Fix reshare permission issue

The actual share permissions sent to the server on reshare are now based
on possiblePermissions + permissions inherited from parent share
This commit is contained in:
Vincent Petry 2015-01-09 15:19:53 +01:00
parent a5099b01f9
commit c897a14d56
2 changed files with 158 additions and 0 deletions

View file

@ -360,6 +360,8 @@ OC.Share={
html += '<span class="reshare">'+t('core', 'Shared with you by {owner}', {owner: data.reshare.displayname_owner})+'</span>';
}
html += '<br />';
// reduce possible permissions to what the original share allowed
possiblePermissions = possiblePermissions & data.reshare.permissions;
}
if (possiblePermissions & OC.PERMISSION_SHARE) {

View file

@ -61,6 +61,7 @@ describe('OC.Share tests', function() {
loadItemStub.restore();
autocompleteStub.restore();
$('#dropdown').remove();
});
it('calls loadItem with the correct arguments', function() {
OC.Share.showDropDown(
@ -502,6 +503,161 @@ describe('OC.Share tests', function() {
expect(shares[OC.Share.SHARE_TYPE_GROUP]).not.toBeDefined();
});
});
describe('share permissions', function() {
beforeEach(function() {
oc_appconfig.core.resharingAllowed = true;
});
/**
* Tests sharing with the given possible permissions
*
* @param {int} possiblePermissions
* @return {int} permissions sent to the server
*/
function testWithPermissions(possiblePermissions) {
OC.Share.showDropDown(
'file',
123,
$container,
true,
possiblePermissions,
'shared_file_name.txt'
);
var autocompleteOptions = autocompleteStub.getCall(0).args[0];
// simulate autocomplete selection
autocompleteOptions.select(new $.Event('select'), {
item: {
label: 'User Two',
value: {
shareType: OC.Share.SHARE_TYPE_USER,
shareWith: 'user2'
}
}
});
autocompleteStub.reset();
var requestBody = OC.parseQueryString(_.last(fakeServer.requests).requestBody);
return parseInt(requestBody.permissions, 10);
}
describe('regular sharing', function() {
it('shares with given permissions with default config', function() {
loadItemStub.returns({
reshare: [],
shares: []
});
expect(
testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE);
expect(
testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_SHARE)
).toEqual(OC.PERMISSION_READ | OC.PERMISSION_SHARE);
});
it('removes share permission when not allowed', function() {
oc_appconfig.core.resharingAllowed = false;
loadItemStub.returns({
reshare: [],
shares: []
});
expect(
testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE);
});
it('automatically adds READ permission even when not specified', function() {
oc_appconfig.core.resharingAllowed = false;
loadItemStub.returns({
reshare: [],
shares: []
});
expect(
testWithPermissions(OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_UPDATE);
});
it('does not show sharing options when sharing not allowed', function() {
loadItemStub.returns({
reshare: [],
shares: []
});
OC.Share.showDropDown(
'file',
123,
$container,
true,
OC.PERMISSION_READ,
'shared_file_name.txt'
);
expect($('#dropdown #shareWithList').length).toEqual(0);
});
});
describe('resharing', function() {
it('shares with given permissions when original share had all permissions', function() {
loadItemStub.returns({
reshare: {
permissions: OC.PERMISSION_ALL
},
shares: []
});
expect(
testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE);
});
it('reduces reshare permissions to the ones from the original share', function() {
loadItemStub.returns({
reshare: {
permissions: OC.PERMISSION_READ,
uid_owner: 'user1'
},
shares: []
});
OC.Share.showDropDown(
'file',
123,
$container,
true,
OC.PERMISSION_ALL,
'shared_file_name.txt'
);
// no resharing allowed
expect($('#dropdown #shareWithList').length).toEqual(0);
});
it('reduces reshare permissions to possible permissions', function() {
loadItemStub.returns({
reshare: {
permissions: OC.PERMISSION_ALL,
uid_owner: 'user1'
},
shares: []
});
OC.Share.showDropDown(
'file',
123,
$container,
true,
OC.PERMISSION_READ,
'shared_file_name.txt'
);
// no resharing allowed
expect($('#dropdown #shareWithList').length).toEqual(0);
});
it('does not show sharing options when resharing not allowed', function() {
loadItemStub.returns({
reshare: {
permissions: OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_DELETE,
uid_owner: 'user1'
},
shares: []
});
OC.Share.showDropDown(
'file',
123,
$container,
true,
OC.PERMISSION_ALL,
'shared_file_name.txt'
);
expect($('#dropdown #shareWithList').length).toEqual(0);
});
});
});
});
describe('markFileAsShared', function() {
var $file;