diff options
| author | Björn Schießle <bjoern@schiessle.org> | 2014-11-18 17:26:02 +0100 |
|---|---|---|
| committer | Björn Schießle <bjoern@schiessle.org> | 2014-11-18 17:26:02 +0100 |
| commit | 106d0f9c754c91810a798de3628a0361062982ca (patch) | |
| tree | ef6e1916c0fc6baedc054ca1cb367b77ef3e0af4 /lib | |
| parent | 309788003d7f109e2794e66d1314b75c93805715 (diff) | |
| parent | ea4eedd35a267ff64af0a9b1502ef92026467d3e (diff) | |
| download | nextcloud-server-106d0f9c754c91810a798de3628a0361062982ca.tar.gz nextcloud-server-106d0f9c754c91810a798de3628a0361062982ca.zip | |
Merge pull request #12224 from owncloud/fix_12211
make sure that we don't find the wrong shares if a user and a group have the same ID
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/share/share.php | 31 |
1 files changed, 22 insertions, 9 deletions
diff --git a/lib/private/share/share.php b/lib/private/share/share.php index b7b05dab8ef..cd5decf6f71 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -288,9 +288,10 @@ class Share extends \OC\Share\Constants { * @param string $itemType * @param string $itemSource * @param string $user User user to whom the item was shared + * @param int $shareType only look for a specific share type * @return array Return list of items with file_target, permissions and expiration */ - public static function getItemSharedWithUser($itemType, $itemSource, $user) { + public static function getItemSharedWithUser($itemType, $itemSource, $user, $shareType = null) { $shares = array(); $fileDependend = false; @@ -314,6 +315,11 @@ class Share extends \OC\Share\Constants { $arguments[] = $user; } + if ($shareType !== null) { + $where .= ' AND `share_type` = ? '; + $arguments[] = $shareType; + } + $query = \OC_DB::prepare('SELECT ' . $select . ' FROM `*PREFIX*share` '. $where); $result = \OC_DB::executeAudited($query, $arguments); @@ -697,7 +703,7 @@ class Share extends \OC\Share\Constants { // check if it is a valid itemType self::getBackend($itemType); - $items = self::getItemSharedWithUser($itemType, $itemSource, $shareWith); + $items = self::getItemSharedWithUser($itemType, $itemSource, $shareWith, $shareType); $toDelete = array(); $newParent = null; @@ -1308,14 +1314,18 @@ class Share extends \OC\Share\Constants { if (isset($shareType)) { // Include all user and group items if ($shareType == self::$shareTypeUserAndGroups && isset($shareWith)) { - $where .= ' AND `share_type` IN (?,?,?)'; + $where .= ' AND ((`share_type` in (?, ?) AND `share_with` = ?) '; $queryArgs[] = self::SHARE_TYPE_USER; - $queryArgs[] = self::SHARE_TYPE_GROUP; $queryArgs[] = self::$shareTypeGroupUserUnique; - $userAndGroups = array_merge(array($shareWith), \OC_Group::getUserGroups($shareWith)); - $placeholders = join(',', array_fill(0, count($userAndGroups), '?')); - $where .= ' AND `share_with` IN ('.$placeholders.')'; - $queryArgs = array_merge($queryArgs, $userAndGroups); + $queryArgs[] = $shareWith; + $groups = \OC_Group::getUserGroups($shareWith); + if (!empty($groups)) { + $placeholders = join(',', array_fill(0, count($groups), '?')); + $where .= ' OR (`share_type` = ? AND `share_with` IN ('.$placeholders.')) '; + $queryArgs[] = self::SHARE_TYPE_GROUP; + $queryArgs = array_merge($queryArgs, $groups); + } + $where .= ')'; // Don't include own group shares $where .= ' AND `uid_owner` != ?'; $queryArgs[] = $shareWith; @@ -1506,8 +1516,11 @@ class Share extends \OC\Share\Constants { $row['permissions'] &= ~\OCP\PERMISSION_SHARE; } // Add display names to result - if ( isset($row['share_with']) && $row['share_with'] != '') { + if ( isset($row['share_with']) && $row['share_with'] != '' && + isset($row['share_with']) && $row['share_type'] === self::SHARE_TYPE_USER) { $row['share_with_displayname'] = \OCP\User::getDisplayName($row['share_with']); + } else { + $row['share_with_displayname'] = $row['share_with']; } if ( isset($row['uid_owner']) && $row['uid_owner'] != '') { $row['displayname_owner'] = \OCP\User::getDisplayName($row['uid_owner']); |