From 98fa5fe627b1acb12aa5d85f9e4aad05d6c063b7 Mon Sep 17 00:00:00 2001 From: =?utf8?q?C=C3=B4me=20Chilliet?= Date: Thu, 3 Aug 2023 16:13:38 +0200 Subject: [PATCH] Set files_sharing:hide_disabled_user_shares to 'yes' to hide shares from disabled users MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Côme Chilliet --- lib/private/Share20/Manager.php | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 732bd5bb97d..b03d304aa1e 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -1352,7 +1352,7 @@ class Manager implements IManager { $added = 0; foreach ($shares as $share) { try { - $this->checkExpireDate($share); + $this->checkShare($share); } catch (ShareNotFound $e) { //Ignore since this basically means the share is deleted continue; @@ -1411,7 +1411,7 @@ class Manager implements IManager { // remove all shares which are already expired foreach ($shares as $key => $share) { try { - $this->checkExpireDate($share); + $this->checkShare($share); } catch (ShareNotFound $e) { unset($shares[$key]); } @@ -1457,7 +1457,7 @@ class Manager implements IManager { $share = $provider->getShareById($id, $recipient); - $this->checkExpireDate($share); + $this->checkShare($share); return $share; } @@ -1541,7 +1541,7 @@ class Manager implements IManager { throw new ShareNotFound($this->l->t('The requested share does not exist anymore')); } - $this->checkExpireDate($share); + $this->checkShare($share); /* * Reduce the permissions for link or email shares if public upload is not enabled @@ -1554,11 +1554,25 @@ class Manager implements IManager { return $share; } - protected function checkExpireDate($share) { + /** + * Check expire date and disabled owner + * + * @throws ShareNotFound + */ + protected function checkShare(IShare $share): void { if ($share->isExpired()) { $this->deleteShare($share); throw new ShareNotFound($this->l->t('The requested share does not exist anymore')); } + if ($this->config->getAppValue('files_sharing', 'hide_disabled_user_shares', 'no') === 'yes') { + $uids = array_unique([$share->getShareOwner(),$share->getSharedBy()]); + foreach ($uids as $uid) { + $user = $this->userManager->get($uid); + if (($user !== null) && !$user->isEnabled()) { + throw new ShareNotFound($this->l->t('The requested share comes from a disabled user')); + } + } + } } /** -- 2.39.5