aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMaxence Lange <maxence@artificial-owl.com>2024-12-05 19:57:10 -0100
committerMaxence Lange <maxence@artificial-owl.com>2024-12-05 19:58:13 -0100
commitabd24f9bef7c86a8e449c93ee4a24e853639c6db (patch)
tree2f8849ff24c7a2de10e0e6a74059e846ceb1e4de
parentac470184e77692c1f7abf0c83b155db18f5a843c (diff)
downloadnextcloud-server-abd24f9bef7c86a8e449c93ee4a24e853639c6db.tar.gz
nextcloud-server-abd24f9bef7c86a8e449c93ee4a24e853639c6db.zip
fix(signed-request): use share owner on reshare
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
-rw-r--r--apps/cloud_federation_api/lib/Controller/RequestHandlerController.php2
-rw-r--r--apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php10
2 files changed, 9 insertions, 3 deletions
diff --git a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php
index bee18da6023..86af7924e6f 100644
--- a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php
+++ b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php
@@ -441,7 +441,7 @@ class RequestHandlerController extends Controller {
return;
}
} elseif ($instance !== $signedRequest->getOrigin()) {
- throw new IncomingRequestException('remote instance {instance} not linked to origin {origin}', ['instance' => $instance, 'origin' => $signedRequest->getOrigin()]);
+ throw new IncomingRequestException('remote instance ' . $instance . ' not linked to origin ' . $signedRequest->getOrigin());
}
}
diff --git a/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php b/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php
index ddf481affad..8821ff9834e 100644
--- a/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php
+++ b/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php
@@ -766,10 +766,16 @@ class CloudFederationProviderFiles implements ISignedCloudFederationProvider {
$provider = $this->shareProviderFactory->getProviderForType(IShare::TYPE_REMOTE);
try {
$share = $provider->getShareByToken($sharedSecret);
- } catch (ShareNotFound $e) {
+ } catch (ShareNotFound) {
return '';
}
- return $share->getSharedWith();
+ // if uid_owner is a local account, the request comes from the recipient
+ // if not, request comes from the instance that owns the share and recipient is the re-sharer
+ if ($this->userManager->get($share->getShareOwner()) !== null) {
+ return $share->getSharedWith();
+ } else {
+ return $share->getShareOwner();
+ }
}
}