mirror of
https://github.com/nextcloud/server.git
synced 2026-05-28 04:32:30 -04:00
Extend ViewOnly DAV plugin to versions endpoint
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
This commit is contained in:
Vincent Petry
Vincent Petry (Rebase PR Action)
parent
e50d0d2440
commit
9afe7c3c3a
2 changed files with 47 additions and 13 deletions
|
|
@ -23,6 +23,7 @@ namespace OCA\DAV\DAV;
|
|||
|
||||
use OCA\DAV\Connector\Sabre\Exception\Forbidden;
|
||||
use OCA\DAV\Connector\Sabre\File as DavFile;
|
||||
use OCA\Files_Versions\Sabre\VersionFile;
|
||||
use OCP\Files\NotFoundException;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use Sabre\DAV\Server;
|
||||
|
|
@ -70,11 +71,14 @@ class ViewOnlyPlugin extends ServerPlugin {
|
|||
try {
|
||||
assert($this->server !== null);
|
||||
$davNode = $this->server->tree->getNodeForPath($path);
|
||||
if (!($davNode instanceof DavFile)) {
|
||||
if ($davNode instanceof DavFile) {
|
||||
// Restrict view-only to nodes which are shared
|
||||
$node = $davNode->getNode();
|
||||
} else if ($davNode instanceof VersionFile) {
|
||||
$node = $davNode->getVersion()->getSourceFile();
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
// Restrict view-only to nodes which are shared
|
||||
$node = $davNode->getNode();
|
||||
|
||||
$storage = $node->getStorage();
|
||||
|
||||
|
|
|
|||
|
|
@ -23,6 +23,8 @@ namespace OCA\DAV\Tests\unit\DAV;
|
|||
use OCA\DAV\DAV\ViewOnlyPlugin;
|
||||
use OCA\Files_Sharing\SharedStorage;
|
||||
use OCA\DAV\Connector\Sabre\File as DavFile;
|
||||
use OCA\Files_Versions\Versions\IVersion;
|
||||
use OCA\Files_Versions\Sabre\VersionFile;
|
||||
use OCP\Files\File;
|
||||
use OCP\Files\Storage\IStorage;
|
||||
use OCP\Share\IAttributes;
|
||||
|
|
@ -80,34 +82,62 @@ class ViewOnlyPluginTest extends TestCase {
|
|||
public function providesDataForCanGet(): array {
|
||||
return [
|
||||
// has attribute permissions-download enabled - can get file
|
||||
[ $this->createMock(File::class), true, true],
|
||||
[false, true, true],
|
||||
// has no attribute permissions-download - can get file
|
||||
[ $this->createMock(File::class), null, true],
|
||||
[false, null, true],
|
||||
// has attribute permissions-download disabled- cannot get the file
|
||||
[ $this->createMock(File::class), false, false],
|
||||
[false, false, false],
|
||||
// has attribute permissions-download enabled - can get file version
|
||||
[true, true, true],
|
||||
// has no attribute permissions-download - can get file version
|
||||
[true, null, true],
|
||||
// has attribute permissions-download disabled- cannot get the file version
|
||||
[true, false, false],
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider providesDataForCanGet
|
||||
*/
|
||||
public function testCanGet(File $nodeInfo, ?bool $attrEnabled, bool $expectCanDownloadFile): void {
|
||||
$this->request->expects($this->once())->method('getPath')->willReturn('files/test/target');
|
||||
public function testCanGet(bool $isVersion, ?bool $attrEnabled, bool $expectCanDownloadFile): void {
|
||||
$nodeInfo = $this->createMock(File::class);
|
||||
if ($isVersion) {
|
||||
$davPath = 'versions/alice/versions/117/123456';
|
||||
$version = $this->createMock(IVersion::class);
|
||||
$version->expects($this->once())
|
||||
->method('getSourceFile')
|
||||
->willReturn($nodeInfo);
|
||||
$davNode = $this->createMock(VersionFile::class);
|
||||
$davNode->expects($this->once())
|
||||
->method('getVersion')
|
||||
->willReturn($version);
|
||||
} else {
|
||||
$davPath = 'files/path/to/file.odt';
|
||||
$davNode = $this->createMock(DavFile::class);
|
||||
$davNode->method('getNode')->willReturn($nodeInfo);
|
||||
}
|
||||
|
||||
$davNode = $this->createMock(DavFile::class);
|
||||
$this->tree->method('getNodeForPath')->willReturn($davNode);
|
||||
$this->request->expects($this->once())->method('getPath')->willReturn($davPath);
|
||||
|
||||
$davNode->method('getNode')->willReturn($nodeInfo);
|
||||
$this->tree->expects($this->once())
|
||||
->method('getNodeForPath')
|
||||
->with($davPath)
|
||||
->willReturn($davNode);
|
||||
|
||||
$storage = $this->createMock(SharedStorage::class);
|
||||
$share = $this->createMock(IShare::class);
|
||||
$nodeInfo->method('getStorage')->willReturn($storage);
|
||||
$nodeInfo->expects($this->once())
|
||||
->method('getStorage')
|
||||
->willReturn($storage);
|
||||
$storage->method('instanceOfStorage')->with(SharedStorage::class)->willReturn(true);
|
||||
$storage->method('getShare')->willReturn($share);
|
||||
|
||||
$extAttr = $this->createMock(IAttributes::class);
|
||||
$share->method('getAttributes')->willReturn($extAttr);
|
||||
$extAttr->method('getAttribute')->with('permissions', 'download')->willReturn($attrEnabled);
|
||||
$extAttr->expects($this->once())
|
||||
->method('getAttribute')
|
||||
->with('permissions', 'download')
|
||||
->willReturn($attrEnabled);
|
||||
|
||||
if (!$expectCanDownloadFile) {
|
||||
$this->expectException(Forbidden::class);
|
||||
|
|
|
|||
Loading…
Reference in a new issue