From f8a531c06c8095be4edcbd70063437e67833668e Mon Sep 17 00:00:00 2001
From: Bjoern Schiessle <bjoern@schiessle.org>
Date: Thu, 14 Jul 2016 20:41:10 +0200
Subject: [PATCH] don't convert link share to federated share if outgoing
 federated shares are forbidden

---
 .../Controller/MountPublicLinkController.php  | 12 ++++++-
 .../MountPublicLinkControllerTest.php         | 36 +++++++++++++------
 2 files changed, 36 insertions(+), 12 deletions(-)

diff --git a/apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php b/apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php
index ec70090f97a..3e61d355b63 100644
--- a/apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php
+++ b/apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php
@@ -114,6 +114,13 @@ class MountPublicLinkController extends Controller {
 	 */
 	public function createFederatedShare($shareWith, $token, $password = '') {
 
+		if (!$this->federatedShareProvider->isOutgoingServer2serverShareEnabled()) {
+			return new JSONResponse(
+				['message' => 'This server doesn\'t support outgoing federated shares'],
+				Http::STATUS_BAD_REQUEST
+			);
+		}
+
 		try {
 			list(, $server) = $this->addressHandler->splitUserRemote($shareWith);
 			$share = $this->shareManager->getShareByToken($token);
@@ -126,7 +133,10 @@ class MountPublicLinkController extends Controller {
 		$authenticated = $this->session->get('public_link_authenticated') === $share->getId() ||
 			$this->shareManager->checkPassword($share, $password);
 		if (!empty($storedPassword) && !$authenticated ) {
-			return new JSONResponse(['message' => 'No permission to access the share'], Http::STATUS_BAD_REQUEST);
+			return new JSONResponse(
+				['message' => 'No permission to access the share'],
+				Http::STATUS_BAD_REQUEST
+			);
 		}
 
 		$share->setSharedWith($shareWith);
diff --git a/apps/federatedfilesharing/tests/Controller/MountPublicLinkControllerTest.php b/apps/federatedfilesharing/tests/Controller/MountPublicLinkControllerTest.php
index 816fc90c4e1..3fe05e72cf4 100644
--- a/apps/federatedfilesharing/tests/Controller/MountPublicLinkControllerTest.php
+++ b/apps/federatedfilesharing/tests/Controller/MountPublicLinkControllerTest.php
@@ -109,13 +109,26 @@ class MountPublicLinkControllerTest extends \Test\TestCase {
 	 * @dataProvider dataTestCreateFederatedShare
 	 *
 	 * @param string $shareWith
+	 * @param bool $outgoingSharesAllowed
 	 * @param bool $validShareWith
 	 * @param string $token
 	 * @param bool $validToken
 	 * @param bool $createSuccessful
 	 * @param string $expectedReturnData
 	 */
-	public function testCreateFederatedShare($shareWith, $validShareWith, $token, $validToken, $createSuccessful, $expectedReturnData) {
+	public function testCreateFederatedShare($shareWith,
+											 $outgoingSharesAllowed,
+											 $validShareWith,
+											 $token,
+											 $validToken,
+											 $createSuccessful,
+											 $expectedReturnData
+	) {
+
+		$this->federatedShareProvider->expects($this->any())
+			->method('isOutgoingServer2serverShareEnabled')
+			->willReturn($outgoingSharesAllowed);
+
 		$this->addressHandler->expects($this->any())->method('splitUserRemote')
 			->with($shareWith)
 			->willReturnCallback(
@@ -154,7 +167,7 @@ class MountPublicLinkControllerTest extends \Test\TestCase {
 
 		$result = $this->controller->createFederatedShare($shareWith, $token);
 
-		$errorCase = !$validShareWith || !$validToken || !$createSuccessful;
+		$errorCase = !$validShareWith || !$validToken || !$createSuccessful || !$outgoingSharesAllowed;
 
 		if ($errorCase) {
 			$this->assertSame(Http::STATUS_BAD_REQUEST, $result->getStatus());
@@ -171,15 +184,16 @@ class MountPublicLinkControllerTest extends \Test\TestCase {
 
 	public function dataTestCreateFederatedShare() {
 		return [
-			//shareWith, validShareWith, token, validToken, createSuccessful, expectedReturnData
-			['user@server', true, 'token', true, true, 'server'],
-			['user@server', false, 'token', true, true, 'invalid federated cloud id'],
-			['user@server', false, 'token', false, true, 'invalid federated cloud id'],
-			['user@server', false, 'token', false, false, 'invalid federated cloud id'],
-			['user@server', false, 'token', true, false, 'invalid federated cloud id'],
-			['user@server', true, 'token', false, true, 'invalid token'],
-			['user@server', true, 'token', false, false, 'invalid token'],
-			['user@server', true, 'token', true, false, 'can not create share']
+			//shareWith, outgoingSharesAllowed, validShareWith, token, validToken, createSuccessful, expectedReturnData
+			['user@server', true, true, 'token', true, true, 'server'],
+			['user@server', true, false, 'token', true, true, 'invalid federated cloud id'],
+			['user@server', true, false, 'token', false, true, 'invalid federated cloud id'],
+			['user@server', true, false, 'token', false, false, 'invalid federated cloud id'],
+			['user@server', true, false, 'token', true, false, 'invalid federated cloud id'],
+			['user@server', true, true, 'token', false, true, 'invalid token'],
+			['user@server', true, true, 'token', false, false, 'invalid token'],
+			['user@server', true, true, 'token', true, false, 'can not create share'],
+			['user@server', false, true, 'token', true, true, 'This server doesn\'t support outgoing federated shares'],
 		];
 	}
 
-- 
2.39.5