Skip to content

Commit

Permalink
fix(auth/scope): fix nested resource check when creating a new resource
Browse files Browse the repository at this point in the history 
When creating a reource (e.g a document via the app/new endpoint) below a next
folder structure of a public link, we can't stat the resource itself (it
doesn't exit yet) for checking if it is a descendant of the share root.
We now stat the resource's parent instead in that case.

Fixes: owncloud/ocis#8957
  • Loading branch information
@rhafer
rhafer committed Apr 29, 2024
1 parent 1fc6382 commit f3a000b
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 3 deletions.
7 changes: 7 additions & 0 deletions changelog/unreleased/fix-publicshare-nested-appnew.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
Bugfix: Fix creating documents in nested folders of public shares

We fixed a bug that prevented creating new documented in a nested folder
of a public share.

https://github.com/cs3org/reva/pull/4660
https://github.com/owncloud/ocis/issues/8957
14 changes: 11 additions & 3 deletions internal/grpc/interceptors/auth/scope.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -266,7 +266,7 @@ func checkIfNestedResource(ctx context.Context, ref *provider.Reference, parent
if err != nil {
return false, err
}
if statResponse.Status.Code != rpc.Code_CODE_OK {
if statResponse.GetStatus().GetCode() != rpc.Code_CODE_OK {
return false, statuspkg.NewErrorFromCode(statResponse.Status.Code, "auth interceptor")
}

Expand Down Expand Up @@ -318,14 +318,22 @@ func checkIfNestedResource(ctx context.Context, ref *provider.Reference, parent
if err != nil {
return false, err
}
if childStat.Status.Code != rpc.Code_CODE_OK {
if childStat.GetStatus().GetCode() == rpc.Code_CODE_NOT_FOUND && ref.GetPath() != "" && ref.GetPath() != "." {
// The resource does not seem to exist (yet?). We might be part of an initiate upload request.
// Stat the parent to get its path and check that against the root path.
childStat, err = client.Stat(ctx, &provider.StatRequest{Ref: &provider.Reference{ResourceId: ref.GetResourceId()}})
if err != nil {
return false, err
}
}
if childStat.GetStatus().GetCode() != rpc.Code_CODE_OK {
return false, statuspkg.NewErrorFromCode(childStat.Status.Code, "auth interceptor")
}
pathResp, err = client.GetPath(ctx, &provider.GetPathRequest{ResourceId: childStat.GetInfo().GetId()})
if err != nil {
return false, err
}
if pathResp.Status.Code != rpc.Code_CODE_OK {
if pathResp.GetStatus().GetCode() != rpc.Code_CODE_OK {
return false, statuspkg.NewErrorFromCode(pathResp.Status.Code, "auth interceptor")
}
childPath = pathResp.Path
Expand Down

0 comments on commit f3a000b

Please sign in to comment.