From b2e60e365dde53e405cb4a1fe9be687d33ec08ef Mon Sep 17 00:00:00 2001
From: Michael Weimann <mail@michael-weimann.eu>
Date: Thu, 9 Aug 2018 19:47:55 +0200
Subject: Adds a setup check for app directory permissions.

Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
---
 core/js/setupchecks.js | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'core/js')

diff --git a/core/js/setupchecks.js b/core/js/setupchecks.js
index 93072981e99..13e351445e9 100644
--- a/core/js/setupchecks.js
+++ b/core/js/setupchecks.js
@@ -316,6 +316,23 @@
 							type: OC.SetupChecks.MESSAGE_TYPE_WARNING
 						});
 					}
+
+					if(data.appDirsWithDifferentOwner.length > 0) {
+						var appDirsWithDifferentOwner = data.appDirsWithDifferentOwner.reduce(
+							function(appDirsWithDifferentOwner, directory) {
+								return appDirsWithDifferentOwner + '<li>' + directory + '</li>';
+							},
+							''
+						);
+						messages.push({
+							msg: t('core', 'Some app directories are owned by a different user than the web server one. ' +
+									'This may be the case if apps have been installed manually. ' +
+									'Check the permissions of the following app directories:')
+									+ '<ul>' + appDirsWithDifferentOwner + '</ul>',
+							type: OC.SetupChecks.MESSAGE_TYPE_WARNING
+						});
+					}
+
 				} else {
 					messages.push({
 						msg: t('core', 'Error occurred while checking server setup'),
-- 
cgit v1.2.3


From ebcfe33d0d0233dceaa80ad3a44126dee480eb97 Mon Sep 17 00:00:00 2001
From: Michael Weimann <mail@michael-weimann.eu>
Date: Thu, 9 Aug 2018 19:48:39 +0200
Subject: Extends the setup check js tests

Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
---
 core/js/tests/specs/setupchecksSpec.js | 80 +++++++++++++++++++++++++++++-----
 1 file changed, 69 insertions(+), 11 deletions(-)

(limited to 'core/js')

diff --git a/core/js/tests/specs/setupchecksSpec.js b/core/js/tests/specs/setupchecksSpec.js
index e22fb35102e..30c2ad9c5f0 100644
--- a/core/js/tests/specs/setupchecksSpec.js
+++ b/core/js/tests/specs/setupchecksSpec.js
@@ -170,7 +170,8 @@ describe('OC.SetupChecks tests', function() {
 					cronErrors: [],
 					cronInfo: {
 						diffInSeconds: 0
-					}
+					},
+					appDirsWithDifferentOwner: []
 				})
 			);
 
@@ -217,7 +218,8 @@ describe('OC.SetupChecks tests', function() {
 					cronErrors: [],
 					cronInfo: {
 						diffInSeconds: 0
-					}
+					},
+					appDirsWithDifferentOwner: []
 				})
 			);
 
@@ -265,7 +267,8 @@ describe('OC.SetupChecks tests', function() {
 					cronErrors: [],
 					cronInfo: {
 						diffInSeconds: 0
-					}
+					},
+					appDirsWithDifferentOwner: []
 				})
 			);
 
@@ -311,7 +314,8 @@ describe('OC.SetupChecks tests', function() {
 					cronErrors: [],
 					cronInfo: {
 						diffInSeconds: 0
-					}
+					},
+					appDirsWithDifferentOwner: []
 				})
 			);
 
@@ -355,7 +359,8 @@ describe('OC.SetupChecks tests', function() {
 					cronErrors: [],
 					cronInfo: {
 						diffInSeconds: 0
-					}
+					},
+					appDirsWithDifferentOwner: []
 				})
 			);
 
@@ -368,6 +373,53 @@ describe('OC.SetupChecks tests', function() {
 			});
 		});
 
+		it('should return a warning if there are app directories with wrong permissions', function(done) {
+			var async = OC.SetupChecks.checkSetup();
+
+			suite.server.requests[0].respond(
+				200,
+				{
+					'Content-Type': 'application/json',
+				},
+				JSON.stringify({
+					hasFileinfoInstalled: true,
+					isGetenvServerWorking: true,
+					isReadOnlyConfig: false,
+					hasWorkingFileLocking: true,
+					hasValidTransactionIsolationLevel: true,
+					suggestedOverwriteCliURL: '',
+					isUrandomAvailable: true,
+					securityDocs: 'https://docs.owncloud.org/myDocs.html',
+					serverHasInternetConnection: true,
+					isMemcacheConfigured: true,
+					forwardedForHeadersWorking: true,
+					isCorrectMemcachedPHPModuleInstalled: true,
+					hasPassedCodeIntegrityCheck: true,
+					isOpcacheProperlySetup: true,
+					hasOpcacheLoaded: true,
+					isSettimelimitAvailable: true,
+					hasFreeTypeSupport: true,
+					missingIndexes: [],
+					outdatedCaches: [],
+					cronErrors: [],
+					cronInfo: {
+						diffInSeconds: 0
+					},
+					appDirsWithDifferentOwner: [
+						'/some/path'
+					]
+				})
+			);
+
+			async.done(function( data, s, x ){
+				expect(data).toEqual([{
+					msg: 'Some app directories are owned by a different user than the web server one. This may be the case if apps have been installed manually. Check the permissions of the following app directories:<ul><li>/some/path</li></ul>',
+					type: OC.SetupChecks.MESSAGE_TYPE_WARNING
+				}]);
+				done();
+			});
+		});
+
 		it('should return an error if the forwarded for headers are not working', function(done) {
 			var async = OC.SetupChecks.checkSetup();
 
@@ -399,7 +451,8 @@ describe('OC.SetupChecks tests', function() {
 					cronErrors: [],
 					cronInfo: {
 						diffInSeconds: 0
-					}
+					},
+					appDirsWithDifferentOwner: []
 				})
 			);
 
@@ -443,7 +496,8 @@ describe('OC.SetupChecks tests', function() {
 					cronErrors: [],
 					cronInfo: {
 						diffInSeconds: 0
-					}
+					},
+					appDirsWithDifferentOwner: []
 				})
 			);
 
@@ -508,7 +562,8 @@ describe('OC.SetupChecks tests', function() {
 					cronErrors: [],
 					cronInfo: {
 						diffInSeconds: 0
-					}
+					},
+					appDirsWithDifferentOwner: []
 				})
 			);
 
@@ -553,7 +608,8 @@ describe('OC.SetupChecks tests', function() {
 					cronErrors: [],
 					cronInfo: {
 						diffInSeconds: 0
-					}
+					},
+					appDirsWithDifferentOwner: []
 				})
 			);
 
@@ -598,7 +654,8 @@ describe('OC.SetupChecks tests', function() {
 					cronErrors: [],
 					cronInfo: {
 						diffInSeconds: 0
-					}
+					},
+					appDirsWithDifferentOwner: []
 				})
 			);
 
@@ -643,7 +700,8 @@ describe('OC.SetupChecks tests', function() {
 					cronErrors: [],
 					cronInfo: {
 						diffInSeconds: 0
-					}
+					},
+					appDirsWithDifferentOwner: []
 				})
 			);
 
-- 
cgit v1.2.3


From e89567eb53adac4655e4eb342788dc30758afcf3 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@arthur-schiwon.de>
Date: Wed, 15 Aug 2018 15:21:01 +0200
Subject: Take base permissions from DAV, fixes #10516

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
---
 core/js/shareitemmodel.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'core/js')

diff --git a/core/js/shareitemmodel.js b/core/js/shareitemmodel.js
index 241b9c19c0d..c28d85efbf0 100644
--- a/core/js/shareitemmodel.js
+++ b/core/js/shareitemmodel.js
@@ -777,7 +777,7 @@
 				return {};
 			}
 
-			var permissions = this.get('possiblePermissions');
+			var permissions = this.fileInfoModel.get('permissions');
 			if(!_.isUndefined(data.reshare) && !_.isUndefined(data.reshare.permissions) && data.reshare.uid_owner !== OC.currentUser) {
 				permissions = permissions & data.reshare.permissions;
 			}
-- 
cgit v1.2.3


From be873c234b077f48472f1d46f1998343e815fe86 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@arthur-schiwon.de>
Date: Thu, 16 Aug 2018 23:08:15 +0200
Subject: adapt jsunit test

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
---
 core/js/tests/specs/shareitemmodelSpec.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'core/js')

diff --git a/core/js/tests/specs/shareitemmodelSpec.js b/core/js/tests/specs/shareitemmodelSpec.js
index 0a345786b73..2e89b2e3cda 100644
--- a/core/js/tests/specs/shareitemmodelSpec.js
+++ b/core/js/tests/specs/shareitemmodelSpec.js
@@ -345,7 +345,7 @@ describe('OC.Share.ShareItemModel', function() {
 			}]));
 			fetchSharesDeferred.resolve(makeOcsResponse([]));
 
-			model.set('possiblePermissions', OC.PERMISSION_READ);
+			model.fileInfoModel.set('permissions', OC.PERMISSION_READ);
 			model.fetch();
 
 			// no resharing allowed
-- 
cgit v1.2.3