diff --git a/apps/files_sharing/lib/Controller/ShareAPIController.php b/apps/files_sharing/lib/Controller/ShareAPIController.php index 990571b778..1e121d8c86 100644 --- a/apps/files_sharing/lib/Controller/ShareAPIController.php +++ b/apps/files_sharing/lib/Controller/ShareAPIController.php @@ -35,8 +35,10 @@ use OCP\AppFramework\OCS\OCSException; use OCP\AppFramework\OCS\OCSForbiddenException; use OCP\AppFramework\OCS\OCSNotFoundException; use OCP\AppFramework\OCSController; +use OCP\Constants; use OCP\Files\Node; use OCP\Files\NotFoundException; +use OCP\IConfig; use OCP\IGroupManager; use OCP\IL10N; use OCP\IUserManager; @@ -75,6 +77,8 @@ class ShareAPIController extends OCSController { private $l; /** @var \OCP\Files\Node */ private $lockedNode; + /** @var IConfig */ + private $config; /** * Share20OCS constructor. @@ -88,6 +92,7 @@ class ShareAPIController extends OCSController { * @param IURLGenerator $urlGenerator * @param string $userId * @param IL10N $l10n + * @param IConfig $config */ public function __construct( $appName, @@ -98,7 +103,8 @@ class ShareAPIController extends OCSController { IRootFolder $rootFolder, IURLGenerator $urlGenerator, $userId, - IL10N $l10n + IL10N $l10n, + IConfig $config ) { parent::__construct($appName, $request); @@ -110,6 +116,7 @@ class ShareAPIController extends OCSController { $this->urlGenerator = $urlGenerator; $this->currentUser = $userId; $this->l = $l10n; + $this->config = $config; } /** @@ -318,7 +325,7 @@ class ShareAPIController extends OCSController { */ public function createShare( $path = null, - $permissions = \OCP\Constants::PERMISSION_ALL, + $permissions = null, $shareType = -1, $shareWith = null, $publicUpload = 'false', @@ -327,6 +334,10 @@ class ShareAPIController extends OCSController { ) { $share = $this->shareManager->newShare(); + if ($permissions === null) { + $permissions = $this->config->getAppValue('core', 'shareapi_default_permissions', Constants::PERMISSION_ALL); + } + // Verify path if ($path === null) { throw new OCSNotFoundException($this->l->t('Please specify a file or folder path')); @@ -347,17 +358,17 @@ class ShareAPIController extends OCSController { throw new OCSNotFoundException($this->l->t('Could not create share')); } - if ($permissions < 0 || $permissions > \OCP\Constants::PERMISSION_ALL) { + if ($permissions < 0 || $permissions > Constants::PERMISSION_ALL) { throw new OCSNotFoundException($this->l->t('invalid permissions')); } // Shares always require read permissions - $permissions |= \OCP\Constants::PERMISSION_READ; + $permissions |= Constants::PERMISSION_READ; if ($path instanceof \OCP\Files\File) { // Single file shares should never have delete or create permissions - $permissions &= ~\OCP\Constants::PERMISSION_DELETE; - $permissions &= ~\OCP\Constants::PERMISSION_CREATE; + $permissions &= ~Constants::PERMISSION_DELETE; + $permissions &= ~Constants::PERMISSION_CREATE; } /* @@ -414,13 +425,13 @@ class ShareAPIController extends OCSController { } $share->setPermissions( - \OCP\Constants::PERMISSION_READ | - \OCP\Constants::PERMISSION_CREATE | - \OCP\Constants::PERMISSION_UPDATE | - \OCP\Constants::PERMISSION_DELETE + Constants::PERMISSION_READ | + Constants::PERMISSION_CREATE | + Constants::PERMISSION_UPDATE | + Constants::PERMISSION_DELETE ); } else { - $share->setPermissions(\OCP\Constants::PERMISSION_READ); + $share->setPermissions(Constants::PERMISSION_READ); } // Set password @@ -447,13 +458,9 @@ class ShareAPIController extends OCSController { $share->setPermissions($permissions); } else if ($shareType === \OCP\Share::SHARE_TYPE_EMAIL) { if ($share->getNodeType() === 'file') { - $share->setPermissions(\OCP\Constants::PERMISSION_READ); + $share->setPermissions(Constants::PERMISSION_READ); } else { - $share->setPermissions( - \OCP\Constants::PERMISSION_READ | - \OCP\Constants::PERMISSION_CREATE | - \OCP\Constants::PERMISSION_UPDATE | - \OCP\Constants::PERMISSION_DELETE); + $share->setPermissions($permissions); } $share->setSharedWith($shareWith); } else if ($shareType === \OCP\Share::SHARE_TYPE_CIRCLE) { @@ -698,23 +705,23 @@ class ShareAPIController extends OCSController { $newPermissions = null; if ($publicUpload === 'true') { - $newPermissions = \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE; + $newPermissions = Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE; } else if ($publicUpload === 'false') { - $newPermissions = \OCP\Constants::PERMISSION_READ; + $newPermissions = Constants::PERMISSION_READ; } if ($permissions !== null) { $newPermissions = (int)$permissions; - $newPermissions = $newPermissions & ~\OCP\Constants::PERMISSION_SHARE; + $newPermissions = $newPermissions & ~Constants::PERMISSION_SHARE; } if ($newPermissions !== null && !in_array($newPermissions, [ - \OCP\Constants::PERMISSION_READ, - \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE, // legacy - \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE, // correct - \OCP\Constants::PERMISSION_CREATE, // hidden file list - \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE, // allow to edit single files + Constants::PERMISSION_READ, + Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE, // legacy + Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE, // correct + Constants::PERMISSION_CREATE, // hidden file list + Constants::PERMISSION_READ | Constants::PERMISSION_UPDATE, // allow to edit single files ]) ) { throw new OCSBadRequestException($this->l->t('Can\'t change permissions for public share links')); @@ -722,9 +729,9 @@ class ShareAPIController extends OCSController { if ( // legacy - $newPermissions === (\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE) || + $newPermissions === (Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE) || // correct - $newPermissions === (\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE) + $newPermissions === (Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE) ) { if (!$this->shareManager->shareApiLinkAllowPublicUpload()) { throw new OCSForbiddenException($this->l->t('Public upload disabled by the administrator')); @@ -735,7 +742,7 @@ class ShareAPIController extends OCSController { } // normalize to correct public upload permissions - $newPermissions = \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE; + $newPermissions = Constants::PERMISSION_READ | Constants::PERMISSION_CREATE | Constants::PERMISSION_UPDATE | Constants::PERMISSION_DELETE; } if ($newPermissions !== null) {