aboutsummaryrefslogtreecommitdiffstats
path: root/apps/files_sharing
diff options
context:
space:
mode:
authorBjoern Schiessle <bjoern@schiessle.org>2017-01-04 13:33:45 +0100
committerBjoern Schiessle <bjoern@schiessle.org>2017-01-04 21:23:26 +0100
commit0c11209d33178a93cb8229573c445b49eaf2326f (patch)
treee40556f372f312b128ae7208ad78bce523483e7e /apps/files_sharing
parenta45137bbca0bd79a6f20dafb72e1f30ebbb3ab8e (diff)
downloadnextcloud-server-0c11209d33178a93cb8229573c445b49eaf2326f.tar.gz
nextcloud-server-0c11209d33178a93cb8229573c445b49eaf2326f.zip
allow to access mail shares even if public links are disabled
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
Diffstat (limited to 'apps/files_sharing')
-rw-r--r--apps/files_sharing/lib/AppInfo/Application.php4
-rw-r--r--apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php30
-rw-r--r--apps/files_sharing/tests/Middleware/SharingCheckMiddlewareTest.php34
3 files changed, 61 insertions, 7 deletions
diff --git a/apps/files_sharing/lib/AppInfo/Application.php b/apps/files_sharing/lib/AppInfo/Application.php
index 922db7dac75..403d30ae2e6 100644
--- a/apps/files_sharing/lib/AppInfo/Application.php
+++ b/apps/files_sharing/lib/AppInfo/Application.php
@@ -111,7 +111,9 @@ class Application extends App {
$c->query('AppName'),
$server->getConfig(),
$server->getAppManager(),
- $c['ControllerMethodReflector']
+ $c['ControllerMethodReflector'],
+ $server->getShareManager(),
+ $server->getRequest()
);
});
diff --git a/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php b/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php
index 7e9109bf2d1..5712b96b97d 100644
--- a/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php
+++ b/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php
@@ -25,6 +25,8 @@
namespace OCA\Files_Sharing\Middleware;
+use OCA\Files_Sharing\Controller\ExternalSharesController;
+use OCA\Files_Sharing\Controller\ShareController;
use OCP\App\IAppManager;
use OCP\AppFramework\Http\NotFoundResponse;
use OCP\AppFramework\Middleware;
@@ -33,6 +35,8 @@ use OCP\IConfig;
use OCP\AppFramework\Utility\IControllerMethodReflector;
use OCA\Files_Sharing\Exceptions\S2SException;
use OCP\AppFramework\Http\JSONResponse;
+use OCP\IRequest;
+use OCP\Share\IManager;
/**
* Checks whether the "sharing check" is enabled
@@ -49,21 +53,32 @@ class SharingCheckMiddleware extends Middleware {
protected $appManager;
/** @var IControllerMethodReflector */
protected $reflector;
+ /** @var IManager */
+ protected $shareManager;
+ /** @var IRequest */
+ protected $request;
/***
* @param string $appName
* @param IConfig $config
* @param IAppManager $appManager
+ * @param IControllerMethodReflector $reflector
+ * @param IManager $shareManager
+ * @param IRequest $request
*/
public function __construct($appName,
IConfig $config,
IAppManager $appManager,
- IControllerMethodReflector $reflector
+ IControllerMethodReflector $reflector,
+ IManager $shareManager,
+ IRequest $request
) {
$this->appName = $appName;
$this->config = $config;
$this->appManager = $appManager;
$this->reflector = $reflector;
+ $this->shareManager = $shareManager;
+ $this->request = $request;
}
/**
@@ -72,18 +87,23 @@ class SharingCheckMiddleware extends Middleware {
* @param \OCP\AppFramework\Controller $controller
* @param string $methodName
* @throws NotFoundException
+ * @throws S2SException
*/
public function beforeController($controller, $methodName) {
if(!$this->isSharingEnabled()) {
throw new NotFoundException('Sharing is disabled.');
}
- if ($controller instanceof \OCA\Files_Sharing\Controller\ExternalSharesController &&
+ if ($controller instanceof ExternalSharesController &&
!$this->externalSharesChecks()) {
throw new S2SException('Federated sharing not allowed');
- } else if ($controller instanceof \OCA\Files_Sharing\Controller\ShareController &&
- !$this->isLinkSharingEnabled()) {
- throw new NotFoundException('Link sharing is disabled');
+ } else if ($controller instanceof ShareController) {
+ $token = $this->request->getParam('token');
+ $share = $this->shareManager->getShareByToken($token);
+ if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK
+ && !$this->isLinkSharingEnabled()) {
+ throw new NotFoundException('Link sharing is disabled');
+ }
}
}
diff --git a/apps/files_sharing/tests/Middleware/SharingCheckMiddlewareTest.php b/apps/files_sharing/tests/Middleware/SharingCheckMiddlewareTest.php
index c2965d04b6b..8d7d42722b9 100644
--- a/apps/files_sharing/tests/Middleware/SharingCheckMiddlewareTest.php
+++ b/apps/files_sharing/tests/Middleware/SharingCheckMiddlewareTest.php
@@ -34,6 +34,9 @@ use OCP\AppFramework\Utility\IControllerMethodReflector;
use OCA\Files_Sharing\Exceptions\S2SException;
use OCP\AppFramework\Http\JSONResponse;
use OCP\IConfig;
+use OCP\IRequest;
+use OCP\Share\IManager;
+use OCP\Share\IShare;
/**
* @package OCA\Files_Sharing\Middleware\SharingCheckMiddleware
@@ -50,6 +53,10 @@ class SharingCheckMiddlewareTest extends \Test\TestCase {
private $controllerMock;
/** @var IControllerMethodReflector|\PHPUnit_Framework_MockObject_MockObject */
private $reflector;
+ /** @var IManager | \PHPUnit_Framework_MockObject_MockObject */
+ private $shareManager;
+ /** @var IRequest | \PHPUnit_Framework_MockObject_MockObject */
+ private $request;
protected function setUp() {
parent::setUp();
@@ -58,12 +65,16 @@ class SharingCheckMiddlewareTest extends \Test\TestCase {
$this->appManager = $this->createMock(IAppManager::class);
$this->controllerMock = $this->createMock(Controller::class);
$this->reflector = $this->createMock(IControllerMethodReflector::class);
+ $this->shareManager = $this->createMock(IManager::class);
+ $this->request = $this->createMock(IRequest::class);
$this->sharingCheckMiddleware = new SharingCheckMiddleware(
'files_sharing',
$this->config,
$this->appManager,
- $this->reflector);
+ $this->reflector,
+ $this->shareManager,
+ $this->request);
}
public function testIsSharingEnabledWithAppEnabled() {
@@ -215,6 +226,9 @@ class SharingCheckMiddlewareTest extends \Test\TestCase {
}
public function testBeforeControllerWithShareControllerWithSharingEnabled() {
+
+ $share = $this->createMock(IShare::class);
+
$this->appManager
->expects($this->once())
->method('isEnabledForUser')
@@ -233,6 +247,13 @@ class SharingCheckMiddlewareTest extends \Test\TestCase {
->with('core', 'shareapi_allow_links', 'yes')
->will($this->returnValue('yes'));
+ $this->request->expects($this->once())->method('getParam')->with('token')
+ ->willReturn('token');
+ $this->shareManager->expects($this->once())->method('getShareByToken')
+ ->with('token')->willReturn($share);
+
+ $share->expects($this->once())->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_LINK);
+
$controller = $this->createMock(ShareController::class);
$this->sharingCheckMiddleware->beforeController($controller, 'myMethod');
@@ -243,6 +264,9 @@ class SharingCheckMiddlewareTest extends \Test\TestCase {
* @expectedExceptionMessage Link sharing is disabled
*/
public function testBeforeControllerWithShareControllerWithSharingEnabledAPIDisabled() {
+
+ $share = $this->createMock(IShare::class);
+
$this->appManager
->expects($this->once())
->method('isEnabledForUser')
@@ -251,6 +275,14 @@ class SharingCheckMiddlewareTest extends \Test\TestCase {
$controller = $this->createMock(ShareController::class);
+ $this->request->expects($this->once())->method('getParam')->with('token')
+ ->willReturn('token');
+ $this->shareManager->expects($this->once())->method('getShareByToken')
+ ->with('token')->willReturn($share);
+
+ $share->expects($this->once())->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_LINK);
+
+
$this->sharingCheckMiddleware->beforeController($controller, 'myMethod');
}