From a66ed3a2725ff5b29ba12bd777d6a537a3c78d09 Mon Sep 17 00:00:00 2001 From: jkoberg Date: Tue, 20 Aug 2024 16:16:26 +0200 Subject: [PATCH] fix(ocs): ignore resharing permissions when sharing Signed-off-by: jkoberg --- .../unreleased/ignore-resharing-requests.md | 5 ++++ .../handlers/apps/sharing/shares/shares.go | 30 +++++++++++++++++-- 2 files changed, 33 insertions(+), 2 deletions(-) create mode 100644 changelog/unreleased/ignore-resharing-requests.md diff --git a/changelog/unreleased/ignore-resharing-requests.md b/changelog/unreleased/ignore-resharing-requests.md new file mode 100644 index 0000000000..2ae60b0c96 --- /dev/null +++ b/changelog/unreleased/ignore-resharing-requests.md @@ -0,0 +1,5 @@ +Enhancement: Ignore resharing requests + +We now ignore resharing permissions. Instead of returning BadRequest we just reduce the permissions. + +https://github.com/cs3org/reva/pull/4816 diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go index 1136ded122..1ec0b325e4 100644 --- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go +++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go @@ -282,8 +282,34 @@ func (h *Handler) CreateShare(w http.ResponseWriter, r *http.Request) { reqRole, reqPermissions := r.FormValue("role"), r.FormValue("permissions") switch shareType { case int(conversions.ShareTypeUser), int(conversions.ShareTypeGroup): - // user collaborations default to Manager (=all permissions) - role, val, ocsErr := h.extractPermissions(reqRole, reqPermissions, statRes.Info, conversions.NewManagerRole()) + // NOTE: clients tend to send "31" as permissions but they mean "15". + // This is because it adds the "16" for sharing , but that is now no longer allowed. + // We could now have some fancy mechanism that casts the string to an int, subtracts 16 and casts it back to a string. + // Or we could change the role later and hope everything works out. + // Or: + if reqRole == "" { + switch reqPermissions { + case "31": + reqPermissions = "15" + case "29": + reqPermissions = "13" + case "27": + reqPermissions = "11" + case "23": + reqPermissions = "7" + case "22": + reqPermissions = "6" + case "21": + reqPermissions = "5" + case "19": + reqPermissions = "3" + case "17": + reqPermissions = "1" + } + } + + // user collaborations default to Viewer. Sane Default. + role, val, ocsErr := h.extractPermissions(reqRole, reqPermissions, statRes.Info, conversions.NewViewerRole()) if ocsErr != nil { response.WriteOCSError(w, r, ocsErr.Code, ocsErr.Message, ocsErr.Error) return