($event);
$this->notifyAboutNewShare($shareWith, $shareId, $ownerFederatedId, $sharedByFederatedId, $name, $ownerDisplayName);

// If auto-accept is enabled, accept the share
if ($this->federatedShareProvider->isFederatedTrustedShareAutoAccept()) {
$this->externalShareManager->acceptShare($shareId, $shareWith);
}
} else {
$groupMembers = $this->groupManager->get($shareWith)->getUsers();
foreach ($groupMembers as $user) {
Expand All @@ -174,8 +181,14 @@ public function shareReceived(ICloudFederationShare $share) {
->setObject('remote_share', $shareId, $name);
\OC::$server->getActivityManager()->publish($event);
$this->notifyAboutNewShare($user->getUID(), $shareId, $ownerFederatedId, $sharedByFederatedId, $name, $ownerDisplayName);

// If auto-accept is enabled, accept the share
if ($this->federatedShareProvider->isFederatedTrustedShareAutoAccept()) {
$this->externalShareManager->acceptShare($shareId, $user->getUID());
}
}
}

return $shareId;
} catch (\Exception $e) {
$this->logger->error('Server can not add remote share.', [
Expand Down
2 changes: 2 additions & 0 deletions apps/federatedfilesharing/lib/Settings/Admin.php
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ public function getForm() {
$this->initialState->provideInitialState('incomingServer2serverGroupShareEnabled', $this->fedShareProvider->isIncomingServer2serverGroupShareEnabled());
$this->initialState->provideInitialState('lookupServerEnabled', $this->fedShareProvider->isLookupServerQueriesEnabled());
$this->initialState->provideInitialState('lookupServerUploadEnabled', $this->fedShareProvider->isLookupServerUploadEnabled());
$this->initialState->provideInitialState('federatedTrustedShareAutoAccept', $this->fedShareProvider->isFederatedTrustedShareAutoAccept());

return new TemplateResponse('federatedfilesharing', 'settings-admin', [], '');
}
Expand Down Expand Up @@ -76,6 +77,7 @@ public function getAuthorizedAppConfig(): array {
'incomingServer2serverGroupShareEnabled',
'lookupServerEnabled',
'lookupServerUploadEnabled',
'federatedTrustedShareAutoAccept',
],
];
}
Expand Down
7 changes: 7 additions & 0 deletions apps/federatedfilesharing/src/components/AdminSettings.vue
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,12 @@
@update:checked="update('lookupServerUploadEnabled', lookupServerUploadEnabled)">
{{ t('federatedfilesharing', 'Allow people to publish their data to a global and public address book') }}
</NcCheckboxRadioSwitch>

<NcCheckboxRadioSwitch type="switch"
:checked.sync="federatedTrustedShareAutoAccept"
@update:checked="update('federatedTrustedShareAutoAccept', federatedTrustedShareAutoAccept)">
{{ t('federatedfilesharing', 'Automatically accept shares from federated accounts and groups by default') }}
</NcCheckboxRadioSwitch>
</NcSettingsSection>
</template>

Expand Down Expand Up @@ -74,6 +80,7 @@ export default {
federatedGroupSharingSupported: loadState('federatedfilesharing', 'federatedGroupSharingSupported'),
lookupServerEnabled: loadState('federatedfilesharing', 'lookupServerEnabled'),
lookupServerUploadEnabled: loadState('federatedfilesharing', 'lookupServerUploadEnabled'),
federatedTrustedShareAutoAccept: loadState('federatedfilesharing', 'federatedTrustedShareAutoAccept'),
internalOnly: loadState('federatedfilesharing', 'internalOnly'),
sharingFederatedDocUrl: loadState('federatedfilesharing', 'sharingFederatedDocUrl'),
}
Expand Down
21 changes: 20 additions & 1 deletion apps/files_sharing/lib/External/Manager.php
Original file line number Diff line number Diff line change
Expand Up @@ -294,7 +294,18 @@ private function updateAccepted(int $shareId, bool $accepted) : void {
* @param int $id
* @return bool True if the share could be accepted, false otherwise
*/
public function acceptShare($id) {
public function acceptShare($id, $userId = null) {
// If we're auto-accepting a share, we need to know the user id
// as there is no session available while processing the share
// from the remote server request.
if ($userId !== null) {
$user = $this->userManager->get($userId);
if ($user === null) {
return false;
}
$this->uid = $userId;
}

$share = $this->getShare($id);
$result = false;

Expand Down Expand Up @@ -357,6 +368,7 @@ public function acceptShare($id) {
}
}
}

if ($userShareAccepted !== false) {
$this->sendFeedbackToRemote($share['remote'], $share['share_token'], $share['remote_id'], 'accept');
$event = new FederatedShareAddedEvent($share['remote']);
Expand Down Expand Up @@ -435,6 +447,13 @@ public function declineShare($id) {
}

public function processNotification(int $remoteShare): void {
$share = $this->fetchShare($remoteShare);
if ($share === false) {
return;
}

// Extract the recipient user id from the share
$userId = $share['user'];
$filter = $this->notificationManager->createNotification();
$filter->setApp('files_sharing')
->setUser($this->uid)
Expand Down

0 comments on commit ff6f6e6

Please sign in to comment.