Implement encryption class

author: brantje <brantje@gmail.com> 2017-01-02 17:25:41 +0300
committer: brantje <brantje@gmail.com> 2017-01-11 20:09:49 +0300
commit: 734496ebcc04dee8da332618a5c405eef89dbb5b (patch)
tree: 56cc209a76e1c590a5da2a8c743a1035bd135287 /controller
parent: e5c8c5d1f73a087a50f8f9a4a68f49909ef71769 (diff)
4 files changed, 23 insertions, 11 deletions
diff --git a/controller/credentialcontroller.php b/controller/credentialcontroller.php
index 3c6dd6b5..aa002b76 100644
--- a/controller/credentialcontroller.php
+++ b/controller/credentialcontroller.php
@@ -12,6 +12,7 @@
 namespace OCA\Passman\Controller;
 
 use OCA\Passman\Db\SharingACL;
+use OCA\Passman\Service\EncryptService;
 use OCA\Passman\Service\SettingsService;
 use OCA\Passman\Utility\NotFoundJSONResponse;
 use OCP\AppFramework\Http;
@@ -42,6 +43,7 @@ class CredentialController extends ApiController {
 								CredentialRevisionService $credentialRevisionService,
 								ShareService $sharingService,
 								SettingsService $settings
+
 	) {
 		parent::__construct($AppName, $request);
 		$this->userId = $userId;
@@ -86,6 +88,7 @@ class CredentialController extends ApiController {
 			'hidden' => $hidden,
 
 		);
+
 		$credential = $this->credentialService->createCredential($credential);
 		$link = ''; // @TODO create direct link to credential
 		if (!$credential->getHidden()) {
@@ -102,7 +105,8 @@ class CredentialController extends ApiController {
 	 * @NoCSRFRequired
 	 */
 	public function getCredential($credential_guid) {
-		return new JSONResponse($this->credentialService->getCredentialByGUID($credential_guid, $this->userId));
+		$credential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId);
+		return new JSONResponse($credential);
 	}
 
 	/**
@@ -116,7 +120,7 @@ class CredentialController extends ApiController {
 									 $tags, $url, $username, $vault_id, $revision_created, $shared_key, $acl, $unshare_action, $set_share_key, $skip_revision) {
 
 
-		$storedCredential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId);
+		$storedCredential = $this->credentialService->getCredentialByGUID($credential_guid);
 
 		$credential = array(
 			'credential_id' => $credential_id,
@@ -139,6 +143,7 @@ class CredentialController extends ApiController {
 			'delete_time' => $delete_time,
 			'hidden' => $hidden,
 			'otp' => $otp,
+			'user_id' => $storedCredential->getUserId()
 		);
 
 
@@ -149,11 +154,12 @@ class CredentialController extends ApiController {
 			} else {
 				return new DataResponse(['msg' => 'Not authorized'], Http::STATUS_UNAUTHORIZED);
 			}
-			if ($this->settings->isEnabled('user_sharing_enabled')) {
+			if (!$this->settings->isEnabled('user_sharing_enabled')) {
 				return new DataResponse(['msg' => 'Not authorized'], Http::STATUS_UNAUTHORIZED);
 			}
 		}
 
+
 		$link = ''; // @TODO create direct link to credential
 		if ($revision_created) {
 			$activity = 'item_apply_revision';
@@ -237,6 +243,7 @@ class CredentialController extends ApiController {
 		if (!$skip_revision) {
 			$this->credentialRevisionService->createRevision($storedCredential, $storedCredential->getUserId(), $credential_id, $this->userId);
 		}
+
 		$credential = $this->credentialService->updateCredential($credential);
 
 		return new JSONResponse($credential);
@@ -271,7 +278,6 @@ class CredentialController extends ApiController {
 		} catch (\Exception $ex) {
 			return new NotFoundJSONResponse();
 		}
-
 		// If the request was made by the owner of the credential
 		if ($this->userId === $credential->getUserId()) {
 			$result = $this->credentialRevisionService->getRevisions($credential->getId(), $this->userId);
diff --git a/controller/filecontroller.php b/controller/filecontroller.php
index 368e1c87..7a025516 100644
--- a/controller/filecontroller.php
+++ b/controller/filecontroller.php
@@ -39,7 +39,8 @@ class FileController extends ApiController {
 			'filename' => $filename,
 			'size' => $size,
 			'mimetype' => $mimetype,
-			'file_data' => $data
+			'file_data' => $data,
+			'user_id' => $this->userId
 		);
 		return new JSONResponse($this->fileService->createFile($file, $this->userId));
 	}
diff --git a/controller/sharecontroller.php b/controller/sharecontroller.php
index 24d852a9..89c9fbe6 100644
--- a/controller/sharecontroller.php
+++ b/controller/sharecontroller.php
@@ -464,12 +464,12 @@ class ShareController extends ApiController {
 	}
 
 	/**
-	 * @param $credential_guid
+	 * @param $item_guid
 	 * @param $file_guid
 	 * @NoAdminRequired
 	 * @PublicPage
-	 * @return JSONResponse
-	 * @return NotFoundResponse
+	 * @return mixed
+	 * @return NotFoundJSONResponse
 	 */
 	public function getFile($item_guid, $file_guid) {
 		try {
diff --git a/controller/vaultcontroller.php b/controller/vaultcontroller.php
index 93df13b2..7aa359de 100644
--- a/controller/vaultcontroller.php
+++ b/controller/vaultcontroller.php
@@ -11,6 +11,8 @@
 
 namespace OCA\Passman\Controller;
 
+use OCA\Passman\Service\EncryptService;
+use OCA\Passman\Service\SettingsService;
 use OCA\Passman\Utility\NotFoundJSONResponse;
 use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\IRequest;
@@ -24,12 +26,15 @@ class VaultController extends ApiController {
 	private $userId;
 	private $vaultService;
 	private $credentialService;
+	private $settings;
 
 	public function __construct($AppName,
 								IRequest $request,
 								$UserId,
 								VaultService $vaultService,
-								CredentialService $credentialService) {
+								CredentialService $credentialService,
+								SettingsService $settings,
+								EncryptService $encryptService) {
 		parent::__construct(
 			$AppName,
 			$request,
@@ -39,6 +44,7 @@ class VaultController extends ApiController {
 		$this->userId = $UserId;
 		$this->vaultService = $vaultService;
 		$this->credentialService = $credentialService;
+		$this->settings = $settings;
 	}
 
 	/**
@@ -61,7 +67,7 @@ class VaultController extends ApiController {
 					'created' => $vault->getCreated(),
 					'public_sharing_key' => $vault->getPublicSharingKey(),
 					'last_access' => $vault->getlastAccess(),
-					'challenge_password' => $credential->{$secret_field}()
+					'challenge_password' => $credential->{$secret_field}(),
 				));
 			}
 		}
@@ -83,7 +89,6 @@ class VaultController extends ApiController {
 	 * @NoCSRFRequired
 	 */
 	public function get($vault_guid) {
-		//$vault_guid
 		$vault = null;
 		try {
 			$vault = $this->vaultService->getByGuid($vault_guid, $this->userId);
author	brantje <brantje@gmail.com>	2017-01-02 17:25:41 +0300
committer	brantje <brantje@gmail.com>	2017-01-11 20:09:49 +0300
commit	734496ebcc04dee8da332618a5c405eef89dbb5b (patch)
tree	56cc209a76e1c590a5da2a8c743a1035bd135287 /controller
parent	e5c8c5d1f73a087a50f8f9a4a68f49909ef71769 (diff)