-
Notifications
You must be signed in to change notification settings - Fork 447
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #11513 from nextcloud/bugfix/noid/fix-accepting-an…
…d-declining-invites fix(federation): Fix accepting or declining an invite multiple times
- Loading branch information
Showing
8 changed files
with
352 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,9 +2,11 @@ | |
|
||
declare(strict_types=1); | ||
/** | ||
* @copyright Copyright (c) 2021, Gary Kim <[email protected]> | ||
* @copyright Copyright (c) 2024 Joas Schilling <[email protected]> | ||
* @copyright Copyright (c) 2021 Gary Kim <[email protected]> | ||
* | ||
* @author Gary Kim <[email protected]> | ||
* @author Joas Schilling <[email protected]> | ||
* @author Kate Döen <[email protected]> | ||
* | ||
* @license GNU AGPL version 3 or any later version | ||
|
@@ -27,20 +29,19 @@ | |
namespace OCA\Talk\Controller; | ||
|
||
use OCA\Talk\AppInfo\Application; | ||
use OCA\Talk\Exceptions\CannotReachRemoteException; | ||
use OCA\Talk\Exceptions\RoomNotFoundException; | ||
use OCA\Talk\Exceptions\UnauthorizedException; | ||
use OCA\Talk\Federation\FederationManager; | ||
use OCA\Talk\Manager; | ||
use OCA\Talk\Model\Invitation; | ||
use OCA\Talk\ResponseDefinitions; | ||
use OCA\Talk\Service\RoomFormatter; | ||
use OCP\AppFramework\Db\MultipleObjectsReturnedException; | ||
use OCP\AppFramework\Http; | ||
use OCP\AppFramework\Http\Attribute\NoAdminRequired; | ||
use OCP\AppFramework\Http\Attribute\OpenAPI; | ||
use OCP\AppFramework\Http\DataResponse; | ||
use OCP\AppFramework\OCSController; | ||
use OCP\DB\Exception as DBException; | ||
use OCP\IRequest; | ||
use OCP\IUser; | ||
use OCP\IUserSession; | ||
|
@@ -90,21 +91,29 @@ public function getResponseFormat(): string { | |
* | ||
* @param int $id ID of the share | ||
* @psalm-param non-negative-int $id | ||
* @return DataResponse<Http::STATUS_OK, TalkRoom, array{}> | ||
* @throws UnauthorizedException | ||
* @throws DBException | ||
* @throws MultipleObjectsReturnedException | ||
* @return DataResponse<Http::STATUS_OK, TalkRoom, array{}>|DataResponse<Http::STATUS_BAD_REQUEST|Http::STATUS_GONE, array{error: string}, array{}>|DataResponse<Http::STATUS_NOT_FOUND, array{error?: string}, array{}> | ||
* | ||
* 200: Invite accepted successfully | ||
* 400: Invite can not be accepted (maybe it was accepted already) | ||
* 404: Invite can not be found | ||
* 410: Remote server could not be reached to notify about the acceptance | ||
*/ | ||
#[NoAdminRequired] | ||
#[OpenAPI(scope: OpenAPI::SCOPE_FEDERATION)] | ||
public function acceptShare(int $id): DataResponse { | ||
$user = $this->userSession->getUser(); | ||
if (!$user instanceof IUser) { | ||
throw new UnauthorizedException(); | ||
return new DataResponse([], Http::STATUS_NOT_FOUND); | ||
} | ||
try { | ||
$participant = $this->federationManager->acceptRemoteRoomShare($user, $id); | ||
} catch (CannotReachRemoteException) { | ||
return new DataResponse(['error' => 'remote'], Http::STATUS_GONE); | ||
} catch (UnauthorizedException $e) { | ||
return new DataResponse([], Http::STATUS_NOT_FOUND); | ||
} catch (\InvalidArgumentException $e) { | ||
return new DataResponse(['error' => $e->getMessage()], $e->getMessage() === 'invitation' ? Http::STATUS_NOT_FOUND : Http::STATUS_BAD_REQUEST); | ||
} | ||
$participant = $this->federationManager->acceptRemoteRoomShare($user, $id); | ||
return new DataResponse($this->roomFormatter->formatRoom( | ||
$this->getResponseFormat(), | ||
[], | ||
|
@@ -120,21 +129,25 @@ public function acceptShare(int $id): DataResponse { | |
* | ||
* @param int $id ID of the share | ||
* @psalm-param non-negative-int $id | ||
* @return DataResponse<Http::STATUS_OK, array<empty>, array{}> | ||
* @throws UnauthorizedException | ||
* @throws DBException | ||
* @throws MultipleObjectsReturnedException | ||
* @return DataResponse<Http::STATUS_OK, array<empty>, array{}>|DataResponse<Http::STATUS_NOT_FOUND, array{error?: string}, array{}> | ||
* | ||
* 200: Invite declined successfully | ||
* 404: Invite can not be found | ||
*/ | ||
#[NoAdminRequired] | ||
#[OpenAPI(scope: OpenAPI::SCOPE_FEDERATION)] | ||
public function rejectShare(int $id): DataResponse { | ||
$user = $this->userSession->getUser(); | ||
if (!$user instanceof IUser) { | ||
throw new UnauthorizedException(); | ||
return new DataResponse([], Http::STATUS_NOT_FOUND); | ||
} | ||
try { | ||
$this->federationManager->rejectRemoteRoomShare($user, $id); | ||
} catch (UnauthorizedException $e) { | ||
return new DataResponse([], Http::STATUS_NOT_FOUND); | ||
} catch (\InvalidArgumentException $e) { | ||
return new DataResponse(['error' => $e->getMessage()], Http::STATUS_NOT_FOUND); | ||
} | ||
$this->federationManager->rejectRemoteRoomShare($user, $id); | ||
return new DataResponse(); | ||
} | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,9 +2,11 @@ | |
|
||
declare(strict_types=1); | ||
/** | ||
* @copyright Copyright (c) 2024 Joas Schilling <[email protected]> | ||
* @copyright Copyright (c) 2021 Gary Kim <[email protected]> | ||
* | ||
* @author Gary Kim <[email protected]> | ||
* @author Joas Schilling <[email protected]> | ||
* | ||
* @license GNU AGPL version 3 or any later version | ||
* | ||
|
@@ -104,14 +106,21 @@ protected function markNotificationProcessed(string $userId, int $shareId): void | |
} | ||
|
||
/** | ||
* @throws UnauthorizedException | ||
* @throws DoesNotExistException | ||
* @throws \InvalidArgumentException | ||
* @throws CannotReachRemoteException | ||
*/ | ||
public function acceptRemoteRoomShare(IUser $user, int $shareId): Participant { | ||
$invitation = $this->invitationMapper->getInvitationById($shareId); | ||
try { | ||
$invitation = $this->invitationMapper->getInvitationById($shareId); | ||
} catch (DoesNotExistException $e) { | ||
throw new \InvalidArgumentException('invitation'); | ||
} | ||
if ($invitation->getUserId() !== $user->getUID()) { | ||
throw new UnauthorizedException('invitation is for a different user'); | ||
throw new UnauthorizedException('user'); | ||
} | ||
|
||
if ($invitation->getState() === Invitation::STATE_ACCEPTED) { | ||
throw new \InvalidArgumentException('state'); | ||
} | ||
|
||
// Add user to the room | ||
|
@@ -151,13 +160,17 @@ public function getRemoteShareById(int $shareId): Invitation { | |
} | ||
|
||
/** | ||
* @throws \InvalidArgumentException | ||
* @throws UnauthorizedException | ||
* @throws DoesNotExistException | ||
*/ | ||
public function rejectRemoteRoomShare(IUser $user, int $shareId): void { | ||
$invitation = $this->invitationMapper->getInvitationById($shareId); | ||
try { | ||
$invitation = $this->invitationMapper->getInvitationById($shareId); | ||
} catch (DoesNotExistException $e) { | ||
throw new \InvalidArgumentException('invitation'); | ||
} | ||
if ($invitation->getUserId() !== $user->getUID()) { | ||
throw new UnauthorizedException('invitation is for a different user'); | ||
throw new UnauthorizedException('user'); | ||
} | ||
|
||
$this->invitationMapper->delete($invitation); | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.