sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

allow admin to enforce password on mail shares 

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
pull/4303/head
Bjoern Schiessle 2017-04-10 18:36:23 +07:00
parent 140580f9d8
commit d8dcd72118
No known key found for this signature in database
GPG Key ID: 2378A753E2BF04F6
15 changed files with 318 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
apps/sharebymail/css/settings-admin.css
Unescape Escape View File

@ -0,0 +1,3 @@
#ncShareByMailSettings p {
padding-top: 10px;
}

10
apps/sharebymail/js/settings-admin.js
Unescape Escape View File

@ -24,7 +24,15 @@ $(function() {
if ($(this).is(':checked')) { if ($(this).is(':checked')) {
status = 'yes'; status = 'yes';
} }
OC.AppConfig.setValue('sharebymail', 'sendpasswordmail', status); OCP.AppConfig.setValue('sharebymail', 'sendpasswordmail', status);
});
$('#enforcePasswordProtection').on('change', function() {
var status = 'no';
if ($(this).is(':checked')) {
status = 'yes';
}
OCP.AppConfig.setValue('sharebymail', 'enforcePasswordProtection', status);
}); });
}); });

4
apps/sharebymail/lib/AppInfo/Application.php
Unescape Escape View File

@ -32,7 +32,8 @@ class Application extends App {
public function __construct(array $urlParams = array()) { public function __construct(array $urlParams = array()) {
parent::__construct('sharebymail', $urlParams); parent::__construct('sharebymail', $urlParams);
$settings = new Settings(); $settingsManager = \OC::$server->query(Settings\SettingsManager::class);
$settings = new Settings($settingsManager);
/** register capabilities */ /** register capabilities */
$container = $this->getContainer(); $container = $this->getContainer();
@ -40,6 +41,7 @@ class Application extends App {
/** register hooks */ /** register hooks */
Util::connectHook('\OCP\Config', 'js', $settings, 'announceShareProvider'); Util::connectHook('\OCP\Config', 'js', $settings, 'announceShareProvider');
Util::connectHook('\OCP\Config', 'js', $settings, 'announceShareByMailSettings');
} }
} }

15
apps/sharebymail/lib/Settings.php
Unescape Escape View File

@ -23,8 +23,17 @@
namespace OCA\ShareByMail; namespace OCA\ShareByMail;
use OCA\ShareByMail\Settings\SettingsManager;
class Settings { class Settings {
/** @var SettingsManager */
private $settingsManager;
public function __construct(SettingsManager $settingsManager) {
$this->settingsManager = $settingsManager;
}
/** /**
* announce that the share-by-mail share provider is enabled * announce that the share-by-mail share provider is enabled
* *
@ -35,4 +44,10 @@ class Settings {
$array['shareByMailEnabled'] = true; $array['shareByMailEnabled'] = true;
$settings['array']['oc_appconfig'] = json_encode($array); $settings['array']['oc_appconfig'] = json_encode($array);
} }
public function announceShareByMailSettings(array $settings) {
$array = json_decode($settings['array']['oc_appconfig'], true);
$array['shareByMail']['enforcePasswordProtection'] = $this->settingsManager->enforcePasswordProtection();
$settings['array']['oc_appconfig'] = json_encode($array);
}
} }

3
apps/sharebymail/lib/Settings/Admin.php
Unescape Escape View File

@ -40,7 +40,8 @@ class Admin implements ISettings {
public function getForm() { public function getForm() {
$parameters = [ $parameters = [
'sendPasswordMail' => $this->settingsManager->sendPasswordByMail() 'sendPasswordMail' => $this->settingsManager->sendPasswordByMail(),
'enforcePasswordProtection' => $this->settingsManager->enforcePasswordProtection()
]; ];
return new TemplateResponse('sharebymail', 'settings-admin', $parameters, ''); return new TemplateResponse('sharebymail', 'settings-admin', $parameters, '');

16
apps/sharebymail/lib/Settings/SettingsManager.php
Unescape Escape View File

@ -30,7 +30,9 @@ class SettingsManager {
/** @var IConfig */ /** @var IConfig */
private $config; private $config;
private $defaultSetting = 'yes'; private $sendPasswordByMailDefault = 'yes';
private $enforcePasswordProtectionDefault = 'no';
public function __construct(IConfig $config) { public function __construct(IConfig $config) {
$this->config = $config; $this->config = $config;
@ -42,8 +44,18 @@ class SettingsManager {
* @return bool * @return bool
*/ */
public function sendPasswordByMail() { public function sendPasswordByMail() {
$sendPasswordByMail = $this->config->getAppValue('sharebymail', 'sendpasswordmail', $this->defaultSetting); $sendPasswordByMail = $this->config->getAppValue('sharebymail', 'sendpasswordmail', $this->sendPasswordByMailDefault);
return $sendPasswordByMail === 'yes'; return $sendPasswordByMail === 'yes';
} }
/**
* do we require a share by mail to be password protected
*
* @return bool
*/
public function enforcePasswordProtection() {
$enforcePassword = $this->config->getAppValue('sharebymail', 'enforcePasswordProtection', $this->enforcePasswordProtectionDefault);
return $enforcePassword === 'yes';
}
} }

134
apps/sharebymail/lib/ShareByMailProvider.php
Unescape Escape View File

@ -37,6 +37,7 @@ use OCP\IURLGenerator;
use OCP\IUser; use OCP\IUser;
use OCP\IUserManager; use OCP\IUserManager;
use OCP\Mail\IMailer; use OCP\Mail\IMailer;
use OCP\Security\IHasher;
use OCP\Security\ISecureRandom; use OCP\Security\ISecureRandom;
use OC\Share20\Share; use OC\Share20\Share;
use OCP\Share\Exceptions\ShareNotFound; use OCP\Share\Exceptions\ShareNotFound;
@ -84,6 +85,9 @@ class ShareByMailProvider implements IShareProvider {
/** @var Defaults */ /** @var Defaults */
private $defaults; private $defaults;
/** @var IHasher */
private $hasher;
/** /**
* Return the identifier of this provider. * Return the identifier of this provider.
* *
@ -107,6 +111,7 @@ class ShareByMailProvider implements IShareProvider {
* @param IManager $activityManager * @param IManager $activityManager
* @param SettingsManager $settingsManager * @param SettingsManager $settingsManager
* @param Defaults $defaults * @param Defaults $defaults
* @param IHasher $hasher
*/ */
public function __construct( public function __construct(
IDBConnection $connection, IDBConnection $connection,
@ -119,7 +124,8 @@ class ShareByMailProvider implements IShareProvider {
IURLGenerator $urlGenerator, IURLGenerator $urlGenerator,
IManager $activityManager, IManager $activityManager,
SettingsManager $settingsManager, SettingsManager $settingsManager,
Defaults $defaults Defaults $defaults,
IHasher $hasher
) { ) {
$this->dbConnection = $connection; $this->dbConnection = $connection;
$this->secureRandom = $secureRandom; $this->secureRandom = $secureRandom;
@ -132,6 +138,7 @@ class ShareByMailProvider implements IShareProvider {
$this->activityManager = $activityManager; $this->activityManager = $activityManager;
$this->settingsManager = $settingsManager; $this->settingsManager = $settingsManager;
$this->defaults = $defaults; $this->defaults = $defaults;
$this->hasher = $hasher;
} }
/** /**
@ -156,13 +163,50 @@ class ShareByMailProvider implements IShareProvider {
throw new \Exception($message_t); throw new \Exception($message_t);
} }
// if the admin enforces a password for all mail shares we create a
// random password and send it to the recipient
$password = '';
$passwordEnforced = $this->settingsManager->enforcePasswordProtection();
if ($passwordEnforced) {
$password = $this->autoGeneratePassword($share);
}
$shareId = $this->createMailShare($share); $shareId = $this->createMailShare($share);
$send = $this->sendPassword($share->getNode()->getName(), $share->getSharedBy(), $share->getSharedWith(), $password);
if ($passwordEnforced && $send === false) {
$this->sendPasswordToOwner($share->getNode()->getName(), $share->getSharedBy(), $shareWith, $password);
}
$this->createActivity($share); $this->createActivity($share);
$data = $this->getRawShare($shareId); $data = $this->getRawShare($shareId);
return $this->createShareObject($data); return $this->createShareObject($data);
} }
/**
* auto generate password in case of password enforcement on mail shares
*
* @param IShare $share
* @return string
* @throws \Exception
*/
protected function autoGeneratePassword($share) {
$initiatorUser = $this->userManager->get($share->getSharedBy());
$initiatorEMailAddress = ($initiatorUser instanceof IUser) ? $initiatorUser->getEMailAddress() : null;
$allowPasswordByMail = $this->settingsManager->sendPasswordByMail();
if ($initiatorEMailAddress === null && !$allowPasswordByMail) {
throw new \Exception(
$this->l->t("We can't send you the auto-generated password. Please set a valid email address in your personal settings and try again.")
);
}
$password = $this->generateToken(8);
$share->setPassword($this->hasher->hash($password));
return $password;
}
/** /**
* create activity if a file/folder was shared by mail * create activity if a file/folder was shared by mail
* *
@ -230,7 +274,8 @@ class ShareByMailProvider implements IShareProvider {
$share->getSharedBy(), $share->getSharedBy(),
$share->getShareOwner(), $share->getShareOwner(),
$share->getPermissions(), $share->getPermissions(),
$share->getToken() $share->getToken(),
$share->getPassword()
); );
try { try {
@ -275,6 +320,7 @@ class ShareByMailProvider implements IShareProvider {
$initiatorUser = $this->userManager->get($initiator); $initiatorUser = $this->userManager->get($initiator);
$ownerDisplayName = ($ownerUser instanceof IUser) ? $ownerUser->getDisplayName() : $owner; $ownerDisplayName = ($ownerUser instanceof IUser) ? $ownerUser->getDisplayName() : $owner;
$initiatorDisplayName = ($initiatorUser instanceof IUser) ? $initiatorUser->getDisplayName() : $initiator; $initiatorDisplayName = ($initiatorUser instanceof IUser) ? $initiatorUser->getDisplayName() : $initiator;
$initiatorEmailAddress = ($initiatorUser instanceof IUser) ? $initiatorUser->getEMailAddress() : null;
if ($owner === $initiator) { if ($owner === $initiator) {
$subject = (string)$this->l->t('%s shared »%s« with you', array($ownerDisplayName, $filename)); $subject = (string)$this->l->t('%s shared »%s« with you', array($ownerDisplayName, $filename));
} else { } else {
@ -287,23 +333,25 @@ class ShareByMailProvider implements IShareProvider {
$emailTemplate->addHeader(); $emailTemplate->addHeader();
$emailTemplate->addHeading($this->l->t('%s shared »%s« with you', [$ownerDisplayName, $filename]), false); $emailTemplate->addHeading($this->l->t('%s shared »%s« with you', [$ownerDisplayName, $filename]), false);
if ($owner === $initiator) { if ($owner === $initiator) {
$text = $this->l->t('%s shared »%s« with you.', [$ownerDisplayName, $filename]); $text = $this->l->t('%s shared »%s« with you.', [$ownerDisplayName, $filename]);
} else { } else {
$text= $this->l->t('%s shared »%s« with you on behalf of %s.', [$ownerDisplayName, $filename, $initiator]); $text= $this->l->t('%s shared »%s« with you on behalf of %s.', [$ownerDisplayName, $filename, $initiator]);
} }
$emailTemplate->addBodyText( $emailTemplate->addBodyText(
$text . ' ' . $this->l->t('Click the button below to open it.'), $text . ' ' . $this->l->t('Click the button below to open it.'),
$text $text
); );
$emailTemplate->addBodyButton( $emailTemplate->addBodyButton(
$this->l->t('Open »%s«', [$filename]), $this->l->t('Open »%s«', [$filename]),
$link $link
); );
$emailTemplate->addFooter();
if ($initiatorEmailAddress !== null) {
$message->setFrom([$initiatorEmailAddress => $initiatorDisplayName]);
}
$message->setTo([$shareWith]); $message->setTo([$shareWith]);
// The "From" contains the sharers name // The "From" contains the sharers name
@ -339,49 +387,98 @@ class ShareByMailProvider implements IShareProvider {
* @param string $filename * @param string $filename
* @param string $initiator * @param string $initiator
* @param string $shareWith * @param string $shareWith
* @param string $password
* @return bool
*/ */
protected function sendPassword($filename, $initiator, $shareWith, $password) { protected function sendPassword($filename, $initiator, $shareWith, $password) {
if ($this->settingsManager->sendPasswordByMail() === false) { if ($password === '' || $this->settingsManager->sendPasswordByMail() === false) {
return; return false;
} }
$initiatorUser = $this->userManager->get($initiator); $initiatorUser = $this->userManager->get($initiator);
$initiatorDisplayName = ($initiatorUser instanceof IUser) ? $initiatorUser->getDisplayName() : $initiator; $initiatorDisplayName = ($initiatorUser instanceof IUser) ? $initiatorUser->getDisplayName() : $initiator;
$initiatorEmailAddress = ($initiatorUser instanceof IUser) ? $initiatorUser->getEMailAddress() : null;
$subject = (string)$this->l->t('Password to access »%s« shared to you by %s', [$filename, $initiatorDisplayName]); $subject = (string)$this->l->t('Password to access »%s« shared to you by %s', [$filename, $initiatorDisplayName]);
$plainBodyPart = $this->l->t("%s shared »%s« with you.\nYou should have already received a separate mail with a link to access it.\n", [$initiatorDisplayName, $filename]);
$htmlBodyPart = $this->l->t('%s shared »%s« with you. You should have already received a separate mail with a link to access it.', [$initiatorDisplayName, $filename]);
$message = $this->mailer->createMessage(); $message = $this->mailer->createMessage();
$emailTemplate = $this->mailer->createEMailTemplate(); $emailTemplate = $this->mailer->createEMailTemplate();
$emailTemplate->addHeader(); $emailTemplate->addHeader();
$emailTemplate->addHeading($this->l->t('Password to access »%s«', [$filename])); $emailTemplate->addHeading($this->l->t('Password to access »%s«', [$filename]), false);
$emailTemplate->addBodyText($htmlBodyPart, $plainBodyPart);
$emailTemplate->addBodyText($this->l->t(
'%s shared »%s« with you. You should have already received a separate mail with a link to access it.',
[$initiatorDisplayName, $filename]
));
$emailTemplate->addBodyText($this->l->t('It is protected with the following password: %s', [$password])); $emailTemplate->addBodyText($this->l->t('It is protected with the following password: %s', [$password]));
$emailTemplate->addFooter(); $emailTemplate->addFooter();
if ($initiatorEmailAddress !== null) {
$message->setFrom([$initiatorEmailAddress => $initiatorDisplayName]);
}
$message->setTo([$shareWith]); $message->setTo([$shareWith]);
$message->setSubject($subject); $message->setSubject($subject);
$message->setBody($emailTemplate->renderText(), 'text/plain'); $message->setBody($emailTemplate->renderText(), 'text/plain');
$message->setHtmlBody($emailTemplate->renderHtml()); $message->setHtmlBody($emailTemplate->renderHtml());
$this->mailer->send($message); $this->mailer->send($message);
return true;
} }
/**
* send auto generated password to the owner. This happens if the admin enforces
* a password for mail shares and forbid to send the password by mail to the recipient
*
* @param string $filename
* @param string $initiator
* @param string $shareWith
* @param string $password
* @throws \Exception
*/
protected function sendPasswordToOwner($filename, $initiator, $shareWith, $password) {
$initiatorUser = $this->userManager->get($initiator);
$initiatorEMailAddress = ($initiatorUser instanceof IUser) ? $initiatorUser->getEMailAddress() : null;
$initiatorDisplayName = ($initiatorUser instanceof IUser) ? $initiatorUser->getDisplayName() : $initiator;
if ($initiatorEMailAddress === null) {
throw new \Exception(
$this->l->t("We can't send you the auto-generated password. Please set a valid email address in your personal settings and try again.")
);
}
$subject = (string)$this->l->t('Password to access »%s« shared with %s', [$filename, $shareWith]);
$plainBodyPart = $this->l->t("You just shared »%s« with %s.\nThe share was already send to the recipient. Due to the security policies\neach share needs to be protected by password and it is not allowed to send the\npassword directly by mail to the recipient. Therefore you need to forward\nthe password manually to the recipient.", [$filename, $shareWith]);
$htmlBodyPart = $this->l->t('You just shared »%s« with %s. The share was already send to the recipient. Due to the security policies each share needs to be protected by password and it is not allowed to send the password directly by mail to the recipient. Therefore you need to forward the password manually to the recipient.', [$filename, $shareWith]);
$message = $this->mailer->createMessage();
$emailTemplate = $this->mailer->createEMailTemplate();
$emailTemplate->addHeader();
$emailTemplate->addHeading($this->l->t('Password to access »%s«', [$filename]), false);
$emailTemplate->addBodyText($htmlBodyPart, $plainBodyPart);
$emailTemplate->addBodyText($this->l->t('This is the password: %s', [$password]));
$emailTemplate->addBodyText($this->l->t('You can chose a different password at any time in the share dialog.'));
$emailTemplate->addFooter();
if ($initiatorEMailAddress) {
$message->setFrom([$initiatorEMailAddress => $initiatorDisplayName]);
}
$message->setTo([$initiatorEMailAddress => $initiatorDisplayName]);
$message->setSubject($subject);
$message->setBody($emailTemplate->renderText(), 'text/plain');
$message->setHtmlBody($emailTemplate->renderHTML());
$this->mailer->send($message);
}
/** /**
* generate share token * generate share token
* *
* @return string * @return string
*/ */
protected function generateToken() { protected function generateToken($size = 15) {
$token = $this->secureRandom->generate( $token = $this->secureRandom->generate(
15, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS); $size, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS);
return $token; return $token;
} }
@ -422,7 +519,7 @@ class ShareByMailProvider implements IShareProvider {
* @param string $token * @param string $token
* @return int * @return int
*/ */
protected function addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $uidOwner, $permissions, $token) { protected function addShareToDB($itemSource, $itemType, $shareWith, $sharedBy, $uidOwner, $permissions, $token, $password) {
$qb = $this->dbConnection->getQueryBuilder(); $qb = $this->dbConnection->getQueryBuilder();
$qb->insert('share') $qb->insert('share')
->setValue('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_EMAIL)) ->setValue('share_type', $qb->createNamedParameter(\OCP\Share::SHARE_TYPE_EMAIL))
@ -434,6 +531,7 @@ class ShareByMailProvider implements IShareProvider {
->setValue('uid_initiator', $qb->createNamedParameter($sharedBy)) ->setValue('uid_initiator', $qb->createNamedParameter($sharedBy))
->setValue('permissions', $qb->createNamedParameter($permissions)) ->setValue('permissions', $qb->createNamedParameter($permissions))
->setValue('token', $qb->createNamedParameter($token)) ->setValue('token', $qb->createNamedParameter($token))
->setValue('password', $qb->createNamedParameter($password))
->setValue('stime', $qb->createNamedParameter(time())); ->setValue('stime', $qb->createNamedParameter(time()));
/* /*

32
apps/sharebymail/templates/altmailpasswordowner.php
Unescape Escape View File

@ -0,0 +1,32 @@
<?php
/**
* @copyright Copyright (c) 2016 Bjoern Schiessle <bjoern@schiessle.org>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
/** @var OC_Theme $theme */
/** @var array $_ */
print_unescaped($l->t("Hey there,\n\nyou just shared »%s« with %s.\nThe share was already send to the recipient. Due to the security policies\neach share needs to be protected by email and it is not allowed to send the\npassword directly by mail to the recipient. Therefore you need to forward\nthe password manually to the recipient.\n\nThis is the password: %s\n\nYou can chose a different password at any time in the share dialog.\n\n", [$_['filename'], $_['recipient'], $_['password']]));
// TRANSLATORS term at the end of a mail
p($l->t("Cheers!"));
print_unescaped("\n");
?>
--
<?php p($theme->getName() . ' - ' . $theme->getSlogan()); ?>
<?php print_unescaped("\n".$theme->getBaseUrl());

59
apps/sharebymail/templates/mailpasswordowner.php
Unescape Escape View File

@ -0,0 +1,59 @@
<?php
/**
* @copyright Copyright (c) 2016 Bjoern Schiessle <bjoern@schiessle.org>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
/** @var OCA\Theming\ThemingDefaults $theme */
/** @var array $_ */
?>
<table cellspacing="0" cellpadding="0" border="0" width="100%">
<tr><td>
<table cellspacing="0" cellpadding="0" border="0" width="600px">
<tr>
<td colspan="2" bgcolor="<?php p($theme->getColorPrimary());?>">
<img src="<?php p(\OC::$server->getURLGenerator()->getAbsoluteURL(image_path('', 'logo-mail.png'))); ?>" alt="<?php p($theme->getName()); ?>"/>
</td>
</tr>
<tr><td colspan="2">&nbsp;</td></tr>
<tr>
<td width="20px">&nbsp;</td>
<td style="font-weight:normal; font-size:0.8em; line-height:1.2em; font-family:verdana,'arial',sans;">
<?php
print_unescaped($l->t('Hey there,<br><br>you just shared »%s« with %s.<br>The share was already send to the recipient. Due to the security policies each share needs to be protected by email and it is not allowed to send the password directly by mail to the recipient. Therefore you need to forward the password manually to the recipient.<br><br>This is the password: %s<br><br>You can chose a different password at any time in the share dialog.<br><br>', [$_['filename'], $_['recipient'], $_['password']]));
// TRANSLATORS term at the end of a mail
p($l->t('Cheers!'));
?>
</td>
</tr>
<tr><td colspan="2">&nbsp;</td></tr>
<tr>
<td width="20px">&nbsp;</td>
<td style="font-weight:normal; font-size:0.8em; line-height:1.2em; font-family:verdana,'arial',sans;">--<br>
<?php p($theme->getName()); ?> -
<?php p($theme->getSlogan()); ?>
<br><a href="<?php p($theme->getBaseUrl()); ?>"><?php p($theme->getBaseUrl());?></a>
</td>
</tr>
<tr>
<td colspan="2">&nbsp;</td>
</tr>
</table>
</td></tr>
</table>

5
apps/sharebymail/templates/settings-admin.php
Unescape Escape View File

@ -4,6 +4,7 @@ use OCA\Federation\TrustedServers;
/** @var \OCP\IL10N $l */ /** @var \OCP\IL10N $l */
script('sharebymail', 'settings-admin'); script('sharebymail', 'settings-admin');
style('sharebymail', 'settings-admin');
?> ?>
<div id="ncShareByMailSettings" class="section"> <div id="ncShareByMailSettings" class="section">
<h2><?php p($l->t('Share by mail')); ?></h2> <h2><?php p($l->t('Share by mail')); ?></h2>
@ -11,7 +12,9 @@ script('sharebymail', 'settings-admin');
<p> <p>
<input id="sendPasswordMail" type="checkbox" class="checkbox" <?php if($_['sendPasswordMail']) p('checked'); ?> /> <input id="sendPasswordMail" type="checkbox" class="checkbox" <?php if($_['sendPasswordMail']) p('checked'); ?> />
<label for="sendPasswordMail"><?php p($l->t('Send password by mail')); ?></label> <label for="sendPasswordMail"><?php p($l->t('Send password by mail')); ?></label><br/>
<input id="enforcePasswordProtection" type="checkbox" class="checkbox" <?php if($_['enforcePasswordProtection']) p('checked'); ?> />
<label for="enforcePasswordProtection"><?php p($l->t('Enforce password protection')); ?></label>
</p> </p>
</div> </div>

34
apps/sharebymail/tests/SettingsTest.php
Unescape Escape View File

@ -24,6 +24,7 @@ namespace OCA\ShareByMail\Tests;
use OCA\ShareByMail\Settings; use OCA\ShareByMail\Settings;
use OCA\ShareByMail\Settings\SettingsManager;
use Test\TestCase; use Test\TestCase;
class SettingsTest extends TestCase { class SettingsTest extends TestCase {
@ -31,10 +32,15 @@ class SettingsTest extends TestCase {
/** @var Settings */ /** @var Settings */
private $instance; private $instance;
/** @var SettingsManager | \PHPUnit_Framework_MockObject_MockObject */
private $settingsManager;
public function setUp() { public function setUp() {
parent::setUp(); parent::setUp();
$this->instance = new Settings(); $this->settingsManager = $this->getMockBuilder(SettingsManager::class)
->disableOriginalConstructor()->getMock();
$this->instance = new Settings($this->settingsManager);
} }
public function testAnnounceShareProvider() { public function testAnnounceShareProvider() {
@ -61,4 +67,30 @@ class SettingsTest extends TestCase {
$this->assertSame($after, $before); $this->assertSame($after, $before);
} }
public function testAnnounceShareByMailSettings() {
$this->settingsManager->expects($this->once())->method('enforcePasswordProtection')->willReturn(true);
$before = [
'oc_appconfig' =>
json_encode([
'key1' => 'value1',
'key2' => 'value2'
]),
'oc_foo' => 'oc_bar'
];
$after = [
'oc_appconfig' =>
json_encode([
'key1' => 'value1',
'key2' => 'value2',
'shareByMail' => ['enforcePasswordProtection' => true]
]),
'oc_foo' => 'oc_bar'
];
$this->instance->announceShareByMailSettings(['array' => &$before]);
$this->assertSame($after, $before);
}
} }

28
apps/sharebymail/tests/ShareByMailProviderTest.php
Unescape Escape View File

@ -27,6 +27,7 @@ use OC\Mail\Message;
use OCA\ShareByMail\Settings\SettingsManager; use OCA\ShareByMail\Settings\SettingsManager;
use OCA\ShareByMail\ShareByMailProvider; use OCA\ShareByMail\ShareByMailProvider;
use OCP\Defaults; use OCP\Defaults;
use OCP\Files\File;
use OCP\Files\IRootFolder; use OCP\Files\IRootFolder;
use OCP\IDBConnection; use OCP\IDBConnection;
use OCP\IL10N; use OCP\IL10N;
@ -36,6 +37,7 @@ use OCP\IUser;
use OCP\IUserManager; use OCP\IUserManager;
use OCP\Mail\IEMailTemplate; use OCP\Mail\IEMailTemplate;
use OCP\Mail\IMailer; use OCP\Mail\IMailer;
use OCP\Security\IHasher;
use OCP\Security\ISecureRandom; use OCP\Security\ISecureRandom;
use OCP\Share\IManager; use OCP\Share\IManager;
use OCP\Share\IShare; use OCP\Share\IShare;
@ -88,6 +90,9 @@ class ShareByMailProviderTest extends TestCase {
/** @var Defaults|\PHPUnit_Framework_MockObject_MockObject */ /** @var Defaults|\PHPUnit_Framework_MockObject_MockObject */
private $defaults; private $defaults;
/** @var IHasher | \PHPUnit_Framework_MockObject_MockObject */
private $hasher;
public function setUp() { public function setUp() {
parent::setUp(); parent::setUp();
@ -109,6 +114,7 @@ class ShareByMailProviderTest extends TestCase {
$this->activityManager = $this->getMockBuilder('OCP\Activity\IManager')->getMock(); $this->activityManager = $this->getMockBuilder('OCP\Activity\IManager')->getMock();
$this->settingsManager = $this->getMockBuilder(SettingsManager::class)->disableOriginalConstructor()->getMock(); $this->settingsManager = $this->getMockBuilder(SettingsManager::class)->disableOriginalConstructor()->getMock();
$this->defaults = $this->createMock(Defaults::class); $this->defaults = $this->createMock(Defaults::class);
$this->hasher = $this->getMockBuilder(IHasher::class)->getMock();
$this->userManager->expects($this->any())->method('userExists')->willReturn(true); $this->userManager->expects($this->any())->method('userExists')->willReturn(true);
} }
@ -134,7 +140,8 @@ class ShareByMailProviderTest extends TestCase {
$this->urlGenerator, $this->urlGenerator,
$this->activityManager, $this->activityManager,
$this->settingsManager, $this->settingsManager,
$this->defaults $this->defaults,
$this->hasher
] ]
); );
@ -154,7 +161,8 @@ class ShareByMailProviderTest extends TestCase {
$this->urlGenerator, $this->urlGenerator,
$this->activityManager, $this->activityManager,
$this->settingsManager, $this->settingsManager,
$this->defaults $this->defaults,
$this->hasher
); );
} }
@ -167,15 +175,22 @@ class ShareByMailProviderTest extends TestCase {
public function testCreate() { public function testCreate() {
$share = $this->getMockBuilder('\OCP\Share\IShare')->getMock(); $share = $this->getMockBuilder('\OCP\Share\IShare')->getMock();
$share->expects($this->once())->method('getSharedWith')->willReturn('user1'); $share->expects($this->any())->method('getSharedWith')->willReturn('user1');
$node = $this->getMockBuilder(File::class)->getMock();
$node->expects($this->any())->method('getName')->willReturn('filename');
$instance = $this->getInstance(['getSharedWith', 'createMailShare', 'getRawShare', 'createShareObject', 'createActivity']); $instance = $this->getInstance(['getSharedWith', 'createMailShare', 'getRawShare', 'createShareObject', 'createActivity', 'sendPassword']);
$instance->expects($this->once())->method('getSharedWith')->willReturn([]); $instance->expects($this->once())->method('getSharedWith')->willReturn([]);
$instance->expects($this->once())->method('createMailShare')->with($share)->willReturn(42); $instance->expects($this->once())->method('createMailShare')->with($share)->willReturn(42);
$instance->expects($this->once())->method('createActivity')->with($share); $instance->expects($this->once())->method('createActivity')->with($share);
$instance->expects($this->once())->method('getRawShare')->with(42)->willReturn('rawShare'); $instance->expects($this->once())->method('getRawShare')->with(42)->willReturn('rawShare');
$instance->expects($this->once())->method('createShareObject')->with('rawShare')->willReturn('shareObject'); $instance->expects($this->once())->method('createShareObject')->with('rawShare')->willReturn('shareObject');
$instance->expects($this->any())->method('sendPassword')->willReturn(true);
$share->expects($this->any())->method('getNode')->willReturn($node);
$this->settingsManager->expects($this->any())->method('enforcePasswordProtection')->willReturn(false);
$this->settingsManager->expects($this->any())->method('sendPasswordByMail')->willReturn(true);
$this->assertSame('shareObject', $this->assertSame('shareObject',
$instance->create($share) $instance->create($share)
@ -273,6 +288,7 @@ class ShareByMailProviderTest extends TestCase {
$uidOwner = 'user2'; $uidOwner = 'user2';
$permissions = 1; $permissions = 1;
$token = 'token'; $token = 'token';
$password = 'password';
$instance = $this->getInstance(); $instance = $this->getInstance();
@ -286,7 +302,8 @@ class ShareByMailProviderTest extends TestCase {
$sharedBy, $sharedBy,
$uidOwner, $uidOwner,
$permissions, $permissions,
$token $token,
$password
] ]
); );
@ -305,6 +322,7 @@ class ShareByMailProviderTest extends TestCase {
$this->assertSame($uidOwner, $result[0]['uid_owner']); $this->assertSame($uidOwner, $result[0]['uid_owner']);
$this->assertSame($permissions, (int)$result[0]['permissions']); $this->assertSame($permissions, (int)$result[0]['permissions']);
$this->assertSame($token, $result[0]['token']); $this->assertSame($token, $result[0]['token']);
$this->assertSame($password, $result[0]['password']);
} }

1
core/js/shareconfigmodel.js
Unescape Escape View File

@ -29,6 +29,7 @@
isMailShareAllowed: oc_appconfig.shareByMailEnabled !== undefined, isMailShareAllowed: oc_appconfig.shareByMailEnabled !== undefined,
defaultExpireDate: oc_appconfig.core.defaultExpireDate, defaultExpireDate: oc_appconfig.core.defaultExpireDate,
isResharingAllowed: oc_appconfig.core.resharingAllowed, isResharingAllowed: oc_appconfig.core.resharingAllowed,
isPasswordForMailSharesRequired: (oc_appconfig.shareByMail === undefined) ? false : oc_appconfig.shareByMail.enforcePasswordProtection,
allowGroupSharing: oc_appconfig.core.allowGroupSharing allowGroupSharing: oc_appconfig.core.allowGroupSharing
}, },

3
core/js/sharedialogshareelistview.js
Unescape Escape View File

@ -100,7 +100,7 @@
'{{/if}}' + '{{/if}}' +
'<li>' + '<li>' +
'<span class="shareOption menuitem">' + '<span class="shareOption menuitem">' +
'<input id="password-{{cid}}-{{shareId}}" type="checkbox" name="password" class="password checkbox" {{#if isPasswordSet}}checked="checked"{{/if}}" />' + '<input id="password-{{cid}}-{{shareId}}" type="checkbox" name="password" class="password checkbox" {{#if isPasswordSet}}checked="checked"{{/if}}{{#if isPasswordForMailSharesRequired}}disabled=""{{/if}}" />' +
'<label for="password-{{cid}}-{{shareId}}">{{passwordLabel}}</label>' + '<label for="password-{{cid}}-{{shareId}}">{{passwordLabel}}</label>' +
'<div class="passwordContainer-{{cid}}-{{shareId}} {{#unless isPasswordSet}}hidden{{/unless}}">' + '<div class="passwordContainer-{{cid}}-{{shareId}} {{#unless isPasswordSet}}hidden{{/unless}}">' +
' <label for="passwordField-{{cid}}-{{shareId}}" class="hidden-visually" value="{{password}}">{{passwordLabel}}</label>' + ' <label for="passwordField-{{cid}}-{{shareId}}" class="hidden-visually" value="{{password}}">{{passwordLabel}}</label>' +
@ -268,6 +268,7 @@
crudsLabel: t('core', 'Access control'), crudsLabel: t('core', 'Access control'),
triangleSImage: OC.imagePath('core', 'actions/triangle-s'), triangleSImage: OC.imagePath('core', 'actions/triangle-s'),
isResharingAllowed: this.configModel.get('isResharingAllowed'), isResharingAllowed: this.configModel.get('isResharingAllowed'),
isPasswordForMailSharesRequired: this.configModel.get('isPasswordForMailSharesRequired'),
sharePermissionPossible: this.model.sharePermissionPossible(), sharePermissionPossible: this.model.sharePermissionPossible(),
editPermissionPossible: this.model.editPermissionPossible(), editPermissionPossible: this.model.editPermissionPossible(),
createPermissionPossible: this.model.createPermissionPossible(), createPermissionPossible: this.model.createPermissionPossible(),

3
lib/private/Share20/ProviderFactory.php
Unescape Escape View File

@ -160,7 +160,8 @@ class ProviderFactory implements IProviderFactory {
$this->serverContainer->getURLGenerator(), $this->serverContainer->getURLGenerator(),
$this->serverContainer->getActivityManager(), $this->serverContainer->getActivityManager(),
$settingsManager, $settingsManager,
$this->serverContainer->query(Defaults::class) $this->serverContainer->query(Defaults::class),
$this->serverContainer->getHasher()
); );
} }