/** * share file with a group if a user renames the file the filename should not change * for the other users */ function testMoveGroupShare() { \OC_Group::createGroup('testGroup'); \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER1, 'testGroup'); \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER3, 'testGroup'); $fileinfo = $this->view->getFileInfo($this->filename); $result = \OCP\Share::shareItem('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, "testGroup", 31); self::loginHelper(self::TEST_FILES_SHARING_API_USER2); $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); \OC\Files\Filesystem::rename($this->filename, "newFileName"); $this->assertTrue(\OC\Files\Filesystem::file_exists('newFileName')); $this->assertFalse(\OC\Files\Filesystem::file_exists($this->filename)); self::loginHelper(self::TEST_FILES_SHARING_API_USER3); $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); $this->assertFalse(\OC\Files\Filesystem::file_exists("newFileName")); self::loginHelper(self::TEST_FILES_SHARING_API_USER3); $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); $this->assertFalse(\OC\Files\Filesystem::file_exists("newFileName")); //cleanup \OCP\Share::unshare('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, 'testGroup'); \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER1, 'testGroup'); \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER3, 'testGroup'); }
private static function update_groups($uid, $groups, $protectedGroups = array(), $just_created = false) { if (!$just_created) { $old_groups = OC_Group::getUserGroups($uid); foreach ($old_groups as $group) { if (!in_array($group, $protectedGroups) && !in_array($group, $groups)) { // This does not affect groups from user_group_admin OC_Group::removeFromGroup($uid, $group); OC_Log::write('saml', 'Removed "' . $uid . '" from the group "' . $group . '"', OC_Log::DEBUG); } } } foreach ($groups as $group) { if (preg_match('/[^a-zA-Z0-9 _\\.@\\-\\/]/', $group)) { OC_Log::write('saml', 'Invalid group "' . $group . '", allowed chars "a-zA-Z0-9" and "_.@-/" ', OC_Log::DEBUG); } else { if (!OC_Group::inGroup($uid, $group)) { if (!OC_Group::groupExists($group)) { if (OCP\App::isEnabled('user_group_admin')) { OC_User_Group_Admin_Util::createHiddenGroup($group); } else { OC_Group::createGroup($group); } OC_Log::write('saml', 'New group created: ' . $group, OC_Log::DEBUG); } if (OCP\App::isEnabled('user_group_admin')) { OC_User_Group_Admin_Util::addToGroup($uid, $group); } else { OC_Group::addToGroup($uid, $group); } OC_Log::write('saml', 'Added "' . $uid . '" to the group "' . $group . '"', OC_Log::DEBUG); } } } }
/** * Gets an array of groups and will try to add the group to OC and then add the user to the groups. * */ function update_groups($uid, $groups, $protected_groups = array(), $just_created = false) { if (!$just_created) { $old_groups = OC_Group::getUserGroups($uid); foreach ($old_groups as $group) { if (!in_array($group, $protected_groups) && !in_array($group, $groups)) { \OC_Group::removeFromGroup($uid, $group); \OCP\Util::writeLog('cas', 'Removed "' . $uid . '" from the group "' . $group . '"', \OCP\Util::DEBUG); } } } foreach ($groups as $group) { if (preg_match('/[^a-zA-Z0-9 _\\.@\\-]/', $group)) { \OCP\Util::writeLog('cas', 'Invalid group "' . $group . '", allowed chars "a-zA-Z0-9" and "_.@-" ', \OCP\Util::DEBUG); } else { if (!\OC_Group::inGroup($uid, $group)) { if (!OC_Group::groupExists($group)) { \OC_Group::createGroup($group); \OCP\Util::writeLog('cas', 'New group created: ' . $group, \OCP\Util::DEBUG); } \OC_Group::addToGroup($uid, $group); \OCP\Util::writeLog('cas', 'Added "' . $uid . '" to the group "' . $group . '"', \OCP\Util::DEBUG); } } } }
/** * Delete the user * * @return bool */ public function delete() { if ($this->emitter) { $this->emitter->emit('\\OC\\User', 'preDelete', array($this)); } $result = $this->backend->deleteUser($this->uid); if ($result) { // FIXME: Feels like an hack - suggestions? // We have to delete the user from all groups foreach (\OC_Group::getUserGroups($this->uid) as $i) { \OC_Group::removeFromGroup($this->uid, $i); } // Delete the user's keys in preferences \OC::$server->getConfig()->deleteAllUserValues($this->uid); // Delete user files in /data/ \OC_Helper::rmdirr(\OC_User::getHome($this->uid)); // Delete the users entry in the storage table \OC\Files\Cache\Storage::remove('home::' . $this->uid); \OC::$server->getCommentsManager()->deleteReferencesOfActor('users', $this->uid); \OC::$server->getCommentsManager()->deleteReadMarksFromUser($this); } if ($this->emitter) { $this->emitter->emit('\\OC\\User', 'postDelete', array($this)); } return !($result === false); }
/** * @brief delete a user * @param $uid The username of the user to delete * @returns true/false * * Deletes a user */ public static function deleteUser($uid) { $run = true; OC_Hook::emit("OC_User", "pre_deleteUser", array("run" => &$run, "uid" => $uid)); if ($run) { //delete the user from all backends foreach (self::$_usedBackends as $backend) { $backend->deleteUser($uid); } if (self::userExists($uid)) { return false; } // We have to delete the user from all groups foreach (OC_Group::getUserGroups($uid) as $i) { OC_Group::removeFromGroup($uid, $i); } // Delete the user's keys in preferences OC_Preferences::deleteUser($uid); // Delete user files in /data/ OC_Helper::rmdirr(OC_Config::getValue("datadirectory", OC::$SERVERROOT . "/data") . '/' . $uid . '/'); // Emit and exit OC_Hook::emit("OC_User", "post_deleteUser", array("uid" => $uid)); return true; } else { return false; } }
public function testShareWithGroup() { // Invalid shares $message = 'Sharing test.txt failed, because the group foobar does not exist'; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, 'foobar', \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } $policy = \OC::$server->getAppConfig()->getValue('core', 'shareapi_only_share_with_group_members', 'no'); \OC::$server->getAppConfig()->setValue('core', 'shareapi_only_share_with_group_members', 'yes'); $message = 'Sharing test.txt failed, because ' . $this->user1 . ' is not a member of the group ' . $this->group2; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group2, \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } \OC::$server->getAppConfig()->setValue('core', 'shareapi_only_share_with_group_members', $policy); // Valid share $this->shareUserOneTestFileWithGroupOne(); // check if only the group share was created and not a single db-entry for each user $statement = \OCP\DB::prepare('select `id` from `*PREFIX*share`'); $query = $statement->execute(); $result = $query->fetchAll(); $this->assertSame(1, count($result)); // Attempt to share again OC_User::setUserId($this->user1); $message = 'Sharing test.txt failed, because this item is already shared with ' . $this->group1; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1, \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } // Attempt to share back to owner of group share OC_User::setUserId($this->user2); $message = 'Sharing test.txt failed, because the user ' . $this->user1 . ' is the original sharer'; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user1, \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } // Attempt to share back to group $message = 'Sharing test.txt failed, because this item is already shared with ' . $this->group1; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1, \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } // Attempt to share back to member of group $message = 'Sharing test.txt failed, because this item is already shared with ' . $this->user3; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user3, \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } // Unshare OC_User::setUserId($this->user1); $this->assertTrue(OCP\Share::unshare('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1)); // Valid share with same person - user then group $this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_DELETE | \OCP\Constants::PERMISSION_SHARE)); $this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE)); OC_User::setUserId($this->user2); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); $this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE | \OCP\Constants::PERMISSION_SHARE), OCP\Share::getItemSharedWith('test', 'test.txt', Test_Share_Backend::FORMAT_PERMISSIONS)); OC_User::setUserId($this->user3); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); $this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE), OCP\Share::getItemSharedWith('test', 'test.txt', Test_Share_Backend::FORMAT_PERMISSIONS)); // Valid reshare OC_User::setUserId($this->user2); $this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user4, \OCP\Constants::PERMISSION_READ)); OC_User::setUserId($this->user4); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Unshare from user only OC_User::setUserId($this->user1); $this->assertTrue(OCP\Share::unshare('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2)); OC_User::setUserId($this->user2); $this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE), OCP\Share::getItemSharedWith('test', 'test.txt', Test_Share_Backend::FORMAT_PERMISSIONS)); OC_User::setUserId($this->user4); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Valid share with same person - group then user OC_User::setUserId($this->user1); $this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_DELETE)); OC_User::setUserId($this->user2); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); $this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE), OCP\Share::getItemSharedWith('test', 'test.txt', Test_Share_Backend::FORMAT_PERMISSIONS)); // Unshare from group only OC_User::setUserId($this->user1); $this->assertTrue(OCP\Share::unshare('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1)); OC_User::setUserId($this->user2); $this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_DELETE), OCP\Share::getItemSharedWith('test', 'test.txt', Test_Share_Backend::FORMAT_PERMISSIONS)); // Attempt user specific target conflict OC_User::setUserId($this->user3); \OCP\Util::connectHook('OCP\\Share', 'post_shared', 'DummyHookListener', 'listen'); $this->assertTrue(OCP\Share::shareItem('test', 'share.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_SHARE)); $this->assertEquals(OCP\Share::SHARE_TYPE_GROUP, DummyHookListener::$shareType); OC_User::setUserId($this->user2); $to_test = OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET); $this->assertEquals(2, count($to_test)); $this->assertTrue(in_array('test.txt', $to_test)); $this->assertTrue(in_array('test1.txt', $to_test)); // Valid reshare $this->assertTrue(OCP\Share::shareItem('test', 'share.txt', OCP\Share::SHARE_TYPE_USER, $this->user4, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_SHARE)); OC_User::setUserId($this->user4); $this->assertEquals(array('test1.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Remove user from group OC_Group::removeFromGroup($this->user2, $this->group1); OC_User::setUserId($this->user2); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); OC_User::setUserId($this->user4); $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Add user to group OC_Group::addToGroup($this->user4, $this->group1); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Unshare from self $this->assertTrue(OCP\Share::unshareFromSelf('test', 'test.txt')); $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); OC_User::setUserId($this->user2); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Unshare from self via source OC_User::setUserId($this->user1); $this->assertTrue(OCP\Share::unshareFromSelf('test', 'share.txt', true)); $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Remove group OC_Group::deleteGroup($this->group1); OC_User::setUserId($this->user4); $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); OC_User::setUserId($this->user3); $this->assertEquals(array(), OCP\Share::getItemsShared('test')); }
/** * @brief delete a user * @param $uid The username of the user to delete * @returns true/false * * Deletes a user */ public static function deleteUser($uid) { $run = true; OC_Hook::emit("OC_User", "pre_deleteUser", array("run" => &$run, "uid" => $uid)); if ($run) { //delete the user from all backends foreach (self::$_usedBackends as $backend) { if ($backend->implementsActions(OC_USER_BACKEND_DELETE_USER)) { $backend->deleteUser($uid); } } // We have to delete the user from all groups foreach (OC_Group::getUserGroups($uid) as $i) { OC_Group::removeFromGroup($uid, $i); } // Delete the user's keys in preferences OC_Preferences::deleteUser($uid); // Emit and exit OC_Hook::emit("OC_User", "post_deleteUser", array("uid" => $uid)); return true; } else { return false; } }
exit; } if (!OC_User::isAdminUser(OC_User::getUser()) && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) { $l = OC_L10N::get('core'); OC_JSON::error(array('data' => array('message' => $l->t('Authentication error')))); exit; } if (!OC_Group::groupExists($group)) { OC_Group::createGroup($group); } $l = OC_L10N::get('settings'); $error = $l->t("Unable to add user to group %s", $group); $action = "add"; // Toggle group if (OC_Group::inGroup($username, $group)) { $action = "remove"; $error = $l->t("Unable to remove user from group %s", $group); $success = OC_Group::removeFromGroup($username, $group); $usersInGroup = OC_Group::usersInGroup($group); if (count($usersInGroup) == 0) { OC_Group::deleteGroup($group); } } else { $success = OC_Group::addToGroup($username, $group); } // Return Success story if ($success) { OC_JSON::success(array("data" => array("username" => $username, "action" => $action, "groupname" => $group))); } else { OC_JSON::error(array("data" => array("message" => $error))); }
/** * If the permissions on a group share are upgraded be sure to still respect * removed shares by a member of that group */ function testPermissionUpgradeOnUserDeletedGroupShare() { \OC_Group::createGroup('testGroup'); \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER1, 'testGroup'); \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER3, 'testGroup'); $connection = \OC::$server->getDatabaseConnection(); // Share item with group $fileinfo = $this->view->getFileInfo($this->folder); $share = $this->share(\OCP\Share::SHARE_TYPE_GROUP, $this->folder, self::TEST_FILES_SHARING_API_USER1, 'testGroup', \OCP\Constants::PERMISSION_READ); // Login as user 2 and verify the item exists self::loginHelper(self::TEST_FILES_SHARING_API_USER2); $this->assertTrue(\OC\Files\Filesystem::file_exists($this->folder)); $result = $this->shareManager->getShareById($share->getFullId(), self::TEST_FILES_SHARING_API_USER2); $this->assertNotEmpty($result); $this->assertEquals(\OCP\Constants::PERMISSION_READ, $result->getPermissions()); // Delete the share $this->assertTrue(\OC\Files\Filesystem::rmdir($this->folder)); $this->assertFalse(\OC\Files\Filesystem::file_exists($this->folder)); // Verify we do not get a share $result = $this->shareManager->getShareById($share->getFullId(), self::TEST_FILES_SHARING_API_USER2); $this->assertEquals(0, $result->getPermissions()); // Login as user 1 again and change permissions self::loginHelper(self::TEST_FILES_SHARING_API_USER1); $share->setPermissions(\OCP\Constants::PERMISSION_ALL); $share = $this->shareManager->updateShare($share); // Login as user 2 and verify self::loginHelper(self::TEST_FILES_SHARING_API_USER2); $this->assertFalse(\OC\Files\Filesystem::file_exists($this->folder)); $result = $this->shareManager->getShareById($share->getFullId(), self::TEST_FILES_SHARING_API_USER2); $this->assertEquals(0, $result->getPermissions()); $this->shareManager->deleteShare($share); //cleanup self::loginHelper(self::TEST_FILES_SHARING_API_USER1); \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER1, 'testGroup'); \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER3, 'testGroup'); }
/** * @brief delete a user * @param string $uid The username of the user to delete * @return bool * * Deletes a user */ public static function deleteUser($uid) { $user = self::getManager()->get($uid); if ($user) { $result = $user->delete(); // if delete was successful we clean-up the rest if ($result) { // We have to delete the user from all groups foreach (OC_Group::getUserGroups($uid) as $i) { OC_Group::removeFromGroup($uid, $i); } // Delete the user's keys in preferences OC_Preferences::deleteUser($uid); // Delete user files in /data/ $home = \OC_User::getHome($uid); OC_Helper::rmdirr($home); // Delete the users entry in the storage table \OC\Files\Cache\Storage::remove('home::' . $uid); \OC\Files\Cache\Storage::remove('local::' . $home . '/'); // Remove it from the Cache self::getManager()->delete($uid); } return true; } else { return false; } }
function testUnshareFromSelf() { \OC_Group::createGroup('testGroup'); \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER3, 'testGroup'); $fileinfo = $this->view->getFileInfo($this->filename); $pathinfo = pathinfo($this->filename); $duplicate = '/' . $pathinfo['filename'] . ' (2).' . $pathinfo['extension']; $result = \OCP\Share::shareItem('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Files_Sharing::TEST_FILES_SHARING_API_USER2, 31); $this->assertTrue($result); $result = \OCP\Share::shareItem('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, 'testGroup', 31); $this->assertTrue($result); self::loginHelper(self::TEST_FILES_SHARING_API_USER2); $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); $this->assertTrue(\OC\Files\Filesystem::file_exists($duplicate)); self::loginHelper(self::TEST_FILES_SHARING_API_USER3); $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); $this->assertFalse(\OC\Files\Filesystem::file_exists($duplicate)); self::loginHelper(self::TEST_FILES_SHARING_API_USER2); \OC\Files\Filesystem::unlink($this->filename); self::loginHelper(self::TEST_FILES_SHARING_API_USER2); $this->assertFalse(\OC\Files\Filesystem::file_exists($this->filename)); $this->assertTrue(\OC\Files\Filesystem::file_exists($duplicate)); // for user3 nothing should change self::loginHelper(self::TEST_FILES_SHARING_API_USER3); $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); $this->assertFalse(\OC\Files\Filesystem::file_exists($duplicate)); self::loginHelper(self::TEST_FILES_SHARING_API_USER2); \OC\Files\Filesystem::unlink($duplicate); self::loginHelper(self::TEST_FILES_SHARING_API_USER2); $this->assertFalse(\OC\Files\Filesystem::file_exists($this->filename)); $this->assertFalse(\OC\Files\Filesystem::file_exists($duplicate)); // for user3 nothing should change self::loginHelper(self::TEST_FILES_SHARING_API_USER3); $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); $this->assertFalse(\OC\Files\Filesystem::file_exists($duplicate)); //cleanup self::loginHelper(self::TEST_FILES_SHARING_API_USER1); \OCP\Share::unshare('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, 'testGroup'); \OCP\Share::unshare('file', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_FILES_SHARING_API_USER2); \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); \OC_Group::deleteGroup('testGroup'); }
public function testShareWithGroup() { // Invalid shares $message = 'Sharing test.txt failed, because the group foobar does not exist'; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, 'foobar', \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } $policy = OC_Appconfig::getValue('core', 'shareapi_only_share_with_group_members', 'no'); OC_Appconfig::setValue('core', 'shareapi_only_share_with_group_members', 'yes'); $message = 'Sharing test.txt failed, because ' . $this->user1 . ' is not a member of the group ' . $this->group2; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group2, \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } OC_Appconfig::setValue('core', 'shareapi_only_share_with_group_members', $policy); // Valid share $this->shareUserOneTestFileWithGroupOne(); // Attempt to share again OC_User::setUserId($this->user1); $message = 'Sharing test.txt failed, because this item is already shared with ' . $this->group1; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1, \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } // Attempt to share back to owner of group share OC_User::setUserId($this->user2); $message = 'Sharing test.txt failed, because the user ' . $this->user1 . ' is the original sharer'; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user1, \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } // Attempt to share back to group $message = 'Sharing test.txt failed, because this item is already shared with ' . $this->group1; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1, \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } // Attempt to share back to member of group $message = 'Sharing test.txt failed, because this item is already shared with ' . $this->user3; try { OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user3, \OCP\Constants::PERMISSION_READ); $this->fail('Exception was expected: ' . $message); } catch (Exception $exception) { $this->assertEquals($message, $exception->getMessage()); } // Unshare OC_User::setUserId($this->user1); $this->assertTrue(OCP\Share::unshare('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1)); // Valid share with same person - user then group $this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_DELETE | \OCP\Constants::PERMISSION_SHARE)); $this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE)); OC_User::setUserId($this->user2); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); $this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE | \OCP\Constants::PERMISSION_SHARE), OCP\Share::getItemSharedWith('test', 'test.txt', Test_Share_Backend::FORMAT_PERMISSIONS)); OC_User::setUserId($this->user3); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); $this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE), OCP\Share::getItemSharedWith('test', 'test.txt', Test_Share_Backend::FORMAT_PERMISSIONS)); // Valid reshare OC_User::setUserId($this->user2); $this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user4, \OCP\Constants::PERMISSION_READ)); OC_User::setUserId($this->user4); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Unshare from user only OC_User::setUserId($this->user1); $this->assertTrue(OCP\Share::unshare('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2)); OC_User::setUserId($this->user2); $this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE), OCP\Share::getItemSharedWith('test', 'test.txt', Test_Share_Backend::FORMAT_PERMISSIONS)); OC_User::setUserId($this->user4); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Valid share with same person - group then user OC_User::setUserId($this->user1); $this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_DELETE)); OC_User::setUserId($this->user2); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); $this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE), OCP\Share::getItemSharedWith('test', 'test.txt', Test_Share_Backend::FORMAT_PERMISSIONS)); // Unshare from group only OC_User::setUserId($this->user1); $this->assertTrue(OCP\Share::unshare('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1)); OC_User::setUserId($this->user2); $this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_DELETE), OCP\Share::getItemSharedWith('test', 'test.txt', Test_Share_Backend::FORMAT_PERMISSIONS)); // Attempt user specific target conflict OC_User::setUserId($this->user3); $this->assertTrue(OCP\Share::shareItem('test', 'share.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_SHARE)); OC_User::setUserId($this->user2); $to_test = OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET); $this->assertEquals(2, count($to_test)); $this->assertTrue(in_array('test.txt', $to_test)); $this->assertTrue(in_array('test1.txt', $to_test)); // Valid reshare $this->assertTrue(OCP\Share::shareItem('test', 'share.txt', OCP\Share::SHARE_TYPE_USER, $this->user4, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_SHARE)); OC_User::setUserId($this->user4); $this->assertEquals(array('test1.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Remove user from group OC_Group::removeFromGroup($this->user2, $this->group1); OC_User::setUserId($this->user2); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); OC_User::setUserId($this->user4); $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Add user to group OC_Group::addToGroup($this->user4, $this->group1); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Unshare from self $this->assertTrue(OCP\Share::unshareFromSelf('test', 'test.txt')); $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); OC_User::setUserId($this->user2); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Unshare from self via source OC_User::setUserId($this->user1); $this->assertTrue(OCP\Share::unshareFromSelf('test', 'share.txt', true)); $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); // Remove group OC_Group::deleteGroup($this->group1); OC_User::setUserId($this->user4); $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); OC_User::setUserId($this->user3); $this->assertEquals(array(), OCP\Share::getItemsShared('test')); }
/** * If the permissions on a group share are upgraded be sure to still respect * removed shares by a member of that group */ function testPermissionUpgradeOnUserDeletedGroupShare() { \OC_Group::createGroup('testGroup'); \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER1, 'testGroup'); \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); \OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER3, 'testGroup'); $connection = \OC::$server->getDatabaseConnection(); // Share item with group $fileinfo = $this->view->getFileInfo($this->folder); $this->assertTrue(\OCP\Share::shareItem('folder', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, "testGroup", \OCP\Constants::PERMISSION_READ)); // Login as user 2 and verify the item exists self::loginHelper(self::TEST_FILES_SHARING_API_USER2); $this->assertTrue(\OC\Files\Filesystem::file_exists($this->folder)); $result = \OCP\Share::getItemSharedWithBySource('folder', $fileinfo['fileid']); $this->assertNotEmpty($result); $this->assertEquals(\OCP\Constants::PERMISSION_READ, $result['permissions']); // Delete the share $this->assertTrue(\OC\Files\Filesystem::rmdir($this->folder)); $this->assertFalse(\OC\Files\Filesystem::file_exists($this->folder)); // Verify we do not get a share $result = \OCP\Share::getItemSharedWithBySource('folder', $fileinfo['fileid']); $this->assertEmpty($result); // Verify that the permission is correct in the DB $qb = $connection->getQueryBuilder(); $qb->select('*')->from('share')->where($qb->expr()->eq('file_source', $qb->createParameter('fileSource')))->andWhere($qb->expr()->eq('share_type', $qb->createParameter('shareType')))->setParameter(':fileSource', $fileinfo['fileid'])->setParameter(':shareType', 2); $res = $qb->execute()->fetchAll(); $this->assertCount(1, $res); $this->assertEquals(0, $res[0]['permissions']); // Login as user 1 again and change permissions self::loginHelper(self::TEST_FILES_SHARING_API_USER1); $this->assertTrue(\OCP\Share::setPermissions('folder', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, "testGroup", \OCP\Constants::PERMISSION_ALL)); // Login as user 2 and verify self::loginHelper(self::TEST_FILES_SHARING_API_USER2); $this->assertFalse(\OC\Files\Filesystem::file_exists($this->folder)); $result = \OCP\Share::getItemSharedWithBySource('folder', $fileinfo['fileid']); $this->assertEmpty($result); $connection = \OC::$server->getDatabaseConnection(); $qb = $connection->getQueryBuilder(); $qb->select('*')->from('share')->where($qb->expr()->eq('file_source', $qb->createParameter('fileSource')))->andWhere($qb->expr()->eq('share_type', $qb->createParameter('shareType')))->setParameter(':fileSource', $fileinfo['fileid'])->setParameter(':shareType', 2); $res = $qb->execute()->fetchAll(); $this->assertCount(1, $res); $this->assertEquals(0, $res[0]['permissions']); //cleanup self::loginHelper(self::TEST_FILES_SHARING_API_USER1); \OCP\Share::unshare('folder', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, 'testGroup'); \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER1, 'testGroup'); \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup'); \OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER3, 'testGroup'); }