diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2013-07-05 14:43:47 -0700 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2013-07-05 14:43:47 -0700 |
| commit | bc1c77664205c8e044cf611a9339773a9f8af2c6 (patch) | |
| tree | 269a27e1d7ab5a9d988104658981bbcbc8ffeba5 | |
| parent | 4e04a710b6a5e711e673e94d138d0ee1e1d6ef30 (diff) | |
| parent | 352c1415be55ae5797685d2ea22fcd07cdfbf4ec (diff) | |
| download | nextcloud-server-bc1c77664205c8e044cf611a9339773a9f8af2c6.tar.gz nextcloud-server-bc1c77664205c8e044cf611a9339773a9f8af2c6.zip | |
Merge pull request #3951 from owncloud/fixing-3936-master
get the real physical folder name for anonymous upload
| -rw-r--r-- | apps/files/ajax/upload.php | 15 | ||||
| -rw-r--r-- | lib/public/share.php | 13 |
2 files changed, 23 insertions, 5 deletions
diff --git a/apps/files/ajax/upload.php b/apps/files/ajax/upload.php index 8433716dec1..54604d10563 100644 --- a/apps/files/ajax/upload.php +++ b/apps/files/ajax/upload.php @@ -18,7 +18,6 @@ if (empty($_POST['dirToken'])) { } } else { $linkItem = OCP\Share::getShareByToken($_POST['dirToken']); - if ($linkItem === false) { OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Invalid Token'))))); die(); @@ -27,11 +26,21 @@ if (empty($_POST['dirToken'])) { if (!($linkItem['permissions'] & OCP\PERMISSION_CREATE)) { OCP\JSON::checkLoggedIn(); } else { + // Setup FS with owner + OC_Util::tearDownFS(); + OC_Util::setupFS($linkItem['uid_owner']); + + // translate linkItem to the real folder name on the file system + $sharedItem = OCP\Share::getSharedItem($linkItem['item_type'], $linkItem['item_source'], $linkItem['uid_owner']); + if (!$sharedItem || empty($sharedItem) || $sharedItem === false) { + OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.'))))); + die(); + } // The token defines the target directory (security reasons) $dir = sprintf( "/%s/%s", - $linkItem['file_target'], + $sharedItem['path'], isset($_POST['subdir']) ? $_POST['subdir'] : '' ); @@ -39,8 +48,6 @@ if (empty($_POST['dirToken'])) { OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.'))))); die(); } - // Setup FS with owner - OC_Util::setupFS($linkItem['uid_owner']); } } diff --git a/lib/public/share.php b/lib/public/share.php index de7025d7b15..28878c2c868 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -312,12 +312,23 @@ class Share { * @return Return depends on format */ public static function getItemShared($itemType, $itemSource, $format = self::FORMAT_NONE, - $parameters = null, $includeCollections = false) { + $parameters = null, $includeCollections = false) { return self::getItems($itemType, $itemSource, null, null, \OC_User::getUser(), $format, $parameters, -1, $includeCollections); } /** + * @param $itemType + * @param $itemSource + * @param $uid_owner + * @return mixed + */ + public static function getSharedItem($itemType, $itemSource, $uid_owner) { + return self::getItems($itemType, $itemSource, null, null, $uid_owner, self::FORMAT_NONE, + null, 1, false); + } + + /** * Get all users an item is shared with * @param string Item type * @param string Item source |