Merge pull request #12084 from owncloud/sharing_fix_shared_with_info

sharing: make sure that we only find the shares from a given owner 

4 files changed, 61 insertions, 10 deletions

diff --git a/apps/files_sharing/lib/share/folder.php b/apps/files_sharing/lib/share/folder.php
index 2671f5738b7..f86e9624432 100644
--- a/apps/files_sharing/lib/share/folder.php
+++ b/apps/files_sharing/lib/share/folder.php
@@ -26,13 +26,14 @@ class OC_Share_Backend_Folder extends OC_Share_Backend_File implements OCP\Share
 	 *
 	 * @param int $itemSource item source ID
 	 * @param string $shareWith with whom should the item be shared
+	 * @param string $owner owner of the item
 	 * @return array with shares
 	 */
-	public function getParents($itemSource, $shareWith = null) {
+	public function getParents($itemSource, $shareWith = null, $owner = null) {
 		$result = array();
 		$parent = $this->getParentId($itemSource);
 		while ($parent) {
-			$shares = \OCP\Share::getItemSharedWithUser('folder', $parent, $shareWith);
+			$shares = \OCP\Share::getItemSharedWithUser('folder', $parent, $shareWith, $owner);
 			if ($shares) {
 				foreach ($shares as $share) {
 					$name = substr($share['path'], strrpos($share['path'], '/') + 1);
diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index a8febc9aca7..10fff9aeacf 100644
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -287,12 +287,12 @@ class Share extends \OC\Share\Constants {
 	 * Get the item of item type shared with a given user by source
 	 * @param string $itemType
 	 * @param string $itemSource
-	 * @param string $user User user to whom the item was shared
+	 * @param string $user User to whom the item was shared
+	 * @param string $owner Owner of the share
 	 * @param int $shareType only look for a specific share type
 	 * @return array Return list of items with file_target, permissions and expiration
 	 */
-	public static function getItemSharedWithUser($itemType, $itemSource, $user, $shareType = null) {
-
+	public static function getItemSharedWithUser($itemType, $itemSource, $user, $owner = null, $shareType = null) {
 		$shares = array();
 		$fileDependend = false;
 
@@ -320,6 +320,11 @@ class Share extends \OC\Share\Constants {
 			$arguments[] = $shareType;
 		}
 
+		if ($owner !== null) {
+			$where .= ' AND `uid_owner` = ? ';
+			$arguments[] = $owner;
+		}
+
 		$query = \OC_DB::prepare('SELECT ' . $select . ' FROM `*PREFIX*share` '. $where);
 
 		$result = \OC_DB::executeAudited($query, $arguments);
@@ -701,7 +706,7 @@ class Share extends \OC\Share\Constants {
 		// check if it is a valid itemType
 		self::getBackend($itemType);
 
-		$items = self::getItemSharedWithUser($itemType, $itemSource, $shareWith, $shareType);
+		$items = self::getItemSharedWithUser($itemType, $itemSource, $shareWith, null, $shareType);
 
 		$toDelete = array();
 		$newParent = null;
@@ -1629,7 +1634,7 @@ class Share extends \OC\Share\Constants {
 			// Need to find a solution which works for all back-ends
 			$collectionItems = array();
 			$collectionBackend = self::getBackend('folder');
-			$sharedParents = $collectionBackend->getParents($item, $shareWith);
+			$sharedParents = $collectionBackend->getParents($item, $shareWith, $uidOwner);
 			foreach ($sharedParents as $parent) {
 				$collectionItems[] = $parent;
 			}
diff --git a/lib/public/share.php b/lib/public/share.php
index 449d1fa211e..333e0a26970 100644
--- a/lib/public/share.php
+++ b/lib/public/share.php
@@ -125,11 +125,12 @@ class Share extends \OC\Share\Constants {
 	 * Get the item of item type shared with a given user by source
 	 * @param string $itemType
 	 * @param string $itemSource
-	 * @param string $user User user to whom the item was shared
+	 * @param string $user User to whom the item was shared
+	 * @param string $owner Owner of the share
 	 * @return array Return list of items with file_target, permissions and expiration
 	 */
-	public static function getItemSharedWithUser($itemType, $itemSource, $user) {
-		return \OC\Share\Share::getItemSharedWithUser($itemType, $itemSource, $user);
+	public static function getItemSharedWithUser($itemType, $itemSource, $user, $owner = null) {
+		return \OC\Share\Share::getItemSharedWithUser($itemType, $itemSource, $user, $owner);
 	}
 
 	/**
diff --git a/tests/lib/share/share.php b/tests/lib/share/share.php
index 7ae458a797d..b5cdab0025b 100644
--- a/tests/lib/share/share.php
+++ b/tests/lib/share/share.php
@@ -658,6 +658,50 @@ class Test_Share extends \Test\TestCase {
 		return $row;
 	}
 
+	public function testGetItemSharedWithUser() {
+		OC_User::setUserId($this->user1);
+
+		//add dummy values to the share table
+		$query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` ('
+			.' `item_type`, `item_source`, `item_target`, `share_type`,'
+			.' `share_with`, `uid_owner`) VALUES (?,?,?,?,?,?)');
+		$args = array('test', 99, 'target1', OCP\Share::SHARE_TYPE_USER, $this->user2, $this->user1);
+		$query->execute($args);
+		$args = array('test', 99, 'target2', OCP\Share::SHARE_TYPE_USER, $this->user4, $this->user1);
+		$query->execute($args);
+		$args = array('test', 99, 'target3', OCP\Share::SHARE_TYPE_USER, $this->user3, $this->user2);
+		$query->execute($args);
+		$args = array('test', 99, 'target4', OCP\Share::SHARE_TYPE_USER, $this->user3, $this->user4);
+		$query->execute($args);
+
+
+		$result1 = \OCP\Share::getItemSharedWithUser('test', 99, $this->user2, $this->user1);
+		$this->assertSame(1, count($result1));
+		$this->verifyResult($result1, array('target1'));
+
+		$result2 = \OCP\Share::getItemSharedWithUser('test', 99, null, $this->user1);
+		$this->assertSame(2, count($result2));
+		$this->verifyResult($result2, array('target1', 'target2'));
+
+		$result3 = \OCP\Share::getItemSharedWithUser('test', 99, $this->user3);
+		$this->assertSame(2, count($result3));
+		$this->verifyResult($result3, array('target3', 'target4'));
+
+		$result4 = \OCP\Share::getItemSharedWithUser('test', 99, null, null);
+		$this->assertSame(4, count($result4));
+		$this->verifyResult($result4, array('target1', 'target2', 'target3', 'target4'));
+	}
+
+	public function verifyResult($result, $expected) {
+		foreach ($result as $r) {
+			if (in_array($r['item_target'], $expected)) {
+				$key = array_search($r['item_target'], $expected);
+				unset($expected[$key]);
+			}
+		}
+		$this->assertEmpty($expected, 'did not found all expected values');
+	}
+
 	public function testShareItemWithLink() {
 		OC_User::setUserId($this->user1);
 		$token = OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_LINK, null, OCP\PERMISSION_READ);