diff --git a/lib/Service/FilesAppService.php b/lib/Service/FilesAppService.php index b84ebc1bc..089417900 100644 --- a/lib/Service/FilesAppService.php +++ b/lib/Service/FilesAppService.php @@ -132,6 +132,7 @@ class FilesAppService implements IAttachmentService, ICustomAttachmentService { 'mimetype' => $file->getMimeType(), 'info' => pathinfo($file->getName()), 'hasPreview' => $this->preview->isAvailable($file), + 'permissions' => $share->getPermissions(), ]); return $attachment; } @@ -170,7 +171,11 @@ class FilesAppService implements IAttachmentService, ICustomAttachmentService { $fileName = $file['name']; $userFolder = $this->rootFolder->getUserFolder($this->userId); - $folder = $userFolder->get($this->configService->getAttachmentFolder()); + try { + $folder = $userFolder->get($this->configService->getAttachmentFolder()); + } catch (NotFoundException $e) { + $folder = $userFolder->newFolder($this->configService->getAttachmentFolder()); + } $fileName = $folder->getNonExistingName($fileName); $target = $folder->newFile($fileName); diff --git a/lib/Service/PermissionService.php b/lib/Service/PermissionService.php index 05c393786..bef86f599 100644 --- a/lib/Service/PermissionService.php +++ b/lib/Service/PermissionService.php @@ -142,7 +142,7 @@ class PermissionService { } if ($permission === Acl::PERMISSION_SHARE && $this->shareManager->sharingDisabledForUser($this->userId)) { - return false; + throw new NoPermissionException('Permission denied'); } if ($this->userIsBoardOwner($boardId, $userId)) { diff --git a/lib/Sharing/DeckShareProvider.php b/lib/Sharing/DeckShareProvider.php index 1d60b8a7a..7a992d2af 100644 --- a/lib/Sharing/DeckShareProvider.php +++ b/lib/Sharing/DeckShareProvider.php @@ -37,6 +37,7 @@ use OCA\Deck\Service\PermissionService; use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Db\MultipleObjectsReturnedException; use OCP\AppFramework\Utility\ITimeFactory; +use OCP\Constants; use OCP\DB\QueryBuilder\IQueryBuilder; use OCP\EventDispatcher\IEventDispatcher; use OCP\Files\Folder; @@ -267,10 +268,25 @@ class DeckShareProvider implements \OCP\Share\IShareProvider { $entryData['parent'] = $entryData['f_parent']; $share->setNodeCacheEntry(Cache::cacheEntryFromData($entryData, \OC::$server->get(IMimeTypeLoader::class))); } - return $share; } + private function applyBoardPermission($share, $permissions) { + try { + $this->permissionService->checkPermission($this->cardMapper, $share->getSharedWith(), Acl::PERMISSION_EDIT); + } catch (NoPermissionException $e) { + $permissions &= Constants::PERMISSION_ALL - Constants::PERMISSION_UPDATE; + $permissions &= Constants::PERMISSION_ALL - Constants::PERMISSION_CREATE; + $permissions &= Constants::PERMISSION_ALL - Constants::PERMISSION_DELETE; + } + + try { + $this->permissionService->checkPermission($this->cardMapper, $share->getSharedWith(), Acl::PERMISSION_SHARE); + } catch (NoPermissionException $e) { + $permissions &= Constants::PERMISSION_ALL - Constants::PERMISSION_SHARE; + } + $share->setPermissions($permissions); + } /** * @inheritDoc */ @@ -629,7 +645,7 @@ class DeckShareProvider implements \OCP\Share\IShareProvider { $stmt = $query->execute(); while ($data = $stmt->fetch()) { - $shareMap[$data['parent']]->setPermissions((int)$data['permissions']); + $this->applyBoardPermission($shareMap[$data['parent']], (int)$data['permissions']); $shareMap[$data['parent']]->setTarget($data['file_target']); } @@ -740,7 +756,6 @@ class DeckShareProvider implements \OCP\Share\IShareProvider { $offset--; continue; } - $shares[] = $this->createShareObject($data); } $cursor->closeCursor(); diff --git a/src/components/card/AttachmentList.vue b/src/components/card/AttachmentList.vue index ac9063313..d07fac6e1 100644 --- a/src/components/card/AttachmentList.vue +++ b/src/components/card/AttachmentList.vue @@ -212,7 +212,6 @@ export default { axios.post(generateOcsUrl('apps/files_sharing/api/v1', 2) + 'shares', { path, - permissions: 19, shareType: 12, shareWith: '' + this.cardId, }).then(() => {