handle sending all permissions when creating public links

Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
cs3org · Dec 7, 2021 · 42e238c · 42e238c
1 parent 7ac4043
commit 42e238c
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/changelog/unreleased/handle-public-link-permissions-all.md b/changelog/unreleased/handle-public-link-permissions-all.md
@@ -0,0 +1,5 @@
+Bugfix: handle sending all permissions when creating public links
+
+For backwards compatability we now reduce permissions to readonly when a create public link carries all permissions.
+
+https://github.com/cs3org/reva/issues/2336
diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/public.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/public.go
@@ -423,6 +423,13 @@ func (h *Handler) removePublicShare(w http.ResponseWriter, r *http.Request, shar
 }
 
 func ocPublicPermToCs3(permKey int, h *Handler) (*provider.ResourcePermissions, error) {
+
+	if permKey == 31 {
+		// apiSharePublicLink1/createPublicLinkShare.feature:109
+		// Scenario Outline: Trying to create a new public link share of a file with edit permissions only grants read access using the public WebDAV API
+		permKey = 1
+	}
+
 	// TODO refactor this ocPublicPermToRole[permKey] check into a conversions.NewPublicSharePermissions?
 	// not all permissions are possible for public shares
 	_, ok := ocPublicPermToRole[permKey]