upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-12 10:10:49 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 20

user can have his resharing rights revoked, yet seeing created shares

Browse source 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
This commit is contained in:
Maxence Lange 2018-11-01 15:01:01 +01:00 committed by Julius Härtl
parent 236a293f6a
commit 0fc8a0f58e
No known key found for this signature in database
GPG key ID: 4C614C6ED2CDE6DF
2 changed files with 19 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
apps/files_sharing/lib/Controller/ShareAPIController.php
View file

@ -721,12 +721,18 @@ class ShareAPIController extends OCSController {
$shares = array_merge($shares, $federatedShares);
}
$formatted = [];
$formatted = $miniFormatted = [];
$resharingRight = false;
foreach ($shares as $share) {
/** @var IShare $share */
try {
$formatted[] = $this->formatShare($share, $path);
if ($path !== null && !$resharingRight && $this->shareProviderResharingRights($this->currentUser, $share, $path)) {
$format = $this->formatShare($share, $path);
$formatted[] = $format;
if ($share->getSharedBy() === $this->currentUser) {
$miniFormatted[] = $format;
}
if (!$resharingRight && $this->shareProviderResharingRights($this->currentUser, $share, $path)) {
$resharingRight = true;
}
} catch (\Exception $e) {
@ -735,7 +741,7 @@ class ShareAPIController extends OCSController {
}
if (!$resharingRight) {
$formatted = [];
$formatted = $miniFormatted;
}
if ($include_tags) {
@ -1126,13 +1132,14 @@ class ShareAPIController extends OCSController {
* @throws NotFoundException
* @throws \OCP\Files\InvalidPathException
*/
private function shareProviderResharingRights(string $userId, IShare $share, Node $node): bool {
private function shareProviderResharingRights(string $userId, IShare $share, $node): bool {
if ($share->getShareOwner() === $userId) {
return true;
}
// we check that current user have parent resharing rights on the current file
if (($node->getPermissions() & \OCP\Constants::PERMISSION_SHARE) !== 0) {
if ($node !== null && ($node->getPermissions() & \OCP\Constants::PERMISSION_SHARE) !== 0) {
return true;
}

10
apps/files_sharing/tests/ApiTest.php
View file

@ -811,9 +811,10 @@ class ApiTest extends TestCase {
$result1 = $ocs->getShares('false','false','false', $this->subfolder);
$ocs->cleanup();
// test should return one share within $this->folder
// // test should return 2 shares within $this->folder, as the viewer have resharing rights:
// // one from the owner, the second from the reshare
$data1 = $result1->getData();
$this->assertCount(1, $data1);
$this->assertCount(2, $data1);
$s1 = reset($data1);
//$request = $this->createRequest(['path' => $this->folder.$this->subfolder]);
@ -821,9 +822,10 @@ class ApiTest extends TestCase {
$result2 = $ocs->getShares('false', 'false', 'false', $this->folder . $this->subfolder);
$ocs->cleanup();
// test should return one share within $this->folder
// // test should return 2 shares within $this->folder, as the viewer have resharing rights:
// // one from the owner, the second from the reshare
$data2 = $result2->getData();
$this->assertCount(1, $data2);
$this->assertCount(2, $data2);
$s2 = reset($data2);
$this->assertEquals($this->subfolder, $s1['path']);