diff options
| author | John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com> | 2019-08-16 15:09:15 +0200 |
|---|---|---|
| committer | John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com> | 2019-10-04 21:40:30 +0200 |
| commit | ff895abac081ffd53b9d1509565e9dfe923b6d60 (patch) | |
| tree | c189db36916df556e2476ec38ea036d9a2346269 /build/integration | |
| parent | b1069b29fa7eacdaed8160e600f5a98b32e6784b (diff) | |
| download | nextcloud-server-ff895abac081ffd53b9d1509565e9dfe923b6d60.tar.gz nextcloud-server-ff895abac081ffd53b9d1509565e9dfe923b6d60.zip | |
Fix shares read permissions
A user with reshare permissions on a file is now able to get any share
of that file (just like the owner).
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Diffstat (limited to 'build/integration')
| -rw-r--r-- | build/integration/sharing_features/sharing-v1-part2.feature | 34 | ||||
| -rw-r--r-- | build/integration/sharing_features/sharing-v1-part3.feature | 4 |
2 files changed, 34 insertions, 4 deletions
diff --git a/build/integration/sharing_features/sharing-v1-part2.feature b/build/integration/sharing_features/sharing-v1-part2.feature index 5cea18b6b11..3316f3d94ba 100644 --- a/build/integration/sharing_features/sharing-v1-part2.feature +++ b/build/integration/sharing_features/sharing-v1-part2.feature @@ -321,6 +321,36 @@ Feature: sharing Then the OCS status code should be "404" And the HTTP status code should be "200" + Scenario: Get a share with a user with resharing rights + Given user "user0" exists + And user "user1" exists + And user "user2" exists + And file "textfile0.txt" of user "user0" is shared with user "user1" + And file "textfile0.txt" of user "user0" is shared with user "user2" + And As an "user1" + When Getting info of last share + Then the OCS status code should be "100" + And the HTTP status code should be "200" + And Share fields of last share match with + | id | A_NUMBER | + | item_type | file | + | item_source | A_NUMBER | + | share_type | 0 | + | share_with | user2 | + | file_source | A_NUMBER | + | file_target | /textfile0.txt | + | path | /textfile0 (2).txt | + | permissions | 19 | + | stime | A_NUMBER | + | storage | A_NUMBER | + | mail_send | 0 | + | uid_owner | user0 | + | storage_id | shared::/textfile0 (2).txt | + | file_parent | A_NUMBER | + | share_with_displayname | user2 | + | displayname_owner | user0 | + | mimetype | text/plain | + Scenario: Share of folder and sub-folder to same user - core#20645 Given As an "admin" And user "user0" exists @@ -427,8 +457,8 @@ Feature: sharing And file "textfile0.txt" of user "user0" is shared with user "user2" And As an "user1" When Deleting last share - Then the OCS status code should be "404" - And the HTTP status code should be "200" + Then the OCS status code should be "403" + And the HTTP status code should be "401" Scenario: Keep usergroup shares (#22143) Given As an "admin" diff --git a/build/integration/sharing_features/sharing-v1-part3.feature b/build/integration/sharing_features/sharing-v1-part3.feature index 6c34534333a..4a02e89a671 100644 --- a/build/integration/sharing_features/sharing-v1-part3.feature +++ b/build/integration/sharing_features/sharing-v1-part3.feature @@ -398,8 +398,8 @@ Feature: sharing When As an "user1" And Updating last share with | permissions | 19 | - Then the OCS status code should be "404" - And the HTTP status code should be "200" + Then the OCS status code should be "403" + And the HTTP status code should be "401" Scenario: do not allow to increase link share permissions on reshare Given As an "admin" |