Merge pull request #30408 from owncloud/disable_enforce_password_uplo…

…ad_only_stable10 Disable enforce password upload only stable10
owncloud · Feb 9, 2018 · 0ae64aa · 0ae64aa
2 parents bca244d + 4363ad0
commit 0ae64aa
Show file tree

Hide file tree

Showing 17 changed files with 258 additions and 73 deletions.
diff --git a/apps/files_sharing/tests/ApiTest.php b/apps/files_sharing/tests/ApiTest.php
@@ -302,7 +302,7 @@ public function testCreateShareLinkPublicUpload() {
 	function testEnfoceLinkPassword() {
 
 		$appConfig = \OC::$server->getAppConfig();
-		$appConfig->setValue('core', 'shareapi_enforce_links_password', 'yes');
+		$appConfig->setValue('core', 'shareapi_enforce_links_password_read_only', 'yes');
 
 		// don't allow to share link without a password
 		$data['path'] = $this->folder;
@@ -361,7 +361,7 @@ function testEnfoceLinkPassword() {
 		$result = $ocs->deleteShare($data['id']);
 		$this->assertTrue($result->succeeded());
 
-		$appConfig->setValue('core', 'shareapi_enforce_links_password', 'no');
+		$appConfig->setValue('core', 'shareapi_enforce_links_password_read_only', 'no');
 	}
 
 	/**

diff --git a/core/Migrations/Version20180123131835.php b/core/Migrations/Version20180123131835.php
@@ -0,0 +1,26 @@
+<?php
+namespace OC\Migrations;
+
+use OCP\Migration\ISimpleMigration;
+use OCP\Migration\IOutput;
+
+/**
+ * Split shareapi_enforce_links_password config key into 3 different keys for read-only,
+ * read & write and write-only links
+ */
+class Version20180123131835 implements ISimpleMigration {
+
+	/**
+	 * @param IOutput $out
+	 */
+	public function run(IOutput $out) {
+		$config = \OC::$server->getConfig();
+		$enforceLinks = $config->getAppValue('core', 'shareapi_enforce_links_password', null);
+		if ($enforceLinks !== null) {
+			$config->setAppValue('core', 'shareapi_enforce_links_password_read_only', $enforceLinks);
+			$config->setAppValue('core', 'shareapi_enforce_links_password_read_write', $enforceLinks);
+			$config->setAppValue('core', 'shareapi_enforce_links_password_write_only', $enforceLinks);
+		}
+		$config->deleteAppValue('core', 'shareapi_enforce_links_password');
+	}
+}
diff --git a/core/js/config.php b/core/js/config.php
@@ -66,6 +66,9 @@
 	$value = $config->getAppValue('core', 'shareapi_enforce_expire_date', 'no');
 	$enforceDefaultExpireDate = ($value === 'yes') ? true : false;
 }
+$enforceLinkPasswordReadOnly = $config->getAppValue('core', 'shareapi_enforce_links_password_read_only', 'no') === 'yes';
+$enforceLinkPasswordReadWrite = $config->getAppValue('core', 'shareapi_enforce_links_password_read_write', 'no') === 'yes';
+$enforceLinkPasswordWriteOnly = $config->getAppValue('core', 'shareapi_enforce_links_password_write_only', 'no') === 'yes';
 $outgoingServer2serverShareEnabled = $config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'yes';
 
 $countOfDataLocation = 0;
@@ -163,7 +166,9 @@
 				'defaultExpireDateEnabled' => $defaultExpireDateEnabled,
 				'defaultExpireDate' => $defaultExpireDate,
 				'defaultExpireDateEnforced' => $enforceDefaultExpireDate,
-				'enforcePasswordForPublicLink' => \OCP\Util::isPublicLinkPasswordRequired(),
+				'enforceLinkPasswordReadOnly' => $enforceLinkPasswordReadOnly,
+				'enforceLinkPasswordReadWrite' => $enforceLinkPasswordReadWrite,
+				'enforceLinkPasswordWriteOnly' => $enforceLinkPasswordWriteOnly,
 				'sharingDisabledForUser' => \OCP\Util::isSharingDisabledForUser(),
 				'resharingAllowed' => \OCP\Share::isResharingAllowed(),
 				'remoteShareAllowed' => $outgoingServer2serverShareEnabled,

diff --git a/core/js/shareconfigmodel.js b/core/js/shareconfigmodel.js
@@ -21,7 +21,9 @@
 	var ShareConfigModel = OC.Backbone.Model.extend({
 		defaults: {
 			publicUploadEnabled: false,
-			enforcePasswordForPublicLink: oc_appconfig.core.enforcePasswordForPublicLink,
+			enforceLinkPasswordReadOnly: oc_appconfig.core.enforceLinkPasswordReadOnly,
+			enforceLinkPasswordReadWrite: oc_appconfig.core.enforceLinkPasswordReadWrite,
+			enforceLinkPasswordWriteOnly: oc_appconfig.core.enforceLinkPasswordWriteOnly,
 			isDefaultExpireDateEnforced: oc_appconfig.core.defaultExpireDateEnforced === true,
 			isDefaultExpireDateEnabled: oc_appconfig.core.defaultExpireDateEnabled === true,
 			isRemoteShareAllowed: oc_appconfig.core.remoteShareAllowed,

diff --git a/core/js/sharedialoglinkshareview.js b/core/js/sharedialoglinkshareview.js
@@ -40,7 +40,7 @@
 			'</div>' +
 			'{{/if}}' +
 			'<div id="linkPass-{{cid}}" class="public-link-modal--item linkPass">' +
-				'<label class="public-link-modal--label" for="linkPassText-{{cid}}">{{passwordLabel}}{{#if isPasswordRequired}}<span class="required-indicator">*</span>{{/if}}</label>' +
+				'<label class="public-link-modal--label" for="linkPassText-{{cid}}">{{passwordLabel}}</label>' +
 				'<input class="public-link-modal--input linkPassText" id="linkPassText-{{cid}}" type="password" placeholder="{{passwordPlaceholder}}" />' +
 				'<span class="error-message hidden"></span>' +
 			'</div>' +
@@ -101,7 +101,20 @@
 		_getPermissions: function() {
 			var permissions = this.$('input[name="publicPermissions"]:checked').val();
 
-			return (permissions) ? permissions : OC.PERMISSION_READ;
+			return (permissions) ? parseInt(permissions, 10) : OC.PERMISSION_READ;
+		},
+
+		_shouldRequirePassword: function() {
+			// matching passwordMustBeEnforced from server side
+			var permissions = this._getPermissions();
+			var roEnforcement = permissions === OC.PERMISSION_READ && this.configModel.get('enforceLinkPasswordReadOnly');
+			var woEnforcement = permissions === OC.PERMISSION_CREATE && this.configModel.get('enforceLinkPasswordWriteOnly');
+			var rwEnforcement = (permissions !== OC.PERMISSION_READ && permissions !== OC.PERMISSION_CREATE) && this.configModel.get('enforceLinkPasswordReadWrite');
+			if (roEnforcement || woEnforcement || rwEnforcement) {
+				return true;
+			} else {
+				return false;
+			}
 		},
 
 		_save: function () {
@@ -144,8 +157,8 @@
 			var validates = true;
 			validates &= this.expirationView.validate();
 
-			if (this.configModel.get('enforcePasswordForPublicLink')
-				&& !password
+			if (!password
+				&& this._shouldRequirePassword()
 				&& (this.model.isNew() || !this.model.get('encryptedPassword'))
 			) {
 				$password.addClass('error');
@@ -221,7 +234,6 @@
 			this.$el.html(this.template({
 				cid: this.cid,
 				passwordPlaceholder: isPasswordSet ? PASSWORD_PLACEHOLDER_STARS : PASSWORD_PLACEHOLDER_MESSAGE,
-				isPasswordRequired: this.configModel.get('enforcePasswordForPublicLink'),
 				namePlaceholder: t('core', 'Name'),
 				name: this.model.get('name'),
 				isPasswordSet: isPasswordSet,

diff --git a/core/js/tests/specs/sharedialogexpirationviewSpec.js b/core/js/tests/specs/sharedialogexpirationviewSpec.js
@@ -67,8 +67,8 @@ describe('OC.Share.ShareDialogExpirationView', function() {
 		});
 		view.render();
 	});
-	afterEach(function() { 
-		tooltipStub.restore(); 
+	afterEach(function() {
+		tooltipStub.restore();
 		view.remove();
 	});
 
@@ -128,7 +128,6 @@ describe('OC.Share.ShareDialogExpirationView', function() {
 				setDefaultsStub = sinon.stub($.datepicker, 'setDefaults');
 
 				configModel.set({
-					enforcePasswordForPublicLink: false,
 					isDefaultExpireDateEnabled: false,
 					isDefaultExpireDateEnforced: false,
 					defaultExpireDate: 7

diff --git a/core/js/tests/specs/sharedialoglinkshareviewSpec.js b/core/js/tests/specs/sharedialoglinkshareviewSpec.js
@@ -230,16 +230,6 @@ describe('OC.Share.ShareDialogLinkShareView', function() {
 				expect(view.$('.linkPassText').val()).toEqual('');
 				expect(view.$('.linkPassText').attr('placeholder')).toEqual(PASSWORD_PLACEHOLDER_STARS);
 			});
-			it('renders required indicator when password is enforced', function() {
-				configModel.set('enforcePasswordForPublicLink', true);
-				view.render();
-				expect(view.$('.linkPass .required-indicator').length).toEqual(1);
-			});
-			it('does not render required indicator when password not enforced', function() {
-				configModel.set('enforcePasswordForPublicLink', false);
-				view.render();
-				expect(view.$('.linkPass .required-indicator').length).toEqual(0);
-			});
 		});
 	});
 
@@ -248,6 +238,7 @@ describe('OC.Share.ShareDialogLinkShareView', function() {
 		var sendMailStub;
 		var sendMailDeferred;
 		var isMailEnabledStub;
+		var isPublicUploadEnabledStub;
 
 		beforeEach(function() {
 			saveStub = sinon.stub(OC.Share.ShareModel.prototype, 'save');
@@ -261,6 +252,9 @@ describe('OC.Share.ShareDialogLinkShareView', function() {
 			sendMailStub.restore();
 			isMailEnabledStub.restore();
 			sendMailDeferred = null;
+			if (isPublicUploadEnabledStub) {
+				isPublicUploadEnabledStub.restore();
+			}
 		});
 
 		it('reads values from the fields and saves', function() {
@@ -271,7 +265,7 @@ describe('OC.Share.ShareDialogLinkShareView', function() {
 				name: 'first link',
 				expireDate: '',
 				password: 'newpassword',
-				permissions: OC.PERMISSION_READ.toString(),
+				permissions: OC.PERMISSION_READ,
 				shareType: OC.Share.SHARE_TYPE_LINK
 			});
 		});
@@ -284,7 +278,7 @@ describe('OC.Share.ShareDialogLinkShareView', function() {
 			expect(saveStub.getCall(0).args[0]).toEqual({
 				name: 'first link',
 				expireDate: '',
-				permissions: OC.PERMISSION_READ.toString(),
+				permissions: OC.PERMISSION_READ,
 				shareType: OC.Share.SHARE_TYPE_LINK
 			});
 		});
@@ -352,8 +346,35 @@ describe('OC.Share.ShareDialogLinkShareView', function() {
 			expect(view.$('.error-message-global').hasClass('hidden')).toEqual(false);
 			expect(view.$('.error-message-global').text()).toEqual('Some error');
 		});
-		it('displays inline error when password enforced but missing', function() {
-			configModel.set('enforcePasswordForPublicLink', true);
+		it('displays inline error when password enforced for read-only but missing', function() {
+			isPublicUploadEnabledStub = sinon.stub(configModel, 'isPublicUploadEnabled').returns(true);
+			configModel.set('enforceLinkPasswordReadOnly', true);
+			view.render();
+			view.$('#sharingDialogAllowPublicRead-' + view.cid).prop('checked', true)
+			var handler = sinon.stub();
+			view.on('saved', handler);
+			view._save();
+			expect(handler.notCalled).toEqual(true);
+
+			expect(view.$('.linkPassText').next('.error-message').hasClass('hidden')).toEqual(false);
+		});
+		it('displays inline error when password enforced for read & write but missing', function() {
+			isPublicUploadEnabledStub = sinon.stub(configModel, 'isPublicUploadEnabled').returns(true);
+			configModel.set('enforceLinkPasswordReadWrite', true);
+			view.render();
+			view.$('#sharingDialogAllowPublicReadWrite-' + view.cid).prop('checked', true)
+			var handler = sinon.stub();
+			view.on('saved', handler);
+			view._save();
+			expect(handler.notCalled).toEqual(true);
+
+			expect(view.$('.linkPassText').next('.error-message').hasClass('hidden')).toEqual(false);
+		});
+		it('displays inline error when password enforced for write-only but missing', function() {
+			isPublicUploadEnabledStub = sinon.stub(configModel, 'isPublicUploadEnabled').returns(true);
+			configModel.set('enforceLinkPasswordWriteOnly', true);
+			view.render();
+			view.$('#sharingDialogAllowPublicUpload-' + view.cid).prop('checked', true)
 			var handler = sinon.stub();
 			view.on('saved', handler);
 			view._save();
@@ -367,8 +388,8 @@ describe('OC.Share.ShareDialogLinkShareView', function() {
 			beforeEach(function() {
 				publicUploadConfigStub = sinon.stub(configModel, 'isPublicUploadEnabled');
 			});
-			afterEach(function() { 
-				publicUploadConfigStub.restore(); 
+			afterEach(function() {
+				publicUploadConfigStub.restore();
 			});
 
 			var dataProvider = [
@@ -379,7 +400,7 @@ describe('OC.Share.ShareDialogLinkShareView', function() {
 			];
 
 			function testPermissions(globalEnabled, expectedPerms) {
-				expectedPerms = expectedPerms.toString();
+				expectedPerms = expectedPerms;
 				it('sets permissions to ' + expectedPerms +
 					' if global enabled is ' + globalEnabled +
 					' and corresponding radiobutton is checked', function() {

diff --git a/core/js/tests/specs/sharedialogshareelistview.js b/core/js/tests/specs/sharedialogshareelistview.js
@@ -32,7 +32,6 @@ describe('OC.Share.ShareDialogShareeListView', function () {
 	beforeEach(function () {
 		/* jshint camelcase:false */
 		oldAppConfig = _.extend({}, oc_appconfig.core);
-		oc_appconfig.core.enforcePasswordForPublicLink = false;
 
 		$('#testArea').append('<input id="mailNotificationEnabled" name="mailNotificationEnabled" type="hidden" value="yes">');
 
@@ -59,9 +58,7 @@ describe('OC.Share.ShareDialogShareeListView', function () {
 		});
 
 		configModel = new OC.Share.ShareConfigModel({
-			enforcePasswordForPublicLink: false,
 			isResharingAllowed: true,
-			enforcePasswordForPublicLink: false,
 			isDefaultExpireDateEnabled: false,
 			isDefaultExpireDateEnforced: false,
 			defaultExpireDate: 7

diff --git a/core/js/tests/specs/sharedialogviewSpec.js b/core/js/tests/specs/sharedialogviewSpec.js
@@ -44,7 +44,6 @@ describe('OC.Share.ShareDialogView', function() {
 		$container = $('#shareContainer');
 		/* jshint camelcase:false */
 		oldAppConfig = _.extend({}, oc_appconfig.core);
-		oc_appconfig.core.enforcePasswordForPublicLink = false;
 
 		fetchStub = sinon.stub(OC.Share.ShareItemModel.prototype, 'fetch');
 
@@ -65,9 +64,7 @@ describe('OC.Share.ShareDialogView', function() {
 			permissions: 31
 		};
 		configModel = new OC.Share.ShareConfigModel({
-			enforcePasswordForPublicLink: false,
 			isResharingAllowed: true,
-			enforcePasswordForPublicLink: false,
 			isDefaultExpireDateEnabled: false,
 			isDefaultExpireDateEnforced: false,
 			defaultExpireDate: 7