From 6641af720da6dec69e8f185eaab35d36836ee8a1 Mon Sep 17 00:00:00 2001 From: Michael Gapczynski Date: Sat, 10 Nov 2012 00:31:52 -0500 Subject: [PATCH] Check if resharing is allowed by the admin, fixes issue #341 --- lib/public/share.php | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/lib/public/share.php b/lib/public/share.php index 107b54615b..47726fbbe7 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -58,6 +58,7 @@ class Share { private static $shareTypeGroupUserUnique = 2; private static $backends = array(); private static $backendTypes = array(); + private static $isResharingAllowed; /** * @brief Register a sharing backend class that implements OCP\Share_Backend for an item type @@ -482,6 +483,24 @@ class Share { throw new \Exception($message); } + /** + * @brief Check if resharing is allowed + * @return Returns true if allowed or false + * + * Resharing is allowed by default if not configured + * + */ + private static function isResharingAllowed() { + if (!isset(self::$isResharingAllowed)) { + if (\OC_Appconfig::getValue('core', 'shareapi_allow_resharing', 'yes') == 'yes') { + self::$isResharingAllowed = true; + } else { + self::$isResharingAllowed = false; + } + } + return self::$isResharingAllowed; + } + /** * @brief Get a list of collection item types for the specified item type * @param string Item type @@ -726,6 +745,10 @@ class Share { continue; } } + // Check if resharing is allowed, if not remove share permission + if (isset($row['permissions']) && !self::isResharingAllowed()) { + $row['permissions'] &= ~self::PERMISSION_SHARE; + } $items[$row['id']] = $row; } if (!empty($items)) { @@ -844,7 +867,7 @@ class Share { throw new \Exception($message); } // Check if share permissions is granted - if ((int)$checkReshare['permissions'] & self::PERMISSION_SHARE) { + if (self::isResharingAllowed() && (int)$checkReshare['permissions'] & self::PERMISSION_SHARE) { if (~(int)$checkReshare['permissions'] & $permissions) { $message = 'Sharing '.$itemSource.' failed, because the permissions exceed permissions granted to '.$uidOwner; \OC_Log::write('OCP\Share', $message, \OC_Log::ERROR);