New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Properly send expiration date with all share.php calls #11674
Conversation
1c3801c
to
c1efef5
Compare
Please review @schiesbn @nickvergessen @icewind1991 To test: |
looks good 👍 |
I would recommend to fix it on the server side. We should probably remember here the expire date in addition to the permissions and the share token https://github.com/owncloud/core/blob/master/lib/private/share/share.php#L621. This way it also works if the password get set from the OCS API or through a different code path. |
I think it's still valid to re-send the expiration date for every call, because we also need to re-send "allowUpload" and the password every time... so I suggest we keep the current mechanism. From the OCS API if you send an empty expiration date it should probably clear the date anyway ? |
It seems that it is expected to be able to send an empty string for expiration date, this is the case for example if you uncheck "Set expiration date". So adding code to the server to keep the old date would break that case. |
But if I send only the password because I want to set a password, then I don't want to clear the expire date. It is bad anyway to delete the share and then re-create it. But as long as it works this way we should make sure that we remember all additional values. Resending "allowUpload" shoudn't be necessary, because as you can see at the code I referenced we remember the old permissions before we update the share |
Sending an empty expire date is something different than sending no expire date |
Ideally it should work as follows:
You were probable referring to 3) but the current code works like 2). |
I mean the JS code, so far, always working like 2): it was sending an empty string for "expirationdate". |
This is how the code works today, server side. Beside that it seems to ignore the expire date. For example if you set a password with the share API we also don't send a expire date along with it. So this would most likely still be broken. If you fix it on the server side we can make sure that it works in all cases. |
I'd prefer keeping this a pure JS fix for now. It does fix the problem and isn't unclean either. If we start touching the server and changing the APIs it will require much more regression testing. |
Did you tested it with the OCS API? I'm quite sure you will have the same problem if you set a password with it. That's why I would prefer to have the fix as deep as possible in the stack, otherwise we have to "fix" all entry points. |
The OCS API docs here http://doc.owncloud.org/server/7.0/developer_manual/core/ocs-share-api.html#update-share says that only one parameter is allowed at a time. And when I try to set a new password it will create a new share, and this new share has lost the expiration date I initially set on it. I did another test with share.php: if I only pass "allowPublicUpload" without expiration date, even though one is set, then that one will also be lost. The problem with the OCS API is that the doc states that you can only pass one parameter at a time. This means that it is impossible to update all parameters if they all recreate a new share (unless that is only for the password). I think the ideal approach would be as specified before, for both the OCS API and the internal share.php:
This means that the following needs to be done to be consistent:
|
Actually in proper REST terms, a PUT call is supposed to get the FULL object with all attributes. This means that if attributes are omitted, they should be cleared. |
It seems IE8 doesn't support the PATCH method. |
Refer to this link for build results (access rights to CI server needed): |
Or convince @schiesbn to accept this PR first and work on the rest later ? 😉 |
Generally speaking I'm all in for fixing this properly on server side - but the discussion shows that this is far from being easy. Let's review and test this work around and try to keep in mind that we need to refactor the server side in OC8.x |
Ping |
@schiesbn your call |
let's attack this issue in 8.1 again |
@schiesbn ok to merge now ? |
Rebase required. |
There are three share.php calls for link shares: - when changing password - when setting expiration date - when switching "allow public upload" This fix makes sure that ALL the required info is sent for each of these calls. It fixes an issue where the expiration date was not passed when changing the password.
c1efef5
to
844c55b
Compare
Rebased. Fortunately it was just a conflict in the test file. |
Refer to this link for build results (access rights to CI server needed): |
The inspection completed: 1 new issues |
@PVince81 Can you coordinate this with @schiesbn once he is back? Thanks :) |
@schiesbn @PVince81 Ping |
Deferred to 8.2 |
Refer to this link for build results (access rights to CI server needed): |
I guess we can hold this until the share dropdown is using OCS or whatever API ? @schiesbn @rullzer |
Here is the PR that makes the dropdown use OCS Share calls: #17143 |
@PVince81 fine with me. Reminds me that I need to look into that PR a bit more ;) |
Obsoleted by share API move to OCS |
There are three share.php calls for link shares:
This fix makes sure that ALL the required info is sent for each of these
calls.
It fixes an issue where the expiration date was not passed when changing
the password.
Fixes #11671
TODO: