diff options
| author | Andy Scherzinger <info@andy-scherzinger.de> | 2023-08-28 18:33:20 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-08-28 18:33:20 +0200 |
| commit | 887bc6fd6e5948e016aca5b9a745afa30296dcf3 (patch) | |
| tree | 0b780fe5d7b907b101a152876d921e5c18055f1f | |
| parent | 68ae8706d83f726e4189059516008aa2a8863429 (diff) | |
| parent | 6076e7b8ce0cd47411b63f1b61192df1d42ba6f2 (diff) | |
| download | nextcloud-server-887bc6fd6e5948e016aca5b9a745afa30296dcf3.tar.gz nextcloud-server-887bc6fd6e5948e016aca5b9a745afa30296dcf3.zip | |
Merge pull request #40078 from nextcloud/backport/39699/stable27
[stable27] Hide shares by disabled users
| -rw-r--r-- | lib/private/Share20/Manager.php | 24 | ||||
| -rw-r--r-- | tests/lib/Share20/ManagerTest.php | 90 |
2 files changed, 96 insertions, 18 deletions
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 732bd5bb97d..c7d09a3d6f7 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -1352,7 +1352,7 @@ class Manager implements IManager { $added = 0; foreach ($shares as $share) { try { - $this->checkExpireDate($share); + $this->checkShare($share); } catch (ShareNotFound $e) { //Ignore since this basically means the share is deleted continue; @@ -1411,7 +1411,7 @@ class Manager implements IManager { // remove all shares which are already expired foreach ($shares as $key => $share) { try { - $this->checkExpireDate($share); + $this->checkShare($share); } catch (ShareNotFound $e) { unset($shares[$key]); } @@ -1457,7 +1457,7 @@ class Manager implements IManager { $share = $provider->getShareById($id, $recipient); - $this->checkExpireDate($share); + $this->checkShare($share); return $share; } @@ -1541,7 +1541,7 @@ class Manager implements IManager { throw new ShareNotFound($this->l->t('The requested share does not exist anymore')); } - $this->checkExpireDate($share); + $this->checkShare($share); /* * Reduce the permissions for link or email shares if public upload is not enabled @@ -1554,11 +1554,25 @@ class Manager implements IManager { return $share; } - protected function checkExpireDate($share) { + /** + * Check expire date and disabled owner + * + * @throws ShareNotFound + */ + protected function checkShare(IShare $share): void { if ($share->isExpired()) { $this->deleteShare($share); throw new ShareNotFound($this->l->t('The requested share does not exist anymore')); } + if ($this->config->getAppValue('files_sharing', 'hide_disabled_user_shares', 'no') === 'yes') { + $uids = array_unique([$share->getShareOwner(),$share->getSharedBy()]); + foreach ($uids as $uid) { + $user = $this->userManager->get($uid); + if ($user?->isEnabled() === false) { + throw new ShareNotFound($this->l->t('The requested share comes from a disabled user')); + } + } + } } /** diff --git a/tests/lib/Share20/ManagerTest.php b/tests/lib/Share20/ManagerTest.php index 0e56592e1a5..55d95ea4515 100644 --- a/tests/lib/Share20/ManagerTest.php +++ b/tests/lib/Share20/ManagerTest.php @@ -2714,10 +2714,12 @@ class ManagerTest extends \Test\TestCase { public function testGetShareByToken() { $this->config - ->expects($this->once()) + ->expects($this->exactly(2)) ->method('getAppValue') - ->with('core', 'shareapi_allow_links', 'yes') - ->willReturn('yes'); + ->willReturnMap([ + ['core', 'shareapi_allow_links', 'yes', 'yes'], + ['files_sharing', 'hide_disabled_user_shares', 'no', 'no'], + ]); $factory = $this->createMock(IProviderFactory::class); @@ -2760,10 +2762,12 @@ class ManagerTest extends \Test\TestCase { public function testGetShareByTokenRoom() { $this->config - ->expects($this->once()) + ->expects($this->exactly(2)) ->method('getAppValue') - ->with('core', 'shareapi_allow_links', 'yes') - ->willReturn('no'); + ->willReturnMap([ + ['core', 'shareapi_allow_links', 'yes', 'no'], + ['files_sharing', 'hide_disabled_user_shares', 'no', 'no'], + ]); $factory = $this->createMock(IProviderFactory::class); @@ -2813,10 +2817,12 @@ class ManagerTest extends \Test\TestCase { public function testGetShareByTokenWithException() { $this->config - ->expects($this->once()) + ->expects($this->exactly(2)) ->method('getAppValue') - ->with('core', 'shareapi_allow_links', 'yes') - ->willReturn('yes'); + ->willReturnMap([ + ['core', 'shareapi_allow_links', 'yes', 'yes'], + ['files_sharing', 'hide_disabled_user_shares', 'no', 'no'], + ]); $factory = $this->createMock(IProviderFactory::class); @@ -2864,6 +2870,61 @@ class ManagerTest extends \Test\TestCase { } + public function testGetShareByTokenHideDisabledUser() { + $this->expectException(\OCP\Share\Exceptions\ShareNotFound::class); + $this->expectExceptionMessage('The requested share comes from a disabled user'); + + $this->config + ->expects($this->exactly(2)) + ->method('getAppValue') + ->willReturnMap([ + ['core', 'shareapi_allow_links', 'yes', 'yes'], + ['files_sharing', 'hide_disabled_user_shares', 'no', 'yes'], + ]); + + $this->l->expects($this->once()) + ->method('t') + ->willReturnArgument(0); + + $manager = $this->createManagerMock() + ->setMethods(['deleteShare']) + ->getMock(); + + $date = new \DateTime(); + $date->setTime(0, 0, 0); + $date->add(new \DateInterval('P2D')); + $share = $this->manager->newShare(); + $share->setExpirationDate($date); + $share->setShareOwner('owner'); + $share->setSharedBy('sharedBy'); + + $sharedBy = $this->createMock(IUser::class); + $owner = $this->createMock(IUser::class); + + $this->userManager->method('get')->willReturnMap([ + ['sharedBy', $sharedBy], + ['owner', $owner], + ]); + + $owner->expects($this->once()) + ->method('isEnabled') + ->willReturn(true); + $sharedBy->expects($this->once()) + ->method('isEnabled') + ->willReturn(false); + + $this->defaultProvider->expects($this->once()) + ->method('getShareByToken') + ->with('expiredToken') + ->willReturn($share); + + $manager->expects($this->never()) + ->method('deleteShare'); + + $manager->getShareByToken('expiredToken'); + } + + public function testGetShareByTokenExpired() { $this->expectException(\OCP\Share\Exceptions\ShareNotFound::class); $this->expectExceptionMessage('The requested share does not exist anymore'); @@ -2901,10 +2962,12 @@ class ManagerTest extends \Test\TestCase { public function testGetShareByTokenNotExpired() { $this->config - ->expects($this->once()) + ->expects($this->exactly(2)) ->method('getAppValue') - ->with('core', 'shareapi_allow_links', 'yes') - ->willReturn('yes'); + ->willReturnMap([ + ['core', 'shareapi_allow_links', 'yes', 'yes'], + ['files_sharing', 'hide_disabled_user_shares', 'no', 'no'], + ]); $date = new \DateTime(); $date->setTime(0, 0, 0); @@ -2936,11 +2999,12 @@ class ManagerTest extends \Test\TestCase { public function testGetShareByTokenPublicUploadDisabled() { $this->config - ->expects($this->exactly(2)) + ->expects($this->exactly(3)) ->method('getAppValue') ->willReturnMap([ ['core', 'shareapi_allow_links', 'yes', 'yes'], ['core', 'shareapi_allow_public_upload', 'yes', 'no'], + ['files_sharing', 'hide_disabled_user_shares', 'no', 'no'], ]); $share = $this->manager->newShare(); |