Skip to content

Commit 2cf3087

Browse files
solracsfsolracsf
committed
fix(files): Check if the target path is a descendant of the shared folder path
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> fix: tests Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> fix: fix tests Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> fix: add tests Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> fix: tests
1 parent 332b3ef commit 2cf3087

2 files changed

Lines changed: 11 additions & 2 deletions

File tree

lib/private/Files/View.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1794,7 +1794,8 @@ private function targetIsNotShared(string $user, string $targetPath): bool {
17941794
}, $providers));
17951795

17961796
foreach ($shares as $share) {
1797-
if (str_starts_with($targetPath, $share->getNode()->getPath())) {
1797+
$sharedPath = $share->getNode()->getPath();
1798+
if ($targetPath === $sharedPath || str_starts_with($targetPath, $sharedPath . '/')) {
17981799
$this->logger->debug(
17991800
'It is not allowed to move one mount point into a shared folder',
18001801
['app' => 'files']);

tests/lib/Files/ViewTest.php

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1668,17 +1668,24 @@ public function testMoveMountPointIntoAnother() {
16681668
public function testMoveMountPointIntoSharedFolder() {
16691669
self::loginAsUser($this->user);
16701670

1671-
[$mount1] = $this->createTestMovableMountPoints([
1671+
[$mount1, $mount2] = $this->createTestMovableMountPoints([
16721672
$this->user . '/files/mount1',
1673+
$this->user . '/files/mount2',
16731674
]);
16741675

16751676
$mount1->expects($this->never())
16761677
->method('moveMount');
16771678

1679+
$mount2->expects($this->once())
1680+
->method('moveMount')
1681+
->willReturn(true);
1682+
16781683
$view = new View('/' . $this->user . '/files/');
16791684
$view->mkdir('shareddir');
16801685
$view->mkdir('shareddir/sub');
16811686
$view->mkdir('shareddir/sub2');
1687+
// Create a similar named but non-shared folder
1688+
$view->mkdir('shareddir notshared');
16821689

16831690
$fileId = $view->getFileInfo('shareddir')->getId();
16841691
$userObject = \OC::$server->getUserManager()->createUser('test2', 'IHateNonMockableStaticClasses');
@@ -1697,6 +1704,7 @@ public function testMoveMountPointIntoSharedFolder() {
16971704
$this->assertFalse($view->rename('mount1', 'shareddir'), 'Cannot overwrite shared folder');
16981705
$this->assertFalse($view->rename('mount1', 'shareddir/sub'), 'Cannot move mount point into shared folder');
16991706
$this->assertFalse($view->rename('mount1', 'shareddir/sub/sub2'), 'Cannot move mount point into shared subfolder');
1707+
$this->assertTrue($view->rename('mount2', 'shareddir notshared/sub'), 'Can move mount point into a similarly named but non-shared folder');
17001708

17011709
$shareManager->deleteShare($share);
17021710
$userObject->delete();

0 commit comments

Comments
 (0)