diff --git a/core/js/share.js b/core/js/share.js
index 2692ff60b5c84697374069e9f3b4f632b423c2bf..877ef4856a33f987e55037b779c20c1e0ffccd1c 100644
--- a/core/js/share.js
+++ b/core/js/share.js
@@ -360,6 +360,8 @@ OC.Share={
html += '<span class="reshare">'+t('core', 'Shared with you by {owner}', {owner: data.reshare.displayname_owner})+'</span>';
}
html += '<br />';
+ // reduce possible permissions to what the original share allowed
+ possiblePermissions = possiblePermissions & data.reshare.permissions;
}
if (possiblePermissions & OC.PERMISSION_SHARE) {
diff --git a/core/js/tests/specs/shareSpec.js b/core/js/tests/specs/shareSpec.js
index 4859ba782d2cb8df21b5e7f400c7f02957928b8a..f45008954648d8f0646863edd99cfe69e0ff3b2e 100644
--- a/core/js/tests/specs/shareSpec.js
+++ b/core/js/tests/specs/shareSpec.js
@@ -61,6 +61,7 @@ describe('OC.Share tests', function() {
loadItemStub.restore();
autocompleteStub.restore();
+ $('#dropdown').remove();
});
it('calls loadItem with the correct arguments', function() {
OC.Share.showDropDown(
@@ -502,6 +503,161 @@ describe('OC.Share tests', function() {
expect(shares[OC.Share.SHARE_TYPE_GROUP]).not.toBeDefined();
});
});
+ describe('share permissions', function() {
+ beforeEach(function() {
+ oc_appconfig.core.resharingAllowed = true;
+ });
+
+ /**
+ * Tests sharing with the given possible permissions
+ *
+ * @param {int} possiblePermissions
+ * @return {int} permissions sent to the server
+ */
+ function testWithPermissions(possiblePermissions) {
+ OC.Share.showDropDown(
+ 'file',
+ 123,
+ $container,
+ true,
+ possiblePermissions,
+ 'shared_file_name.txt'
+ );
+ var autocompleteOptions = autocompleteStub.getCall(0).args[0];
+ // simulate autocomplete selection
+ autocompleteOptions.select(new $.Event('select'), {
+ item: {
+ label: 'User Two',
+ value: {
+ shareType: OC.Share.SHARE_TYPE_USER,
+ shareWith: 'user2'
+ }
+ }
+ });
+ autocompleteStub.reset();
+ var requestBody = OC.parseQueryString(_.last(fakeServer.requests).requestBody);
+ return parseInt(requestBody.permissions, 10);
+ }
+
+ describe('regular sharing', function() {
+ it('shares with given permissions with default config', function() {
+ loadItemStub.returns({
+ reshare: [],
+ shares: []
+ });
+ expect(
+ testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
+ ).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE);
+ expect(
+ testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_SHARE)
+ ).toEqual(OC.PERMISSION_READ | OC.PERMISSION_SHARE);
+ });
+ it('removes share permission when not allowed', function() {
+ oc_appconfig.core.resharingAllowed = false;
+ loadItemStub.returns({
+ reshare: [],
+ shares: []
+ });
+ expect(
+ testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
+ ).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE);
+ });
+ it('automatically adds READ permission even when not specified', function() {
+ oc_appconfig.core.resharingAllowed = false;
+ loadItemStub.returns({
+ reshare: [],
+ shares: []
+ });
+ expect(
+ testWithPermissions(OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
+ ).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_UPDATE);
+ });
+ it('does not show sharing options when sharing not allowed', function() {
+ loadItemStub.returns({
+ reshare: [],
+ shares: []
+ });
+ OC.Share.showDropDown(
+ 'file',
+ 123,
+ $container,
+ true,
+ OC.PERMISSION_READ,
+ 'shared_file_name.txt'
+ );
+ expect($('#dropdown #shareWithList').length).toEqual(0);
+ });
+ });
+ describe('resharing', function() {
+ it('shares with given permissions when original share had all permissions', function() {
+ loadItemStub.returns({
+ reshare: {
+ permissions: OC.PERMISSION_ALL
+ },
+ shares: []
+ });
+ expect(
+ testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
+ ).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE);
+ });
+ it('reduces reshare permissions to the ones from the original share', function() {
+ loadItemStub.returns({
+ reshare: {
+ permissions: OC.PERMISSION_READ,
+ uid_owner: 'user1'
+ },
+ shares: []
+ });
+ OC.Share.showDropDown(
+ 'file',
+ 123,
+ $container,
+ true,
+ OC.PERMISSION_ALL,
+ 'shared_file_name.txt'
+ );
+ // no resharing allowed
+ expect($('#dropdown #shareWithList').length).toEqual(0);
+ });
+ it('reduces reshare permissions to possible permissions', function() {
+ loadItemStub.returns({
+ reshare: {
+ permissions: OC.PERMISSION_ALL,
+ uid_owner: 'user1'
+ },
+ shares: []
+ });
+ OC.Share.showDropDown(
+ 'file',
+ 123,
+ $container,
+ true,
+ OC.PERMISSION_READ,
+ 'shared_file_name.txt'
+ );
+ // no resharing allowed
+ expect($('#dropdown #shareWithList').length).toEqual(0);
+ });
+ it('does not show sharing options when resharing not allowed', function() {
+ loadItemStub.returns({
+ reshare: {
+ permissions: OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_DELETE,
+ uid_owner: 'user1'
+ },
+ shares: []
+ });
+ OC.Share.showDropDown(
+ 'file',
+ 123,
+ $container,
+ true,
+ OC.PERMISSION_ALL,
+ 'shared_file_name.txt'
+ );
+ expect($('#dropdown #shareWithList').length).toEqual(0);
+ });
+ });
+ });
});
describe('markFileAsShared', function() {
var $file;