From 6e0e6212188aa4a1d57339fa2ee4afd548414d1a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?= <thomas.mueller@tmit.eu>
Date: Tue, 22 Oct 2013 11:10:07 +0200
Subject: [PATCH 1/2] creating and deleting of file and folder 'Shared' in root
 is not allowed

---
 lib/private/connector/sabre/directory.php | 17 ++++++++++++++---
 lib/private/connector/sabre/file.php      |  4 ++++
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/lib/private/connector/sabre/directory.php b/lib/private/connector/sabre/directory.php
index c51f84bf67..02d1a9f4ba 100644
--- a/lib/private/connector/sabre/directory.php
+++ b/lib/private/connector/sabre/directory.php
@@ -50,6 +50,10 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa
 	 */
 	public function createFile($name, $data = null) {
 
+		if ($name === 'Shared' && empty($this->path)) {
+			throw new \Sabre_DAV_Exception_Forbidden();
+		}
+
 		// for chunked upload also updating a existing file is a "createFile"
 		// because we create all the chunks before reasamble them to the existing file.
 		if (isset($_SERVER['HTTP_OC_CHUNKED'])) {
@@ -82,6 +86,10 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa
 	 */
 	public function createDirectory($name) {
 
+		if ($name === 'Shared' && empty($this->path)) {
+			throw new \Sabre_DAV_Exception_Forbidden();
+		}
+
 		if (!\OC\Files\Filesystem::isCreatable($this->path)) {
 			throw new \Sabre_DAV_Exception_Forbidden();
 		}
@@ -187,12 +195,15 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa
 	 */
 	public function delete() {
 
+		if ($this->path === 'Shared') {
+			throw new \Sabre_DAV_Exception_Forbidden();
+		}
+
 		if (!\OC\Files\Filesystem::isDeletable($this->path)) {
 			throw new \Sabre_DAV_Exception_Forbidden();
 		}
-		if ($this->path != "/Shared") {
-			\OC\Files\Filesystem::rmdir($this->path);
-		}
+
+		\OC\Files\Filesystem::rmdir($this->path);
 
 	}
 
diff --git a/lib/private/connector/sabre/file.php b/lib/private/connector/sabre/file.php
index 3402946a13..7b8462cae5 100644
--- a/lib/private/connector/sabre/file.php
+++ b/lib/private/connector/sabre/file.php
@@ -143,6 +143,10 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements Sabre_D
 	 */
 	public function delete() {
 
+		if ($this->path === 'Shared') {
+			throw new \Sabre_DAV_Exception_Forbidden();
+		}
+
 		if (!\OC\Files\Filesystem::isDeletable($this->path)) {
 			throw new \Sabre_DAV_Exception_Forbidden();
 		}

From f62c4eafa549a26efcce025e3b33ed87cbce5fd4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?= <thomas.mueller@tmit.eu>
Date: Tue, 22 Oct 2013 11:22:06 +0200
Subject: [PATCH 2/2] test cases added for create/remove Shared folder and file

---
 tests/lib/connector/sabre/directory.php | 34 +++++++++++++++++++++++++
 tests/lib/connector/sabre/file.php      |  7 +++++
 2 files changed, 41 insertions(+)
 create mode 100644 tests/lib/connector/sabre/directory.php

diff --git a/tests/lib/connector/sabre/directory.php b/tests/lib/connector/sabre/directory.php
new file mode 100644
index 0000000000..c501521b60
--- /dev/null
+++ b/tests/lib/connector/sabre/directory.php
@@ -0,0 +1,34 @@
+<?php
+/**
+ * Copyright (c) 2013 Thomas Müller <thomas.mueller@tmit.eu>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+class Test_OC_Connector_Sabre_Directory extends PHPUnit_Framework_TestCase {
+
+	/**
+	 * @expectedException Sabre_DAV_Exception_Forbidden
+	 */
+	public function testCreateSharedFileFails() {
+		$dir = new OC_Connector_Sabre_Directory('');
+		$dir->createFile('Shared');
+	}
+
+	/**
+	 * @expectedException Sabre_DAV_Exception_Forbidden
+	 */
+	public function testCreateSharedFolderFails() {
+		$dir = new OC_Connector_Sabre_Directory('');
+		$dir->createDirectory('Shared');
+	}
+
+	/**
+	 * @expectedException Sabre_DAV_Exception_Forbidden
+	 */
+	public function testDeleteSharedFolderFails() {
+		$dir = new OC_Connector_Sabre_Directory('Shared');
+		$dir->delete();
+	}
+}
diff --git a/tests/lib/connector/sabre/file.php b/tests/lib/connector/sabre/file.php
index a1dade3d63..e1fed0384c 100644
--- a/tests/lib/connector/sabre/file.php
+++ b/tests/lib/connector/sabre/file.php
@@ -35,4 +35,11 @@ class Test_OC_Connector_Sabre_File extends PHPUnit_Framework_TestCase {
 		$etag = $file->put('test data');
 	}
 
+	/**
+	 * @expectedException Sabre_DAV_Exception_Forbidden
+	 */
+	public function testDeleteSharedFails() {
+		$file = new OC_Connector_Sabre_File('Shared');
+		$file->delete();
+	}
 }