Do not allow adding file drop shares to your own cloud

There is no reason for this and you can't create such shares normally
anyway.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2021-04-19 09:08:32 +02:00 committed by backportbot[bot]
parent 9b86f5f674
commit 95c65f756e
2 changed files with 23 additions and 10 deletions

View File

@ -37,6 +37,7 @@ use OCA\FederatedFileSharing\FederatedShareProvider;
use OCP\AppFramework\Controller; use OCP\AppFramework\Controller;
use OCP\AppFramework\Http; use OCP\AppFramework\Http;
use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Http\JSONResponse;
use OCP\Constants;
use OCP\Federation\ICloudIdManager; use OCP\Federation\ICloudIdManager;
use OCP\Http\Client\IClientService; use OCP\Http\Client\IClientService;
use OCP\IL10N; use OCP\IL10N;
@ -157,6 +158,15 @@ class MountPublicLinkController extends Controller {
return $response; return $response;
} }
if (($share->getPermissions() & Constants::PERMISSION_READ) === 0) {
$response = new JSONResponse(
['message' => 'Mounting file drop not supported'],
Http::STATUS_BAD_REQUEST
);
$response->throttle();
return $response;
}
$share->setSharedWith($shareWith); $share->setSharedWith($shareWith);
$share->setShareType(IShare::TYPE_REMOTE); $share->setShareType(IShare::TYPE_REMOTE);

View File

@ -138,7 +138,8 @@ class MountPublicLinkControllerTest extends \Test\TestCase {
$token, $token,
$validToken, $validToken,
$createSuccessful, $createSuccessful,
$expectedReturnData $expectedReturnData,
$permissions
) { ) {
$this->federatedShareProvider->expects($this->any()) $this->federatedShareProvider->expects($this->any())
->method('isOutgoingServer2serverShareEnabled') ->method('isOutgoingServer2serverShareEnabled')
@ -156,6 +157,7 @@ class MountPublicLinkControllerTest extends \Test\TestCase {
); );
$share = $this->share; $share = $this->share;
$share->setPermissions($permissions);
$this->shareManager->expects($this->any())->method('getShareByToken') $this->shareManager->expects($this->any())->method('getShareByToken')
->with($token) ->with($token)
@ -198,15 +200,16 @@ class MountPublicLinkControllerTest extends \Test\TestCase {
public function dataTestCreateFederatedShare() { public function dataTestCreateFederatedShare() {
return [ return [
//shareWith, outgoingSharesAllowed, validShareWith, token, validToken, createSuccessful, expectedReturnData //shareWith, outgoingSharesAllowed, validShareWith, token, validToken, createSuccessful, expectedReturnData
['user@server', true, true, 'token', true, true, 'server'], ['user@server', true, true, 'token', true, true, 'server', 31],
['user@server', true, false, 'token', true, true, 'invalid federated cloud id'], ['user@server', true, true, 'token', false, false, 'server', 4],
['user@server', true, false, 'token', false, true, 'invalid federated cloud id'], ['user@server', true, false, 'token', true, true, 'invalid federated cloud id', 31],
['user@server', true, false, 'token', false, false, 'invalid federated cloud id'], ['user@server', true, false, 'token', false, true, 'invalid federated cloud id', 31],
['user@server', true, false, 'token', true, false, 'invalid federated cloud id'], ['user@server', true, false, 'token', false, false, 'invalid federated cloud id', 31],
['user@server', true, true, 'token', false, true, 'invalid token'], ['user@server', true, false, 'token', true, false, 'invalid federated cloud id', 31],
['user@server', true, true, 'token', false, false, 'invalid token'], ['user@server', true, true, 'token', false, true, 'invalid token', 31],
['user@server', true, true, 'token', true, false, 'can not create share'], ['user@server', true, true, 'token', false, false, 'invalid token', 31],
['user@server', false, true, 'token', true, true, 'This server doesn\'t support outgoing federated shares'], ['user@server', true, true, 'token', true, false, 'can not create share', 31],
['user@server', false, true, 'token', true, true, 'This server doesn\'t support outgoing federated shares', 31],
]; ];
} }
} }