mirror of
https://github.com/nextcloud/server.git
synced 2026-06-11 09:42:09 -04:00
Respect not allowing outgoing shares
This commit is contained in:
Roeland Jago Douma
Björn Schießle
parent
bec1de8a38
commit
a506f9ca3f
5 changed files with 65 additions and 10 deletions
|
|
@ -165,6 +165,10 @@ class Share20OCS {
|
|||
}
|
||||
|
||||
if ($share === null) {
|
||||
if (!$this->shareManager->outgoingServer2ServerSharesAllowed()) {
|
||||
return new \OC_OCS_Result(null, 404, 'wrong share ID, share doesn\'t exist.');
|
||||
}
|
||||
|
||||
try {
|
||||
$share = $this->shareManager->getShareById('ocFederatedSharing:' . $id);
|
||||
} catch (ShareNotFound $e) {
|
||||
|
|
@ -199,6 +203,10 @@ class Share20OCS {
|
|||
|
||||
// Could not find the share as internal share... maybe it is a federated share
|
||||
if ($share === null) {
|
||||
if (!$this->shareManager->outgoingServer2ServerSharesAllowed()) {
|
||||
return new \OC_OCS_Result(null, 404, 'wrong share ID, share doesn\'t exist.');
|
||||
}
|
||||
|
||||
try {
|
||||
$share = $this->shareManager->getShareById('ocFederatedSharing:' . $id);
|
||||
} catch (ShareNotFound $e) {
|
||||
|
|
@ -321,6 +329,10 @@ class Share20OCS {
|
|||
}
|
||||
|
||||
} else if ($shareType === \OCP\Share::SHARE_TYPE_REMOTE) {
|
||||
if (!$this->shareManager->outgoingServer2ServerSharesAllowed()) {
|
||||
return new \OC_OCS_Result(null, 403, 'Sharing '.$path.' failed, because the backend does not allow shares from type '.$shareType);
|
||||
}
|
||||
|
||||
$share->setSharedWith($shareWith);
|
||||
$share->setPermissions($permissions);
|
||||
} else {
|
||||
|
|
@ -379,7 +391,9 @@ class Share20OCS {
|
|||
$shares = array_merge($shares, $this->shareManager->getSharesBy($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_USER, $node, false, -1, 0));
|
||||
$shares = array_merge($shares, $this->shareManager->getSharesBy($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_GROUP, $node, false, -1, 0));
|
||||
$shares = array_merge($shares, $this->shareManager->getSharesBy($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_LINK, $node, false, -1, 0));
|
||||
$shares = array_merge($shares, $this->shareManager->getSharesBy($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_REMOTE, $node, false, -1, 0));
|
||||
if ($this->shareManager->outgoingServer2ServerSharesAllowed()) {
|
||||
$shares = array_merge($shares, $this->shareManager->getSharesBy($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_REMOTE, $node, false, -1, 0));
|
||||
}
|
||||
}
|
||||
|
||||
$formatted = [];
|
||||
|
|
@ -434,9 +448,13 @@ class Share20OCS {
|
|||
$userShares = $this->shareManager->getSharesBy($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_USER, $path, $reshares, -1, 0);
|
||||
$groupShares = $this->shareManager->getSharesBy($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_GROUP, $path, $reshares, -1, 0);
|
||||
$linkShares = $this->shareManager->getSharesBy($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_LINK, $path, $reshares, -1, 0);
|
||||
$federatedShares = $this->shareManager->getSharesBy($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_REMOTE, $path, $reshares, -1, 0);
|
||||
$shares = array_merge($userShares, $groupShares, $linkShares);
|
||||
|
||||
if ($this->shareManager->outgoingServer2ServerSharesAllowed()) {
|
||||
$federatedShares = $this->shareManager->getSharesBy($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_REMOTE, $path, $reshares, -1, 0);
|
||||
$shares = array_merge($shares, $federatedShares);
|
||||
}
|
||||
|
||||
$shares = array_merge($userShares, $groupShares, $linkShares, $federatedShares);
|
||||
|
||||
$formatted = [];
|
||||
foreach ($shares as $share) {
|
||||
|
|
@ -463,6 +481,10 @@ class Share20OCS {
|
|||
|
||||
// Could not find the share as internal share... maybe it is a federated share
|
||||
if ($share === null) {
|
||||
if (!$this->shareManager->outgoingServer2ServerSharesAllowed()) {
|
||||
return new \OC_OCS_Result(null, 404, 'wrong share ID, share doesn\'t exist.');
|
||||
}
|
||||
|
||||
try {
|
||||
$share = $this->shareManager->getShareById('ocFederatedSharing:' . $id);
|
||||
} catch (ShareNotFound $e) {
|
||||
|
|
|
|||
|
|
@ -107,6 +107,8 @@ class Share20OCSTest extends \Test\TestCase {
|
|||
}
|
||||
}));
|
||||
|
||||
$this->shareManager->method('outgoingServer2ServerSharesAllowed')->willReturn(true);
|
||||
|
||||
$expected = new \OC_OCS_Result(null, 404, 'wrong share ID, share doesn\'t exist.');
|
||||
$this->assertEquals($expected, $this->ocs->deleteShare(42));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1072,4 +1072,11 @@ class Manager implements IManager {
|
|||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function outgoingServer2ServerSharesAllowed() {
|
||||
return $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'yes';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -75,6 +75,14 @@ class ProviderFactory implements IProviderFactory {
|
|||
*/
|
||||
protected function federatedShareProvider() {
|
||||
if ($this->federatedProvider === null) {
|
||||
/*
|
||||
* Check if the app is enabled
|
||||
*/
|
||||
$appManager = $this->serverContainer->getAppManager();
|
||||
if (!$appManager->isEnabledForUser('federatedfilesharing')) {
|
||||
return null;
|
||||
}
|
||||
|
||||
/*
|
||||
* TODO: add factory to federated sharing app
|
||||
*/
|
||||
|
|
@ -109,31 +117,40 @@ class ProviderFactory implements IProviderFactory {
|
|||
* @inheritdoc
|
||||
*/
|
||||
public function getProvider($id) {
|
||||
$provider = null;
|
||||
if ($id === 'ocinternal') {
|
||||
return $this->defaultShareProvider();
|
||||
$provider = $this->defaultShareProvider();
|
||||
} else if ($id === 'ocFederatedSharing') {
|
||||
$provider = $this->federatedShareProvider();
|
||||
}
|
||||
|
||||
if ($id === 'ocFederatedSharing') {
|
||||
return $this->federatedShareProvider();
|
||||
if ($provider === null) {
|
||||
throw new ProviderException('No provider with id .' . $id . ' found.');
|
||||
}
|
||||
|
||||
throw new ProviderException('No provider with id .' . $id . ' found.');
|
||||
return $provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getProviderForType($shareType) {
|
||||
$provider = null;
|
||||
|
||||
//FIXME we should not report type 2
|
||||
if ($shareType === \OCP\Share::SHARE_TYPE_USER ||
|
||||
$shareType === 2 ||
|
||||
$shareType === \OCP\Share::SHARE_TYPE_GROUP ||
|
||||
$shareType === \OCP\Share::SHARE_TYPE_LINK) {
|
||||
return $this->defaultShareProvider();
|
||||
$provider = $this->defaultShareProvider();
|
||||
} else if ($shareType === \OCP\Share::SHARE_TYPE_REMOTE) {
|
||||
return $this->federatedShareProvider();
|
||||
$provider = $this->federatedShareProvider();
|
||||
}
|
||||
|
||||
throw new ProviderException('No share provider for share type ' . $shareType);
|
||||
if ($provider === null) {
|
||||
throw new ProviderException('No share provider for share type ' . $shareType);
|
||||
}
|
||||
|
||||
return $provider;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -229,4 +229,11 @@ interface IManager {
|
|||
*/
|
||||
public function sharingDisabledForUser($userId);
|
||||
|
||||
/**
|
||||
* Check if outgoing server2server shares are allowed
|
||||
* @return bool
|
||||
* @since 9.0.0
|
||||
*/
|
||||
public function outgoingServer2ServerSharesAllowed();
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue