Skip to content

Commit

Permalink
compare shareowner and session user when detecting re-share
Browse files Browse the repository at this point in the history
  • Loading branch information
@karakayasemi
karakayasemi committed Sep 12, 2019
1 parent 2daddbd commit bd09bb8
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 8 deletions.
2 changes: 2 additions & 0 deletions apps/files_sharing/tests/EtagPropagationTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,7 @@ protected function setUpShares() {
$this->fileEtags[$id] = $this->rootView->getFileInfo($path)->getEtag();
}
}
$this->logout();
}

public function testOwnerWritesToShare() {
Expand Down Expand Up @@ -442,6 +443,7 @@ public function testRecipientUploadInDirectReshare() {
}

public function testEtagChangeOnPermissionsChange() {
$this->loginAsUser(self::TEST_FILES_SHARING_API_USER1);
$userFolder = $this->rootFolder->getUserFolder(self::TEST_FILES_SHARING_API_USER1);
$node = $userFolder->get('/sub1/sub2/folder');

Expand Down
1 change: 1 addition & 0 deletions apps/files_sharing/tests/SharedMountTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -303,6 +303,7 @@ public function testPermissionMovedGroupShare($type, $beforePerm, $afterPerm) {
\OC\Files\Filesystem::rename($path, "newPath");
$this->assertTrue(\OC\Files\Filesystem::file_exists('newPath'));
$this->assertFalse(\OC\Files\Filesystem::file_exists($path));
$this->logout();

// change permissions
$share->setPermissions($afterPerm);
Expand Down
3 changes: 2 additions & 1 deletion lib/private/Server.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -886,7 +886,8 @@ public function __construct($webRoot, \OC\Config $config) {
$c->getLazyRootFolder(),
$c->getEventDispatcher(),
new View('/'),
$c->getDatabaseConnection()
$c->getDatabaseConnection(),
$c->getUserSession()
);

return $manager;
Expand Down
24 changes: 17 additions & 7 deletions lib/private/Share20/Manager.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
use OCP\IL10N;
use OCP\ILogger;
use OCP\IUserManager;
use OCP\IUserSession;
use OCP\Security\IHasher;
use OCP\Security\ISecureRandom;
use OCP\Share\Exceptions\GenericShareException;
Expand Down Expand Up @@ -85,6 +86,8 @@ class Manager implements IManager {
private $view;
/** @var IDBConnection */
private $connection;
/** @var IUserSession */
private $userSession;

/**
* Manager constructor.
Expand All @@ -99,6 +102,10 @@ class Manager implements IManager {
* @param IProviderFactory $factory
* @param IUserManager $userManager
* @param IRootFolder $rootFolder
* @param EventDispatcher $eventDispatcher
* @param View $view
* @param IDBConnection $connection
* @param IUserSession $userSession
*/
public function __construct(
ILogger $logger,
Expand All @@ -113,7 +120,8 @@ public function __construct(
IRootFolder $rootFolder,
EventDispatcher $eventDispatcher,
View $view,
IDBConnection $connection
IDBConnection $connection,
IUserSession $userSession = null
) {
$this->logger = $logger;
$this->config = $config;
Expand All @@ -129,6 +137,7 @@ public function __construct(
$this->eventDispatcher = $eventDispatcher;
$this->view = $view;
$this->connection = $connection;
$this->userSession = $userSession;
}

/**
Expand Down Expand Up @@ -322,7 +331,8 @@ protected function validatePermissions(IShare $share) {
}

/** If it is re-share, calculate $maxPermissions based on all incoming share permissions */
if ($shareNode->getOwner()->getUID() !== $share->getSharedBy()) {
if ($this->userSession !== null && $this->userSession->getUser() !== null &&
$share->getShareOwner() !== $this->userSession->getUser()->getUID()) {
$maxPermissions = $this->calculateReshareNodePermissions($share);
}

Expand Down Expand Up @@ -642,8 +652,6 @@ protected function canShare(\OCP\Share\IShare $share) {
public function createShare(\OCP\Share\IShare $share) {
$this->canShare($share);

$this->generalChecks($share);

// Verify if there are any issues with the path
$this->pathCreateChecks($share->getNode());

Expand All @@ -662,6 +670,8 @@ public function createShare(\OCP\Share\IShare $share) {
$share->setShareOwner($share->getNode()->getOwner()->getUID());
}

$this->generalChecks($share);

//Verify share type
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER) {
$this->userCreateChecks($share);
Expand Down Expand Up @@ -1280,21 +1290,21 @@ public function getSharedWith($userId, $shareType, $node = null, $limit = 50, $o
*/
public function getAllSharedWith($userId, $shareTypes, $node = null) {
$shares = [];

// Aggregate all required $shareTypes by mapping provider to supported shareTypes
$providerIdMap = $this->shareTypeToProviderMap($shareTypes);
foreach ($providerIdMap as $providerId => $shareTypeArray) {
// Get provider from cache
$provider = $this->factory->getProvider($providerId);

// Obtain all shares for all the supported provider types
$queriedShares = $provider->getAllSharedWith($userId, $node);
$shares = \array_merge($shares, $queriedShares);
}

return $shares;
}

/**
* @inheritdoc
*/
Expand Down

0 comments on commit bd09bb8

Please sign in to comment.