Skip to content

feat(share): add ShareReviewAccessCheckEvent to OCP public API#61543

Open
AndyScherzinger wants to merge 1 commit into
masterfrom
feat/noid/shareReviewDeleteEvent
Open

feat(share): add ShareReviewAccessCheckEvent to OCP public API#61543
AndyScherzinger wants to merge 1 commit into
masterfrom
feat/noid/shareReviewDeleteEvent

Conversation

@AndyScherzinger

@AndyScherzinger AndyScherzinger commented Jun 23, 2026
edited
Loading

Copy link
Copy Markdown
Member

Summary

Introduces OCP\Share\Events\ShareReviewAccessCheckEvent as the canonical authorization gate event for ShareReview sources. The event carries the source name and share ID for listener context, implements deny-wins semantics, and stops propagation immediately on denial.
This is a discussed and agreed on measure to safeguard auditing-triggered share deletions throughout various apps using a "check back event mechanism", so apps can implement their support for this (any app that has shares basically, of any kind)

Assisted-by: ClaudeCode:claude-sonnet-4-6

TODO

Checklist

AI (if applicable)

  • The content of this PR was partly or fully generated using AI

@AndyScherzinger AndyScherzinger added this to the Nextcloud 35 milestone Jun 23, 2026
@AndyScherzinger AndyScherzinger requested a review from a team as a code owner June 23, 2026 14:45
@AndyScherzinger AndyScherzinger requested review from Altahrim and ArtificialOwl and removed request for a team June 23, 2026 14:45
@AndyScherzinger AndyScherzinger added the 2. developing Work in progress label Jun 23, 2026
@AndyScherzinger AndyScherzinger marked this pull request as draft June 23, 2026 14:48
@AndyScherzinger

AndyScherzinger commented Jun 23, 2026

Copy link
Copy Markdown
Member Author

/backport to stable34

CarlSchwan
CarlSchwan reviewed Jun 23, 2026
View reviewed changes

@CarlSchwan CarlSchwan left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need to run build/autoloaderchecker.sh

Comment thread lib/public/Share/Events/ShareReviewAccessCheckEvent.php
@AndyScherzinger AndyScherzinger force-pushed the feat/noid/shareReviewDeleteEvent branch 5 times, most recently from fa52514 to c4ea0a9 Compare June 23, 2026 17:02
@AndyScherzinger
feat(share): add ShareReviewAccessCheckEvent to OCP public API
af59b39 
Introduces OCP\Share\Events\ShareReviewAccessCheckEvent as the canonical
authorization gate event for ShareReview sources. The event carries the
source name and share ID for listener context, implements deny-wins
semantics, and stops propagation immediately on denial.

Assisted-by: ClaudeCode:claude-sonnet-4-6
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
@AndyScherzinger AndyScherzinger force-pushed the feat/noid/shareReviewDeleteEvent branch from c4ea0a9 to af59b39 Compare June 23, 2026 17:03
@AndyScherzinger AndyScherzinger marked this pull request as ready for review June 23, 2026 17:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@CarlSchwan CarlSchwan CarlSchwan left review comments

@ArtificialOwl ArtificialOwl Awaiting requested review from ArtificialOwl ArtificialOwl is a code owner automatically assigned from nextcloud/server-backend

@Altahrim Altahrim Awaiting requested review from Altahrim Altahrim is a code owner automatically assigned from nextcloud/server-backend

@salmart-dev salmart-dev Awaiting requested review from salmart-dev salmart-dev is a code owner automatically assigned from nextcloud/server-backend

@leftybournes leftybournes Awaiting requested review from leftybournes leftybournes is a code owner automatically assigned from nextcloud/server-backend

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

2. developing Work in progress AI assisted backport-request enhancement feature: sharing

Projects

None yet

Milestone

Nextcloud 35

Development

Successfully merging this pull request may close these issues.

2 participants

@AndyScherzinger @CarlSchwan