nextcloud#505 auto accept shares from trusted servers

1) automatically accept a share “immediately” (whenever federation app loads) if this share comes from a trusted server and the “auto accept share” flag is set 2) use HTML template for trusted server entries for server rendering and dynamically added new items
colpari · Jan 17, 2023 · fbb6cf9 · fbb6cf9
1 parent 0794bf3
commit fbb6cf9
Show file tree

Hide file tree

Showing 5 changed files with 103 additions and 27 deletions.
diff --git a/apps/federation/js/settings-admin.js b/apps/federation/js/settings-admin.js
@@ -107,12 +107,15 @@
             }
         ).done(function (data) {
             $("#serverUrl").attr('value', '');
+			let template = $('#trusted-server-list-item').html();
+			let itemHtml = template.replaceAll('{status}', 'indeterminate')
+				.replaceAll('{url}', data.url)
+				.replaceAll('{id}', data.id)
+				.replaceAll('{checked}', '');
             $("#listOfTrustedServers").prepend(
                 $('<li>')
                     .attr('id', data.id)
-                    .html('<span class="status indeterminate"></span>' +
-                        data.url +
-                        '<span class="icon icon-delete"></span>')
+                    .html(itemHtml)
             );
             OC.msg.finishedSuccess('#ocFederationAddServer .msg', data.message);
         })

diff --git a/apps/federation/lib/AppInfo/Application.php b/apps/federation/lib/AppInfo/Application.php
@@ -27,10 +27,13 @@
 use OCA\DAV\Events\SabrePluginAuthInitEvent;
 use OCA\Federation\Listener\SabrePluginAuthInitListener;
 use OCA\Federation\Middleware\AddServerMiddleware;
+use OCA\Federation\TrustedServers;
+use OCA\Files_Sharing\External\Manager;
 use OCP\AppFramework\App;
 use OCP\AppFramework\Bootstrap\IBootContext;
 use OCP\AppFramework\Bootstrap\IBootstrap;
 use OCP\AppFramework\Bootstrap\IRegistrationContext;
+use OCP\DB\Exception;
 
 class Application extends App implements IBootstrap {
 
@@ -48,5 +51,26 @@ public function register(IRegistrationContext $context): void {
 	}
 
 	public function boot(IBootContext $context): void {
+		$context->injectFn([$this, 'autoAcceptShares']);
+	}
+
+	/**
+	 * Accept all shares from trusted servers, where the “auto accept” flag is set to true/1.
+	 *
+	 * @param Manager $filesSharingManager the file sharing manager provides open shares and allows to accept them
+	 * @param TrustedServers $trustedServers used to check if “auto accept” was enabled
+	 * @return void
+	 * @throws Exception
+	 */
+	public function autoAcceptShares(Manager $filesSharingManager, TrustedServers $trustedServers): void {
+		$openShares = $filesSharingManager->getOpenShares();
+		foreach ($openShares as $openShare) {
+			if (isset($openShare['remote']) and isset($openShare['id'])) {
+				$remoteAddress = $openShare['remote'];
+				if ($trustedServers->isAutoAcceptEnabled($remoteAddress)) {
+					$filesSharingManager->acceptShare($openShare['id']);
+				};
+			}
+		}
 	}
 }
diff --git a/apps/federation/lib/DbHandler.php b/apps/federation/lib/DbHandler.php
@@ -309,4 +309,27 @@ public function auth(string $username, string $password): bool {
 		$statement->closeCursor();
 		return !empty($result);
 	}
+
+	/**
+	 * Checks if the “auto accept” flag is enabled for the given trusted server URL.
+	 * @param string $url trusted server URL
+	 * @return bool true if “auto accept” is enabled otherwise false
+	 * @throws DBException
+	 */
+	public function isAutoAcceptEnabled(string $url): bool {
+		$hash = $this->hash($url);
+		$query = $this->connection->getQueryBuilder();
+		$query->select('auto_accept')
+			->from($this->dbTable)
+			->where($query->expr()->eq('url_hash', $query->createParameter('url_hash')))
+			->setParameter('url_hash', $hash);
+
+		$statement = $query->executeQuery();
+		$result = $statement->fetch();
+		$statement->closeCursor();
+		if (is_null($result) or !isset($result['auto_accept'])) {
+			return false;
+		}
+		return boolval($result['auto_accept']);
+	}
 }
diff --git a/apps/federation/lib/TrustedServers.php b/apps/federation/lib/TrustedServers.php
@@ -229,4 +229,14 @@ protected function updateProtocol(string $url): string {
 
 		return 'https://' . $url;
 	}
+
+	/**
+	 * Checks if the “auto accept” flag is enabled for the given trusted server URL.
+	 * @param string $url trusted server URL
+	 * @return bool true if “auto accept” is enabled otherwise false
+	 * @throws DBException
+	 */
+	public function isAutoAcceptEnabled(string $url): bool {
+		return $this->dbHandler->isAutoAcceptEnabled($url);
+	}
 }
diff --git a/apps/federation/templates/settings-admin.php b/apps/federation/templates/settings-admin.php
@@ -1,11 +1,35 @@
 <?php
 /** @var array $_ */
 use OCA\Federation\TrustedServers;
+use OCP\Util;
 
 /** @var \OCP\IL10N $l */
 script('federation', 'settings-admin');
 style('federation', 'settings-admin')
 ?>
+
+<!-- TEMPLATE -->
+<div style="display: none;">
+	<div id="trusted-server-list-item">
+		<?php $trustedServerListItemTemplate = <<<"EOD"
+		<span class="status {status}"></span>
+		<span class="trusted-server-name">
+			{url}
+		</span>
+		<input name="accept-check-{id}"
+			   id="trusted-server-accept-check-{id}"
+			   class="checkbox auto-accept"
+			   type="checkbox" value="1" {checked}>
+		<label for="trusted-server-accept-check-{id}">
+			{autoAcceptLabel}
+		</label>
+		<span class="icon icon-delete"></span>
+		EOD;
+		echo str_replace('{autoAcceptLabel}', Util::sanitizeHTML($l->t('auto-accept shares')), $trustedServerListItemTemplate); ?>
+	</div>
+</div>
+<!-- TEMPLATE END -->
+
 <div id="ocFederationSettings" class="section">
 	<h2><?php p($l->t('Trusted servers')); ?></h2>
 	<p class="settings-hint"><?php p($l->t('Federation allows you to connect with other trusted servers to exchange the user directory. For example this will be used to auto-complete external users for federated sharing. It is not necessary to add a server as trusted server in order to create a federated share.')); ?></p>
@@ -14,36 +38,28 @@
 	<ul id="listOfTrustedServers">
 		<?php foreach ($_['trustedServers'] as $trustedServer) { ?>
 			<li id="<?php p($trustedServer['id']); ?>">
-				<?php if ((int)$trustedServer['status'] === TrustedServers::STATUS_OK) { ?>
-					<span class="status success"></span>
 				<?php
+				$status = 'error';
+				if ((int)$trustedServer['status'] === TrustedServers::STATUS_OK) {
+					$status = 'success';
 				} elseif (
 					(int)$trustedServer['status'] === TrustedServers::STATUS_PENDING ||
 					(int)$trustedServer['status'] === TrustedServers::STATUS_ACCESS_REVOKED
-				) { ?>
-					<span class="status indeterminate"></span>
-				<?php } else {?>
-					<span class="status error"></span>
-				<?php } ?>
-				<span class="trusted-server-name">
-					<?php p($trustedServer['url']); ?>
-				</span>
-				<?php
-				$selected = ($trustedServer['auto_accept'] === 1) ? "checked" :
+				) {
+					$status = 'indeterminate';
+				}
+				$checked = ($trustedServer['auto_accept'] === 1) ? "checked" :
 					"";
+				echo str_replace(['{status}', '{url}', '{id}', '{checked}', '{autoAcceptLabel}'],
+					[
+						$status,
+						Util::sanitizeHTML($trustedServer['url']),
+						$trustedServer['id'],
+						$checked,
+						Util::sanitizeHTML($l->t('auto-accept shares')),
+					],
+					$trustedServerListItemTemplate);
 				?>
-				<input name="accept-check-<?php
-				echo $trustedServer['id']; ?>"
-					   id="trusted-server-accept-check-<?php
-					   echo $trustedServer['id']; ?>"
-					   class="checkbox auto-accept"
-					   type="checkbox" value="1" <?php
-				       echo $selected ?>>
-				<label for="trusted-server-accept-check-<?php echo
-					$trustedServer['id']; ?>">
-					<?php p('auto-accept shares'); ?>
-				</label>
-				<span class="icon icon-delete"></span>
 			</li>
 		<?php } ?>
 	</ul>