diff options
| author | Jan-Philipp Litza <jpl@plutex.de> | 2022-11-16 15:25:10 +0100 |
|---|---|---|
| committer | Jan-Philipp Litza <jpl@plutex.de> | 2022-12-06 16:00:20 +0100 |
| commit | a7abe2c35a170d60b6860aa929fe9c3c658c4bc8 (patch) | |
| tree | 6a84ee79b6ab7a6d442caf34f872a8e8c25284cd /apps/files_sharing | |
| parent | b62d3c4f39bb2c7600e6a9016ba6696da547b6a8 (diff) | |
| download | nextcloud-server-a7abe2c35a170d60b6860aa929fe9c3c658c4bc8.tar.gz nextcloud-server-a7abe2c35a170d60b6860aa929fe9c3c658c4bc8.zip | |
Honor permissions of new link share via OCS API
The API currently overrides the supplied permissions with "read only"
when a file is shared via link. It allows to update the permissions
later, however.
This keeps the default to "read only" but honors the permissions
supplied by API call if any.
Signed-off-by: Jan-Philipp Litza <jpl@plutex.de>
Diffstat (limited to 'apps/files_sharing')
| -rw-r--r-- | apps/files_sharing/lib/Controller/ShareAPIController.php | 11 | ||||
| -rw-r--r-- | apps/files_sharing/tests/ApiTest.php | 3 | ||||
| -rw-r--r-- | apps/files_sharing/tests/Controller/ShareAPIControllerTest.php | 8 |
3 files changed, 13 insertions, 9 deletions
diff --git a/apps/files_sharing/lib/Controller/ShareAPIController.php b/apps/files_sharing/lib/Controller/ShareAPIController.php index 43f43d10731..ab318a81fc2 100644 --- a/apps/files_sharing/lib/Controller/ShareAPIController.php +++ b/apps/files_sharing/lib/Controller/ShareAPIController.php @@ -478,7 +478,14 @@ class ShareAPIController extends OCSController { $share = $this->shareManager->newShare(); if ($permissions === null) { - $permissions = (int)$this->config->getAppValue('core', 'shareapi_default_permissions', (string)Constants::PERMISSION_ALL); + if ($shareType === IShare::TYPE_LINK + || $shareType === IShare::TYPE_EMAIL) { + + // to keep legacy default behaviour, we ignore the setting below for link shares + $permissions = Constants::PERMISSION_READ; + } else { + $permissions = (int)$this->config->getAppValue('core', 'shareapi_default_permissions', (string)Constants::PERMISSION_ALL); + } } // Verify path @@ -581,8 +588,6 @@ class ShareAPIController extends OCSController { Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE; - } else { - $permissions = Constants::PERMISSION_READ; } // TODO: It might make sense to have a dedicated setting to allow/deny converting link shares into federated ones diff --git a/apps/files_sharing/tests/ApiTest.php b/apps/files_sharing/tests/ApiTest.php index 9b88297a309..4d7389be24e 100644 --- a/apps/files_sharing/tests/ApiTest.php +++ b/apps/files_sharing/tests/ApiTest.php @@ -211,8 +211,7 @@ class ApiTest extends TestCase { $ocs->cleanup(); $data = $result->getData(); - $this->assertEquals(\OCP\Constants::PERMISSION_READ | - \OCP\Constants::PERMISSION_SHARE, + $this->assertEquals(\OCP\Constants::PERMISSION_ALL, $data['permissions']); $this->assertEmpty($data['expiration']); $this->assertTrue(is_string($data['token'])); diff --git a/apps/files_sharing/tests/Controller/ShareAPIControllerTest.php b/apps/files_sharing/tests/Controller/ShareAPIControllerTest.php index 6f053eef124..6405181d0dc 100644 --- a/apps/files_sharing/tests/Controller/ShareAPIControllerTest.php +++ b/apps/files_sharing/tests/Controller/ShareAPIControllerTest.php @@ -2055,7 +2055,7 @@ class ShareAPIControllerTest extends TestCase { $this->callback(function (\OCP\Share\IShare $share) use ($path) { return $share->getNode() === $path && $share->getShareType() === IShare::TYPE_LINK && - $share->getPermissions() === \OCP\Constants::PERMISSION_READ && + $share->getPermissions() === \OCP\Constants::PERMISSION_ALL && $share->getSharedBy() === 'currentUser' && $share->getPassword() === 'password' && $share->getExpirationDate() === null; @@ -2095,7 +2095,7 @@ class ShareAPIControllerTest extends TestCase { $this->callback(function (\OCP\Share\IShare $share) use ($path) { return $share->getNode() === $path && $share->getShareType() === IShare::TYPE_LINK && - $share->getPermissions() === \OCP\Constants::PERMISSION_READ && + $share->getPermissions() === \OCP\Constants::PERMISSION_ALL && $share->getSharedBy() === 'currentUser' && $share->getPassword() === 'password' && $share->getSendPasswordByTalk() === true && @@ -2179,7 +2179,7 @@ class ShareAPIControllerTest extends TestCase { return $share->getNode() === $path && $share->getShareType() === IShare::TYPE_LINK && - $share->getPermissions() === \OCP\Constants::PERMISSION_READ && + $share->getPermissions() === \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_SHARE && $share->getSharedBy() === 'currentUser' && $share->getPassword() === null && $share->getExpirationDate() == $date; @@ -2187,7 +2187,7 @@ class ShareAPIControllerTest extends TestCase { )->willReturnArgument(0); $expected = new DataResponse([]); - $result = $ocs->createShare('valid-path', \OCP\Constants::PERMISSION_ALL, IShare::TYPE_LINK, null, 'false', '', null, '2000-01-01'); + $result = $ocs->createShare('valid-path', null, IShare::TYPE_LINK, null, 'false', '', null, '2000-01-01'); $this->assertInstanceOf(get_class($expected), $result); $this->assertEquals($expected->getData(), $result->getData()); |