diff --git a/api/src/Vfs/Sharing.php b/api/src/Vfs/Sharing.php index 73f3a7d906..a835ec6574 100644 --- a/api/src/Vfs/Sharing.php +++ b/api/src/Vfs/Sharing.php @@ -316,11 +316,29 @@ class Sharing extends \EGroupware\Api\Sharing $path = 'vfs://default'.($path[0] == '/' ? '' : '/').$path; } - // We don't allow sharing links, share target instead + // We don't allow sharing paths that contain links, resolve to target instead if(($target = Vfs::readlink($path))) { $path = $target; } + $check = $path; + do + { + if(($delinked = Vfs::readlink($check))) + { + if($delinked[strlen($delinked)-1] == '/') $check .='/'; + $path = str_replace($check, $delinked, $path); + if(parse_url($path, PHP_URL_SCHEME) !== 'vfs') + { + $path = 'vfs://default'.($path[0] == '/' ? '' : '/').$path; + } + $check = $path; + } + else + { + $check = Vfs::dirname($check); + } + } while ($check && $check != '/'); if (($exists = ($stat = Vfs::stat($path)) && Vfs::check_access($path, Vfs::READABLE, $stat))) { diff --git a/api/tests/Vfs/SharingTest.php b/api/tests/Vfs/SharingTest.php index 7f024aa05a..865e7565b0 100644 --- a/api/tests/Vfs/SharingTest.php +++ b/api/tests/Vfs/SharingTest.php @@ -262,6 +262,28 @@ class SharingTest extends SharingBase $this->assertEquals($file, $created_share['share_path']); } + public function testShareFileInsideSymlinkDirectory() + { + $target = Vfs::get_home_dir(); + + $this->files = $this->addFiles($target); + $target_file = $target.'/sub_dir/'.'subdir_test_file.txt'; + + // Make symlink + $this->files[] = $symlink = $target.'/symlinked_dir/'; + $file = $symlink.'subdir_test_file.txt'; + if(Vfs::file_exists($symlink)) Vfs::remove($symlink); + $this->assertTrue( + Vfs::symlink($target.'/sub_dir/', $symlink), + "Unable to create symlink $symlink => $target/sub_dir/" + ); + + // Create share + $this->shares[] = $created_share = Sharing::create('', $file, Sharing::READONLY, '', ''); + + $this->assertEquals(Vfs::PREFIX . $target_file, $created_share['share_path']); + } + /** * Test that a share of a single file gives the file (uses WebDAV) */