2020-01-09 18:33:22 +01:00
|
|
|
// Copyright 2018-2020 Vikunja and contriubtors. All rights reserved.
|
2019-08-31 22:56:41 +02:00
|
|
|
//
|
|
|
|
// This file is part of Vikunja.
|
|
|
|
//
|
|
|
|
// Vikunja is free software: you can redistribute it and/or modify
|
2020-12-23 16:41:52 +01:00
|
|
|
// it under the terms of the GNU Affero General Public Licensee as published by
|
2019-08-31 22:56:41 +02:00
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
//
|
|
|
|
// Vikunja is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
2020-12-23 16:41:52 +01:00
|
|
|
// GNU Affero General Public Licensee for more details.
|
2019-08-31 22:56:41 +02:00
|
|
|
//
|
2020-12-23 16:41:52 +01:00
|
|
|
// You should have received a copy of the GNU Affero General Public Licensee
|
2019-08-31 22:56:41 +02:00
|
|
|
// along with Vikunja. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
package models
|
|
|
|
|
|
|
|
import (
|
2020-10-11 22:10:03 +02:00
|
|
|
"time"
|
|
|
|
|
2020-01-26 18:08:06 +01:00
|
|
|
"code.vikunja.io/api/pkg/user"
|
2019-08-31 22:56:41 +02:00
|
|
|
"code.vikunja.io/api/pkg/utils"
|
|
|
|
"code.vikunja.io/web"
|
|
|
|
"github.com/dgrijalva/jwt-go"
|
2020-12-23 16:32:28 +01:00
|
|
|
"xorm.io/xorm"
|
2019-08-31 22:56:41 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
// SharingType holds the sharing type
|
|
|
|
type SharingType int
|
|
|
|
|
|
|
|
// These consts represent all valid link sharing types
|
|
|
|
const (
|
|
|
|
SharingTypeUnknown SharingType = iota
|
|
|
|
SharingTypeWithoutPassword
|
|
|
|
SharingTypeWithPassword
|
|
|
|
)
|
|
|
|
|
|
|
|
// LinkSharing represents a shared list
|
|
|
|
type LinkSharing struct {
|
|
|
|
// The ID of the shared thing
|
2020-12-18 17:51:22 +01:00
|
|
|
ID int64 `xorm:"bigint autoincr not null unique pk" json:"id" param:"share"`
|
2019-08-31 22:56:41 +02:00
|
|
|
// The public id to get this shared list
|
|
|
|
Hash string `xorm:"varchar(40) not null unique" json:"hash" param:"hash"`
|
|
|
|
// The ID of the shared list
|
2020-12-18 17:51:22 +01:00
|
|
|
ListID int64 `xorm:"bigint not null" json:"-" param:"list"`
|
2019-08-31 22:56:41 +02:00
|
|
|
// The right this list is shared with. 0 = Read only, 1 = Read & Write, 2 = Admin. See the docs for more details.
|
2020-12-18 17:51:22 +01:00
|
|
|
Right Right `xorm:"bigint INDEX not null default 0" json:"right" valid:"length(0|2)" maximum:"2" default:"0"`
|
2019-08-31 22:56:41 +02:00
|
|
|
|
|
|
|
// The kind of this link. 0 = undefined, 1 = without password, 2 = with password (currently not implemented).
|
2020-12-18 17:51:22 +01:00
|
|
|
SharingType SharingType `xorm:"bigint INDEX not null default 0" json:"sharing_type" valid:"length(0|2)" maximum:"2" default:"0"`
|
2019-08-31 22:56:41 +02:00
|
|
|
|
|
|
|
// The user who shared this list
|
2020-01-26 18:08:06 +01:00
|
|
|
SharedBy *user.User `xorm:"-" json:"shared_by"`
|
2020-12-18 17:51:22 +01:00
|
|
|
SharedByID int64 `xorm:"bigint INDEX not null" json:"-"`
|
2019-08-31 22:56:41 +02:00
|
|
|
|
2020-02-08 13:48:49 +01:00
|
|
|
// A timestamp when this list was shared. You cannot change this value.
|
2020-06-27 19:04:01 +02:00
|
|
|
Created time.Time `xorm:"created not null" json:"created"`
|
2020-02-08 13:48:49 +01:00
|
|
|
// A timestamp when this share was last updated. You cannot change this value.
|
2020-06-27 19:04:01 +02:00
|
|
|
Updated time.Time `xorm:"updated not null" json:"updated"`
|
2019-08-31 22:56:41 +02:00
|
|
|
|
|
|
|
web.CRUDable `xorm:"-" json:"-"`
|
|
|
|
web.Rights `xorm:"-" json:"-"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// TableName holds the table name
|
|
|
|
func (LinkSharing) TableName() string {
|
|
|
|
return "link_sharing"
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetID returns the ID of the links sharing object
|
|
|
|
func (share *LinkSharing) GetID() int64 {
|
|
|
|
return share.ID
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetLinkShareFromClaims builds a link sharing object from jwt claims
|
|
|
|
func GetLinkShareFromClaims(claims jwt.MapClaims) (share *LinkSharing, err error) {
|
|
|
|
share = &LinkSharing{}
|
|
|
|
share.ID = int64(claims["id"].(float64))
|
|
|
|
share.Hash = claims["hash"].(string)
|
2020-04-13 23:27:55 +02:00
|
|
|
share.ListID = int64(claims["list_id"].(float64))
|
2019-08-31 22:56:41 +02:00
|
|
|
share.Right = Right(claims["right"].(float64))
|
|
|
|
share.SharedByID = int64(claims["sharedByID"].(float64))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Create creates a new link share for a given list
|
|
|
|
// @Summary Share a list via link
|
|
|
|
// @Description Share a list via link. The user needs to have write-access to the list to be able do this.
|
|
|
|
// @tags sharing
|
|
|
|
// @Accept json
|
|
|
|
// @Produce json
|
|
|
|
// @Security JWTKeyAuth
|
|
|
|
// @Param list path int true "List ID"
|
|
|
|
// @Param label body models.LinkSharing true "The new link share object"
|
|
|
|
// @Success 200 {object} models.LinkSharing "The created link share object."
|
2020-06-28 16:25:46 +02:00
|
|
|
// @Failure 400 {object} web.HTTPError "Invalid link share object provided."
|
|
|
|
// @Failure 403 {object} web.HTTPError "Not allowed to add the list share."
|
|
|
|
// @Failure 404 {object} web.HTTPError "The list does not exist."
|
2019-08-31 22:56:41 +02:00
|
|
|
// @Failure 500 {object} models.Message "Internal error"
|
|
|
|
// @Router /lists/{list}/shares [put]
|
2020-12-23 16:32:28 +01:00
|
|
|
func (share *LinkSharing) Create(s *xorm.Session, a web.Auth) (err error) {
|
2020-04-27 11:42:41 +02:00
|
|
|
|
|
|
|
err = share.Right.isValid()
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-08-31 22:56:41 +02:00
|
|
|
share.SharedByID = a.GetID()
|
|
|
|
share.Hash = utils.MakeRandomString(40)
|
2020-12-23 16:32:28 +01:00
|
|
|
_, err = s.Insert(share)
|
2020-04-27 11:42:41 +02:00
|
|
|
share.SharedBy, _ = user.GetFromAuth(a)
|
2019-08-31 22:56:41 +02:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// ReadOne returns one share
|
|
|
|
// @Summary Get one link shares for a list
|
|
|
|
// @Description Returns one link share by its ID.
|
|
|
|
// @tags sharing
|
|
|
|
// @Accept json
|
|
|
|
// @Produce json
|
|
|
|
// @Param list path int true "List ID"
|
|
|
|
// @Param share path int true "Share ID"
|
|
|
|
// @Security JWTKeyAuth
|
|
|
|
// @Success 200 {object} models.LinkSharing "The share links"
|
2020-06-28 16:25:46 +02:00
|
|
|
// @Failure 403 {object} web.HTTPError "No access to the list"
|
|
|
|
// @Failure 404 {object} web.HTTPError "Share Link not found."
|
2019-08-31 22:56:41 +02:00
|
|
|
// @Failure 500 {object} models.Message "Internal error"
|
|
|
|
// @Router /lists/{list}/shares/{share} [get]
|
2020-12-23 16:32:28 +01:00
|
|
|
func (share *LinkSharing) ReadOne(s *xorm.Session) (err error) {
|
|
|
|
exists, err := s.Where("id = ?", share.ID).Get(share)
|
2019-08-31 22:56:41 +02:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if !exists {
|
|
|
|
return ErrListShareDoesNotExist{ID: share.ID, Hash: share.Hash}
|
|
|
|
}
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// ReadAll returns all shares for a given list
|
|
|
|
// @Summary Get all link shares for a list
|
|
|
|
// @Description Returns all link shares which exist for a given list
|
|
|
|
// @tags sharing
|
|
|
|
// @Accept json
|
|
|
|
// @Produce json
|
|
|
|
// @Param list path int true "List ID"
|
2019-10-23 23:11:40 +02:00
|
|
|
// @Param page query int false "The page number. Used for pagination. If not provided, the first page of results is returned."
|
|
|
|
// @Param per_page query int false "The maximum number of items per page. Note this parameter is limited by the configured maximum of items per page."
|
2019-08-31 22:56:41 +02:00
|
|
|
// @Param s query string false "Search shares by hash."
|
|
|
|
// @Security JWTKeyAuth
|
|
|
|
// @Success 200 {array} models.LinkSharing "The share links"
|
|
|
|
// @Failure 500 {object} models.Message "Internal error"
|
|
|
|
// @Router /lists/{list}/shares [get]
|
2020-12-23 16:32:28 +01:00
|
|
|
func (share *LinkSharing) ReadAll(s *xorm.Session, a web.Auth, search string, page int, perPage int) (result interface{}, resultCount int, totalItems int64, err error) {
|
2019-08-31 22:56:41 +02:00
|
|
|
list := &List{ID: share.ListID}
|
2020-12-23 16:32:28 +01:00
|
|
|
can, _, err := list.CanRead(s, a)
|
2019-08-31 22:56:41 +02:00
|
|
|
if err != nil {
|
2019-10-23 23:11:40 +02:00
|
|
|
return nil, 0, 0, err
|
2019-08-31 22:56:41 +02:00
|
|
|
}
|
|
|
|
if !can {
|
2019-10-23 23:11:40 +02:00
|
|
|
return nil, 0, 0, ErrGenericForbidden{}
|
2019-08-31 22:56:41 +02:00
|
|
|
}
|
|
|
|
|
2020-04-12 19:29:24 +02:00
|
|
|
limit, start := getLimitFromPageIndex(page, perPage)
|
|
|
|
|
2019-08-31 22:56:41 +02:00
|
|
|
var shares []*LinkSharing
|
2020-12-23 16:32:28 +01:00
|
|
|
query := s.
|
2020-04-12 19:29:24 +02:00
|
|
|
Where("list_id = ? AND hash LIKE ?", share.ListID, "%"+search+"%")
|
|
|
|
if limit > 0 {
|
|
|
|
query = query.Limit(limit, start)
|
|
|
|
}
|
|
|
|
err = query.Find(&shares)
|
2019-09-07 15:19:23 +02:00
|
|
|
if err != nil {
|
2019-10-23 23:11:40 +02:00
|
|
|
return nil, 0, 0, err
|
2019-09-07 15:19:23 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// Find all users and add them
|
|
|
|
var userIDs []int64
|
|
|
|
for _, s := range shares {
|
|
|
|
userIDs = append(userIDs, s.SharedByID)
|
|
|
|
}
|
|
|
|
|
2020-01-26 18:08:06 +01:00
|
|
|
users := make(map[int64]*user.User)
|
2020-12-23 16:32:28 +01:00
|
|
|
err = s.In("id", userIDs).Find(&users)
|
2019-09-07 15:19:23 +02:00
|
|
|
if err != nil {
|
2019-10-23 23:11:40 +02:00
|
|
|
return nil, 0, 0, err
|
2019-09-07 15:19:23 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
for _, s := range shares {
|
|
|
|
s.SharedBy = users[s.SharedByID]
|
|
|
|
}
|
|
|
|
|
2019-10-23 23:11:40 +02:00
|
|
|
// Total count
|
2020-12-23 16:32:28 +01:00
|
|
|
totalItems, err = s.
|
2019-10-23 23:11:40 +02:00
|
|
|
Where("list_id = ? AND hash LIKE ?", share.ListID, "%"+search+"%").
|
|
|
|
Count(&LinkSharing{})
|
|
|
|
if err != nil {
|
|
|
|
return nil, 0, 0, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return shares, len(shares), totalItems, err
|
2019-08-31 22:56:41 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// Delete removes a link share
|
|
|
|
// @Summary Remove a link share
|
|
|
|
// @Description Remove a link share. The user needs to have write-access to the list to be able do this.
|
|
|
|
// @tags sharing
|
|
|
|
// @Accept json
|
|
|
|
// @Produce json
|
|
|
|
// @Security JWTKeyAuth
|
|
|
|
// @Param list path int true "List ID"
|
|
|
|
// @Param share path int true "Share Link ID"
|
|
|
|
// @Success 200 {object} models.Message "The link was successfully removed."
|
2020-06-28 16:25:46 +02:00
|
|
|
// @Failure 403 {object} web.HTTPError "Not allowed to remove the link."
|
|
|
|
// @Failure 404 {object} web.HTTPError "Share Link not found."
|
2019-08-31 22:56:41 +02:00
|
|
|
// @Failure 500 {object} models.Message "Internal error"
|
|
|
|
// @Router /lists/{list}/shares/{share} [delete]
|
2020-12-23 16:32:28 +01:00
|
|
|
func (share *LinkSharing) Delete(s *xorm.Session) (err error) {
|
|
|
|
_, err = s.Where("id = ?", share.ID).Delete(share)
|
2019-08-31 22:56:41 +02:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetLinkShareByHash returns a link share by hash
|
2020-12-23 16:32:28 +01:00
|
|
|
func GetLinkShareByHash(s *xorm.Session, hash string) (share *LinkSharing, err error) {
|
2019-08-31 22:56:41 +02:00
|
|
|
share = &LinkSharing{}
|
2020-12-23 16:32:28 +01:00
|
|
|
has, err := s.Where("hash = ?", hash).Get(share)
|
2019-08-31 22:56:41 +02:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if !has {
|
|
|
|
return share, ErrListShareDoesNotExist{Hash: hash}
|
|
|
|
}
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetListByShareHash returns a link share by its hash
|
2020-12-23 16:32:28 +01:00
|
|
|
func GetListByShareHash(s *xorm.Session, hash string) (list *List, err error) {
|
|
|
|
share, err := GetLinkShareByHash(s, hash)
|
2019-08-31 22:56:41 +02:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-12-23 16:32:28 +01:00
|
|
|
list, err = GetListSimpleByID(s, share.ListID)
|
2019-08-31 22:56:41 +02:00
|
|
|
return
|
|
|
|
}
|