Fix reshare permission issue
The actual share permissions sent to the server on reshare are now based on possiblePermissions + permissions inherited from parent share
This commit is contained in:
parent
a5099b01f9
commit
c897a14d56
2 changed files with 158 additions and 0 deletions
|
@ -360,6 +360,8 @@ OC.Share={
|
|||
html += '<span class="reshare">'+t('core', 'Shared with you by {owner}', {owner: data.reshare.displayname_owner})+'</span>';
|
||||
}
|
||||
html += '<br />';
|
||||
// reduce possible permissions to what the original share allowed
|
||||
possiblePermissions = possiblePermissions & data.reshare.permissions;
|
||||
}
|
||||
|
||||
if (possiblePermissions & OC.PERMISSION_SHARE) {
|
||||
|
|
|
@ -61,6 +61,7 @@ describe('OC.Share tests', function() {
|
|||
loadItemStub.restore();
|
||||
|
||||
autocompleteStub.restore();
|
||||
$('#dropdown').remove();
|
||||
});
|
||||
it('calls loadItem with the correct arguments', function() {
|
||||
OC.Share.showDropDown(
|
||||
|
@ -502,6 +503,161 @@ describe('OC.Share tests', function() {
|
|||
expect(shares[OC.Share.SHARE_TYPE_GROUP]).not.toBeDefined();
|
||||
});
|
||||
});
|
||||
describe('share permissions', function() {
|
||||
beforeEach(function() {
|
||||
oc_appconfig.core.resharingAllowed = true;
|
||||
});
|
||||
|
||||
/**
|
||||
* Tests sharing with the given possible permissions
|
||||
*
|
||||
* @param {int} possiblePermissions
|
||||
* @return {int} permissions sent to the server
|
||||
*/
|
||||
function testWithPermissions(possiblePermissions) {
|
||||
OC.Share.showDropDown(
|
||||
'file',
|
||||
123,
|
||||
$container,
|
||||
true,
|
||||
possiblePermissions,
|
||||
'shared_file_name.txt'
|
||||
);
|
||||
var autocompleteOptions = autocompleteStub.getCall(0).args[0];
|
||||
// simulate autocomplete selection
|
||||
autocompleteOptions.select(new $.Event('select'), {
|
||||
item: {
|
||||
label: 'User Two',
|
||||
value: {
|
||||
shareType: OC.Share.SHARE_TYPE_USER,
|
||||
shareWith: 'user2'
|
||||
}
|
||||
}
|
||||
});
|
||||
autocompleteStub.reset();
|
||||
var requestBody = OC.parseQueryString(_.last(fakeServer.requests).requestBody);
|
||||
return parseInt(requestBody.permissions, 10);
|
||||
}
|
||||
|
||||
describe('regular sharing', function() {
|
||||
it('shares with given permissions with default config', function() {
|
||||
loadItemStub.returns({
|
||||
reshare: [],
|
||||
shares: []
|
||||
});
|
||||
expect(
|
||||
testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
|
||||
).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE);
|
||||
expect(
|
||||
testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_SHARE)
|
||||
).toEqual(OC.PERMISSION_READ | OC.PERMISSION_SHARE);
|
||||
});
|
||||
it('removes share permission when not allowed', function() {
|
||||
oc_appconfig.core.resharingAllowed = false;
|
||||
loadItemStub.returns({
|
||||
reshare: [],
|
||||
shares: []
|
||||
});
|
||||
expect(
|
||||
testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
|
||||
).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE);
|
||||
});
|
||||
it('automatically adds READ permission even when not specified', function() {
|
||||
oc_appconfig.core.resharingAllowed = false;
|
||||
loadItemStub.returns({
|
||||
reshare: [],
|
||||
shares: []
|
||||
});
|
||||
expect(
|
||||
testWithPermissions(OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
|
||||
).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_UPDATE);
|
||||
});
|
||||
it('does not show sharing options when sharing not allowed', function() {
|
||||
loadItemStub.returns({
|
||||
reshare: [],
|
||||
shares: []
|
||||
});
|
||||
OC.Share.showDropDown(
|
||||
'file',
|
||||
123,
|
||||
$container,
|
||||
true,
|
||||
OC.PERMISSION_READ,
|
||||
'shared_file_name.txt'
|
||||
);
|
||||
expect($('#dropdown #shareWithList').length).toEqual(0);
|
||||
});
|
||||
});
|
||||
describe('resharing', function() {
|
||||
it('shares with given permissions when original share had all permissions', function() {
|
||||
loadItemStub.returns({
|
||||
reshare: {
|
||||
permissions: OC.PERMISSION_ALL
|
||||
},
|
||||
shares: []
|
||||
});
|
||||
expect(
|
||||
testWithPermissions(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE)
|
||||
).toEqual(OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_SHARE);
|
||||
});
|
||||
it('reduces reshare permissions to the ones from the original share', function() {
|
||||
loadItemStub.returns({
|
||||
reshare: {
|
||||
permissions: OC.PERMISSION_READ,
|
||||
uid_owner: 'user1'
|
||||
},
|
||||
shares: []
|
||||
});
|
||||
OC.Share.showDropDown(
|
||||
'file',
|
||||
123,
|
||||
$container,
|
||||
true,
|
||||
OC.PERMISSION_ALL,
|
||||
'shared_file_name.txt'
|
||||
);
|
||||
// no resharing allowed
|
||||
expect($('#dropdown #shareWithList').length).toEqual(0);
|
||||
});
|
||||
it('reduces reshare permissions to possible permissions', function() {
|
||||
loadItemStub.returns({
|
||||
reshare: {
|
||||
permissions: OC.PERMISSION_ALL,
|
||||
uid_owner: 'user1'
|
||||
},
|
||||
shares: []
|
||||
});
|
||||
OC.Share.showDropDown(
|
||||
'file',
|
||||
123,
|
||||
$container,
|
||||
true,
|
||||
OC.PERMISSION_READ,
|
||||
'shared_file_name.txt'
|
||||
);
|
||||
// no resharing allowed
|
||||
expect($('#dropdown #shareWithList').length).toEqual(0);
|
||||
});
|
||||
it('does not show sharing options when resharing not allowed', function() {
|
||||
loadItemStub.returns({
|
||||
reshare: {
|
||||
permissions: OC.PERMISSION_READ | OC.PERMISSION_UPDATE | OC.PERMISSION_DELETE,
|
||||
uid_owner: 'user1'
|
||||
},
|
||||
shares: []
|
||||
});
|
||||
OC.Share.showDropDown(
|
||||
'file',
|
||||
123,
|
||||
$container,
|
||||
true,
|
||||
OC.PERMISSION_ALL,
|
||||
'shared_file_name.txt'
|
||||
);
|
||||
expect($('#dropdown #shareWithList').length).toEqual(0);
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
describe('markFileAsShared', function() {
|
||||
var $file;
|
||||
|
|
Loading…
Reference in a new issue