Skip to content

ShareesAPIController should respect groups disallowed from sharing #25744

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Tetrachloromethane250 wants to merge 7 commits into from
Closed

ShareesAPIController should respect groups disallowed from sharing #25744

Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
ce0aa8e
Add check that user is allowed to share
Tetrachloroethene Feb 22, 2021
56cc408
Match create parameters
Tetrachloroethene Feb 22, 2021
be8bd42
Match create parameters for all instances
Tetrachloroethene Feb 22, 2021
d8396ef
Apply suggestions from code review
Tetrachloromethane250 Mar 1, 2021
e40590c
Add last change from review
Tetrachloromethane250 Mar 1, 2021
ded214e
Fix existing tests
Tetrachloroethene Mar 1, 2021
5550611
Merge branch 'master' into fix/20950/Transfer-Ownership-Ignores-Shari…
skjnldsv Feb 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
Add check that user is allowed to share 
Signed-off-by: Daniel Bishop <[email protected]>
  • Loading branch information
@Tetrachloroethene
Tetrachloroethene committed Feb 22, 2021
commit ce0aa8e2c5aa0e0262c1a25dbb1a0a2f3c6e5690
28 changes: 27 additions & 1 deletion apps/files_sharing/lib/Controller/ShareesAPIController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,10 @@
use OCP\Collaboration\Collaborators\ISearchResult;
use OCP\Collaboration\Collaborators\SearchResultType;
use OCP\IConfig;
use OCP\IGroupManager;
use OCP\IRequest;
use OCP\IURLGenerator;
use OCP\IUserManager;
use OCP\Share\IShare;
use OCP\Share\IManager;
use function usort;
Expand Down Expand Up @@ -103,6 +105,12 @@ class ShareesAPIController extends OCSController {
/** @var ISearch */
private $collaboratorSearch;

/** @var IGroupManager */
private $groupManager;

/** @var IUserManager */
private $userManager;

/**
* @param string $UserId
* @param string $appName
Expand All @@ -119,14 +127,20 @@ public function __construct(
IConfig $config,
IURLGenerator $urlGenerator,
IManager $shareManager,
ISearch $collaboratorSearch
ISearch $collaboratorSearch,
IGroupManager $groupManager,
IUserManager $userManager

) {
parent::__construct($appName, $request);
$this->userId = $UserId;
$this->config = $config;
$this->urlGenerator = $urlGenerator;
$this->shareManager = $shareManager;
$this->collaboratorSearch = $collaboratorSearch;
$this->groupManager = $groupManager;
$this->userManager = $userManager;

}

/**
Expand All @@ -143,6 +157,18 @@ public function __construct(
*/
public function search(string $search = '', string $itemType = null, int $page = 1, int $perPage = 200, $shareType = null, bool $lookup = true): DataResponse {

// if some groups are excluded, check the user is allowed to share
if ($this->config->getAppValue('core', 'shareapi_exclude_groups', 'no') === 'yes') {

Check notice

Code scanning / Psalm

DeprecatedMethod

The method OCP\IConfig::getAppValue has been marked as deprecated
$excludedGroups = $this->config->getAppValue('core', 'shareapi_exclude_groups_list', '');
$excludedGroupsArray = !is_null(json_decode($excludedGroups))
? json_decode($excludedGroups, true) : '';
$usersGroups = $this->groupManager->getUserGroupIds($this->userManager->get($this->userId));

Check notice

Code scanning / Psalm

PossiblyNullArgument

Argument 1 of OCP\IGroupManager::getUserGroupIds cannot be null, possibly null value provided
if (array_intersect($usersGroups, $excludedGroupsArray) == $usersGroups) {
return new DataResponse($this->result);
}
}


// only search for string larger than a given threshold
$threshold = (int)$this->config->getSystemValue('sharing.minSearchStringLength', 0);
if (strlen($search) < $threshold) {
Expand Down