diff options
Diffstat (limited to 'apps')
3 files changed, 61 insertions, 7 deletions
diff --git a/apps/files_sharing/lib/AppInfo/Application.php b/apps/files_sharing/lib/AppInfo/Application.php index 922db7dac75..403d30ae2e6 100644 --- a/apps/files_sharing/lib/AppInfo/Application.php +++ b/apps/files_sharing/lib/AppInfo/Application.php @@ -111,7 +111,9 @@ class Application extends App { $c->query('AppName'), $server->getConfig(), $server->getAppManager(), - $c['ControllerMethodReflector'] + $c['ControllerMethodReflector'], + $server->getShareManager(), + $server->getRequest() ); }); diff --git a/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php b/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php index 7e9109bf2d1..5712b96b97d 100644 --- a/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php +++ b/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php @@ -25,6 +25,8 @@ namespace OCA\Files_Sharing\Middleware; +use OCA\Files_Sharing\Controller\ExternalSharesController; +use OCA\Files_Sharing\Controller\ShareController; use OCP\App\IAppManager; use OCP\AppFramework\Http\NotFoundResponse; use OCP\AppFramework\Middleware; @@ -33,6 +35,8 @@ use OCP\IConfig; use OCP\AppFramework\Utility\IControllerMethodReflector; use OCA\Files_Sharing\Exceptions\S2SException; use OCP\AppFramework\Http\JSONResponse; +use OCP\IRequest; +use OCP\Share\IManager; /** * Checks whether the "sharing check" is enabled @@ -49,21 +53,32 @@ class SharingCheckMiddleware extends Middleware { protected $appManager; /** @var IControllerMethodReflector */ protected $reflector; + /** @var IManager */ + protected $shareManager; + /** @var IRequest */ + protected $request; /*** * @param string $appName * @param IConfig $config * @param IAppManager $appManager + * @param IControllerMethodReflector $reflector + * @param IManager $shareManager + * @param IRequest $request */ public function __construct($appName, IConfig $config, IAppManager $appManager, - IControllerMethodReflector $reflector + IControllerMethodReflector $reflector, + IManager $shareManager, + IRequest $request ) { $this->appName = $appName; $this->config = $config; $this->appManager = $appManager; $this->reflector = $reflector; + $this->shareManager = $shareManager; + $this->request = $request; } /** @@ -72,18 +87,23 @@ class SharingCheckMiddleware extends Middleware { * @param \OCP\AppFramework\Controller $controller * @param string $methodName * @throws NotFoundException + * @throws S2SException */ public function beforeController($controller, $methodName) { if(!$this->isSharingEnabled()) { throw new NotFoundException('Sharing is disabled.'); } - if ($controller instanceof \OCA\Files_Sharing\Controller\ExternalSharesController && + if ($controller instanceof ExternalSharesController && !$this->externalSharesChecks()) { throw new S2SException('Federated sharing not allowed'); - } else if ($controller instanceof \OCA\Files_Sharing\Controller\ShareController && - !$this->isLinkSharingEnabled()) { - throw new NotFoundException('Link sharing is disabled'); + } else if ($controller instanceof ShareController) { + $token = $this->request->getParam('token'); + $share = $this->shareManager->getShareByToken($token); + if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK + && !$this->isLinkSharingEnabled()) { + throw new NotFoundException('Link sharing is disabled'); + } } } diff --git a/apps/files_sharing/tests/Middleware/SharingCheckMiddlewareTest.php b/apps/files_sharing/tests/Middleware/SharingCheckMiddlewareTest.php index c2965d04b6b..8d7d42722b9 100644 --- a/apps/files_sharing/tests/Middleware/SharingCheckMiddlewareTest.php +++ b/apps/files_sharing/tests/Middleware/SharingCheckMiddlewareTest.php @@ -34,6 +34,9 @@ use OCP\AppFramework\Utility\IControllerMethodReflector; use OCA\Files_Sharing\Exceptions\S2SException; use OCP\AppFramework\Http\JSONResponse; use OCP\IConfig; +use OCP\IRequest; +use OCP\Share\IManager; +use OCP\Share\IShare; /** * @package OCA\Files_Sharing\Middleware\SharingCheckMiddleware @@ -50,6 +53,10 @@ class SharingCheckMiddlewareTest extends \Test\TestCase { private $controllerMock; /** @var IControllerMethodReflector|\PHPUnit_Framework_MockObject_MockObject */ private $reflector; + /** @var IManager | \PHPUnit_Framework_MockObject_MockObject */ + private $shareManager; + /** @var IRequest | \PHPUnit_Framework_MockObject_MockObject */ + private $request; protected function setUp() { parent::setUp(); @@ -58,12 +65,16 @@ class SharingCheckMiddlewareTest extends \Test\TestCase { $this->appManager = $this->createMock(IAppManager::class); $this->controllerMock = $this->createMock(Controller::class); $this->reflector = $this->createMock(IControllerMethodReflector::class); + $this->shareManager = $this->createMock(IManager::class); + $this->request = $this->createMock(IRequest::class); $this->sharingCheckMiddleware = new SharingCheckMiddleware( 'files_sharing', $this->config, $this->appManager, - $this->reflector); + $this->reflector, + $this->shareManager, + $this->request); } public function testIsSharingEnabledWithAppEnabled() { @@ -215,6 +226,9 @@ class SharingCheckMiddlewareTest extends \Test\TestCase { } public function testBeforeControllerWithShareControllerWithSharingEnabled() { + + $share = $this->createMock(IShare::class); + $this->appManager ->expects($this->once()) ->method('isEnabledForUser') @@ -233,6 +247,13 @@ class SharingCheckMiddlewareTest extends \Test\TestCase { ->with('core', 'shareapi_allow_links', 'yes') ->will($this->returnValue('yes')); + $this->request->expects($this->once())->method('getParam')->with('token') + ->willReturn('token'); + $this->shareManager->expects($this->once())->method('getShareByToken') + ->with('token')->willReturn($share); + + $share->expects($this->once())->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_LINK); + $controller = $this->createMock(ShareController::class); $this->sharingCheckMiddleware->beforeController($controller, 'myMethod'); @@ -243,6 +264,9 @@ class SharingCheckMiddlewareTest extends \Test\TestCase { * @expectedExceptionMessage Link sharing is disabled */ public function testBeforeControllerWithShareControllerWithSharingEnabledAPIDisabled() { + + $share = $this->createMock(IShare::class); + $this->appManager ->expects($this->once()) ->method('isEnabledForUser') @@ -251,6 +275,14 @@ class SharingCheckMiddlewareTest extends \Test\TestCase { $controller = $this->createMock(ShareController::class); + $this->request->expects($this->once())->method('getParam')->with('token') + ->willReturn('token'); + $this->shareManager->expects($this->once())->method('getShareByToken') + ->with('token')->willReturn($share); + + $share->expects($this->once())->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_LINK); + + $this->sharingCheckMiddleware->beforeController($controller, 'myMethod'); } |