diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2015-10-26 10:57:31 +0100 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2015-10-26 10:57:31 +0100 |
| commit | d4d954b2d99af48c25acb51e6e86032d9685bc2a (patch) | |
| tree | 96b4981f92f9c6bcd448517b1d91423cd59efca9 /lib/private | |
| parent | 1f32a3e485e33c56c559fc8f354ab82b0e5f7736 (diff) | |
| parent | 9071e756a103319c6747974292463f30b89ab4e3 (diff) | |
| download | nextcloud-server-d4d954b2d99af48c25acb51e6e86032d9685bc2a.tar.gz nextcloud-server-d4d954b2d99af48c25acb51e6e86032d9685bc2a.zip | |
Merge pull request #19982 from owncloud/fix-link-sharing-regression-master
Ensure the password is only hashed in case it's changed on the client…
Diffstat (limited to 'lib/private')
| -rw-r--r-- | lib/private/share/share.php | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/lib/private/share/share.php b/lib/private/share/share.php index b015d7738b5..097c5a14b9f 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -597,11 +597,12 @@ class Share extends Constants { * @param int $permissions CRUDS * @param string $itemSourceName * @param \DateTime $expirationDate + * @param bool $passwordChanged * @return boolean|string Returns true on success or false on failure, Returns token on success for links * @throws \OC\HintException when the share type is remote and the shareWith is invalid * @throws \Exception */ - public static function shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions, $itemSourceName = null, \DateTime $expirationDate = null) { + public static function shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions, $itemSourceName = null, \DateTime $expirationDate = null, $passwordChanged = null) { $backend = self::getBackend($itemType); $l = \OC::$server->getL10N('lib'); @@ -775,14 +776,25 @@ class Share extends Constants { $updateExistingShare = true; } - // Generate hash of password - same method as user passwords - if (is_string($shareWith) && $shareWith !== '') { - self::verifyPassword($shareWith); - $shareWith = \OC::$server->getHasher()->hash($shareWith); + if ($passwordChanged === null) { + // Generate hash of password - same method as user passwords + if (is_string($shareWith) && $shareWith !== '') { + self::verifyPassword($shareWith); + $shareWith = \OC::$server->getHasher()->hash($shareWith); + } else { + // reuse the already set password, but only if we change permissions + // otherwise the user disabled the password protection + if ($checkExists && (int)$permissions !== (int)$oldPermissions) { + $shareWith = $checkExists['share_with']; + } + } } else { - // reuse the already set password, but only if we change permissions - // otherwise the user disabled the password protection - if ($checkExists && (int)$permissions !== (int)$oldPermissions) { + if ($passwordChanged === true) { + if (is_string($shareWith) && $shareWith !== '') { + self::verifyPassword($shareWith); + $shareWith = \OC::$server->getHasher()->hash($shareWith); + } + } else if ($updateExistingShare) { $shareWith = $checkExists['share_with']; } } |