Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Cannot share with user with more permissions when user has access through group read-only #25359
"user2" received a single folder "test" with edit permissions
At step 6 (direct user share), OC doesn't allow sharing because it's already shared.
Observed in v9.0.3.
A bisect shows that this problem starts to appear after we made the share dialog use the public OCS Share API instead of the old internal ajax endpoints: #21860
It is likely that the OCS Share API never allowed this configuration before, so need to find a way to make it align to the way the old API behaved.
Weiiiird, this seems to work on master. I found this check in the code: https://github.com/owncloud/core/blob/stable9/lib/private/share20/manager.php#L362
It would only show the error if someone else tried to share with that user. If the share owner is the same, it goes through.
Now to find out why it works on master and not stable9.
Aha! It turns out that the share owner of the new share isn't set properly (null), so the comparison would always be true: https://github.com/owncloud/core/blob/stable9/lib/private/share20/manager.php#L362
Now to find out what commit fixed it in master
Looks like it's not as easy as just backporting it. Even applying this wouldn't solve the problem.
From what I see on master the order between "setShareOwner" and "userCreateChecks" has been changed at some point. It makes sense to first set the owner before doing the checks.
I'll try and fix this manually then instead of backporting.