mirror of
https://github.com/nextcloud/server.git
synced 2025-01-30 22:37:01 +00:00
320 lines
8.5 KiB
PHP
320 lines
8.5 KiB
PHP
<?php
|
|
/**
|
|
* SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors
|
|
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
|
|
* SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
namespace OCA\Files_External\Controller;
|
|
|
|
use OCA\Files_External\Lib\Auth\AuthMechanism;
|
|
use OCA\Files_External\Lib\Backend\Backend;
|
|
use OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException;
|
|
use OCA\Files_External\Lib\StorageConfig;
|
|
use OCA\Files_External\MountConfig;
|
|
use OCA\Files_External\NotFoundException;
|
|
use OCA\Files_External\Service\StoragesService;
|
|
use OCP\AppFramework\Controller;
|
|
use OCP\AppFramework\Http;
|
|
use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
|
|
use OCP\AppFramework\Http\DataResponse;
|
|
use OCP\Files\StorageNotAvailableException;
|
|
use OCP\IConfig;
|
|
use OCP\IGroupManager;
|
|
use OCP\IL10N;
|
|
use OCP\IRequest;
|
|
use OCP\IUserSession;
|
|
use Psr\Log\LoggerInterface;
|
|
|
|
/**
|
|
* Base class for storages controllers
|
|
*/
|
|
abstract class StoragesController extends Controller {
|
|
/**
|
|
* Creates a new storages controller.
|
|
*
|
|
* @param string $AppName application name
|
|
* @param IRequest $request request object
|
|
* @param IL10N $l10n l10n service
|
|
* @param StoragesService $storagesService storage service
|
|
* @param LoggerInterface $logger
|
|
*/
|
|
public function __construct(
|
|
$AppName,
|
|
IRequest $request,
|
|
protected IL10N $l10n,
|
|
protected StoragesService $service,
|
|
protected LoggerInterface $logger,
|
|
protected IUserSession $userSession,
|
|
protected IGroupManager $groupManager,
|
|
protected IConfig $config,
|
|
) {
|
|
parent::__construct($AppName, $request);
|
|
}
|
|
|
|
/**
|
|
* Create a storage from its parameters
|
|
*
|
|
* @param string $mountPoint storage mount point
|
|
* @param string $backend backend identifier
|
|
* @param string $authMechanism authentication mechanism identifier
|
|
* @param array $backendOptions backend-specific options
|
|
* @param array|null $mountOptions mount-specific options
|
|
* @param array|null $applicableUsers users for which to mount the storage
|
|
* @param array|null $applicableGroups groups for which to mount the storage
|
|
* @param int|null $priority priority
|
|
*
|
|
* @return StorageConfig|DataResponse
|
|
*/
|
|
protected function createStorage(
|
|
$mountPoint,
|
|
$backend,
|
|
$authMechanism,
|
|
$backendOptions,
|
|
$mountOptions = null,
|
|
$applicableUsers = null,
|
|
$applicableGroups = null,
|
|
$priority = null,
|
|
) {
|
|
$canCreateNewLocalStorage = $this->config->getSystemValue('files_external_allow_create_new_local', true);
|
|
if (!$canCreateNewLocalStorage && $backend === 'local') {
|
|
return new DataResponse(
|
|
[
|
|
'message' => $this->l10n->t('Forbidden to manage local mounts')
|
|
],
|
|
Http::STATUS_FORBIDDEN
|
|
);
|
|
}
|
|
|
|
try {
|
|
return $this->service->createStorage(
|
|
$mountPoint,
|
|
$backend,
|
|
$authMechanism,
|
|
$backendOptions,
|
|
$mountOptions,
|
|
$applicableUsers,
|
|
$applicableGroups,
|
|
$priority
|
|
);
|
|
} catch (\InvalidArgumentException $e) {
|
|
$this->logger->error($e->getMessage(), ['exception' => $e]);
|
|
return new DataResponse(
|
|
[
|
|
'message' => $this->l10n->t('Invalid backend or authentication mechanism class')
|
|
],
|
|
Http::STATUS_UNPROCESSABLE_ENTITY
|
|
);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Validate storage config
|
|
*
|
|
* @param StorageConfig $storage storage config
|
|
*1
|
|
* @return DataResponse|null returns response in case of validation error
|
|
*/
|
|
protected function validate(StorageConfig $storage) {
|
|
$mountPoint = $storage->getMountPoint();
|
|
if ($mountPoint === '') {
|
|
return new DataResponse(
|
|
[
|
|
'message' => $this->l10n->t('Invalid mount point'),
|
|
],
|
|
Http::STATUS_UNPROCESSABLE_ENTITY
|
|
);
|
|
}
|
|
|
|
if ($storage->getBackendOption('objectstore')) {
|
|
// objectstore must not be sent from client side
|
|
return new DataResponse(
|
|
[
|
|
'message' => $this->l10n->t('Objectstore forbidden'),
|
|
],
|
|
Http::STATUS_UNPROCESSABLE_ENTITY
|
|
);
|
|
}
|
|
|
|
/** @var Backend */
|
|
$backend = $storage->getBackend();
|
|
/** @var AuthMechanism */
|
|
$authMechanism = $storage->getAuthMechanism();
|
|
if ($backend->checkDependencies()) {
|
|
// invalid backend
|
|
return new DataResponse(
|
|
[
|
|
'message' => $this->l10n->t('Invalid storage backend "%s"', [
|
|
$backend->getIdentifier(),
|
|
]),
|
|
],
|
|
Http::STATUS_UNPROCESSABLE_ENTITY
|
|
);
|
|
}
|
|
|
|
if (!$backend->isVisibleFor($this->service->getVisibilityType())) {
|
|
// not permitted to use backend
|
|
return new DataResponse(
|
|
[
|
|
'message' => $this->l10n->t('Not permitted to use backend "%s"', [
|
|
$backend->getIdentifier(),
|
|
]),
|
|
],
|
|
Http::STATUS_UNPROCESSABLE_ENTITY
|
|
);
|
|
}
|
|
if (!$authMechanism->isVisibleFor($this->service->getVisibilityType())) {
|
|
// not permitted to use auth mechanism
|
|
return new DataResponse(
|
|
[
|
|
'message' => $this->l10n->t('Not permitted to use authentication mechanism "%s"', [
|
|
$authMechanism->getIdentifier(),
|
|
]),
|
|
],
|
|
Http::STATUS_UNPROCESSABLE_ENTITY
|
|
);
|
|
}
|
|
|
|
if (!$backend->validateStorage($storage)) {
|
|
// unsatisfied parameters
|
|
return new DataResponse(
|
|
[
|
|
'message' => $this->l10n->t('Unsatisfied backend parameters'),
|
|
],
|
|
Http::STATUS_UNPROCESSABLE_ENTITY
|
|
);
|
|
}
|
|
if (!$authMechanism->validateStorage($storage)) {
|
|
// unsatisfied parameters
|
|
return new DataResponse(
|
|
[
|
|
'message' => $this->l10n->t('Unsatisfied authentication mechanism parameters'),
|
|
],
|
|
Http::STATUS_UNPROCESSABLE_ENTITY
|
|
);
|
|
}
|
|
|
|
return null;
|
|
}
|
|
|
|
protected function manipulateStorageConfig(StorageConfig $storage) {
|
|
/** @var AuthMechanism */
|
|
$authMechanism = $storage->getAuthMechanism();
|
|
$authMechanism->manipulateStorageConfig($storage);
|
|
/** @var Backend */
|
|
$backend = $storage->getBackend();
|
|
$backend->manipulateStorageConfig($storage);
|
|
}
|
|
|
|
/**
|
|
* Check whether the given storage is available / valid.
|
|
*
|
|
* Note that this operation can be time consuming depending
|
|
* on whether the remote storage is available or not.
|
|
*
|
|
* @param StorageConfig $storage storage configuration
|
|
* @param bool $testOnly whether to storage should only test the connection or do more things
|
|
*/
|
|
protected function updateStorageStatus(StorageConfig &$storage, $testOnly = true) {
|
|
try {
|
|
$this->manipulateStorageConfig($storage);
|
|
|
|
/** @var Backend */
|
|
$backend = $storage->getBackend();
|
|
// update status (can be time-consuming)
|
|
$storage->setStatus(
|
|
MountConfig::getBackendStatus(
|
|
$backend->getStorageClass(),
|
|
$storage->getBackendOptions(),
|
|
false,
|
|
$testOnly
|
|
)
|
|
);
|
|
} catch (InsufficientDataForMeaningfulAnswerException $e) {
|
|
$status = $e->getCode() ?: StorageNotAvailableException::STATUS_INDETERMINATE;
|
|
$storage->setStatus(
|
|
(int)$status,
|
|
$this->l10n->t('Insufficient data: %s', [$e->getMessage()])
|
|
);
|
|
} catch (StorageNotAvailableException $e) {
|
|
$storage->setStatus(
|
|
(int)$e->getCode(),
|
|
$this->l10n->t('%s', [$e->getMessage()])
|
|
);
|
|
} catch (\Exception $e) {
|
|
// FIXME: convert storage exceptions to StorageNotAvailableException
|
|
$storage->setStatus(
|
|
StorageNotAvailableException::STATUS_ERROR,
|
|
get_class($e) . ': ' . $e->getMessage()
|
|
);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get all storage entries
|
|
*
|
|
* @return DataResponse
|
|
*/
|
|
public function index() {
|
|
$storages = array_map(static fn ($storage) => $storage->jsonSerialize(true), $this->service->getStorages());
|
|
|
|
return new DataResponse(
|
|
$storages,
|
|
Http::STATUS_OK
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Get an external storage entry.
|
|
*
|
|
* @param int $id storage id
|
|
* @param bool $testOnly whether to storage should only test the connection or do more things
|
|
*
|
|
* @return DataResponse
|
|
*/
|
|
public function show(int $id, $testOnly = true) {
|
|
try {
|
|
$storage = $this->service->getStorage($id);
|
|
|
|
$this->updateStorageStatus($storage, $testOnly);
|
|
} catch (NotFoundException $e) {
|
|
return new DataResponse(
|
|
[
|
|
'message' => $this->l10n->t('Storage with ID "%d" not found', [$id]),
|
|
],
|
|
Http::STATUS_NOT_FOUND
|
|
);
|
|
}
|
|
|
|
$data = $storage->jsonSerialize(true);
|
|
$isAdmin = $this->groupManager->isAdmin($this->userSession->getUser()->getUID());
|
|
$data['can_edit'] = $storage->getType() === StorageConfig::MOUNT_TYPE_PERSONAL || $isAdmin;
|
|
|
|
return new DataResponse(
|
|
$data,
|
|
Http::STATUS_OK
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Deletes the storage with the given id.
|
|
*
|
|
* @param int $id storage id
|
|
*
|
|
* @return DataResponse
|
|
*/
|
|
#[PasswordConfirmationRequired(strict: true)]
|
|
public function destroy(int $id) {
|
|
try {
|
|
$this->service->removeStorage($id);
|
|
} catch (NotFoundException $e) {
|
|
return new DataResponse(
|
|
[
|
|
'message' => $this->l10n->t('Storage with ID "%d" not found', [$id]),
|
|
],
|
|
Http::STATUS_NOT_FOUND
|
|
);
|
|
}
|
|
|
|
return new DataResponse([], Http::STATUS_NO_CONTENT);
|
|
}
|
|
}
|