diff --git a/apps/dav/appinfo/v1/publicwebdav.php b/apps/dav/appinfo/v1/publicwebdav.php index 24883f5f3c16..95b54a61a31b 100644 --- a/apps/dav/appinfo/v1/publicwebdav.php +++ b/apps/dav/appinfo/v1/publicwebdav.php @@ -94,7 +94,7 @@ function ($event) use ($share) { ); return new \OC\Files\View($ownerView->getAbsolutePath($path)); -}); +}, true); $server->addPlugin(new \OCA\DAV\Connector\Sabre\AutorenamePlugin()); $server->addPlugin($linkCheckPlugin); diff --git a/apps/dav/lib/Connector/Sabre/ServerFactory.php b/apps/dav/lib/Connector/Sabre/ServerFactory.php index f084d56cbb29..4fd367e95f8e 100644 --- a/apps/dav/lib/Connector/Sabre/ServerFactory.php +++ b/apps/dav/lib/Connector/Sabre/ServerFactory.php @@ -95,12 +95,14 @@ public function __construct( * @param string $requestUri * @param BackendInterface $authBackend * @param callable $viewCallBack callback that should return the view for the dav endpoint + * @param bool $isPublicAccess whether DAV is accessed through a public link * @return Server */ public function createServer($baseUri, $requestUri, BackendInterface $authBackend, - callable $viewCallBack) { + callable $viewCallBack, + $isPublicAccess = false) { // Fire up server $objectTree = new \OCA\DAV\Connector\Sabre\ObjectTree(); $server = new \OCA\DAV\Connector\Sabre\Server($objectTree); @@ -118,7 +120,7 @@ public function createServer($baseUri, $server->addPlugin(new \OCA\DAV\Connector\Sabre\DummyGetResponsePlugin()); $server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $this->logger)); $server->addPlugin(new \OCA\DAV\Connector\Sabre\LockPlugin()); - $server->addPlugin(new \Sabre\DAV\Locks\Plugin(new FileLocksBackend($server->tree, true, $this->timeFactory))); + $server->addPlugin(new \Sabre\DAV\Locks\Plugin(new FileLocksBackend($server->tree, true, $this->timeFactory, $isPublicAccess))); if (BrowserErrorPagePlugin::isBrowserRequest($this->request)) { $server->addPlugin(new BrowserErrorPagePlugin()); diff --git a/apps/dav/lib/Files/FileLocksBackend.php b/apps/dav/lib/Files/FileLocksBackend.php index e4a7e8d419bd..b77dd7336253 100644 --- a/apps/dav/lib/Files/FileLocksBackend.php +++ b/apps/dav/lib/Files/FileLocksBackend.php @@ -39,11 +39,14 @@ class FileLocksBackend implements BackendInterface { private $useV1; /** @var ITimeFactory */ private $timeFactory; + /** @var bool */ + private $hideLockTokenInList; - public function __construct($tree, $useV1, $timeFactory) { + public function __construct($tree, $useV1, $timeFactory, $hideLockTokenInList = false) { $this->tree = $tree; $this->useV1 = $useV1; $this->timeFactory = $timeFactory; + $this->hideLockTokenInList = $hideLockTokenInList; } /** @@ -130,7 +133,10 @@ public function getLocks($uri, $returnChildLocks) { $lockInfo->uri = "files/$uid/$fileName"; } } - $lockInfo->token = $lock->getToken(); + + if (!$this->hideLockTokenInList) { + $lockInfo->token = $lock->getToken(); + } $lockInfo->created = $lock->getCreatedAt(); $lockInfo->depth = $lock->getDepth(); $lockInfo->owner = $lock->getOwner(); diff --git a/apps/dav/tests/unit/Files/FileLocksBackendTest.php b/apps/dav/tests/unit/Files/FileLocksBackendTest.php index 2aa942f801e4..ecca9f42a7ea 100644 --- a/apps/dav/tests/unit/Files/FileLocksBackendTest.php +++ b/apps/dav/tests/unit/Files/FileLocksBackendTest.php @@ -253,14 +253,14 @@ public function testGetLocksPublic($storageLockPath, $storageGetLocksPath, $lock $timeFactory = $this->createMock(ITimeFactory::class); $timeFactory->method('getTime')->willReturn(self::CURRENT_TIME); - $this->plugin = new FileLocksBackend($this->tree, true, $timeFactory); + $this->plugin = new FileLocksBackend($this->tree, true, $timeFactory, true); // "/public/share" is a public share // "/public" has the locks // we query "public.php/webdav/sub" inside that share $locks = $this->plugin->getLocks($lockPluginGetLockPath, true); $lockInfo = new LockInfo(); - $lockInfo->token = '123-456-7890'; + $lockInfo->token = null; // hidden in public endpoint $lockInfo->scope = LockInfo::EXCLUSIVE; $lockInfo->uri = $responseLockRoot; $lockInfo->owner = 'Alice Wonder'; diff --git a/tests/acceptance/features/apiWebdavLocks/folder.feature b/tests/acceptance/features/apiWebdavLocks/folder.feature index bed18c6cd7b7..aec2dac6b640 100644 --- a/tests/acceptance/features/apiWebdavLocks/folder.feature +++ b/tests/acceptance/features/apiWebdavLocks/folder.feature @@ -58,4 +58,20 @@ Feature: lock folders | old | shared | | old | exclusive | | new | shared | - | new | exclusive | \ No newline at end of file + | new | exclusive | + + Scenario Outline: lockdiscovery of a locked folder + Given using DAV path + And user "user0" has created a public link share of folder "PARENT" with change permission + And user "user0" has locked folder "PARENT" setting following properties + | lockscope | | + When user "user0" gets the following properties of folder "PARENT" using the WebDAV API + | d:lockdiscovery | + Then the value of the item "//d:lockroot/d:href" in the response should match "" + And the value of the item "//d:locktoken/d:href" in the response should match "/^opaquelocktoken:[a-z0-9-]+$/" + Examples: + | dav-path | lock-scope | lock-root | + | old | shared | /%base_path%\/remote.php\/webdav\/PARENT$/ | + | old | exclusive | /%base_path%\/remote.php\/webdav\/PARENT$/ | + | new | shared | /%base_path%\/remote.php\/dav\/files\/user0\/PARENT$/ | + | new | exclusive | /%base_path%\/remote.php\/dav\/files\/user0\/PARENT$/ | diff --git a/tests/acceptance/features/apiWebdavLocks/publicLink.feature b/tests/acceptance/features/apiWebdavLocks/publicLink.feature index 1f68f6ef48d0..8d37f5434630 100644 --- a/tests/acceptance/features/apiWebdavLocks/publicLink.feature +++ b/tests/acceptance/features/apiWebdavLocks/publicLink.feature @@ -83,9 +83,7 @@ Feature: persistent-locking in case of a public link When the public gets the following properties of entry "/" in the last created public link using the WebDAV API | d:lockdiscovery | Then the value of the item "//d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" - And the value of the item "//d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:lockroot/d:href" in the response should be "" + And the value of the item "//d:locktoken/d:href" in the response should be "opaquelocktoken:" Examples: | lock-scope | | shared | @@ -98,9 +96,7 @@ Feature: persistent-locking in case of a public link When the public gets the following properties of entry "/CHILD" in the last created public link using the WebDAV API | d:lockdiscovery | Then the value of the item "//d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" - And the value of the item "//d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:lockroot/d:href" in the response should be "" + And the value of the item "//d:locktoken/d:href" in the response should be "opaquelocktoken:" Examples: | lock-scope | | shared | @@ -113,9 +109,7 @@ Feature: persistent-locking in case of a public link When the public gets the following properties of entry "/CHILD" in the last created public link using the WebDAV API | d:lockdiscovery | Then the value of the item "//d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/CHILD$/" - And the value of the item "//d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:lockroot/d:href" in the response should be "" + And the value of the item "//d:locktoken/d:href" in the response should be "opaquelocktoken:" Examples: | lock-scope | | shared | @@ -128,9 +122,7 @@ Feature: persistent-locking in case of a public link When the public gets the following properties of entry "/CHILD/child.txt" in the last created public link using the WebDAV API | d:lockdiscovery | Then the value of the item "//d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/CHILD$/" - And the value of the item "//d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:lockroot/d:href" in the response should be "" + And the value of the item "//d:locktoken/d:href" in the response should be "opaquelocktoken:" Examples: | lock-scope | | shared | @@ -143,9 +135,7 @@ Feature: persistent-locking in case of a public link When the public gets the following properties of entry "/CHILD/child.txt" in the last created public link using the WebDAV API | d:lockdiscovery | Then the value of the item "//d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" - And the value of the item "//d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:lockroot/d:href" in the response should be "" + And the value of the item "//d:locktoken/d:href" in the response should be "opaquelocktoken:" Examples: | lock-scope | | shared | @@ -158,9 +148,7 @@ Feature: persistent-locking in case of a public link When the public gets the following properties of entry "/CHILD/child.txt" in the last created public link using the WebDAV API | d:lockdiscovery | Then the value of the item "//d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/CHILD\/child.txt$/" - And the value of the item "//d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:lockroot/d:href" in the response should be "" + And the value of the item "//d:locktoken/d:href" in the response should be "opaquelocktoken:" Examples: | lock-scope | | shared | @@ -173,9 +161,8 @@ Feature: persistent-locking in case of a public link When the public gets the following properties of entry "/child.txt" in the last created public link using the WebDAV API | d:lockdiscovery | Then the value of the item "//d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" - And the value of the item "//d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:lockroot/d:href" in the response should be "" + And the value of the item "//d:locktoken/d:href" in the response should be "opaquelocktoken:" + Examples: | lock-scope | | shared | @@ -188,7 +175,7 @@ Feature: persistent-locking in case of a public link When the public gets the following properties of entry "/" in the last created public link using the WebDAV API | d:lockdiscovery | Then the value of the item "//d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" - And the value of the item "//d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" + And the value of the item "//d:locktoken/d:href" in the response should be "opaquelocktoken:" Examples: | lock-scope | | shared | @@ -201,7 +188,7 @@ Feature: persistent-locking in case of a public link When the public gets the following properties of entry "/CHILD" in the last created public link using the WebDAV API | d:lockdiscovery | Then the value of the item "//d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" - And the value of the item "//d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" + And the value of the item "//d:locktoken/d:href" in the response should be "opaquelocktoken:" Examples: | lock-scope | | shared | @@ -214,7 +201,7 @@ Feature: persistent-locking in case of a public link When the public gets the following properties of entry "/CHILD" in the last created public link using the WebDAV API | d:lockdiscovery | Then the value of the item "//d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/CHILD$/" - And the value of the item "//d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" + And the value of the item "//d:locktoken/d:href" in the response should be "opaquelocktoken:" Examples: | lock-scope | | shared | @@ -230,10 +217,8 @@ Feature: persistent-locking in case of a public link | d:lockdiscovery | Then the value of the item "//d:activelock[1]/d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" And the value of the item "//d:activelock[2]/d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" - And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should be "" - And the value of the item "//d:activelock[2]/d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" + And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should be "opaquelocktoken:" + And the value of the item "//d:activelock[2]/d:locktoken/d:href" in the response should be "opaquelocktoken:" Scenario: lockdiscovery subfolder of public link when root is locked by user and subfolder is locked by public Given user "user0" has created a public link share of folder "PARENT" with change permission @@ -245,10 +230,8 @@ Feature: persistent-locking in case of a public link | d:lockdiscovery | Then the value of the item "//d:activelock[1]/d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" And the value of the item "//d:activelock[2]/d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/CHILD$/" - And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should be "" - And the value of the item "//d:activelock[2]/d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" + And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should be "opaquelocktoken:" + And the value of the item "//d:activelock[2]/d:locktoken/d:href" in the response should be "opaquelocktoken:" Scenario: lockdiscovery root of public link when user has locked folder above public link and public has locked root of public link Given user "user0" has created a public link share of folder "PARENT/CHILD" with change permission @@ -260,10 +243,8 @@ Feature: persistent-locking in case of a public link | d:lockdiscovery | Then the value of the item "//d:activelock[1]/d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" And the value of the item "//d:activelock[2]/d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" - And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should be "" - And the value of the item "//d:activelock[2]/d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" + And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should be "opaquelocktoken:" + And the value of the item "//d:activelock[2]/d:locktoken/d:href" in the response should be "opaquelocktoken:" Scenario: lockdiscovery subfolder of public link when user has locked folder above public link and public has locked subfolder of public link Given user "user0" has created a public link share of folder "PARENT/CHILD" with change permission @@ -276,10 +257,8 @@ Feature: persistent-locking in case of a public link | d:lockdiscovery | Then the value of the item "//d:activelock[1]/d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" And the value of the item "//d:activelock[2]/d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/GRANDCHILD$/" - And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should be "" - And the value of the item "//d:activelock[2]/d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" + And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should be "opaquelocktoken:" + And the value of the item "//d:activelock[2]/d:locktoken/d:href" in the response should be "opaquelocktoken:" Scenario: lockdiscovery file in public link when user has locked folder above public link and public has locked file inside of public link Given user "user0" has created a public link share of folder "PARENT/CHILD" with change permission @@ -291,7 +270,5 @@ Feature: persistent-locking in case of a public link | d:lockdiscovery | Then the value of the item "//d:activelock[1]/d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/$/" And the value of the item "//d:activelock[2]/d:lockroot/d:href" in the response should match "/%base_path%\/public.php\/webdav\/child.txt$/" - And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" - #see https://github.com/owncloud/core/pull/34229#issuecomment-457186641 - #And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should be "" - And the value of the item "//d:activelock[2]/d:locktoken/d:href" in the response should match "/^opaquelocktoken:/" + And the value of the item "//d:activelock[1]/d:locktoken/d:href" in the response should be "opaquelocktoken:" + And the value of the item "//d:activelock[2]/d:locktoken/d:href" in the response should be "opaquelocktoken:"