mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Non moveable mount points should always be UPDATE+DELETE shareable 

Fixes #23536

The new sharing code is much stricter in checking permissions. However
for non moveable mounts the permissions UPDATE+DELETE are not reported
on the mount point.

This is just a quick fix.

* Updated unit tests
This commit is contained in:
Roeland Jago Douma 2016-03-30 13:33:16 +02:00
parent 0e687993c8
commit 9ce5e4b01f
2 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/private/Share20/Manager.php
View File

@ -23,6 +23,7 @@
namespace OC\Share20;
use OC\Files\Mount\MoveableMount;
use OCP\Files\IRootFolder;
use OCP\Files\NotFoundException;
use OCP\IUserManager;
@ -215,8 +216,19 @@ class Manager implements IManager {
throw new \InvalidArgumentException('A share requires permissions');
}
/*
* Quick fix for #23536
* Non moveable mount points do not have update and delete permissions
* while we 'most likely' do have that on the storage.
*/
$permissions = $share->getNode()->getPermissions();
$mount = $share->getNode()->getMountPoint();
if (!($mount instanceof MoveableMount)) {
$permissions |= \OCP\Constants::PERMISSION_DELETE | \OCP\Constants::PERMISSION_UPDATE;
}
// Check that we do not share with more permissions than we have
if ($share->getPermissions() & ~$share->getNode()->getPermissions()) {
if ($share->getPermissions() & ~$permissions) {
$message_t = $this->l->t('Cannot increase permissions of %s', [$share->getNode()->getPath()]);
throw new GenericShareException($message_t, $message_t, 404);
}

11
tests/lib/share20/managertest.php
View File

@ -640,10 +640,21 @@ class ManagerTest extends \Test\TestCase {
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $limitedPermssions, $group0, $user0, $user0, null, null, null), 'A share requires permissions', true];
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $limitedPermssions, null, $user0, $user0, null, null, null), 'A share requires permissions', true];
$mount = $this->getMock('OC\Files\Mount\MoveableMount');
$limitedPermssions->method('getMountPoint')->willReturn($mount);
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $limitedPermssions, $user2, $user0, $user0, 31, null, null), 'Cannot increase permissions of path', true];
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $limitedPermssions, $group0, $user0, $user0, 17, null, null), 'Cannot increase permissions of path', true];
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $limitedPermssions, null, $user0, $user0, 3, null, null), 'Cannot increase permissions of path', true];
$nonMoveableMountPermssions = $this->getMock('\OCP\Files\File');
$nonMoveableMountPermssions->method('isShareable')->willReturn(true);
$nonMoveableMountPermssions->method('getPermissions')->willReturn(\OCP\Constants::PERMISSION_READ);
$nonMoveableMountPermssions->method('getPath')->willReturn('path');
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $nonMoveableMountPermssions, $user2, $user0, $user0, 11, null, null), 'Cannot increase permissions of path', false];
$data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $nonMoveableMountPermssions, $group0, $user0, $user0, 11, null, null), 'Cannot increase permissions of path', false];
$rootFolder = $this->getMock('\OCP\Files\Folder');
$rootFolder->method('isShareable')->willReturn(true);
$rootFolder->method('getPermissions')->willReturn(\OCP\Constants::PERMISSION_ALL);