diff options
| author | Michael Gapczynski <mtgap@owncloud.com> | 2013-02-10 19:09:58 -0500 |
|---|---|---|
| committer | Michael Gapczynski <mtgap@owncloud.com> | 2013-02-10 19:09:58 -0500 |
| commit | 8e3b8c7f47ab12e1612d3fa025e6b9eb7f5ffdb3 (patch) | |
| tree | 33c270d8946a00c41b00e80ae4c233d11a849255 | |
| parent | c6985d6cd4da69715773b3d4eb65cf17977c8cc4 (diff) | |
| download | nextcloud-server-8e3b8c7f47ab12e1612d3fa025e6b9eb7f5ffdb3.tar.gz nextcloud-server-8e3b8c7f47ab12e1612d3fa025e6b9eb7f5ffdb3.zip | |
Proper fix for shared links
| -rw-r--r-- | apps/files_sharing/lib/sharedstorage.php | 2 | ||||
| -rw-r--r-- | apps/files_sharing/public.php | 45 | ||||
| -rw-r--r-- | lib/files/filesystem.php | 4 | ||||
| -rwxr-xr-x | lib/util.php | 2 |
4 files changed, 29 insertions, 24 deletions
diff --git a/apps/files_sharing/lib/sharedstorage.php b/apps/files_sharing/lib/sharedstorage.php index ea28ca69b93..65812b7e2fd 100644 --- a/apps/files_sharing/lib/sharedstorage.php +++ b/apps/files_sharing/lib/sharedstorage.php @@ -390,7 +390,7 @@ class Shared extends \OC\Files\Storage\Common { } public static function setup($options) { - if (\OCP\Share::getItemsSharedWith('file')) { + if (!\OCP\User::isLoggedIn() || \OCP\User::getUser() != $options['user'] || \OCP\Share::getItemsSharedWith('file')) { $user_dir = $options['user_dir']; \OC\Files\Filesystem::mount('\OC\Files\Storage\Shared', array('sharedFolder' => '/Shared'), $user_dir.'/Shared/'); } diff --git a/apps/files_sharing/public.php b/apps/files_sharing/public.php index 29b7b3dee71..47e074edb8c 100644 --- a/apps/files_sharing/public.php +++ b/apps/files_sharing/public.php @@ -11,14 +11,26 @@ if (isset($_GET['t'])) { $type = $linkItem['item_type']; $fileSource = $linkItem['file_source']; $shareOwner = $linkItem['uid_owner']; - if (OCP\User::userExists($shareOwner) && $fileSource != -1) { - OC_Util::setupFS($shareOwner); - $path = $linkItem['file_target']; + $fileOwner = null; + $path = null; + if (isset($linkItem['parent'])) { + $parent = $linkItem['parent']; + while (isset($parent)) { + $query = \OC_DB::prepare('SELECT `parent`, `uid_owner` FROM `*PREFIX*share` WHERE `id` = ?', 1); + $item = $query->execute(array($parent))->fetchRow(); + if (isset($item['parent'])) { + $parent = $item['parent']; + } else { + $fileOwner = $item['uid_owner']; + break; + } + } } else { - header('HTTP/1.0 404 Not Found'); - $tmpl = new OCP\Template('', '404', 'guest'); - $tmpl->printPage(); - exit(); + $fileOwner = $shareOwner; + } + if (isset($fileOwner)) { + OC_Util::setupFS($fileOwner); + $path = \OC\Files\Filesystem::getPath($linkItem['file_source']); } } } else { @@ -55,7 +67,7 @@ if (isset($_GET['t'])) { } } -if ($linkItem) { +if (isset($path)) { if (!isset($linkItem['item_type'])) { OCP\Util::writeLog('share', 'No item type set for share id: ' . $linkItem['id'], \OCP\Util::ERROR); header('HTTP/1.0 404 Not Found'); @@ -123,20 +135,12 @@ if ($linkItem) { $file = basename($path); // Download the file if (isset($_GET['download'])) { - if (isset($_GET['path']) && $_GET['path'] !== '') { - if (isset($_GET['files'])) { // download selected files - OC_Files::get($path, $_GET['files'], $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); - } else { - if (isset($_GET['path']) && $_GET['path'] != '') { // download a file from a shared directory - OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); - } else { // download the whole shared directory - OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); - } - } - } else { // download a single shared file + if (isset($_GET['files'])) { // download selected files + OC_Files::get($dir, $_GET['files'], $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); + } else { OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); } - + exit(); } else { OCP\Util::addStyle('files_sharing', 'public'); OCP\Util::addScript('files_sharing', 'public'); @@ -147,6 +151,7 @@ if ($linkItem) { $tmpl->assign('dir', $dir); $tmpl->assign('filename', $file); $tmpl->assign('mimetype', \OC\Files\Filesystem::getMimeType($path)); + $tmpl->assign('fileTarget', basename($linkItem['file_target'])); $urlLinkIdentifiers= (isset($token)?'&t='.$token:'') .(isset($_GET['dir'])?'&dir='.$_GET['dir']:'') .(isset($_GET['file'])?'&file='.$_GET['file']:''); diff --git a/lib/files/filesystem.php b/lib/files/filesystem.php index 71bf3d8708d..a0c3c4b9b75 100644 --- a/lib/files/filesystem.php +++ b/lib/files/filesystem.php @@ -190,14 +190,14 @@ class Filesystem { } } - static public function init($root) { + static public function init($user, $root) { if (self::$defaultInstance) { return false; } self::$defaultInstance = new View($root); //load custom mount config - self::initMountPoints(); + self::initMountPoints($user); self::$loaded = true; diff --git a/lib/util.php b/lib/util.php index a5fe4cb175a..54a3f634041 100755 --- a/lib/util.php +++ b/lib/util.php @@ -51,7 +51,7 @@ class OC_Util { mkdir( $userdirectory, 0755, true ); } //jail the user into his "home" directory - \OC\Files\Filesystem::init($user_dir); + \OC\Files\Filesystem::init($user, $user_dir); $quotaProxy=new OC_FileProxy_Quota(); $fileOperationProxy = new OC_FileProxy_FileOperations(); |