When a logged-in user accesses a public share link in the same browser,
the system was incorrectly checking if that user's groups were excluded
from creating link shares. This caused share not found errors for users
in excluded groups, even though public shares should be accessible to anyone
with the link.
The group exclusion setting (`shareapi_allow_links_exclude_groups`) is
intended to restrict share creation, not share access. Public shares
are meant to be anonymous and accessible regardless of the viewer identity
or group membership.
We now check the exclusion for the share creator and not the viewer.
Signed-off-by: nfebe <fenn25.fn@gmail.com>
Add missing `matchUserId` method for full-match-autocomplete options
and update docs to make it clearer what each options exactly means.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
Previously was returning only boolean true if the Node was shared
by email, or false if not. Now provides an array containing the
list of email share recipients.
Signed-off-by: Adam Serbinski <adam@serbinski.com>
shareapi_restrict_user_enumeration_full_match_ignore_second_display_name was introduced to ignore second display name during search from the share panel. But this setting was not respected by search from the calendar application. This fix it.
Signed-off-by: Louis Chemineau <louis@chmn.me>
This make sure that apps don't implement this interfaces and gives us
more liberty to add new methods to them (as long as it is compatible
from an usage point of view)
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Co-authored-by: Vincent Petry <vincent@nextcloud.com>
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.
This also removes and empty lines from method/function bodies at the
beginning and end.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Sometimes we need all shares or rather a specific subset of shares but
creating dedicated functions is a pain. This just returns an iterable
object for all shares so we can loop over them without allocating all
the memory on the system.
It should not be used by any user called code. But in an occ command or
background job it is fine IMO.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
When a group share is deleted we keep track of this in the DB.
Right now it is only possible for a recipient to get back the share by
asking the sharer to delete it and to share it again. This doesn't
scale.
This endpoint makes it possible to get back the share.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
