Skip to content

Commit

Permalink
fix(auth/scope): fix nested resource check when creating a new resource
Browse files Browse the repository at this point in the history
When creating a reource (e.g a document via the app/new endpoint) below a next
folder structure of a public link, we can't stat the resource itself (it
doesn't exit yet) for checking if it is a descendant of the share root.
We now stat the resource's parent instead in that case.

Fixes: owncloud/ocis#8957
(cherry picked from commit 5faad8d)
  • Loading branch information
rhafer committed Apr 29, 2024
1 parent 3b6ef86 commit d2deee7
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 3 deletions.
8 changes: 8 additions & 0 deletions changelog/unreleased/fix-publicshare-nested-appnew.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
Bugfix: Fix creating documents in nested folders of public shares

We fixed a bug that prevented creating new documented in a nested folder
of a public share.

https://github.com/cs3org/reva/pull/4665
https://github.com/cs3org/reva/pull/4660
https://github.com/owncloud/ocis/issues/8957
14 changes: 11 additions & 3 deletions internal/grpc/interceptors/auth/scope.go
Original file line number Diff line number Diff line change
Expand Up @@ -261,7 +261,7 @@ func checkIfNestedResource(ctx context.Context, ref *provider.Reference, parent
if err != nil {
return false, err
}
if statResponse.Status.Code != rpc.Code_CODE_OK {
if statResponse.GetStatus().GetCode() != rpc.Code_CODE_OK {
return false, statuspkg.NewErrorFromCode(statResponse.Status.Code, "auth interceptor")
}

Expand Down Expand Up @@ -313,14 +313,22 @@ func checkIfNestedResource(ctx context.Context, ref *provider.Reference, parent
if err != nil {
return false, err
}
if childStat.Status.Code != rpc.Code_CODE_OK {
if childStat.GetStatus().GetCode() == rpc.Code_CODE_NOT_FOUND && ref.GetPath() != "" && ref.GetPath() != "." {
// The resource does not seem to exist (yet?). We might be part of an initiate upload request.
// Stat the parent to get its path and check that against the root path.
childStat, err = client.Stat(ctx, &provider.StatRequest{Ref: &provider.Reference{ResourceId: ref.GetResourceId()}})
if err != nil {
return false, err
}
}
if childStat.GetStatus().GetCode() != rpc.Code_CODE_OK {
return false, statuspkg.NewErrorFromCode(childStat.Status.Code, "auth interceptor")
}
pathResp, err = client.GetPath(ctx, &provider.GetPathRequest{ResourceId: childStat.GetInfo().GetId()})
if err != nil {
return false, err
}
if pathResp.Status.Code != rpc.Code_CODE_OK {
if pathResp.GetStatus().GetCode() != rpc.Code_CODE_OK {
return false, statuspkg.NewErrorFromCode(pathResp.Status.Code, "auth interceptor")
}
childPath = pathResp.Path
Expand Down

0 comments on commit d2deee7

Please sign in to comment.