From aa4df2e800e3038d1621d5fc7451bbe2ac32d699 Mon Sep 17 00:00:00 2001
From: Andras Timar <andras.timar@collabora.com>
Date: Wed, 14 Jun 2017 14:11:09 +0200
Subject: [PATCH] Restore 'Enable edit for specific groups' feature, fixes #66

---
 js/admin.js                           | 44 +++++++++++++++++++++++++++
 lib/Controller/SettingsController.php |  9 +++++-
 lib/Settings/Admin.php                |  2 --
 lib/TokenManager.php                  | 20 +++++++++++-
 templates/admin.php                   |  7 +++--
 5 files changed, 76 insertions(+), 6 deletions(-)

diff --git a/js/admin.js b/js/admin.js
index b0124346..81e1c0cd 100644
--- a/js/admin.js
+++ b/js/admin.js
@@ -15,6 +15,17 @@ var documentsSettings = {
 		);
 	},
 
+	saveGroups: function(groups) {
+		var data = {
+			'edit_groups': groups
+		};
+
+		$.post(
+			OC.filePath('richdocuments', 'ajax', 'admin.php'),
+			data
+			);
+	},
+
 	saveDocFormat: function(format) {
 		$.post(
 			OC.filePath('richdocuments', 'ajax', 'admin.php'),
@@ -27,7 +38,19 @@ var documentsSettings = {
 		OC.msg.finishedAction('#documents-admin-msg', response);
 	},
 
+	initEditGroups: function() {
+		var groups = $('#edit_group_select').val();
+			if (groups !== '') {
+				OC.Settings.setupGroupsSelect($('#edit_group_select'));
+					$('.edit-groups-enable').attr('checked', 'checked');
+			} else {
+				$('.edit-groups-enable').attr('checked', null);
+			}
+	},
+
 	initialize: function() {
+		documentsSettings.initEditGroups();
+
 		$('#wopi_apply').on('click', documentsSettings.save);
 
 		$(document).on('change', '.doc-format-ooxml', function() {
@@ -35,6 +58,27 @@ var documentsSettings = {
 			documentsSettings.saveDocFormat(ooxml ? 'ooxml' : 'odf');
 		});
 
+		$(document).on('change', '#edit_group_select', function() {
+			var element = $(this).parent().find('input.edit-groups-enable');
+			var groups = $(this).val();
+				documentsSettings.saveGroups(groups);
+		});
+
+		$(document).on('change', '.edit-groups-enable', function() {
+			var $select = $(this).parent().find('#edit_group_select');
+			$select.val('');
+
+			if (this.checked) {
+				OC.Settings.setupGroupsSelect($select, {
+				placeholder: t('core', 'All')
+				});
+			} else {
+				$select.select2('destroy');
+			}
+
+			$select.change();
+		});
+
 	}
 };
 
diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php
index 211e93ca..8d609c02 100644
--- a/lib/Controller/SettingsController.php
+++ b/lib/Controller/SettingsController.php
@@ -52,17 +52,20 @@ class SettingsController extends Controller{
 	 */
 	public function getSettings() {
 		return new JSONResponse([
-			'doc_format' => $this->appConfig->getAppValue('doc_format'),
 			'wopi_url' => $this->appConfig->getAppValue('wopi_url'),
+			'edit_groups' => $this->appConfig->getAppValue('edit_groups'),
+			'doc_format' => $this->appConfig->getAppValue('doc_format'),
 		]);
 	}
 
 	/**
 	 * @param string $wopi_url
+	 * @param string $edit_groups
 	 * @param string $doc_format
 	 * @return JSONResponse
 	 */
 	public function setSettings($wopi_url,
+								$edit_groups,
 								$doc_format){
 		$message = $this->l10n->t('Saved');
 
@@ -75,6 +78,10 @@ class SettingsController extends Controller{
 			}
 		}
 
+		if ($edit_groups !== null){
+			$this->appConfig->setAppValue('edit_groups', $edit_groups);
+		}
+
 		if ($doc_format !== null) {
 			$this->appConfig->setAppValue('doc_format', $doc_format);
 		}
diff --git a/lib/Settings/Admin.php b/lib/Settings/Admin.php
index fdfc9d4f..2a837065 100644
--- a/lib/Settings/Admin.php
+++ b/lib/Settings/Admin.php
@@ -49,8 +49,6 @@ class Admin implements ISettings {
 				'wopi_url' => $this->config->getAppValue('richdocuments', 'wopi_url'),
 				'edit_groups' => $this->config->getAppValue('richdocuments', 'edit_groups'),
 				'doc_format' => $this->config->getAppValue('richdocuments', 'doc_format'),
-				'test_wopi_url' => $this->config->getAppValue('richdocuments', 'test_wopi_url'),
-				'test_server_groups' => $this->config->getAppValue('richdocuments', 'test_server_groups')
 			],
 			'blank'
 		);
diff --git a/lib/TokenManager.php b/lib/TokenManager.php
index 846d7664..38fbe2a5 100644
--- a/lib/TokenManager.php
+++ b/lib/TokenManager.php
@@ -50,11 +50,13 @@ class TokenManager {
 								IManager $shareManager,
 								IURLGenerator $urlGenerator,
 								Parser $wopiParser,
+								AppConfig $appConfig,
 								$UserId) {
 		$this->rootFolder = $rootFolder;
 		$this->shareManager = $shareManager;
 		$this->urlGenerator = $urlGenerator;
 		$this->wopiParser = $wopiParser;
+		$this->appConfig = $appConfig;
 		$this->userId = $UserId;
 	}
 
@@ -79,6 +81,22 @@ class TokenManager {
 				/** @var File $file */
 				$rootFolder = $this->rootFolder->getUserFolder($this->userId);
 				$updatable = $rootFolder->isUpdateable();
+				// Check if the editor (user who is accessing) is in editable group
+				// UserCanWrite only if
+				// 1. No edit groups are set or
+				// 2. if they are set, it is in one of the edit groups
+				$editorUid = \OC::$server->getUserSession()->getUser()->getUID();
+				$editGroups = array_filter(explode('|', $this->appConfig->getAppValue('edit_groups')));
+				if ($updatable && count($editGroups) > 0) {
+					$updatable = false;
+					foreach($editGroups as $editGroup) {
+						 $editorGroup = \OC::$server->getGroupManager()->get($editGroup);
+						 if ($editorGroup !== null && sizeof($editorGroup->searchUsers($editorUid)) > 0) {
+							$updatable = true;
+							break;
+						 }
+					}
+				}
 			} catch (\Exception $e) {
 				throw $e;
 			}
@@ -103,4 +121,4 @@ class TokenManager {
 			throw $e;
 		}
 	}
-}
\ No newline at end of file
+}
diff --git a/templates/admin.php b/templates/admin.php
index d3c01fcd..bbcdcb9f 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -9,7 +9,10 @@ script('richdocuments', 'admin');
 	<br/><button type="button" id="wopi_apply"><?php p($l->t('Apply')) ?></button>
 	<span id="documents-admin-msg" class="msg"></span>
     <br/>
-
+	<input type="checkbox" class="edit-groups-enable" id="edit_groups_enable-richdocuments" />
+	<label for="edit_groups_enable-richdocuments"><?php p($l->t('Enable edit for specific groups')) ?></label>
+	<input type="hidden" id="edit_group_select" value="<?php p($_['edit_groups'])?>" title="<?php p($l->t('All')); ?>" style="width: 200px">
+	<br/>
     <input type="checkbox" class="doc-format-ooxml" id="doc_format_ooxml_enable-richdocuments" <?php p($_['doc_format'] === 'ooxml' ? 'checked' : '') ?> />
     <label for="doc_format_ooxml_enable-richdocuments"><?php p($l->t('Use OOXML by default for new files')) ?></label>
-</div>
\ No newline at end of file
+</div>