From 4dfa02c29d9a5f4e2cd4a6a8a989fad716222c24 Mon Sep 17 00:00:00 2001 From: provokateurin Date: Mon, 6 Jan 2025 12:46:19 +0100 Subject: [PATCH 1/4] fix(files_sharing): Handle null userId Signed-off-by: provokateurin --- .../lib/Controller/DeletedShareAPIController.php | 2 +- .../lib/Controller/ShareesAPIController.php | 11 +---------- 2 files changed, 2 insertions(+), 11 deletions(-) diff --git a/apps/files_sharing/lib/Controller/DeletedShareAPIController.php b/apps/files_sharing/lib/Controller/DeletedShareAPIController.php index 8d93afa4e04d7..fcd33bd88e68c 100644 --- a/apps/files_sharing/lib/Controller/DeletedShareAPIController.php +++ b/apps/files_sharing/lib/Controller/DeletedShareAPIController.php @@ -38,7 +38,7 @@ public function __construct( string $appName, IRequest $request, private ShareManager $shareManager, - private string $userId, + private ?string $userId, private IUserManager $userManager, private IGroupManager $groupManager, private IRootFolder $rootFolder, diff --git a/apps/files_sharing/lib/Controller/ShareesAPIController.php b/apps/files_sharing/lib/Controller/ShareesAPIController.php index 3a04dda72a199..9a9e94a7ee2b0 100644 --- a/apps/files_sharing/lib/Controller/ShareesAPIController.php +++ b/apps/files_sharing/lib/Controller/ShareesAPIController.php @@ -66,19 +66,10 @@ class ShareesAPIController extends OCSController { protected $reachedEndFor = []; - /** - * @param string $UserId - * @param string $appName - * @param IRequest $request - * @param IConfig $config - * @param IURLGenerator $urlGenerator - * @param IManager $shareManager - * @param ISearch $collaboratorSearch - */ public function __construct( string $appName, IRequest $request, - protected string $userId, + protected ?string $userId, protected IConfig $config, protected IURLGenerator $urlGenerator, protected IManager $shareManager, From 9f59204148dd2393224b6dbfb8c02760541ed54c Mon Sep 17 00:00:00 2001 From: provokateurin Date: Mon, 6 Jan 2025 12:47:21 +0100 Subject: [PATCH 2/4] fix(files_sharing): Gracefully handle fetching non-existent share Signed-off-by: provokateurin --- apps/files_sharing/lib/External/Manager.php | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) diff --git a/apps/files_sharing/lib/External/Manager.php b/apps/files_sharing/lib/External/Manager.php index 1ea7775641ec6..ff7f2dd3c48fa 100644 --- a/apps/files_sharing/lib/External/Manager.php +++ b/apps/files_sharing/lib/External/Manager.php @@ -160,13 +160,7 @@ private function writeShareToDb($remote, $token, $password, $name, $owner, $user $query->execute([$remote, $token, $password, $name, $owner, $user, $mountPoint, $hash, $accepted, $remoteId, $parent, $shareType]); } - /** - * get share - * - * @param int $id share id - * @return mixed share of false - */ - private function fetchShare($id) { + private function fetchShare(int $id): array|false { $getShare = $this->connection->prepare(' SELECT `id`, `remote`, `remote_id`, `share_token`, `name`, `owner`, `user`, `mountpoint`, `accepted`, `parent`, `share_type`, `password`, `mountpoint_hash` FROM `*PREFIX*share_external` @@ -208,15 +202,12 @@ private function fetchUserShare($parentId, $uid) { return null; } - /** - * get share - * - * @param int $id share id - * @return mixed share of false - */ public function getShare(int $id, ?string $user = null): array|false { $user = $user ?? $this->uid; $share = $this->fetchShare($id); + if ($share === false) { + return false; + } // check if the user is allowed to access it if ($this->canAccessShare($share, $user)) { @@ -256,7 +247,7 @@ private function canAccessShare(array $share, string $user): bool { && $share['user'] === $user) { return true; } - + // If the share is a group share, check if the user is in the group if ((int)$share['share_type'] === IShare::TYPE_GROUP) { $parentId = (int)$share['parent']; From 90c608bdc7ef1ed4fe683b49ff73212680659348 Mon Sep 17 00:00:00 2001 From: provokateurin Date: Mon, 6 Jan 2025 12:47:57 +0100 Subject: [PATCH 3/4] fix(files_sharing): Fix sharee search result types Signed-off-by: provokateurin --- .../files_sharing/lib/ResponseDefinitions.php | 21 +++++--- apps/files_sharing/openapi.json | 54 ++++++++++++++----- 2 files changed, 56 insertions(+), 19 deletions(-) diff --git a/apps/files_sharing/lib/ResponseDefinitions.php b/apps/files_sharing/lib/ResponseDefinitions.php index 0edf67fe042dc..6b6b0fcc4b680 100644 --- a/apps/files_sharing/lib/ResponseDefinitions.php +++ b/apps/files_sharing/lib/ResponseDefinitions.php @@ -99,7 +99,6 @@ * } * * @psalm-type Files_SharingSharee = array{ - * count: int|null, * label: string, * } * @@ -108,6 +107,14 @@ * shareWith: string, * } * + * @psalm-type Files_SharingShareeGroup = Files_SharingSharee&array{ + * value: Files_SharingShareeValue, + * } + * + * @psalm-type Files_SharingShareeRoom = Files_SharingSharee&array{ + * value: Files_SharingShareeValue, + * } + * * @psalm-type Files_SharingShareeUser = Files_SharingSharee&array{ * subline: string, * icon: string, @@ -180,19 +187,19 @@ * exact: array{ * circles: list, * emails: list, - * groups: list, + * groups: list, * remote_groups: list, * remotes: list, - * rooms: list, + * rooms: list, * users: list, * }, * circles: list, * emails: list, - * groups: list, + * groups: list, * lookup: list, * remote_groups: list, * remotes: list, - * rooms: list, + * rooms: list, * users: list, * lookupEnabled: bool, * } @@ -200,13 +207,13 @@ * @psalm-type Files_SharingShareesRecommendedResult = array{ * exact: array{ * emails: list, - * groups: list, + * groups: list, * remote_groups: list, * remotes: list, * users: list, * }, * emails: list, - * groups: list, + * groups: list, * remote_groups: list, * remotes: list, * users: list, diff --git a/apps/files_sharing/openapi.json b/apps/files_sharing/openapi.json index 50b67c298e499..a9ad361ff350e 100644 --- a/apps/files_sharing/openapi.json +++ b/apps/files_sharing/openapi.json @@ -766,15 +766,9 @@ "Sharee": { "type": "object", "required": [ - "count", "label" ], "properties": { - "count": { - "type": "integer", - "format": "int64", - "nullable": true - }, "label": { "type": "string" } @@ -851,6 +845,24 @@ } ] }, + "ShareeGroup": { + "allOf": [ + { + "$ref": "#/components/schemas/Sharee" + }, + { + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "$ref": "#/components/schemas/ShareeValue" + } + } + } + ] + }, "ShareeLookup": { "allOf": [ { @@ -1027,6 +1039,24 @@ } ] }, + "ShareeRoom": { + "allOf": [ + { + "$ref": "#/components/schemas/Sharee" + }, + { + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "$ref": "#/components/schemas/ShareeValue" + } + } + } + ] + }, "ShareeUser": { "allOf": [ { @@ -1129,7 +1159,7 @@ "groups": { "type": "array", "items": { - "$ref": "#/components/schemas/Sharee" + "$ref": "#/components/schemas/ShareeGroup" } }, "remote_groups": { @@ -1161,7 +1191,7 @@ "groups": { "type": "array", "items": { - "$ref": "#/components/schemas/Sharee" + "$ref": "#/components/schemas/ShareeGroup" } }, "remote_groups": { @@ -1226,7 +1256,7 @@ "groups": { "type": "array", "items": { - "$ref": "#/components/schemas/Sharee" + "$ref": "#/components/schemas/ShareeGroup" } }, "remote_groups": { @@ -1244,7 +1274,7 @@ "rooms": { "type": "array", "items": { - "$ref": "#/components/schemas/Sharee" + "$ref": "#/components/schemas/ShareeRoom" } }, "users": { @@ -1270,7 +1300,7 @@ "groups": { "type": "array", "items": { - "$ref": "#/components/schemas/Sharee" + "$ref": "#/components/schemas/ShareeGroup" } }, "lookup": { @@ -1294,7 +1324,7 @@ "rooms": { "type": "array", "items": { - "$ref": "#/components/schemas/Sharee" + "$ref": "#/components/schemas/ShareeRoom" } }, "users": { From 1e2865709358a7272551f953c5f80832f3d26155 Mon Sep 17 00:00:00 2001 From: provokateurin Date: Mon, 6 Jan 2025 13:04:58 +0100 Subject: [PATCH 4/4] fix(PathHelper): Remove null bytes when normalizing path Signed-off-by: provokateurin --- lib/private/Files/Utils/PathHelper.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/private/Files/Utils/PathHelper.php b/lib/private/Files/Utils/PathHelper.php index a6ae029b957ba..db1294bcc104d 100644 --- a/lib/private/Files/Utils/PathHelper.php +++ b/lib/private/Files/Utils/PathHelper.php @@ -37,6 +37,8 @@ public static function normalizePath(string $path): string { if ($path === '' or $path === '/') { return '/'; } + // No null bytes + $path = str_replace(chr(0), '', $path); //no windows style slashes $path = str_replace('\\', '/', $path); //add leading slash