Closed SwikritiT closed 2 years ago
I just went through the above steps. And for me it already fails at step 6 with the current code. Marie can't reshare Einstein's folder with Einstein
6. Now as
Marie
share the resource back to userEinstein
with role17
(considering that Einstein is the owner of the resource feels a little weird that you can reshare the same resource to the owner with lower permission?)curl -vk -X POST -u marie:radioactivity https://host.docker.internal:9200/ocs/v1.php/apps/files_sharing/api/v1/shares -d 'path=folder_from_einstein' -d 'shareType=0' -d'permissions=17' -d'shareWith=einstein' -d'reshares=true' -d 'space_ref=1284d238-aa92-42ce-bdc4-0b0000009157$4c510ada-c86b-4815-8820-42cdf82c3d51!b979b13d-85fb-4ac1-ad13-576b12da553a'
The error I get is:
<ocs><meta><status>error</status><statuscode>996</statuscode><message>grpc create share request failed</message>
</meta></ocs>
Didn't find much helpful info in the logs yet.
It seems that all of the share managers in reva already dis-allowed to reshare a resource with the owner of that resource. Apart from the "cs3" manger which was our default from beta4 to beta7. "cs3" should be fixed with the above PR.
But we will also switch the default again (to "jsoncs3"), which has the check as well.
Describe the bug
A clear and concise description of what the bug is.
Steps to reproduce
Steps to reproduce the behavior:
Einstein
create resourcefolder_from_einstein
Moss
with permission31
Moss
accept the shareMoss
reshare the recently accepted share to userMarie
with permission17
Marie
accept the shareMarie
share the resource back to userEinstein
with role17
(considering that Einstein is the owner of the resource feels a little weird that you can reshare the same resource to the owner with lower permission?)einstein
accept the shareEinstein
create a folder inside the reshared folder inside theShare jail
(Note this folder is shared with role viewer)log
The folder gets created from the Api but on UI the
New
andupload
button are disabledSimilarly, If you go one level inside
TestFolder
, you can create/upload/delete/.... resources even from the UIMarie
reshare the same resource to userMoss
(the user that she got share from) with permission17
The
http
status is200
andocs
status is996
with error messagegrpc create share request failed
log
But looks like the share is still created , if I go to the UI and check the resource's collaborator list as user
einstein
(owner of the resourceMoss is listed twice with role
viewerand
editor`Moss
it gives me the option toaccept
ordecline
the again, also in share with indicatorMoss
is shown x times the resource has been shared, and the permission is still31
I think because I can create resourcesGet
req to fetch the shares received byMoss
the reshare fromMarie
is listed even though the API threw error messagelog
Expected behavior
owner
with permission lower than what the owner already has.reshare
the resource with owner with lower perm the permission should be followed properlyActual behavior
As described in the steps to reproduce
Setup
Please describe how you started the server and provide a list of relevant environment variables or configuration files.
```console OCIS=latest ```
Additional context
Add any other context about the problem here.