diff --git a/lib/private/share/share.php b/lib/private/share/share.php index f61f65f35a..e85f9f06ed 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -337,17 +337,26 @@ class Share extends \OC\Share\Constants { if(empty($shares) && $user !== null) { $groups = \OC_Group::getUserGroups($user); - $query = \OC_DB::prepare( - 'SELECT * - FROM - `*PREFIX*share` - WHERE - `' . $column . '` = ? AND `item_type` = ? AND `share_with` in (?)' + $where = 'WHERE `' . $column . '` = ? AND `item_type` = ? AND `share_with` in (?)'; + $arguments = array($itemSource, $itemType, $groups); + $types = array(null, null, \Doctrine\DBAL\Connection::PARAM_STR_ARRAY); + + if ($owner !== null) { + $where .= ' AND `uid_owner` = ?'; + $arguments[] = $owner; + $types[] = null; + } + + // TODO: inject connection, hopefully one day in the future when this + // class isn't static anymore... + $conn = \OC_DB::getConnection(); + $result = $conn->executeQuery( + 'SELECT * FROM `*PREFIX*share` ' . $where, + $arguments, + $types ); - $result = \OC_DB::executeAudited($query, array($itemSource, $itemType, implode(',', $groups))); - - while ($row = $result->fetchRow()) { + while ($row = $result->fetch()) { $shares[] = $row; } } diff --git a/tests/lib/share/share.php b/tests/lib/share/share.php index b8abfa29a8..b1261b0afb 100644 --- a/tests/lib/share/share.php +++ b/tests/lib/share/share.php @@ -692,6 +692,41 @@ class Test_Share extends \Test\TestCase { $this->verifyResult($result4, array('target1', 'target2', 'target3', 'target4')); } + public function testGetItemSharedWithUserFromGroupShare() { + OC_User::setUserId($this->user1); + + //add dummy values to the share table + $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` (' + .' `item_type`, `item_source`, `item_target`, `share_type`,' + .' `share_with`, `uid_owner`) VALUES (?,?,?,?,?,?)'); + $args = array('test', 99, 'target1', OCP\Share::SHARE_TYPE_GROUP, $this->group1, $this->user1); + $query->execute($args); + $args = array('test', 99, 'target2', OCP\Share::SHARE_TYPE_GROUP, $this->group2, $this->user1); + $query->execute($args); + $args = array('test', 99, 'target3', OCP\Share::SHARE_TYPE_GROUP, $this->group1, $this->user2); + $query->execute($args); + $args = array('test', 99, 'target4', OCP\Share::SHARE_TYPE_GROUP, $this->group1, $this->user4); + $query->execute($args); + + // user2 is in group1 and group2 + $result1 = \OCP\Share::getItemSharedWithUser('test', 99, $this->user2, $this->user1); + $this->assertSame(2, count($result1)); + $this->verifyResult($result1, array('target1', 'target2')); + + $result2 = \OCP\Share::getItemSharedWithUser('test', 99, null, $this->user1); + $this->assertSame(2, count($result2)); + $this->verifyResult($result2, array('target1', 'target2')); + + // user3 is in group1 and group2 + $result3 = \OCP\Share::getItemSharedWithUser('test', 99, $this->user3); + $this->assertSame(3, count($result3)); + $this->verifyResult($result3, array('target1', 'target3', 'target4')); + + $result4 = \OCP\Share::getItemSharedWithUser('test', 99, null, null); + $this->assertSame(4, count($result4)); + $this->verifyResult($result4, array('target1', 'target2', 'target3', 'target4')); + } + public function verifyResult($result, $expected) { foreach ($result as $r) { if (in_array($r['item_target'], $expected)) {