Merge pull request #41082 from nextcloud/backport/40482/stable27

[stable27] fix(isLegitimatedForUserId): Setup mountpoints to check file access

apps/workflowengine/lib/Entity/File.php

@@ -7,6 +7,7 @@
  *
  * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
  * @author Christoph Wurst <christoph@winzerhof-wurst.at>
+ * @author Jonas Meurer <jonas@freesources.org>
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -26,6 +27,8 @@
  */
 namespace OCA\WorkflowEngine\Entity;
 
+use OC\Files\Config\UserMountCache;
+use OC\Files\Mount\Manager as MountManager;
 use OCP\EventDispatcher\Event;
 use OCP\EventDispatcher\GenericEvent;
 use OCP\Files\InvalidPathException;
@@ -38,7 +41,6 @@
 use OCP\IUser;
 use OCP\IUserManager;
 use OCP\IUserSession;
-use OCP\Share\IManager as ShareManager;
 use OCP\SystemTag\ISystemTag;
 use OCP\SystemTag\ISystemTagManager;
 use OCP\SystemTag\MapperEvent;
@@ -65,8 +67,6 @@ class File implements IEntity, IDisplayText, IUrl, IIcon, IContextPortation {
 	protected $eventName;
 	/** @var Event */
 	protected $event;
-	/** @var ShareManager */
-	private $shareManager;
 	/** @var IUserSession */
 	private $userSession;
 	/** @var ISystemTagManager */
@@ -77,25 +77,31 @@ class File implements IEntity, IDisplayText, IUrl, IIcon, IContextPortation {
 	private $actingUser = null;
 	/** @var IUserManager */
 	private $userManager;
+	/** @var UserMountCache */
+	private $userMountCache;
+	/** @var MountManager */
+	private $mountManager;
 
 	public function __construct(
 		IL10N $l10n,
 		IURLGenerator $urlGenerator,
 		IRootFolder $root,
 		ILogger $logger,
-		ShareManager $shareManager,
 		IUserSession $userSession,
 		ISystemTagManager $tagManager,
-		IUserManager $userManager
+		IUserManager $userManager,
+		UserMountCache $userMountCache,
+		MountManager $mountManager
 	) {
 		$this->l10n = $l10n;
 		$this->urlGenerator = $urlGenerator;
 		$this->root = $root;
 		$this->logger = $logger;
-		$this->shareManager = $shareManager;
 		$this->userSession = $userSession;
 		$this->tagManager = $tagManager;
 		$this->userManager = $userManager;
+		$this->userMountCache = $userMountCache;
+		$this->mountManager = $mountManager;
 	}
 
 	public function getName(): string {
@@ -140,8 +146,22 @@ public function isLegitimatedForUserId(string $uid): bool {
 			if ($node->getOwner()->getUID() === $uid) {
 				return true;
 			}
-			$acl = $this->shareManager->getAccessList($node, true, true);
-			return isset($acl['users']) && array_key_exists($uid, $acl['users']);
+
+			if ($this->eventName === self::EVENT_NAMESPACE . 'postDelete') {
+				// At postDelete, the file no longer exists. Check for parent folder instead.
+				$fileId = $node->getParent()->getId();
+			} else {
+				$fileId = $node->getId();
+			}
+
+			$mountInfos = $this->userMountCache->getMountsForFileId($fileId, $uid);
+			foreach ($mountInfos as $mountInfo) {
+				$mount = $this->mountManager->getMountFromMountInfo($mountInfo);
+				if ($mount && $mount->getStorage() && !empty($mount->getStorage()->getCache()->get($fileId))) {
+					return true;
+				}
+			}
+			return false;
 		} catch (NotFoundException $e) {
 			return false;
 		}

apps/workflowengine/tests/ManagerTest.php

@@ -26,6 +26,8 @@
  */
 namespace OCA\WorkflowEngine\Tests;
 
+use OC\Files\Config\UserMountCache;
+use OC\Files\Mount\Manager as MountManager;
 use OC\L10N\L10N;
 use OCA\WorkflowEngine\Entity\File;
 use OCA\WorkflowEngine\Helper\ScopeContext;
@@ -408,10 +410,11 @@ public function testUpdateOperation() {
 							$this->createMock(IURLGenerator::class),
 							$this->createMock(IRootFolder::class),
 							$this->createMock(ILogger::class),
-							$this->createMock(\OCP\Share\IManager::class),
 							$this->createMock(IUserSession::class),
 							$this->createMock(ISystemTagManager::class),
 							$this->createMock(IUserManager::class),
+							$this->createMock(UserMountCache::class),
+							$this->createMock(MountManager::class),
 						])
 						->setMethodsExcept(['getEvents'])
 						->getMock();

lib/private/Files/Config/UserMountCache.php

@@ -463,7 +463,7 @@ public function getMountForPath(IUser $user, string $path): ICachedMountInfo {
 		}, $mounts);
 		$mounts = array_combine($mountPoints, $mounts);
 
-		$current = $path;
+		$current = rtrim($path, '/');
 		// walk up the directory tree until we find a path that has a mountpoint set
 		// the loop will return if a mountpoint is found or break if none are found
 		while (true) {

lib/private/Files/Mount/Manager.php

@@ -10,6 +10,7 @@
  * @author Robin Appelman <robin@icewind.nl>
  * @author Robin McCorkell <robin@mccorkell.me.uk>
  * @author Roeland Jago Douma <roeland@famdouma.nl>
+ * @author Jonas <jonas@freesources.org>
  *
  * @license AGPL-3.0
  *
@@ -33,6 +34,7 @@
 use OC\Files\Filesystem;
 use OC\Files\SetupManager;
 use OC\Files\SetupManagerFactory;
+use OCP\Files\Config\ICachedMountInfo;
 use OCP\Files\Mount\IMountManager;
 use OCP\Files\Mount\IMountPoint;
 use OCP\Files\NotFoundException;
@@ -226,4 +228,21 @@ public function getMountsByMountProvider(string $path, array $mountProviders) {
 			});
 		}
 	}
+
+	/**
+	 * Return the mount matching a cached mount info (or mount file info)
+	 *
+	 * @param ICachedMountInfo $info
+	 *
+	 * @return IMountPoint|null
+	 */
+	public function getMountFromMountInfo(ICachedMountInfo $info): ?IMountPoint {
+		$this->setupManager->setupForPath($info->getMountPoint());
+		foreach ($this->mounts as $mount) {
+			if ($mount->getMountPoint() === $info->getMountPoint()) {
+				return $mount;
+			}
+		}
+		return null;
+	}
 }