From a031bc4788229b7943a13202998e895d08161490 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Mon, 14 Aug 2023 15:50:05 +0200 Subject: [PATCH] more share permission logic to storage wrapper this way we only have to determine the share permissions once Signed-off-by: Robin Appelman --- apps/files_sharing/tests/ApiTest.php | 4 ++++ lib/private/Files/FileInfo.php | 8 ++------ .../Files/ObjectStore/HomeObjectStoreStorage.php | 3 ++- lib/private/Files/SetupManager.php | 16 ++++++++++++++-- lib/private/Files/Storage/Home.php | 3 ++- lib/public/Files/IHomeStorage.php | 8 ++++++++ 6 files changed, 32 insertions(+), 10 deletions(-) diff --git a/apps/files_sharing/tests/ApiTest.php b/apps/files_sharing/tests/ApiTest.php index d7661297e9e86..3484bb29d941d 100644 --- a/apps/files_sharing/tests/ApiTest.php +++ b/apps/files_sharing/tests/ApiTest.php @@ -36,6 +36,8 @@ namespace OCA\Files_Sharing\Tests; use OC\Files\Cache\Scanner; +use OC\Files\Filesystem; +use OC\Files\SetupManager; use OCA\Files_Sharing\Controller\ShareAPIController; use OCP\App\IAppManager; use OCP\AppFramework\OCS\OCSBadRequestException; @@ -74,6 +76,8 @@ protected function setUp(): void { \OC::$server->getConfig()->setAppValue('core', 'shareapi_exclude_groups', 'no'); \OC::$server->getConfig()->setAppValue('core', 'shareapi_expire_after_n_days', '7'); + Filesystem::getLoader()->removeStorageWrapper('sharing_mask'); + $this->folder = self::TEST_FOLDER_NAME; $this->subfolder = '/subfolder_share_api_test'; $this->subsubfolder = '/subsubfolder_share_api_test'; diff --git a/lib/private/Files/FileInfo.php b/lib/private/Files/FileInfo.php index 2b6b83a25462c..b3c4629e2b23c 100644 --- a/lib/private/Files/FileInfo.php +++ b/lib/private/Files/FileInfo.php @@ -231,7 +231,7 @@ public function isEncrypted() { } /** - * Return the currently version used for the HMAC in the encryption app + * Return the current version used for the HMAC in the encryption app */ public function getEncryptedVersion(): int { return isset($this->data['encryptedVersion']) ? (int) $this->data['encryptedVersion'] : 1; @@ -241,11 +241,7 @@ public function getEncryptedVersion(): int { * @return int */ public function getPermissions() { - $perms = (int) $this->data['permissions']; - if (\OCP\Util::isSharingDisabledForUser() || ($this->isShared() && !\OC\Share\Share::isResharingAllowed())) { - $perms = $perms & ~\OCP\Constants::PERMISSION_SHARE; - } - return $perms; + return (int) $this->data['permissions']; } /** diff --git a/lib/private/Files/ObjectStore/HomeObjectStoreStorage.php b/lib/private/Files/ObjectStore/HomeObjectStoreStorage.php index 824adcc1d0e22..b361249ff4771 100644 --- a/lib/private/Files/ObjectStore/HomeObjectStoreStorage.php +++ b/lib/private/Files/ObjectStore/HomeObjectStoreStorage.php @@ -26,6 +26,7 @@ namespace OC\Files\ObjectStore; use OC\User\User; +use OCP\IUser; class HomeObjectStoreStorage extends ObjectStoreStorage implements \OCP\Files\IHomeStorage { /** @@ -61,7 +62,7 @@ public function getOwner($path) { * @param string $path, optional * @return \OC\User\User */ - public function getUser($path = null) { + public function getUser($path = null): IUser { return $this->user; } } diff --git a/lib/private/Files/SetupManager.php b/lib/private/Files/SetupManager.php index 2198c8c60b7e0..b1d609a9225dd 100644 --- a/lib/private/Files/SetupManager.php +++ b/lib/private/Files/SetupManager.php @@ -34,9 +34,11 @@ use OC\Files\Storage\Wrapper\PermissionsMask; use OC\Files\Storage\Wrapper\Quota; use OC\Lockdown\Filesystem\NullStorage; +use OC\Share\Share; use OC_App; use OC_Hook; use OC_Util; +use OCA\Files_Sharing\ISharedStorage; use OCP\Constants; use OCP\Diagnostics\IEventLogger; use OCP\EventDispatcher\IEventDispatcher; @@ -60,6 +62,7 @@ use OCP\IUserSession; use OCP\Lockdown\ILockdownManager; use OCP\Share\Events\ShareCreatedEvent; +use OCP\Share\IManager; use Psr\Log\LoggerInterface; class SetupManager { @@ -139,8 +142,17 @@ private function setupBuiltinWrappers() { return $storage; }); - Filesystem::addStorageWrapper('enable_sharing', function ($mountPoint, IStorage $storage, IMountPoint $mount) { - if (!$mount->getOption('enable_sharing', true)) { + Filesystem::addStorageWrapper('sharing_mask', function ($mountPoint, IStorage $storage, IMountPoint $mount) { + $reSharingEnabled = Share::isResharingAllowed(); + $sharingEnabledForMount = $mount->getOption('enable_sharing', true); + /** @var IUserSession $userSession */ + $userSession = \OC::$server->get(IUserSession::class); + $user = $userSession->getUser(); + /** @var IManager $shareManager */ + $shareManager = \OC::$server->get(IManager::class); + $sharingEnabledForUser = $user ? !$shareManager->sharingDisabledForUser($user->getUID()) : true; + $isShared = $storage->instanceOfStorage(ISharedStorage::class); + if (!$sharingEnabledForMount || !$sharingEnabledForUser || (!$reSharingEnabled && $isShared)) { return new PermissionsMask([ 'storage' => $storage, 'mask' => Constants::PERMISSION_ALL - Constants::PERMISSION_SHARE, diff --git a/lib/private/Files/Storage/Home.php b/lib/private/Files/Storage/Home.php index 5427bc425c262..5100b15215b9a 100644 --- a/lib/private/Files/Storage/Home.php +++ b/lib/private/Files/Storage/Home.php @@ -26,6 +26,7 @@ namespace OC\Files\Storage; use OC\Files\Cache\HomePropagator; +use OCP\IUser; /** * Specialized version of Local storage for home directory usage @@ -94,7 +95,7 @@ public function getPropagator($storage = null) { * * @return \OC\User\User owner of this home storage */ - public function getUser() { + public function getUser(): IUser { return $this->user; } diff --git a/lib/public/Files/IHomeStorage.php b/lib/public/Files/IHomeStorage.php index 7eb3ffc4a24ec..1fea80f2d87c3 100644 --- a/lib/public/Files/IHomeStorage.php +++ b/lib/public/Files/IHomeStorage.php @@ -27,6 +27,7 @@ namespace OCP\Files; use OCP\Files\Storage\IStorage; +use OCP\IUser; /** * Interface IHomeStorage @@ -34,4 +35,11 @@ * @since 7.0.0 */ interface IHomeStorage extends IStorage { + /** + * Get the user for this home storage + * + * @return IUser + * @since 28.0.0 + */ + public function getUser(): IUser; }