From abd24f9bef7c86a8e449c93ee4a24e853639c6db Mon Sep 17 00:00:00 2001
From: Maxence Lange <maxence@artificial-owl.com>
Date: Thu, 5 Dec 2024 19:57:10 -0100
Subject: fix(signed-request): use share owner on reshare

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
---
 .../lib/Controller/RequestHandlerController.php                |  2 +-
 .../lib/OCM/CloudFederationProviderFiles.php                   | 10 ++++++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php
index bee18da6023..86af7924e6f 100644
--- a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php
+++ b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php
@@ -441,7 +441,7 @@ class RequestHandlerController extends Controller {
 				return;
 			}
 		} elseif ($instance !== $signedRequest->getOrigin()) {
-			throw new IncomingRequestException('remote instance {instance} not linked to origin {origin}', ['instance' => $instance, 'origin' => $signedRequest->getOrigin()]);
+			throw new IncomingRequestException('remote instance ' . $instance . ' not linked to origin ' . $signedRequest->getOrigin());
 		}
 	}
 
diff --git a/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php b/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php
index ddf481affad..8821ff9834e 100644
--- a/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php
+++ b/apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php
@@ -766,10 +766,16 @@ class CloudFederationProviderFiles implements ISignedCloudFederationProvider {
 		$provider = $this->shareProviderFactory->getProviderForType(IShare::TYPE_REMOTE);
 		try {
 			$share = $provider->getShareByToken($sharedSecret);
-		} catch (ShareNotFound $e) {
+		} catch (ShareNotFound) {
 			return '';
 		}
 
-		return $share->getSharedWith();
+		// if uid_owner is a local account, the request comes from the recipient
+		// if not, request comes from the instance that owns the share and recipient is the re-sharer
+		if ($this->userManager->get($share->getShareOwner()) !== null) {
+			return $share->getSharedWith();
+		} else {
+			return $share->getShareOwner();
+		}
 	}
 }
-- 
cgit v1.2.3