Properly catch whether a share is null
#15145
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Despite it's PHPDoc the function might return `null` which was not properly catched and thus in some situations the share was resolved to the sharing users root directory. To test this perform the following steps: * Share file in owncloud 7 (7.0.4.2) * Delete the parent folder of the shared file * The share stays is in the DB and the share via the sharelink is inaccessible. (which is good) * Upgrade to owncloud 8 (8.0.2) (This step is crucial. The bug is not reproduceable without upgrading from 7 to 8. It seems like the old tokens are handled different than the newer ones) * Optional Step: Logout, Reset Browser Session, etc. * Access the share via the old share url: almost empty page, but there is a dowload button which adds a "/download" to the URL. * Upon clicking, a download.zip is downloaded which contains EVERYTHING from the owncloud directory (of the user who shared the file) * No exception is thrown and no error is logged. This will add a check whether the share is a valid one and also adds unit tests to prevent further regressions in the future. Needs to be backported to ownCloud 8. Adding a proper clean-up of the orphaned shares is out-of-scope and would probably require some kind of FK or so. Fixes #15097
|
Code looks good 👍 |
|
Refer to this link for build results (access rights to CI server needed): |
|
The inspection completed: 2 new issues, 1 updated code elements |
|
Refer to this link for build results (access rights to CI server needed): |
|
Proper cleanup would be done here: #14676 |
|
Tested, works 👍 |
PVince81
pushed a commit
that referenced
this pull request
Mar 24, 2015
Properly catch whether a share is `null`
Merged
|
Tested and seems good 👍 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Despite it's PHPDoc the function might return
nullwhich was not properly catched and thus in some situations the share was resolved to the sharing users root directory.To test this perform the following steps:
This will add a check whether the share is a valid one and also adds unit tests to prevent further regressions in the future. Needs to be backported to ownCloud 8. Will create a backport once this got reviewed and tested to avoid triple the work.
Adding a proper clean-up of the orphaned shares is out-of-scope and would probably require some kind of FK or so.
Fixes #15097
cc @PVince81 @icewind1991 @karlitschek @DeepDiver1975 Please review and test properly.
cc @jnfrmarks Requires a complete retest of whether the sharing still works properly.