diff --git a/lib/Constants.php b/lib/Constants.php
index 13f16c5b..f0827e06 100644
--- a/lib/Constants.php
+++ b/lib/Constants.php
@@ -29,9 +29,13 @@ class Constants {
/**
* Used AppConfig Keys
*/
+ public const CONFIG_KEY_ALLOWPERMITALL = 'allowPermitAll';
+ public const CONFIG_KEY_ALLOWPUBLICLINK = 'allowPublicLink';
public const CONFIG_KEY_CREATIONALLOWEDGROUPS = 'creationAllowedGroups';
public const CONFIG_KEY_RESTRICTCREATION = 'restrictCreation';
public const CONFIG_KEYS = [
+ self::CONFIG_KEY_ALLOWPERMITALL,
+ self::CONFIG_KEY_ALLOWPUBLICLINK,
self::CONFIG_KEY_CREATIONALLOWEDGROUPS,
self::CONFIG_KEY_RESTRICTCREATION
];
diff --git a/lib/Controller/ShareApiController.php b/lib/Controller/ShareApiController.php
index 3dd19431..5db2276d 100644
--- a/lib/Controller/ShareApiController.php
+++ b/lib/Controller/ShareApiController.php
@@ -31,6 +31,7 @@ use OCA\Forms\Db\Form;
use OCA\Forms\Db\FormMapper;
use OCA\Forms\Db\Share;
use OCA\Forms\Db\ShareMapper;
+use OCA\Forms\Service\ConfigService;
use OCA\Forms\Service\FormsService;
use OCP\AppFramework\OCSController;
@@ -59,6 +60,9 @@ class ShareApiController extends OCSController {
/** @var ShareMapper */
private $shareMapper;
+ /** @var ConfigService */
+ private $configService;
+
/** @var FormsService */
private $formsService;
@@ -80,6 +84,7 @@ class ShareApiController extends OCSController {
public function __construct(string $appName,
FormMapper $formMapper,
ShareMapper $shareMapper,
+ ConfigService $configService,
FormsService $formsService,
IGroupManager $groupManager,
ILogger $logger,
@@ -91,6 +96,7 @@ class ShareApiController extends OCSController {
$this->appName = $appName;
$this->formMapper = $formMapper;
$this->shareMapper = $shareMapper;
+ $this->configService = $configService;
$this->formsService = $formsService;
$this->groupManager = $groupManager;
$this->logger = $logger;
@@ -125,6 +131,12 @@ class ShareApiController extends OCSController {
throw new OCSBadRequestException('Invalid shareType');
}
+ // Block LinkShares if not allowed
+ if ($shareType === IShare::TYPE_LINK && !$this->configService->getAllowPublicLink()) {
+ $this->logger->debug('Link Share not allowed.');
+ throw new OCSForbiddenException('Link Share not allowed.');
+ }
+
try {
$form = $this->formMapper->findById($formId);
} catch (IMapperException $e) {
diff --git a/lib/Service/ConfigService.php b/lib/Service/ConfigService.php
index f45c0f98..86d486b4 100644
--- a/lib/Service/ConfigService.php
+++ b/lib/Service/ConfigService.php
@@ -65,6 +65,12 @@ class ConfigService {
/**
* Load the single values, decode, have default values
*/
+ public function getAllowPermitAll(): bool {
+ return json_decode($this->config->getAppValue($this->appName, Constants::CONFIG_KEY_ALLOWPERMITALL, "true"));
+ }
+ public function getAllowPublicLink(): bool {
+ return json_decode($this->config->getAppValue($this->appName, Constants::CONFIG_KEY_ALLOWPUBLICLINK, "true"));
+ }
private function getUnformattedCreationAllowedGroups(): array {
return json_decode($this->config->getAppValue($this->appName, Constants::CONFIG_KEY_CREATIONALLOWEDGROUPS, "[]"));
}
@@ -80,6 +86,8 @@ class ConfigService {
*/
public function getAppConfig(): array {
return [
+ Constants::CONFIG_KEY_ALLOWPERMITALL => $this->getAllowPermitAll(),
+ Constants::CONFIG_KEY_ALLOWPUBLICLINK => $this->getAllowPublicLink(),
Constants::CONFIG_KEY_CREATIONALLOWEDGROUPS => $this->getCreationAllowedGroups(),
Constants::CONFIG_KEY_RESTRICTCREATION => $this->getRestrictCreation(),
diff --git a/lib/Service/FormsService.php b/lib/Service/FormsService.php
index b3084d5e..39acebbf 100644
--- a/lib/Service/FormsService.php
+++ b/lib/Service/FormsService.php
@@ -33,6 +33,7 @@ use OCA\Forms\Db\QuestionMapper;
use OCA\Forms\Db\Share;
use OCA\Forms\Db\ShareMapper;
use OCA\Forms\Db\SubmissionMapper;
+
use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Db\IMapperException;
use OCP\IGroup;
@@ -66,6 +67,9 @@ class FormsService {
/** @var SubmissionMapper */
private $submissionMapper;
+ /** @var ConfigService */
+ private $configService;
+
/** @var IGroupManager */
private $groupManager;
@@ -84,6 +88,7 @@ class FormsService {
QuestionMapper $questionMapper,
ShareMapper $shareMapper,
SubmissionMapper $submissionMapper,
+ ConfigService $configService,
IGroupManager $groupManager,
ILogger $logger,
IUserManager $userManager,
@@ -94,6 +99,7 @@ class FormsService {
$this->questionMapper = $questionMapper;
$this->shareMapper = $shareMapper;
$this->submissionMapper = $submissionMapper;
+ $this->configService = $configService;
$this->groupManager = $groupManager;
$this->logger = $logger;
$this->userManager = $userManager;
@@ -322,7 +328,7 @@ class FormsService {
}
// Now all remaining users are allowed, if permitAll is set.
- if ($access['permitAllUsers']) {
+ if ($access['permitAllUsers'] && $this->configService->getAllowPermitAll()) {
return true;
}
@@ -356,7 +362,9 @@ class FormsService {
}
// Shown if permitall and showntoall are both set.
- if ($access['permitAllUsers'] && $access['showToAllUsers']) {
+ if ($access['permitAllUsers'] &&
+ $access['showToAllUsers'] &&
+ $this->configService->getAllowPermitAll()) {
return true;
}
diff --git a/src/FormsSettings.vue b/src/FormsSettings.vue
index d29ccafc..049f8167 100644
--- a/src/FormsSettings.vue
+++ b/src/FormsSettings.vue
@@ -21,24 +21,40 @@
-->
-
-
- {{ t('forms', 'Restrict form creation to selected groups') }}
-
-
-
+
+
+
+ {{ t('forms', 'Restrict form creation to selected groups') }}
+
+
+
+
+
+ {{ t('forms', 'Allow sharing by link') }}
+
+
+ {{ t('forms', 'Allow sharing to all logged in accounts') }}
+
+
+