archive/nextcloud_server
0
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2025-01-31 06:43:12 +00:00
Code Issues Projects Releases Wiki Activity
nextcloud_server/lib/private/Share20/ShareDisableChecker.php
Corentin Damman 0fa9f3049f feat(files_sharing): allow to specify allowed groups to share instead of excluded groups 
Relates to #3387

Signed-off-by: Corentin Damman <c.damman@intopix.com>
2024-03-15 16:52:59 +01:00

81 lines
2.3 KiB
PHP
Raw Permalink Blame History

<?php
namespace OC\Share20;
use OCP\Cache\CappedMemoryCache;
use OCP\IConfig;
use OCP\IGroupManager;
use OCP\IUserManager;
/**
* split of from the share manager to allow using it with minimal DI
*/
class ShareDisableChecker {
private CappedMemoryCache $sharingDisabledForUsersCache;
public function __construct(
private IConfig $config,
private IUserManager $userManager,
private IGroupManager $groupManager,
) {
$this->sharingDisabledForUsersCache = new CappedMemoryCache();
}
/**
* @param ?string $userId
* @return bool
*/
public function sharingDisabledForUser(?string $userId) {
if ($userId === null) {
return false;
}
if (isset($this->sharingDisabledForUsersCache[$userId])) {
return $this->sharingDisabledForUsersCache[$userId];
}
$excludeGroups = $this->config->getAppValue('core', 'shareapi_exclude_groups', 'no');
if ($excludeGroups && $excludeGroups !== 'no') {
$groupsList = $this->config->getAppValue('core', 'shareapi_exclude_groups_list', '');
$excludedGroups = json_decode($groupsList);
if (is_null($excludedGroups)) {
$excludedGroups = explode(',', $groupsList);
$newValue = json_encode($excludedGroups);
$this->config->setAppValue('core', 'shareapi_exclude_groups_list', $newValue);
}
$user = $this->userManager->get($userId);
if (!$user) {
return false;
}
$usersGroups = $this->groupManager->getUserGroupIds($user);
if ($excludeGroups !== 'allow') {
if (!empty($usersGroups)) {
$remainingGroups = array_diff($usersGroups, $excludedGroups);
// if the user is only in groups which are disabled for sharing then
// sharing is also disabled for the user
if (empty($remainingGroups)) {
$this->sharingDisabledForUsersCache[$userId] = true;
return true;
}
}
} else {
if (!empty($usersGroups)) {
$remainingGroups = array_intersect($usersGroups, $excludedGroups);
// if the user is in any group which is allowed for sharing then
// sharing is also allowed for the user
if (!empty($remainingGroups)) {
$this->sharingDisabledForUsersCache[$userId] = false;
return false;
}
}
$this->sharingDisabledForUsersCache[$userId] = true;
return true;
}
}
$this->sharingDisabledForUsersCache[$userId] = false;
return false;
}
}
Reference in a new issue View git blame Copy permalink