8 jaren geleden · 6957917b20
--- a/apps/files_sharing/api/share20ocs.php
+++ b/apps/files_sharing/api/share20ocs.php
@@ -464,10 +464,41 @@ class Share20OCS {
 		 * expirationdate, password and publicUpload only make sense for link shares
 		 */
 		if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) {
 			if ($password === null && $publicUpload === null && $expireDate === null) {
 			if ($permissions === null && $password === null && $publicUpload === null && $expireDate === null) {
 				return new \OC_OCS_Result(null, 400, 'Wrong or no update parameter given');
 			}

 			$newPermissions = null;
 			if ($publicUpload === 'true') {
 				$newPermissions = \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE;
 			} else if ($publicUpload === 'false') {
 				$newPermissions = \OCP\Constants::PERMISSION_READ;
 			}

 			if ($permissions !== null) {
 				$newPermissions = (int)$permissions;
 			}

 			if ($newPermissions !== null &&
 				$newPermissions !== \OCP\Constants::PERMISSION_READ &&
 				$newPermissions !== (\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE)) {
 				return new \OC_OCS_Result(null, 400, 'can\'t change permission for public link share');
 			}

 			if ($newPermissions === (\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE)) {
 				if (!$this->shareManager->shareApiLinkAllowPublicUpload()) {
 					return new \OC_OCS_Result(null, 403, 'public upload disabled by the administrator');
 				}

 				if (!($share->getPath() instanceof \OCP\Files\Folder)) {
 					return new \OC_OCS_Result(null, 400, "public upload is only possible for public shared folders");
 				}
 			}

 			if ($newPermissions !== null) {
 				$share->setPermissions($newPermissions);
 			}

 			if ($expireDate === '') {
 				$share->setExpirationDate(null);
 			} else if ($expireDate !== null) {
@@ -485,20 +516,8 @@ class Share20OCS {
 				$share->setPassword($password);
 			}

 			if ($publicUpload === 'true') {
 				if(!$this->shareManager->shareApiLinkAllowPublicUpload()) {
 					return new \OC_OCS_Result(null, 403, "public upload disabled by the administrator");
 				}

 				if (!($share->getPath() instanceof \OCP\Files\Folder)) {
 					return new \OC_OCS_Result(null, 400, "public upload is only possible for public shared folders");
 				}

 				$share->setPermissions(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE);
 			} else if ($publicUpload === 'false') {
 				$share->setPermissions(\OCP\Constants::PERMISSION_READ);
 			}
 		} else {
 			// For other shares only permissions is valid.
 			if ($permissions === null) {
 				return new \OC_OCS_Result(null, 400, 'Wrong or no update parameter given');
 			} else {
@@ -518,6 +537,14 @@ class Share20OCS {
 		return new \OC_OCS_Result($this->formatShare($share));
 	}

 	public function validatePermissions($permissions) {
 		if ($permissions < 0 || $permissions > \OCP\Constants::PERMISSION_ALL) {
 			return false;
 		}


 	}

 	/**
 	 * @param IShare $share
 	 * @return bool
--- a/apps/files_sharing/tests/api/share20ocstest.php
+++ b/apps/files_sharing/tests/api/share20ocstest.php
@@ -1252,6 +1252,78 @@ class Share20OCSTest extends \Test\TestCase {
 		$this->assertEquals($expected->getData(), $result->getData());
 	}

 	public function testUpdateLinkSharePermissions() {
 		$ocs = $this->mockFormatShare();

 		$date = new \DateTime('2000-01-01');

 		$folder = $this->getMock('\OCP\Files\Folder');

 		$share = \OC::$server->getShareManager()->newShare();
 		$share->setPermissions(\OCP\Constants::PERMISSION_ALL)
 			->setSharedBy($this->currentUser)
 			->setShareType(\OCP\Share::SHARE_TYPE_LINK)
 			->setPassword('password')
 			->setExpirationDate($date)
 			->setPermissions(\OCP\Constants::PERMISSION_ALL)
 			->setPath($folder);

 		$this->request
 			->method('getParam')
 			->will($this->returnValueMap([
 				['permissions', null, '7'],
 			]));

 		$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);
 		$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);

 		$this->shareManager->expects($this->once())->method('updateShare')->with(
 			$this->callback(function (IShare $share) use ($date) {
 				return $share->getPermissions() === \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_DELETE &&
 				$share->getPassword() === 'password' &&
 				$share->getExpirationDate() === $date;
 			})
 		);

 		$expected = new \OC_OCS_Result(null);
 		$result = $ocs->updateShare(42);

 		$this->assertEquals($expected->getMeta(), $result->getMeta());
 		$this->assertEquals($expected->getData(), $result->getData());
 	}

 	public function testUpdateLinkShareInvalidPermissions() {
 		$ocs = $this->mockFormatShare();

 		$date = new \DateTime('2000-01-01');

 		$folder = $this->getMock('\OCP\Files\Folder');

 		$share = \OC::$server->getShareManager()->newShare();
 		$share->setPermissions(\OCP\Constants::PERMISSION_ALL)
 			->setSharedBy($this->currentUser)
 			->setShareType(\OCP\Share::SHARE_TYPE_LINK)
 			->setPassword('password')
 			->setExpirationDate($date)
 			->setPermissions(\OCP\Constants::PERMISSION_ALL)
 			->setPath($folder);

 		$this->request
 			->method('getParam')
 			->will($this->returnValueMap([
 				['permissions', null, '31'],
 			]));

 		$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);
 		$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);

 		$expected = new \OC_OCS_Result(null, 400, 'can\'t change permission for public link share');
 		$result = $ocs->updateShare(42);

 		$this->assertEquals($expected->getMeta(), $result->getMeta());
 		$this->assertEquals($expected->getData(), $result->getData());
 	}

 	public function testUpdateOtherPermissions() {
 		$ocs = $this->mockFormatShare();