Skip to content

Commit e45302e

Browse files
provokateurinbackportbot[bot]
authored andcommitted
refactor(files_sharing,Share20): Use Interaction API to apply restrictions
refactor(files_sharing,Share20): Use Interaction API to apply restrictions Signed-off-by: provokateurin <kate@provokateurin.de> [skip ci]
1 parent 14e4b73 commit e45302e

6 files changed

Lines changed: 827 additions & 403 deletions

File tree

apps/files_sharing/lib/Controller/ShareAPIController.php

Lines changed: 0 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -724,10 +724,6 @@ public function createShare(
724724
$share->setSharedWith($shareWith);
725725
$share->setPermissions($permissions);
726726
} elseif ($shareType === IShare::TYPE_GROUP) {
727-
if (!$this->shareManager->allowGroupSharing()) {
728-
throw new OCSNotFoundException($this->l->t('Group sharing is disabled by the administrator'));
729-
}
730-
731727
// Valid group is required to share
732728
if ($shareWith === null || !$this->groupManager->groupExists($shareWith)) {
733729
throw new OCSNotFoundException($this->l->t('Please specify a valid group'));
@@ -737,11 +733,6 @@ public function createShare(
737733
} elseif ($shareType === IShare::TYPE_LINK
738734
|| $shareType === IShare::TYPE_EMAIL) {
739735

740-
// Can we even share links?
741-
if (!$this->shareManager->shareApiAllowLinks()) {
742-
throw new OCSNotFoundException($this->l->t('Public link sharing is disabled by the administrator'));
743-
}
744-
745736
$this->validateLinkSharePermissions($node, $permissions, $hasPublicUpload);
746737
$share->setPermissions($permissions);
747738

@@ -775,10 +766,6 @@ public function createShare(
775766
$share->setSendPasswordByTalk(true);
776767
}
777768
} elseif ($shareType === IShare::TYPE_REMOTE) {
778-
if (!$this->shareManager->outgoingServer2ServerSharesAllowed()) {
779-
throw new OCSForbiddenException($this->l->t('Sharing %1$s failed because the back end does not allow shares from type %2$s', [$node->getPath(), $shareType]));
780-
}
781-
782769
if ($shareWith === null) {
783770
throw new OCSNotFoundException($this->l->t('Please specify a valid federated account ID'));
784771
}
@@ -787,10 +774,6 @@ public function createShare(
787774
$share->setPermissions($permissions);
788775
$share->setSharedWithDisplayName($this->getCachedFederatedDisplayName($shareWith, false));
789776
} elseif ($shareType === IShare::TYPE_REMOTE_GROUP) {
790-
if (!$this->shareManager->outgoingServer2ServerGroupSharesAllowed()) {
791-
throw new OCSForbiddenException($this->l->t('Sharing %1$s failed because the back end does not allow shares from type %2$s', [$node->getPath(), $shareType]));
792-
}
793-
794777
if ($shareWith === null) {
795778
throw new OCSNotFoundException($this->l->t('Please specify a valid federated group ID'));
796779
}
@@ -1049,12 +1032,6 @@ private function validateLinkSharePermissions(Node $node, int $permissions, ?boo
10491032
&& ($this->hasPermission($permissions, Constants::PERMISSION_UPDATE) || $this->hasPermission($permissions, Constants::PERMISSION_DELETE))) {
10501033
throw new OCSBadRequestException($this->l->t('Share must have READ permission if UPDATE or DELETE permission is set'));
10511034
}
1052-
1053-
// Check if public uploading was disabled
1054-
if ($this->hasPermission($permissions, Constants::PERMISSION_CREATE)
1055-
&& !$this->shareManager->shareApiLinkAllowPublicUpload()) {
1056-
throw new OCSForbiddenException($this->l->t('Public upload disabled by the administrator'));
1057-
}
10581035
}
10591036

10601037
/**

apps/files_sharing/tests/Controller/ShareAPIControllerTest.php

Lines changed: 0 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -2040,7 +2040,6 @@ public function testCreateShareGroupNoValidShareWith(): void {
20402040
$share = $this->newShare();
20412041
$this->shareManager->method('newShare')->willReturn($share);
20422042
$this->shareManager->method('createShare')->willReturnArgument(0);
2043-
$this->shareManager->method('allowGroupSharing')->willReturn(true);
20442043

20452044
[$userFolder, $path] = $this->getNonSharedUserFile();
20462045
$this->rootFolder->method('getUserFolder')
@@ -2314,8 +2313,6 @@ public function testCreateShareLinkPassword(): void {
23142313
->willReturn([]);
23152314

23162315
$this->shareManager->method('newShare')->willReturn(Server::get(IManager::class)->newShare());
2317-
$this->shareManager->method('shareApiAllowLinks')->willReturn(true);
2318-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
23192316

23202317
$this->shareManager->expects($this->once())->method('createShare')->with(
23212318
$this->callback(function (IShare $share) use ($path) {
@@ -2353,8 +2350,6 @@ public function testCreateShareLinkSendPasswordByTalk(): void {
23532350
->willReturn([]);
23542351

23552352
$this->shareManager->method('newShare')->willReturn(Server::get(IManager::class)->newShare());
2356-
$this->shareManager->method('shareApiAllowLinks')->willReturn(true);
2357-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
23582353

23592354
$this->appManager->method('isEnabledForUser')->with('spreed')->willReturn(true);
23602355

@@ -2400,8 +2395,6 @@ public function testCreateShareLinkSendPasswordByTalkWithTalkDisabled(): void {
24002395
->willReturn([]);
24012396

24022397
$this->shareManager->method('newShare')->willReturn(Server::get(IManager::class)->newShare());
2403-
$this->shareManager->method('shareApiAllowLinks')->willReturn(true);
2404-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
24052398

24062399
$this->appManager->method('isEnabledForUser')->with('spreed')->willReturn(false);
24072400

@@ -2438,8 +2431,6 @@ public function testCreateShareValidExpireDate(): void {
24382431
->willReturn([]);
24392432

24402433
$this->shareManager->method('newShare')->willReturn(Server::get(IManager::class)->newShare());
2441-
$this->shareManager->method('shareApiAllowLinks')->willReturn(true);
2442-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
24432434

24442435
$this->shareManager->expects($this->once())->method('createShare')->with(
24452436
$this->callback(function (IShare $share) use ($path) {
@@ -2484,8 +2475,6 @@ public function testCreateShareInvalidExpireDate(): void {
24842475
->willReturn([]);
24852476

24862477
$this->shareManager->method('newShare')->willReturn(Server::get(IManager::class)->newShare());
2487-
$this->shareManager->method('shareApiAllowLinks')->willReturn(true);
2488-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
24892478

24902479
$ocs->createShare('valid-path', Constants::PERMISSION_ALL, IShare::TYPE_LINK, null, 'false', '', null, 'a1b2d3');
24912480
}
@@ -2555,8 +2544,6 @@ public function testCreateShareRemote(): void {
25552544
}))
25562545
->willReturnArgument(0);
25572546

2558-
$this->shareManager->method('outgoingServer2ServerSharesAllowed')->willReturn(true);
2559-
25602547
$expected = new DataResponse([]);
25612548
$result = $ocs->createShare('valid-path', Constants::PERMISSION_ALL, IShare::TYPE_REMOTE, 'user@example.org');
25622549

@@ -2629,8 +2616,6 @@ public function testCreateShareRemoteGroup(): void {
26292616
}))
26302617
->willReturnArgument(0);
26312618

2632-
$this->shareManager->method('outgoingServer2ServerGroupSharesAllowed')->willReturn(true);
2633-
26342619
$expected = new DataResponse([]);
26352620
$result = $ocs->createShare('valid-path', Constants::PERMISSION_ALL, IShare::TYPE_REMOTE_GROUP, 'group@example.org');
26362621

@@ -3004,7 +2989,6 @@ public function testUpdateLinkShareSet(): void {
30042989
->setNode($folder);
30052990

30062991
$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);
3007-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
30082992

30092993
$this->shareManager->expects($this->once())->method('updateShare')->with(
30102994
$this->callback(function (IShare $share) {
@@ -3119,7 +3103,6 @@ public function testUpdateLinkShareSetCRUDPermissions($permissions): void {
31193103
->setNode($folder);
31203104

31213105
$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);
3122-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
31233106
$this->shareManager->method('getSharedWith')->willReturn([]);
31243107

31253108
$this->shareManager
@@ -3202,7 +3185,6 @@ public function testUpdateLinkShareInvalidDate(): void {
32023185
->setNode($folder);
32033186

32043187
$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);
3205-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
32063188

32073189
$ocs->updateShare(42, null, 'password', null, 'true', '2000-01-a');
32083190
}
@@ -3279,9 +3261,6 @@ public function testUpdateLinkSharePublicUploadOnFile(): void {
32793261
->method('getShareById')
32803262
->with('ocinternal:42')
32813263
->willReturn($share);
3282-
$this->shareManager
3283-
->method('shareApiLinkAllowPublicUpload')
3284-
->willReturn(true);
32853264
$this->shareManager
32863265
->method('updateShare')
32873266
->with($share)
@@ -3649,7 +3628,6 @@ public function testUpdateLinkSharePublicUploadDoesNotChangeOther(): void {
36493628
->setNode($folder);
36503629

36513630
$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);
3652-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
36533631

36543632
$this->shareManager->expects($this->once())->method('updateShare')->with(
36553633
$this->callback(function (IShare $share) use ($date) {
@@ -3710,7 +3688,6 @@ public function testUpdateLinkSharePermissions(): void {
37103688
->setNode($folder);
37113689

37123690
$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);
3713-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
37143691

37153692
$this->shareManager->expects($this->once())->method('updateShare')->with(
37163693
$this->callback(function (IShare $share) use ($date): bool {
@@ -3770,7 +3747,6 @@ public function testUpdateLinkSharePermissionsShare(): void {
37703747
->setNode($folder);
37713748

37723749
$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);
3773-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
37743750

37753751
$this->shareManager->expects($this->once())
37763752
->method('updateShare')
@@ -3823,7 +3799,6 @@ public function testUpdateOtherPermissions(): void {
38233799
->setNode($file);
38243800

38253801
$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);
3826-
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
38273802

38283803
$this->shareManager->expects($this->once())->method('updateShare')->with(
38293804
$this->callback(function (IShare $share) {

build/integration/sharing_features/sharing-v1-part2.feature

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -657,7 +657,7 @@ Scenario: getting all shares of a file with a received share after revoking the
657657
| shareType | 0 |
658658
| shareWith | user2 |
659659
| permissions | 31 |
660-
Then the OCS status code should be "404"
660+
Then the OCS status code should be "403"
661661
And the HTTP status code should be "200"
662662

663663
Scenario: User is allowed to reshare file with more permissions if shares of same file to same user have them
@@ -708,7 +708,7 @@ Scenario: getting all shares of a file with a received share after revoking the
708708
| shareType | 0 |
709709
| shareWith | user2 |
710710
| permissions | 31 |
711-
Then the OCS status code should be "404"
711+
Then the OCS status code should be "403"
712712
And the HTTP status code should be "200"
713713

714714
Scenario: User is not allowed to reshare file with more permissions even if shares of same file to other users have them
@@ -737,7 +737,7 @@ Scenario: getting all shares of a file with a received share after revoking the
737737
| shareType | 0 |
738738
| shareWith | user2 |
739739
| permissions | 19 |
740-
Then the OCS status code should be "404"
740+
Then the OCS status code should be "403"
741741
And the HTTP status code should be "200"
742742

743743
Scenario: User is not allowed to reshare file with more permissions even if shares of other files from same user have them
@@ -765,7 +765,7 @@ Scenario: getting all shares of a file with a received share after revoking the
765765
| shareType | 0 |
766766
| shareWith | user2 |
767767
| permissions | 19 |
768-
Then the OCS status code should be "404"
768+
Then the OCS status code should be "403"
769769
And the HTTP status code should be "200"
770770

771771
Scenario: User is not allowed to reshare file with more permissions even if shares of other files from other users have them
@@ -794,7 +794,7 @@ Scenario: getting all shares of a file with a received share after revoking the
794794
| shareType | 0 |
795795
| shareWith | user2 |
796796
| permissions | 19 |
797-
Then the OCS status code should be "404"
797+
Then the OCS status code should be "403"
798798
And the HTTP status code should be "200"
799799

800800
Scenario: download restrictions can not be dropped
@@ -888,7 +888,7 @@ Scenario: getting all shares of a file with a received share after revoking the
888888
| shareType | 0 |
889889
| shareWith | user2 |
890890
| permissions | 25 |
891-
Then the OCS status code should be "404"
891+
Then the OCS status code should be "403"
892892
And the HTTP status code should be "200"
893893

894894
Scenario: User is not allowed to reshare file with additional delete permissions for files
@@ -1197,7 +1197,7 @@ Scenario: getting all shares of a file with a received share after revoking the
11971197
| permissions | 21 |
11981198
When Updating last share with
11991199
| permissions | 31 |
1200-
Then the OCS status code should be "404"
1200+
Then the OCS status code should be "403"
12011201
And the HTTP status code should be "200"
12021202

12031203
Scenario: Do not allow reshare to exceed permissions even if shares of same file to other users have them
@@ -1229,7 +1229,7 @@ Scenario: getting all shares of a file with a received share after revoking the
12291229
| permissions | 21 |
12301230
When Updating last share with
12311231
| permissions | 31 |
1232-
Then the OCS status code should be "404"
1232+
Then the OCS status code should be "403"
12331233
And the HTTP status code should be "200"
12341234

12351235
Scenario: Do not allow reshare to exceed permissions even if shares of other files from same user have them
@@ -1260,7 +1260,7 @@ Scenario: getting all shares of a file with a received share after revoking the
12601260
| permissions | 21 |
12611261
When Updating last share with
12621262
| permissions | 31 |
1263-
Then the OCS status code should be "404"
1263+
Then the OCS status code should be "403"
12641264
And the HTTP status code should be "200"
12651265

12661266
Scenario: Do not allow reshare to exceed permissions even if shares of other files from other users have them
@@ -1292,7 +1292,7 @@ Scenario: getting all shares of a file with a received share after revoking the
12921292
| permissions | 21 |
12931293
When Updating last share with
12941294
| permissions | 31 |
1295-
Then the OCS status code should be "404"
1295+
Then the OCS status code should be "403"
12961296
And the HTTP status code should be "200"
12971297

12981298
Scenario: Do not allow sub reshare to exceed permissions
@@ -1316,7 +1316,7 @@ Scenario: getting all shares of a file with a received share after revoking the
13161316
| permissions | 21 |
13171317
When Updating last share with
13181318
| permissions | 31 |
1319-
Then the OCS status code should be "404"
1319+
Then the OCS status code should be "403"
13201320
And the HTTP status code should be "200"
13211321

13221322
Scenario: Only allow 1 link share per file/folder

build/integration/sharing_features/sharing-v1-part3.feature

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -449,7 +449,7 @@ Feature: sharing
449449
| shareType | 3 |
450450
And Updating last share with
451451
| publicUpload | true |
452-
Then the OCS status code should be "404"
452+
Then the OCS status code should be "403"
453453
And the HTTP status code should be "200"
454454

455455
Scenario: do not allow to increase link share permissions on sub reshare
@@ -471,7 +471,7 @@ Feature: sharing
471471
| shareType | 3 |
472472
And Updating last share with
473473
| publicUpload | true |
474-
Then the OCS status code should be "404"
474+
Then the OCS status code should be "403"
475475
And the HTTP status code should be "200"
476476

477477
Scenario: deleting file out of a share as recipient creates a backup for the owner

0 commit comments

Comments
 (0)