Commit 687c0592 authored by Vincent Petry's avatar Vincent Petry Committed by GitHub
Browse files

Properly convert OCS params + more tests (#26691)

* Correctly convert OCS permissions params

* Added tests about permissions and public upload

Added read and share permissions instead of all (default ones)

Added positive case

Check also permissions update

Added tests for resharing with public links when the user doesn't have enough permisssions
parent d2e5c945
......@@ -645,6 +645,7 @@ class Share20OCS {
if ($newPermissions !== null) {
$share->setPermissions($newPermissions);
$permissions = $newPermissions;
}
if ($expireDate === '') {
......
......@@ -1303,6 +1303,7 @@ class Share20OCSTest extends \Test\TestCase {
$share = $this->newShare();
$share->setPermissions(\OCP\Constants::PERMISSION_ALL)
->setSharedBy($this->currentUser->getUID())
->setShareOwner($this->currentUser->getUID())
->setShareType(Share::SHARE_TYPE_LINK)
->setPassword('password')
->setExpirationDate(new \DateTime())
......@@ -1349,6 +1350,7 @@ class Share20OCSTest extends \Test\TestCase {
$share = \OC::$server->getShareManager()->newShare();
$share->setPermissions(\OCP\Constants::PERMISSION_ALL)
->setSharedBy($this->currentUser->getUID())
->setShareOwner($this->currentUser->getUID())
->setShareType(Share::SHARE_TYPE_LINK)
->setNode($folder);
......@@ -1392,6 +1394,7 @@ class Share20OCSTest extends \Test\TestCase {
$share = \OC::$server->getShareManager()->newShare();
$share->setPermissions(\OCP\Constants::PERMISSION_ALL)
->setSharedBy($this->currentUser->getUID())
->setShareOwner($this->currentUser->getUID())
->setShareType(Share::SHARE_TYPE_LINK)
->setPassword('password')
->setNode($folder);
......@@ -1627,6 +1630,7 @@ class Share20OCSTest extends \Test\TestCase {
$share = \OC::$server->getShareManager()->newShare();
$share->setPermissions(\OCP\Constants::PERMISSION_ALL)
->setSharedBy($this->currentUser->getUID())
->setShareOwner($this->currentUser->getUID())
->setShareType(Share::SHARE_TYPE_LINK)
->setPassword('password')
->setExpirationDate($date)
......@@ -1819,6 +1823,59 @@ class Share20OCSTest extends \Test\TestCase {
$this->assertEquals($expected->getData(), $result->getData());
}
/**
* @dataProvider publicUploadParamsProvider
*/
public function testUpdateShareCannotIncreasePermissionsPublicLink($params) {
$ocs = $this->mockFormatShare();
$date = new \DateTime('2000-01-01');
$folder = $this->createMock('\OCP\Files\Folder');
$share = \OC::$server->getShareManager()->newShare();
$share
->setId(42)
->setSharedBy('anotheruser')
->setShareOwner('anotheruser')
->setShareType(Share::SHARE_TYPE_USER)
->setSharedWith($this->currentUser->getUID())
->setPermissions(\OCP\Constants::PERMISSION_READ)
->setNode($folder);
$linkShare = \OC::$server->getShareManager()->newShare();
$linkShare
->setId(43)
->setSharedBy($this->currentUser->getUID())
->setShareOwner('anotheruser')
->setShareType(Share::SHARE_TYPE_LINK)
->setToken('dummy')
->setPermissions(\OCP\Constants::PERMISSION_READ)
->setNode($folder);
$this->request
->method('getParam')
->will($this->returnValueMap($params));
$this->shareManager->method('getShareById')->with('ocinternal:43')->willReturn($linkShare);
$this->shareManager->method('shareApiLinkAllowPublicUpload')->willReturn(true);
$this->shareManager->expects($this->any())
->method('getSharedWith')
->will($this->returnValueMap([
[$this->currentUser->getUID(), Share::SHARE_TYPE_USER, $share->getNode(), -1, 0, [$share]],
[$this->currentUser->getUID(), Share::SHARE_TYPE_GROUP, $share->getNode(), -1, 0, []],
]));
$this->shareManager->expects($this->never())->method('updateShare');
$expected = new \OC\OCS\Result(null, 404, 'Cannot increase permissions');
$result = $ocs->updateShare(43);
$this->assertEquals($expected->getMeta(), $result->getMeta());
$this->assertEquals($expected->getData(), $result->getData());
}
public function testUpdateShareCanIncreasePermissionsIfOwner() {
$ocs = $this->mockFormatShare();
......
......@@ -976,3 +976,118 @@ Feature: sharing
Then etag of element "/" of user "user1" has changed
And etag of element "/PARENT" of user "user0" has not changed
Scenario: Increasing permissions is allowed for owner
Given As an "admin"
And user "user0" exists
And user "user1" exists
And group "new-group" exists
And user "user0" belongs to group "new-group"
And user "user1" belongs to group "new-group"
And Assure user "user0" is subadmin of group "new-group"
And As an "user0"
And folder "/FOLDER" of user "user0" is shared with group "new-group"
And Updating last share with
| permissions | 0 |
When Updating last share with
| permissions | 31 |
Then the OCS status code should be "100"
And the HTTP status code should be "200"
Scenario: Adding public upload to a read only shared folder as recipient is not allowed
Given As an "admin"
And user "user0" exists
And user "user1" exists
And As an "user0"
And user "user0" created a folder "/test"
And folder "/test" of user "user0" is shared with user "user1" with permissions 17
And As an "user1"
And creating a share with
| path | /test |
| shareType | 3 |
| publicUpload | false |
When Updating last share with
| publicUpload | true |
Then the OCS status code should be "404"
And the HTTP status code should be "200"
Scenario: Adding public upload to a shared folder as recipient is allowed with permissions
Given As an "admin"
And user "user0" exists
And user "user1" exists
And As an "user0"
And user "user0" created a folder "/test"
And folder "/test" of user "user0" is shared with user "user1" with permissions 31
And As an "user1"
And creating a share with
| path | /test |
| shareType | 3 |
| publicUpload | false |
When Updating last share with
| publicUpload | true |
Then the OCS status code should be "100"
And the HTTP status code should be "200"
Scenario: Adding public upload to a read only shared folder as recipient is not allowed
Given As an "admin"
And user "user0" exists
And user "user1" exists
And As an "user0"
And user "user0" created a folder "/test"
And folder "/test" of user "user0" is shared with user "user1" with permissions 17
And As an "user1"
And creating a share with
| path | /test |
| shareType | 3 |
| permissions | 1 |
When Updating last share with
| permissions | 15 |
Then the OCS status code should be "404"
And the HTTP status code should be "200"
Scenario: Adding public upload to a shared folder as recipient is allowed with permissions
Given As an "admin"
And user "user0" exists
And user "user1" exists
And As an "user0"
And user "user0" created a folder "/test"
And folder "/test" of user "user0" is shared with user "user1" with permissions 31
And As an "user1"
And creating a share with
| path | /test |
| shareType | 3 |
| permissions | 1 |
When Updating last share with
| permissions | 15 |
Then the OCS status code should be "100"
And the HTTP status code should be "200"
Scenario: resharing using a public link with read only permissions is not allowed
Given As an "admin"
And user "user0" exists
And user "user1" exists
And As an "user0"
And user "user0" created a folder "/test"
And folder "/test" of user "user0" is shared with user "user1" with permissions 1
And As an "user1"
And creating a share with
| path | /test |
| shareType | 3 |
| publicUpload | false |
Then the OCS status code should be "404"
And the HTTP status code should be "200"
Scenario: resharing using a public link with read and write permissions only is not allowed
Given As an "admin"
And user "user0" exists
And user "user1" exists
And As an "user0"
And user "user0" created a folder "/test"
And folder "/test" of user "user0" is shared with user "user1" with permissions 15
And As an "user1"
And creating a share with
| path | /test |
| shareType | 3 |
| publicUpload | false |
Then the OCS status code should be "404"
And the HTTP status code should be "200"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment