Merge pull request #61067 from nextcloud/fix-public-link-mask-ext

sorbaugh · web-flow · commit 50d07d6256a0 · 2026-06-09T17:25:07.000+02:00
fix: use correct permissions mask for non-home storage public links
diff --git a/apps/dav/appinfo/v2/publicremote.php b/apps/dav/appinfo/v2/publicremote.php
@@ -7,6 +7,7 @@
  */
 use OC\Files\Filesystem;
 use OC\Files\Storage\Wrapper\DirPermissionsMask;
+use OC\Files\Storage\Wrapper\PermissionsMask;
 use OC\Files\View;
 use OCA\DAV\Connector\Sabre\PublicAuth;
 use OCA\DAV\Connector\Sabre\ServerFactory;
@@ -21,6 +22,7 @@
 use OCP\BeforeSabrePubliclyLoadedEvent;
 use OCP\Constants;
 use OCP\EventDispatcher\IEventDispatcher;
+use OCP\Files\IHomeStorage;
 use OCP\Files\IRootFolder;
 use OCP\Files\Mount\IMountManager;
 use OCP\ICacheFactory;
@@ -115,11 +117,15 @@
 			$mask |= Constants::PERMISSION_READ | Constants::PERMISSION_DELETE;
 		}
 
-		return new DirPermissionsMask([
-			'storage' => $storage,
-			'mask' => $mask,
-			'path' => 'files',
-		]);
+		if ($storage instanceof IHomeStorage) {
+			return new DirPermissionsMask([
+				'storage' => $storage,
+				'mask' => $mask,
+				'path' => 'files',
+			]);
+		} else {
+			return new PermissionsMask(['storage' => $storage, 'mask' => $mask]);
+		}
 	});
 
 	/** @psalm-suppress MissingClosureParamType */
diff --git a/build/integration/features/bootstrap/WebDav.php b/build/integration/features/bootstrap/WebDav.php
@@ -334,6 +334,23 @@ public function downloadedContentShouldStartWith($start) {
 		}
 	}
 
+	/**
+	 * @When Uploading public file :filename with content :content
+	 */
+	public function uploadingPublicFile(string $filename, string $content) {
+		$token = $this->lastShareData->data->token;
+		$fullUrl = substr($this->baseUrl, 0, -4) . "public.php/dav/files/$token/$filename";
+
+		$client = new GClient();
+		try {
+			$this->response = $client->request('PUT', $fullUrl, [
+				'body' => $content
+			]);
+		} catch (\GuzzleHttp\Exception\ClientException $e) {
+			$this->response = $e->getResponse();
+		}
+	}
+
 	/**
 	 * @Then /^as "([^"]*)" gets properties of (file|folder|entry) "([^"]*)" with$/
 	 * @param string $user
diff --git a/build/integration/sharing_features/sharing-v1.feature b/build/integration/sharing_features/sharing-v1.feature
@@ -556,7 +556,28 @@ Feature: sharing
     And Share fields of last share match with
       | expiration | +3 days |
 
-  Scenario: getting all shares of a user using that user
+Scenario: Writing to a read-only link share of an external storage
+	Given user "user0" exists
+	Then As an "user0"
+	When creating a share with
+		| path | local_storage |
+		| shareType | 3 |
+	And the OCS status code should be "100"
+	And the HTTP status code should be "200"
+	Then Uploading public file "foo.txt" with content "bar"
+	And the HTTP status code should be "403"
+
+Scenario: Writing to a read-write link share of an external storage
+	Given user "user0" exists
+	Then As an "user0"
+	When creating a share with
+		| path | local_storage |
+		| shareType | 3 |
+		| permissions | 7 |
+	Then Uploading public file "foo.txt" with content "bar"
+	And the HTTP status code should be "201"
+
+Scenario: getting all shares of a user using that user
     Given user "user0" exists
     And user "user1" exists
     When User "user1" deletes file "/textfile0.txt"
