Provide API to let apps register their own Sabre plugins

[PVince81]

Considering that we want Webdav to be the main API in ownCloud, we need a way to let apps register their own Sabre plugins.

@DeepDiver1975 @butonic @mrow4a

[PVince81]

This is a prerequisite for trashbin and versions to be able to provide their own endpoints: #10571 #15646

[DeepDiver1975]

Considering that we want Webdav to be the main API in ownCloud, we need a way to let apps register their own Sabre plugins.

I'd add this to the info.xml

<sabre>
   <plugins>
       <plugin>\OCA\TrashBin\Sabre\VersionPlugin</plugin>
   </plugins>
   <rootcollection>
       <collection>\OCA\TrashBin\Sabre\VersionsRootCollection</collection>
   </rootcollection>
</sabre>

[PVince81]

How about dependency injection ?

With this format it means the given classes must have a constructor without arguments.

Maybe we should rather expect a facade class SabrePluginsProvider which itself would receive the DAV server and register plugins as needed.

[DeepDiver1975]

These classes can be used in the server container to be resolves - we do this for repairsteps and jobs as well

[DeepDiver1975]

see https://github.com/owncloud/core/blob/master/lib/private/Repair.php#L102

[PVince81]

As we're writing more apps and move more to be in the market, we'll need this mechanism.

[PVince81]

Now the interesting part is that now we could move the comments app code (Sabre plugins + managers + DB structure) completely to the comments app. Same for system tags...

[PVince81]

PR here: #26761

I need to do more actual testing to see if everything fits correctly.
Some concerns:

• when should these app plugins be registered ?
  • inside the beforeMethod block that waits for auth ?
  • at the very end ? (this is what the PR does now)
  • what about auth ?
• where should the collection be registered ?
  • at the very end ? (this is what the PR does now)
  • what about auth ?
  • potential naming conflict as the collection provides its own name, maybe we should namespace it to the name of the app ?

For the auth part one idea is to have an attribute <plugin needs-auth=true>...</plugin> and same for collections. This would move their registration into the authenticated block.
Or we'd expect the plugins + collections to always implement the ACL schemes. Not sure how to do that though and not sure if it's compatible with the way we do auth now.

@DeepDiver1975 thoughts ?

[PVince81]

Interestingly this also means that CalDAV/CardDAV could be moved to their own separate apps and even be disable-able...

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.