mirror of
https://github.com/LibreSign/libresign.git
synced 2025-12-18 05:20:45 +01:00
Merge pull request #6187 from LibreSign/feat/docmdp-per-file
feat: docmdp per file
This commit is contained in:
Vitor Mattos
GitHub
commit
f89ec9bf05
16 changed files with 167 additions and 12 deletions
|
|
@ -25,7 +25,7 @@ Developed with ❤️ by [LibreCode](https://librecode.coop). Help us transform
|
|||
|
||||
* [Donate with GitHub Sponsor: ](https://github.com/sponsors/libresign)
|
||||
]]></description>
|
||||
<version>13.0.0-dev.2</version>
|
||||
<version>13.0.0-dev.3</version>
|
||||
<licence>agpl</licence>
|
||||
<author mail="contact@librecode.coop" homepage="https://librecode.coop">LibreCode</author>
|
||||
<types>
|
||||
|
|
|
|||
|
|
@ -41,6 +41,8 @@ use OCP\DB\Types;
|
|||
* @method int getModificationStatus()
|
||||
* @method void setSignatureFlow(int $signatureFlow)
|
||||
* @method int getSignatureFlow()
|
||||
* @method void setDocmdpLevel(int $docmdpLevel)
|
||||
* @method int getDocmdpLevel()
|
||||
*/
|
||||
class File extends Entity {
|
||||
protected int $nodeId = 0;
|
||||
|
|
@ -56,6 +58,7 @@ class File extends Entity {
|
|||
protected ?array $metadata = null;
|
||||
protected int $modificationStatus = 0;
|
||||
protected int $signatureFlow = SignatureFlow::NUMERIC_PARALLEL;
|
||||
protected int $docmdpLevel = 0;
|
||||
public const STATUS_NOT_LIBRESIGN_FILE = -1;
|
||||
public const STATUS_DRAFT = 0;
|
||||
public const STATUS_ABLE_TO_SIGN = 1;
|
||||
|
|
@ -83,6 +86,7 @@ class File extends Entity {
|
|||
$this->addType('metadata', Types::JSON);
|
||||
$this->addType('modificationStatus', Types::SMALLINT);
|
||||
$this->addType('signatureFlow', Types::SMALLINT);
|
||||
$this->addType('docmdpLevel', Types::SMALLINT);
|
||||
}
|
||||
|
||||
public function isDeletedAccount(): bool {
|
||||
|
|
@ -102,4 +106,12 @@ class File extends Entity {
|
|||
public function setSignatureFlowEnum(\OCA\Libresign\Enum\SignatureFlow $flow): void {
|
||||
$this->setSignatureFlow($flow->toNumeric());
|
||||
}
|
||||
|
||||
public function getDocmdpLevelEnum(): \OCA\Libresign\Enum\DocMdpLevel {
|
||||
return \OCA\Libresign\Enum\DocMdpLevel::tryFrom($this->docmdpLevel) ?? \OCA\Libresign\Enum\DocMdpLevel::NOT_CERTIFIED;
|
||||
}
|
||||
|
||||
public function setDocmdpLevelEnum(\OCA\Libresign\Enum\DocMdpLevel $level): void {
|
||||
$this->setDocmdpLevel($level->value);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -502,6 +502,7 @@ class SignRequestMapper extends QBMapper {
|
|||
'f.metadata',
|
||||
'f.created_at',
|
||||
'f.signature_flow',
|
||||
'f.docmdp_level',
|
||||
)
|
||||
->groupBy(
|
||||
'f.id',
|
||||
|
|
@ -513,6 +514,7 @@ class SignRequestMapper extends QBMapper {
|
|||
'f.status',
|
||||
'f.created_at',
|
||||
'f.signature_flow',
|
||||
'f.docmdp_level',
|
||||
);
|
||||
// metadata is a json column, the right way is to use f.metadata::text
|
||||
// when the database is PostgreSQL. The problem is that the command
|
||||
|
|
@ -624,12 +626,14 @@ class SignRequestMapper extends QBMapper {
|
|||
|
||||
$row['name'] = $this->removeExtensionFromName($row['name'], $row['metadata']);
|
||||
$row['signatureFlow'] = SignatureFlow::fromNumeric((int)($row['signature_flow']))->value;
|
||||
$row['docmdpLevel'] = (int)($row['docmdp_level'] ?? 0);
|
||||
|
||||
unset(
|
||||
$row['user_id'],
|
||||
$row['node_id'],
|
||||
$row['signed_node_id'],
|
||||
$row['signature_flow'],
|
||||
$row['docmdp_level'],
|
||||
);
|
||||
return $row;
|
||||
}
|
||||
|
|
|
|||
46
lib/Migration/Version15001Date20251214000000.php
Normal file
46
lib/Migration/Version15001Date20251214000000.php
Normal file
|
|
@ -0,0 +1,46 @@
|
|||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
/**
|
||||
* SPDX-FileCopyrightText: 2025 LibreCode coop and contributors
|
||||
* SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
*/
|
||||
|
||||
namespace OCA\Libresign\Migration;
|
||||
|
||||
use Closure;
|
||||
use OCP\DB\ISchemaWrapper;
|
||||
use OCP\DB\Types;
|
||||
use OCP\Migration\IOutput;
|
||||
use OCP\Migration\SimpleMigrationStep;
|
||||
|
||||
/**
|
||||
* Add DocMDP level support per file
|
||||
* - Adds 'docmdp_level' column to libresign_file table to store DocMDP certification level per file
|
||||
*/
|
||||
class Version15001Date20251214000000 extends SimpleMigrationStep {
|
||||
/**
|
||||
* @param IOutput $output
|
||||
* @param Closure(): ISchemaWrapper $schemaClosure
|
||||
* @param array $options
|
||||
* @return null|ISchemaWrapper
|
||||
*/
|
||||
#[\Override]
|
||||
public function changeSchema(IOutput $output, Closure $schemaClosure, array $options): ?ISchemaWrapper {
|
||||
/** @var ISchemaWrapper $schema */
|
||||
$schema = $schemaClosure();
|
||||
|
||||
if ($schema->hasTable('libresign_file')) {
|
||||
$tableFile = $schema->getTable('libresign_file');
|
||||
if (!$tableFile->hasColumn('docmdp_level')) {
|
||||
$tableFile->addColumn('docmdp_level', Types::SMALLINT, [
|
||||
'notnull' => true,
|
||||
'default' => 0,
|
||||
'comment' => 'DocMDP permission level for this file: 0=none, 1=no changes, 2=form fill, 3=form fill + annotations',
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
return $schema;
|
||||
}
|
||||
}
|
||||
|
|
@ -187,6 +187,7 @@ namespace OCA\Libresign;
|
|||
* statusText: string,
|
||||
* nodeId: non-negative-int,
|
||||
* signatureFlow: int,
|
||||
* docmdpLevel: int,
|
||||
* totalPages: non-negative-int,
|
||||
* size: non-negative-int,
|
||||
* pdfVersion: string,
|
||||
|
|
|
|||
|
|
@ -712,6 +712,7 @@ class FileService {
|
|||
$this->fileData->statusText = $this->fileMapper->getTextOfStatus($this->file->getStatus());
|
||||
$this->fileData->nodeId = $this->file->getNodeId();
|
||||
$this->fileData->signatureFlow = $this->file->getSignatureFlow();
|
||||
$this->fileData->docmdpLevel = $this->file->getDocmdpLevel();
|
||||
|
||||
$this->fileData->requested_by = [
|
||||
'userId' => $this->file->getUserId(),
|
||||
|
|
|
|||
|
|
@ -56,6 +56,7 @@ class RequestSignatureService {
|
|||
protected IEventDispatcher $eventDispatcher,
|
||||
protected FileStatusService $fileStatusService,
|
||||
protected SignRequestStatusService $signRequestStatusService,
|
||||
protected DocMdpConfigService $docMdpConfigService,
|
||||
) {
|
||||
}
|
||||
|
||||
|
|
@ -128,6 +129,8 @@ class RequestSignatureService {
|
|||
$this->setSignatureFlowFromGlobalConfig($file);
|
||||
}
|
||||
|
||||
$this->setDocMdpLevelFromGlobalConfig($file);
|
||||
|
||||
$this->fileMapper->insert($file);
|
||||
return $file;
|
||||
}
|
||||
|
|
@ -138,6 +141,13 @@ class RequestSignatureService {
|
|||
$file->setSignatureFlowEnum($globalFlow);
|
||||
}
|
||||
|
||||
private function setDocMdpLevelFromGlobalConfig(FileEntity $file): void {
|
||||
if ($this->docMdpConfigService->isEnabled()) {
|
||||
$docmdpLevel = $this->docMdpConfigService->getLevel();
|
||||
$file->setDocmdpLevelEnum($docmdpLevel);
|
||||
}
|
||||
}
|
||||
|
||||
private function getFileMetadata(\OCP\Files\Node $node): array {
|
||||
$metadata = [];
|
||||
if ($extension = strtolower($node->getExtension())) {
|
||||
|
|
|
|||
|
|
@ -338,17 +338,28 @@ class SignFileService {
|
|||
* @throws LibresignException If the document has DocMDP level 1 (no changes allowed)
|
||||
*/
|
||||
protected function validateDocMdpAllowsSignatures(): void {
|
||||
$resource = $this->getLibreSignFileAsResource();
|
||||
$docmdpLevel = $this->libreSignFile->getDocmdpLevelEnum();
|
||||
|
||||
try {
|
||||
if (!$this->docMdpHandler->allowsAdditionalSignatures($resource)) {
|
||||
throw new LibresignException(
|
||||
$this->l10n->t('This document has been certified with no changes allowed, so no additional signatures can be added.'),
|
||||
AppFrameworkHttp::STATUS_UNPROCESSABLE_ENTITY
|
||||
);
|
||||
if ($docmdpLevel === \OCA\Libresign\Enum\DocMdpLevel::CERTIFIED_NO_CHANGES_ALLOWED) {
|
||||
throw new LibresignException(
|
||||
$this->l10n->t('This document has been certified with no changes allowed. You cannot add more signers to this document.'),
|
||||
AppFrameworkHttp::STATUS_UNPROCESSABLE_ENTITY
|
||||
);
|
||||
}
|
||||
|
||||
if ($docmdpLevel === \OCA\Libresign\Enum\DocMdpLevel::NOT_CERTIFIED) {
|
||||
$resource = $this->getLibreSignFileAsResource();
|
||||
|
||||
try {
|
||||
if (!$this->docMdpHandler->allowsAdditionalSignatures($resource)) {
|
||||
throw new LibresignException(
|
||||
$this->l10n->t('This document has been certified with no changes allowed. You cannot add more signers to this document.'),
|
||||
AppFrameworkHttp::STATUS_UNPROCESSABLE_ENTITY
|
||||
);
|
||||
}
|
||||
} finally {
|
||||
fclose($resource);
|
||||
}
|
||||
} finally {
|
||||
fclose($resource);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1013,6 +1013,7 @@
|
|||
"statusText",
|
||||
"nodeId",
|
||||
"signatureFlow",
|
||||
"docmdpLevel",
|
||||
"totalPages",
|
||||
"size",
|
||||
"pdfVersion",
|
||||
|
|
@ -1050,6 +1051,10 @@
|
|||
"type": "integer",
|
||||
"format": "int64"
|
||||
},
|
||||
"docmdpLevel": {
|
||||
"type": "integer",
|
||||
"format": "int64"
|
||||
},
|
||||
"totalPages": {
|
||||
"type": "integer",
|
||||
"format": "int64",
|
||||
|
|
|
|||
|
|
@ -863,6 +863,7 @@
|
|||
"statusText",
|
||||
"nodeId",
|
||||
"signatureFlow",
|
||||
"docmdpLevel",
|
||||
"totalPages",
|
||||
"size",
|
||||
"pdfVersion",
|
||||
|
|
@ -900,6 +901,10 @@
|
|||
"type": "integer",
|
||||
"format": "int64"
|
||||
},
|
||||
"docmdpLevel": {
|
||||
"type": "integer",
|
||||
"format": "int64"
|
||||
},
|
||||
"totalPages": {
|
||||
"type": "integer",
|
||||
"format": "int64",
|
||||
|
|
|
|||
|
|
@ -4,6 +4,9 @@
|
|||
-->
|
||||
<template>
|
||||
<div id="request-signature-tab">
|
||||
<NcNoteCard v-if="showDocMdpWarning" type="warning">
|
||||
{{ t('libresign', 'This document has been certified with no changes allowed. You cannot add more signers to this document.') }}
|
||||
</NcNoteCard>
|
||||
<NcButton v-if="filesStore.canAddSigner()"
|
||||
:variant="hasSigners ? 'secondary' : 'primary'"
|
||||
@click="addSigner">
|
||||
|
|
@ -209,6 +212,7 @@ import NcDialog from '@nextcloud/vue/components/NcDialog'
|
|||
import NcIconSvgWrapper from '@nextcloud/vue/components/NcIconSvgWrapper'
|
||||
import NcLoadingIcon from '@nextcloud/vue/components/NcLoadingIcon'
|
||||
import NcModal from '@nextcloud/vue/components/NcModal'
|
||||
import NcNoteCard from '@nextcloud/vue/components/NcNoteCard'
|
||||
|
||||
import IdentifySigner from '../Request/IdentifySigner.vue'
|
||||
import VisibleElements from '../Request/VisibleElements.vue'
|
||||
|
|
@ -247,6 +251,7 @@ export default {
|
|||
NcIconSvgWrapper,
|
||||
NcLoadingIcon,
|
||||
NcModal,
|
||||
NcNoteCard,
|
||||
NcDialog,
|
||||
Delete,
|
||||
Draw,
|
||||
|
|
@ -292,6 +297,9 @@ export default {
|
|||
isOrderedNumeric() {
|
||||
return this.signatureFlow === 'ordered_numeric'
|
||||
},
|
||||
showDocMdpWarning() {
|
||||
return this.filesStore.isDocMdpNoChangesAllowed() && !this.filesStore.canAddSigner()
|
||||
},
|
||||
canEditSigningOrder() {
|
||||
return (signer) => {
|
||||
return this.isOrderedNumeric
|
||||
|
|
|
|||
|
|
@ -133,6 +133,11 @@ export const useFilesStore = function(...args) {
|
|||
},
|
||||
canAddSigner(file) {
|
||||
file = this.getFile(file)
|
||||
|
||||
if (this.isDocMdpNoChangesAllowed(file)) {
|
||||
return false
|
||||
}
|
||||
|
||||
return this.canRequestSign
|
||||
&& (
|
||||
!Object.hasOwn(file, 'requested_by')
|
||||
|
|
@ -141,6 +146,10 @@ export const useFilesStore = function(...args) {
|
|||
&& !this.isPartialSigned(file)
|
||||
&& !this.isFullSigned(file)
|
||||
},
|
||||
isDocMdpNoChangesAllowed(file) {
|
||||
file = this.getFile(file)
|
||||
return file.docmdpLevel === 1 && file.signers && file.signers.length > 0
|
||||
},
|
||||
canSave(file) {
|
||||
file = this.getFile(file)
|
||||
return this.canRequestSign
|
||||
|
|
|
|||
|
|
@ -1759,6 +1759,8 @@ export type components = {
|
|||
/** Format: int64 */
|
||||
signatureFlow: number;
|
||||
/** Format: int64 */
|
||||
docmdpLevel: number;
|
||||
/** Format: int64 */
|
||||
totalPages: number;
|
||||
/** Format: int64 */
|
||||
size: number;
|
||||
|
|
|
|||
|
|
@ -1281,6 +1281,8 @@ export type components = {
|
|||
/** Format: int64 */
|
||||
signatureFlow: number;
|
||||
/** Format: int64 */
|
||||
docmdpLevel: number;
|
||||
/** Format: int64 */
|
||||
totalPages: number;
|
||||
/** Format: int64 */
|
||||
size: number;
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ use OCA\Libresign\Db\IdentifyMethodMapper;
|
|||
use OCA\Libresign\Db\SignRequestMapper;
|
||||
use OCA\Libresign\Handler\DocMdpHandler;
|
||||
use OCA\Libresign\Helper\ValidateHelper;
|
||||
use OCA\Libresign\Service\DocMdpConfigService;
|
||||
use OCA\Libresign\Service\FileElementService;
|
||||
use OCA\Libresign\Service\FileStatusService;
|
||||
use OCA\Libresign\Service\FolderService;
|
||||
|
|
@ -56,6 +57,7 @@ final class RequestSignatureServiceTest extends \OCA\Libresign\Tests\Unit\TestCa
|
|||
private IEventDispatcher&MockObject $eventDispatcher;
|
||||
private FileStatusService&MockObject $fileStatusService;
|
||||
private SignRequestStatusService&MockObject $signRequestStatusService;
|
||||
private DocMdpConfigService&MockObject $docMdpConfigService;
|
||||
|
||||
public function setUp(): void {
|
||||
parent::setUp();
|
||||
|
|
@ -85,9 +87,10 @@ final class RequestSignatureServiceTest extends \OCA\Libresign\Tests\Unit\TestCa
|
|||
$this->eventDispatcher = $this->createMock(IEventDispatcher::class);
|
||||
$this->fileStatusService = $this->createMock(FileStatusService::class);
|
||||
$this->signRequestStatusService = $this->createMock(SignRequestStatusService::class);
|
||||
$this->docMdpConfigService = $this->createMock(DocMdpConfigService::class);
|
||||
}
|
||||
|
||||
private function getService(?SequentialSigningService $sequentialSigningService = null): RequestSignatureService {
|
||||
private function getService(): RequestSignatureService {
|
||||
return new RequestSignatureService(
|
||||
$this->l10n,
|
||||
$this->identifyMethodService,
|
||||
|
|
@ -104,11 +107,12 @@ final class RequestSignatureServiceTest extends \OCA\Libresign\Tests\Unit\TestCa
|
|||
$this->client,
|
||||
$this->docMdpHandler,
|
||||
$this->loggerInterface,
|
||||
$sequentialSigningService ?? $this->sequentialSigningService,
|
||||
$this->sequentialSigningService,
|
||||
$this->appConfig,
|
||||
$this->eventDispatcher,
|
||||
$this->fileStatusService,
|
||||
$this->signRequestStatusService,
|
||||
$this->docMdpConfigService,
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -278,11 +278,13 @@ final class SignFileServiceTest extends \OCA\Libresign\Tests\Unit\TestCase {
|
|||
'getEngine',
|
||||
'setNewStatusIfNecessary',
|
||||
'getNextcloudFile',
|
||||
'validateDocMdpAllowsSignatures',
|
||||
]);
|
||||
|
||||
$nextcloudFile = $this->createMock(\OCP\Files\File::class);
|
||||
$nextcloudFile->method('getContent')->willReturn($signedContent);
|
||||
$service->method('getNextcloudFile')->willReturn($nextcloudFile);
|
||||
$service->method('validateDocMdpAllowsSignatures');
|
||||
|
||||
$pkcs12Handler = $this->createMock(Pkcs12Handler::class);
|
||||
$pkcs12Handler->method('sign')->willReturn($nextcloudFile);
|
||||
|
|
@ -301,6 +303,8 @@ final class SignFileServiceTest extends \OCA\Libresign\Tests\Unit\TestCase {
|
|||
return 1;
|
||||
case 'getSigningOrder':
|
||||
return 1;
|
||||
case 'getDocmdpLevelEnum':
|
||||
return \OCA\Libresign\Enum\DocMdpLevel::NOT_CERTIFIED;
|
||||
default: return null;
|
||||
}
|
||||
};
|
||||
|
|
@ -330,11 +334,13 @@ final class SignFileServiceTest extends \OCA\Libresign\Tests\Unit\TestCase {
|
|||
'setNewStatusIfNecessary',
|
||||
'computeHash',
|
||||
'getNextcloudFile',
|
||||
'validateDocMdpAllowsSignatures',
|
||||
]);
|
||||
|
||||
$nextcloudFile = $this->createMock(\OCP\Files\File::class);
|
||||
$nextcloudFile->method('getContent')->willReturn('pdf content');
|
||||
$service->method('getNextcloudFile')->willReturn($nextcloudFile);
|
||||
$service->method('validateDocMdpAllowsSignatures');
|
||||
|
||||
$this->fileMapper->expects($this->once())->method('update');
|
||||
$this->signRequestMapper->expects($this->once())->method('update');
|
||||
|
|
@ -350,6 +356,12 @@ final class SignFileServiceTest extends \OCA\Libresign\Tests\Unit\TestCase {
|
|||
}
|
||||
});
|
||||
$libreSignFile = $this->createMock(\OCA\Libresign\Db\File::class);
|
||||
$libreSignFile->method('__call')->willReturnCallback(function ($method) {
|
||||
if ($method === 'getDocmdpLevelEnum') {
|
||||
return \OCA\Libresign\Enum\DocMdpLevel::NOT_CERTIFIED;
|
||||
}
|
||||
return null;
|
||||
});
|
||||
|
||||
$service
|
||||
->setSignRequest($signRequest)
|
||||
|
|
@ -363,11 +375,13 @@ final class SignFileServiceTest extends \OCA\Libresign\Tests\Unit\TestCase {
|
|||
'setNewStatusIfNecessary',
|
||||
'computeHash',
|
||||
'getNextcloudFile',
|
||||
'validateDocMdpAllowsSignatures',
|
||||
]);
|
||||
|
||||
$nextcloudFile = $this->createMock(\OCP\Files\File::class);
|
||||
$nextcloudFile->method('getContent')->willReturn('pdf content');
|
||||
$service->method('getNextcloudFile')->willReturn($nextcloudFile);
|
||||
$service->method('validateDocMdpAllowsSignatures');
|
||||
|
||||
$this->eventDispatcher
|
||||
->expects($this->once())
|
||||
|
|
@ -385,6 +399,12 @@ final class SignFileServiceTest extends \OCA\Libresign\Tests\Unit\TestCase {
|
|||
}
|
||||
});
|
||||
$libreSignFile = $this->createMock(\OCA\Libresign\Db\File::class);
|
||||
$libreSignFile->method('__call')->willReturnCallback(function ($method) {
|
||||
if ($method === 'getDocmdpLevelEnum') {
|
||||
return \OCA\Libresign\Enum\DocMdpLevel::NOT_CERTIFIED;
|
||||
}
|
||||
return null;
|
||||
});
|
||||
|
||||
$service
|
||||
->setSignRequest($signRequest)
|
||||
|
|
@ -1227,7 +1247,18 @@ final class SignFileServiceTest extends \OCA\Libresign\Tests\Unit\TestCase {
|
|||
$service->method('getEngine')->willReturn($engineMock);
|
||||
|
||||
$signRequest = $this->createMock(SignRequest::class);
|
||||
$signRequest->method('__call')->willReturnCallback(function ($method) {
|
||||
switch ($method) {
|
||||
case 'getFileId':
|
||||
return 1;
|
||||
case 'getSigningOrder':
|
||||
return 1;
|
||||
default: return null;
|
||||
}
|
||||
});
|
||||
|
||||
$libreSignFile = $this->createMock(\OCA\Libresign\Db\File::class);
|
||||
$libreSignFile->method('getDocmdpLevelEnum')->willReturn(\OCA\Libresign\Enum\DocMdpLevel::NOT_CERTIFIED);
|
||||
|
||||
$service
|
||||
->setSignRequest($signRequest)
|
||||
|
|
@ -1255,6 +1286,10 @@ final class SignFileServiceTest extends \OCA\Libresign\Tests\Unit\TestCase {
|
|||
|
||||
$service->method('getLibreSignFileAsResource')->willReturn($resource);
|
||||
|
||||
$libreSignFile = $this->createMock(\OCA\Libresign\Db\File::class);
|
||||
$libreSignFile->method('getDocmdpLevelEnum')->willReturn(\OCA\Libresign\Enum\DocMdpLevel::NOT_CERTIFIED);
|
||||
$service->setLibreSignFile($libreSignFile);
|
||||
|
||||
self::invokePrivate($service, 'validateDocMdpAllowsSignatures');
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue