Edit possible without permission in link share by uploading file with same name.

[JustKiddingCode]

Describe the bug

In a link share scenario with "Can upload" permission, edits of files are still possible.
The Webui even asks to keep both, or replace.
So edit is possible by downloading and then uploading again.

Steps to reproduce

1. Create Folder
2. Create Share with Link with "Can upload permission"
3. Using the link, Upload file "foo.txt" content "foo"
4. Using same link (potentially different browser), upload file "foo.txt" content "bar"

Expected behavior

Uploading file with same name shouldn't be possible.

Actual behavior

foo.txt gets overwritten with content "bar"

Extra Information

#8435 seems related to this issue.

[rhafer]

Actually what you describe is the expected behavior of "Can upload". If you want to prevent that you'd need to use the "Secret File Drop" permission.

[micbar]

duplicate of owncloud/web#11381

[micbar]

We are working on changing the wording in the role description.

[JustKiddingCode]

Actually what you describe is the expected behavior of "Can upload". If you want to prevent that you'd need to use the "Secret File Drop" permission.

So there's no permission set for an append-only share?

[micbar]

Correct. All files and new file versions are „uploads“.