aboutsummaryrefslogtreecommitdiffstats
path: root/apps/files_sharing/lib/Controller
diff options
context:
space:
mode:
Diffstat (limited to 'apps/files_sharing/lib/Controller')
-rw-r--r--apps/files_sharing/lib/Controller/ExternalSharesController.php1
-rw-r--r--apps/files_sharing/lib/Controller/PublicPreviewController.php8
-rw-r--r--apps/files_sharing/lib/Controller/RemoteController.php1
-rw-r--r--apps/files_sharing/lib/Controller/ShareAPIController.php50
-rw-r--r--apps/files_sharing/lib/Controller/ShareController.php7
-rw-r--r--apps/files_sharing/lib/Controller/ShareInfoController.php1
6 files changed, 36 insertions, 32 deletions
diff --git a/apps/files_sharing/lib/Controller/ExternalSharesController.php b/apps/files_sharing/lib/Controller/ExternalSharesController.php
index 9d15b03c6cd..fa828a9d2c2 100644
--- a/apps/files_sharing/lib/Controller/ExternalSharesController.php
+++ b/apps/files_sharing/lib/Controller/ExternalSharesController.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2019-2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
diff --git a/apps/files_sharing/lib/Controller/PublicPreviewController.php b/apps/files_sharing/lib/Controller/PublicPreviewController.php
index f275001f162..d917f6e0ebb 100644
--- a/apps/files_sharing/lib/Controller/PublicPreviewController.php
+++ b/apps/files_sharing/lib/Controller/PublicPreviewController.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
@@ -102,9 +103,9 @@ class PublicPreviewController extends PublicShareController {
return new DataResponse([], Http::STATUS_FORBIDDEN);
}
- $attributes = $share->getAttributes();
// Only explicitly set to false will forbid the download!
- $downloadForbidden = $attributes?->getAttribute('permissions', 'download') === false;
+ $downloadForbidden = !$share->canSeeContent();
+
// Is this header is set it means our UI is doing a preview for no-download shares
// we check a header so we at least prevent people from using the link directly (obfuscation)
$isPublicPreview = $this->request->getHeader('x-nc-preview') === 'true';
@@ -181,8 +182,7 @@ class PublicPreviewController extends PublicShareController {
return new DataResponse([], Http::STATUS_FORBIDDEN);
}
- $attributes = $share->getAttributes();
- if ($attributes !== null && $attributes->getAttribute('permissions', 'download') === false) {
+ if (!$share->canSeeContent()) {
return new DataResponse([], Http::STATUS_FORBIDDEN);
}
diff --git a/apps/files_sharing/lib/Controller/RemoteController.php b/apps/files_sharing/lib/Controller/RemoteController.php
index e23ae51f219..8c15cd8463e 100644
--- a/apps/files_sharing/lib/Controller/RemoteController.php
+++ b/apps/files_sharing/lib/Controller/RemoteController.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
diff --git a/apps/files_sharing/lib/Controller/ShareAPIController.php b/apps/files_sharing/lib/Controller/ShareAPIController.php
index 23ba9da1568..a26663d58b3 100644
--- a/apps/files_sharing/lib/Controller/ShareAPIController.php
+++ b/apps/files_sharing/lib/Controller/ShareAPIController.php
@@ -1258,17 +1258,17 @@ class ShareAPIController extends OCSController {
}
if (
- $permissions === null &&
- $password === null &&
- $sendPasswordByTalk === null &&
- $publicUpload === null &&
- $expireDate === null &&
- $note === null &&
- $label === null &&
- $hideDownload === null &&
- $attributes === null &&
- $sendMail === null &&
- $token === null
+ $permissions === null
+ && $password === null
+ && $sendPasswordByTalk === null
+ && $publicUpload === null
+ && $expireDate === null
+ && $note === null
+ && $label === null
+ && $hideDownload === null
+ && $attributes === null
+ && $sendMail === null
+ && $token === null
) {
throw new OCSBadRequestException($this->l->t('Wrong or no update parameter given'));
}
@@ -1563,8 +1563,8 @@ class ShareAPIController extends OCSController {
// The owner of the file and the creator of the share
// can always edit the share
- if ($share->getShareOwner() === $this->userId ||
- $share->getSharedBy() === $this->userId
+ if ($share->getShareOwner() === $this->userId
+ || $share->getSharedBy() === $this->userId
) {
return true;
}
@@ -1596,16 +1596,16 @@ class ShareAPIController extends OCSController {
// if the user is the recipient, i can unshare
// the share with self
- if ($share->getShareType() === IShare::TYPE_USER &&
- $share->getSharedWith() === $this->userId
+ if ($share->getShareType() === IShare::TYPE_USER
+ && $share->getSharedWith() === $this->userId
) {
return true;
}
// The owner of the file and the creator of the share
// can always delete the share
- if ($share->getShareOwner() === $this->userId ||
- $share->getSharedBy() === $this->userId
+ if ($share->getShareOwner() === $this->userId
+ || $share->getSharedBy() === $this->userId
) {
return true;
}
@@ -1632,16 +1632,16 @@ class ShareAPIController extends OCSController {
* @suppress PhanUndeclaredClassMethod
*/
protected function canDeleteShareFromSelf(IShare $share): bool {
- if ($share->getShareType() !== IShare::TYPE_GROUP &&
- $share->getShareType() !== IShare::TYPE_ROOM &&
- $share->getShareType() !== IShare::TYPE_DECK &&
- $share->getShareType() !== IShare::TYPE_SCIENCEMESH
+ if ($share->getShareType() !== IShare::TYPE_GROUP
+ && $share->getShareType() !== IShare::TYPE_ROOM
+ && $share->getShareType() !== IShare::TYPE_DECK
+ && $share->getShareType() !== IShare::TYPE_SCIENCEMESH
) {
return false;
}
- if ($share->getShareOwner() === $this->userId ||
- $share->getSharedBy() === $this->userId
+ if ($share->getShareOwner() === $this->userId
+ || $share->getSharedBy() === $this->userId
) {
// Delete the whole share, not just for self
return false;
@@ -1874,8 +1874,8 @@ class ShareAPIController extends OCSController {
continue;
}
- $providerShares =
- $this->shareManager->getSharesBy($viewer, $provider, $node, $reShares, -1, 0);
+ $providerShares
+ = $this->shareManager->getSharesBy($viewer, $provider, $node, $reShares, -1, 0);
$shares = array_merge($shares, $providerShares);
}
diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php
index ad8023ba6bb..5a776379fce 100644
--- a/apps/files_sharing/lib/Controller/ShareController.php
+++ b/apps/files_sharing/lib/Controller/ShareController.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -251,9 +252,9 @@ class ShareController extends AuthPublicShareController {
* Emit a ShareLinkAccessedEvent event when a share is accessed, downloaded, auth...
*/
protected function emitShareAccessEvent(IShare $share, string $step = '', int $errorCode = 200, string $errorMessage = ''): void {
- if ($step !== self::SHARE_ACCESS &&
- $step !== self::SHARE_AUTH &&
- $step !== self::SHARE_DOWNLOAD) {
+ if ($step !== self::SHARE_ACCESS
+ && $step !== self::SHARE_AUTH
+ && $step !== self::SHARE_DOWNLOAD) {
return;
}
$this->eventDispatcher->dispatchTyped(new ShareLinkAccessedEvent($share, $step, $errorCode, $errorMessage));
diff --git a/apps/files_sharing/lib/Controller/ShareInfoController.php b/apps/files_sharing/lib/Controller/ShareInfoController.php
index 0a290d69c65..b7e79aec830 100644
--- a/apps/files_sharing/lib/Controller/ShareInfoController.php
+++ b/apps/files_sharing/lib/Controller/ShareInfoController.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-02 06:07:18 +0000