Skip to content

fix: permissions when copying from readonly storage #53726

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix: permissions when copying from readonly storage #53726

wants to merge 1 commit into from
+30 −2

Conversation

@rotdrop
Copy link
Contributor

@rotdrop rotdrop commented Jun 30, 2025

Summary

#51846 (comment)

TODO

  • Cleanup. Perhaps a bit hacky.

Checklist

@rotdrop rotdrop requested a review from a team as a code owner June 30, 2025 12:55
@rotdrop rotdrop requested review from ArtificialOwl, come-nc and leftybournes and removed request for a team June 30, 2025 12:55
@susnux susnux changed the title Fix nextcloud/server#51846 fix: permissions when copying from readonly storage Jun 30, 2025
@susnux susnux added bug 3. to review Waiting for reviews labels Jun 30, 2025
@susnux susnux added this to the Nextcloud 32 milestone Jun 30, 2025
@susnux
Copy link
Contributor

susnux commented Jun 30, 2025

@rotdrop please use conventional commit messages, e.g.:
fix: permissions when copying from readonly storage

See also https://www.conventionalcommits.org/en/v1.0.0/

@rotdrop rotdrop force-pushed the bugfix/fix-permissions-when-copying-from-readonly-storage branch 2 times, most recently from fcb7f05 to f5e6cb8 Compare June 30, 2025 14:17
@rotdrop rotdrop requested a review from a team as a code owner June 30, 2025 14:17
@rotdrop rotdrop requested review from nfebe, skjnldsv and susnux and removed request for a team June 30, 2025 14:17
@rotdrop
Copy link
Contributor Author

rotdrop commented Jun 30, 2025

I wonder if similar permission problems could occur with moveFromStorage, at least in edge cases.

@rotdrop rotdrop force-pushed the bugfix/fix-permissions-when-copying-from-readonly-storage branch from f5e6cb8 to ed965a2 Compare June 30, 2025 14:20
@rotdrop rotdrop mentioned this pull request Jun 30, 2025
Open
@come-nc come-nc requested a review from icewind1991 June 30, 2025 14:34
@come-nc
Copy link
Contributor

come-nc commented Jun 30, 2025

This is quite mysterious to me, maybe @icewind1991 understands better what this is about?
It’s at least missing comments to make it understandable.

@come-nc come-nc closed this Jun 30, 2025
@come-nc come-nc reopened this Jun 30, 2025
@come-nc
Copy link
Contributor

come-nc commented Jun 30, 2025

(did not meant to close, it was a misclick)

@rotdrop
Copy link
Contributor Author

rotdrop commented Jun 30, 2025
edited
Loading

This is quite mysterious to me, maybe @icewind1991 understands better what this is about? It’s at least missing comments to make it understandable.

Well, but we have the linked issue #51846 with quite a bunch of comments. So in summary:

  • when copying files out of read-only storages like read-only shares or read-only external mounts
  • ... then the read-only permissions are copied over to the destination
  • if you then try to modify the copied files in the destination location then you find them read-only
  • this is -- at the very least -- very unexpected: as end-user you of course assume that copying stuff to a location where you have write permissions results in modifiable data
  • also: the web-frontend does not provide any means to the end-user to correct this problem

@rotdrop
fix: permissions when copying from readonly storage
4a3cd26 
Signed-off-by: Claus-Justus Heine <himself@claus-justus-heine.de>
@rotdrop rotdrop force-pushed the bugfix/fix-permissions-when-copying-from-readonly-storage branch from ed965a2 to 4a3cd26 Compare July 1, 2025 06:38
@come-nc
Copy link
Contributor

come-nc commented Jul 9, 2025

Thank you, I understand the problem now, but I’m not sure about the fix. It feels a bit hackish.
scan_permissions comes from the scanner?

There should be a way to have something more straightforward to set permissions after copy, and avoid having so many special handling.

Gentle ping @icewind1991

@rotdrop
Copy link
Contributor Author

rotdrop commented Jul 9, 2025

Thank you, I understand the problem now, but I’m not sure about the fix. It feels a bit hackish. scan_permissions comes from the scanner?

There should be a way to have something more straightforward to set permissions after copy, and avoid having so many special handling.

Gentle ping @icewind1991

Thank you for coming back to this. Yeah, the fix is hackish (see TODO topic in my initial comment). I think that the scan_permissions come from the scanner code. This also somehow indicates that this problem was already popping up earlier ...

@rotdrop
Copy link
Contributor Author

rotdrop commented Jul 9, 2025

Thank you, I understand the problem now, but I’m not sure about the fix. It feels a bit hackish. scan_permissions comes from the scanner?
There should be a way to have something more straightforward to set permissions after copy, and avoid having so many special handling.
Gentle ping @icewind1991

Thank you for coming back to this. Yeah, the fix is hackish (see TODO topic in my initial comment). I think that the scan_permissions come from the scanner code. This also somehow indicates that this problem was already popping up earlier ...

See #48769, commit hash 6419de7

@icewind1991
Copy link
Member

icewind1991 commented Jul 9, 2025

#53733 attempts to fix the same issue I believe.

From what I can tell the main difference is that this PR has logic to take the permissions of the target parent folder into account. I'm not sure if that's actually needed though.

@rotdrop
Copy link
Contributor Author

rotdrop commented Jul 10, 2025

#53733 attempts to fix the same issue I believe.

From what I can tell the main difference is that this PR has logic to take the permissions of the target parent folder into account. I'm not sure if that's actually needed though.

I am also not sure. However, I was thinking of target folder with write permissions, but without read permissions (e.g. a write-only share which is used as a p.o box for public upload). Don't known if this is relevant.

@github-actions
Copy link
Contributor

github-actions bot commented Jul 15, 2025

Hello there,
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.

We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process.

Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6

Thank you for contributing to Nextcloud and we hope to hear from you soon!

(If you believe you should not receive this message, you can add yourself to the blocklist.)

This was referenced Aug 22, 2025
Merged
Merged
Merged
This was referenced Sep 2, 2025
Merged
Merged
@nextcloud-bot nextcloud-bot mentioned this pull request Sep 10, 2025
Merged
@nextcloud-bot nextcloud-bot mentioned this pull request Sep 18, 2025
Merged
This was referenced Sep 25, 2025
Merged
Merged
@skjnldsv skjnldsv modified the milestones: Nextcloud 32, Nextcloud 33 Sep 28, 2025
@rotdrop rotdrop mentioned this pull request Oct 5, 2025
Closed
rotdrop added a commit to rotdrop/nextcloud-app-files-archive that referenced this pull request Oct 15, 2025
@rotdrop
Workaround NC core's copy from ro-storage permissions bug.
71f7e9c 
See

- rotdrop/files_archive#55
- nextcloud/server#53726
- nextcloud/server#53733

Nextcloud up to and including version 32 copies the
read-only-permissions of a read-only source to the target of a copy
operation, even if the destination storage is writable.

This should be fixed upstream, as a workaround a forced scan of the
destination seems to also fix the problem at the cost of performance, of
course.
rotdrop added a commit to rotdrop/nextcloud-app-files-archive that referenced this pull request Oct 15, 2025
@rotdrop
Workaround NC core's copy from ro-storage permissions bug.
6f3e73d 
See

- #55
- nextcloud/server#53726
- nextcloud/server#53733

Nextcloud up to and including version 32 copies the
read-only-permissions of a read-only source to the target of a copy
operation, even if the destination storage is writable.

This should be fixed upstream, as a workaround a forced scan of the
destination seems to also fix the problem at the cost of performance, of
course.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ArtificialOwl ArtificialOwl Awaiting requested review from ArtificialOwl ArtificialOwl is a code owner automatically assigned from nextcloud/server-backend

@leftybournes leftybournes Awaiting requested review from leftybournes leftybournes is a code owner automatically assigned from nextcloud/server-backend

@come-nc come-nc Awaiting requested review from come-nc come-nc is a code owner automatically assigned from nextcloud/server-backend

@susnux susnux Awaiting requested review from susnux susnux was automatically assigned from nextcloud/server-frontend

@nfebe nfebe Awaiting requested review from nfebe nfebe was automatically assigned from nextcloud/server-frontend

@skjnldsv skjnldsv Awaiting requested review from skjnldsv skjnldsv was automatically assigned from nextcloud/server-frontend

@icewind1991 icewind1991 Awaiting requested review from icewind1991

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

3. to review Waiting for reviews bug feedback-requested

Projects

None yet

Milestone

Nextcloud 33

Development

Successfully merging this pull request may close these issues.

[Bug]: Can't edit/delete files copied from read-only shared folders

5 participants

@rotdrop @susnux @come-nc @icewind1991 @skjnldsv