diff options
| author | Bjoern Schiessle <schiessle@owncloud.com> | 2014-06-04 18:41:47 +0200 |
|---|---|---|
| committer | Robin Appelman <icewind@owncloud.com> | 2014-06-06 09:56:02 +0200 |
| commit | 86d7371d0c797d5c97198eebf9152ad748961927 (patch) | |
| tree | 5145d744eec40d85dbff8b101ec204a772c92855 | |
| parent | 09970e1816644661d4ad1984793232c880aac1ac (diff) | |
| download | nextcloud-server-86d7371d0c797d5c97198eebf9152ad748961927.tar.gz nextcloud-server-86d7371d0c797d5c97198eebf9152ad748961927.zip | |
fix unshareFromSelf()
| -rw-r--r-- | apps/files_sharing/lib/sharedstorage.php | 21 | ||||
| -rw-r--r-- | apps/files_sharing/tests/share.php | 65 | ||||
| -rw-r--r-- | lib/private/share/share.php | 61 |
3 files changed, 115 insertions, 32 deletions
diff --git a/apps/files_sharing/lib/sharedstorage.php b/apps/files_sharing/lib/sharedstorage.php index 6b2873302a5..59de2dfa4c4 100644 --- a/apps/files_sharing/lib/sharedstorage.php +++ b/apps/files_sharing/lib/sharedstorage.php @@ -403,15 +403,18 @@ class Shared extends \OC\Files\Storage\Common { || $shares ) { foreach ($shares as $share) { - $mount = new SharedMount( - '\OC\Files\Storage\Shared', - $options['user_dir'] . '/' . $share['file_target'], - array( - 'share' => $share, - ), - $loader - ); - $manager->addMount($mount); + // don't mount shares where we have no permissions + if ($share['permissions'] > 0) { + $mount = new SharedMount( + '\OC\Files\Storage\Shared', + $options['user_dir'] . '/' . $share['file_target'], + array( + 'share' => $share, + ), + $loader + ); + $manager->addMount($mount); + } } } } diff --git a/apps/files_sharing/tests/share.php b/apps/files_sharing/tests/share.php index 195fac461be..d3ca1816c75 100644 --- a/apps/files_sharing/tests/share.php +++ b/apps/files_sharing/tests/share.php @@ -60,6 +60,71 @@ class Test_Files_Sharing extends Test_Files_Sharing_Base { parent::tearDown(); } + function testUnshareFromSelf() { + + \OC_Group::createGroup('testGroup'); + \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); + \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER3, 'testGroup'); + + $fileinfo = $this->view->getFileInfo($this->filename); + + $pathinfo = pathinfo($this->filename); + + $duplicate = '/' . $pathinfo['filename'] . ' (2).' . $pathinfo['extension']; + + $result = \OCP\Share::shareItem('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_USER, + \Test_Files_Sharing::TEST_FILES_SHARING_API_USER2, 31); + + $this->assertTrue($result); + + $result = \OCP\Share::shareItem('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, + 'testGroup', 31); + + $this->assertTrue($result); + + self::loginHelper(self::TEST_FILES_SHARING_API_USER2); + $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); + $this->assertTrue(\OC\Files\Filesystem::file_exists($duplicate)); + + self::loginHelper(self::TEST_FILES_SHARING_API_USER3); + $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); + $this->assertFalse(\OC\Files\Filesystem::file_exists($duplicate)); + + self::loginHelper(self::TEST_FILES_SHARING_API_USER2); + \OC\Files\Filesystem::unlink($this->filename); + self::loginHelper(self::TEST_FILES_SHARING_API_USER2); + $this->assertFalse(\OC\Files\Filesystem::file_exists($this->filename)); + $this->assertTrue(\OC\Files\Filesystem::file_exists($duplicate)); + + // for user3 nothing should change + self::loginHelper(self::TEST_FILES_SHARING_API_USER3); + $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); + $this->assertFalse(\OC\Files\Filesystem::file_exists($duplicate)); + + self::loginHelper(self::TEST_FILES_SHARING_API_USER2); + \OC\Files\Filesystem::unlink($duplicate); + self::loginHelper(self::TEST_FILES_SHARING_API_USER2); + $this->assertFalse(\OC\Files\Filesystem::file_exists($this->filename)); + $this->assertFalse(\OC\Files\Filesystem::file_exists($duplicate)); + + // for user3 nothing should change + self::loginHelper(self::TEST_FILES_SHARING_API_USER3); + $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); + $this->assertFalse(\OC\Files\Filesystem::file_exists($duplicate)); + + //cleanup + self::loginHelper(self::TEST_FILES_SHARING_API_USER1); + \OCP\Share::unshare('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, + 'testGroup'); + \OCP\Share::unshare('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_USER, + self::TEST_FILES_SHARING_API_USER2); + \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); + \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); + \OC_Group::deleteGroup('testGroup'); + + + } + /** * shared files should never have delete permissions * @dataProvider DataProviderTestFileSharePermissions diff --git a/lib/private/share/share.php b/lib/private/share/share.php index 10b3cc34467..646405a37b5 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -717,33 +717,48 @@ class Share extends \OC\Share\Constants { * Unsharing from self is not allowed for items inside collections */ public static function unshareFromSelf($itemType, $itemTarget) { - $item = self::getItemSharedWith($itemType, $itemTarget); - if (!empty($item)) { - if ((int)$item['share_type'] === self::SHARE_TYPE_GROUP) { - // Insert an extra row for the group share and set permission - // to 0 to prevent it from showing up for the user - $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share`' + + if ($itemType === 'file' || $itemType === 'folder') { + $statement = 'SELECT * FROM `*PREFIX*share` WHERE `item_type` = ? and `file_target` = ?'; + } else { + $statement = 'SELECT * FROM `*PREFIX*share` WHERE `item_type` = ? and `item_target` = ?'; + } + + $query = \OCP\DB::prepare($statement); + $result = $query->execute(array($itemType, $itemTarget)); + + $shares = $result->fetchAll(); + + $itemUnshared = false; + foreach ($shares as $share) { + if ((int)$share['share_type'] === \OCP\Share::SHARE_TYPE_USER) { + Helper::delete($share['id']); + $itemUnshared = true; + break; + } elseif ((int)$share['share_type'] === \OCP\Share::SHARE_TYPE_GROUP) { + $groupShare = $share; + } elseif ((int)$share['share_type'] === self::$shareTypeGroupUserUnique) { + $uniqueGroupShare = $share; + } + } + + if (!$itemUnshared && isset($groupShare)) { + $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share`' .' (`item_type`, `item_source`, `item_target`, `parent`, `share_type`,' .' `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`, `file_target`)' .' VALUES (?,?,?,?,?,?,?,?,?,?,?)'); - $query->execute(array($item['item_type'], $item['item_source'], $item['item_target'], - $item['id'], self::$shareTypeGroupUserUnique, - \OC_User::getUser(), $item['uid_owner'], 0, $item['stime'], $item['file_source'], - $item['file_target'])); - \OC_DB::insertid('*PREFIX*share'); - // Delete all reshares by this user of the group share - Helper::delete($item['id'], true, \OC_User::getUser()); - } else if ((int)$item['share_type'] === self::$shareTypeGroupUserUnique) { - // Set permission to 0 to prevent it from showing up for the user - $query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `permissions` = ? WHERE `id` = ?'); - $query->execute(array(0, $item['id'])); - Helper::delete($item['id'], true); - } else { - Helper::delete($item['id']); - } - return true; + $query->execute(array($groupShare['item_type'], $groupShare['item_source'], $groupShare['item_target'], + $groupShare['id'], self::$shareTypeGroupUserUnique, + \OC_User::getUser(), $groupShare['uid_owner'], 0, $groupShare['stime'], $groupShare['file_source'], + $groupShare['file_target'])); + $itemUnshared = true; + } elseif (!$itemUnshared && isset($uniqueGroupShare)) { + $query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `permissions` = ? WHERE `id` = ?'); + $query->execute(array(0, $uniqueGroupShare['id'])); + $itemUnshared = true; } - return false; + + return $itemUnshared; } /** |