diff options
author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2018-11-04 21:08:11 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-11-04 21:08:11 +0100 |
commit | 72b7c9ffa00553f3c1439e824e439da8412ebfe9 (patch) | |
tree | 4ae3f715abc330c4467bee499df97dce0106bc7b /apps/files_sharing | |
parent | 4ebb2090db6962846ae22aa3974714620cbe323e (diff) | |
parent | 77b95ccd12bb946cba96486d859b8241649868ca (diff) | |
download | nextcloud-server-72b7c9ffa00553f3c1439e824e439da8412ebfe9.tar.gz nextcloud-server-72b7c9ffa00553f3c1439e824e439da8412ebfe9.zip |
Merge pull request #12105 from nextcloud/using-resharing-right-to-display-shares
Shares are displayed to users with resharing rights
Diffstat (limited to 'apps/files_sharing')
-rw-r--r-- | apps/files_sharing/lib/Controller/ShareAPIController.php | 84 |
1 files changed, 80 insertions, 4 deletions
diff --git a/apps/files_sharing/lib/Controller/ShareAPIController.php b/apps/files_sharing/lib/Controller/ShareAPIController.php index 42d0218de8c..f61b9dac58a 100644 --- a/apps/files_sharing/lib/Controller/ShareAPIController.php +++ b/apps/files_sharing/lib/Controller/ShareAPIController.php @@ -39,7 +39,6 @@ use OCP\AppFramework\OCS\OCSNotFoundException; use OCP\AppFramework\OCSController; use OCP\AppFramework\QueryException; use OCP\Constants; -use OCP\Files\Folder; use OCP\Files\Node; use OCP\Files\NotFoundException; use OCP\IConfig; @@ -242,6 +241,9 @@ class ShareAPIController extends OCSController { $shareWithStart = ($hasCircleId? strrpos($share->getSharedWith(), '[') + 1: 0); $shareWithLength = ($hasCircleId? -1: strpos($share->getSharedWith(), ' ')); + if (is_bool($shareWithLength)) { + $shareWithLength = -1; + } $result['share_with'] = substr($share->getSharedWith(), $shareWithStart, $shareWithLength); } else if ($share->getShareType() === Share::SHARE_TYPE_ROOM) { $result['share_with'] = $share->getSharedWith(); @@ -730,15 +732,29 @@ class ShareAPIController extends OCSController { $shares = array_merge($shares, $federatedShares); } - $formatted = []; + $formatted = $miniFormatted = []; + $resharingRight = false; foreach ($shares as $share) { + /** @var IShare $share */ try { - $formatted[] = $this->formatShare($share, $path); - } catch (NotFoundException $e) { + $format = $this->formatShare($share, $path); + $formatted[] = $format; + if ($share->getSharedBy() === $this->currentUser) { + $miniFormatted[] = $format; + } + + if (!$resharingRight && $this->shareProviderResharingRights($this->currentUser, $share, $path)) { + $resharingRight = true; + } + } catch (\Exception $e) { //Ignore share } } + if (!$resharingRight) { + $formatted = $miniFormatted; + } + if ($include_tags) { $formatted = Helper::populateTags($formatted, 'file_source', \OC::$server->getTagManager()); } @@ -1122,4 +1138,64 @@ class ShareAPIController extends OCSController { return $this->serverContainer->query('\OCA\Spreed\Share\Helper\ShareAPIController'); } + + + /** + * Returns if we can find resharing rights in an IShare object for a specific user. + * + * @suppress PhanUndeclaredClassMethod + * + * @param string $userId + * @param IShare $share + * @param Node $node + * @return bool + * @throws NotFoundException + * @throws \OCP\Files\InvalidPathException + */ + private function shareProviderResharingRights(string $userId, IShare $share, $node): bool { + + if ($share->getShareOwner() === $userId) { + return true; + } + + // we check that current user have parent resharing rights on the current file + if ($node !== null && ($node->getPermissions() & \OCP\Constants::PERMISSION_SHARE) !== 0) { + return true; + } + + if ((\OCP\Constants::PERMISSION_SHARE & $share->getPermissions()) === 0) { + return false; + } + + if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER && $share->getSharedWith() === $userId) { + return true; + } + + if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP && $this->groupManager->isInGroup($userId, $share->getSharedWith())) { + return true; + } + + if ($share->getShareType() === \OCP\Share::SHARE_TYPE_CIRCLE && \OC::$server->getAppManager()->isEnabledForUser('circles') && + class_exists('\OCA\Circles\Api\v1\Circles')) { + $hasCircleId = (substr($share->getSharedWith(), -1) === ']'); + $shareWithStart = ($hasCircleId ? strrpos($share->getSharedWith(), '[') + 1 : 0); + $shareWithLength = ($hasCircleId ? -1 : strpos($share->getSharedWith(), ' ')); + if (is_bool($shareWithLength)) { + $shareWithLength = -1; + } + $sharedWith = substr($share->getSharedWith(), $shareWithStart, $shareWithLength); + try { + $member = \OCA\Circles\Api\v1\Circles::getMember($sharedWith, $userId, 1); + if ($member->getLevel() >= 4) { + return true; + } + return false; + } catch (QueryException $e) { + return false; + } + } + + return false; + } + } |