Merge pull request #19793 from nextcloud/bugfix/noid/link-to-federated-reshare

Fix resharing of federated shares that were created out of links
2020-04-27 11:05:34 +02:00 · 2020-04-27 11:05:34 +02:00 · 1738e17e20
parent a64681a0fe 7a9469f282
commit 1738e17e20
6 changed files with 18 additions and 33 deletions
--- a/apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php
+++ b/apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php
@ -43,6 +43,7 @@ use OCP\IRequest;
 use OCP\ISession;
 use OCP\IUserSession;
 use OCP\Share\IManager;
+use OCP\Share\IShare;

 /**
 * Class MountPublicLinkController
@ -155,6 +156,7 @@ class MountPublicLinkController extends Controller {
 		}

 		$share->setSharedWith($shareWith);
+		$share->setShareType(IShare::TYPE_REMOTE);

 		try {
 			$this->federatedShareProvider->create($share);
--- a/apps/files_sharing/lib/Controller/ShareAPIController.php
+++ b/apps/files_sharing/lib/Controller/ShareAPIController.php
@ -492,15 +492,18 @@ class ShareAPIController extends OCSController {
 					throw new OCSNotFoundException($this->l->t('Public upload is only possible for publicly shared folders'));
 				}

-				$share->setPermissions(
-					Constants::PERMISSION_READ |
+				$permissions = Constants::PERMISSION_READ |
 					Constants::PERMISSION_CREATE |
 					Constants::PERMISSION_UPDATE |
-					Constants::PERMISSION_DELETE
-				);
+					Constants::PERMISSION_DELETE;
 			} else {
-				$share->setPermissions(Constants::PERMISSION_READ);
+				$permissions = Constants::PERMISSION_READ;
 			}
+			// TODO: It might make sense to have a dedicated setting to allow/deny converting link shares into federated ones
+			if ($this->shareManager->outgoingServer2ServerSharesAllowed()) {
+				$permissions |= Constants::PERMISSION_SHARE;
+			}
+			$share->setPermissions($permissions);

 			// Set password
 			if ($password !== '') {
--- a/apps/files_sharing/tests/ApiTest.php
+++ b/apps/files_sharing/tests/ApiTest.php
@ -203,7 +203,9 @@ class ApiTest extends TestCase {
 		$ocs->cleanup();

 		$data = $result->getData();
-		$this->assertEquals(1, $data['permissions']);
+		$this->assertEquals(\OCP\Constants::PERMISSION_READ |
+			\OCP\Constants::PERMISSION_SHARE,
+			$data['permissions']);
 		$this->assertEmpty($data['expiration']);
 		$this->assertTrue(is_string($data['token']));

@ -228,7 +230,8 @@ class ApiTest extends TestCase {
 			\OCP\Constants::PERMISSION_READ |
 			\OCP\Constants::PERMISSION_CREATE |
 			\OCP\Constants::PERMISSION_UPDATE |
-			\OCP\Constants::PERMISSION_DELETE,
+			\OCP\Constants::PERMISSION_DELETE |
+			\OCP\Constants::PERMISSION_SHARE,
 			$data['permissions']
 		);
 		$this->assertEmpty($data['expiration']);
--- a/build/integration/sharing_features/sharing-v1.feature
+++ b/build/integration/sharing_features/sharing-v1.feature
@ -91,7 +91,7 @@ Feature: sharing
    And the HTTP status code should be "200"
    And Share fields of last share match with
      | id | A_NUMBER |
-      | permissions | 15 |
+      | permissions | 31 |
      | expiration | +3 days |
      | url | AN_URL |
      | token | A_TOKEN |
@ -130,7 +130,7 @@ Feature: sharing
      | share_type | 3 |
      | file_source | A_NUMBER |
      | file_target | /FOLDER |
-      | permissions | 1 |
+      | permissions | 17 |
      | stime | A_NUMBER |
      | expiration | +3 days |
      | token | A_TOKEN |
@ -163,7 +163,7 @@ Feature: sharing
      | share_type | 3 |
      | file_source | A_NUMBER |
      | file_target | /FOLDER |
-      | permissions | 1 |
+      | permissions | 17 |
      | stime | A_NUMBER |
      | token | A_TOKEN |
      | storage | A_NUMBER |
--- a/lib/private/Share20/Manager.php
+++ b/lib/private/Share20/Manager.php
@ -625,11 +625,6 @@ class Manager implements IManager {
 			throw new \Exception('Link sharing is not allowed');
 		}

-		// Link shares by definition can't have share permissions
-		if ($share->getPermissions() & \OCP\Constants::PERMISSION_SHARE) {
-			throw new \InvalidArgumentException('Link shares can’t have reshare permissions');
-		}
-
 		// Check if public upload is allowed
 		if (!$this->shareApiLinkAllowPublicUpload() &&
 			($share->getPermissions() & (\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE))) {
--- a/tests/lib/Share20/ManagerTest.php
+++ b/tests/lib/Share20/ManagerTest.php
@ -1374,24 +1374,6 @@ class ManagerTest extends \Test\TestCase {
 	}


-	public function testLinkCreateChecksSharePermissions() {
-		$this->expectException(\Exception::class);
-		$this->expectExceptionMessage('Link shares can’t have reshare permissions');
-
-		$share = $this->manager->newShare();
-
-		$share->setPermissions(\OCP\Constants::PERMISSION_SHARE);
-
-		$this->config
-			->method('getAppValue')
-			->willReturnMap([
-				['core', 'shareapi_allow_links', 'yes', 'yes'],
-			]);
-
-		self::invokePrivate($this->manager, 'linkCreateChecks', [$share]);
-	}
-
-
 	public function testLinkCreateChecksNoPublicUpload() {
 		$this->expectException(\Exception::class);
 		$this->expectExceptionMessage('Public upload is not allowed');