summaryrefslogtreecommitdiffstats
path: root/apps/files_sharing/lib/Controller/ShareAPIController.php
diff options
context:
space:
mode:
Diffstat (limited to 'apps/files_sharing/lib/Controller/ShareAPIController.php')
-rw-r--r--apps/files_sharing/lib/Controller/ShareAPIController.php33
1 files changed, 22 insertions, 11 deletions
diff --git a/apps/files_sharing/lib/Controller/ShareAPIController.php b/apps/files_sharing/lib/Controller/ShareAPIController.php
index 4d60a78ce95..8391bbc3a2c 100644
--- a/apps/files_sharing/lib/Controller/ShareAPIController.php
+++ b/apps/files_sharing/lib/Controller/ShareAPIController.php
@@ -44,6 +44,7 @@ declare(strict_types=1);
*/
namespace OCA\Files_Sharing\Controller;
+use OC\Files\FileInfo;
use OCA\Files_Sharing\Exceptions\SharingRightsException;
use OCA\Files_Sharing\External\Storage;
use OCA\Files\Helper;
@@ -468,12 +469,22 @@ class ShareAPIController extends OCSController {
$userFolder = $this->rootFolder->getUserFolder($this->currentUser);
try {
- $path = $userFolder->get($path);
+ /** @var \OC\Files\Node\Node $node */
+ $node = $userFolder->get($path);
} catch (NotFoundException $e) {
throw new OCSNotFoundException($this->l->t('Wrong path, file/folder doesn\'t exist'));
}
- $share->setNode($path);
+ // a user can have access to a file through different paths, with differing permissions
+ // combine all permissions to determine if the user can share this file
+ $nodes = $userFolder->getById($node->getId());
+ foreach ($nodes as $nodeById) {
+ /** @var FileInfo $fileInfo */
+ $fileInfo = $node->getFileInfo();
+ $fileInfo['permissions'] |= $nodeById->getPermissions();
+ }
+
+ $share->setNode($node);
try {
$this->lock($share->getNode());
@@ -488,7 +499,7 @@ class ShareAPIController extends OCSController {
// Shares always require read permissions
$permissions |= Constants::PERMISSION_READ;
- if ($path instanceof \OCP\Files\File) {
+ if ($node instanceof \OCP\Files\File) {
// Single file shares should never have delete or create permissions
$permissions &= ~Constants::PERMISSION_DELETE;
$permissions &= ~Constants::PERMISSION_CREATE;
@@ -499,8 +510,8 @@ class ShareAPIController extends OCSController {
* We check the permissions via webdav. But the permissions of the mount point
* do not equal the share permissions. Here we fix that for federated mounts.
*/
- if ($path->getStorage()->instanceOfStorage(Storage::class)) {
- $permissions &= ~($permissions & ~$path->getPermissions());
+ if ($node->getStorage()->instanceOfStorage(Storage::class)) {
+ $permissions &= ~($permissions & ~$node->getPermissions());
}
if ($shareType === IShare::TYPE_USER) {
@@ -536,7 +547,7 @@ class ShareAPIController extends OCSController {
}
// Public upload can only be set for folders
- if ($path instanceof \OCP\Files\File) {
+ if ($node instanceof \OCP\Files\File) {
throw new OCSNotFoundException($this->l->t('Public upload is only possible for publicly shared folders'));
}
@@ -572,7 +583,7 @@ class ShareAPIController extends OCSController {
if ($sendPasswordByTalk === 'true') {
if (!$this->appManager->isEnabledForUser('spreed')) {
- throw new OCSForbiddenException($this->l->t('Sharing %s sending the password by Nextcloud Talk failed because Nextcloud Talk is not enabled', [$path->getPath()]));
+ throw new OCSForbiddenException($this->l->t('Sharing %s sending the password by Nextcloud Talk failed because Nextcloud Talk is not enabled', [$node->getPath()]));
}
$share->setSendPasswordByTalk(true);
@@ -589,7 +600,7 @@ class ShareAPIController extends OCSController {
}
} elseif ($shareType === IShare::TYPE_REMOTE) {
if (!$this->shareManager->outgoingServer2ServerSharesAllowed()) {
- throw new OCSForbiddenException($this->l->t('Sharing %1$s failed because the back end does not allow shares from type %2$s', [$path->getPath(), $shareType]));
+ throw new OCSForbiddenException($this->l->t('Sharing %1$s failed because the back end does not allow shares from type %2$s', [$node->getPath(), $shareType]));
}
if ($shareWith === null) {
@@ -608,7 +619,7 @@ class ShareAPIController extends OCSController {
}
} elseif ($shareType === IShare::TYPE_REMOTE_GROUP) {
if (!$this->shareManager->outgoingServer2ServerGroupSharesAllowed()) {
- throw new OCSForbiddenException($this->l->t('Sharing %1$s failed because the back end does not allow shares from type %2$s', [$path->getPath(), $shareType]));
+ throw new OCSForbiddenException($this->l->t('Sharing %1$s failed because the back end does not allow shares from type %2$s', [$node->getPath(), $shareType]));
}
if ($shareWith === null) {
@@ -642,13 +653,13 @@ class ShareAPIController extends OCSController {
try {
$this->getRoomShareHelper()->createShare($share, $shareWith, $permissions, $expireDate);
} catch (QueryException $e) {
- throw new OCSForbiddenException($this->l->t('Sharing %s failed because the back end does not support room shares', [$path->getPath()]));
+ throw new OCSForbiddenException($this->l->t('Sharing %s failed because the back end does not support room shares', [$node->getPath()]));
}
} elseif ($shareType === IShare::TYPE_DECK) {
try {
$this->getDeckShareHelper()->createShare($share, $shareWith, $permissions, $expireDate);
} catch (QueryException $e) {
- throw new OCSForbiddenException($this->l->t('Sharing %s failed because the back end does not support room shares', [$path->getPath()]));
+ throw new OCSForbiddenException($this->l->t('Sharing %s failed because the back end does not support room shares', [$node->getPath()]));
}
} else {
throw new OCSBadRequestException($this->l->t('Unknown share type'));
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-31 09:44:05 +0000