Commit 8782b223 authored by Morris Jobke's avatar Morris Jobke
Browse files

Merge pull request #12084 from owncloud/sharing_fix_shared_with_info

sharing: make sure that we only find the shares from a given owner 
parents e956bd10 a7ebfe87
......@@ -26,13 +26,14 @@ class OC_Share_Backend_Folder extends OC_Share_Backend_File implements OCP\Share
*
* @param int $itemSource item source ID
* @param string $shareWith with whom should the item be shared
* @param string $owner owner of the item
* @return array with shares
*/
public function getParents($itemSource, $shareWith = null) {
public function getParents($itemSource, $shareWith = null, $owner = null) {
$result = array();
$parent = $this->getParentId($itemSource);
while ($parent) {
$shares = \OCP\Share::getItemSharedWithUser('folder', $parent, $shareWith);
$shares = \OCP\Share::getItemSharedWithUser('folder', $parent, $shareWith, $owner);
if ($shares) {
foreach ($shares as $share) {
$name = substr($share['path'], strrpos($share['path'], '/') + 1);
......
......@@ -287,12 +287,12 @@ class Share extends \OC\Share\Constants {
* Get the item of item type shared with a given user by source
* @param string $itemType
* @param string $itemSource
* @param string $user User user to whom the item was shared
* @param string $user User to whom the item was shared
* @param string $owner Owner of the share
* @param int $shareType only look for a specific share type
* @return array Return list of items with file_target, permissions and expiration
*/
public static function getItemSharedWithUser($itemType, $itemSource, $user, $shareType = null) {
public static function getItemSharedWithUser($itemType, $itemSource, $user, $owner = null, $shareType = null) {
$shares = array();
$fileDependend = false;
......@@ -320,6 +320,11 @@ class Share extends \OC\Share\Constants {
$arguments[] = $shareType;
}
if ($owner !== null) {
$where .= ' AND `uid_owner` = ? ';
$arguments[] = $owner;
}
$query = \OC_DB::prepare('SELECT ' . $select . ' FROM `*PREFIX*share` '. $where);
$result = \OC_DB::executeAudited($query, $arguments);
......@@ -701,7 +706,7 @@ class Share extends \OC\Share\Constants {
// check if it is a valid itemType
self::getBackend($itemType);
$items = self::getItemSharedWithUser($itemType, $itemSource, $shareWith, $shareType);
$items = self::getItemSharedWithUser($itemType, $itemSource, $shareWith, null, $shareType);
$toDelete = array();
$newParent = null;
......@@ -1629,7 +1634,7 @@ class Share extends \OC\Share\Constants {
// Need to find a solution which works for all back-ends
$collectionItems = array();
$collectionBackend = self::getBackend('folder');
$sharedParents = $collectionBackend->getParents($item, $shareWith);
$sharedParents = $collectionBackend->getParents($item, $shareWith, $uidOwner);
foreach ($sharedParents as $parent) {
$collectionItems[] = $parent;
}
......
......@@ -125,11 +125,12 @@ class Share extends \OC\Share\Constants {
* Get the item of item type shared with a given user by source
* @param string $itemType
* @param string $itemSource
* @param string $user User user to whom the item was shared
* @param string $user User to whom the item was shared
* @param string $owner Owner of the share
* @return array Return list of items with file_target, permissions and expiration
*/
public static function getItemSharedWithUser($itemType, $itemSource, $user) {
return \OC\Share\Share::getItemSharedWithUser($itemType, $itemSource, $user);
public static function getItemSharedWithUser($itemType, $itemSource, $user, $owner = null) {
return \OC\Share\Share::getItemSharedWithUser($itemType, $itemSource, $user, $owner);
}
/**
......
......@@ -658,6 +658,50 @@ class Test_Share extends \Test\TestCase {
return $row;
}
public function testGetItemSharedWithUser() {
OC_User::setUserId($this->user1);
//add dummy values to the share table
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` ('
.' `item_type`, `item_source`, `item_target`, `share_type`,'
.' `share_with`, `uid_owner`) VALUES (?,?,?,?,?,?)');
$args = array('test', 99, 'target1', OCP\Share::SHARE_TYPE_USER, $this->user2, $this->user1);
$query->execute($args);
$args = array('test', 99, 'target2', OCP\Share::SHARE_TYPE_USER, $this->user4, $this->user1);
$query->execute($args);
$args = array('test', 99, 'target3', OCP\Share::SHARE_TYPE_USER, $this->user3, $this->user2);
$query->execute($args);
$args = array('test', 99, 'target4', OCP\Share::SHARE_TYPE_USER, $this->user3, $this->user4);
$query->execute($args);
$result1 = \OCP\Share::getItemSharedWithUser('test', 99, $this->user2, $this->user1);
$this->assertSame(1, count($result1));
$this->verifyResult($result1, array('target1'));
$result2 = \OCP\Share::getItemSharedWithUser('test', 99, null, $this->user1);
$this->assertSame(2, count($result2));
$this->verifyResult($result2, array('target1', 'target2'));
$result3 = \OCP\Share::getItemSharedWithUser('test', 99, $this->user3);
$this->assertSame(2, count($result3));
$this->verifyResult($result3, array('target3', 'target4'));
$result4 = \OCP\Share::getItemSharedWithUser('test', 99, null, null);
$this->assertSame(4, count($result4));
$this->verifyResult($result4, array('target1', 'target2', 'target3', 'target4'));
}
public function verifyResult($result, $expected) {
foreach ($result as $r) {
if (in_array($r['item_target'], $expected)) {
$key = array_search($r['item_target'], $expected);
unset($expected[$key]);
}
}
$this->assertEmpty($expected, 'did not found all expected values');
}
public function testShareItemWithLink() {
OC_User::setUserId($this->user1);
$token = OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_LINK, null, OCP\PERMISSION_READ);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment