make sure that we only delete shares for the current user

author Bjoern Schiessle <schiessle@owncloud.com>

Wed, 4 Jun 2014 22:37:41 +0000 (00:37 +0200)

committer Robin Appelman <icewind@owncloud.com>

Fri, 6 Jun 2014 07:56:02 +0000 (09:56 +0200)
author Bjoern Schiessle <schiessle@owncloud.com>
Wed, 4 Jun 2014 22:37:41 +0000 (00:37 +0200)
committer Robin Appelman <icewind@owncloud.com>
Fri, 6 Jun 2014 07:56:02 +0000 (09:56 +0200)
diff --git a/lib/private/share/share.php b/lib/private/share/share.php

index 172e61c5dc8a85f9d51658a1476bc7a3db71c5ce..f02eacfed744f12ac3370225e887d68b84b81e0c 100644 (file)
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -718,6 +718,8 @@ class Share extends \OC\Share\Constants {
          */
         public static function unshareFromSelf($itemType, $itemTarget) {
  
+               $uid = \OCP\User::getUser();
+
                 if ($itemType === 'file' || $itemType === 'folder') {
                         $statement = 'SELECT * FROM `*PREFIX*share` WHERE `item_type` = ? and `file_target` = ?';
                 } else {
@@ -732,13 +734,16 @@ class Share extends \OC\Share\Constants {
                 $itemUnshared = false;
                 foreach ($shares as $share) {
                         if ((int)$share['share_type'] === \OCP\Share::SHARE_TYPE_USER &&
-                                       $share['share_with'] === \OCP\User::getUser()) {
+                                       $share['share_with'] === $uid) {
                                 Helper::delete($share['id']);
                                 $itemUnshared = true;
                                 break;
                         } elseif ((int)$share['share_type'] === \OCP\Share::SHARE_TYPE_GROUP) {
-                               $groupShare = $share;
-                       } elseif ((int)$share['share_type'] === self::$shareTypeGroupUserUnique) {
+                               if (\OC_Group::inGroup($uid, $share['share_with'])) {
+                                       $groupShare = $share;
+                               }
+                       } elseif ((int)$share['share_type'] === self::$shareTypeGroupUserUnique &&
+                                       $share['share_with'] === $uid) {
                                 $uniqueGroupShare = $share;
                         }
                 }
author	Bjoern Schiessle <schiessle@owncloud.com>
	Wed, 4 Jun 2014 22:37:41 +0000 (00:37 +0200)
committer	Robin Appelman <icewind@owncloud.com>
	Fri, 6 Jun 2014 07:56:02 +0000 (09:56 +0200)