From 850a0e73885779b9768afc1f2a2dd8260b006587 Mon Sep 17 00:00:00 2001
From: Robin Appelman <icewind@owncloud.com>
Date: Tue, 18 Mar 2014 09:25:04 +0100
Subject: [PATCH 1/2] Verify that a file exists before we share it

---
 lib/private/share/share.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index 7bab98b00b..74cc887785 100644
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -431,6 +431,16 @@ class Share extends \OC\Share\Constants {
 			$itemSourceName = $itemSource;
 		}
 
+		// verify that the file exists before we try to share it
+		if ($itemType === 'file' or $itemType === 'folder') {
+			$path = \OC\Files\Filesystem::getPath($itemSource);
+			if (!$path) {
+				$message = 'Sharing ' . $itemSourceName . ' failed, because the file does not exist';
+				\OC_Log::write('OCP\Share', $message, \OC_Log::ERROR);
+				throw new \Exception($message);
+			}
+		}
+
 		// Verify share type and sharing conditions are met
 		if ($shareType === self::SHARE_TYPE_USER) {
 			if ($shareWith == $uidOwner) {

From 7dafdfbe88e713a3f3e03e142679fd840deed494 Mon Sep 17 00:00:00 2001
From: Robin Appelman <icewind@owncloud.com>
Date: Thu, 3 Apr 2014 13:14:34 +0200
Subject: [PATCH 2/2] add tests for sharing files the users doesn't have access
 to

---
 apps/files_sharing/tests/api.php | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/apps/files_sharing/tests/api.php b/apps/files_sharing/tests/api.php
index e3c5b6e431..c7a848315a 100644
--- a/apps/files_sharing/tests/api.php
+++ b/apps/files_sharing/tests/api.php
@@ -878,6 +878,29 @@ class Test_Files_Sharing_Api extends Test_Files_Sharing_Base {
 		$this->assertSame($expectedResult, $shareApiDummy->correctPathTest($path, $folder));
 	}
 
+	/**
+	 * @expectedException \Exception
+	 */
+	public function testShareNonExisting() {
+		\Test_Files_Sharing_Api::loginHelper(\Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER1);
+
+		$id = PHP_INT_MAX - 1;
+		\OCP\Share::shareItem('file', $id, \OCP\Share::SHARE_TYPE_LINK, \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2, 31);
+	}
+
+	/**
+	 * @expectedException \Exception
+	 */
+	public function testShareNotOwner() {
+		\Test_Files_Sharing_Api::loginHelper(\Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2);
+		\OC\Files\Filesystem::file_put_contents('foo.txt', 'bar');
+		$info = \OC\Files\Filesystem::getFileInfo('foo.txt');
+
+		\Test_Files_Sharing_Api::loginHelper(\Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER1);
+
+		\OCP\Share::shareItem('file', $info->getId(), \OCP\Share::SHARE_TYPE_LINK, \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER2, 31);
+	}
+
 }
 
 /**