user can have his resharing rights revoked, yet seeing created shares

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
nextcloud · Nov 1, 2018 · 63af755 · 63af755
1 parent f009cb6
commit 63af755
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 10 deletions.
diff --git a/apps/files_sharing/lib/Controller/ShareAPIController.php b/apps/files_sharing/lib/Controller/ShareAPIController.php
@@ -722,12 +722,18 @@ public function getShares(
 			$shares = array_merge($shares, $federatedShares);
 		}
 
-		$formatted = [];
+		$formatted = $miniFormatted = [];
 		$resharingRight = false;
 		foreach ($shares as $share) {
+			/** @var IShare $share */
 			try {
-				$formatted[] = $this->formatShare($share, $path);
-				if ($path !== null && !$resharingRight && $this->shareProviderResharingRights($this->currentUser, $share, $path)) {
+				$format = $this->formatShare($share, $path);
+				$formatted[] = $format;
+				if ($share->getSharedBy() === $this->currentUser) {
+					$miniFormatted[] = $format;
+				}
+
+				if (!$resharingRight && $this->shareProviderResharingRights($this->currentUser, $share, $path)) {
 					$resharingRight = true;
 				}
 			} catch (\Exception $e) {
@@ -736,7 +742,7 @@ public function getShares(
 		}
 
 		if (!$resharingRight) {
-			$formatted = [];
+			$formatted = $miniFormatted;
 		}
 
 		if ($include_tags) {
@@ -1113,13 +1119,14 @@ private function getRoomShareHelper() {
 	 * @throws NotFoundException
 	 * @throws \OCP\Files\InvalidPathException
 	 */
-	private function shareProviderResharingRights(string $userId, IShare $share, Node $node): bool {
+	private function shareProviderResharingRights(string $userId, IShare $share, $node): bool {
+
 		if ($share->getShareOwner() === $userId) {
 			return true;
 		}
 
 		// we check that current user have parent resharing rights on the current file
-		if (($node->getPermissions() & \OCP\Constants::PERMISSION_SHARE) !== 0) {
+		if ($node !== null && ($node->getPermissions() & \OCP\Constants::PERMISSION_SHARE) !== 0) {
 			return true;
 		}
 

diff --git a/apps/files_sharing/tests/ApiTest.php b/apps/files_sharing/tests/ApiTest.php
@@ -811,19 +811,21 @@ function testGetShareMultipleSharedFolder() {
 		$result1 = $ocs->getShares('false','false','false', $this->subfolder);
 		$ocs->cleanup();
 
-		// test should return one share within $this->folder
+//		// test should return 2 shares within $this->folder, as the viewer have resharing rights:
+//		// one from the owner, the second from the reshare
 		$data1 = $result1->getData();
-		$this->assertCount(1, $data1);
+		$this->assertCount(2, $data1);
 		$s1 = reset($data1);
 
 		//$request = $this->createRequest(['path' => $this->folder.$this->subfolder]);
 		$ocs = $this->createOCS(self::TEST_FILES_SHARING_API_USER2);
 		$result2 = $ocs->getShares('false', 'false', 'false', $this->folder . $this->subfolder);
 		$ocs->cleanup();
 
-		// test should return one share within $this->folder
+//		// test should return 2 shares within $this->folder, as the viewer have resharing rights:
+//		// one from the owner, the second from the reshare
 		$data2 = $result2->getData();
-		$this->assertCount(1, $data2);
+		$this->assertCount(2, $data2);
 		$s2 = reset($data2);
 
 		$this->assertEquals($this->subfolder, $s1['path']);