Only allow removing existing shares that would not be allowed due to reshare restrictions

[juliusknorr]

Steps to reproduce:

• User A creates a file "LinkShare.txt" and shares it by link
• User B shares a folder "WithoutReshare/" without reshare permissions to User A
• User A moves a file "LinkShare.txt" into the incoming share "WithoutReshare/"

The share link still exists in the user interface though it is no longer accessible due to the missing reshare permissions on the parent share.

This PR makes sure that the UI doesn't offer to modify the link share and only remove it which is still possible.

However I'm still wondering if we should either indicate that this share is stale in the UI or even remove the share link if the node is moved to a share without reshare permissions, but not sure if dropping those shares automatically would be something feasible.

[juliusknorr]

I've pushed two more commits to get the discussion for my proposal some example here to

• remove shares when they are moved into a directory where the share owner hasn't allowed resharing
• downgrade permissions when the owner is changed to not end up with link shares that have higher permissions than the parent share. Even though this might be checked, it feels safer to have the proper permissions set then in the child share as well. Also the share update was failing in that case with the following exception:

  Error    no app in context  OCP\Share\Exceptions\GenericShareException: Can’t increase permissions of  at lib/private/Share20/Manager.php line 353                                                             2021-04-15T10:49:48+00:00 
                                                                                                                                                                                                                                             
                               0. lib/private/Share20/Manager.php line 968                                                                                                                                                                   
                                  OC\Share20\Manager->generalCreateChecks("*** sensitive parameter replaced ***")                                                                                                                            
                               1. apps/files_sharing/lib/Updater.php line 92                                                                                                                                                                 
                                  OC\Share20\Manager->updateShare("*** sensitive parameters replaced ***")                                                                                                                                   
                               2. apps/files_sharing/lib/Updater.php line 40                                                                                                                                                                 
                                  OCA\Files_Sharing\Updater::moveShareToShare("\/ShareNoDelete\/sharedelete3")                                                                                                                               
                               3. lib/private/legacy/OC_Hook.php line 110                                                                                                                                                                    
                                  OCA\Files_Sharing\Updater::renameHook({oldpath:"\/sharedelete3",newpath:"\/ShareNoDelete\/sharedelete3"})                                                                                                  
                               4. lib/private/Files/View.php line 858                                                                                                                                                                        
                                  OC_Hook::emit("OC_Filesystem", "post_rename", {oldpath:"\/sharedelete3",newpath:"\/ShareNoDelete\/sharedelete3"})                                                                                          
                               5. apps/dav/lib/Connector/Sabre/Directory.php line 443                                                                                                                                                        
                                  OC\Files\View->rename("\/sharedelete3", "\/ShareNoDelete\/sharedelete3")                                                                                                                                   
                               6. 3rdparty/sabre/dav/lib/DAV/Tree.php line 160                                                                                                                                                               
                                  OCA\DAV\Connector\Sabre\Directory->moveInto("sharedelete3", "files\/admin\/sharedelete3", OCA\DAV\Connector\Sabre\Directory {})                                                                            
                               7. 3rdparty/sabre/dav/lib/DAV/CorePlugin.php line 612                                                                                                                                                         
                                  Sabre\DAV\Tree->move("files\/admin\/sharedelete3", "files\/admin\/ShareNoDelete\/sharedelete3")                                                                                                            
                               8. 3rdparty/sabre/event/lib/WildcardEmitterTrait.php line 89                                                                                                                                                  
                                  Sabre\DAV\CorePlugin->httpMove(Sabre\HTTP\Request {}, Sabre\HTTP\Response {})                                                                                                                              
                               9. 3rdparty/sabre/dav/lib/DAV/Server.php line 472                                                                                                                                                             
                                  Sabre\DAV\Server->emit("method:MOVE", [Sabre\HTTP\Request {},Sabre\HTTP\Response {}])                                                                                                                      
                              10. 3rdparty/sabre/dav/lib/DAV/Server.php line 253                                                                                                                                                             
                                  Sabre\DAV\Server->invokeMethod(Sabre\HTTP\Request {}, Sabre\HTTP\Response {})                                                                                                                              
                              11. 3rdparty/sabre/dav/lib/DAV/Server.php line 321                                                                                                                                                             
                                  Sabre\DAV\Server->start(                                                                                                                                                                                   
                                                                                                                                                                                                                                             
                                  )                                                                                                                                                                                                          
                              12. apps/dav/lib/Server.php line 332                                                                                                                                                                           
                                  Sabre\DAV\Server->exec(                                                                                                                                                                                    
                                                                                                                                                                                                                                             
                                  )                                                                                                                                                                                                          
                              13. apps/dav/appinfo/v2/remote.php line 35                                                                                                                                                                     
                                  OCA\DAV\Server->exec(                                                                                                                                                                                      
                                                                                                                                                                                                                                             
                                  )                                                                                                                                                                                                          
                              14. remote.php line 167                                                                                                                                                                                        
                                  require_once("\/var\/www\/html\/apps\/dav\/appinfo\/v2\/remote.php") 

[juliusknorr]

@rullzer Maybe you can share your opinion on this :)

[skjnldsv]

Is it still "to review" ?
Or still developing?

[juliusknorr]

Would be ready for review, though after my rebase today i guess i need to have another look at the one failing acceptance test which seems related, which would cover exactly that case where now a share would be cleaned up:

Scenario: sharee can unshare a reshare by link if resharing is disabled in the settings after the reshare is created # /drone/src/tests/acceptance/features/app-files-sharing-link.feature:195

[artonge]

I probably don't have the full picture, but the code looks fine :).

[blizzz]

do we need backports?

[juliusknorr]

/backport to stable21

[juliusknorr]

/backport to stable20

[juliusknorr]

/backport to stable19

[backportbot-nextcloud]

The backport to stable19 failed. Please do this backport manually.