From 9ce5e4b01fcc8bf1805e97e162dd28bba3a7d251 Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Wed, 30 Mar 2016 13:33:16 +0200 Subject: [PATCH] Non moveable mount points should always be UPDATE+DELETE shareable Fixes #23536 The new sharing code is much stricter in checking permissions. However for non moveable mounts the permissions UPDATE+DELETE are not reported on the mount point. This is just a quick fix. * Updated unit tests --- lib/private/Share20/Manager.php | 14 +++++++++++++- tests/lib/share20/managertest.php | 11 +++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 4737de002c..1c9d4d8227 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -23,6 +23,7 @@ namespace OC\Share20; +use OC\Files\Mount\MoveableMount; use OCP\Files\IRootFolder; use OCP\Files\NotFoundException; use OCP\IUserManager; @@ -215,8 +216,19 @@ class Manager implements IManager { throw new \InvalidArgumentException('A share requires permissions'); } + /* + * Quick fix for #23536 + * Non moveable mount points do not have update and delete permissions + * while we 'most likely' do have that on the storage. + */ + $permissions = $share->getNode()->getPermissions(); + $mount = $share->getNode()->getMountPoint(); + if (!($mount instanceof MoveableMount)) { + $permissions |= \OCP\Constants::PERMISSION_DELETE | \OCP\Constants::PERMISSION_UPDATE; + } + // Check that we do not share with more permissions than we have - if ($share->getPermissions() & ~$share->getNode()->getPermissions()) { + if ($share->getPermissions() & ~$permissions) { $message_t = $this->l->t('Cannot increase permissions of %s', [$share->getNode()->getPath()]); throw new GenericShareException($message_t, $message_t, 404); } diff --git a/tests/lib/share20/managertest.php b/tests/lib/share20/managertest.php index 2f45de86b9..029c8cd854 100644 --- a/tests/lib/share20/managertest.php +++ b/tests/lib/share20/managertest.php @@ -640,10 +640,21 @@ class ManagerTest extends \Test\TestCase { $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $limitedPermssions, $group0, $user0, $user0, null, null, null), 'A share requires permissions', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $limitedPermssions, null, $user0, $user0, null, null, null), 'A share requires permissions', true]; + $mount = $this->getMock('OC\Files\Mount\MoveableMount'); + $limitedPermssions->method('getMountPoint')->willReturn($mount); + $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $limitedPermssions, $user2, $user0, $user0, 31, null, null), 'Cannot increase permissions of path', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $limitedPermssions, $group0, $user0, $user0, 17, null, null), 'Cannot increase permissions of path', true]; $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $limitedPermssions, null, $user0, $user0, 3, null, null), 'Cannot increase permissions of path', true]; + $nonMoveableMountPermssions = $this->getMock('\OCP\Files\File'); + $nonMoveableMountPermssions->method('isShareable')->willReturn(true); + $nonMoveableMountPermssions->method('getPermissions')->willReturn(\OCP\Constants::PERMISSION_READ); + $nonMoveableMountPermssions->method('getPath')->willReturn('path'); + + $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_USER, $nonMoveableMountPermssions, $user2, $user0, $user0, 11, null, null), 'Cannot increase permissions of path', false]; + $data[] = [$this->createShare(null, \OCP\Share::SHARE_TYPE_GROUP, $nonMoveableMountPermssions, $group0, $user0, $user0, 11, null, null), 'Cannot increase permissions of path', false]; + $rootFolder = $this->getMock('\OCP\Files\Folder'); $rootFolder->method('isShareable')->willReturn(true); $rootFolder->method('getPermissions')->willReturn(\OCP\Constants::PERMISSION_ALL);