diff options
| author | Maxence Lange <maxence@artificial-owl.com> | 2018-11-01 13:41:19 +0100 |
|---|---|---|
| committer | Julius Härtl <jus@bitgrid.net> | 2018-11-02 12:10:48 +0100 |
| commit | 236a293f6a8b983ee832151c592a4e469ed0621e (patch) | |
| tree | e7f20833dc3e0df7489f9c739d5d6e1f0fdee226 /apps/files_sharing/lib/Controller | |
| parent | 2a17811caf4710bdacca2639be934f8a90c8dc3d (diff) | |
| download | nextcloud-server-236a293f6a8b983ee832151c592a4e469ed0621e.tar.gz nextcloud-server-236a293f6a8b983ee832151c592a4e469ed0621e.zip | |
check parents resharing rights
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Diffstat (limited to 'apps/files_sharing/lib/Controller')
| -rw-r--r-- | apps/files_sharing/lib/Controller/ShareAPIController.php | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/apps/files_sharing/lib/Controller/ShareAPIController.php b/apps/files_sharing/lib/Controller/ShareAPIController.php index 86481131334..b5c833a6f96 100644 --- a/apps/files_sharing/lib/Controller/ShareAPIController.php +++ b/apps/files_sharing/lib/Controller/ShareAPIController.php @@ -39,7 +39,6 @@ use OCP\AppFramework\OCS\OCSNotFoundException; use OCP\AppFramework\OCSController; use OCP\AppFramework\QueryException; use OCP\Constants; -use OCP\Files\Folder; use OCP\Files\Node; use OCP\Files\NotFoundException; use OCP\IConfig; @@ -727,11 +726,10 @@ class ShareAPIController extends OCSController { foreach ($shares as $share) { try { $formatted[] = $this->formatShare($share, $path); - if (!$resharingRight && $this->shareProviderResharingRights($this->currentUser, $share)) { + if ($path !== null && !$resharingRight && $this->shareProviderResharingRights($this->currentUser, $share, $path)) { $resharingRight = true; } - - } catch (NotFoundException $e) { + } catch (\Exception $e) { //Ignore share } } @@ -1119,15 +1117,25 @@ class ShareAPIController extends OCSController { /** * Returns if we can find resharing rights in an IShare object for a specific user. * + * @suppress PhanUndeclaredClassMethod + * * @param string $userId * @param IShare $share + * @param Node $node * @return bool + * @throws NotFoundException + * @throws \OCP\Files\InvalidPathException */ - private function shareProviderResharingRights(string $userId, IShare $share): bool { + private function shareProviderResharingRights(string $userId, IShare $share, Node $node): bool { if ($share->getShareOwner() === $userId) { return true; } + // we check that current user have parent resharing rights on the current file + if (($node->getPermissions() & \OCP\Constants::PERMISSION_SHARE) !== 0) { + return true; + } + if ((\OCP\Constants::PERMISSION_SHARE & $share->getPermissions()) === 0) { return false; } @@ -1141,7 +1149,7 @@ class ShareAPIController extends OCSController { } if ($share->getShareType() === \OCP\Share::SHARE_TYPE_CIRCLE && \OC::$server->getAppManager()->isEnabledForUser('circles') && - class_exists('\OCA\Circles\Api\v1\Circles')) { + class_exists('\OCA\Circles\Api\v1\Circles')) { $hasCircleId = (substr($share->getSharedWith(), -1) === ']'); $shareWithStart = ($hasCircleId ? strrpos($share->getSharedWith(), '[') + 1 : 0); $shareWithLength = ($hasCircleId ? -1 : strpos($share->getSharedWith(), ' ')); |