[stable10] Backport of The recipient of internal share should not inc…

[sharidas]

…rease permission

The recipient of internal share, should not be able
to increase the permission.

Signed-off-by: Sujith H sharidasan@owncloud.com

Description

When an internal/regular share is created by say user1 to user2, the user2 should not be allowed to increase the permissions granted by user1. The UI prevents it. But by using ocs api, its possible to increase the permision. This pr addresses the issue.

Related Issue

• Fixes <issue_link>

Motivation and Context

The user who is not the owner of the share shouldn't be allowed to increase the permission of the share.

How Has This Been Tested?

• Same as The recipient of internal share should not increase permission #35447 (comment)

Screenshots (if appropriate):

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Database schema changes (next release will require increase of minor version instead of patch)
• Breaking change (fix or feature that would cause existing functionality to change)
• Technical debt
• Tests only (no source changes)

Checklist:

• Code changes
• Unit tests added
• Acceptance tests added
• Documentation ticket raised:

Open tasks:

• Backport (if applicable set "backport-request" label and remove when the backport was done)

[sharidas]

Original PR: #35447

[phil-davis]

PR for release-10.2.1 #35510