if ($isOwnShare) {
$result['item_permissions'] = $node->getPermissions();
}
+
+ // If we're on the recipient side, the node permissions
+ // are bound to the share permissions. So we need to
+ // adjust the permissions to the share permissions if necessary.
+ if (!$isOwnShare) {
+ $result['item_permissions'] = $share->getPermissions();
+
+ // For some reason, single files share are forbidden to have the delete permission
+ // since we have custom methods to check those, let's adjust straight away.
+ // DAV permissions does not have that issue though.
+ if ($this->canDeleteShare($share) || $this->canDeleteShareFromSelf($share)) {
+ $result['item_permissions'] |= Constants::PERMISSION_DELETE;
+ }
+ if ($this->canEditShare($share)) {
+ $result['item_permissions'] |= Constants::PERMISSION_UPDATE;
+ }
+ }
// See MOUNT_ROOT_PROPERTYNAME dav property
$result['is-mount-root'] = $node->getInternalPath() === '';
$folder->method('getStorage')->willReturn($storage);
$fileWithPreview->method('getStorage')->willReturn($storage);
+
+ $mountPoint = $this->getMockBuilder(IMountPoint::class)->getMock();
+ $mountPoint->method('getMountType')->willReturn('');
+ $file->method('getMountPoint')->willReturn($mountPoint);
+ $folder->method('getMountPoint')->willReturn($mountPoint);
+
$owner = $this->getMockBuilder(IUser::class)->getMock();
$owner->method('getDisplayName')->willReturn('ownerDN');
$initiator = $this->getMockBuilder(IUser::class)->getMock();
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => '[{"scope":"permissions","key":"download","value":true}]',
], $share, [], false
];
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => '[{"scope":"permissions","key":"download","value":true}]',
], $share, [
['owner', $owner],
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'can_delete' => true,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'password_expiration_time' => null,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'password_expiration_time' => null,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
'can_delete' => true,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, [], false
];
$file->method('getSize')->willReturn(123456);
$file->method('getMTime')->willReturn(1234567890);
+ $mountPoint = $this->getMockBuilder(IMountPoint::class)->getMock();
+ $mountPoint->method('getMountType')->willReturn('');
+ $file->method('getMountPoint')->willReturn($mountPoint);
+
$cache = $this->getMockBuilder('OCP\Files\Cache\ICache')->getMock();
$cache->method('getNumericStorageId')->willReturn(100);
$storage = $this->createMock(Storage::class);
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, false, []
];
'can_delete' => false,
'item_size' => 123456,
'item_mtime' => 1234567890,
+ 'is-mount-root' => false,
+ 'mount-type' => '',
'attributes' => null,
], $share, true, [
'share_with_displayname' => 'recipientRoomName'
And the HTTP status code should be "200"
And Share fields of last share match with
| item_permissions | 27 |
+
+Scenario: Receiving a share of a file gives no create permission
+ Given user "user0" exists
+ And user "user1" exists
+ And As an "user0"
+ And parameter "shareapi_default_permissions" of app "core" is set to "31"
+ And file "welcome.txt" of user "user0" is shared with user "user1"
+ And sending "GET" to "/apps/files_sharing/api/v1/shares"
+ And share 0 is returned with
+ | path | /welcome.txt |
+ | permissions | 19 |
+ | item_permissions | 27 |
+ When As an "user1"
+ And user "user1" accepts last share
+ And sending "GET" to "/apps/files_sharing/api/v1/shares?shared_with_me=true"
+ Then the list of returned shares has 1 shares
+ And share 0 is returned with
+ | path | /welcome (2).txt |
+ | permissions | 19 |
+ | item_permissions | 27 |
+
+Scenario: Receiving a share of a folder gives create permission
+ Given user "user0" exists
+ And user "user1" exists
+ And As an "user0"
+ And parameter "shareapi_default_permissions" of app "core" is set to "31"
+ And file "PARENT/CHILD" of user "user0" is shared with user "user1"
+ And sending "GET" to "/apps/files_sharing/api/v1/shares"
+ And share 0 is returned with
+ | path | /PARENT/CHILD |
+ | permissions | 31 |
+ | item_permissions | 31 |
+ When As an "user1"
+ And user "user1" accepts last share
+ And sending "GET" to "/apps/files_sharing/api/v1/shares?shared_with_me=true"
+ Then the list of returned shares has 1 shares
+ And share 0 is returned with
+ | path | /CHILD |
+ | permissions | 31 |
+ | item_permissions | 31 |
+
+# User can remove itself from a share
+Scenario: Receiving a share of a file without delete permission gives delete permission anyway
+ Given user "user0" exists
+ And user "user1" exists
+ And As an "user0"
+ And parameter "shareapi_default_permissions" of app "core" is set to "23"
+ And file "welcome.txt" of user "user0" is shared with user "user1"
+ And sending "GET" to "/apps/files_sharing/api/v1/shares"
+ And share 0 is returned with
+ | path | /welcome.txt |
+ | permissions | 19 |
+ | item_permissions | 27 |
+ When As an "user1"
+ And user "user1" accepts last share
+ And sending "GET" to "/apps/files_sharing/api/v1/shares?shared_with_me=true"
+ Then the list of returned shares has 1 shares
+ And share 0 is returned with
+ | path | /welcome (2).txt |
+ | permissions | 19 |
+ | item_permissions | 27 |
+
+Scenario: Receiving a share of a file without delete permission gives delete permission anyway
+ Given user "user0" exists
+ And user "user1" exists
+ And As an "user0"
+ And group "group1" exists
+ And user "user1" belongs to group "group1"
+ And parameter "shareapi_default_permissions" of app "core" is set to "23"
+ And file "welcome.txt" of user "user0" is shared with group "group1"
+ And sending "GET" to "/apps/files_sharing/api/v1/shares"
+ And share 0 is returned with
+ | path | /welcome.txt |
+ | permissions | 19 |
+ | item_permissions | 27 |
+ When As an "user1"
+ And user "user1" accepts last share
+ And sending "GET" to "/apps/files_sharing/api/v1/shares?shared_with_me=true"
+ Then the list of returned shares has 1 shares
+ And share 0 is returned with
+ | path | /welcome (2).txt |
+ | permissions | 19 |
+ | item_permissions | 27 |
projects / nextcloud-server.git / commitdiff