Link shares have reshare permission if outgoing federated shares are enabled

Signed-off-by: Julius Härtl <jus@bitgrid.net>

apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php

@@ -47,6 +47,7 @@ use OCP\IRequest;
 use OCP\ISession;
 use OCP\IUserSession;
 use OCP\Share\IManager;
+use OCP\Share\IShare;
 use OCP\Util;
 
 /**
@@ -161,6 +162,7 @@ class MountPublicLinkController extends Controller {
 		}
 
 		$share->setSharedWith($shareWith);
+		$share->setShareType(IShare::TYPE_REMOTE);
 
 		try {
 			$this->federatedShareProvider->create($share);

apps/files_sharing/lib/Controller/ShareAPIController.php

@@ -491,15 +491,18 @@ class ShareAPIController extends OCSController {
 					throw new OCSNotFoundException($this->l->t('Public upload is only possible for publicly shared folders'));
 				}
 
-				$share->setPermissions(
-					Constants::PERMISSION_READ |
+				$permissions = Constants::PERMISSION_READ |
 					Constants::PERMISSION_CREATE |
 					Constants::PERMISSION_UPDATE |
-					Constants::PERMISSION_DELETE
-				);
+					Constants::PERMISSION_DELETE;
 			} else {
-				$share->setPermissions(Constants::PERMISSION_READ);
+				$permissions = Constants::PERMISSION_READ;
 			}
+			// TODO: It might make sense to have a dedicated setting to allow/deny converting link shares into federated ones
+			if ($this->shareManager->outgoingServer2ServerSharesAllowed()) {
+				$permissions |= Constants::PERMISSION_SHARE;
+			}
+			$share->setPermissions($permissions);
 
 			// Set password
 			if ($password !== '') {

lib/private/Share20/Manager.php

@@ -616,11 +616,6 @@ class Manager implements IManager {
 			throw new \Exception('Link sharing is not allowed');
 		}
 
-		// Link shares by definition can't have share permissions
-		if ($share->getPermissions() & \OCP\Constants::PERMISSION_SHARE) {
-			throw new \InvalidArgumentException('Link shares can’t have reshare permissions');
-		}
-
 		// Check if public upload is allowed
 		if (!$this->shareApiLinkAllowPublicUpload() &&
 			($share->getPermissions() & (\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE | \OCP\Constants::PERMISSION_DELETE))) {