diff options
| author | Jan-Philipp Litza <jpl@plutex.de> | 2022-11-16 15:25:10 +0100 |
|---|---|---|
| committer | Jan-Philipp Litza <jpl@plutex.de> | 2022-12-06 16:00:20 +0100 |
| commit | a7abe2c35a170d60b6860aa929fe9c3c658c4bc8 (patch) | |
| tree | 6a84ee79b6ab7a6d442caf34f872a8e8c25284cd /apps/files_sharing/lib | |
| parent | b62d3c4f39bb2c7600e6a9016ba6696da547b6a8 (diff) | |
| download | nextcloud-server-a7abe2c35a170d60b6860aa929fe9c3c658c4bc8.tar.gz nextcloud-server-a7abe2c35a170d60b6860aa929fe9c3c658c4bc8.zip | |
Honor permissions of new link share via OCS API
The API currently overrides the supplied permissions with "read only"
when a file is shared via link. It allows to update the permissions
later, however.
This keeps the default to "read only" but honors the permissions
supplied by API call if any.
Signed-off-by: Jan-Philipp Litza <jpl@plutex.de>
Diffstat (limited to 'apps/files_sharing/lib')
| -rw-r--r-- | apps/files_sharing/lib/Controller/ShareAPIController.php | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/apps/files_sharing/lib/Controller/ShareAPIController.php b/apps/files_sharing/lib/Controller/ShareAPIController.php index 43f43d10731..ab318a81fc2 100644 --- a/apps/files_sharing/lib/Controller/ShareAPIController.php +++ b/apps/files_sharing/lib/Controller/ShareAPIController.php @@ -478,7 +478,14 @@ class ShareAPIController extends OCSController { $share = $this->shareManager->newShare(); if ($permissions === null) { - $permissions = (int)$this->config->getAppValue('core', 'shareapi_default_permissions', (string)Constants::PERMISSION_ALL); + if ($shareType === IShare::TYPE_LINK + || $shareType === IShare::TYPE_EMAIL) { + + // to keep legacy default behaviour, we ignore the setting below for link shares + $permissions = Constants::PERMISSION_READ; + } else { + $permissions = (int)$this->config->getAppValue('core', 'shareapi_default_permissions', (string)Constants::PERMISSION_ALL); + } } // Verify path @@ -581,8 +588,6 @@ class ShareAPIController extends OCSController { Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE; - } else { - $permissions = Constants::PERMISSION_READ; } // TODO: It might make sense to have a dedicated setting to allow/deny converting link shares into federated ones |