<?php
/**
 * @author Björn Schießle <schiessle@owncloud.com>
 * @author Morris Jobke <hey@morrisjobke.de>
 * @author Robin Appelman <icewind@owncloud.com>
 * @author Roeland Jago Douma <roeland@famdouma.nl>
 * @author Thomas Müller <thomas.mueller@tmit.eu>
 * @author Vincent Petry <pvince81@owncloud.com>
 *
 * @copyright Copyright (c) 2015, ownCloud, Inc.
 * @license AGPL-3.0
 *
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */

namespace OCA\Files_Sharing\API;

use OC\HintException;

class Local {

	/**
	 * get all shares
	 *
	 * @param array $params option 'file' to limit the result to a specific file/folder
	 * @return \OC_OCS_Result share information
	 */
	public static function getAllShares($params) {
		if (isset($_GET['shared_with_me']) && $_GET['shared_with_me'] !== 'false') {
				return self::getFilesSharedWithMe();
			}
		// if a file is specified, get the share for this file
		if (isset($_GET['path'])) {
			if ( isset($_GET['reshares']) && $_GET['reshares'] !== 'false' ) {
				$reshares = true;
			} else {
				$reshares = false;
			}

			if (isset($_GET['subfiles']) && $_GET['subfiles'] !== 'false') {
				return self::getSharesFromFolder($_GET['path']);
			}
			return self::collectShares(self::getFileId($_GET['path']),
			                           self::getItemType($_GET['path']),
			                           false,
			                           $_GET['path'],
			                           $reshares);
		}

		$shares = \OCP\Share::getItemShared('file', null);

		if ($shares === false) {
			return new \OC_OCS_Result(null, 404, 'could not get shares');
		} else {
			foreach ($shares as &$share) {
				if ($share['item_type'] === 'file' && isset($share['path'])) {
					$share['mimetype'] = \OC_Helper::getFileNameMimeType($share['path']);
					if (\OC::$server->getPreviewManager()->isMimeSupported($share['mimetype'])) {
						$share['isPreviewAvailable'] = true;
					}
				}

				if (!is_null($share['token'])) {
					$share['url'] = \OC::$server->getURLGenerator()->linkToRouteAbsolute('files_sharing.sharecontroller.showShare', ['token' => $share['token']]);
				}
			}
			return new \OC_OCS_Result($shares);
		}

	}

	/**
	 * get share information for a given share
	 *
	 * @param array $params which contains a 'id'
	 * @return \OC_OCS_Result share information
	 */
	public static function getShare($params) {

		$s = self::getShareFromId($params['id']);

		return self::collectShares($s['file_source'], $s['item_type'], true, null, false, (int)$params['id']);
	}

	/**
	 * collect all share information, either of a specific share or all
	 *        shares for a given path
	 *
	 * @param string $itemSource
	 * @param string $itemType
	 * @param bool $getSpecificShare
	 * @param string $path
	 * @param bool $reshares
	 * @param int $id
	 *
	 * @return \OC_OCS_Result
	 */
	private static function collectShares($itemSource, $itemType, $getSpecificShare = false, $path = null, $reshares = false, $id = null) {
		if ($itemSource !== null) {
			$shares = \OCP\Share::getItemShared($itemType, $itemSource);
			$receivedFrom = \OCP\Share::getItemSharedWithBySource($itemType, $itemSource);
			// if a specific share was specified only return this one
			if ($getSpecificShare === true) {
				foreach ($shares as $share) {
					if ($share['id'] === $id) {
						$shares = array('element' => $share);
						break;
					}
				}
			} else {
				foreach ($shares as $key => $share) {
					$shares[$key]['path'] = $path;
				}
			}


			// include also reshares in the lists. This means that the result
			// will contain every user with access to the file.
			if ($reshares === true) {
				$shares = self::addReshares($shares, $itemSource);
			}

			if ($receivedFrom) {
				foreach ($shares as $key => $share) {
					$shares[$key]['received_from'] = $receivedFrom['uid_owner'];
					$shares[$key]['received_from_displayname'] = \OCP\User::getDisplayName($receivedFrom['uid_owner']);
				}
			}
		} else {
			$shares = null;
		}

		if ($shares === null || empty($shares)) {
			return new \OC_OCS_Result(null, 404, 'share doesn\'t exist');
		} else {
			foreach ($shares as &$share) {
				if (!is_null($share['token'])) {
					$share['url'] = \OC::$server->getURLGenerator()->linkToRouteAbsolute('files_sharing.sharecontroller.showShare', ['token' => $share['token']]);
				}
			}

			return new \OC_OCS_Result($shares);
		}
	}

	/**
	 * add reshares to a array of shares
	 * @param array $shares array of shares
	 * @param int $itemSource item source ID
	 * @return array new shares array which includes reshares
	 */
	private static function addReshares($shares, $itemSource) {

		// if there are no shares than there are also no reshares
		$firstShare = reset($shares);
		if ($firstShare) {
			$path = $firstShare['path'];
		} else {
			return $shares;
		}

		$select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `file_source`, `path` , `*PREFIX*share`.`permissions`, `stime`, `expiration`, `token`, `storage`, `mail_send`, `mail_send`';
		$getReshares = \OCP\DB::prepare('SELECT ' . $select . ' FROM `*PREFIX*share` INNER JOIN `*PREFIX*filecache` ON `file_source` = `*PREFIX*filecache`.`fileid` WHERE `*PREFIX*share`.`file_source` = ? AND `*PREFIX*share`.`item_type` IN (\'file\', \'folder\') AND `uid_owner` != ?');
		$reshares = $getReshares->execute(array($itemSource, \OCP\User::getUser()))->fetchAll();

		foreach ($reshares as $key => $reshare) {
			if (isset($reshare['share_with']) && $reshare['share_with'] !== '') {
				$reshares[$key]['share_with_displayname'] = \OCP\User::getDisplayName($reshare['share_with']);
			}
			// add correct path to the result
			$reshares[$key]['path'] = $path;
		}

		return array_merge($shares, $reshares);
	}

	/**
	 * get share from all files in a given folder (non-recursive)
	 * @param string $path
	 * @return \OC_OCS_Result
	 */
	private static function getSharesFromFolder($path) {
		$view = new \OC\Files\View('/'.\OCP\User::getUser().'/files');

		if(!$view->is_dir($path)) {
			return new \OC_OCS_Result(null, 400, "not a directory");
		}

		$content = $view->getDirectoryContent($path);

		$result = array();
		foreach ($content as $file) {
			// workaround because folders are named 'dir' in this context
			$itemType = $file['type'] === 'file' ? 'file' : 'folder';
			$share = \OCP\Share::getItemShared($itemType, $file['fileid']);
			if($share) {
				$receivedFrom =  \OCP\Share::getItemSharedWithBySource($itemType, $file['fileid']);
				reset($share);
				$key = key($share);
				if ($receivedFrom) {
					$share[$key]['received_from'] = $receivedFrom['uid_owner'];
					$share[$key]['received_from_displayname'] = \OCP\User::getDisplayName($receivedFrom['uid_owner']);
				}
				$result = array_merge($result, $share);
			}
		}

		return new \OC_OCS_Result($result);
	}

	/**
	 * get files shared with the user
	 * @return \OC_OCS_Result
	 */
	private static function getFilesSharedWithMe() {
		try	{
			$shares = \OCP\Share::getItemsSharedWith('file');
			foreach ($shares as &$share) {
				if ($share['item_type'] === 'file') {
					$share['mimetype'] = \OC_Helper::getFileNameMimeType($share['file_target']);
					if (\OC::$server->getPreviewManager()->isMimeSupported($share['mimetype'])) {
						$share['isPreviewAvailable'] = true;
					}
				}
			}
			$result = new \OC_OCS_Result($shares);
		} catch (\Exception $e) {
			$result = new \OC_OCS_Result(null, 403, $e->getMessage());
		}

		return $result;

	}

	/**
	 * create a new share
	 * @param array $params
	 * @return \OC_OCS_Result
	 */
	public static function createShare($params) {

		$path = isset($_POST['path']) ? $_POST['path'] : null;

		if($path === null) {
			return new \OC_OCS_Result(null, 400, "please specify a file or folder path");
		}
		$itemSource = self::getFileId($path);
		$itemSourceName = $itemSource;
		$itemType = self::getItemType($path);
		$expirationDate = null;

		if($itemSource === null) {
			return new \OC_OCS_Result(null, 404, "wrong path, file/folder doesn't exist.");
		}

		$shareWith = isset($_POST['shareWith']) ? $_POST['shareWith'] : null;
		$shareType = isset($_POST['shareType']) ? (int)$_POST['shareType'] : null;

		switch($shareType) {
			case \OCP\Share::SHARE_TYPE_REMOTE:
				$shareWith = rtrim($shareWith, '/');
				$itemSourceName = basename($path);
			case \OCP\Share::SHARE_TYPE_USER:
			case \OCP\Share::SHARE_TYPE_GROUP:
				$permissions = isset($_POST['permissions']) ? (int)$_POST['permissions'] : 31;
				break;
			case \OCP\Share::SHARE_TYPE_LINK:
				//allow password protection
				$shareWith = isset($_POST['password']) ? $_POST['password'] : null;
				//check public link share
				$publicUploadEnabled = \OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes');
				if(isset($_POST['publicUpload']) && $publicUploadEnabled !== 'yes') {
					return new \OC_OCS_Result(null, 403, "public upload disabled by the administrator");
				}
				$publicUpload = isset($_POST['publicUpload']) ? $_POST['publicUpload'] : 'false';
				// read, create, update (7) if public upload is enabled or
				// read (1) if public upload is disabled
				$permissions = $publicUpload === 'true' ? 7 : 1;

				// Get the expiration date
				try {
					$expirationDate = isset($_POST['expireDate']) ? self::parseDate($_POST['expireDate']) : null;
				} catch (\Exception $e) {
					return new \OC_OCS_Result(null, 404, 'Invalid Date. Format must be YYYY-MM-DD.');
				}

				break;
			default:
				return new \OC_OCS_Result(null, 400, "unknown share type");
		}

		if (($permissions & \OCP\Constants::PERMISSION_READ) === 0) {
			return new \OC_OCS_Result(null, 400, 'invalid permissions');
		}

		try	{
			$token = \OCP\Share::shareItem(
					$itemType,
					$itemSource,
					$shareType,
					$shareWith,
					$permissions,
					$itemSourceName,
					$expirationDate
			);
		} catch (HintException $e) {
			if ($e->getCode() === 0) {
				return new \OC_OCS_Result(null, 400, $e->getHint());
			} else {
				return new \OC_OCS_Result(null, $e->getCode(), $e->getHint());
			}
		} catch (\Exception $e) {
			return new \OC_OCS_Result(null, 403, $e->getMessage());
		}

		if ($token) {
			$data = array();
			$data['id'] = 'unknown';
			$shares = \OCP\Share::getItemShared($itemType, $itemSource);
			if(is_string($token)) { //public link share
				foreach ($shares as $share) {
					if ($share['token'] === $token) {
						$data['id'] = $share['id'];
						break;
					}
				}
				$data['url'] = \OC::$server->getURLGenerator()->linkToRouteAbsolute('files_sharing.sharecontroller.showShare', ['token' => $token]);
				$data['token'] = $token;

			} else {
				foreach ($shares as $share) {
					if ($share['share_with'] === $shareWith && $share['share_type'] === $shareType) {
						$data['id'] = $share['id'];
						break;
					}
				}
			}

			$data['permissions'] = $share['permissions'];
			$data['expiration'] = $share['expiration'];

			return new \OC_OCS_Result($data);
		} else {
			return new \OC_OCS_Result(null, 404, "couldn't share file");
		}
	}

	/**
	 * update shares, e.g. password, permissions, etc
	 * @param array $params shareId 'id' and the parameter we want to update
	 *                      currently supported: permissions, password, publicUpload
	 * @return \OC_OCS_Result
	 */
	public static function updateShare($params) {

		$share = self::getShareFromId($params['id']);

		if(!isset($share['file_source'])) {
			return new \OC_OCS_Result(null, 404, "wrong share Id, share doesn't exist.");
		}

		try {
			if(isset($params['_put']['permissions'])) {
				return self::updatePermissions($share, $params);
			} elseif (isset($params['_put']['password'])) {
				return self::updatePassword($params['id'], (int)$share['share_type'], $params['_put']['password']);
			} elseif (isset($params['_put']['publicUpload'])) {
				return self::updatePublicUpload($share, $params);
			} elseif (isset($params['_put']['expireDate'])) {
				return self::updateExpireDate($share, $params);
			}
		} catch (\Exception $e) {

			return new \OC_OCS_Result(null, 400, $e->getMessage());
		}

		return new \OC_OCS_Result(null, 400, "Wrong or no update parameter given");
	}

	/**
	 * update permissions for a share
	 * @param array $share information about the share
	 * @param array $params contains 'permissions'
	 * @return \OC_OCS_Result
	 */
	private static function updatePermissions($share, $params) {

		$itemSource = $share['item_source'];
		$itemType = $share['item_type'];
		$shareWith = $share['share_with'];
		$shareType = $share['share_type'];
		$permissions = isset($params['_put']['permissions']) ? (int)$params['_put']['permissions'] : null;

		$publicUploadStatus = \OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes');
		$publicUploadEnabled = ($publicUploadStatus === 'yes') ? true : false;


		// only change permissions for public shares if public upload is enabled
		// and we want to set permissions to 1 (read only) or 7 (allow upload)
		if ( (int)$shareType === \OCP\Share::SHARE_TYPE_LINK ) {
			if ($publicUploadEnabled === false || ($permissions !== 7 && $permissions !== 1)) {
				return new \OC_OCS_Result(null, 400, "can't change permission for public link share");
			}
		}

		if (($permissions & \OCP\Constants::PERMISSION_READ) === 0) {
			return new \OC_OCS_Result(null, 400, 'invalid permissions');
		}

		try {
			$return = \OCP\Share::setPermissions(
					$itemType,
					$itemSource,
					$shareType,
					$shareWith,
					$permissions
					);
		} catch (\Exception $e) {
			return new \OC_OCS_Result(null, 404, $e->getMessage());
		}

		if ($return) {
			return new \OC_OCS_Result();
		} else {
			return new \OC_OCS_Result(null, 404, "couldn't set permissions");
		}
	}

	/**
	 * enable/disable public upload
	 * @param array $share information about the share
	 * @param array $params contains 'publicUpload' which can be 'yes' or 'no'
	 * @return \OC_OCS_Result
	 */
	private static function updatePublicUpload($share, $params) {

		$publicUploadEnabled = \OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes');
		if($publicUploadEnabled !== 'yes') {
			return new \OC_OCS_Result(null, 403, "public upload disabled by the administrator");
		}

		if ($share['item_type'] !== 'folder' ||
				(int)$share['share_type'] !== \OCP\Share::SHARE_TYPE_LINK ) {
			return new \OC_OCS_Result(null, 400, "public upload is only possible for public shared folders");
		}

		// read, create, update (7) if public upload is enabled or
		// read (1) if public upload is disabled
		$params['_put']['permissions'] = $params['_put']['publicUpload'] === 'true' ? 7 : 1;

		return self::updatePermissions($share, $params);

	}

	/**
	 * set expire date for public link share
	 * @param array $share information about the share
	 * @param array $params contains 'expireDate' which needs to be a well formated date string, e.g DD-MM-YYYY
	 * @return \OC_OCS_Result
	 */
	private static function updateExpireDate($share, $params) {
		// only public links can have a expire date
		if ((int)$share['share_type'] !== \OCP\Share::SHARE_TYPE_LINK ) {
			return new \OC_OCS_Result(null, 400, "expire date only exists for public link shares");
		}

		try {
			$expireDateSet = \OCP\Share::setExpirationDate($share['item_type'], $share['item_source'], $params['_put']['expireDate'], (int)$share['stime']);
			$result = ($expireDateSet) ? new \OC_OCS_Result() : new \OC_OCS_Result(null, 404, "couldn't set expire date");
		} catch (\Exception $e) {
			$result = new \OC_OCS_Result(null, 404, $e->getMessage());
		}

		return $result;

	}

	/**
	 * update password for public link share
	 * @param int $shareId
	 * @param int $shareType 
	 * @param string $password
	 * @return \OC_OCS_Result
	 */
	private static function updatePassword($shareId, $shareType, $password) {
		if($shareType !== \OCP\Share::SHARE_TYPE_LINK) {
			return  new \OC_OCS_Result(null, 400, "password protection is only supported for public shares");
		}

		if($password === '') {
			$password = null;
		}

		try {
			$result = \OCP\Share::setPassword($shareId, $password);
		} catch (\Exception $e) {
			return new \OC_OCS_Result(null, 403, $e->getMessage());
		}

		if($result) {
			return new \OC_OCS_Result();
		}

		return new \OC_OCS_Result(null, 404, "couldn't set password");
	}

	/**
	 * unshare a file/folder
	 * @param array $params contains the shareID 'id' which should be unshared
	 * @return \OC_OCS_Result
	 */
	public static function deleteShare($params) {

		$share = self::getShareFromId($params['id']);
		$fileSource = isset($share['file_source']) ? $share['file_source'] : null;
		$itemType = isset($share['item_type']) ? $share['item_type'] : null;;

		if($fileSource === null) {
			return new \OC_OCS_Result(null, 404, "wrong share ID, share doesn't exist.");
		}

		$shareWith = isset($share['share_with']) ? $share['share_with'] : null;
		$shareType = isset($share['share_type']) ? (int)$share['share_type'] : null;

		if( $shareType === \OCP\Share::SHARE_TYPE_LINK) {
			$shareWith = null;
		}

		try {
			$return = \OCP\Share::unshare(
					$itemType,
					$fileSource,
					$shareType,
					$shareWith);
		} catch (\Exception $e) {
			return new \OC_OCS_Result(null, 404, $e->getMessage());
		}

		if ($return) {
			return new \OC_OCS_Result();
		} else {
			$msg = "Unshare Failed";
			return new \OC_OCS_Result(null, 404, $msg);
		}
	}

	/**
	 * Make sure that the passed date is valid ISO 8601
	 * So YYYY-MM-DD
	 * If not throw an exception
	 *
	 * @param string $expireDate
	 *
	 * @throws \Exception
	 * @return \DateTime
	 */
	private static function parseDate($expireDate) {
		if (preg_match('/^\d{4}-\d{2}-\d{2}$/', $expireDate) === 0) {
			throw new \Exception('Invalid date. Format must be YYYY-MM-DD');
		}

		$date = new \DateTime($expireDate);

		if ($date === false) {
			throw new \Exception('Invalid date. Format must be YYYY-MM-DD');
		}

		return $date;
	}

	/**
	 * get file ID from a given path
	 * @param string $path
	 * @return string fileID or null
	 */
	private static function getFileId($path) {

		$view = new \OC\Files\View('/'.\OCP\User::getUser().'/files');
		$fileId = null;
		$fileInfo = $view->getFileInfo($path);
		if ($fileInfo) {
			$fileId = $fileInfo['fileid'];
		}

		return $fileId;
	}

	/**
	 * get itemType
	 * @param string $path
	 * @return string type 'file', 'folder' or null of file/folder doesn't exists
	 */
	private static function getItemType($path) {
		$view = new \OC\Files\View('/'.\OCP\User::getUser().'/files');
		$itemType = null;

		if ($view->is_dir($path)) {
			$itemType = "folder";
		} elseif ($view->is_file($path)) {
			$itemType = "file";
		}

		return $itemType;
	}

	/**
	 * get some information from a given share
	 * @param int $shareID
	 * @return array with: item_source, share_type, share_with, item_type, permissions
	 */
	private static function getShareFromId($shareID) {
		$sql = 'SELECT `file_source`, `item_source`, `share_type`, `share_with`, `item_type`, `permissions`, `stime` FROM `*PREFIX*share` WHERE `id` = ?';
		$args = array($shareID);
		$query = \OCP\DB::prepare($sql);
		$result = $query->execute($args);

		if (\OCP\DB::isError($result)) {
			\OCP\Util::writeLog('files_sharing', \OCP\DB::getErrorMessage(), \OCP\Util::ERROR);
			return null;
		}
		if ($share = $result->fetchRow()) {
			return $share;
		}

		return null;

	}

}