Improve testing

lib/Service/ApprovalService.php

@@ -451,6 +451,10 @@ public function request(int $fileId, int $ruleId, ?string $userId, bool $createS
 			return ['error' => $this->l10n->t('You do not have access to this file')];
 		}
 
+		if ($createShares && !$this->utilsService->userCanShareFile($fileId, $userId)) {
+			return ['error' => $this->l10n->t('You can not share this file')];
+		}
+
 		$rule = $this->ruleService->getRule($ruleId);
 		if (is_null($rule)) {
 			return ['error' => $this->l10n->t('Rule does not exist')];

lib/Service/UtilsService.php

@@ -134,6 +134,23 @@ public function userHasAccessTo(int $fileId, ?string $userId): bool {
 		return false;
 	}
 
+	/**
+	 * Check if user can share a given file
+	 *
+	 * @param int $fileId
+	 * @param string|null $userId
+	 * @return bool
+	 */
+	public function userCanShareFile(int $fileId, ?string $userId): bool {
+		$user = $this->userManager->get($userId);
+		if ($user instanceof IUser) {
+			$userFolder = $this->root->getUserFolder($userId);
+			$node = $userFolder->getFirstNodeById($fileId);
+			return $node !== null && $node->isShareable();
+		}
+		return false;
+	}
+
 	/**
 	 * @param string $name of the new tag
 	 * @return array

tests/unit/Service/ApprovalServiceTest.php

@@ -23,6 +23,8 @@
 
 use OCP\Share\IManager as IShareManager;
 
+use OCP\Share\IShare;
+
 use OCP\SystemTag\ISystemTagManager;
 use OCP\SystemTag\ISystemTagObjectMapper;
 
@@ -384,4 +386,41 @@ public function testApproval() {
 		$stateForUser1 = $this->approvalService->getApprovalState($fileToReject->getId(), 'user1');
 		$this->assertEquals(Application::STATE_REJECTED, $stateForUser1['state']);
 	}
+
+	public function testRequestWithCreateSharesWhenUserCannotShareReturnsError(): void {
+		// Share a file from user1 to user2 with read-only (no share permission).
+		// user2 has access but cannot share -> request with createShares true must return error.
+		$uf1 = $this->root->getUserFolder('user1');
+		$file = $uf1->newFile('file_no_share.txt', 'content');
+		$shared = $this->utilsService->createShare(
+			$file,
+			IShare::TYPE_USER,
+			'user2',
+			'user1',
+			'label'
+		);
+		$this->assertTrue($shared);
+
+		// Add some tags
+		$r = $this->utilsService->createTag('pending4');
+		$idTagPending4 = $r['id'];
+		$r = $this->utilsService->createTag('approved4');
+		$idTagApproved4 = $r['id'];
+		$r = $this->utilsService->createTag('rejected4');
+		$idTagRejected4 = $r['id'];
+
+		$r = $this->ruleService->createRule(
+			$idTagPending4, $idTagApproved4, $idTagRejected4,
+			[['entityId' => 'user3', 'type' => 'user']],
+			[['entityId' => 'user2', 'type' => 'user']],
+			'user 2 request, 3 approves',
+			false
+		);
+		$ruleId = $r['id'];
+
+		$result = $this->approvalService->request($file->getId(), $ruleId, 'user2', true);
+		$this->assertArrayHasKey('error', $result);
+
+		$this->ruleService->deleteRule($ruleId);
+	}
 }