From f5c8fa4f11b70d84c593c6102f3100a94310fa34 Mon Sep 17 00:00:00 2001
From: Vincent Petry <vincent@nextcloud.com>
Date: Wed, 13 Apr 2022 15:46:30 +0200
Subject: [PATCH 1/2] Properly reset pw expiration

When requesting a new password for share by mail link, now we correctly
reset the expiration date.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
---
 .../lib/Controller/ShareAPIController.php     | 36 ------------------
 lib/private/Share20/Manager.php               | 37 +++++++++++++++++++
 2 files changed, 37 insertions(+), 36 deletions(-)

diff --git a/apps/files_sharing/lib/Controller/ShareAPIController.php b/apps/files_sharing/lib/Controller/ShareAPIController.php
index d324af3e9f26f..c044148513261 100644
--- a/apps/files_sharing/lib/Controller/ShareAPIController.php
+++ b/apps/files_sharing/lib/Controller/ShareAPIController.php
@@ -571,10 +571,6 @@ public function createShare(
 			// Set password
 			if ($password !== '') {
 				$share->setPassword($password);
-				// Shares shared by email have temporary passwords by default
-				if ($shareType === IShare::TYPE_EMAIL) {
-					$this->setSharePasswordExpirationTime($share);
-				}
 			}
 
 			// Only share by mail have a recipient
@@ -1182,9 +1178,6 @@ public function updateShare(
 				$share->setPassword(null);
 			} elseif ($password !== null) {
 				$share->setPassword($password);
-				if ($share->getShareType() === IShare::TYPE_EMAIL) {
-					$this->setSharePasswordExpirationTime($share);
-				}
 			}
 
 			if ($label !== null) {
@@ -1521,35 +1514,6 @@ private function parseDate(string $expireDate): \DateTime {
 		return $date;
 	}
 
-	/**
-	 * Set the share's password expiration time
-	 */
-	private function setSharePasswordExpirationTime(IShare $share): void {
-		if ($this->config->getSystemValue('allow_mail_share_permanent_password')) {
-			// Sets password expiration date to NULL
-			$share->setPasswordExpirationTime();
-			return;
-		}
-		// Sets password expiration date
-		$expirationTime = null;
-		try {
-			$now = new \DateTime();
-			$expirationInterval = $this->config->getSystemValue('share_temporary_password_expiration_interval');
-			if ($expirationInterval === '' || is_null($expirationInterval)) {
-				$expirationInterval = 'P0DT15M';
-			}
-			$expirationTime = $now->add(new \DateInterval($expirationInterval));
-		} catch (\Exception $e) {
-			// Catches invalid format for system value 'share_temporary_password_expiration_interval'
-			\OC::$server->getLogger()->logException($e, [
-				'message' => 'The \'share_temporary_password_expiration_interval\' system setting does not respect the DateInterval::__construct() format. Setting it to \'P0DT15M\''
-			]);
-			$expirationTime = $now->add(new \DateInterval('P0DT15M'));
-		} finally {
-			$share->setPasswordExpirationTime($expirationTime);
-		}
-	}
-
 	/**
 	 * Since we have multiple providers but the OCS Share API v1 does
 	 * not support this we need to check all backends.
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php
index 4e87c37fedbcb..a5d876e801590 100644
--- a/lib/private/Share20/Manager.php
+++ b/lib/private/Share20/Manager.php
@@ -1148,11 +1148,18 @@ private function updateSharePasswordIfNeeded(IShare $share, IShare $originalShar
 			// If a password is set. Hash it!
 			if (!empty($share->getPassword())) {
 				$share->setPassword($this->hasher->hash($share->getPassword()));
+				if ($share->getShareType() === IShare::TYPE_EMAIL) {
+					// Shares shared by email have temporary passwords
+					$this->setSharePasswordExpirationTime($share);
+				}
 
 				return true;
 			} else {
 				// Empty string and null are seen as NOT password protected
 				$share->setPassword(null);
+				if ($share->getShareType() === IShare::TYPE_EMAIL) {
+					$share->setPasswordExpirationTime(null);
+				}
 				return true;
 			}
 		} else {
@@ -1164,6 +1171,36 @@ private function updateSharePasswordIfNeeded(IShare $share, IShare $originalShar
 		return false;
 	}
 
+	/**
+	 * Set the share's password expiration time
+	 */
+	private function setSharePasswordExpirationTime(IShare $share): void {
+		if ($this->config->getSystemValue('allow_mail_share_permanent_password')) {
+			// Sets password expiration date to NULL
+			$share->setPasswordExpirationTime();
+			return;
+		}
+		// Sets password expiration date
+		$expirationTime = null;
+		try {
+			$now = new \DateTime();
+			$expirationInterval = $this->config->getSystemValue('share_temporary_password_expiration_interval');
+			if ($expirationInterval === '' || is_null($expirationInterval)) {
+				$expirationInterval = 'P0DT15M';
+			}
+			$expirationTime = $now->add(new \DateInterval($expirationInterval));
+		} catch (\Exception $e) {
+			// Catches invalid format for system value 'share_temporary_password_expiration_interval'
+			\OC::$server->getLogger()->logException($e, [
+				'message' => 'The \'share_temporary_password_expiration_interval\' system setting does not respect the DateInterval::__construct() format. Setting it to \'P0DT15M\''
+			]);
+			$expirationTime = $now->add(new \DateInterval('P0DT15M'));
+		} finally {
+			$share->setPasswordExpirationTime($expirationTime);
+		}
+	}
+
+
 	/**
 	 * Delete all the children of this share
 	 * FIXME: remove once https://github.com/owncloud/core/pull/21660 is in

From 2c2b238008f82a39ac54ac651ff2a90443d8d821 Mon Sep 17 00:00:00 2001
From: Vincent Petry <vincent@nextcloud.com>
Date: Wed, 13 Apr 2022 16:11:15 +0200
Subject: [PATCH 2/2] Default to permanent link passwords

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
---
 apps/sharebymail/lib/ShareByMailProvider.php | 2 +-
 lib/private/Share20/Manager.php              | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/apps/sharebymail/lib/ShareByMailProvider.php b/apps/sharebymail/lib/ShareByMailProvider.php
index 1e767b7f8596a..70af8d0c746a1 100644
--- a/apps/sharebymail/lib/ShareByMailProvider.php
+++ b/apps/sharebymail/lib/ShareByMailProvider.php
@@ -198,7 +198,7 @@ public function create(IShare $share) {
 
 		// Sends share password to receiver when it's a permanent one (otherwise she will have to request it via the showShare UI)
 		// or to owner when the password shall be given during a Talk session
-		if ($this->config->getSystemValue('allow_mail_share_permanent_password') || $share->getSendPasswordByTalk()) {
+		if ($this->config->getSystemValue('allow_mail_share_permanent_password', true) || $share->getSendPasswordByTalk()) {
 			$send = $this->sendPassword($share, $password);
 			if ($passwordEnforced && $send === false) {
 				$this->sendPasswordToOwner($share, $password);
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php
index a5d876e801590..191b59d2b8887 100644
--- a/lib/private/Share20/Manager.php
+++ b/lib/private/Share20/Manager.php
@@ -1175,7 +1175,7 @@ private function updateSharePasswordIfNeeded(IShare $share, IShare $originalShar
 	 * Set the share's password expiration time
 	 */
 	private function setSharePasswordExpirationTime(IShare $share): void {
-		if ($this->config->getSystemValue('allow_mail_share_permanent_password')) {
+		if ($this->config->getSystemValue('allow_mail_share_permanent_password', true)) {
 			// Sets password expiration date to NULL
 			$share->setPasswordExpirationTime();
 			return;