Non moveable mount points should always be UPDATE+DELETE shareable
Fixes #23536 The new sharing code is much stricter in checking permissions. However for non moveable mounts the permissions UPDATE+DELETE are not reported on the mount point. This is just a quick fix. * Updated unit tests
This commit is contained in:
parent
456035a750
commit
2660cf80c3
|
@ -23,6 +23,7 @@
|
|||
|
||||
namespace OC\Share20;
|
||||
|
||||
use OC\Files\Mount\MoveableMount;
|
||||
use OCP\Files\IRootFolder;
|
||||
use OCP\Files\NotFoundException;
|
||||
use OCP\IUserManager;
|
||||
|
@ -215,8 +216,19 @@ class Manager implements IManager {
|
|||
throw new \InvalidArgumentException('A share requires permissions');
|
||||
}
|
||||
|
||||
/*
|
||||
* Quick fix for #23536
|
||||
* Non moveable mount points do not have update and delete permissions
|
||||
* while we 'most likely' do have that on the storage.
|
||||
*/
|
||||
$permissions = $share->getNode()->getPermissions();
|
||||
$mount = $share->getNode()->getMountPoint();
|
||||
if (!($mount instanceof MoveableMount)) {
|
||||
$permissions |= \OCP\Constants::PERMISSION_DELETE | \OCP\Constants::PERMISSION_UPDATE;
|
||||
}
|
||||
|
||||
// Check that we do not share with more permissions than we have
|
||||
if ($share->getPermissions() & ~$share->getNode()->getPermissions()) {
|
||||
if ($share->getPermissions() & ~$permissions) {
|
||||
$message_t = $this->l->t('Cannot increase permissions of %s', [$share->getNode()->getPath()]);
|
||||
throw new GenericShareException($message_t, $message_t, 404);
|
||||
}
|
||||
|
|
|
@ -640,10 +640,21 @@ class ManagerTest extends \Test\TestCase {
|
|||
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $limitedPermssions, $group0, $user0, $user0, null, null, null), 'A share requires permissions', true];
|
||||
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $limitedPermssions, null, $user0, $user0, null, null, null), 'A share requires permissions', true];
|
||||
|
||||
$mount = $this->getMock('OC\Files\Mount\MoveableMount');
|
||||
$limitedPermssions->method('getMountPoint')->willReturn($mount);
|
||||
|
||||
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $limitedPermssions, $user2, $user0, $user0, 31, null, null), 'Cannot increase permissions of path', true];
|
||||
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $limitedPermssions, $group0, $user0, $user0, 17, null, null), 'Cannot increase permissions of path', true];
|
||||
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $limitedPermssions, null, $user0, $user0, 3, null, null), 'Cannot increase permissions of path', true];
|
||||
|
||||
$nonMoveableMountPermssions = $this->getMock('\OCP\Files\File');
|
||||
$nonMoveableMountPermssions->method('isShareable')->willReturn(true);
|
||||
$nonMoveableMountPermssions->method('getPermissions')->willReturn(\OCP\Constants::PERMISSION_READ);
|
||||
$nonMoveableMountPermssions->method('getPath')->willReturn('path');
|
||||
|
||||
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $nonMoveableMountPermssions, $user2, $user0, $user0, 11, null, null), 'Cannot increase permissions of path', false];
|
||||
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $nonMoveableMountPermssions, $group0, $user0, $user0, 11, null, null), 'Cannot increase permissions of path', false];
|
||||
|
||||
$rootFolder = $this->getMock('\OCP\Files\Folder');
|
||||
$rootFolder->method('isShareable')->willReturn(true);
|
||||
$rootFolder->method('getPermissions')->willReturn(\OCP\Constants::PERMISSION_ALL);
|
||||
|
|
Loading…
Reference in New Issue