From 601921289cc1625d9508d0fecb1cbb00b5dd6df6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julius=20H=C3=A4rtl?= Date: Tue, 11 Jul 2023 15:46:40 +0200 Subject: [PATCH] fix: Fetch attachment share permissions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- lib/Service/AttachmentService.php | 35 +++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/lib/Service/AttachmentService.php b/lib/Service/AttachmentService.php index 79074958fce..41aa522478b 100644 --- a/lib/Service/AttachmentService.php +++ b/lib/Service/AttachmentService.php @@ -27,6 +27,7 @@ namespace OCA\Text\Service; use OC\User\NoUserException; +use OCA\Files_Sharing\SharedStorage; use OCA\Text\Controller\AttachmentController; use OCP\Constants; use OCP\Files\File; @@ -155,7 +156,7 @@ public function getMediaFilePublic(int $documentId, string $mediaFileName, strin private function getMediaFullFile(string $mediaFileName, File $textFile): ?File { $attachmentFolder = $this->getAttachmentDirectoryForFile($textFile, true); $mediaFile = $attachmentFolder->get($mediaFileName); - if ($mediaFile instanceof File) { + if ($mediaFile instanceof File && !$this->isDownloadDisabled($mediaFile)) { return $mediaFile; } return null; @@ -192,7 +193,7 @@ public function getMediaFilePreviewPublic(int $documentId, string $mediaFileName private function getMediaFilePreviewFile(string $mediaFileName, File $textFile): ?array { $attachmentFolder = $this->getAttachmentDirectoryForFile($textFile, true); $mediaFile = $attachmentFolder->get($mediaFileName); - if ($mediaFile instanceof File) { + if ($mediaFile instanceof File && !$this->isDownloadDisabled($mediaFile)) { if ($this->previewManager->isMimeSupported($mediaFile->getMimeType())) { try { return [ @@ -453,13 +454,27 @@ private function getFileFromPath(string $filePath, string $userId): ?File { $userFolder = $this->rootFolder->getUserFolder($userId); if ($userFolder->nodeExists($filePath)) { $file = $userFolder->get($filePath); - if ($file instanceof File) { + if ($file instanceof File && !$this->isDownloadDisabled($file)) { return $file; } } return null; } + private function isDownloadDisabled(File $file): bool { + $storage = $file->getStorage(); + if ($storage->instanceOfStorage(SharedStorage::class)) { + /** @var SharedStorage $storage */ + $share = $storage->getShare(); + $attributes = $share->getAttributes(); + if ($attributes !== null && $attributes->getAttribute('permissions', 'download') === false) { + return true; + } + } + + return false; + } + /** * Get a user file from file ID * @@ -472,9 +487,10 @@ private function getFileFromPath(string $filePath, string $userId): ?File { */ private function getTextFile(int $documentId, string $userId): File { $userFolder = $this->rootFolder->getUserFolder($userId); - $textFile = $userFolder->getById($documentId); - if (count($textFile) > 0 && $textFile[0] instanceof File) { - return $textFile[0]; + $files = $userFolder->getById($documentId); + $file = array_shift($files); + if ($file instanceof File && !$this->isDownloadDisabled($file)) { + return $file; } throw new NotFoundException('Text file with id=' . $documentId . ' was not found in storage of ' . $userId); } @@ -495,15 +511,16 @@ private function getTextFilePublic(?int $documentId, string $shareToken): File { // shared file or folder? if ($share->getNodeType() === 'file') { $textFile = $share->getNode(); - if ($textFile instanceof File) { + if ($textFile instanceof File && !$this->isDownloadDisabled($textFile)) { return $textFile; } } elseif ($documentId !== null && $share->getNodeType() === 'folder') { $folder = $share->getNode(); if ($folder instanceof Folder) { $textFile = $folder->getById($documentId); - if (count($textFile) > 0 && $textFile[0] instanceof File) { - return $textFile[0]; + $textFile = array_shift($textFile); + if ($textFile instanceof File && !$this->isDownloadDisabled($textFile)) { + return $textFile; } } }