mirror of
https://github.com/nextcloud/server.git
synced 2026-04-21 22:27:31 -04:00
fix(dav): Use share initiator to get the share node, because the owner might on another server
Signed-off-by: provokateurin <kate@provokateurin.de>
This commit is contained in:
provokateurin
parent
6762cb2641
commit
a80d69e2e0
3 changed files with 3 additions and 5 deletions
|
|
@ -92,7 +92,6 @@ $server = $serverFactory->createServer(
|
|||
}
|
||||
|
||||
$share = $authBackend->getShare();
|
||||
$owner = $share->getShareOwner();
|
||||
$isReadable = $share->getPermissions() & Constants::PERMISSION_READ;
|
||||
$fileId = $share->getNodeId();
|
||||
|
||||
|
|
@ -107,7 +106,7 @@ $server = $serverFactory->createServer(
|
|||
Filesystem::logWarningWhenAddingStorageWrapper($previousLog);
|
||||
|
||||
$rootFolder = Server::get(IRootFolder::class);
|
||||
$userFolder = $rootFolder->getUserFolder($owner);
|
||||
$userFolder = $rootFolder->getUserFolder($share->getSharedBy());
|
||||
$node = $userFolder->getFirstNodeById($fileId);
|
||||
if (!$node) {
|
||||
throw new \Sabre\DAV\Exception\NotFound();
|
||||
|
|
|
|||
|
|
@ -99,7 +99,6 @@ $server = $serverFactory->createServer(true, $baseuri, $requestUri, $authPlugin,
|
|||
}
|
||||
|
||||
$share = $authBackend->getShare();
|
||||
$owner = $share->getShareOwner();
|
||||
$isReadable = $share->getPermissions() & Constants::PERMISSION_READ;
|
||||
$fileId = $share->getNodeId();
|
||||
|
||||
|
|
@ -135,7 +134,7 @@ $server = $serverFactory->createServer(true, $baseuri, $requestUri, $authPlugin,
|
|||
Filesystem::logWarningWhenAddingStorageWrapper($previousLog);
|
||||
|
||||
$rootFolder = Server::get(IRootFolder::class);
|
||||
$userFolder = $rootFolder->getUserFolder($owner);
|
||||
$userFolder = $rootFolder->getUserFolder($share->getSharedBy());
|
||||
$node = $userFolder->getFirstNodeById($fileId);
|
||||
if (!$node) {
|
||||
throw new NotFound();
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ class PublicLinkCheckPlugin extends ServerPlugin {
|
|||
}
|
||||
|
||||
public function beforeMethod(RequestInterface $request, ResponseInterface $response) {
|
||||
// verify that the owner didn't have their share permissions revoked
|
||||
// verify that the initiator didn't have their share permissions revoked
|
||||
if ($this->fileInfo && !$this->fileInfo->isShareable()) {
|
||||
throw new NotFound();
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue