mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

tokens can't be valid local user names 

this saves searching for shares on non-public link dav requests

Signed-off-by: Robin Appelman <robin@icewind.nl>
This commit is contained in:
Robin Appelman 2018-08-16 20:39:51 +02:00
parent 8c2b76bef0
commit b3c714db75
No known key found for this signature in database
GPG Key ID: 42B69D8A64526EFB
2 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
lib/private/Files/View.php
View File

@ -1438,16 +1438,21 @@ class View {
$contents = $cache->getFolderContentsById($folderId); //TODO: mimetype_filter $contents = $cache->getFolderContentsById($folderId); //TODO: mimetype_filter
$sharingDisabled = \OCP\Util::isSharingDisabledForUser(); $sharingDisabled = \OCP\Util::isSharingDisabledForUser();
$fileNames = array_map(function(ICacheEntry $content) {
return $content->getName();
}, $contents);
/** /**
* @var \OC\Files\FileInfo[] $files * @var \OC\Files\FileInfo[] $fileInfos
*/ */
$files = array_map(function (ICacheEntry $content) use ($path, $storage, $mount, $sharingDisabled) { $fileInfos = array_map(function (ICacheEntry $content) use ($path, $storage, $mount, $sharingDisabled) {
if ($sharingDisabled) { if ($sharingDisabled) {
$content['permissions'] = $content['permissions'] & ~\OCP\Constants::PERMISSION_SHARE; $content['permissions'] = $content['permissions'] & ~\OCP\Constants::PERMISSION_SHARE;
} }
$owner = $this->getUserObjectForOwner($storage->getOwner($content['path'])); $owner = $this->getUserObjectForOwner($storage->getOwner($content['path']));
return new FileInfo($path . '/' . $content['name'], $storage, $content['path'], $content, $mount, $owner); return new FileInfo($path . '/' . $content['name'], $storage, $content['path'], $content, $mount, $owner);
}, $contents); }, $contents);
$files = array_combine($fileNames, $fileInfos);
//add a folder for any mountpoint in this directory and add the sizes of other mountpoints to the folders //add a folder for any mountpoint in this directory and add the sizes of other mountpoints to the folders
$mounts = Filesystem::getMountManager()->findIn($path); $mounts = Filesystem::getMountManager()->findIn($path);
@ -1502,13 +1507,6 @@ class View {
$rootEntry['permissions'] = $permissions & (\OCP\Constants::PERMISSION_ALL - (\OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE)); $rootEntry['permissions'] = $permissions & (\OCP\Constants::PERMISSION_ALL - (\OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE));
} }
//remove any existing entry with the same name
foreach ($files as $i => $file) {
if ($file['name'] === $rootEntry['name']) {
unset($files[$i]);
break;
}
}
$rootEntry['path'] = substr(Filesystem::normalizePath($path . '/' . $rootEntry['name']), strlen($user) + 2); // full path without /$user/ $rootEntry['path'] = substr(Filesystem::normalizePath($path . '/' . $rootEntry['name']), strlen($user) + 2); // full path without /$user/
// if sharing was disabled for the user we remove the share permissions // if sharing was disabled for the user we remove the share permissions
@ -1517,7 +1515,7 @@ class View {
} }
$owner = $this->getUserObjectForOwner($subStorage->getOwner('')); $owner = $this->getUserObjectForOwner($subStorage->getOwner(''));
$files[] = new FileInfo($path . '/' . $rootEntry['name'], $subStorage, '', $rootEntry, $mount, $owner); $files[$rootEntry->getName()] = new FileInfo($path . '/' . $rootEntry['name'], $subStorage, '', $rootEntry, $mount, $owner);
} }
} }
} }
@ -1533,7 +1531,7 @@ class View {
}); });
} }
return $files; return array_values($files);
} else { } else {
return []; return [];
} }

4
lib/private/Share20/Manager.php
View File

@ -1177,6 +1177,10 @@ class Manager implements IManager {
* @throws ShareNotFound * @throws ShareNotFound
*/ */
public function getShareByToken($token) { public function getShareByToken($token) {
// tokens can't be valid local user names
if ($this->userManager->userExists($token)) {
throw new ShareNotFound();
}
$share = null; $share = null;
try { try {
if($this->shareApiAllowLinks()) { if($this->shareApiAllowLinks()) {