From fe783719cbc6b82651c378a984deb9a79206553a Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Mon, 6 Nov 2017 14:52:12 +0100 Subject: [PATCH] deny sharing owner rights (chmod, chgrp, set eACL) and disable eACL tab --- api/src/Vfs.php | 4 +++- filemanager/inc/class.filemanager_ui.inc.php | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/api/src/Vfs.php b/api/src/Vfs.php index 4fc1c7b9dd..0b68cb77ec 100644 --- a/api/src/Vfs.php +++ b/api/src/Vfs.php @@ -1368,7 +1368,9 @@ class Vfs $vfs = new Vfs\StreamWrapper(); $stat = $vfs->url_stat($path,0); } - return $stat['uid'] == self::$user || // user is the owner + return $stat['uid'] == self::$user && // (current) user is the owner + // in sharing current user != self::$user and should NOT have owner rights + $GLOBALS['egw_info']['user']['account_id'] == self::$user || self::$is_root || // class runs with root rights !$stat['uid'] && $stat['gid'] && self::$is_admin; // group directory and user is an eGW admin } diff --git a/filemanager/inc/class.filemanager_ui.inc.php b/filemanager/inc/class.filemanager_ui.inc.php index b709cb61b6..fb933fffc0 100644 --- a/filemanager/inc/class.filemanager_ui.inc.php +++ b/filemanager/inc/class.filemanager_ui.inc.php @@ -1272,7 +1272,8 @@ class filemanager_ui 5 => lang('Display of content'), 0 => lang('No access'), ); - if(($content['eacl'] = Vfs::get_eacl($content['path'])) !== false) // backend supports eacl + if(($content['eacl'] = Vfs::get_eacl($content['path'])) !== false && // backend supports eacl + $GLOBALS['egw_info']['user']['account_id'] == Vfs::$user) // leave eACL tab disabled for sharing { unset($readonlys['tabs']['filemanager.file.eacl']); // --> switch the tab on again foreach($content['eacl'] as &$eacl)