diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2016-12-16 13:15:07 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-12-16 13:15:07 +0100 |
| commit | 80ab69ba3f9e1b09210e188873fc5ce13366e558 (patch) | |
| tree | 0cc340db3c72614a423168ba6b5b7401b2e5036a | |
| parent | 3f20302a01703394c225e37daefcd237120ef943 (diff) | |
| parent | be09724a3ebd1f2fb2625f197299bcf07897c187 (diff) | |
| download | nextcloud-server-80ab69ba3f9e1b09210e188873fc5ce13366e558.tar.gz nextcloud-server-80ab69ba3f9e1b09210e188873fc5ce13366e558.zip | |
Merge pull request #2696 from nextcloud/shared-scanner-unmasked-11
[11] use unmasked permissions in shared scanner
| -rw-r--r-- | apps/files_sharing/lib/Scanner.php | 9 | ||||
| -rw-r--r-- | apps/files_sharing/lib/SharedStorage.php | 3 | ||||
| -rw-r--r-- | apps/files_sharing/tests/SharedStorageTest.php | 28 | ||||
| -rw-r--r-- | build/integration/features/webdav-related.feature | 20 |
4 files changed, 57 insertions, 3 deletions
diff --git a/apps/files_sharing/lib/Scanner.php b/apps/files_sharing/lib/Scanner.php index 86c6b58f439..cab04fa9309 100644 --- a/apps/files_sharing/lib/Scanner.php +++ b/apps/files_sharing/lib/Scanner.php @@ -31,6 +31,11 @@ use OC\Files\ObjectStore\NoopScanner; * Scanner for SharedStorage */ class Scanner extends \OC\Files\Cache\Scanner { + /** + * @var \OCA\Files_Sharing\SharedStorage $storage + */ + protected $storage; + private $sourceScanner; /** @@ -46,8 +51,8 @@ class Scanner extends \OC\Files\Cache\Scanner { if ($data === null) { return null; } - list($sourceStorage, $internalPath) = $this->storage->resolvePath($path); - $data['permissions'] = $sourceStorage->getPermissions($internalPath); + $internalPath = $this->storage->getSourcePath($path); + $data['permissions'] = $this->storage->getSourceStorage()->getPermissions($internalPath); return $data; } diff --git a/apps/files_sharing/lib/SharedStorage.php b/apps/files_sharing/lib/SharedStorage.php index ad250a790fa..888cbfda143 100644 --- a/apps/files_sharing/lib/SharedStorage.php +++ b/apps/files_sharing/lib/SharedStorage.php @@ -446,7 +446,8 @@ class SharedStorage extends \OC\Files\Storage\Wrapper\Jail implements ISharedSto } public function getSourceStorage() { - return $this->getWrapperStorage(); + $this->init(); + return $this->nonMaskedStorage; } public function getWrapperStorage() { diff --git a/apps/files_sharing/tests/SharedStorageTest.php b/apps/files_sharing/tests/SharedStorageTest.php index f1b0cbb8fbb..eaa138b0f70 100644 --- a/apps/files_sharing/tests/SharedStorageTest.php +++ b/apps/files_sharing/tests/SharedStorageTest.php @@ -531,4 +531,32 @@ class SharedStorageTest extends TestCase { $this->shareManager->deleteShare($share1); $this->shareManager->deleteShare($share2); } + + public function testOwnerPermissions() { + self::loginHelper(self::TEST_FILES_SHARING_API_USER1); + + $share = $this->share( + \OCP\Share::SHARE_TYPE_USER, + $this->folder, + self::TEST_FILES_SHARING_API_USER1, + self::TEST_FILES_SHARING_API_USER2, + \OCP\Constants::PERMISSION_ALL - \OCP\Constants::PERMISSION_DELETE + ); + + self::loginHelper(self::TEST_FILES_SHARING_API_USER2); + $view = new \OC\Files\View('/' . self::TEST_FILES_SHARING_API_USER2 . '/files'); + $this->assertTrue($view->file_exists($this->folder)); + + $view->file_put_contents($this->folder . '/newfile.txt', 'asd'); + + self::loginHelper(self::TEST_FILES_SHARING_API_USER1); + + $this->assertTrue($this->view->file_exists($this->folder . '/newfile.txt')); + $this->assertEquals(\OCP\Constants::PERMISSION_ALL - \OCP\Constants::PERMISSION_CREATE, + $this->view->getFileInfo($this->folder . '/newfile.txt')->getPermissions()); + + $this->view->unlink($this->folder); + $this->shareManager->deleteShare($share); + + } } diff --git a/build/integration/features/webdav-related.feature b/build/integration/features/webdav-related.feature index d90eb038e0b..658e689f54e 100644 --- a/build/integration/features/webdav-related.feature +++ b/build/integration/features/webdav-related.feature @@ -427,3 +427,23 @@ Feature: webdav-related And User "user0" uploads file with content "copytest" to "/copytest.txt" When User "user0" copies file "/copytest.txt" to "/testcopypermissionsNotAllowed/copytest.txt" Then the HTTP status code should be "403" + + Scenario: Uploading a file as recipient with limited permissions + Given using new dav path + And As an "admin" + And user "user0" exists + And user "user1" exists + And user "user0" has a quota of "10 MB" + And user "user1" has a quota of "10 MB" + And As an "user1" + And user "user1" created a folder "/testfolder" + And as "user1" creating a share with + | path | testfolder | + | shareType | 0 | + | permissions | 23 | + | shareWith | user0 | + And As an "user0" + And User "user0" uploads file "data/textfile.txt" to "/testfolder/asdf.txt" + And As an "user1" + When User "user1" deletes file "/testfolder/asdf.txt" + Then the HTTP status code should be "204" |