From 09cae540e657d1891dd9f0cf3c41c6ece25222da Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Thu, 2 May 2024 16:54:34 +0200 Subject: [PATCH] fix: cleanup logic for getting the max reshare permissions Signed-off-by: Robin Appelman --- lib/private/Share20/Manager.php | 47 +++++---------------------------- 1 file changed, 6 insertions(+), 41 deletions(-) diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 53dbf65ccc755..9899b2b101607 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -45,7 +45,7 @@ use OC\KnownUser\KnownUserService; use OC\Share20\Exception\ProviderException; use OCA\Files_Sharing\AppInfo\Application; -use OCA\Files_Sharing\ISharedStorage; +use OCA\Files_Sharing\SharedMount; use OCP\EventDispatcher\IEventDispatcher; use OCP\Files\File; use OCP\Files\Folder; @@ -294,46 +294,11 @@ protected function generalCreateChecks(IShare $share, bool $isUpdate = false) { throw new \InvalidArgumentException('A share requires permissions'); } - $isFederatedShare = $share->getNode()->getStorage()->instanceOfStorage('\OCA\Files_Sharing\External\Storage'); - $permissions = 0; - - $isReshare = $share->getNode()->getOwner() && $share->getNode()->getOwner()->getUID() !== $share->getSharedBy(); - if (!$isReshare && $isUpdate) { - // in case of update on owner-less filesystem, we use share owner to improve reshare detection - $isReshare = $share->getShareOwner() !== $share->getSharedBy(); - } - - if (!$isFederatedShare && $isReshare) { - $userMounts = array_filter($userFolder->getById($share->getNode()->getId()), function ($mount) { - // We need to filter since there might be other mountpoints that contain the file - // e.g. if the user has access to the same external storage that the file is originating from - return $mount->getStorage()->instanceOfStorage(ISharedStorage::class); - }); - $userMount = array_shift($userMounts); - if ($userMount === null) { - throw new GenericShareException('Could not get proper share mount for ' . $share->getNode()->getId() . '. Failing since else the next calls are called with null'); - } - $mount = $userMount->getMountPoint(); - // When it's a reshare use the parent share permissions as maximum - $userMountPointId = $mount->getStorageRootId(); - $userMountPoint = $userFolder->getFirstNodeById($userMountPointId); - - if ($userMountPoint === null) { - throw new GenericShareException('Could not get proper user mount for ' . $userMountPointId . '. Failing since else the next calls are called with null'); - } - - /* Check if this is an incoming share */ - $incomingShares = $this->getSharedWith($share->getSharedBy(), IShare::TYPE_USER, $userMountPoint, -1, 0); - $incomingShares = array_merge($incomingShares, $this->getSharedWith($share->getSharedBy(), IShare::TYPE_GROUP, $userMountPoint, -1, 0)); - $incomingShares = array_merge($incomingShares, $this->getSharedWith($share->getSharedBy(), IShare::TYPE_CIRCLE, $userMountPoint, -1, 0)); - $incomingShares = array_merge($incomingShares, $this->getSharedWith($share->getSharedBy(), IShare::TYPE_ROOM, $userMountPoint, -1, 0)); - - /** @var IShare[] $incomingShares */ - if (!empty($incomingShares)) { - foreach ($incomingShares as $incomingShare) { - $permissions |= $incomingShare->getPermissions(); - } - } + // check if the node we're sharing comes from an incoming share + $nodeMountPoint = $share->getNode()->getMountPoint(); + if ($nodeMountPoint instanceof SharedMount) { + // limit the permissions to the permissions of the permissions of the incoming share + $permissions = $nodeMountPoint->getShare()->getPermissions(); } else { /* * Quick fix for #23536