From 565180dd108c84093cee5a470ad10dcd2e0becbb Mon Sep 17 00:00:00 2001 From: Lukas Schaefer Date: Mon, 16 Mar 2026 12:09:54 -0400 Subject: [PATCH] Improve testing Signed-off-by: Lukas Schaefer --- lib/Service/ApprovalService.php | 4 +++ lib/Service/UtilsService.php | 17 ++++++++++ tests/unit/Service/ApprovalServiceTest.php | 39 ++++++++++++++++++++++ 3 files changed, 60 insertions(+) diff --git a/lib/Service/ApprovalService.php b/lib/Service/ApprovalService.php index cea01787..6db819a0 100644 --- a/lib/Service/ApprovalService.php +++ b/lib/Service/ApprovalService.php @@ -426,6 +426,10 @@ public function request(int $fileId, int $ruleId, ?string $userId, bool $createS return ['error' => $this->l10n->t('You do not have access to this file')]; } + if ($createShares && !$this->utilsService->userCanShareFile($fileId, $userId)) { + return ['error' => $this->l10n->t('You can not share this file')]; + } + $rule = $this->ruleService->getRule($ruleId); if (is_null($rule)) { return ['error' => $this->l10n->t('Rule does not exist')]; diff --git a/lib/Service/UtilsService.php b/lib/Service/UtilsService.php index 0d97f709..18766340 100644 --- a/lib/Service/UtilsService.php +++ b/lib/Service/UtilsService.php @@ -170,6 +170,23 @@ public function userHasAccessTo(int $fileId, ?string $userId): bool { return false; } + /** + * Check if user can share a given file + * + * @param int $fileId + * @param string|null $userId + * @return bool + */ + public function userCanShareFile(int $fileId, ?string $userId): bool { + $user = $this->userManager->get($userId); + if ($user instanceof IUser) { + $userFolder = $this->root->getUserFolder($userId); + $node = $userFolder->getById($fileId); + return sizeof($node) > 0 && $node[0]->isShareable(); + } + return false; + } + /** * @param string $name of the new tag * @return array diff --git a/tests/unit/Service/ApprovalServiceTest.php b/tests/unit/Service/ApprovalServiceTest.php index 44d220c1..4ce2b2f3 100644 --- a/tests/unit/Service/ApprovalServiceTest.php +++ b/tests/unit/Service/ApprovalServiceTest.php @@ -39,6 +39,8 @@ use OCP\Security\ICrypto; use OCP\Share\IManager as IShareManager; +use OCP\Share\IShare; + use OCP\SystemTag\ISystemTagManager; use OCP\SystemTag\ISystemTagObjectMapper; @@ -429,4 +431,41 @@ public function testApproval() { $stateForUser1 = $this->approvalService->getApprovalState($fileToReject->getId(), 'user1'); $this->assertEquals(Application::STATE_REJECTED, $stateForUser1['state']); } + + public function testRequestWithCreateSharesWhenUserCannotShareReturnsError(): void { + // Share a file from user1 to user2 with read-only (no share permission). + // user2 has access but cannot share -> request with createShares true must return error. + $uf1 = $this->root->getUserFolder('user1'); + $file = $uf1->newFile('file_no_share.txt', 'content'); + $shared = $this->utilsService->createShare( + $file, + IShare::TYPE_USER, + 'user2', + 'user1', + 'label' + ); + $this->assertTrue($shared); + + // Add some tags + $r = $this->utilsService->createTag('pending4'); + $idTagPending4 = $r['id']; + $r = $this->utilsService->createTag('approved4'); + $idTagApproved4 = $r['id']; + $r = $this->utilsService->createTag('rejected4'); + $idTagRejected4 = $r['id']; + + $r = $this->ruleService->createRule( + $idTagPending4, $idTagApproved4, $idTagRejected4, + [['entityId' => 'user3', 'type' => 'user']], + [['entityId' => 'user2', 'type' => 'user']], + 'user 2 request, 3 approves', + false + ); + $ruleId = $r['id']; + + $result = $this->approvalService->request($file->getId(), $ruleId, 'user2', true); + $this->assertArrayHasKey('error', $result); + + $this->ruleService->deleteRule($ruleId); + } }