[Sharing 2.0] Some error cases report 404 instead of 403

This commit is contained in:
Roeland Jago Douma 2016-01-06 11:34:12 +01:00
parent 26280e1f19
commit 1358e5dcd9
2 changed files with 16 additions and 8 deletions

View File

@ -33,6 +33,7 @@ use OCP\Files\Folder;
use OCP\IUser; use OCP\IUser;
use OC\Share20\Exception\ShareNotFound; use OC\Share20\Exception\ShareNotFound;
use OC\HintException;
/** /**
* This class is the communication hub for all sharing related operations. * This class is the communication hub for all sharing related operations.
@ -175,7 +176,8 @@ class Manager {
// Check if we actually have share permissions // Check if we actually have share permissions
if (!$share->getPath()->isShareable()) { if (!$share->getPath()->isShareable()) {
throw new \InvalidArgumentException('Path is not shareable'); $message_t = $this->l->t('You are not allowed to share %s', [$share->getPath()->getPath()]);
throw new HintException($message_t, $message_t, 404);
} }
// Permissions should be set // Permissions should be set
@ -185,7 +187,8 @@ class Manager {
// Check that we do not share with more permissions than we have // Check that we do not share with more permissions than we have
if ($share->getPermissions() & ~$share->getPath()->getPermissions()) { if ($share->getPermissions() & ~$share->getPath()->getPermissions()) {
throw new \InvalidArgumentException('Cannot increase permissions'); $message_t = $this->l->t('Cannot increase permissions of %s', [$share->getPath()->getPath()]);
throw new HintException($message_t, $message_t, 404);
} }
// Check that read permissions are always set // Check that read permissions are always set

View File

@ -530,22 +530,24 @@ class ManagerTest extends \Test\TestCase {
$nonShareAble = $this->getMock('\OCP\Files\Folder'); $nonShareAble = $this->getMock('\OCP\Files\Folder');
$nonShareAble->method('isShareable')->willReturn(false); $nonShareAble->method('isShareable')->willReturn(false);
$nonShareAble->method('getPath')->willReturn('path');
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $nonShareAble, $user2, $user, $user, 31, null, null), 'Path is not shareable', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $nonShareAble, $user2, $user, $user, 31, null, null), 'You are not allowed to share path', true];
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $nonShareAble, $group, $user, $user, 31, null, null), 'Path is not shareable', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $nonShareAble, $group, $user, $user, 31, null, null), 'You are not allowed to share path', true];
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $nonShareAble, null, $user, $user, 31, null, null), 'Path is not shareable', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $nonShareAble, null, $user, $user, 31, null, null), 'You are not allowed to share path', true];
$limitedPermssions = $this->getMock('\OCP\Files\File'); $limitedPermssions = $this->getMock('\OCP\Files\File');
$limitedPermssions->method('isShareable')->willReturn(true); $limitedPermssions->method('isShareable')->willReturn(true);
$limitedPermssions->method('getPermissions')->willReturn(\OCP\Constants::PERMISSION_READ); $limitedPermssions->method('getPermissions')->willReturn(\OCP\Constants::PERMISSION_READ);
$limitedPermssions->method('getPath')->willReturn('path');
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $limitedPermssions, $user2, $user, $user, null, null, null), 'A share requires permissions', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $limitedPermssions, $user2, $user, $user, null, null, null), 'A share requires permissions', true];
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $limitedPermssions, $group, $user, $user, null, null, null), 'A share requires permissions', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $limitedPermssions, $group, $user, $user, null, null, null), 'A share requires permissions', true];
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $limitedPermssions, null, $user, $user, null, null, null), 'A share requires permissions', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $limitedPermssions, null, $user, $user, null, null, null), 'A share requires permissions', true];
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $limitedPermssions, $user2, $user, $user, 31, null, null), 'Cannot increase permissions', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $limitedPermssions, $user2, $user, $user, 31, null, null), 'Cannot increase permissions of path', true];
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $limitedPermssions, $group, $user, $user, 17, null, null), 'Cannot increase permissions', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $limitedPermssions, $group, $user, $user, 17, null, null), 'Cannot increase permissions of path', true];
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $limitedPermssions, null, $user, $user, 3, null, null), 'Cannot increase permissions', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $limitedPermssions, null, $user, $user, 3, null, null), 'Cannot increase permissions of path', true];
$allPermssions = $this->getMock('\OCP\Files\Folder'); $allPermssions = $this->getMock('\OCP\Files\Folder');
$allPermssions->method('isShareable')->willReturn(true); $allPermssions->method('isShareable')->willReturn(true);
@ -574,6 +576,9 @@ class ManagerTest extends \Test\TestCase {
try { try {
$this->invokePrivate($this->manager, 'generalCreateChecks', [$share]); $this->invokePrivate($this->manager, 'generalCreateChecks', [$share]);
$thrown = false; $thrown = false;
} catch (\OC\HintException $e) {
$this->assertEquals($exceptionMessage, $e->getHint());
$thrown = true;
} catch(\InvalidArgumentException $e) { } catch(\InvalidArgumentException $e) {
$this->assertEquals($exceptionMessage, $e->getMessage()); $this->assertEquals($exceptionMessage, $e->getMessage());
$thrown = true; $thrown = true;