mirror
/
social
kopia lustrzana https://github.com/nextcloud/social
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

adding command to manage access rights 

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
pull/550/head
Maxence Lange 2019-05-30 12:42:20 -01:00
rodzic b90a54a3cf
commit 4a4dc5ea6d
5 zmienionych plików z 553 dodań i 3 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

1
appinfo/info.xml
Wyświetl plik

@ -48,6 +48,7 @@
<commands>
<command>OCA\Social\Command\CacheRefresh</command>
<command>OCA\Social\Command\CheckInstall</command>
<command>OCA\Social\Command\Fediverse</command>
<command>OCA\Social\Command\NoteCreate</command>
<command>OCA\Social\Command\NoteBoost</command>
<command>OCA\Social\Command\Reset</command>

232
lib/Command/Fediverse.php 100644
Wyświetl plik

@ -0,0 +1,232 @@
<?php
declare(strict_types=1);
/**
* Nextcloud - Social Support
*
* This file is licensed under the Affero General Public License version 3 or
* later. See the COPYING file.
*
* @author Maxence Lange <maxence@artificial-owl.com>
* @copyright 2018, Maxence Lange <maxence@artificial-owl.com>
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\Social\Command;
use Exception;
use OC\Core\Command\Base;
use OCA\Social\Exceptions\UnauthorizedFediverseException;
use OCA\Social\Service\ConfigService;
use OCA\Social\Service\FediverseService;
use OCA\Social\Service\MiscService;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
/**
* Class Fediverse
*
* @package OCA\Social\Command
*/
class Fediverse extends Base {
/** @var FediverseService */
private $fediverseService;
/** @var ConfigService */
private $configService;
/** @var MiscService */
private $miscService;
/** @var OutputInterface */
private $output;
/**
* CacheUpdate constructor.
*
* @param FediverseService $fediverseService
* @param ConfigService $configService
* @param MiscService $miscService
*/
public function __construct(
FediverseService $fediverseService, ConfigService $configService,
MiscService $miscService
) {
parent::__construct();
$this->fediverseService = $fediverseService;
$this->configService = $configService;
$this->miscService = $miscService;
}
/**
*
*/
protected function configure() {
parent::configure();
$this->setName('social:fediverse')
->addOption(
'type', 't', InputArgument::OPTIONAL,
'Change the type of access management', ''
)
->addArgument('action', InputArgument::OPTIONAL, 'add/remove/test address', '')
->addArgument('address', InputArgument::OPTIONAL, 'address/host', '')
->setDescription('Allow or deny access to the fediverse');
}
/**
* @param InputInterface $input
* @param OutputInterface $output
*
* @throws Exception
*/
protected function execute(InputInterface $input, OutputInterface $output) {
$this->output = $output;
if ($this->typeAccess($input->getOption('type'))) {
return;
}
$this->output->writeln(
'Current access type: <info>' . $this->fediverseService->getAccessType() . '</info>'
);
switch ($input->getArgument('action')) {
case '':
$this->listAddresses(false);
break;
case 'list':
$this->listAddresses(true);
break;
case 'add':
$this->addAddress($input->getArgument('address'));
break;
case 'remove':
$this->removeAddress($input->getArgument('address'));
break;
case 'test':
$this->testAddress($input->getArgument('address'));
break;
case 'reset':
$this->resetAddresses();
break;
default:
throw new Exception('specify action: add, remove, list, reset');
}
}
/**
* @param string $type
*
* @return bool
* @throws Exception
*/
private function typeAccess(string $type) {
if ($type === '') {
return false;
}
$this->fediverseService->setAccessType($type);
return true;
}
/**
* @param bool $allKnownAddress
*/
private function listAddresses(bool $allKnownAddress = false) {
if ($allKnownAddress) {
$this->output->writeln('- Known address:');
foreach ($this->fediverseService->getKnownAddresses() as $address) {
$this->output->writeln(' <info>' . $address . '</info>');
}
}
$this->output->writeln('- List:');
foreach ($this->fediverseService->getListedAddresses() as $address) {
$this->output->writeln(' <info>' . $address . '</info>');
}
}
/**
* @param string $address
*
* @throws Exception
*/
private function addAddress(string $address) {
$this->fediverseService->addAddress($address);
$this->output->writeln('<info>' . $address . '</info> added to the list');
}
/**
* @param string $address
*
* @throws Exception
*/
private function removeAddress(string $address) {
$this->fediverseService->removeAddress($address);
$this->output->writeln('<info>' . $address . '</info> removed from the list');
}
/**
* @param string $address
*/
private function testAddress(string $address) {
try {
$this->fediverseService->authorized($address);
$this->output->writeln('<info>Authorized</info>');
} catch (UnauthorizedFediverseException $e) {
$this->output->writeln('<comment>Unauthorized</comment>');
}
}
/**
*
*/
private function resetAddresses() {
$this->fediverseService->resetAddresses();
$this->output->writeln('list is now empty');
}
}

40
lib/Exceptions/UnauthorizedFediverseException.php 100644
Wyświetl plik

@ -0,0 +1,40 @@
<?php
declare(strict_types=1);
/**
* Nextcloud - Social Support
*
* This file is licensed under the Affero General Public License version 3 or
* later. See the COPYING file.
*
* @author Maxence Lange <maxence@artificial-owl.com>
* @copyright 2018, Maxence Lange <maxence@artificial-owl.com>
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\Social\Exceptions;
use Exception;
class UnauthorizedFediverseException extends Exception {
}

17
lib/Service/ConfigService.php
Wyświetl plik

@ -54,6 +54,8 @@ class ConfigService {
const SOCIAL_ADDRESS = 'address';
const SOCIAL_SERVICE = 'service';
const SOCIAL_MAX_SIZE = 'max_size';
const SOCIAL_ACCESS_TYPE = 'access_type';
const SOCIAL_ACCESS_LIST = 'access_list';
const BACKGROUND_CRON = 1;
const BACKGROUND_ASYNC = 2;
@ -62,11 +64,20 @@ class ConfigService {
/** @var array */
public $defaults = [
self::SOCIAL_ADDRESS => '',
self::SOCIAL_SERVICE => 1,
self::SOCIAL_MAX_SIZE => 10
self::SOCIAL_ADDRESS => '',
self::SOCIAL_SERVICE => 1,
self::SOCIAL_MAX_SIZE => 10,
self::SOCIAL_ACCESS_TYPE => 'all_but',
self::SOCIAL_ACCESS_LIST => '[]'
];
/** @var array */
public $accessTypeList = [
'BLACKLIST' => 'all_but',
'WHITELIST' => 'none_but'
];
/** @var string */
private $userId;

266
lib/Service/FediverseService.php 100644
Wyświetl plik

@ -0,0 +1,266 @@
<?php
declare(strict_types=1);
/**
* Nextcloud - Social Support
*
* This file is licensed under the Affero General Public License version 3 or
* later. See the COPYING file.
*
* @author Maxence Lange <maxence@artificial-owl.com>
* @copyright 2018, Maxence Lange <maxence@artificial-owl.com>
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\Social\Service;
use Exception;
use OCA\Social\Exceptions\UnauthorizedFediverseException;
/**
* Class FediverseService
*
* @package OCA\Social\Service
*/
class FediverseService {
/** @var ConfigService */
private $configService;
/** @var MiscService */
private $miscService;
/**
* FediverseService constructor.
*
* @param ConfigService $configService
* @param MiscService $miscService
*/
public function __construct(
ConfigService $configService, MiscService $miscService
) {
$this->configService = $configService;
$this->miscService = $miscService;
}
/**
* @param string $address
*
* @return bool
* @throws UnauthorizedFediverseException
*/
public function authorized(string $address): bool {
if ($this->getAccessType() ===
$this->configService->accessTypeList['BLACKLIST']
&& !$this->isListed($address)) {
return true;
}
if ($this->getAccessType() ===
$this->configService->accessTypeList['WHITELIST']
&& $this->isListed($address)) {
return true;
}
throw new UnauthorizedFediverseException();
}
/**
* @throws UnauthorizedFediverseException
*/
public function jailed() {
if ($this->getAccessType() !== $this->configService->accessTypeList['WHITELIST']
|| !empty($this->getListedAddresses())) {
return;
}
throw new UnauthorizedFediverseException();
}
/**
* @return string
*/
public function getAccessType(): string {
return $this->configService->getAppValue(ConfigService::SOCIAL_ACCESS_TYPE);
}
/**
* @param string $type
*
* @throws Exception
*/
public function setAccessType(string $type) {
$accepted = array_values($this->configService->accessTypeList);
if (!in_array($type, $accepted)) {
throw new Exception('invalid type: ' . json_encode($accepted));
}
$this->configService->setAppValue(ConfigService::SOCIAL_ACCESS_TYPE, $type);
}
/**
* @return array
*/
public function getKnownAddresses(): array {
return [];
}
/**
* @return array
*/
public function getListedAddresses(): array {
return json_decode($this->configService->getAppValue(ConfigService::SOCIAL_ACCESS_LIST));
}
/**
* @param string $address
*
* @return bool
*/
public function isListed(string $address): bool {
$list = $this->getListedAddresses();
return (in_array($address, $list));
}
/**
*
*/
public function resetAddresses() {
$this->configService->setAppValue(ConfigService::SOCIAL_ACCESS_LIST, '[]');
}
/**
* @param string $address
*/
public function addAddress(string $address) {
if ($this->isListed($address)) {
return;
}
$list = $this->getListedAddresses();
array_push($list, $address);
$this->configService->setAppValue(ConfigService::SOCIAL_ACCESS_LIST, json_encode($list));
}
/**
* @param string $address
*
* @return void
* @throws Exception
*/
public function removeAddress(string $address) {
$list = $this->getListedAddresses();
$list = array_diff($list, [$address]);
$this->configService->setAppValue(ConfigService::SOCIAL_ACCESS_LIST, json_encode($list));
}
//
// /**
// * @param string $address
// *
// * @throws Exception
// */
// public function blockAddress(string $address) {
// if ($this->isBlocked($address)) {
// return;
// }
//
// if ($this->isAllowed($address)) {
// throw new Exception($address . ' is already in the whitelist');
// }
//
// $blackList = $this->getBlockedAddresses();
// array_push($blackList, $address);
//
// $this->configService->setAppValue(ConfigService::SOCIAL_BLACKLIST, json_encode($blackList));
// }
//
// /**
// * @return array
// */
// public function getBlockedAddresses(): array {
// return json_decode($this->configService->getAppValue(ConfigService::SOCIAL_BLACKLIST));
// }
//
// /**
// * @param string $address
// *
// * @return bool
// */
// public function isBlocked(string $address): bool {
// return (in_array('ALL', $this->getBlockedAddresses())
// || in_array($address, $this->getBlockedAddresses()));
// }
//
//
// /**
// * @param string $address
// *
// * @return void
// * @throws Exception
// */
// public function allowAddress(string $address) {
// if ($this->isAllowed($address)) {
// return;
// }
//
// if ($this->isBlocked($address)) {
// throw new Exception($address . ' is already in the blacklist');
// }
//
// $whiteList = $this->getAllowedAddresses();
// array_push($whiteList, $address);
//
// $this->configService->setAppValue(ConfigService::SOCIAL_WHITELIST, json_encode($whiteList));
// }
//
// /**
// * @return array
// */
// public function getAllowedAddresses(): array {
// return json_decode($this->configService->getAppValue(ConfigService::SOCIAL_WHITELIST));
//
// }
//
// /**
// * @param string $address
// *
// * @return bool
// */
// public function isAllowed(string $address): bool {
// return (in_array('ALL', $this->getAllowedAddresses())
// || in_array($address, $this->getAllowedAddresses()));
// }
//
//
}