also check for the correct owner if it was submitted

diff --git a/apps/files_sharing/lib/share/folder.php b/apps/files_sharing/lib/share/folder.php
index 2671f5738b763123101b8bbf9c280c4562fb517b..f86e96244320d81a60c069f3a6e92d53432742a6 100644 (file)
--- a/apps/files_sharing/lib/share/folder.php
+++ b/apps/files_sharing/lib/share/folder.php
@@ -26,13 +26,14 @@ class OC_Share_Backend_Folder extends OC_Share_Backend_File implements OCP\Share
         *
         * @param int $itemSource item source ID
         * @param string $shareWith with whom should the item be shared
+        * @param string $owner owner of the item
         * @return array with shares
         */
-       public function getParents($itemSource, $shareWith = null) {
+       public function getParents($itemSource, $shareWith = null, $owner = null) {
                $result = array();
                $parent = $this->getParentId($itemSource);
                while ($parent) {
-                       $shares = \OCP\Share::getItemSharedWithUser('folder', $parent, $shareWith);
+                       $shares = \OCP\Share::getItemSharedWithUser('folder', $parent, $shareWith, $owner);
                        if ($shares) {
                                foreach ($shares as $share) {
                                        $name = substr($share['path'], strrpos($share['path'], '/') + 1);

diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index a8febc9aca7236446790785ad007f776c5cddb0c..10fff9aeacf61aae9e9268689c683e5e7ba69afd 100644 (file)
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -287,12 +287,12 @@ class Share extends \OC\Share\Constants {
         * Get the item of item type shared with a given user by source
         * @param string $itemType
         * @param string $itemSource
-        * @param string $user User user to whom the item was shared
+        * @param string $user User to whom the item was shared
+        * @param string $owner Owner of the share
         * @param int $shareType only look for a specific share type
         * @return array Return list of items with file_target, permissions and expiration
         */
-       public static function getItemSharedWithUser($itemType, $itemSource, $user, $shareType = null) {
-
+       public static function getItemSharedWithUser($itemType, $itemSource, $user, $owner = null, $shareType = null) {
                $shares = array();
                $fileDependend = false;
 
@@ -320,6 +320,11 @@ class Share extends \OC\Share\Constants {
                        $arguments[] = $shareType;
                }
 
+               if ($owner !== null) {
+                       $where .= ' AND `uid_owner` = ? ';
+                       $arguments[] = $owner;
+               }
+
                $query = \OC_DB::prepare('SELECT ' . $select . ' FROM `*PREFIX*share` '. $where);
 
                $result = \OC_DB::executeAudited($query, $arguments);
@@ -701,7 +706,7 @@ class Share extends \OC\Share\Constants {
                // check if it is a valid itemType
                self::getBackend($itemType);
 
-               $items = self::getItemSharedWithUser($itemType, $itemSource, $shareWith, $shareType);
+               $items = self::getItemSharedWithUser($itemType, $itemSource, $shareWith, null, $shareType);
 
                $toDelete = array();
                $newParent = null;
@@ -1629,7 +1634,7 @@ class Share extends \OC\Share\Constants {
                        // Need to find a solution which works for all back-ends
                        $collectionItems = array();
                        $collectionBackend = self::getBackend('folder');
-                       $sharedParents = $collectionBackend->getParents($item, $shareWith);
+                       $sharedParents = $collectionBackend->getParents($item, $shareWith, $uidOwner);
                        foreach ($sharedParents as $parent) {
                                $collectionItems[] = $parent;
                        }

diff --git a/lib/public/share.php b/lib/public/share.php
index 449d1fa211ef745af8428a9858aa06475f17edea..333e0a269707450c40981753e2c873c74131787b 100644 (file)
--- a/lib/public/share.php
+++ b/lib/public/share.php
@@ -125,11 +125,12 @@ class Share extends \OC\Share\Constants {
         * Get the item of item type shared with a given user by source
         * @param string $itemType
         * @param string $itemSource
-        * @param string $user User user to whom the item was shared
+        * @param string $user User to whom the item was shared
+        * @param string $owner Owner of the share
         * @return array Return list of items with file_target, permissions and expiration
         */
-       public static function getItemSharedWithUser($itemType, $itemSource, $user) {
-               return \OC\Share\Share::getItemSharedWithUser($itemType, $itemSource, $user);
+       public static function getItemSharedWithUser($itemType, $itemSource, $user, $owner = null) {
+               return \OC\Share\Share::getItemSharedWithUser($itemType, $itemSource, $user, $owner);
        }
 
        /**

diff --git a/tests/lib/share/share.php b/tests/lib/share/share.php
index 7ae458a797d6f833f4bea772ff91c9bd93ce0fa5..b5cdab0025b07b2192160a7af5611cab7cfe52b0 100644 (file)
--- a/tests/lib/share/share.php
+++ b/tests/lib/share/share.php
@@ -658,6 +658,50 @@ class Test_Share extends \Test\TestCase {
                return $row;
        }
 
+       public function testGetItemSharedWithUser() {
+               OC_User::setUserId($this->user1);
+
+               //add dummy values to the share table
+               $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` ('
+                       .' `item_type`, `item_source`, `item_target`, `share_type`,'
+                       .' `share_with`, `uid_owner`) VALUES (?,?,?,?,?,?)');
+               $args = array('test', 99, 'target1', OCP\Share::SHARE_TYPE_USER, $this->user2, $this->user1);
+               $query->execute($args);
+               $args = array('test', 99, 'target2', OCP\Share::SHARE_TYPE_USER, $this->user4, $this->user1);
+               $query->execute($args);
+               $args = array('test', 99, 'target3', OCP\Share::SHARE_TYPE_USER, $this->user3, $this->user2);
+               $query->execute($args);
+               $args = array('test', 99, 'target4', OCP\Share::SHARE_TYPE_USER, $this->user3, $this->user4);
+               $query->execute($args);
+
+
+               $result1 = \OCP\Share::getItemSharedWithUser('test', 99, $this->user2, $this->user1);
+               $this->assertSame(1, count($result1));
+               $this->verifyResult($result1, array('target1'));
+
+               $result2 = \OCP\Share::getItemSharedWithUser('test', 99, null, $this->user1);
+               $this->assertSame(2, count($result2));
+               $this->verifyResult($result2, array('target1', 'target2'));
+
+               $result3 = \OCP\Share::getItemSharedWithUser('test', 99, $this->user3);
+               $this->assertSame(2, count($result3));
+               $this->verifyResult($result3, array('target3', 'target4'));
+
+               $result4 = \OCP\Share::getItemSharedWithUser('test', 99, null, null);
+               $this->assertSame(4, count($result4));
+               $this->verifyResult($result4, array('target1', 'target2', 'target3', 'target4'));
+       }
+
+       public function verifyResult($result, $expected) {
+               foreach ($result as $r) {
+                       if (in_array($r['item_target'], $expected)) {
+                               $key = array_search($r['item_target'], $expected);
+                               unset($expected[$key]);
+                       }
+               }
+               $this->assertEmpty($expected, 'did not found all expected values');
+       }
+
        public function testShareItemWithLink() {
                OC_User::setUserId($this->user1);
                $token = OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_LINK, null, OCP\PERMISSION_READ);