Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[QA] Re-Sharer can increase permissions #893

Closed
jnweiger opened this issue Nov 18, 2020 · 12 comments
Closed

[QA] Re-Sharer can increase permissions #893

jnweiger opened this issue Nov 18, 2020 · 12 comments
Labels
Category:Defect Existing functionality is not working as expected Interaction:Needs-help Asking some hints to engineering when the issue can't be reproduced Priority:p2-high Escalation, on top of current planning, release blocker Type:Bug

Comments

@jnweiger
Copy link
Contributor

Setup via docker-compose-eos-test.yml from branch fix-yml-for-rc5 on localhost

Via WEB UI:

  • login as einstein, share a folder with richard as viewer only
  • log in as richard, accept the folder, re-share to moss as editor
  • login as moss, accept the folder, enter the folder, upload a file into it. Works. BAD.
  • check the situation as einstein:
    image

Although richard is clearly only Viewer, and moss received the share through richard, moss is Editor.
(At least einstein can clearly see what happend). Okayish.

Expected behaviour: share receiver can only reshare with same or subset of his own permissions.
@jnweiger
Copy link
Contributor Author

jnweiger commented Nov 18, 2020
edited
Loading

A public link created by richard with Editor role behaves differently:
Richard sees, that the link has Editor permissions, but
users of the link cannot upload until einstein gives richard editor permissons.

While this behaviour is technically cool, it is absolutely not transparent for the participants.
My expected behaviour for the public link would be the same: richard should only be able to set the same permissions that he has.

Editor and other choices should be grayed out, and have a tooltip explaining that the own permissions are currently insufficient.

@jnweiger
Copy link
Contributor Author

According to @pmaier1 re-sharing should not be possible at all.

@micbar
Copy link
Contributor

micbar commented Nov 20, 2020

@butonic Can you please confirm, that this was expected?

@davitol
Copy link
Contributor

davitol commented Nov 20, 2020

Kind of dupe of #552 ?

@micbar micbar added the bug label Nov 20, 2020
@dpakach
Copy link
Contributor

dpakach commented Nov 25, 2020

Also similar issue owncloud/product#270

@exalate-issue-sync exalate-issue-sync bot changed the title [QA] Re-Sharer can increare permissions [QA] Re-Sharer can increase permissions Dec 8, 2020
@butonic butonic mentioned this issue Dec 10, 2020
Merged
8 tasks
@exalate-issue-sync
Copy link

Jörn Friedrich Dreyer commented: another dupe: #893

inital PR to fix it: cs3org/reva#1368

@jnweiger
Copy link
Contributor Author

Retested with ocis-1.0.0-rc8 via ocis/deployments/examples/ocis_traefik/

No more resharing conspiracy possible:
share receiver gets an GRPC error when trying to re-share a readonly share.

That is an acceptable workaround, but not nice.

@pmaier1
Copy link
Contributor

pmaier1 commented Dec 17, 2020
edited
Loading

Retested with ocis-1.0.0-rc8 via ocis/deployments/examples/ocis_traefik/

Try a reload after encountering the error. Unfortunately the share is created nevertheless. But luckily the 3rd user does not get the share.

@settings settings bot removed the bug label Jan 12, 2021
@refs refs added Interaction:Needs-help Asking some hints to engineering when the issue can't be reproduced Category:Defect Existing functionality is not working as expected labels Jan 13, 2021
@refs
Copy link
Member

refs commented Jan 13, 2021

@pmaier1 @micbar just want to bring this to the picture again. As it has p2-high is this something we should re-test and come to a conclusion?

@micbar
Copy link
Contributor

micbar commented Jan 13, 2021

We should fix it during our hardening of the share features.

@settings settings bot removed the p2-high label Apr 7, 2021
@ScharfViktor
Copy link
Contributor

ScharfViktor commented Sep 3, 2021
edited
Loading

re-sharing is off. Need a re-test when we turn it on

@ScharfViktor ScharfViktor added the Priority:p2-high Escalation, on top of current planning, release blocker label Sep 3, 2021
@micbar
Copy link
Contributor

micbar commented May 10, 2022

Resharing is disabled.

@micbar micbar closed this as completed May 10, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Category:Defect Existing functionality is not working as expected Interaction:Needs-help Asking some hints to engineering when the issue can't be reproduced Priority:p2-high Escalation, on top of current planning, release blocker Type:Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@jnweiger @micbar @refs @davitol @dpakach @pmaier1 @ScharfViktor