diff options
| author | Roeland Jago Douma <rullzer@owncloud.com> | 2016-01-27 16:46:48 +0100 |
|---|---|---|
| committer | Roeland Jago Douma <rullzer@owncloud.com> | 2016-01-27 20:34:06 +0100 |
| commit | b321ceef60d98f3c8224c6bacc402c1ec1d08920 (patch) | |
| tree | 77eb788a455e7a7a2ef3562c2ef8ca3e9aea2d31 /apps/files_sharing/api | |
| parent | 35a3432793919303726a7ea03d6a714db4b40707 (diff) | |
| download | nextcloud-server-b321ceef60d98f3c8224c6bacc402c1ec1d08920.tar.gz nextcloud-server-b321ceef60d98f3c8224c6bacc402c1ec1d08920.zip | |
[Share 2.0] Also handle empty parameter in updateShare
* More sanity checks
* More unit tests
Diffstat (limited to 'apps/files_sharing/api')
| -rw-r--r-- | apps/files_sharing/api/share20ocs.php | 69 |
1 files changed, 45 insertions, 24 deletions
diff --git a/apps/files_sharing/api/share20ocs.php b/apps/files_sharing/api/share20ocs.php index 081c3b16999..d49ef7ad45f 100644 --- a/apps/files_sharing/api/share20ocs.php +++ b/apps/files_sharing/api/share20ocs.php @@ -452,42 +452,63 @@ class Share20OCS { } if (!$this->canAccessShare($share)) { - return new \OC_OCS_Result(null, 404, "wrong share Id, share doesn't exist."); + return new \OC_OCS_Result(null, 404, 'wrong share Id, share doesn\'t exist.'); } $permissions = $this->request->getParam('permissions', null); - $password = $this->request->getParam('password', null); + $password = $this->request->getParam('password', ''); $publicUpload = $this->request->getParam('publicUpload', null); - $expireDate = $this->request->getParam('expireDate', null); + $expireDate = $this->request->getParam('expireDate', ''); + + /* + * expirationdate, password and publicUpload only make sense for link shares + */ + if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) { + if ($password === null && $publicUpload === null && $expireDate === null) { + return new \OC_OCS_Result(null, 400, 'Wrong or no update parameter given'); + } - if ($permissions === null && $password === null && $publicUpload === null && $expireDate === null) { - return new \OC_OCS_Result(null, 400, 'Wrong or no update parameter given'); - } + if ($expireDate === '') { + $share->setExpirationDate(null); + } else { + try { + $expireDate = $this->parseDate($expireDate); + } catch (\Exception $e) { + return new \OC_OCS_Result(null, 400, $e->getMessage()); + } + $share->setExpirationDate($expireDate); + } - if ($expireDate !== null) { - try { - $expireDate = $this->parseDate($expireDate); - } catch (\Exception $e) { - return new \OC_OCS_Result(null, 400, $e->getMessage()); + if ($password === '') { + $share->setPassword(null); + } else { + $share->setPassword($password); } - $share->setExpirationDate($expireDate); - } - if ($permissions !== null) { - $permissions = (int)$permissions; - $share->setPermissions($permissions); - } + if ($publicUpload === 'true') { + if(!$this->shareManager->shareApiLinkAllowPublicUpload()) { + return new \OC_OCS_Result(null, 403, "public upload disabled by the administrator"); + } - if ($password !== null) { - $share->setPassword($password); - } + if (!($share->getPath() instanceof \OCP\Files\Folder)) { + return new \OC_OCS_Result(null, 400, "public upload is only possible for public shared folders"); + } - if ($publicUpload === 'true') { - $share->setPermissions(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE); - } else if ($publicUpload === 'false') { - $share->setPermissions(\OCP\Constants::PERMISSION_READ); + $share->setPermissions(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE); + } else if ($publicUpload === 'false') { + $share->setPermissions(\OCP\Constants::PERMISSION_READ); + } + } else { + if ($permissions === null) { + return new \OC_OCS_Result(null, 400, 'Wrong or no update parameter given'); + } else { + $permissions = (int)$permissions; + $share->setPermissions($permissions); + } } + + try { $share = $this->shareManager->updateShare($share); } catch (\Exception $e) { |