Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/passman.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/controller/credentialcontroller.php
diff options
context:
space:
mode:
Diffstat (limited to 'controller/credentialcontroller.php')
-rw-r--r--controller/credentialcontroller.php311
1 files changed, 311 insertions, 0 deletions
diff --git a/controller/credentialcontroller.php b/controller/credentialcontroller.php
new file mode 100644
index 00000000..4a6d0a8f
--- /dev/null
+++ b/controller/credentialcontroller.php
@@ -0,0 +1,311 @@
+<?php
+/**
+ * Nextcloud - passman
+ *
+ * This file is licensed under the Affero General Public License version 3 or
+ * later. See the COPYING file.
+ *
+ * @author Sander Brand <brantje@gmail.com>
+ * @copyright Sander Brand 2016
+ */
+
+namespace OCA\Passman\Controller;
+
+use OCA\Files_External\NotFoundException;
+use OCA\Passman\Db\SharingACL;
+use OCA\Passman\Utility\NotFoundJSONResponse;
+use OCP\AppFramework\Db\DoesNotExistException;
+use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\DataResponse;
+use OCP\IRequest;
+use OCP\AppFramework\Http\JSONResponse;
+use OCP\AppFramework\ApiController;
+use OCA\Passman\Service\CredentialService;
+use OCA\Passman\Activity;
+use OCA\Passman\Service\ActivityService;
+use OCA\Passman\Service\CredentialRevisionService;
+use OCA\Passman\Service\ShareService;
+use OCP\IUser;
+
+class CredentialController extends ApiController {
+ private $userId;
+ private $credentialService;
+ private $activityService;
+ private $credentialRevisionService;
+ private $sharingService;
+
+ public function __construct($AppName,
+ IRequest $request,
+ $userId,
+ CredentialService $credentialService,
+ ActivityService $activityService,
+ CredentialRevisionService $credentialRevisionService,
+ ShareService $sharingService
+ ) {
+ parent::__construct($AppName, $request);
+ $this->userId = $userId;
+ $this->credentialService = $credentialService;
+ $this->activityService = $activityService;
+ $this->credentialRevisionService = $credentialRevisionService;
+ $this->sharingService = $sharingService;
+ }
+
+ /**
+ * @NoAdminRequired
+ */
+ public function createCredential($changed, $created,
+ $credential_id, $custom_fields, $delete_time,
+ $description, $email, $expire_time, $favicon, $files, $guid,
+ $hidden, $label, $otp, $password, $renew_interval,
+ $tags, $url, $username, $vault_id) {
+ $credential = array(
+ 'credential_id' => $credential_id,
+ 'guid' => $guid,
+ 'user_id' => $this->userId,
+ 'vault_id' => $vault_id,
+ 'label' => $label,
+ 'description' => $description,
+ 'created' => $created,
+ 'changed' => $changed,
+ 'tags' => $tags,
+ 'email' => $email,
+ 'username' => $username,
+ 'password' => $password,
+ 'url' => $url,
+ 'favicon' => $favicon,
+ 'renew_interval' => $renew_interval,
+ 'expire_time' => $expire_time,
+ 'delete_time' => $delete_time,
+ 'files' => $files,
+ 'custom_fields' => $custom_fields,
+ 'otp' => $otp,
+ 'hidden' => $hidden,
+
+ );
+ $credential = $this->credentialService->createCredential($credential);
+ $link = ''; // @TODO create direct link to credential
+ if(!$credential->getHidden()) {
+ $this->activityService->add(
+ Activity::SUBJECT_ITEM_CREATED_SELF, array($label, $this->userId),
+ '', array(),
+ $link, $this->userId, Activity::TYPE_ITEM_ACTION);
+ }
+ return new JSONResponse($credential);
+ }
+
+ /**
+ * @NoAdminRequired
+ */
+ public function getCredential($credential_guid) {
+ return new JSONResponse($this->credentialService->getCredentialByGUID($credential_guid, $this->userId));
+ }
+
+ /**
+ * @NoAdminRequired
+ */
+ public function updateCredential($changed, $created,
+ $credential_id, $custom_fields, $delete_time, $credential_guid,
+ $description, $email, $expire_time, $favicon, $files, $guid,
+ $hidden, $label, $otp, $password, $renew_interval,
+ $tags, $url, $username, $vault_id, $revision_created, $shared_key, $acl, $unshare_action, $set_share_key, $skip_revision) {
+
+
+ $storedCredential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId);
+
+ $credential = array(
+ 'credential_id' => $credential_id,
+ 'guid' => $guid,
+ 'label' => $label,
+ 'description' => $description,
+ 'created' => $created,
+ 'changed' => $changed,
+ 'vault_id' => $vault_id,
+ 'tags' => $tags,
+ 'email' => $email,
+ 'username' => $username,
+ 'password' => $password,
+ 'url' => $url,
+ 'favicon' => $favicon,
+ 'renew_interval' => $renew_interval,
+ 'expire_time' => $expire_time,
+ 'files' => $files,
+ 'custom_fields' => $custom_fields,
+ 'delete_time' => $delete_time,
+ 'hidden' => $hidden,
+ 'otp' => $otp,
+ );
+
+
+ if ($storedCredential->getUserId() !== $this->userId) {
+ $acl = $this->sharingService->getCredentialAclForUser($this->userId, $storedCredential->getGuid());
+ if ($acl->hasPermission(SharingACL::WRITE)) {
+ $credential['shared_key'] = $storedCredential->getSharedKey();
+ } else {
+ return new DataResponse(['msg' => 'Not authorized'], Http::STATUS_UNAUTHORIZED);
+ }
+ }
+ $link = ''; // @TODO create direct link to credential
+ if ($revision_created) {
+ $activity = 'item_apply_revision';
+ $this->activityService->add(
+ $activity . '_self', array($label, $this->userId, $revision_created),
+ '', array(),
+ $link, $this->userId, Activity::TYPE_ITEM_ACTION);
+ } else if (($storedCredential->getDeleteTime() === 0) && (int) $delete_time > 0) {
+ $activity = 'item_deleted';
+ $this->activityService->add(
+ $activity . '_self', array($label, $this->userId),
+ '', array(),
+ $link, $this->userId, Activity::TYPE_ITEM_ACTION);
+ } else if (($storedCredential->getDeleteTime() > 0) && (int) $delete_time === 0) {
+ $activity = 'item_recovered';
+ $this->activityService->add(
+ $activity . '_self', array($label, $this->userId),
+ '', array(),
+ $link, $this->userId, Activity::TYPE_ITEM_ACTION);
+ } else if ($label !== $storedCredential->getLabel()) {
+ $activity = 'item_renamed';
+ $this->activityService->add(
+ $activity . '_self', array($storedCredential->getLabel(), $label, $this->userId),
+ '', array(),
+ $link, $this->userId, Activity::TYPE_ITEM_RENAMED);
+ } else {
+ $activity = 'item_edited';
+ $this->activityService->add(
+ $activity . '_self', array($label, $this->userId),
+ '', array(),
+ $link, $this->userId, Activity::TYPE_ITEM_ACTION);
+ }
+ $acl_list = null;
+
+ try {
+ $acl_list = $this->sharingService->getCredentialAclList($storedCredential->getGuid());
+ } catch (DoesNotExistException $exception) {
+ // Just check if we have an acl list
+ }
+ if (!empty($acl_list)) {
+ $params = array();
+ switch ($activity) {
+ case 'item_recovered':
+ case 'item_deleted':
+ case 'item_edited':
+ $params = array($credential['label'], $this->userId);
+ break;
+ case 'item_apply_revision':
+ $params = array($credential['label'], $this->userId, $revision_created);
+ break;
+ case 'item_renamed':
+ $params = array($storedCredential->getLabel(), $label, $this->userId);
+ break;
+ }
+
+ foreach ($acl_list as $sharingACL) {
+ $target_user = $sharingACL->getUserId();
+ if($target_user === $this->userId){
+ continue;
+ }
+ $this->activityService->add(
+ $activity, $params,
+ '', array(),
+ $link, $target_user, Activity::TYPE_ITEM_ACTION);
+ }
+ if ($this->userId !== $storedCredential->getUserId()) {
+ $this->activityService->add(
+ $activity, $params,
+ '', array(),
+ $link, $storedCredential->getUserId(), Activity::TYPE_ITEM_ACTION);
+ }
+ }
+ if($set_share_key === true){
+ $storedCredential->setSharedKey($shared_key);
+ $credential['shared_key'] = $shared_key;
+ }
+ if($unshare_action === true){
+ $storedCredential->setSharedKey('');
+ $credential['shared_key'] = '';
+ }
+ if(!$skip_revision) {
+ $this->credentialRevisionService->createRevision($storedCredential, $storedCredential->getUserId(), $credential_id, $this->userId);
+ }
+ $credential = $this->credentialService->updateCredential($credential);
+
+ return new JSONResponse($credential);
+ }
+
+ /**
+ * @NoAdminRequired
+ */
+ public function deleteCredential($credential_guid) {
+ $credential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId);
+ if ($credential) {
+ $result = $this->credentialService->deleteCredential($credential);
+ $this->activityService->add(
+ 'item_destroyed_self', array($credential->getLabel()),
+ '', array(),
+ '', $this->userId, Activity::TYPE_ITEM_ACTION);
+ } else {
+ $result = false;
+ }
+ return new JSONResponse($result);
+ }
+
+
+ /**
+ * @NoAdminRequired
+ */
+ public function getRevision($credential_guid) {
+ try {
+ $credential = $this->credentialService->getCredentialByGUID($credential_guid);
+ }
+ catch (DoesNotExistException $ex){
+ return new NotFoundJSONResponse();
+ }
+
+ // If the request was made by the owner of the credential
+ if ($this->userId === $credential->getUserId()) {
+ $result = $this->credentialRevisionService->getRevisions($credential->getId(), $this->userId);
+ }
+ else {
+ $acl = $this->sharingService->getACL($this->userId, $credential_guid);
+ if ($acl->hasPermission(SharingACL::HISTORY)){
+ $result = $this->credentialRevisionService->getRevisions($credential->getId());
+ }
+ else {
+ return new NotFoundJSONResponse();
+ }
+ }
+
+ return new JSONResponse($result);
+ }
+
+ /**
+ * @NoAdminRequired
+ */
+ public function deleteRevision($credential_id, $revision_id) {
+ $result = $this->credentialRevisionService->deleteRevision($revision_id, $this->userId);
+ return new JSONResponse($result);
+ }
+
+ /**
+ * @NoAdminRequired
+ */
+ public function updateRevision($credential_guid, $revision_id, $credential_data){
+ $revision = null;
+ try {
+ $this->credentialService->getCredentialByGUID($credential_guid, $this->userId);
+ } catch (DoesNotExistException $e) {
+ return new NotFoundJSONResponse();
+ }
+
+ try{
+ $revision = $this->credentialRevisionService->getRevision($revision_id);
+ } catch(DoesNotExistException $exception){
+ return new NotFoundJSONResponse();
+ }
+
+ $revision->setCredentialData($credential_data);
+
+ $this->credentialRevisionService->updateRevision($revision);
+ return new JSONResponse(array());
+ }
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-21 12:24:03 +0300