diff --git a/core/ajax/share.php b/core/ajax/share.php
index 4738d0e08272f0beff76288f4611e196301e6055..a1c573900c9e049cd6e92bece53c1be35af0f2dc 100644
--- a/core/ajax/share.php
+++ b/core/ajax/share.php
@@ -48,9 +48,28 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
$shareType = (int)$_POST['shareType'];
$shareWith = $_POST['shareWith'];
$itemSourceName = isset($_POST['itemSourceName']) ? (string)$_POST['itemSourceName'] : null;
- if ($shareType === OCP\Share::SHARE_TYPE_LINK && $shareWith == '') {
- $shareWith = null;
+
+ /*
+ * Nasty nasty fix for https://github.com/owncloud/core/issues/19950
+ */
+ $passwordChanged = null;
+ if (is_array($shareWith)) {
+ $passwordChanged = ($shareWith['passwordChanged'] === 'true');
+ if ($shareType === OCP\Share::SHARE_TYPE_LINK && $shareWith['password'] === '') {
+ $shareWith = null;
+ } else {
+ $shareWith = $shareWith['password'];
+ }
+ } else {
+ /*
+ * We need this branch since the calendar and contacts also use this
+ * endpoint
+ */
+ if ($shareType === OCP\Share::SHARE_TYPE_LINK && $shareWith === '') {
+ $shareWith = null;
+ }
}
+
$itemSourceName=(isset($_POST['itemSourceName'])) ? (string)$_POST['itemSourceName']:'';
$token = OCP\Share::shareItem(
@@ -60,7 +79,8 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
$shareWith,
$_POST['permissions'],
$itemSourceName,
- (!empty($_POST['expirationDate']) ? new \DateTime((string)$_POST['expirationDate']) : null)
+ (!empty($_POST['expirationDate']) ? new \DateTime((string)$_POST['expirationDate']) : null),
+ $passwordChanged
);
if (is_string($token)) {
diff --git a/core/js/shareitemmodel.js b/core/js/shareitemmodel.js
index 1cf116f08f919fdb43acb6c467e4f484dcbb073d..ae3cb0ce2e30cf4bf81f51e5c153af6a5e0f91b9 100644
--- a/core/js/shareitemmodel.js
+++ b/core/js/shareitemmodel.js
@@ -116,7 +116,8 @@
// TODO: use backbone's default value mechanism once this is a separate model
var requiredAttributes = [
- { name: 'password', defaultValue: '' },
+ { name: 'password', defaultValue: '' },
+ { name: 'passwordChanged', defaultValue: false },
{ name: 'permissions', defaultValue: OC.PERMISSION_READ },
{ name: 'expiration', defaultValue: this.configModel.getDefaultExpirationDateString() }
];
@@ -136,11 +137,16 @@
}
});
+ var password = {
+ password: attributes.password,
+ passwordChanged: attributes.passwordChanged
+ };
+
OC.Share.share(
itemType,
itemSource,
OC.Share.SHARE_TYPE_LINK,
- attributes.password,
+ password,
attributes.permissions,
this.fileInfoModel.get('name'),
attributes.expiration,
@@ -208,6 +214,7 @@
*/
setPassword: function(password) {
this.get('linkShare').password = password;
+ this.get('linkShare').passwordChanged = true;
},
addShare: function(attributes, options) {
diff --git a/core/js/tests/specs/sharedialogviewSpec.js b/core/js/tests/specs/sharedialogviewSpec.js
index 0117f517d4c807757f906567757b06805fb57ae5..1c05bf219684e7570824edabfc9874e81957262b 100644
--- a/core/js/tests/specs/sharedialogviewSpec.js
+++ b/core/js/tests/specs/sharedialogviewSpec.js
@@ -146,7 +146,8 @@ describe('OC.Share.ShareDialogView', function() {
expect(fakeServer.requests[1].method).toEqual('POST');
var body = OC.parseQueryString(fakeServer.requests[1].requestBody);
- expect(body.shareWith).toEqual('foo');
+ expect(body['shareWith[password]']).toEqual('foo');
+ expect(body['shareWith[passwordChanged]']).toEqual('true');
fetchStub.reset();
@@ -185,7 +186,8 @@ describe('OC.Share.ShareDialogView', function() {
expect(fakeServer.requests[1].method).toEqual('POST');
var body = OC.parseQueryString(fakeServer.requests[1].requestBody);
- expect(body.shareWith).toEqual('foo');
+ expect(body['shareWith[password]']).toEqual('foo');
+ expect(body['shareWith[passwordChanged]']).toEqual('true');
fetchStub.reset();
diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index b015d7738b58aca70e29cc3a79fcc6173173e4a4..097c5a14b9fd79d4a80b851e1428b4748d1070fe 100644
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -597,11 +597,12 @@ class Share extends Constants {
* @param int $permissions CRUDS
* @param string $itemSourceName
* @param \DateTime $expirationDate
+ * @param bool $passwordChanged
* @return boolean|string Returns true on success or false on failure, Returns token on success for links
* @throws \OC\HintException when the share type is remote and the shareWith is invalid
* @throws \Exception
*/
- public static function shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions, $itemSourceName = null, \DateTime $expirationDate = null) {
+ public static function shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions, $itemSourceName = null, \DateTime $expirationDate = null, $passwordChanged = null) {
$backend = self::getBackend($itemType);
$l = \OC::$server->getL10N('lib');
@@ -775,14 +776,25 @@ class Share extends Constants {
$updateExistingShare = true;
}
- // Generate hash of password - same method as user passwords
- if (is_string($shareWith) && $shareWith !== '') {
- self::verifyPassword($shareWith);
- $shareWith = \OC::$server->getHasher()->hash($shareWith);
+ if ($passwordChanged === null) {
+ // Generate hash of password - same method as user passwords
+ if (is_string($shareWith) && $shareWith !== '') {
+ self::verifyPassword($shareWith);
+ $shareWith = \OC::$server->getHasher()->hash($shareWith);
+ } else {
+ // reuse the already set password, but only if we change permissions
+ // otherwise the user disabled the password protection
+ if ($checkExists && (int)$permissions !== (int)$oldPermissions) {
+ $shareWith = $checkExists['share_with'];
+ }
+ }
} else {
- // reuse the already set password, but only if we change permissions
- // otherwise the user disabled the password protection
- if ($checkExists && (int)$permissions !== (int)$oldPermissions) {
+ if ($passwordChanged === true) {
+ if (is_string($shareWith) && $shareWith !== '') {
+ self::verifyPassword($shareWith);
+ $shareWith = \OC::$server->getHasher()->hash($shareWith);
+ }
+ } else if ($updateExistingShare) {
$shareWith = $checkExists['share_with'];
}
}
diff --git a/lib/public/share.php b/lib/public/share.php
index 0f5c68c576d158d61564244ae1839f80d7d267a7..4fcc7d81d1625a4036c54918d6e90d354b1ad359 100644
--- a/lib/public/share.php
+++ b/lib/public/share.php
@@ -255,13 +255,14 @@ class Share extends \OC\Share\Constants {
* @param int $permissions CRUDS
* @param string $itemSourceName
* @param \DateTime $expirationDate
+ * @param bool $passwordChanged
* @return bool|string Returns true on success or false on failure, Returns token on success for links
* @throws \OC\HintException when the share type is remote and the shareWith is invalid
* @throws \Exception
- * @since 5.0.0 - parameter $itemSourceName was added in 6.0.0, parameter $expirationDate was added in 7.0.0
+ * @since 5.0.0 - parameter $itemSourceName was added in 6.0.0, parameter $expirationDate was added in 7.0.0, paramter $passwordChanged added in 9.0.0
*/
- public static function shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions, $itemSourceName = null, \DateTime $expirationDate = null) {
- return \OC\Share\Share::shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions, $itemSourceName, $expirationDate);
+ public static function shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions, $itemSourceName = null, \DateTime $expirationDate = null, $passwordChanged = null) {
+ return \OC\Share\Share::shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions, $itemSourceName, $expirationDate, $passwordChanged);
}
/**