Don't allow public share pages if link sharing is disabled

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

2 files changed, 27 insertions, 26 deletions

diff --git a/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php b/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php
index 4ae63f63837..b5f1178b7f0 100644
--- a/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php
+++ b/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php
@@ -101,15 +101,6 @@ class SharingCheckMiddleware extends Middleware {
 		if ($controller instanceof ExternalSharesController &&
 			!$this->externalSharesChecks()) {
 			throw new S2SException('Federated sharing not allowed');
-		} else if ($controller instanceof ShareController) {
-			/*
-			$token = $this->request->getParam('token');
-			$share = $this->shareManager->getShareByToken($token);
-			if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK
-				&& !$this->isLinkSharingEnabled()) {
-				throw new NotFoundException('Link sharing is disabled');
-			}
-			*/
 		}
 	}
 
@@ -167,22 +158,6 @@ class SharingCheckMiddleware extends Middleware {
 		return true;
 	}
 
-	/**
-	 * Check if link sharing is allowed
-	 * @return bool
-	 */
-	private function isLinkSharingEnabled() {
-		// Check if the shareAPI is enabled
-		if ($this->config->getAppValue('core', 'shareapi_enabled', 'yes') !== 'yes') {
-			return false;
-		}
 
-		// Check whether public sharing is enabled
-		if($this->config->getAppValue('core', 'shareapi_allow_links', 'yes') !== 'yes') {
-			return false;
-		}
-
-		return true;
-	}
 
 }
diff --git a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php
index 38267779e65..92b1673b640 100644
--- a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php
+++ b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php
@@ -9,6 +9,7 @@ use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\Middleware;
 use OCP\AppFramework\PublicShareController;
 use OCP\Files\NotFoundException;
+use OCP\IConfig;
 use OCP\IRequest;
 use OCP\ISession;
 
@@ -19,9 +20,13 @@ class PublicShareMiddleware extends Middleware {
 	/** @var ISession */
 	private $session;
 
-	public function __construct(IRequest $request, ISession $session) {
+	/** @var IConfig */
+	private $config;
+
+	public function __construct(IRequest $request, ISession $session, IConfig $config) {
 		$this->request = $request;
 		$this->session = $session;
+		$this->config = $config;
 	}
 
 	public function beforeController($controller, $methodName) {
@@ -29,6 +34,10 @@ class PublicShareMiddleware extends Middleware {
 			return;
 		}
 
+		if (!$this->isLinkSharingEnabled()) {
+			throw new NotFoundException('Link sharing is disabled');
+		}
+
 		// We require the token parameter to be set
 		$token = $this->request->getParam('token');
 		if ($token === null) {
@@ -83,4 +92,21 @@ class PublicShareMiddleware extends Middleware {
 		$tmp = explode('.', $route);
 		return array_pop($tmp);
 	}
+
+	/**
+	 * Check if link sharing is allowed
+	 */
+	private function isLinkSharingEnabled(): bool {
+		// Check if the shareAPI is enabled
+		if ($this->config->getAppValue('core', 'shareapi_enabled', 'yes') !== 'yes') {
+			return false;
+		}
+
+		// Check whether public sharing is enabled
+		if($this->config->getAppValue('core', 'shareapi_allow_links', 'yes') !== 'yes') {
+			return false;
+		}
+
+		return true;
+	}
 }