Skip to content

Commit 3cec7f2

Browse files
juliusknorrjuliusknorr
authored
Merge pull request #6514 from nextcloud/backport/6487/stable26
2 parents 3d096d8 + 04caf06 commit 3cec7f2

File tree

2 files changed

+30
-2
lines changed

2 files changed

+30
-2
lines changed

.github/workflows/cypress.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -161,15 +161,15 @@ jobs:
161161
npm_package_name: ${{ env.APP_NAME }}
162162

163163
- name: Upload test failure screenshots
164-
uses: actions/upload-artifact@v2
164+
uses: actions/upload-artifact@v4
165165
if: failure()
166166
with:
167167
name: Upload screenshots
168168
path: apps/${{ env.APP_NAME }}/cypress/screenshots/
169169
retention-days: 5
170170

171171
- name: Upload nextcloud logs
172-
uses: actions/upload-artifact@v2
172+
uses: actions/upload-artifact@v4
173173
if: failure()
174174
with:
175175
name: Upload nextcloud log

lib/Service/AttachmentService.php

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@
3939
use OCP\Files\NotPermittedException;
4040
use OCP\Files\SimpleFS\ISimpleFile;
4141
use OCP\IPreview;
42+
use OCP\ISession;
4243
use OCP\Share\Exceptions\ShareNotFound;
4344
use OCP\Share\IShare;
4445
use OCP\Util;
@@ -59,6 +60,10 @@ class AttachmentService {
5960
* @var IPreview
6061
*/
6162
private $previewManager;
63+
/**
64+
* @var ISession
65+
*/
66+
private $session;
6267
/**
6368
* @var IMimeTypeDetector
6469
*/
@@ -67,10 +72,12 @@ class AttachmentService {
6772
public function __construct(IRootFolder $rootFolder,
6873
ShareManager $shareManager,
6974
IPreview $previewManager,
75+
ISession $session,
7076
IMimeTypeDetector $mimeTypeDetector) {
7177
$this->rootFolder = $rootFolder;
7278
$this->shareManager = $shareManager;
7379
$this->previewManager = $previewManager;
80+
$this->session = $session;
7481
$this->mimeTypeDetector = $mimeTypeDetector;
7582
}
7683

@@ -545,6 +552,27 @@ private function getTextFilePublic(?int $documentId, string $shareToken): File {
545552
try {
546553
$share = $this->shareManager->getShareByToken($shareToken);
547554
if ($share->getShareType() === IShare::TYPE_LINK) {
555+
556+
// check for password if required
557+
/** @psalm-suppress RedundantConditionGivenDocblockType */
558+
if ($share->getPassword() !== null) {
559+
$shareId = $this->session->get('public_link_authenticated');
560+
if ($share->getId() !== $shareId) {
561+
throw new ShareNotFound();
562+
}
563+
}
564+
565+
// check read permission
566+
if (($share->getPermissions() & Constants::PERMISSION_READ) !== Constants::PERMISSION_READ) {
567+
throw new ShareNotFound();
568+
}
569+
570+
// check download permission
571+
$attributes = $share->getAttributes();
572+
if ($attributes !== null && $attributes->getAttribute('permissions', 'download') === false) {
573+
throw new ShareNotFound();
574+
}
575+
548576
// shared file or folder?
549577
if ($share->getNodeType() === 'file') {
550578
$textFile = $share->getNode();

0 commit comments

Comments
 (0)