-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[10.3.0 alpha] Owner cannot edit group's permissions #36107
Comments
@karakayasemi Hana told me that you will investigate. |
The server-side is throwing When a share owner edits reshare permissions, the maximum permission must be calculated based on the rights of the share owner. In this case, the server is using re-sharer user's permission and, not letting increase. @micbar For this ticket nothing to do in here, we can transfer this ticket to core repo, |
@phil-davis you have done a lot of sharing + permission tests, is that situation covered? |
rating p2 as this is a regression |
The PR which brings back the old behavior before share permission refactoring is open in here: #36144 . On the other hand, I have doubts about this expected behavior. I am not sure from set the permission of the share to a higher value than the permission of the sharer. |
I need to clarify the steps to recreate. We think it means: Steps to recreate:
Note: actually it does not matter if User1 or User2 are members of group We do not have sharing permissions tests that cover editing of reshares by the top-level share owner. (and a thousand other combinations of things that can happen when there are reshares of reshares... and permissions get edited at all points in the resharing "tree") |
Some combinations of permission editing need the requirements to be stated.
|
|
@phil-davis |
user1 has folders with sub-folders If user1 shares If any of those try to reshare back to The scenario above seems to work OK. But there will be combinations approaching infinity of weird ways that users can receive their (sub)folders back again. "some" combinations should be in acceptance test scenarios. The challenge is to decide how far to go with it. It certainly needs some test scenarios that generate those messages above. Maybe point 9 is fine, and just needs more test coverage to be sure. |
If the share owner
|
Yes, that is expected and fine. |
That is fine, yes. |
@phil-davis Maybe we could add some more scenarios, now that the requirements are more clear. |
There are two open PR that resolves this issue:#36159 and #36166. I couldn't decide which one to continue with. Lastly, #36159 considered risky in terms of detecting the original node owner. But, in my investigation which is explained in here: #36159 (comment), I could not find any problematic case. In #36166, adding an optional parameter to an interface method is a little disturbing me. But, it has not any unpredictable result. If we agree to continue with #36166, let's close #36159 and review #36166. @PVince81, @jvillafanez, @micbar your thoughts can help me to solve this dilemma. Thanks. |
My concern with #36159 is that you want to check for the user in the session, but instead, you check for the root folder's owner assuming it will be the same than the session user. The problem with #36166 is that we need to change the interface, which I don't think it's a good idea at this stage. I think the best compromise is to go with #36159 (including a comment with a fixme or todo), and change the interface for the next version, more inline with #36166. Note that we should keep consistency with the rest of the operations in #36166, which is something not done yet. |
@jvillafanez I included a comment to #36159 which explains the confusion. Also, I will raise a ticket for necessary interface change, if we merge #36159.
Actually, since we just added an optional parameter and initiated it with null in #36166, no other change is necessary. Rest of the operations will continue to work like before. The goal of the change is IMHO very specific use-case: To give the original shareowner a privilege that allows him to act like a normal share on his re-shares. |
@jvillafanez @karakayasemi |
Works with 2.6.0-daily20190820 (build 12341), macOS 10.14.6, server 10.2
Broken on 2.6.0-daily20190820 (build 12341), macOS 10.14.6, server 10.3.0 alpha
Broken on 2.5.4, Windows 10, server 10.3.0 alpha
Steps to recreate:
Actual result: The entry gets greyed out and cannot be edited again
Expected result: User1 can again immediately remove the Edit permissions
The text was updated successfully, but these errors were encountered: