Cleanup code after moving 'Enable FS and Create folder for eligible users' to `files controls app`

namespace OCA\EcloudAccounts\AppInfo;

use OC\Files\Filesystem;

use OCA\EcloudAccounts\Filesystem\StorageWrapper;

use OCA\EcloudAccounts\Listeners\BeforeTemplateRenderedListener;

use OCA\EcloudAccounts\Listeners\BeforeUserDeletedListener;

use OCA\EcloudAccounts\Listeners\PasswordUpdatedListener;

use OCP\AppFramework\Bootstrap\IBootstrap;

use OCP\AppFramework\Bootstrap\IRegistrationContext;

use OCP\AppFramework\Http\Events\BeforeTemplateRenderedEvent;

use OCP\Files\Storage\IStorage;

use OCP\IUserManager;

use OCP\User\Events\BeforeUserDeletedEvent;

use OCP\User\Events\PasswordUpdatedEvent;

use OCP\User\Events\UserChangedEvent;

use OCP\Util;

class Application extends App implements IBootstrap {

	public const APP_ID = 'ecloud-accounts';

	}

	public function register(IRegistrationContext $context): void {

		Util::connectHook('OC_Filesystem', 'preSetup', $this, 'addStorageWrapper');

		$context->registerEventListener(BeforeTemplateRenderedEvent::class, BeforeTemplateRenderedListener::class);

		$context->registerEventListener(BeforeUserDeletedEvent::class, BeforeUserDeletedListener::class);

		$context->registerEventListener(UserChangedEvent::class, UserChangedListener::class);

			);

		});

	}

	/**

	 * @internal

	 */

	public function addStorageWrapper(): void {

		Filesystem::addStorageWrapper('ecloud-accounts', [$this, 'addStorageWrapperCallback'], -10);

	}

	/**

	 * @internal

	 * @param $mountPoint

	 * @param IStorage $storage

	 * @return StorageWrapper|IStorage

	 */

	public function addStorageWrapperCallback($mountPoint, IStorage $storage) {

		$instanceId = \OC::$server->getConfig()->getSystemValue('instanceid', '');

		$appdataFolder = 'appdata_' . $instanceId;

		if ($mountPoint !== '/' && strpos($mountPoint, '/' . $appdataFolder) !== 0) {

			return new StorageWrapper([

				'storage' => $storage,

				'mountPoint' => $mountPoint,

			]);

		}

		return $storage;

	}

}

use OCA\EcloudAccounts\Exception\LDAPUserCreationException;

use OCA\EcloudAccounts\Exception\RecoveryEmailValidationException;

use OCA\EcloudAccounts\Service\CaptchaService;

use OCA\EcloudAccounts\Service\FilesystemService;

use OCA\EcloudAccounts\Service\HCaptchaService;

use OCA\EcloudAccounts\Service\NewsLetterService;

use OCA\EcloudAccounts\Service\UserService;

	private IConfig $config;

	private IInitialState $initialState;

	private IAppData $appData;

	private FilesystemService $fsService;

	private const SESSION_VERIFIED_USERNAME = 'verified_username';

	private const SESSION_VERIFIED_DISPLAYNAME = 'verified_displayname';

	private const CAPTCHA_VERIFIED_CHECK = 'captcha_verified';

		IConfig $config,

		ILogger $logger,

		IInitialState $initialState,

		IAppData $appData

		IAppData $appData,

		FilesystemService $fsService

	) {

		parent::__construct($AppName, $request);

		$this->appName = $AppName;

		$this->request = $request;

		$this->initialState = $initialState;

		$this->appData = $appData;

		$this->fsService = $fsService;

	}

	/**

			$this->session->remove(self::CAPTCHA_VERIFIED_CHECK);

			$ipAddress = $this->request->getRemoteAddress();

			$this->userService->addUsernameToCommonDataStore($username, $ipAddress, $recoveryEmail);

			// temporary fix to add user in 'files-enabled' group

			$this->fsService->addUserInFilesEnabledGroup($username);

			$response->setStatus(200);

			$response->setData(['success' => true]);

<?php

declare(strict_types=1);

namespace OCA\EcloudAccounts\Filesystem;

use OC\Files\Cache\Wrapper\CacheWrapper as Wrapper;

use OCP\Constants;

use OCP\Files\Cache\ICache;

use OCP\Files\Cache\ICacheEntry;

use OCP\Files\ForbiddenException;

use OCP\Files\Search\ISearchQuery;

class CacheWrapper extends Wrapper {

	public function __construct(

		ICache $cache

	) {

		parent::__construct($cache);

		$this->mask = Constants::PERMISSION_ALL

			& ~Constants::PERMISSION_READ

			& ~Constants::PERMISSION_CREATE

			& ~Constants::PERMISSION_UPDATE

			& ~Constants::PERMISSION_DELETE;

	}

	protected function formatCacheEntry($entry) {

		if (isset($entry['path']) && isset($entry['permissions'])) {

			try {

				throw new ForbiddenException('Access denied', false);

			} catch (ForbiddenException) {

				$entry['permissions'] &= $this->mask;

			}

		}

		return $entry;

	}

	public function insert($file, $data) {

		throw new \Exception('User data cache insert is disabled.');

	}

	public function update($id, $data) {

		throw new \Exception('User data cache update is disabled.');

	}

	public function remove($fileId) {

		throw new \Exception('User data cache removal is disabled.');

	}

	public function searchQuery(ISearchQuery $searchQuery) {

		return [];

	}

	public function getCacheEntryFromSearchResult(ICacheEntry $rawEntry): ?ICacheEntry {

		return null;

	}

}

<?php

declare(strict_types=1);

namespace OCA\EcloudAccounts\Filesystem;

use OC\Files\Cache\Cache;

use OC\Files\Storage\Storage;

use OC\Files\Storage\Wrapper\Wrapper;

use OCP\Files\ForbiddenException;

use OCP\Files\Storage\IStorage;

use OCP\Files\Storage\IWriteStreamStorage;

class StorageWrapper extends Wrapper implements IWriteStreamStorage {

	/**

	 * @param array $parameters

	 */

	public function __construct($parameters) {

		parent::__construct($parameters);

	}

	/**

	 * @throws ForbiddenException

	 */

	protected function checkFileAccess(string $path, bool $isDir = false): void {

		throw new ForbiddenException('Access denied', false);

	}

	/*

	 * Storage wrapper methods

	 */

	/**

	 * see http://php.net/manual/en/function.mkdir.php

	 *

	 * @param string $path

	 * @return bool

	 * @throws ForbiddenException

	 */

	public function mkdir($path) {

		$this->checkFileAccess($path, true);

	}

	/**

	 * see http://php.net/manual/en/function.rmdir.php

	 *

	 * @param string $path

	 * @return bool

	 * @throws ForbiddenException

	 */

	public function rmdir($path) {

		$this->checkFileAccess($path, true);

	}

	/**

	 * check if a file can be created in $path

	 *

	 * @param string $path

	 * @return bool

	 */

	public function isCreatable($path) {

		try {

			$this->checkFileAccess($path);

		} catch (ForbiddenException $e) {

			return false;

		}

	}

	/**

	 * check if a file can be read

	 *

	 * @param string $path

	 * @return bool

	 */

	public function isReadable($path) {

		try {

			$this->checkFileAccess($path);

		} catch (ForbiddenException $e) {

			return false;

		}

	}

	/**

	 * check if a file can be written to

	 *

	 * @param string $path

	 * @return bool

	 */

	public function isUpdatable($path) {

		try {

			$this->checkFileAccess($path);

		} catch (ForbiddenException $e) {

			return false;

		}

	}

	/**

	 * check if a file can be deleted

	 *

	 * @param string $path

	 * @return bool

	 */

	public function isDeletable($path) {

		try {

			$this->checkFileAccess($path);

		} catch (ForbiddenException $e) {

			return false;

		}

	}

	public function getPermissions($path) {

		try {

			$this->checkFileAccess($path);

		} catch (ForbiddenException $e) {

			return $this->mask;

		}

	}

	/**

	 * see http://php.net/manual/en/function.file_get_contents.php

	 *

	 * @param string $path

	 * @return string

	 * @throws ForbiddenException

	 */

	public function file_get_contents($path) {

		$this->checkFileAccess($path);

	}

	/**

	 * see http://php.net/manual/en/function.file_put_contents.php

	 *

	 * @param string $path

	 * @param string $data

	 * @return bool

	 * @throws ForbiddenException

	 */

	public function file_put_contents($path, $data) {

		$this->checkFileAccess($path);

	}

	/**

	 * see http://php.net/manual/en/function.unlink.php

	 *

	 * @param string $path

	 * @return bool

	 * @throws ForbiddenException

	 */

	public function unlink($path) {

		$this->checkFileAccess($path);

	}

	/**

	 * see http://php.net/manual/en/function.rename.php

	 *

	 * @param string $path1

	 * @param string $path2

	 * @return bool

	 * @throws ForbiddenException

	 */

	public function rename($path1, $path2) {

		$this->checkFileAccess($path1);

		$this->checkFileAccess($path2);

	}

	/**

	 * see http://php.net/manual/en/function.copy.php

	 *

	 * @param string $path1

	 * @param string $path2

	 * @return bool

	 * @throws ForbiddenException

	 */

	public function copy($path1, $path2) {

		$this->checkFileAccess($path1);

		$this->checkFileAccess($path2);

	}

	/**

	 * see http://php.net/manual/en/function.fopen.php

	 *

	 * @param string $path

	 * @param string $mode

	 * @return resource

	 * @throws ForbiddenException

	 */

	public function fopen($path, $mode) {

		$this->checkFileAccess($path);

	}

	/**

	 * see http://php.net/manual/en/function.touch.php

	 * If the backend does not support the operation, false should be returned

	 *

	 * @param string $path

	 * @param int $mtime

	 * @return bool

	 * @throws ForbiddenException

	 */

	public function touch($path, $mtime = null) {

		$this->checkFileAccess($path);

	}

	/**

	 * get a cache instance for the storage

	 *

	 * @param string $path

	 * @param Storage (optional) the storage to pass to the cache

	 * @return Cache

	 */

	public function getCache($path = '', $storage = null) {

		if (!$storage) {

			$storage = $this;

		}

		$cache = $this->storage->getCache($path, $storage);

		return new CacheWrapper($cache, $storage);

	}

	/**

	 * A custom storage implementation can return an url for direct download of a give file.

	 *

	 * For now the returned array can hold the parameter url - in future more attributes might follow.

	 *

	 * @param string $path

	 * @return array

	 * @throws ForbiddenException

	 */

	public function getDirectDownload($path) {

		$this->checkFileAccess($path);

	}

	/**

	 * @param IStorage $sourceStorage

	 * @param string $sourceInternalPath

	 * @param string $targetInternalPath

	 * @return bool

	 * @throws ForbiddenException

	 */

	public function copyFromStorage(IStorage $sourceStorage, $sourceInternalPath, $targetInternalPath) {

		$this->checkFileAccess($targetInternalPath);

	}

	/**

	 * @param IStorage $sourceStorage

	 * @param string $sourceInternalPath

	 * @param string $targetInternalPath

	 * @return bool

	 * @throws ForbiddenException

	 */

	public function moveFromStorage(IStorage $sourceStorage, $sourceInternalPath, $targetInternalPath) {

		$this->checkFileAccess($targetInternalPath);

	}

	/**

	 * @throws ForbiddenException

	 */

	public function writeStream(string $path, $stream, ?int $size = null): int {

		$this->checkFileAccess($path);

	}

}

<?php

declare(strict_types=1);

namespace OCA\EcloudAccounts\Service;

use OCP\IConfig;

use OCP\IGroupManager;

use OCP\ILogger;

use OCP\IUserManager;

class FilesystemService {

	/** @var IUserManager */

	private $userManager;

	/** @var IConfig */

	private $config;

	/** @var ILogger */

	private $logger;

	/** @var IGroupManager */

	private $groupManager;

	public function __construct(IUserManager $userManager, IConfig $config, ILogger $logger, IGroupManager $groupManager) {

		$this->userManager = $userManager;

		$this->config = $config;

		$this->logger = $logger;

		$this->groupManager = $groupManager;

	}

	public function addUserInFilesEnabledGroup($username): bool {

		$user = $this->userManager->get($username);

		if (!$user) {

			return false;

		}

		$groupName = $this->config->getSystemValue('files_access_group_name', '');

		if (!$this->groupManager->groupExists($groupName)) {

			$this->logger->error("$groupName group not exist.");

			return false;

		}

		$group = $this->groupManager->get($groupName);

		$group->addUser($user);

		return true;

	}

	public function checkFilesGroupAccess($username): bool {

		$groupName = $this->config->getSystemValue('files_access_group_name', '');

		if (!$this->groupManager->groupExists($groupName)) {

			$this->logger->error("$groupName group not exist.");

			return false;

		}

		if ($this->groupManager->isInGroup($username, $groupName)) {

			return true;

		}

		return false;

	}

}