Better check reshare permissions when creating a share

Signed-off-by: Joas Schilling <coding@schilljs.com>
nextcloud · Jul 2, 2019 · ac4e752 · ac4e752
1 parent 1a63858
commit ac4e752
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/apps/files_sharing/lib/Controller/ShareAPIController.php b/apps/files_sharing/lib/Controller/ShareAPIController.php
@@ -433,6 +433,26 @@ public function createShare(
 		 */
 		if ($path->getStorage()->instanceOfStorage(Storage::class)) {
 			$permissions &= ~($permissions & ~$path->getPermissions());
+		} else if ($path->getOwner()->getUID() !== $this->currentUser) {
+			// Get the root mount point for the user and check the share permissions there//
+			$userMountPointId = $path->getMountPoint()->getStorageRootId();
+			$userMountPoints = $userFolder->getById($userMountPointId);
+			$userMountPoint = array_shift($userMountPoints);
+
+			/* Check if this is an incoming share */
+			$incomingShares = $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_USER, $userMountPoint, -1, 0);
+			$incomingShares = array_merge($incomingShares, $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_GROUP, $userMountPoint, -1, 0));
+			$incomingShares = array_merge($incomingShares, $this->shareManager->getSharedWith($this->currentUser, Share::SHARE_TYPE_ROOM, $userMountPoint, -1, 0));
+
+			/** @var \OCP\Share\IShare[] $incomingShares */
+			if (!empty($incomingShares)) {
+				$maxPermissions = 0;
+				foreach ($incomingShares as $incomingShare) {
+					$maxPermissions |= $incomingShare->getPermissions();
+				}
+
+				$permissions &= $maxPermissions;
+			}
 		}
 
 		if ($shareType === Share::SHARE_TYPE_USER) {