summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorVincent Petry <pvince81@owncloud.com>2016-09-02 11:23:55 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2016-10-06 13:57:58 +0200
commit626daabb56c91755bccb327f090e6bdcd94789ad (patch)
tree92949c65fd5585c74bcc388d1eede99126dc2c1c /lib
parent01393592ebbae8f1be5eb1f8ad38670aae472342 (diff)
downloadnextcloud-server-626daabb56c91755bccb327f090e6bdcd94789ad.tar.gz
nextcloud-server-626daabb56c91755bccb327f090e6bdcd94789ad.zip
Prefilter inaccessible shares in DefaultShareProvider::getSharedWith()
The DefaultShareProvider now does a DB-level check to find out whether file_source is accessible at all (deleted file) or whether it's in the trashbin of a home storage. One small corner case where the home storage id is in md5 form cannot be covered properly with this approach. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Diffstat (limited to 'lib')
-rw-r--r--lib/private/Share20/DefaultShareProvider.php46
1 files changed, 38 insertions, 8 deletions
diff --git a/lib/private/Share20/DefaultShareProvider.php b/lib/private/Share20/DefaultShareProvider.php
index f33c297b02d..d6afcf99912 100644
--- a/lib/private/Share20/DefaultShareProvider.php
+++ b/lib/private/Share20/DefaultShareProvider.php
@@ -583,6 +583,25 @@ class DefaultShareProvider implements IShareProvider {
}
/**
+ * Returns whether the given database result can be interpreted as
+ * a share with accessible file (not trashed, not deleted)
+ */
+ private function isAccessibleResult($data) {
+ // exclude shares leading to deleted file entries
+ if ($data['fileid'] === null) {
+ return false;
+ }
+
+ // exclude shares leading to trashbin on home storages
+ $pathSections = explode('/', $data['path'], 2);
+ // FIXME: would not detect rare md5'd home storage case properly
+ if ($pathSections[0] !== 'files' && explode(':', $data['storage_string_id'], 2)[0] === 'home') {
+ return false;
+ }
+ return true;
+ }
+
+ /**
* @inheritdoc
*/
public function getSharedWith($userId, $shareType, $node, $limit, $offset) {
@@ -592,11 +611,14 @@ class DefaultShareProvider implements IShareProvider {
if ($shareType === \OCP\Share::SHARE_TYPE_USER) {
//Get shares directly with this user
$qb = $this->dbConn->getQueryBuilder();
- $qb->select('*')
- ->from('share');
+ $qb->select('s.*', 'f.fileid', 'f.path')
+ ->selectAlias('st.id', 'storage_string_id')
+ ->from('share', 's')
+ ->leftJoin('s', 'filecache', 'f', $qb->expr()->eq('s.file_source', 'f.fileid'))
+ ->leftJoin('f', 'storages', 'st', $qb->expr()->eq('f.storage', 'st.numeric_id'));
// Order by id
- $qb->orderBy('id');
+ $qb->orderBy('s.id');
// Set limit and offset
if ($limit !== -1) {
@@ -619,7 +641,9 @@ class DefaultShareProvider implements IShareProvider {
$cursor = $qb->execute();
while($data = $cursor->fetch()) {
- $shares[] = $this->createShare($data);
+ if ($this->isAccessibleResult($data)) {
+ $shares[] = $this->createShare($data);
+ }
}
$cursor->closeCursor();
@@ -640,9 +664,12 @@ class DefaultShareProvider implements IShareProvider {
}
$qb = $this->dbConn->getQueryBuilder();
- $qb->select('*')
- ->from('share')
- ->orderBy('id')
+ $qb->select('s.*', 'f.fileid', 'f.path')
+ ->selectAlias('st.id', 'storage_string_id')
+ ->from('share', 's')
+ ->leftJoin('s', 'filecache', 'f', $qb->expr()->eq('s.file_source', 'f.fileid'))
+ ->leftJoin('f', 'storages', 'st', $qb->expr()->eq('f.storage', 'st.numeric_id'))
+ ->orderBy('s.id')
->setFirstResult(0);
if ($limit !== -1) {
@@ -672,7 +699,10 @@ class DefaultShareProvider implements IShareProvider {
$offset--;
continue;
}
- $shares2[] = $this->createShare($data);
+
+ if ($this->isAccessibleResult($data)) {
+ $shares2[] = $this->createShare($data);
+ }
}
$cursor->closeCursor();
}