-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #31672 from owncloud/sharing_blacklist_groups
Allow admin to blacklist groups for the files_sharing app
- Loading branch information
Showing
13 changed files
with
621 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
/* | ||
* Copyright (c) 2018 | ||
* | ||
* This file is licensed under the Affero General Public License version 3 | ||
* or later. | ||
* | ||
* See the COPYING-README file. | ||
* | ||
*/ | ||
|
||
$(document).ready(function() { | ||
var $blacklistedGroups = $('#files_sharing input[name="blacklisted_receiver_groups"]'); | ||
OC.Settings.setupGroupsSelect($blacklistedGroups); | ||
$blacklistedGroups.change(function(ev) { | ||
var groups = ev.val || []; | ||
groups = JSON.stringify(groups); | ||
OC.AppConfig.setValue('files_sharing', $(this).attr('name'), groups); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
<?php | ||
/** | ||
* @author Juan Pablo Villafáñez <jvillafanez@solidgear.es> | ||
* | ||
* @copyright Copyright (c) 2018, ownCloud GmbH | ||
* @license AGPL-3.0 | ||
* | ||
* This code is free software: you can redistribute it and/or modify | ||
* it under the terms of the GNU Affero General Public License, version 3, | ||
* as published by the Free Software Foundation. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU Affero General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU Affero General Public License, version 3, | ||
* along with this program. If not, see <http://www.gnu.org/licenses/> | ||
* | ||
*/ | ||
namespace OCA\Files_Sharing\Panels\Admin; | ||
use OCP\Settings\ISettings; | ||
use OCP\Template; | ||
use OCA\Files_Sharing\SharingBlacklist; | ||
|
||
class SettingsPanel implements ISettings { | ||
/** @var SharingBlacklist */ | ||
private $sharingBlacklist; | ||
|
||
public function __construct(SharingBlacklist $sharingBlacklist) { | ||
$this->sharingBlacklist = $sharingBlacklist; | ||
} | ||
|
||
public function getPanel() { | ||
$tmpl = new Template('files_sharing', 'settings'); | ||
$tmpl->assign('blacklistedReceivers', \implode('|', $this->sharingBlacklist->getBlacklistedReceiverGroups())); | ||
return $tmpl; | ||
} | ||
|
||
public function getPriority() { | ||
return 0; | ||
} | ||
|
||
public function getSectionID() { | ||
return 'sharing'; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,107 @@ | ||
<?php | ||
/** | ||
* @author Juan Pablo Villafáñez <jvillafanez@solidgear.es> | ||
* | ||
* @copyright Copyright (c) 2018, ownCloud GmbH | ||
* @license AGPL-3.0 | ||
* | ||
* This code is free software: you can redistribute it and/or modify | ||
* it under the terms of the GNU Affero General Public License, version 3, | ||
* as published by the Free Software Foundation. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU Affero General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU Affero General Public License, version 3, | ||
* along with this program. If not, see <http://www.gnu.org/licenses/> | ||
* | ||
*/ | ||
|
||
namespace OCA\Files_Sharing; | ||
|
||
use OCP\IConfig; | ||
use OCP\IGroup; | ||
|
||
/** | ||
* Class to handle a blacklist for sharing. The main functionality is to check if a particular group | ||
* has been blacklisted for sharing, which means that noone should share with that group. | ||
* | ||
* Note that this class will only handle the configuration and perform the checks against the configuration | ||
* This class won't prevent the sharing action by itself. | ||
*/ | ||
class SharingBlacklist { | ||
/** @var IConfig */ | ||
private $config; | ||
|
||
private $blacklistCache = null; | ||
|
||
public function __construct(IConfig $config) { | ||
$this->config = $config; | ||
} | ||
|
||
/** | ||
* Check if the target group is blacklisted | ||
* @param IGroup $group the group to check | ||
* @return bool true if the group is blacklisted, false otherwise | ||
*/ | ||
public function isGroupBlacklisted(IGroup $group) { | ||
$this->initCache(); | ||
|
||
$groupId = $group->getGID(); | ||
|
||
if (isset($this->blacklistCache['receivers']['ids'][$groupId])) { | ||
return true; | ||
} | ||
return false; | ||
} | ||
|
||
/** | ||
* Clear the internal cache of this class. Use this function if any of the keys used by this class is changed | ||
* outside of this class, such as a direct change of the 'blacklisted_group_displaynames' in the appconfig table | ||
* Note that this is an object-based cache. It won't persist for multiple HTTP requests | ||
*/ | ||
public function clearCache() { | ||
$this->blacklistCache = null; | ||
} | ||
|
||
/** | ||
* Set the list of groups to be blacklisted by id. | ||
* @param string[] $ids a list with the ids of the groups to be blacklisted | ||
*/ | ||
public function setBlacklistedReceiverGroups(array $ids) { | ||
$this->config->setAppValue('files_sharing', 'blacklisted_receiver_groups', \json_encode($ids)); | ||
$this->blacklistCache = null; // clear the cache | ||
} | ||
|
||
/** | ||
* Get the list of blacklisted group ids | ||
* Note that this might contain wrong information | ||
* @return string[] the list of group ids | ||
*/ | ||
public function getBlacklistedReceiverGroups() { | ||
return \json_decode($this->config->getAppValue('files_sharing', 'blacklisted_receiver_groups', '[]'), true); | ||
} | ||
|
||
private function initCache() { | ||
if ($this->blacklistCache === null) { | ||
$this->blacklistCache = [ | ||
'receivers' => [ | ||
'ids' => $this->fetchBlacklistedReceiverGroupIds(), | ||
], | ||
]; | ||
} | ||
} | ||
|
||
private function fetchBlacklistedReceiverGroupIds() { | ||
$configuredBlacklist = $this->config->getAppValue('files_sharing', 'blacklisted_receiver_groups', '[]'); | ||
$decodedGroups = \json_decode($configuredBlacklist, true); | ||
// expected a plain array here | ||
$groupSet = []; | ||
foreach ($decodedGroups as $group) { | ||
$groupSet[$group] = true; | ||
} | ||
return $groupSet; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
<?php | ||
/** | ||
* @author Juan Pablo Villafáñez <jvillafanez@solidgear.es> | ||
* | ||
* @copyright Copyright (c) 2018, ownCloud GmbH | ||
* @license AGPL-3.0 | ||
* | ||
* This code is free software: you can redistribute it and/or modify | ||
* it under the terms of the GNU Affero General Public License, version 3, | ||
* as published by the Free Software Foundation. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU Affero General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU Affero General Public License, version 3, | ||
* along with this program. If not, see <http://www.gnu.org/licenses/> | ||
* | ||
*/ | ||
script('files_sharing', 'settings'); | ||
?> | ||
|
||
<div class="section" id="files_sharing"> | ||
<h2 class="app-name"><?php p($l->t('Files Sharing')); ?></h2> | ||
<div class="indent"> | ||
<p><?php p($l->t('Exclude groups from receiving shares.')); ?></p> | ||
<input name="blacklisted_receiver_groups" class="noautosave" value="<?php p($_['blacklistedReceivers']) ?>" style="width: 400px"/> | ||
<br /> | ||
<em><?php p($l->t('These groups will not receive shares. Members of the group can still send and receive shares outside of the group.')); ?></em> | ||
</div> | ||
</div> |
Oops, something went wrong.