public subscription for shares with mail address

9 files changed, 105 insertions, 146 deletions

diff --git a/lib/Controller/PollController.php b/lib/Controller/PollController.php
index 04445482..a564fe40 100644
--- a/lib/Controller/PollController.php
+++ b/lib/Controller/PollController.php
@@ -121,14 +121,10 @@ class PollController extends Controller {
 	 * @return DataResponse
 	 */
  	public function get($pollId, $token) {
+
 		try {
-			if ($token) {
-				$poll = $this->pollService->getByToken($token);
-				$acl = $this->acl->setToken($token);
-			} else {
-				$poll = $this->pollService->get($pollId);
-				$acl = $this->acl->setPollId($pollId);
-			}
+			$acl = $this->acl->set($pollId, $token);
+			$poll = $this->pollService->get($pollId, $token);
 
 		} catch (DoesNotExistException $e) {
 			return new DataResponse(['error' => 'Not found'], Http::STATUS_NOT_FOUND);
@@ -137,25 +133,25 @@ class PollController extends Controller {
 		}
 
 		try {
-			$comments = $this->commentService->list($poll->getId(), $token);
+			$comments = $this->commentService->list($pollId, $token);
 		} catch (Exception $e) {
 			$comments = [];
 		}
 
 		try {
-			$options = $this->optionService->list($poll->getId(), $token);
+			$options = $this->optionService->list($pollId, $token);
 		} catch (Exception $e) {
 			$options = [];
 		}
 
 		try {
-			$votes = $this->voteService->list($poll->getId(), $token);
+			$votes = $this->voteService->list($pollId, $token);
 		} catch (Exception $e) {
 			$votes = [];
 		}
 
 		try {
-			$shares = $this->shareService->list($poll->getId());
+			$shares = $this->shareService->list($pollId, $token);
 		} catch (Exception $e) {
 			$shares = [];
 		}
diff --git a/lib/Controller/SubscriptionController.php b/lib/Controller/SubscriptionController.php
index f2517237..ea1e9e49 100644
--- a/lib/Controller/SubscriptionController.php
+++ b/lib/Controller/SubscriptionController.php
@@ -57,15 +57,16 @@ class SubscriptionController extends Controller {
 
 	/**
 	 * Get subscription status
+	 * @PublicPage
 	 * @NoAdminRequired
 	 * @param int $pollId
 	 * @return DataResponse
 	 * @throws DoesNotExistException
 	 * @throws NotAuthorizedException
 	 */
-	public function get($pollId) {
+	public function get($pollId, $token) {
 		try {
-			return new DataResponse($this->subscriptionService->get($pollId), Http::STATUS_OK);
+			return new DataResponse($this->subscriptionService->get($pollId, $token), Http::STATUS_OK);
 		} catch (NotAuthorizedException $e) {
 			return new DataResponse(['error' => $e->getMessage()], $e->getStatus());
 		} catch (DoesNotExistException $e) {
@@ -75,15 +76,16 @@ class SubscriptionController extends Controller {
 
 	/**
 	 * Switch subscription status
+	 * @PublicPage
 	 * @NoAdminRequired
 	 * @param int $pollId
 	 * @param int $subscribed
 	 * @return DataResponse
 	 * @throws NotAuthorizedException
 	 */
-	public function set($pollId, $subscribed) {
+	public function set($pollId, $token, $subscribed) {
 		try {
-			return new DataResponse($this->subscriptionService->set($pollId, $subscribed), Http::STATUS_OK);
+			return new DataResponse($this->subscriptionService->set($pollId, $token, $subscribed), Http::STATUS_OK);
 		} catch (NotAuthorizedException $e) {
 			return new DataResponse(['error' => $e->getMessage()], $e->getStatus());
 		}
diff --git a/lib/Model/Acl.php b/lib/Model/Acl.php
index 10760008..ee7b627b 100644
--- a/lib/Model/Acl.php
+++ b/lib/Model/Acl.php
@@ -27,6 +27,7 @@ namespace OCA\Polls\Model;
 use JsonSerializable;
 use Exception;
 use OCP\AppFramework\Db\DoesNotExistException;
+use OCA\Polls\Exceptions\NotAuthorizedException;
 
 use OCP\IUserManager;
 use OCP\IGroupManager;
@@ -104,6 +105,44 @@ class Acl implements JsonSerializable {
 		$this->poll = $poll;
 	}
 
+	/**
+	 * @NoAdminRequired
+	 * @return bool
+	 */
+	public function set($pollId = 0, $token = ''): Acl {
+
+		if ($token) {
+			\OC::$server->getLogger()->debug('Share token: ' . $token);
+
+			$this->token = $token;
+			$this->pollId = 0;
+			$this->userId = null;
+			$share = $this->shareMapper->findByToken($token);
+
+			if (\OC::$server->getUserSession()->isLoggedIn()) {
+				if ($share->getType() !== 'group' && $share->getType() !== 'public') {
+					throw new NotAuthorizedException;
+				}
+
+				$this->userId = \OC::$server->getUserSession()->getUser()->getUID();
+			} else {
+				if ($share->getType() === 'group' || $share->getType() === 'user') {
+					throw new NotAuthorizedException;
+				}
+
+				$this->userId = $share->getUserId();
+			}
+
+			$this->pollId = $share->getPollId();
+		} elseif ($pollId) {
+			$this->user = \OC::$server->getUserSession()->getUser()->getUID();
+			$this->pollId = $pollId;
+		}
+
+		$this->poll = $this->pollMapper->find($this->pollId);
+
+		return $this;
+	}
 
 	/**
 	 * @NoAdminRequired
@@ -133,31 +172,6 @@ class Acl implements JsonSerializable {
 		return !($this->userManager->get($this->userId) instanceof IUser);
 	}
 
-
-	/**
-	 * @NoAdminRequired
-	 * @return bool
-	 */
-	public function setPollIdOrToken($pollId = 0, $token = '') {
-
-		if ($token) {
-			$this->setToken($token);
-		} elseif ($pollId) {
-			$this->setPollId($pollId);
-		}
-
-		return $this;
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @return string
-	 */
-	public function setUserId($userId): Acl {
-		$this->userId = $userId;
-		return $this;
-	}
-
 	/**
 	 * @NoAdminRequired
 	 * @return string
@@ -176,18 +190,6 @@ class Acl implements JsonSerializable {
 
 	/**
 	 * @NoAdminRequired
-	 * @return int
-	 */
-	public function setPollId(int $pollId): Acl {
-		$this->pollId = $pollId;
-		$this->poll = $this->pollMapper->find($this->pollId);
-		$this->shares = $this->shareMapper->findByPoll($this->pollId);
-
-		return $this;
-	}
-
-	/**
-	 * @NoAdminRequired
 	 * @return bool
 	 */
 	public function getIsOwner(): bool {
@@ -347,40 +349,6 @@ class Acl implements JsonSerializable {
 	}
 
 	/**
-	 * @NoAdminRequired
-	 * @return string
-	 */
-	public function setToken(string $token): Acl {
-		\OC::$server->getLogger()->debug('Share PollId: ' . $token);
-		try {
-
-			$this->token = $token;
-			$share = $this->shareMapper->findByToken($token);
-			$this->setPollId($share->getPollId());
-			\OC::$server->getLogger()->debug('Share PollId: ' . $share->getPollId());
-
-			if (($share->getType() === 'group' || $share->getType() === 'user') && !\OC::$server->getUserSession()->isLoggedIn()) {
-				// User must be logged in for shareType user and group
-				$this->setPollId(0);
-				$this->setUserId(null);
-				$this->token = '';
-			} else if (($share->getType() === 'group' || $share->getType() === 'public') && \OC::$server->getUserSession()->isLoggedIn()) {
-				// Use user name of authorized user shareType public and group if user is logged in
-				$this->setUserId($this->userId);
-			} else {
-				$this->setUserId($share->getUserId());
-			}
-
-
-		} catch (DoesNotExistException $e) {
-			$this->setPollId(0);
-			$this->setUserId(null);
-			$this->token = '';
-		}
-		return $this;
-	}
-
-	/**
 	 * @return array
 	 */
 	public function jsonSerialize(): array {
diff --git a/lib/Service/CommentService.php b/lib/Service/CommentService.php
index 6c5f89b6..cdb2616a 100644
--- a/lib/Service/CommentService.php
+++ b/lib/Service/CommentService.php
@@ -78,7 +78,7 @@ class CommentService {
 	 */
 	public function list($pollId = 0, $token = '') {
 
-		if (!$this->acl->setPollIdOrToken($pollId, $token)->getAllowView()) {
+		if (!$this->acl->set($pollId, $token)->getAllowView()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -101,7 +101,7 @@ class CommentService {
 	 */
 	public function add($pollId = 0, $message, $token = '') {
 
-		if (!$this->acl->setPollIdOrToken($pollId, $token)->getAllowComment()) {
+		if (!$this->acl->set($pollId, $token)->getAllowComment()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -136,7 +136,7 @@ class CommentService {
 	public function delete($commentId, $token = '') {
 		$this->comment = $this->commentMapper->find($commentId);
 
-		if ($this->acl->setPollIdOrToken($this->comment->getPollId(), $token)->getUserId() !== $this->acl->getUserId()) {
+		if ($this->acl->set($this->comment->getPollId(), $token)->getUserId() !== $this->acl->getUserId()) {
 			throw new NotAuthorizedException;
 		}
 
diff --git a/lib/Service/OptionService.php b/lib/Service/OptionService.php
index 3cabc5ae..c598073e 100644
--- a/lib/Service/OptionService.php
+++ b/lib/Service/OptionService.php
@@ -90,13 +90,14 @@ class OptionService {
 	 * @throws NotAuthorizedException
 	 */
 	public function list($pollId = 0, $token = '') {
+		$acl = $this->acl->set($pollId, $token);
 
-		if (!$this->acl->setPollIdOrToken($pollId, $token)->getAllowView()) {
+		if (!$acl->getAllowView()) {
 			throw new NotAuthorizedException;
 		}
 
 		try {
-			return $this->optionMapper->findByPoll($pollId);
+			return $this->optionMapper->findByPoll($acl->getPollId());
 		} catch (DoesNotExistException $e) {
 			return [];
 		}
@@ -115,7 +116,7 @@ class OptionService {
 	public function add($pollId, $timestamp = 0, $pollOptionText = '') {
 
 		$this->poll = $this->pollMapper->find($pollId);
-		if (!$this->acl->setPollId($pollId)->getAllowEdit()) {
+		if (!$this->acl->set($pollId)->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -141,7 +142,7 @@ class OptionService {
 		$this->option = $this->optionMapper->find($optionId);
 		$this->poll = $this->pollMapper->find($this->option->getPollId());
 
-		if (!$this->acl->setPollId($this->option->getPollId())->getAllowEdit()) {
+		if (!$this->acl->set($this->option->getPollId())->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -160,7 +161,7 @@ class OptionService {
 	public function delete($optionId) {
 		$this->option = $this->optionMapper->find($optionId);
 
-		if (!$this->acl->setPollId($this->option->getPollId())->getAllowEdit()) {
+		if (!$this->acl->set($this->option->getPollId())->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -179,7 +180,7 @@ class OptionService {
 	public function confirm($optionId) {
 		$this->option = $this->optionMapper->find($optionId);
 
-		if (!$this->acl->setPollId($this->option->getPollId())->getAllowEdit()) {
+		if (!$this->acl->set($this->option->getPollId())->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -202,7 +203,7 @@ class OptionService {
 	 */
 	public function clone($fromPollId, $toPollId) {
 
-		if (!$this->acl->setPollId($fromPollId)->getAllowView()) {
+		if (!$this->acl->set($fromPollId)->getAllowView()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -232,7 +233,7 @@ class OptionService {
 
 		$this->poll = $this->pollMapper->find($pollId);
 
-		if (!$this->acl->setPollId($pollId)->getAllowEdit()) {
+		if (!$this->acl->set($pollId)->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -267,7 +268,7 @@ class OptionService {
 		$pollId = $this->option->getPollId();
 		$this->poll = $this->pollMapper->find($pollId);
 
-		if (!$this->acl->setPollId($pollId)->getAllowEdit()) {
+		if (!$this->acl->set($pollId)->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}
 
diff --git a/lib/Service/PollService.php b/lib/Service/PollService.php
index 73b2044c..b9fdbdef 100644
--- a/lib/Service/PollService.php
+++ b/lib/Service/PollService.php
@@ -111,7 +111,7 @@ class PollService {
 		// TODO: Not the elegant way. Improvement neccessary
 		foreach ($polls as $poll) {
 			$combinedPoll = (object) array_merge(
-				(array) json_decode(json_encode($poll)), (array) json_decode(json_encode($this->acl->setPollId($poll->getId()))));
+				(array) json_decode(json_encode($poll)), (array) json_decode(json_encode($this->acl->set($poll->getId()))));
 			if ($combinedPoll->allowView) {
 				$pollList[] = $combinedPoll;
 			}
@@ -127,30 +127,14 @@ class PollService {
 	 * @return Poll
 	 * @throws NotAuthorizedException
 	 */
- 	public function get($pollId) {
+ 	public function get($pollId, $token) {
+		$acl = $this->acl->set($pollId, $token);
 
-		if (!$this->acl->setPollId($pollId)->getAllowView()) {
+		if (!$acl->getAllowView()) {
 			throw new NotAuthorizedException;
 		}
 
-		return $this->pollMapper->find($pollId);
-
- 	}
-
-	/**
-	 * get poll configuration by token
-	 * @NoAdminRequired
-	 * @param int $pollId
-	 * @return Poll
-	 * @throws NotAuthorizedException
-	 */
- 	public function getByToken($token) {
-
-		if (!$this->acl->setToken($token)->getAllowView()) {
-			throw new NotAuthorizedException;
-		}
-
-		return $this->pollMapper->find($this->acl->getPollId());
+		return $this->pollMapper->find($acl->getPollId());
 
  	}
 
@@ -219,7 +203,7 @@ class PollService {
 
 		$this->poll = $this->pollMapper->find($pollId);
 
-		if (!$this->acl->setPollId($this->poll->getId())->getAllowEdit()) {
+		if (!$this->acl->set($this->poll->getId())->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -255,7 +239,7 @@ class PollService {
 	public function delete($pollId) {
 		$this->poll = $this->pollMapper->find($pollId);
 
-		if (!$this->acl->setPollId($pollId)->getAllowEdit()) {
+		if (!$this->acl->set($pollId)->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -282,7 +266,7 @@ class PollService {
 	public function deletePermanently($pollId) {
 		$this->poll = $this->pollMapper->find($pollId);
 
-		if (!$this->acl->setPollId($pollId)->getAllowEdit() || !$this->poll->getDeleted()) {
+		if (!$this->acl->set($pollId)->getAllowEdit() || !$this->poll->getDeleted()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -299,7 +283,7 @@ class PollService {
 	public function clone($pollId) {
 
 		$origin = $this->pollMapper->find($pollId);
-		if (!$this->acl->setPollId($origin->getId())->getAllowView()) {
+		if (!$this->acl->set($origin->getId())->getAllowView()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -334,7 +318,7 @@ class PollService {
 
 	public function getParticipantsEmailAddresses($pollId) {
 		$this->poll = $this->pollMapper->find($pollId);
-		if (!$this->acl->setPollId($pollId)->getAllowEdit()) {
+		if (!$this->acl->set($pollId)->getAllowEdit()) {
 			return [];
 		}
 
diff --git a/lib/Service/ShareService.php b/lib/Service/ShareService.php
index aaddefb8..70881cf9 100644
--- a/lib/Service/ShareService.php
+++ b/lib/Service/ShareService.php
@@ -82,8 +82,12 @@ class ShareService {
 	 * @return array array of Share
 	 * @throws NotAuthorizedException
 	 */
-	public function list($pollId) {
-		if (!$this->acl->setPollId($pollId)->getAllowEdit()) {
+	public function list($pollId, $token) {
+		if ($token) {
+			return array($this->get($token));
+		}
+
+		if (!$this->acl->set($pollId)->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -112,7 +116,7 @@ class ShareService {
 	 */
 	public function add($pollId, $type, $userId, $userEmail = '') {
 
-		if (!$this->acl->setPollId($pollId)->getAllowEdit()) {
+		if (!$this->acl->set($pollId)->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -213,7 +217,7 @@ class ShareService {
 
 	public function delete($token) {
 		$this->share = $this->shareMapper->findByToken($token);
-		if (!$this->acl->setPollId($this->share->getPollId())->getAllowEdit()) {
+		if (!$this->acl->set($this->share->getPollId())->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}
 
diff --git a/lib/Service/SubscriptionService.php b/lib/Service/SubscriptionService.php
index 0f7d82a7..8678817e 100644
--- a/lib/Service/SubscriptionService.php
+++ b/lib/Service/SubscriptionService.php
@@ -59,16 +59,16 @@ class SubscriptionService {
 	 * @param int $pollId
 	 * @return array
 	 */
-	public function get($pollId) {
-		if (!$this->acl->setPollId($pollId)->getAllowView()) {
+	public function get($pollId, $token) {
+		if (!$this->acl->set($pollId, $token)->getAllowView()) {
 			throw new NotAuthorizedException;
 		}
 		try {
-			return $this->subscriptionMapper->findByUserAndPoll($pollId, $this->acl->getUserId());
+			return $this->subscriptionMapper->findByUserAndPoll($this->acl->getPollId(), $this->acl->getUserId());
 		} catch (MultipleObjectsReturnedException $e) {
 			// subscription should be unique. If duplicates are found resubscribe
 			// duplicates are removed in $this->set()
-			return $this->set($pollId, true);
+			return $this->set($pollId, $token, true);
 		}
 
 	}
@@ -76,51 +76,55 @@ class SubscriptionService {
 	/**
 	 * @NoAdminRequired
 	 * @param int $pollId
+	 * @param string $token
+	 * @param bool $subscribed
 	 * @return array
 	 */
-	public function set($pollId, $subscribed) {
-		if (!$this->acl->setPollId($pollId)->getAllowView()) {
+	public function set($pollId, $token, $subscribed) {
+		if (!$this->acl->set($pollId, $token)->getAllowView()) {
+			\OC::$server->getLogger()->alert('Share token: ' . $token);
+			\OC::$server->getLogger()->alert('Share PollId: ' . $pollId);
 			throw new NotAuthorizedException;
 		}
 		try {
-			$subscription = $this->subscriptionMapper->findByUserAndPoll($pollId, $this->acl->getUserId());
+			$subscription = $this->subscriptionMapper->findByUserAndPoll($this->acl->getPollId(), $this->acl->getUserId());
 			if (!$subscribed) {
 				$this->subscriptionMapper->delete($subscription);
-				return ['status' => 'Unsubscribed from poll ' . $pollId];
+				return ['status' => 'Unsubscribed from poll ' . $this->acl->getPollId()];
 			} else {
 				// subscription already exists, just return the existing subscription
-				return ['status' => 'Subscribed to poll ' . $pollId];
+				return ['status' => 'Subscribed to poll ' . $this->acl->getPollId()];
 			}
 
 		} catch (DoesNotExistException $e) {
 
 			if ($subscribed) {
 				$subscription = new Subscription();
-				$subscription->setPollId($pollId);
+				$subscription->setPollId($this->acl->getPollId());
 				$subscription->setUserId($this->acl->getUserId());
 
 				$this->subscriptionMapper->insert($subscription);
-				return ['status' => 'Subscribed to poll ' . $pollId];
+				return ['status' => 'Subscribed to poll ' . $this->acl->getPollId()];
 			} else {
 				// subscription is not found, just approve the unsubscription
-				return ['status' => 'Unsubscribed from poll ' . $pollId];
+				return ['status' => 'Unsubscribed from poll ' . $this->acl->getPollId()];
 			}
 
 		} catch (MultipleObjectsReturnedException $e) {
 			// Duplicates should not exist but if found, fix it
 			// unsubscribe from all and resubscribe, if requested
 			\OC::$server->getLogger()->debug('Multiple subscription (dulpicates) found');
-			$this->subscriptionMapper->unsubscribe($pollId, $this->acl->getUserId());
+			$this->subscriptionMapper->unsubscribe($this->acl->getPollId(), $this->acl->getUserId());
 			\OC::$server->getLogger()->debug('Unsubscribed all for user ' . $this->acl->getUserId() . 'in poll' . $pollId);
 			if ($subscribed) {
 				$subscription = new Subscription();
-				$subscription->setPollId($pollId);
+				$subscription->setPollId($this->acl->getPollId());
 				$subscription->setUserId($this->acl->getUserId());
 				$this->subscriptionMapper->insert($subscription);
 				\OC::$server->getLogger()->debug('Added new subscription');
 				return $subscription;
 			} else {
-				return ['status' => 'Unsubscribed from poll ' . $pollId];
+				return ['status' => 'Unsubscribed from poll ' . $this->acl->getPollId()];
 			}
 
 		}
diff --git a/lib/Service/VoteService.php b/lib/Service/VoteService.php
index 32076289..cbedb1ad 100644
--- a/lib/Service/VoteService.php
+++ b/lib/Service/VoteService.php
@@ -88,7 +88,7 @@ class VoteService {
 	 * @throws NotAuthorizedException
 	 */
 	public function list($pollId = 0, $token = '') {
-		if (!$this->acl->setPollIdOrToken($pollId, $token)->getAllowView()) {
+		if (!$this->acl->set($pollId, $token)->getAllowView()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -115,7 +115,7 @@ class VoteService {
 
 		$option = $this->optionMapper->find($optionId);
 
-		if (!$this->acl->setPollIdOrToken($option->getPollId(), $token)->getAllowVote()) {
+		if (!$this->acl->set($option->getPollId(), $token)->getAllowVote()) {
 			throw new NotAuthorizedException;
 		}
 
@@ -156,7 +156,7 @@ class VoteService {
 	 */
 	public function delete($pollId, $userId) {
 
-		if (!$this->acl->setPollId($pollId)->getAllowEdit()) {
+		if (!$this->acl->set($pollId)->getAllowEdit()) {
 			throw new NotAuthorizedException;
 		}