diff options
author | Daniel Calviño Sánchez <danxuliu@gmail.com> | 2018-12-12 11:15:24 +0300 |
---|---|---|
committer | Joas Schilling <coding@schilljs.com> | 2018-12-13 18:25:45 +0300 |
commit | 0003d7a864c7a0d48908de24ba2f574cf3e8e532 (patch) | |
tree | 91786b4739cffbf2c29a95f4c3068806696556db /lib/Files | |
parent | c48380bc21eb90105c06a30a483fb6a32d4305f5 (diff) |
Extend "has direct access to file" check also to files in shared folders
Before a file was seen as directly accessible by the user if the user
received the file through a user, group, circle or room share. Now files
that are a descendant of a folder that meets those conditions are seen
as directly accessible by the user too.
Due to this now the rooms for files in a shared folder can be accessed
by any user that has access to the folder; it is no longer needed to
explicitly share the file too with them.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Diffstat (limited to 'lib/Files')
-rw-r--r-- | lib/Files/Listener.php | 12 | ||||
-rw-r--r-- | lib/Files/Util.php | 26 |
2 files changed, 23 insertions, 15 deletions
diff --git a/lib/Files/Listener.php b/lib/Files/Listener.php index 5ee4016a8..7c8427f5e 100644 --- a/lib/Files/Listener.php +++ b/lib/Files/Listener.php @@ -36,9 +36,9 @@ use Symfony\Component\EventDispatcher\GenericEvent; * specific shared file, for example, when collaboratively editing it. The room * is persistent and can be accessed simultaneously by any user with direct * access (user, group, circle and room share, but not link share, for example) - * to that file. The room has no owner, although self joined users become - * persistent participants automatically when they join until they explicitly - * leave or no longer have access to the file. + * to that file (or to an ancestor). The room has no owner, although self joined + * users become persistent participants automatically when they join until they + * explicitly leave or no longer have access to the file. * * These rooms are associated to a "file" object, and their custom behaviour is * provided by calling the methods of this class as a response to different room @@ -84,9 +84,9 @@ class Listener { * Prevents users from joining if they do not have direct access to the * file. * - * A user has direct access to a file if she received the file through a - * user, group, circle or room share (but not through a link share, for - * example), or if she is the owner of such a file. + * A user has direct access to a file if she received the file (or an + * ancestor) through a user, group, circle or room share (but not through a + * link share, for example), or if she is the owner of such a file. * * This method should be called before a user joins a room. * diff --git a/lib/Files/Util.php b/lib/Files/Util.php index a6fd32855..e830378c6 100644 --- a/lib/Files/Util.php +++ b/lib/Files/Util.php @@ -26,6 +26,7 @@ namespace OCA\Spreed\Files; use OCP\Files\IRootFolder; use OCP\Files\Node; +use OCP\Files\NotFoundException; use OCP\Share\IManager as IShareManager; use OCP\Share\IShare; @@ -77,6 +78,8 @@ class Util { * A user has direct access to a share and, thus, to a file, if she received * the file through a user, group, circle or room share (but not through a * public link, for example), or if she is the owner of such a share. + * Note that this includes too files received as a descendant of a folder + * that meets the above conditions. * * Only files are taken into account; folders are ignored. * @@ -86,16 +89,27 @@ class Util { */ public function getAnyDirectShareOfFileAccessibleByUser(string $fileId, string $userId) { $userFolder = $this->rootFolder->getUserFolder($userId); - $fileById = $userFolder->getById($fileId); - if (empty($fileById)) { + $nodes = $userFolder->getById($fileId); + if (empty($nodes)) { return null; } - foreach ($fileById as $node) { + $nodes = array_filter($nodes, function($node) { + return $node->getType() === \OCP\Files\FileInfo::TYPE_FILE; + }); + + while (!empty($nodes)) { + $node = array_pop($nodes); + $share = $this->getAnyDirectShareOfNodeAccessibleByUser($node, $userId); if ($share) { return $share; } + + try { + $nodes[] = $node->getParent(); + } catch (NotFoundException $e) { + } } return null; @@ -104,17 +118,11 @@ class Util { /** * Returns any share of the node that the user has direct access to. * - * Only files are taken into account; folders are ignored. - * * @param Node $node * @param string $userId * @return IShare|null */ private function getAnyDirectShareOfNodeAccessibleByUser(Node $node, string $userId) { - if ($node->getType() === \OCP\Files\FileInfo::TYPE_FOLDER) { - return null; - } - $reshares = false; $limit = 1; |