Skip to content

Commit

Permalink
[Share 2.0] Allow using permissions to update link share
Browse files Browse the repository at this point in the history
  • Loading branch information
@rullzer
rullzer committed Jan 27, 2016
1 parent f5c45df commit 6957917
Show file tree
Hide file tree
Showing 2 changed files with 113 additions and 14 deletions.
55 changes: 41 additions & 14 deletions apps/files_sharing/api/share20ocs.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -464,10 +464,41 @@ public function updateShare($id) {
* expirationdate, password and publicUpload only make sense for link shares
*/
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) {
if ($password === null && $publicUpload === null && $expireDate === null) {
if ($permissions === null && $password === null && $publicUpload === null && $expireDate === null) {
return new \OC_OCS_Result(null, 400, 'Wrong or no update parameter given');
}

$newPermissions = null;
if ($publicUpload === 'true') {
$newPermissions = \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE;
} else if ($publicUpload === 'false') {
$newPermissions = \OCP\Constants::PERMISSION_READ;
}

if ($permissions !== null) {
$newPermissions = (int)$permissions;
}

if ($newPermissions !== null &&
$newPermissions !== \OCP\Constants::PERMISSION_READ &&
$newPermissions !== (\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE)) {
return new \OC_OCS_Result(null, 400, 'can\'t change permission for public link share');
}

if ($newPermissions === (\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE)) {
if (!$this->shareManager->shareApiLinkAllowPublicUpload()) {
return new \OC_OCS_Result(null, 403, 'public upload disabled by the administrator');
}

if (!($share->getPath() instanceof \OCP\Files\Folder)) {
return new \OC_OCS_Result(null, 400, "public upload is only possible for public shared folders");
}
}

if ($newPermissions !== null) {
$share->setPermissions($newPermissions);
}

if ($expireDate === '') {
$share->setExpirationDate(null);
} else if ($expireDate !== null) {
Expand All @@ -485,20 +516,8 @@ public function updateShare($id) {
$share->setPassword($password);
}

if ($publicUpload === 'true') {
if(!$this->shareManager->shareApiLinkAllowPublicUpload()) {
return new \OC_OCS_Result(null, 403, "public upload disabled by the administrator");
}

if (!($share->getPath() instanceof \OCP\Files\Folder)) {
return new \OC_OCS_Result(null, 400, "public upload is only possible for public shared folders");
}

$share->setPermissions(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE);
} else if ($publicUpload === 'false') {
$share->setPermissions(\OCP\Constants::PERMISSION_READ);
}
} else {
// For other shares only permissions is valid.
if ($permissions === null) {
return new \OC_OCS_Result(null, 400, 'Wrong or no update parameter given');
} else {
Expand All @@ -518,6 +537,14 @@ public function updateShare($id) {
return new \OC_OCS_Result($this->formatShare($share));
}

public function validatePermissions($permissions) {
if ($permissions < 0 || $permissions > \OCP\Constants::PERMISSION_ALL) {
return false;
}


}

/**
* @param IShare $share
* @return bool
Expand Down
72 changes: 72 additions & 0 deletions apps/files_sharing/tests/api/share20ocstest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1252,6 +1252,78 @@ public function testUpdateLinkSharePublicUploadDoesNotChangeOther() {
$this->assertEquals($expected->getData(), $result->getData());
}

public function testUpdateLinkSharePermissions() {
$ocs = $this->mockFormatShare();

$date = new \DateTime('2000-01-01');

$folder = $this->getMock('\OCP\Files\Folder');

$share = \OC::$server->getShareManager()->newShare();
$share->setPermissions(\OCP\Constants::PERMISSION_ALL)
->setSharedBy($this->currentUser)
->setShareType(\OCP\Share::SHARE_TYPE_LINK)
->setPassword('password')
->setExpirationDate($date)
->setPermissions(\OCP\Constants::PERMISSION_ALL)
->setPath($folder);

$this->request
->method('getParam')
->will($this->returnValueMap([
['permissions', null, '7'],
]));

$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);

$this->shareManager->expects($this->once())->method('updateShare')->with(
$this->callback(function (IShare $share) use ($date) {
return $share->getPermissions() === \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_DELETE &&
$share->getPassword() === 'password' &&
$share->getExpirationDate() === $date;
})
);

$expected = new \OC_OCS_Result(null);
$result = $ocs->updateShare(42);

$this->assertEquals($expected->getMeta(), $result->getMeta());
$this->assertEquals($expected->getData(), $result->getData());
}

public function testUpdateLinkShareInvalidPermissions() {
$ocs = $this->mockFormatShare();

$date = new \DateTime('2000-01-01');

$folder = $this->getMock('\OCP\Files\Folder');

$share = \OC::$server->getShareManager()->newShare();
$share->setPermissions(\OCP\Constants::PERMISSION_ALL)
->setSharedBy($this->currentUser)
->setShareType(\OCP\Share::SHARE_TYPE_LINK)
->setPassword('password')
->setExpirationDate($date)
->setPermissions(\OCP\Constants::PERMISSION_ALL)
->setPath($folder);

$this->request
->method('getParam')
->will($this->returnValueMap([
['permissions', null, '31'],
]));

$this->shareManager->method('getShareById')->with('ocinternal:42')->willReturn($share);
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);

$expected = new \OC_OCS_Result(null, 400, 'can\'t change permission for public link share');
$result = $ocs->updateShare(42);

$this->assertEquals($expected->getMeta(), $result->getMeta());
$this->assertEquals($expected->getData(), $result->getData());
}

public function testUpdateOtherPermissions() {
$ocs = $this->mockFormatShare();

Expand Down

0 comments on commit 6957917

Please sign in to comment.