"Allow editing" capability in share by link not disabled #23325

Closed
jesmrec opened this Issue Mar 16, 2016 · 3 comments

Projects

None yet

5 participants

@jesmrec
jesmrec commented Mar 16, 2016

Steps to reproduce

  1. "Allow editing" capability is enabled in Share API
  2. Share a folder by link -> The link is correctly created
  3. Enable the option "Allow editing" of the just created share
  4. Copy and paste the Share link in a browser -> New content can be uploaded to the shared folder
  5. Disable "Allow editing" capability in Share API -> Share link does not show the option
  6. Refresh the share link in the browser

Actual behaviour

New content can be uploaded/New subfolders can be created through the link in the browser

Expected behaviour

No content can be uploaded/No subfolders can be created, because the capability was disabled.

Server configuration

{"installed":true,"maintenance":false,"version":"9.0.0.19","versionstring":"9.0.0","edition":"Enterprise"}

@jesmrec jesmrec added this to the 9.0.1-current-maintenance milestone Mar 16, 2016
@jesmrec jesmrec added the regression label Mar 16, 2016
@PVince81
Collaborator

@rullzer please have a look

@rullzer rullzer self-assigned this Mar 17, 2016
@rullzer
Contributor
rullzer commented Mar 17, 2016

Ok PR incomming

@rullzer rullzer added a commit that referenced this issue Mar 17, 2016
@rullzer rullzer Set proper public webdav permissions when public upload disabled
Fixes #23325

It can happen that a user shares a folder with public upload. And some
time later the admin disables public upload on the server.

To make sure this is handled correctly we need to check the config value
and reduce the permissions.

Fix is kept small to be easy backportable.
533fdb4
@rullzer
Contributor
rullzer commented Mar 17, 2016

PR in #23346

@rullzer rullzer added a commit that referenced this issue Mar 17, 2016
@rullzer rullzer Set proper public webdav permissions when public upload disabled
Fixes #23325

It can happen that a user shares a folder with public upload. And some
time later the admin disables public upload on the server.

To make sure this is handled correctly we need to check the config value
and reduce the permissions.

Fix is kept small to be easy backportable.
9dfcb55
@rullzer rullzer added a commit that referenced this issue Mar 17, 2016
@rullzer rullzer Set proper public webdav permissions when public upload disabled
Fixes #23325

It can happen that a user shares a folder with public upload. And some
time later the admin disables public upload on the server.

To make sure this is handled correctly we need to check the config value
and reduce the permissions.

Fix is kept small to be easy backportable.
d0ab1de
@rullzer rullzer added a commit that referenced this issue Mar 17, 2016
@rullzer rullzer Set proper public webdav permissions when public upload disabled
Fixes #23325

It can happen that a user shares a folder with public upload. And some
time later the admin disables public upload on the server.

To make sure this is handled correctly we need to check the config value
and reduce the permissions.

Fix is kept small to be easy backportable.
499eba5
@rullzer rullzer added a commit that referenced this issue Mar 17, 2016
@rullzer rullzer Set proper public webdav permissions when public upload disabled
Fixes #23325

It can happen that a user shares a folder with public upload. And some
time later the admin disables public upload on the server.

To make sure this is handled correctly we need to check the config value
and reduce the permissions.

Fix is kept small to be easy backportable.
52eb26d
@rullzer rullzer added a commit that referenced this issue Mar 17, 2016
@rullzer rullzer Set proper public webdav permissions when public upload disabled
 Fixes #23325

 It can happen that a user shares a folder with public upload. And some
 time later the admin disables public upload on the server.

 To make sure this is handled correctly we need to check the config
 value
 and reduce the permissions.

 Fix is kept small to be easy backportable.
a63ce82
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment