From 40931a8b0d5d10c0f711756a4e8a423ff055621e Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Fri, 16 Jan 2015 18:11:13 +0100 Subject: Fix getItemSharedWithUser for groups Fixed SQL query for whenever a user has more than one group. Added missing $owner where clause for group lookup. Added unit tests for the group cases. --- lib/private/share/share.php | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) (limited to 'lib/private') diff --git a/lib/private/share/share.php b/lib/private/share/share.php index f61f65f35a7..e85f9f06ed3 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -337,17 +337,26 @@ class Share extends \OC\Share\Constants { if(empty($shares) && $user !== null) { $groups = \OC_Group::getUserGroups($user); - $query = \OC_DB::prepare( - 'SELECT * - FROM - `*PREFIX*share` - WHERE - `' . $column . '` = ? AND `item_type` = ? AND `share_with` in (?)' + $where = 'WHERE `' . $column . '` = ? AND `item_type` = ? AND `share_with` in (?)'; + $arguments = array($itemSource, $itemType, $groups); + $types = array(null, null, \Doctrine\DBAL\Connection::PARAM_STR_ARRAY); + + if ($owner !== null) { + $where .= ' AND `uid_owner` = ?'; + $arguments[] = $owner; + $types[] = null; + } + + // TODO: inject connection, hopefully one day in the future when this + // class isn't static anymore... + $conn = \OC_DB::getConnection(); + $result = $conn->executeQuery( + 'SELECT * FROM `*PREFIX*share` ' . $where, + $arguments, + $types ); - $result = \OC_DB::executeAudited($query, array($itemSource, $itemType, implode(',', $groups))); - - while ($row = $result->fetchRow()) { + while ($row = $result->fetch()) { $shares[] = $row; } } -- cgit v1.2.3