mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 994 Wiki Activity
Browse Source

Allow increasing permissions for share owner 

In some cases, the owner of the share is also recipient through a group
share. The owner must still be able to increase permissions in that
situation.
tags/v11.0RC2
Vincent Petry 7 years ago
parent
feb85981cd
commit
fb52b1af67
No account linked to committer's email address
2 changed files with 109 additions and 1 deletions
Split View Show Diff Stats
  1. 1
    1
      apps/files_sharing/lib/API/Share20OCS.php
  2. 108
    0
      apps/files_sharing/tests/API/Share20OCSTest.php

+ 1
- 1
apps/files_sharing/lib/API/Share20OCS.php View File

@@ -661,7 +661,7 @@ class Share20OCS extends OCSController {
}
}

if ($permissions !== null) {
if ($permissions !== null && $share->getShareOwner() !== $this->currentUser->getUID()) {
/* Check if this is an incomming share */
$incomingShares = $this->shareManager->getSharedWith($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_USER, $share->getNode(), -1, 0);
$incomingShares = array_merge($incomingShares, $this->shareManager->getSharedWith($this->currentUser->getUID(), \OCP\Share::SHARE_TYPE_GROUP, $share->getNode(), -1, 0));

+ 108
- 0
apps/files_sharing/tests/API/Share20OCSTest.php View File

@@ -1569,6 +1569,114 @@ class Share20OCSTest extends \Test\TestCase {
$this->assertEquals($expected->getData(), $result->getData());
}

public function testUpdateShareCannotIncreasePermissions() {
$ocs = $this->mockFormatShare();

$date = new \DateTime('2000-01-01');

$folder = $this->getMock('\OCP\Files\Folder');

$share = \OC::$server->getShareManager()->newShare();
$share
->setId(42)
->setSharedBy($this->currentUser->getUID())
->setShareOwner('anotheruser')
->setShareType(\OCP\Share::SHARE_TYPE_GROUP)
->setSharedWith('group1')
->setPermissions(\OCP\Constants::PERMISSION_READ)
->setNode($folder);

// note: updateShare will modify the received instance but getSharedWith will reread from the database,
// so their values will be different
$incomingShare = \OC::$server->getShareManager()->newShare();
$incomingShare
->setId(42)
->setSharedBy($this->currentUser->getUID())
->setShareOwner('anotheruser')
->setShareType(\OCP\Share::SHARE_TYPE_GROUP)
->setSharedWith('group1')
->setPermissions(\OCP\Constants::PERMISSION_READ)
->setNode($folder);

$this->request
->method('getParam')
->will($this->returnValueMap([
['permissions', null, '31'],
]));

$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);

$this->shareManager->expects($this->any(0))
->method('getSharedWith')
->will($this->returnValueMap([
['currentUser', \OCP\Share::SHARE_TYPE_USER, $share->getNode(), -1, 0, []],
['currentUser', \OCP\Share::SHARE_TYPE_GROUP, $share->getNode(), -1, 0, [$incomingShare]]
]));

$this->shareManager->expects($this->never())->method('updateShare');

$expected = new \OC_OCS_Result(null, 404, 'Cannot increase permissions');
$result = $ocs->updateShare(42);

$this->assertEquals($expected->getMeta(), $result->getMeta());
$this->assertEquals($expected->getData(), $result->getData());
}

public function testUpdateShareCanIncreasePermissionsIfOwner() {
$ocs = $this->mockFormatShare();

$date = new \DateTime('2000-01-01');

$folder = $this->getMock('\OCP\Files\Folder');

$share = \OC::$server->getShareManager()->newShare();
$share
->setId(42)
->setSharedBy($this->currentUser->getUID())
->setShareOwner($this->currentUser->getUID())
->setShareType(\OCP\Share::SHARE_TYPE_GROUP)
->setSharedWith('group1')
->setPermissions(\OCP\Constants::PERMISSION_READ)
->setNode($folder);

// note: updateShare will modify the received instance but getSharedWith will reread from the database,
// so their values will be different
$incomingShare = \OC::$server->getShareManager()->newShare();
$incomingShare
->setId(42)
->setSharedBy($this->currentUser->getUID())
->setShareOwner($this->currentUser->getUID())
->setShareType(\OCP\Share::SHARE_TYPE_GROUP)
->setSharedWith('group1')
->setPermissions(\OCP\Constants::PERMISSION_READ)
->setNode($folder);

$this->request
->method('getParam')
->will($this->returnValueMap([
['permissions', null, '31'],
]));

$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);

$this->shareManager->expects($this->any(0))
->method('getSharedWith')
->will($this->returnValueMap([
['currentUser', \OCP\Share::SHARE_TYPE_USER, $share->getNode(), -1, 0, []],
['currentUser', \OCP\Share::SHARE_TYPE_GROUP, $share->getNode(), -1, 0, [$incomingShare]]
]));

$this->shareManager->expects($this->once())
->method('updateShare')
->with($share)
->willReturn($share);

$expected = new \OC_OCS_Result();
$result = $ocs->updateShare(42);

$this->assertEquals($expected->getMeta(), $result->getMeta());
$this->assertEquals($expected->getData(), $result->getData());
}
public function dataFormatShare() {
$file = $this->getMockBuilder('\OCP\Files\File')->getMock();
$folder = $this->getMockBuilder('\OCP\Files\Folder')->getMock();

Write Preview
Loading…
Cancel
Save