diff --git a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php index f89b2ba5f9697..d35ae8a961e6d 100644 --- a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php +++ b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php @@ -7,6 +7,7 @@ namespace OCA\CloudFederationAPI\Controller; +use OCP\Constants; use OC\OCM\OCMSignatoryManager; use OCA\CloudFederationAPI\Config; use OCA\CloudFederationAPI\Db\FederatedInviteMapper; @@ -88,6 +89,7 @@ public function __construct( * @param array{name: list, options: array} $protocol e,.g. ['name' => 'webdav', 'options' => ['username' => 'john', 'permissions' => 31]] * @param string $shareType 'group' or 'user' share * @param string $resourceType 'file', 'calendar',... + * @param int $permissions Permissions granted to the sharee * * @return JSONResponse|JSONResponse|JSONResponse * @@ -98,7 +100,20 @@ public function __construct( #[PublicPage] #[NoCSRFRequired] #[BruteForceProtection(action: 'receiveFederatedShare')] - public function addShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $protocol, $shareType, $resourceType) { + public function addShare( + string $shareWith, + string $name, + ?string $description, + string $providerId, + string $owner, + ?string $ownerDisplayName, + ?string $sharedBy, + ?string $sharedByDisplayName, + array $protocol, + string $shareType, + string $resourceType, + ?int $permissions + ) { if (!$this->appConfig->getValueBool('core', OCMSignatoryManager::APPCONFIG_SIGN_DISABLED, lazy: true)) { try { // if request is signed and well signed, no exceptions are thrown @@ -133,6 +148,10 @@ public function addShare($shareWith, $name, $description, $providerId, $owner, $ ); } + if ($permissions === null) { + $permissions = $this->appConfig->getValueInt('core', 'shareapi_default_permissions', (string)Constants::PERMISSION_ALL); + } + $supportedShareTypes = $this->config->getSupportedShareTypes($resourceType); if (!in_array($shareType, $supportedShareTypes)) { return new JSONResponse( @@ -186,7 +205,7 @@ public function addShare($shareWith, $name, $description, $providerId, $owner, $ try { $provider = $this->cloudFederationProviderManager->getCloudFederationProvider($resourceType); - $share = $this->factory->getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, '', $shareType, $resourceType); + $share = $this->factory->getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, '', $shareType, $resourceType, $permissions); $share->setProtocol($protocol); $provider->shareReceived($share); } catch (ProviderDoesNotExistsException|ProviderCouldNotAddShareException $e) { diff --git a/apps/dav/lib/Connector/Sabre/Node.php b/apps/dav/lib/Connector/Sabre/Node.php index 5bbe1990117a8..206b5045cc92a 100644 --- a/apps/dav/lib/Connector/Sabre/Node.php +++ b/apps/dav/lib/Connector/Sabre/Node.php @@ -21,6 +21,7 @@ use OCP\Files\IRootFolder; use OCP\Files\Mount\IMovableMount; use OCP\Files\NotFoundException; +use OCP\Files\Storage\IExternalShareStorage; use OCP\Files\Storage\ISharedStorage; use OCP\Files\StorageNotAvailableException; use OCP\IUser; @@ -253,7 +254,7 @@ public function getSharePermissions(?string $user): int { $storage = null; } - if ($storage && $storage->instanceOfStorage(ISharedStorage::class)) { + if ($storage && ($storage->instanceOfStorage(ISharedStorage::class) || $storage->instanceOfStorage(IExternalShareStorage::class))) { $permissions = $storage->getShare()->getPermissions(); } else { $permissions = $this->info->getPermissions(); diff --git a/apps/federatedfilesharing/lib/FederatedShareProvider.php b/apps/federatedfilesharing/lib/FederatedShareProvider.php index 0957b1c0ef214..f26112f2cdae9 100644 --- a/apps/federatedfilesharing/lib/FederatedShareProvider.php +++ b/apps/federatedfilesharing/lib/FederatedShareProvider.php @@ -201,7 +201,8 @@ protected function createFederatedShare(IShare $share): string { $ownerCloudId->getId(), $share->getSharedBy(), $sharedByFederatedId, - $share->getShareType() + $share->getShareType(), + $share->getPermissions() ); if ($send === false) { @@ -322,7 +323,7 @@ public function update(IShare $share): IShare { protected function shouldNotifyRemote(IShare $share): bool { $ownerOrSharerIsRemoteUser = !$this->userManager->userExists($share->getShareOwner()) || !$this->userManager->userExists($share->getSharedBy()); - return $ownerOrSharerIsRemoteUser && $share->getShareOwner() !== $share->getSharedBy(); + return $ownerOrSharerIsRemoteUser && $share->getShareOwner() !== $share->getSharedBy() || !$this->userManager->userExists($share->getSharedWith()); } /** @@ -332,6 +333,13 @@ protected function shouldNotifyRemote(IShare $share): bool { * @throws HintException */ protected function sendPermissionUpdate(IShare $share): void { + if (!$this->userManager->userExists($share->getSharedWith())) { + $remoteId = $share->getId(); + [, $remote] = $this->addressHandler->splitUserRemote($share->getSharedWith()); + $this->notifications->sendPermissionChange($remote, $remoteId, $share->getToken(), $share->getPermissions()); + return; + } + $remoteId = $this->getRemoteId($share); // if the local user is the owner we send the permission change to the initiator if ($this->userManager->userExists($share->getShareOwner())) { diff --git a/apps/federatedfilesharing/lib/Notifications.php b/apps/federatedfilesharing/lib/Notifications.php index d96c171d8af43..18195ffc86a45 100644 --- a/apps/federatedfilesharing/lib/Notifications.php +++ b/apps/federatedfilesharing/lib/Notifications.php @@ -47,11 +47,12 @@ public function __construct( * @param string $sharedBy * @param string $sharedByFederatedId * @param int $shareType (can be a remote user or group share) + * @param int $permissions * @return bool * @throws HintException * @throws ServerNotAvailableException */ - public function sendRemoteShare($token, $shareWith, $name, $remoteId, $owner, $ownerFederatedId, $sharedBy, $sharedByFederatedId, $shareType) { + public function sendRemoteShare($token, $shareWith, $name, $remoteId, $owner, $ownerFederatedId, $sharedBy, $sharedByFederatedId, $shareType, $permissions) { [$user, $remote] = $this->addressHandler->splitUserRemote($shareWith); if ($user && $remote) { @@ -67,7 +68,8 @@ public function sendRemoteShare($token, $shareWith, $name, $remoteId, $owner, $o 'sharedBy' => $sharedBy, 'sharedByFederatedId' => $sharedByFederatedId, 'remote' => $local, - 'shareType' => $shareType + 'shareType' => $shareType, + 'permissions' => $permissions ]; $result = $this->tryHttpPostToShareEndpoint($remote, '', $fields); @@ -242,6 +244,7 @@ public function sendUpdateToRemote($remote, $remoteId, $token, $action, $data = } $result = $this->tryHttpPostToShareEndpoint(rtrim($remote, '/'), '/' . $remoteId . '/' . $action, $fields, $action); + $status = json_decode($result['result'], true); if ($result['success'] @@ -373,7 +376,8 @@ protected function tryOCMEndPoint($remoteDomain, $fields, $action) { $fields['sharedBy'], $fields['token'], $fields['shareType'], - 'file' + 'file', + $fields['permissions'] ); return $this->federationProviderManager->sendShare($share); case 'reshare': @@ -415,6 +419,18 @@ protected function tryOCMEndPoint($remoteDomain, $fields, $action) { ] ); return $this->federationProviderManager->sendNotification($remoteDomain, $notification); + case 'permissions': + $notification = $this->cloudFederationFactory->getCloudFederationNotification(); + $notification->setMessage('SHAREE_CHANGE_PERMISSION', + 'file', + $fields['remoteId'], + [ + 'sharedSecret' => $fields['token'], + 'permissions' => $fields['permissions'], + 'message' => 'permissions updated' + ] + ); + return $this->federationProviderManager->sendNotification($remoteDomain, $notification); } return false; diff --git a/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php b/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php index 419d9ebd7c631..e4f719f52b927 100644 --- a/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php +++ b/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php @@ -106,6 +106,7 @@ public function shareReceived(ICloudFederationShare $share): string { $sharedByFederatedId = $share->getSharedBy(); $ownerFederatedId = $share->getOwner(); $shareType = $this->mapShareTypeToNextcloud($share->getShareType()); + $permissions = $share->getPermissions(); // if no explicit information about the person who created the share was sent // we assume that the share comes from the owner @@ -153,6 +154,7 @@ public function shareReceived(ICloudFederationShare $share): string { $externalShare->setOwner($owner); $externalShare->setShareType($shareType); $externalShare->setAccepted(IShare::STATUS_PENDING); + $externalShare->setPermissions($permissions); try { $this->externalShareManager->addShare($externalShare, $user ?: $group); @@ -225,6 +227,7 @@ public function notificationReceived(string $notificationType, string $providerI 'REQUEST_RESHARE' => $this->reshareRequested($providerId, $notification), 'RESHARE_UNDO' => $this->undoReshare($providerId, $notification), 'RESHARE_CHANGE_PERMISSION' => $this->updateResharePermissions($providerId, $notification), + 'SHAREE_CHANGE_PERMISSION' => $this->updateShareePermissions($providerId, $notification), default => throw new BadRequestException([$notificationType]), }; } @@ -685,4 +688,20 @@ public function getFederationIdFromSharedSecret( return $share->getShareOwner(); } } + + private function updateShareePermissions(string $id, array $notification): array { + if (!$this->isS2SEnabled()) { + throw new ActionNotSupportedException('Server does not support federated cloud sharing'); + } + + if (!isset($notification['sharedSecret'])) { + throw new BadRequestException(['sharedSecret']); + } + + $share = $this->externalShareManager->getShareByToken($notification['sharedSecret']); + $share->setPermissions($notification['permissions']); + $share = $this->externalShareMapper->update($share); + + return []; + } } diff --git a/apps/files_sharing/composer/composer/autoload_classmap.php b/apps/files_sharing/composer/composer/autoload_classmap.php index 8140fc52f1628..3874aef9e0bab 100644 --- a/apps/files_sharing/composer/composer/autoload_classmap.php +++ b/apps/files_sharing/composer/composer/autoload_classmap.php @@ -89,6 +89,7 @@ 'OCA\\Files_Sharing\\Migration\\Version31000Date20240821142813' => $baseDir . '/../lib/Migration/Version31000Date20240821142813.php', 'OCA\\Files_Sharing\\Migration\\Version32000Date20251017081948' => $baseDir . '/../lib/Migration/Version32000Date20251017081948.php', 'OCA\\Files_Sharing\\Migration\\Version33000Date20251030081948' => $baseDir . '/../lib/Migration/Version33000Date20251030081948.php', + 'OCA\\Files_Sharing\\Migration\\Version35000Date20260520071407' => $baseDir . '/../lib/Migration/Version35000Date20260520071407.php', 'OCA\\Files_Sharing\\MountProvider' => $baseDir . '/../lib/MountProvider.php', 'OCA\\Files_Sharing\\Notification\\Listener' => $baseDir . '/../lib/Notification/Listener.php', 'OCA\\Files_Sharing\\Notification\\Notifier' => $baseDir . '/../lib/Notification/Notifier.php', diff --git a/apps/files_sharing/composer/composer/autoload_static.php b/apps/files_sharing/composer/composer/autoload_static.php index fd2189f481888..e423dffd0b49a 100644 --- a/apps/files_sharing/composer/composer/autoload_static.php +++ b/apps/files_sharing/composer/composer/autoload_static.php @@ -104,6 +104,7 @@ class ComposerStaticInitFiles_Sharing 'OCA\\Files_Sharing\\Migration\\Version31000Date20240821142813' => __DIR__ . '/..' . '/../lib/Migration/Version31000Date20240821142813.php', 'OCA\\Files_Sharing\\Migration\\Version32000Date20251017081948' => __DIR__ . '/..' . '/../lib/Migration/Version32000Date20251017081948.php', 'OCA\\Files_Sharing\\Migration\\Version33000Date20251030081948' => __DIR__ . '/..' . '/../lib/Migration/Version33000Date20251030081948.php', + 'OCA\\Files_Sharing\\Migration\\Version35000Date20260520071407' => __DIR__ . '/..' . '/../lib/Migration/Version35000Date20260520071407.php', 'OCA\\Files_Sharing\\MountProvider' => __DIR__ . '/..' . '/../lib/MountProvider.php', 'OCA\\Files_Sharing\\Notification\\Listener' => __DIR__ . '/..' . '/../lib/Notification/Listener.php', 'OCA\\Files_Sharing\\Notification\\Notifier' => __DIR__ . '/..' . '/../lib/Notification/Notifier.php', diff --git a/apps/files_sharing/lib/Controller/RemoteController.php b/apps/files_sharing/lib/Controller/RemoteController.php index eff5654292810..82ed7eda05812 100644 --- a/apps/files_sharing/lib/Controller/RemoteController.php +++ b/apps/files_sharing/lib/Controller/RemoteController.php @@ -122,7 +122,6 @@ private function extendShareInfo(ExternalShare $share): array { $shareData['mimetype'] = $mountPointNode->getMimetype(); $shareData['mtime'] = $mountPointNode->getMTime(); - $shareData['permissions'] = $mountPointNode->getPermissions(); $shareData['type'] = $mountPointNode->getType(); $shareData['file_id'] = $mountPointNode->getId(); $shareData['item_size'] = $mountPointNode->getSize(); diff --git a/apps/files_sharing/lib/External/ExternalShare.php b/apps/files_sharing/lib/External/ExternalShare.php index b452b8ce013a3..aaba83df6c08b 100644 --- a/apps/files_sharing/lib/External/ExternalShare.php +++ b/apps/files_sharing/lib/External/ExternalShare.php @@ -9,6 +9,7 @@ namespace OCA\Files_Sharing\External; +use OCP\Share\External\IExternalShare; use OC\Files\Filesystem; use OCA\Files_Sharing\ResponseDefinitions; use OCP\AppFramework\Db\SnowflakeAwareEntity; @@ -40,10 +41,12 @@ * @method void setMountpointHash(string $mountPointHash) * @method int getAccepted() * @method void setAccepted(int $accepted) + * @method int getPermissions() + * @method void setPermissions(int $permissions) * * @psalm-import-type Files_SharingRemoteShare from ResponseDefinitions */ -class ExternalShare extends SnowflakeAwareEntity implements \JsonSerializable { +class ExternalShare extends SnowflakeAwareEntity implements \JsonSerializable, IExternalShare { protected string $parent = '-1'; protected ?int $shareType = null; protected ?string $remote = null; @@ -56,6 +59,7 @@ class ExternalShare extends SnowflakeAwareEntity implements \JsonSerializable { protected ?string $mountpoint = null; protected ?string $mountpointHash = null; protected ?int $accepted = null; + protected ?int $permissions = null; public function __construct() { $this->addType('id', Types::STRING); // Stored as a bigint @@ -71,6 +75,7 @@ public function __construct() { $this->addType('mountpoint', Types::STRING); $this->addType('mountpointHash', Types::STRING); $this->addType('accepted', Types::INTEGER); + $this->addType('permissions', Types::SMALLINT); } public function setMountpoint(string $mountPoint): void { @@ -105,11 +110,11 @@ public function jsonSerialize(): array { 'user' => $this->getUser(), 'mountpoint' => $this->getMountpoint(), 'accepted' => $this->getAccepted(), + 'permissions' => $this->getPermissions(), // Added later on 'file_id' => null, 'mimetype' => null, - 'permissions' => null, 'mtime' => null, 'type' => null, 'item_size' => null, @@ -133,6 +138,7 @@ public function clone(): self { $newShare->setMountpoint($this->getMountpoint()); $newShare->setAccepted($this->getAccepted()); $newShare->setPassword($this->getPassword()); + $newShare->setPermissions($this->getPermissions()); return $newShare; } } diff --git a/apps/files_sharing/lib/External/Manager.php b/apps/files_sharing/lib/External/Manager.php index f40e5d4a34927..dd30ba58cbb28 100644 --- a/apps/files_sharing/lib/External/Manager.php +++ b/apps/files_sharing/lib/External/Manager.php @@ -116,6 +116,7 @@ public function addShare(ExternalShare $externalShare, IUser|IGroup|null $shareW 'mountpoint' => $externalShare->getMountpoint(), 'owner' => $externalShare->getOwner(), 'verify' => !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates'), + 'permissions' => $externalShare->getPermissions(), ]; return $this->mountShare($options, $user); } @@ -199,6 +200,7 @@ private function updateSubShare(ExternalShare $externalShare, IUser $user, ?stri $subShare->setParent((string)$externalShare->getId()); $subShare->setShareType($externalShare->getShareType()); $subShare->setShareToken($externalShare->getShareToken()); + $subShare->setPermissions($externalShare->getPermissions()); $this->externalShareMapper->insert($subShare); } } diff --git a/apps/files_sharing/lib/External/Storage.php b/apps/files_sharing/lib/External/Storage.php index 90a50f785dd98..165cf2cc02c9d 100644 --- a/apps/files_sharing/lib/External/Storage.php +++ b/apps/files_sharing/lib/External/Storage.php @@ -12,11 +12,11 @@ use GuzzleHttp\Exception\ClientException; use GuzzleHttp\Exception\ConnectException; use GuzzleHttp\Exception\RequestException; +use OCP\Share\External\IExternalShare; use OC\Files\Storage\DAV; use OC\ForbiddenException; use OC\Share\Share; use OCA\Files_Sharing\External\Manager as ExternalShareManager; -use OCA\Files_Sharing\ISharedStorage; use OCP\AppFramework\Http; use OCP\Constants; use OCP\Federation\ICloudId; @@ -26,6 +26,7 @@ use OCP\Files\NotFoundException; use OCP\Files\Storage\IDisableEncryptionStorage; use OCP\Files\Storage\IReliableEtagStorage; +use OCP\Files\Storage\IExternalShareStorage; use OCP\Files\Storage\IStorage; use OCP\Files\StorageInvalidException; use OCP\Files\StorageNotAvailableException; @@ -42,7 +43,7 @@ use OCP\Share\IManager as IShareManager; use Psr\Log\LoggerInterface; -class Storage extends DAV implements ISharedStorage, IDisableEncryptionStorage, IReliableEtagStorage { +class Storage extends DAV implements IExternalShareStorage, IDisableEncryptionStorage, IReliableEtagStorage { private ICloudId $cloudId; private string $mountPoint; private string $token; @@ -445,4 +446,8 @@ private function getDefaultRequestOptions(): array { } return $options; } + + public function getShare(): IExternalShare { + return $this->manager->getShareByToken($this->token); + } } diff --git a/apps/files_sharing/lib/Migration/Version35000Date20260520071407.php b/apps/files_sharing/lib/Migration/Version35000Date20260520071407.php new file mode 100644 index 0000000000000..2d2968ec4f979 --- /dev/null +++ b/apps/files_sharing/lib/Migration/Version35000Date20260520071407.php @@ -0,0 +1,48 @@ +getTable('share_external'); + if (!$table->hasColumn('permissions')) { + $table->addColumn('permissions', Types::SMALLINT, [ + 'notnull' => true, + 'default' => 0 + ]); + + return $schema; + } + + return null; + } +} diff --git a/lib/private/Federation/CloudFederationFactory.php b/lib/private/Federation/CloudFederationFactory.php index ffe86305295b8..59f40b601ca80 100644 --- a/lib/private/Federation/CloudFederationFactory.php +++ b/lib/private/Federation/CloudFederationFactory.php @@ -26,13 +26,14 @@ class CloudFederationFactory implements ICloudFederationFactory { * @param string $sharedSecret used to authenticate requests across servers * @param string $shareType ('group' or 'user' share) * @param $resourceType ('file', 'calendar',...) + * @param int $permissions permissions granted to the sharee * @return ICloudFederationShare * * @since 14.0.0 */ #[\Override] - public function getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $sharedSecret, $shareType, $resourceType) { - return new CloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $shareType, $resourceType, $sharedSecret); + public function getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $sharedSecret, $shareType, $resourceType, $permissions) { + return new CloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $shareType, $resourceType, $sharedSecret, $permissions); } /** diff --git a/lib/private/Federation/CloudFederationShare.php b/lib/private/Federation/CloudFederationShare.php index bcc9e7a87d3f5..066d6ae73ea0a 100644 --- a/lib/private/Federation/CloudFederationShare.php +++ b/lib/private/Federation/CloudFederationShare.php @@ -24,7 +24,8 @@ class CloudFederationShare implements ICloudFederationShare { 'sharedByDisplayName' => '', 'sender' => '', 'senderDisplayName' => '', - 'protocol' => [] + 'protocol' => [], + 'permissions' => 0 ]; /** @@ -41,6 +42,7 @@ class CloudFederationShare implements ICloudFederationShare { * @param string $shareType ('group' or 'user' share) * @param string $resourceType ('file', 'calendar',...) * @param string $sharedSecret + * @param int $permissions permissions granted to the sharee */ public function __construct($shareWith = '', $name = '', @@ -53,6 +55,7 @@ public function __construct($shareWith = '', $shareType = '', $resourceType = '', $sharedSecret = '', + $permissions = 0 ) { $this->setShareWith($shareWith); $this->setResourceName($name); @@ -71,6 +74,7 @@ public function __construct($shareWith = '', ]); $this->setShareType($shareType); $this->setResourceType($resourceType); + $this->setPermissions($permissions); } /** @@ -211,6 +215,16 @@ public function setShareType($shareType) { } } + /** + * permissions granted to the sharee + * + * @since 35.0.0 + */ + #[\Override] + public function setPermissions(int $permissions): void { + $this->share['permissions'] = $permissions; + } + /** * get the whole share, ready to send out * @@ -366,4 +380,13 @@ public function getShareSecret() { public function getProtocol() { return $this->share['protocol']; } + + /** + * get permissions granted to the sharee + * + * @since 35.0.0 + */ + public function getPermissions(): int { + return $this->share['permissions']; + } } diff --git a/lib/private/Files/FileInfo.php b/lib/private/Files/FileInfo.php index d78c67fd9bec1..78683272246ce 100644 --- a/lib/private/Files/FileInfo.php +++ b/lib/private/Files/FileInfo.php @@ -8,6 +8,7 @@ namespace OC\Files; +use OCP\Files\Storage\IExternalShareStorage; use OC\Files\Cache\CacheEntry; use OC\Files\Mount\HomeMountPoint; use OCA\Files_Sharing\ISharedMountPoint; @@ -64,6 +65,13 @@ public function __construct( } else { $this->rawSize = $this->data['size'] ?? 0; } + + if ($storage?->instanceOfStorage(IExternalShareStorage::class)) { + $externalSharePermissions = $storage->getShare()->getPermissions(); + if ($this->data['permissions'] !== $externalSharePermissions) { + $this->data->offsetSet('permissions', $externalSharePermissions); + } + } } #[\Override] diff --git a/lib/public/Federation/ICloudFederationFactory.php b/lib/public/Federation/ICloudFederationFactory.php index 583aafa151f53..317adb390da3a 100644 --- a/lib/public/Federation/ICloudFederationFactory.php +++ b/lib/public/Federation/ICloudFederationFactory.php @@ -28,11 +28,12 @@ interface ICloudFederationFactory { * @param string $sharedSecret used to authenticate requests across servers * @param string $shareType ('group' or 'user' share) * @param $resourceType ('file', 'calendar',...) + * @param int $permissions permissions granted to the sharee * @return ICloudFederationShare * * @since 14.0.0 */ - public function getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $sharedSecret, $shareType, $resourceType); + public function getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $sharedSecret, $shareType, $resourceType, $permissions); /** * get a Cloud FederationNotification object to prepare a notification you diff --git a/lib/public/Federation/ICloudFederationShare.php b/lib/public/Federation/ICloudFederationShare.php index 56ef7ed3bf7ed..0a84816dec879 100644 --- a/lib/public/Federation/ICloudFederationShare.php +++ b/lib/public/Federation/ICloudFederationShare.php @@ -113,6 +113,13 @@ public function setProtocol(array $protocol); */ public function setShareType($shareType); + /** + * permissions granted to the sharee + * + * @since 35.0.0 + */ + public function setPermissions(int $permissions); + /** * get the whole share, ready to send out * @@ -229,4 +236,11 @@ public function getShareSecret(); * @since 14.0.0 */ public function getProtocol(); + + /** + * get permissions granted to the sharee + * + * @since 35.0.0 + */ + public function getPermissions(): int; } diff --git a/lib/public/Files/Storage/IExternalShareStorage.php b/lib/public/Files/Storage/IExternalShareStorage.php new file mode 100644 index 0000000000000..25babc4c9beb4 --- /dev/null +++ b/lib/public/Files/Storage/IExternalShareStorage.php @@ -0,0 +1,27 @@ +