Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix federated link sharing permissions #20726

Merged
merged 1 commit into from
May 4, 2020
Merged

Fix federated link sharing permissions #20726

merged 1 commit into from
May 4, 2020

Conversation

skjnldsv
Copy link
Member

@skjnldsv skjnldsv commented Apr 29, 2020
edited
Loading

So, it of course means we don't store the SHARE permissions for link shares. We only add it on api GET.

It was mostly because of this

server/apps/files_sharing/lib/Controller/ShareAPIController.php

Lines 1002 to 1005 in d221e77

if ($permissions !== null) {
$newPermissions = (int) $permissions;
$newPermissions = $newPermissions & ~Constants::PERMISSION_SHARE;
}

i don't really know what we should do for this. So instead of changing 2 years old code that looks super speficic, I rathered make sure we keep it consistent. Maybe it's wrong, please suggest any better way 👋

In any case, this is a bit odd because when changint the link share to something like READ, we now see in the response that they have the SHARE permission, despite not really being asked for, but I guess it's fine as it behave like an enforced setting?

Reference: #19793 (comment)

It might fix #20692

@skjnldsv skjnldsv mentioned this pull request Apr 29, 2020
Merged
@skjnldsv skjnldsv self-assigned this Apr 29, 2020
@skjnldsv skjnldsv added this to the Nextcloud 19 milestone Apr 29, 2020
@npmbuildbot-nextcloud npmbuildbot-nextcloud bot force-pushed the fix/sharing-link-default-permissions branch from 20b049e to 109f614 Compare April 29, 2020 14:54
@skjnldsv skjnldsv force-pushed the fix/sharing-link-default-permissions branch from 109f614 to d221e77 Compare April 29, 2020 14:58
@skjnldsv skjnldsv marked this pull request as ready for review April 29, 2020 14:58
This was referenced Apr 30, 2020
Merged
Merged
rullzer
rullzer approved these changes May 1, 2020
View reviewed changes
Copy link
Member

@rullzer rullzer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does the job!

@rullzer rullzer requested review from kesselb and gary-kim May 1, 2020 10:41
@rullzer
Copy link
Member

rullzer commented May 2, 2020

Needs a rebase and then time to get it in

@skjnldsv skjnldsv force-pushed the fix/sharing-link-default-permissions branch from d221e77 to fd7b0b1 Compare May 2, 2020 10:13
@skjnldsv
Copy link
Member Author

skjnldsv commented May 2, 2020

/compile amend /

@npmbuildbot-nextcloud npmbuildbot-nextcloud bot force-pushed the fix/sharing-link-default-permissions branch from fd7b0b1 to 6322ede Compare May 2, 2020 10:22
@MorrisJobke
Copy link
Member

Conflicts

@MorrisJobke MorrisJobke added 2. developing Work in progress and removed 3. to review Waiting for reviews labels May 4, 2020
@skjnldsv skjnldsv force-pushed the fix/sharing-link-default-permissions branch from 6322ede to 5d0ffce Compare May 4, 2020 11:37
@skjnldsv skjnldsv added 4. to release Ready to be released and/or waiting for tests to finish and removed 2. developing Work in progress labels May 4, 2020
@skjnldsv
Copy link
Member Author

skjnldsv commented May 4, 2020

/compile amend /

@skjnldsv @npmbuildbot
Fix federated link sharing permissions
ff20da6 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
@npmbuildbot-nextcloud npmbuildbot-nextcloud bot force-pushed the fix/sharing-link-default-permissions branch from 5d0ffce to ff20da6 Compare May 4, 2020 11:48
MorrisJobke
MorrisJobke approved these changes May 4, 2020
View reviewed changes
Copy link
Member

@MorrisJobke MorrisJobke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code makes sense 👍

@skjnldsv skjnldsv added 2. developing Work in progress and removed 4. to release Ready to be released and/or waiting for tests to finish labels May 4, 2020
@skjnldsv
Copy link
Member Author

skjnldsv commented May 4, 2020

Lots of test sfailures 😞

@rullzer rullzer merged commit edb19cc into master May 4, 2020
@rullzer rullzer deleted the fix/sharing-link-default-permissions branch May 4, 2020 19:04
@MorrisJobke
Copy link
Member

@skjnldsv @rullzer Why was this merged even if it had failures?

@rullzer
Copy link
Member

rullzer commented May 5, 2020

mmm Did I hit merge on the wrong PR... guess so...

rullzer
rullzer reviewed May 6, 2020
View reviewed changes
apps/files_sharing/lib/Controller/ShareAPIController.php
@@ -215,11 +216,20 @@ protected function formatShare(\OCP\Share\IShare $share, Node $recipientNode = n
$result['expiration'] = $expiration->format('Y-m-d 00:00:00');
}

if ($share->getShareType() === Share::SHARE_TYPE_USER) {
// TODO: It might make sense to have a dedicated setting to allow/deny converting link shares into federated ones
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I remember the discussion here but I guess I only now see the full impact. The permission needs to be persisted in the DB else the share conversion still doesn't happen. Because other part of the NC code don't use this they uyse the share object.

So either we do not care at all. ANd just check where we need to. Or we need to also make sure it is correct in the db.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess this basically reverts what we tried to do in #19793

Let me prepare a fix

@rullzer rullzer mentioned this pull request May 6, 2020
Merged
This was referenced May 26, 2020
Merged
Merged
@danxuliu danxuliu mentioned this pull request May 28, 2020
Merged
@danxuliu danxuliu mentioned this pull request Jun 25, 2020
Merged
@deepthought-64 deepthought-64 mentioned this pull request Mar 18, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rullzer rullzer rullzer approved these changes

@gary-kim gary-kim gary-kim approved these changes

@MorrisJobke MorrisJobke MorrisJobke approved these changes

@ChristophWurst ChristophWurst Awaiting requested review from ChristophWurst

@juliusknorr juliusknorr Awaiting requested review from juliusknorr

@nickvergessen nickvergessen Awaiting requested review from nickvergessen

@kesselb kesselb Awaiting requested review from kesselb

Assignees

@skjnldsv skjnldsv

Labels
2. developing Work in progress bug feature: federation feature: sharing high
Projects
None yet
Milestone
Nextcloud 19
Development

Successfully merging this pull request may close these issues.

"Error updating the share" when "allow editing" at sharing
4 participants
@skjnldsv @rullzer @MorrisJobke @gary-kim