diff options
author | blizzz <blizzz@arthur-schiwon.de> | 2022-08-03 12:27:10 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-08-03 12:27:10 +0300 |
commit | 6088f720bd0e80307268089800b115e706bc664c (patch) | |
tree | 31f48bbfb829dcaf72e9956ff34999e1476a81bc | |
parent | 3a3a52de83eca460adcc1e0a9d8cd46d32ad5c14 (diff) | |
parent | 008a9f568db010cd7d1abb0badc4859c2bbed94e (diff) |
Merge pull request #33439 from nextcloud/backport/32958/stable24
[stable24] Fix file public link permissions if public upload is not enabled
-rw-r--r-- | lib/private/Share20/Manager.php | 4 | ||||
-rw-r--r-- | tests/lib/Share20/ManagerTest.php | 29 |
2 files changed, 30 insertions, 3 deletions
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index b1a9783d7b8..a44a9f99df8 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -650,7 +650,7 @@ class Manager implements IManager { } // Check if public upload is allowed - if (!$this->shareApiLinkAllowPublicUpload() && + if ($share->getNodeType() === 'folder' && !$this->shareApiLinkAllowPublicUpload() && ($share->getPermissions() & (\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE))) { throw new \InvalidArgumentException('Public upload is not allowed'); } @@ -1543,7 +1543,7 @@ class Manager implements IManager { * Reduce the permissions for link or email shares if public upload is not enabled */ if (($share->getShareType() === IShare::TYPE_LINK || $share->getShareType() === IShare::TYPE_EMAIL) - && !$this->shareApiLinkAllowPublicUpload()) { + && $share->getNodeType() === 'folder' && !$this->shareApiLinkAllowPublicUpload()) { $share->setPermissions($share->getPermissions() & ~(\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE)); } diff --git a/tests/lib/Share20/ManagerTest.php b/tests/lib/Share20/ManagerTest.php index 2ed99519df6..3e6d7675aa2 100644 --- a/tests/lib/Share20/ManagerTest.php +++ b/tests/lib/Share20/ManagerTest.php @@ -1914,13 +1914,31 @@ class ManagerTest extends \Test\TestCase { } - public function testLinkCreateChecksNoPublicUpload() { + public function testFileLinkCreateChecksNoPublicUpload() { + $share = $this->manager->newShare(); + + $share->setPermissions(\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE); + $share->setNodeType('file'); + + $this->config + ->method('getAppValue') + ->willReturnMap([ + ['core', 'shareapi_allow_links', 'yes', 'yes'], + ['core', 'shareapi_allow_public_upload', 'yes', 'no'] + ]); + + self::invokePrivate($this->manager, 'linkCreateChecks', [$share]); + $this->addToAssertionCount(1); + } + + public function testFolderLinkCreateChecksNoPublicUpload() { $this->expectException(\Exception::class); $this->expectExceptionMessage('Public upload is not allowed'); $share = $this->manager->newShare(); $share->setPermissions(\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE); + $share->setNodeType('folder'); $this->config ->method('getAppValue') @@ -1936,6 +1954,9 @@ class ManagerTest extends \Test\TestCase { $share = $this->manager->newShare(); $share->setPermissions(\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE); + $share->setSharedWith('sharedWith'); + $folder = $this->createMock(\OC\Files\Node\Folder::class); + $share->setNode($folder); $this->config ->method('getAppValue') @@ -1952,6 +1973,9 @@ class ManagerTest extends \Test\TestCase { $share = $this->manager->newShare(); $share->setPermissions(\OCP\Constants::PERMISSION_READ); + $share->setSharedWith('sharedWith'); + $folder = $this->createMock(\OC\Files\Node\Folder::class); + $share->setNode($folder); $this->config ->method('getAppValue') @@ -2946,6 +2970,9 @@ class ManagerTest extends \Test\TestCase { $share = $this->manager->newShare(); $share->setShareType(IShare::TYPE_LINK) ->setPermissions(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE); + $share->setSharedWith('sharedWith'); + $folder = $this->createMock(\OC\Files\Node\Folder::class); + $share->setNode($folder); $this->config ->expects($this->at(1)) |