basic notify_push usage with session handling

appinfo/info.xml

@@ -40,6 +40,7 @@
         <job>OCA\Deck\Cron\DeleteCron</job>
         <job>OCA\Deck\Cron\ScheduledNotifications</job>
         <job>OCA\Deck\Cron\CardDescriptionActivity</job>
+        <job>OCA\Deck\Cron\SessionsCleanup</job>
     </background-jobs>
     <repair-steps>
         <live-migration>

appinfo/routes.php

@@ -150,5 +150,10 @@
 		['name' => 'overview_api#upcomingCards', 'url' => '/api/v{apiVersion}/overview/upcoming', 'verb' => 'GET'],
 
 		['name' => 'search#search', 'url' => '/api/v{apiVersion}/search', 'verb' => 'GET'],
+
+		// sessions
+		['name' => 'Session#create', 'url' => '/api/v{apiVersion}/session/create', 'verb' => 'PUT'],
+		['name' => 'Session#sync', 'url' => '/api/v{apiVersion}/session/sync', 'verb' => 'POST'],
+		['name' => 'Session#close', 'url' => '/api/v{apiVersion}/session/close', 'verb' => 'POST'],
 	]
 ];

docs/API.md

@@ -1394,3 +1394,110 @@ A bad request response is returned if invalid input values are provided. The res
 A not found response might be returned if:
 - The card for the given cardId could not be found
 - The comment could not be found
+
+
+## Sessions
+
+### PUT /session/create - creates a new session
+
+#### Request parameters
+
+| Parameter | Type    | Description                                          |
+| --------- | ------- | ---------------------------------------------------- |
+| boardId   | Integer | The id of the opened board |
+
+```
+curl -X PUT 'https://admin:admin@nextcloud/ocs/v2.php/apps/deck/api/v1.0/session/create' \
+    -H 'Accept: application/json' -H 'OCS-APIRequest: true' \
+    -H 'Content-Type: application/json;charset=utf-8' \
+    --data '{"boardId":1}'
+```
+
+#### Response
+
+##### 200 Success
+
+```json
+{
+  "ocs": {
+    "meta": {
+      "status": "ok",
+      "statuscode": 200,
+      "message": "OK"
+    },
+    "data": {
+      "token": "+zcJHf4rC6dobVSbuNa3delkCSfTW8OvYWTyLFvSpIv80FjtgLIj0ARlxspsazNQ"
+    }
+  }
+}
+```
+
+
+### POST /session/sync - notifies the server, that the session is still open
+
+#### Request body
+
+| Parameter | Type    | Description                                          |
+| --------- | ------- | ---------------------------------------------------- |
+| boardId   | Integer | The id of the opened board |
+| token     | String  | The session token from the /sessions/create response |
+
+
+```
+curl -X POST 'https://admin:admin@nextcloud/ocs/v2.php/apps/deck/api/v1.0/session/create' \
+    -H 'Accept: application/json' -H 'OCS-APIRequest: true' \
+    -H 'Content-Type: application/json;charset=utf-8' \
+    --data '{"boardId":1, "token":"X3DyyoFslArF0t0NBZXzZXzcy8feoX/OEytSNXZtPg9TpUgO5wrkJ38IW3T/FfpV"}'
+```
+
+#### Response
+
+##### 200 Success
+```json
+{
+  "ocs": {
+    "meta": {
+      "status": "ok",
+      "statuscode": 200,
+      "message": "OK"
+    },
+    "data": []
+  }
+}
+```
+
+##### 404 Not Found
+the provided token is invalid or expired
+
+
+### POST /session/close - closes the session
+
+#### Request body
+
+| Parameter | Type    | Description                                          |
+| --------- | ------- | ---------------------------------------------------- |
+| boardId   | Integer | The id of the opened board                           |
+| token     | String  | The session token from the /sessions/create response |
+
+```
+curl -X POST 'https://admin:admin@nextcloud/ocs/v2.php/apps/deck/api/v1.0/session/close' \
+    -H 'Accept: application/json' -H 'OCS-APIRequest: true' \
+    -H 'Content-Type: application/json;charset=utf-8' \
+    --data '{"boardId":1, "token":"X3DyyoFslArF0t0NBZXzZXzcy8feoX/OEytSNXZtPg9TpUgO5wrkJ38IW3T/FfpV"}'
+```
+
+#### Response
+
+##### 200 Success
+```json
+{
+  "ocs": {
+    "meta": {
+      "status": "ok",
+      "statuscode": 200,
+      "message": "OK"
+    },
+    "data": []
+  }
+}
+```

lib/AppInfo/Application.php

@@ -40,10 +40,13 @@
 use OCA\Deck\Event\CardCreatedEvent;
 use OCA\Deck\Event\CardDeletedEvent;
 use OCA\Deck\Event\CardUpdatedEvent;
+use OCA\Deck\Event\SessionClosedEvent;
+use OCA\Deck\Event\SessionCreatedEvent;
 use OCA\Deck\Listeners\BeforeTemplateRenderedListener;
 use OCA\Deck\Listeners\ParticipantCleanupListener;
 use OCA\Deck\Listeners\FullTextSearchEventListener;
 use OCA\Deck\Listeners\ResourceListener;
+use OCA\Deck\Listeners\LiveUpdateListener;
 use OCA\Deck\Middleware\DefaultBoardMiddleware;
 use OCA\Deck\Middleware\ExceptionMiddleware;
 use OCA\Deck\Notification\Notifier;
@@ -147,6 +150,10 @@ public function register(IRegistrationContext $context): void {
 		$context->registerEventListener(UserDeletedEvent::class, ParticipantCleanupListener::class);
 		$context->registerEventListener(GroupDeletedEvent::class, ParticipantCleanupListener::class);
 		$context->registerEventListener(CircleDestroyedEvent::class, ParticipantCleanupListener::class);
+
+		// Event listening for realtime updates via notify_push
+		$context->registerEventListener(SessionCreatedEvent::class, LiveUpdateListener::class);
+		$context->registerEventListener(SessionClosedEvent::class, LiveUpdateListener::class);
 	}
 
 	public function registerNotifications(NotificationManager $notificationManager): void {

lib/Controller/SessionController.php

@@ -0,0 +1,91 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright Copyright (c) 2022, chandi Langecker (git@chandi.it)
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\Deck\Controller;
+
+use OCA\Deck\Service\SessionService;
+use OCA\Deck\Service\PermissionService;
+use OCA\Deck\Db\BoardMapper;
+use OCP\AppFramework\Db\DoesNotExistException;
+use OCP\AppFramework\Http\DataResponse;
+use OCP\AppFramework\OCSController;
+use OCP\IRequest;
+use OCA\Deck\Db\Acl;
+
+class SessionController extends OCSController {
+	private SessionService $sessionService;
+	private PermissionService $permissionService;
+	private BoardMapper $boardMapper;
+
+	public function __construct($appName,
+		IRequest $request,
+		SessionService $sessionService,
+		PermissionService $permissionService,
+		BoardMapper $boardMapper
+	) {
+		parent::__construct($appName, $request);
+		$this->sessionService = $sessionService;
+		$this->permissionService = $permissionService;
+		$this->boardMapper = $boardMapper;
+	}
+
+	/**
+	 * @NoAdminRequired
+	 */
+	public function create(int $boardId): DataResponse {
+		$this->permissionService->checkPermission($this->boardMapper, $boardId, Acl::PERMISSION_READ);
+
+		$session = $this->sessionService->initSession($boardId);
+		return new DataResponse([
+			'token' => $session->getToken(),
+		]);
+	}
+
+	/**
+	 * notifies the server that the session is still active
+	 * @NoAdminRequired
+	 * @param $boardId
+	 */
+	public function sync(int $boardId, string $token): DataResponse {
+		$this->permissionService->checkPermission($this->boardMapper, $boardId, Acl::PERMISSION_READ);
+		try {
+			$this->sessionService->syncSession($boardId, $token);
+			return new DataResponse([]);
+		} catch (DoesNotExistException $e) {
+			return new DataResponse([], 404);
+		}
+	}
+
+	/**
+	 * delete a session if existing
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 * @param $boardId
+	 */
+	public function close(int $boardId, string $token) {
+		$this->permissionService->checkPermission($this->boardMapper, $boardId, Acl::PERMISSION_READ);
+		$this->sessionService->closeSession($boardId, $token);
+		return new DataResponse();
+	}
+}

lib/Cron/SessionsCleanup.php

@@ -0,0 +1,56 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright Copyright (c) 2022, chandi Langecker (git@chandi.it)
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+
+
+namespace OCA\Deck\Cron;
+
+use OCA\Deck\Service\SessionService;
+use OCP\AppFramework\Utility\ITimeFactory;
+use OCP\BackgroundJob\TimedJob;
+use OCP\ILogger;
+
+class SessionsCleanup extends TimedJob {
+	private $sessionService;
+	private $documentService;
+	private $logger;
+	private $imageService;
+
+
+	public function __construct(ITimeFactory $time,
+								SessionService $sessionService,
+								ILogger $logger) {
+		parent::__construct($time);
+		$this->sessionService = $sessionService;
+		$this->logger = $logger;
+		$this->setInterval(SessionService::SESSION_VALID_TIME);
+	}
+
+	protected function run($argument) {
+		$this->logger->debug('Run cleanup job for deck sessions');
+
+		$removedSessions = $this->sessionService->removeInactiveSessions();
+		$this->logger->debug('Removed ' . $removedSessions . ' inactive sessions');
+	}
+}

lib/Db/Board.php

@@ -44,6 +44,7 @@ class Board extends RelationalEntity {
 	protected $users = [];
 	protected $shared;
 	protected $stacks = [];
+	protected $activeSessions = [];
 	protected $deletedAt = 0;
 	protected $lastModified = 0;
 
@@ -59,6 +60,7 @@ public function __construct() {
 		$this->addRelation('acl');
 		$this->addRelation('shared');
 		$this->addRelation('users');
+		$this->addRelation('activeSessions');
 		$this->addRelation('permissions');
 		$this->addRelation('stacks');
 		$this->addRelation('settings');

lib/Db/Session.php

@@ -0,0 +1,51 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright Copyright (c) 2022, chandi Langecker (git@chandi.it)
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\Deck\Db;
+
+use OCP\AppFramework\Db\Entity;
+
+class Session extends Entity implements \JsonSerializable {
+	public $id;
+	protected $userId;
+	protected $token;
+	protected $lastContact;
+	protected $boardId;
+
+	public function __construct() {
+		$this->addType('id', 'integer');
+		$this->addType('boardId', 'integer');
+		$this->addType('lastContact', 'integer');
+	}
+
+	public function jsonSerialize(): array {
+		return [
+			'id' => $this->id,
+			'userId' => $this->userId,
+			'token' => $this->token,
+			'lastContact' => $this->lastContact,
+			'boardId' => $this->boardId,
+		];
+	}
+}