Merge pull request #22660 from owncloud/fix_22656
Do not allow sharing of the users root folder
This commit is contained in:
commit
62d7885c3b
|
@ -506,3 +506,11 @@ Feature: sharing
|
|||
And file "myfile.txt" of user "user0" is shared with user "user1"
|
||||
When User "user1" uploads file "data/textfile.txt" to "/myfile.txt"
|
||||
Then the HTTP status code should be "204"
|
||||
|
||||
Scenario: Don't allow sharing of the root
|
||||
Given user "user0" exists
|
||||
And As an "user0"
|
||||
When creating a share with
|
||||
| path | / |
|
||||
| shareType | 3 |
|
||||
Then the OCS status code should be "403"
|
|
@ -197,6 +197,11 @@ class Manager implements IManager {
|
|||
throw new \InvalidArgumentException('Path should be either a file or a folder');
|
||||
}
|
||||
|
||||
// And you can't share your rootfolder
|
||||
if ($this->rootFolder->getUserFolder($share->getSharedBy())->isSubNode($share->getNode()) === false) {
|
||||
throw new \InvalidArgumentException('You can\'t share your root folder');
|
||||
}
|
||||
|
||||
// Check if we actually have share permissions
|
||||
if (!$share->getNode()->isShareable()) {
|
||||
$message_t = $this->l->t('You are not allowed to share %s', [$share->getNode()->getPath()]);
|
||||
|
|
|
@ -677,6 +677,9 @@ class ManagerTest extends \Test\TestCase {
|
|||
['group0', true],
|
||||
]));
|
||||
|
||||
$userFolder = $this->getMock('\OCP\Files\Folder');
|
||||
$this->rootFolder->method('getUserFolder')->willReturn($userFolder);
|
||||
|
||||
try {
|
||||
$this->invokePrivate($this->manager, 'generalCreateChecks', [$share]);
|
||||
$thrown = false;
|
||||
|
@ -691,6 +694,32 @@ class ManagerTest extends \Test\TestCase {
|
|||
$this->assertSame($exception, $thrown);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \InvalidArgumentException
|
||||
* @expectedExceptionMessage You can't share your root folder
|
||||
*/
|
||||
public function testGeneralCheckShareRoot() {
|
||||
$thrown = null;
|
||||
|
||||
$this->userManager->method('userExists')->will($this->returnValueMap([
|
||||
['user0', true],
|
||||
['user1', true],
|
||||
]));
|
||||
|
||||
$userFolder = $this->getMock('\OCP\Files\Folder');
|
||||
$userFolder->method('isSubNode')->with($userFolder)->willReturn(false);
|
||||
$this->rootFolder->method('getUserFolder')->willReturn($userFolder);
|
||||
|
||||
$share = $this->manager->newShare();
|
||||
|
||||
$share->setShareType(\OCP\Share::SHARE_TYPE_USER)
|
||||
->setSharedWith('user0')
|
||||
->setSharedBy('user1')
|
||||
->setNode($userFolder);
|
||||
|
||||
$this->invokePrivate($this->manager, 'generalCreateChecks', [$share]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \OCP\Share\Exceptions\GenericShareException
|
||||
* @expectedExceptionMessage Expiration date is in the past
|
||||
|
|
Loading…
Reference in New Issue