diff options
| author | Robin Appelman <robin@icewind.nl> | 2024-02-23 18:26:24 +0100 |
|---|---|---|
| committer | Robin Appelman <robin@icewind.nl> | 2024-02-27 14:15:23 +0100 |
| commit | 96942e436b185711c3f5cac5786a7b593c18b723 (patch) | |
| tree | 54f0ed4b923aa1211e7b4bc74cdd398d3736cd3d /lib/private/Files | |
| parent | d0ebe369061027e8026b93b5083dcaadc3a25412 (diff) | |
| download | nextcloud-server-96942e436b185711c3f5cac5786a7b593c18b723.tar.gz nextcloud-server-96942e436b185711c3f5cac5786a7b593c18b723.zip | |
fix: update "move into share" check to share manager
Signed-off-by: Robin Appelman <robin@icewind.nl>
Diffstat (limited to 'lib/private/Files')
| -rw-r--r-- | lib/private/Files/View.php | 53 |
1 files changed, 29 insertions, 24 deletions
diff --git a/lib/private/Files/View.php b/lib/private/Files/View.php index 2f8f3c08a80..c80b42134c4 100644 --- a/lib/private/Files/View.php +++ b/lib/private/Files/View.php @@ -65,10 +65,12 @@ use OCP\Files\InvalidPathException; use OCP\Files\Mount\IMountPoint; use OCP\Files\NotFoundException; use OCP\Files\ReservedWordException; -use OCP\Files\Storage\IStorage; use OCP\IUser; use OCP\Lock\ILockingProvider; use OCP\Lock\LockedException; +use OCP\Server; +use OCP\Share\IManager; +use OCP\Share\IShare; use Psr\Log\LoggerInterface; /** @@ -731,6 +733,8 @@ class View { public function rename($source, $target) { $absolutePath1 = Filesystem::normalizePath($this->getAbsolutePath($source)); $absolutePath2 = Filesystem::normalizePath($this->getAbsolutePath($target)); + $targetParts = explode('/', $absolutePath2); + $targetUser = $targetParts[1] ?? null; $result = false; if ( Filesystem::isValidPath($target) @@ -785,7 +789,7 @@ class View { if ($internalPath1 === '') { if ($mount1 instanceof MoveableMount) { $sourceParentMount = $this->getMount(dirname($source)); - if ($sourceParentMount === $mount2 && $this->targetIsNotShared($storage2, $internalPath2)) { + if ($sourceParentMount === $mount2 && $this->targetIsNotShared($targetUser, $absolutePath2)) { /** * @var \OC\Files\Mount\MountPoint | \OC\Files\Mount\MoveableMount $mount1 */ @@ -1781,28 +1785,29 @@ class View { * It is not allowed to move a mount point into a different mount point or * into an already shared folder */ - private function targetIsNotShared(IStorage $targetStorage, string $targetInternalPath): bool { - // note: cannot use the view because the target is already locked - $fileId = $targetStorage->getCache()->getId($targetInternalPath); - if ($fileId === -1) { - // target might not exist, need to check parent instead - $fileId = $targetStorage->getCache()->getId(dirname($targetInternalPath)); - } - - // check if any of the parents were shared by the current owner (include collections) - $shares = Share::getItemShared( - 'folder', - (string)$fileId, - \OC\Share\Constants::FORMAT_NONE, - null, - true - ); - - if (count($shares) > 0) { - $this->logger->debug( - 'It is not allowed to move one mount point into a shared folder', - ['app' => 'files']); - return false; + private function targetIsNotShared(string $user, string $targetPath): bool { + $providers = [ + IShare::TYPE_USER, + IShare::TYPE_GROUP, + IShare::TYPE_EMAIL, + IShare::TYPE_CIRCLE, + IShare::TYPE_ROOM, + IShare::TYPE_DECK, + IShare::TYPE_SCIENCEMESH + ]; + $shareManager = Server::get(IManager::class); + /** @var IShare[] $shares */ + $shares = array_merge(...array_map(function (int $type) use ($shareManager, $user) { + return $shareManager->getSharesBy($user, $type); + }, $providers)); + + foreach ($shares as $share) { + if (str_starts_with($targetPath, $share->getNode()->getPath())) { + $this->logger->debug( + 'It is not allowed to move one mount point into a shared folder', + ['app' => 'files']); + return false; + } } return true; |