diff options
author | Marcos Zuriaga <wolfi@wolfi.es> | 2016-10-04 01:21:27 +0300 |
---|---|---|
committer | Marcos Zuriaga <wolfi@wolfi.es> | 2016-10-04 01:21:27 +0300 |
commit | 62b54aee8e3033a84a5a3800ac6b2647660ce50d (patch) | |
tree | af000157739024ed69687af16aa4d3652728018e | |
parent | 1ba859269f5841d4d168e8f5af323c339039d533 (diff) |
Behave as if no item was found if public user has no read permission
-rw-r--r-- | lib/Service/ShareService.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/Service/ShareService.php b/lib/Service/ShareService.php index e72b378b..7517ce76 100644 --- a/lib/Service/ShareService.php +++ b/lib/Service/ShareService.php @@ -16,6 +16,7 @@ use OCA\Passman\Db\ShareRequest; use OCA\Passman\Db\ShareRequestMapper; use OCA\Passman\Db\SharingACL; use OCA\Passman\Db\SharingACLMapper; +use OCP\AppFramework\Db\DoesNotExistException; class ShareService { private $sharingACL; @@ -128,7 +129,7 @@ class ShareService { $acl = $this->sharingACL->getItemACL($user_id, $item_guid); // Check if the user can read the credential, probably unnecesary, but just to be sure - if (!$acl->hasPermission(SharingACL::READ)) return null; + if (!$acl->hasPermission(SharingACL::READ)) throw new DoesNotExistException("Item not found or wrong access level"); $tmp = $acl->jsonSerialize(); $tmp['credential_data'] = $this->credential->getCredentialById($acl->getItemId())->jsonSerialize(); |