public function testShareWithUser()
{
// Invalid shares
$message = 'Sharing test.txt failed, because you can not share with yourself';
try {
\OCP\Share::shareItem('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user1, \OCP\Constants::PERMISSION_READ);
$this->fail('Exception was expected: ' . $message);
} catch (\Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
$message = 'Sharing test.txt failed, because the user foobar does not exist';
try {
\OCP\Share::shareItem('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, 'foobar', \OCP\Constants::PERMISSION_READ);
$this->fail('Exception was expected: ' . $message);
} catch (\Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
$message = 'Sharing foobar failed, because the sharing backend for test could not find its source';
try {
\OCP\Share::shareItem('test', 'foobar', \OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ);
$this->fail('Exception was expected: ' . $message);
} catch (\Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
// Valid share
$this->shareUserOneTestFileWithUserTwo();
// Attempt to share again
\OC_User::setUserId($this->user1);
$message = 'Sharing test.txt failed, because this item is already shared with ' . $this->user2;
try {
\OCP\Share::shareItem('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ);
$this->fail('Exception was expected: ' . $message);
} catch (\Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
// Attempt to share back
\OC_User::setUserId($this->user2);
$message = 'Sharing failed, because the user ' . $this->user1 . ' is the original sharer';
try {
\OCP\Share::shareItem('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user1, \OCP\Constants::PERMISSION_READ);
$this->fail('Exception was expected: ' . $message);
} catch (\Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
// Unshare
\OC_User::setUserId($this->user1);
$this->assertTrue(\OCP\Share::unshare('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2));
// Attempt reshare without share permission
$this->assertTrue(\OCP\Share::shareItem('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ));
\OC_User::setUserId($this->user2);
$message = 'Sharing test.txt failed, because resharing is not allowed';
try {
\OCP\Share::shareItem('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user3, \OCP\Constants::PERMISSION_READ);
$this->fail('Exception was expected: ' . $message);
} catch (\Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
// Owner grants share and update permission
\OC_User::setUserId($this->user1);
$this->assertTrue(\OCP\Share::setPermissions('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_SHARE));
// Attempt reshare with escalated permissions
\OC_User::setUserId($this->user2);
$message = 'Sharing test.txt failed, because the permissions exceed permissions granted to ' . $this->user2;
try {
\OCP\Share::shareItem('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user3, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_DELETE);
$this->fail('Exception was expected: ' . $message);
} catch (\Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
// Valid reshare
$this->assertTrue(\OCP\Share::shareItem('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user3, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE));
$this->assertEquals(array('test.txt'), \OCP\Share::getItemShared('test', 'test.txt', Backend::FORMAT_SOURCE));
\OC_User::setUserId($this->user3);
$this->assertEquals(array('test.txt'), \OCP\Share::getItemSharedWith('test', 'test.txt', Backend::FORMAT_SOURCE));
$this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_UPDATE), \OCP\Share::getItemSharedWith('test', 'test.txt', Backend::FORMAT_PERMISSIONS));
// Attempt to escalate permissions
\OC_User::setUserId($this->user2);
$message = 'Setting permissions for test.txt failed, because the permissions exceed permissions granted to ' . $this->user2;
try {
\OCP\Share::setPermissions('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user3, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_DELETE);
$this->fail('Exception was expected: ' . $message);
} catch (\Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
// Remove update permission
\OC_User::setUserId($this->user1);
$this->assertTrue(\OCP\Share::setPermissions('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_SHARE));
\OC_User::setUserId($this->user2);
$this->assertEquals(array(\OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_SHARE), \OCP\Share::getItemSharedWith('test', 'test.txt', Backend::FORMAT_PERMISSIONS));
\OC_User::setUserId($this->user3);
$this->assertEquals(array(\OCP\Constants::PERMISSION_READ), \OCP\Share::getItemSharedWith('test', 'test.txt', Backend::FORMAT_PERMISSIONS));
// Remove share permission
\OC_User::setUserId($this->user1);
$this->assertTrue(\OCP\Share::setPermissions('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ));
\OC_User::setUserId($this->user2);
$this->assertEquals(array(\OCP\Constants::PERMISSION_READ), \OCP\Share::getItemSharedWith('test', 'test.txt', Backend::FORMAT_PERMISSIONS));
\OC_User::setUserId($this->user3);
$this->assertSame(array(), \OCP\Share::getItemSharedWith('test', 'test.txt'));
// Reshare again, and then have owner unshare
\OC_User::setUserId($this->user1);
$this->assertTrue(\OCP\Share::setPermissions('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ | \OCP\Constants::PERMISSION_SHARE));
\OC_User::setUserId($this->user2);
$this->assertTrue(\OCP\Share::shareItem('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user3, \OCP\Constants::PERMISSION_READ));
\OC_User::setUserId($this->user1);
$this->assertTrue(\OCP\Share::unshare('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2));
\OC_User::setUserId($this->user2);
$this->assertSame(array(), \OCP\Share::getItemSharedWith('test', 'test.txt'));
\OC_User::setUserId($this->user3);
$this->assertSame(array(), \OCP\Share::getItemSharedWith('test', 'test.txt'));
// Attempt target conflict
\OC_User::setUserId($this->user1);
$this->assertTrue(\OCP\Share::shareItem('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ));
\OC_User::setUserId($this->user3);
$this->assertTrue(\OCP\Share::shareItem('test', 'share.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ));
\OC_User::setUserId($this->user2);
$to_test = \OCP\Share::getItemsSharedWith('test', Backend::FORMAT_TARGET);
$this->assertEquals(2, count($to_test));
$this->assertTrue(in_array('test.txt', $to_test));
$this->assertTrue(in_array('test1.txt', $to_test));
// Unshare from self
$this->assertTrue(\OCP\Share::unshareFromSelf('test', 'test.txt'));
$this->assertEquals(array('test1.txt'), \OCP\Share::getItemsSharedWith('test', Backend::FORMAT_TARGET));
// Unshare from self via source
$this->assertTrue(\OCP\Share::unshareFromSelf('test', 'share.txt', true));
$this->assertEquals(array(), \OCP\Share::getItemsSharedWith('test', Backend::FORMAT_TARGET));
\OC_User::setUserId($this->user1);
$this->assertTrue(\OCP\Share::shareItem('test', 'test.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ));
\OC_User::setUserId($this->user3);
$this->assertTrue(\OCP\Share::shareItem('test', 'share.txt', \OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ));
\OC_User::setUserId($this->user2);
$to_test = \OCP\Share::getItemsSharedWith('test', Backend::FORMAT_TARGET);
$this->assertEquals(2, count($to_test));
$this->assertTrue(in_array('test.txt', $to_test));
$this->assertTrue(in_array('test1.txt', $to_test));
// Remove user
\OC_User::setUserId($this->user1);
$user = \OC::$server->getUserManager()->get($this->user1);
if ($user !== null) {
$user->delete();
}
\OC_User::setUserId($this->user2);
$this->assertEquals(array('test1.txt'), \OCP\Share::getItemsSharedWith('test', Backend::FORMAT_TARGET));
}
/**
* update permissions for a share
* @param array $share information about the share
* @param array $params contains 'permissions'
* @return \OC_OCS_Result
*/
private static function updatePermissions($share, $params)
{
$itemSource = $share['item_source'];
$itemType = $share['item_type'];
$shareWith = $share['share_with'];
$shareType = $share['share_type'];
$permissions = isset($params['_put']['permissions']) ? (int) $params['_put']['permissions'] : null;
$publicUploadStatus = \OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes');
$publicUploadEnabled = $publicUploadStatus === 'yes' ? true : false;
// only change permissions for public shares if public upload is enabled
// and we want to set permissions to 1 (read only) or 7 (allow upload)
if ((int) $shareType === \OCP\Share::SHARE_TYPE_LINK) {
if ($publicUploadEnabled === false || $permissions !== 7 && $permissions !== 1) {
return new \OC_OCS_Result(null, 400, "can't change permission for public link share");
}
}
try {
$return = \OCP\Share::setPermissions($itemType, $itemSource, $shareType, $shareWith, $permissions);
} catch (\Exception $e) {
return new \OC_OCS_Result(null, 404, $e->getMessage());
}
if ($return) {
return new \OC_OCS_Result();
} else {
return new \OC_OCS_Result(null, 404, "couldn't set permissions");
}
}
public function testEtagChangeOnPermissionsChange()
{
$this->loginAsUser(self::TEST_FILES_SHARING_API_USER1);
$view = new View('/' . self::TEST_FILES_SHARING_API_USER1 . '/files');
$folderInfo = $view->getFileInfo('/sub1/sub2/folder');
\OCP\Share::setPermissions('folder', $folderInfo->getId(), \OCP\Share::SHARE_TYPE_USER, self::TEST_FILES_SHARING_API_USER2, 17);
$this->assertEtagsForFoldersChanged([self::TEST_FILES_SHARING_API_USER2, self::TEST_FILES_SHARING_API_USER4]);
$this->assertAllUnchaged();
}
public function testShareWithGroupUniqueName()
{
$this->loginHelper(self::TEST_FILES_SHARING_API_USER1);
\OC\Files\Filesystem::file_put_contents('test.txt', 'test');
$fileInfo = \OC\Files\Filesystem::getFileInfo('test.txt');
$this->assertTrue(\OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, self::TEST_FILES_SHARING_API_GROUP1, 23));
$this->loginHelper(self::TEST_FILES_SHARING_API_USER2);
$items = \OCP\Share::getItemsSharedWith('file');
$this->assertSame('/test.txt', $items[0]['file_target']);
$this->assertSame(23, $items[0]['permissions']);
\OC\Files\Filesystem::rename('test.txt', 'new test.txt');
$items = \OCP\Share::getItemsSharedWith('file');
$this->assertSame('/new test.txt', $items[0]['file_target']);
$this->assertSame(23, $items[0]['permissions']);
$this->loginHelper(self::TEST_FILES_SHARING_API_USER1);
\OCP\Share::setPermissions('file', $items[0]['item_source'], $items[0]['share_type'], $items[0]['share_with'], 3);
$this->loginHelper(self::TEST_FILES_SHARING_API_USER2);
$items = \OCP\Share::getItemsSharedWith('file');
$this->assertSame('/new test.txt', $items[0]['file_target']);
$this->assertSame(3, $items[0]['permissions']);
}
/**
* If the permissions on a group share are upgraded be sure to still respect
* removed shares by a member of that group
*/
function testPermissionUpgradeOnUserDeletedGroupShare()
{
\OC_Group::createGroup('testGroup');
\OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER1, 'testGroup');
\OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup');
\OC_Group::addToGroup(self::TEST_FILES_SHARING_API_USER3, 'testGroup');
$connection = \OC::$server->getDatabaseConnection();
// Share item with group
$fileinfo = $this->view->getFileInfo($this->folder);
$this->assertTrue(\OCP\Share::shareItem('folder', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, "testGroup", \OCP\Constants::PERMISSION_READ));
// Login as user 2 and verify the item exists
self::loginHelper(self::TEST_FILES_SHARING_API_USER2);
$this->assertTrue(\OC\Files\Filesystem::file_exists($this->folder));
$result = \OCP\Share::getItemSharedWithBySource('folder', $fileinfo['fileid']);
$this->assertNotEmpty($result);
$this->assertEquals(\OCP\Constants::PERMISSION_READ, $result['permissions']);
// Delete the share
$this->assertTrue(\OC\Files\Filesystem::rmdir($this->folder));
$this->assertFalse(\OC\Files\Filesystem::file_exists($this->folder));
// Verify we do not get a share
$result = \OCP\Share::getItemSharedWithBySource('folder', $fileinfo['fileid']);
$this->assertEmpty($result);
// Verify that the permission is correct in the DB
$qb = $connection->getQueryBuilder();
$qb->select('*')->from('share')->where($qb->expr()->eq('file_source', $qb->createParameter('fileSource')))->andWhere($qb->expr()->eq('share_type', $qb->createParameter('shareType')))->setParameter(':fileSource', $fileinfo['fileid'])->setParameter(':shareType', 2);
$res = $qb->execute()->fetchAll();
$this->assertCount(1, $res);
$this->assertEquals(0, $res[0]['permissions']);
// Login as user 1 again and change permissions
self::loginHelper(self::TEST_FILES_SHARING_API_USER1);
$this->assertTrue(\OCP\Share::setPermissions('folder', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, "testGroup", \OCP\Constants::PERMISSION_ALL));
// Login as user 2 and verify
self::loginHelper(self::TEST_FILES_SHARING_API_USER2);
$this->assertFalse(\OC\Files\Filesystem::file_exists($this->folder));
$result = \OCP\Share::getItemSharedWithBySource('folder', $fileinfo['fileid']);
$this->assertEmpty($result);
$connection = \OC::$server->getDatabaseConnection();
$qb = $connection->getQueryBuilder();
$qb->select('*')->from('share')->where($qb->expr()->eq('file_source', $qb->createParameter('fileSource')))->andWhere($qb->expr()->eq('share_type', $qb->createParameter('shareType')))->setParameter(':fileSource', $fileinfo['fileid'])->setParameter(':shareType', 2);
$res = $qb->execute()->fetchAll();
$this->assertCount(1, $res);
$this->assertEquals(0, $res[0]['permissions']);
//cleanup
self::loginHelper(self::TEST_FILES_SHARING_API_USER1);
\OCP\Share::unshare('folder', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, 'testGroup');
\OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER1, 'testGroup');
\OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER2, 'testGroup');
\OC_Group::removeFromGroup(self::TEST_FILES_SHARING_API_USER3, 'testGroup');
}
