Skip to content

Commit

Permalink
[Patch] Using link owner uid and gid for link access
Browse files Browse the repository at this point in the history
  • Loading branch information
@NadirRoGue
NadirRoGue committed Jun 1, 2016
1 parent 3a61596 commit 0a54ff8
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions lib/private/files/objectstore/eosutil.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,11 +210,11 @@ private static function isSharedLinkGuest()
$token = $split[2];
}

$result = \OC_DB::prepare('SELECT token FROM oc_share WHERE token = ? LIMIT 1')->execute([$token])->fetchAll();
$result = \OC_DB::prepare('SELECT uid_owner FROM oc_share WHERE token = ? LIMIT 1')->execute([$token])->fetchAll();

if($result && count($result) > 0)
{
return true;
return self::getUidAndGid($result[0]['uid_owner']);
}

return false;
Expand All @@ -223,7 +223,7 @@ private static function isSharedLinkGuest()
// it return the id and gid of a normal user or false in other case, including the id is 0 (root) to avoid security leaks
public static function getUidAndGid($username) { // VERIFIED

if(self::$internalScript || self::isSharedLinkGuest())
if(self::$internalScript || (!$username && self::isSharedLinkGuest()))
{
return [0,0];
}
Expand Down

0 comments on commit 0a54ff8

Please sign in to comment.