From 2709e271f7f04b1ea6b50f3c85c76457e13a5019 Mon Sep 17 00:00:00 2001 From: Sujith H Date: Tue, 20 Jun 2017 19:09:29 +0530 Subject: [PATCH] Proper message shown when private links accessed When user tries to access private links which are not accessible, then proper message is delivered instead of Internal server error message. So is the case when user is logged in and tries to access private links not accessible. Signed-off-by: Sujith H --- apps/files/lib/Controller/ViewController.php | 15 ++++++++++++--- .../tests/Controller/ViewControllerTest.php | 7 ++++++- core/Controller/LoginController.php | 15 +++++++++++++++ core/templates/login.php | 5 +++++ tests/Core/Controller/LoginControllerTest.php | 17 +++++++++++++++++ 5 files changed, 55 insertions(+), 4 deletions(-) diff --git a/apps/files/lib/Controller/ViewController.php b/apps/files/lib/Controller/ViewController.php index b13f8e97e24d..d4ecedf0cb73 100644 --- a/apps/files/lib/Controller/ViewController.php +++ b/apps/files/lib/Controller/ViewController.php @@ -281,9 +281,12 @@ public function showFile($fileId) { $params = []; if (empty($files) && $this->appManager->isEnabledForUser('files_trashbin')) { - $baseFolder = $this->rootFolder->get($uid . '/files_trashbin/files/'); - $files = $baseFolder->getById($fileId); - $params['view'] = 'trashbin'; + // Access files_trashbin if it exists + if ( $this->rootFolder->nodeExists($uid . '/files_trashbin/files/')) { + $baseFolder = $this->rootFolder->get($uid . '/files_trashbin/files/'); + $files = $baseFolder->getById($fileId); + $params['view'] = 'trashbin'; + } } if (!empty($files)) { @@ -299,6 +302,12 @@ public function showFile($fileId) { } return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index', $params)); } + + if ( $this->userSession->isLoggedIn() and empty($files)) { + $param["error"] = $this->l10n->t("You don't have permissions to access this file/folder - Please contact the owner to share it with you."); + return new TemplateResponse("core", 'error', ["errors" => [$param]], 'guest'); + } + throw new \OCP\Files\NotFoundException(); } } diff --git a/apps/files/tests/Controller/ViewControllerTest.php b/apps/files/tests/Controller/ViewControllerTest.php index c56e82f1ef48..60b696fb0815 100644 --- a/apps/files/tests/Controller/ViewControllerTest.php +++ b/apps/files/tests/Controller/ViewControllerTest.php @@ -428,6 +428,10 @@ public function testShowFileRouteWithTrashedFile($useShowFile) { ->with('files_trashbin') ->will($this->returnValue(true)); + $this->rootFolder->expects($this->once()) + ->method('nodeExists') + ->will($this->returnValue(true)); + $parentNode = $this->createMock('\OCP\Files\Folder'); $parentNode->expects($this->once()) ->method('getPath') @@ -440,7 +444,8 @@ public function testShowFileRouteWithTrashedFile($useShowFile) { ->method('get') ->with('testuser1/files/') ->will($this->returnValue($baseFolderFiles)); - $this->rootFolder->expects($this->at(1)) + //The index is pointing to 2, because nodeExists internally calls get method. + $this->rootFolder->expects($this->at(2)) ->method('get') ->with('testuser1/files_trashbin/files/') ->will($this->returnValue($baseFolderTrash)); diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 1d26c002b5b6..8f675b743584 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -166,6 +166,21 @@ public function showLoginForm($user, $redirect_url, $remember_login) { $parameters['user_autofocus'] = true; } + /** + * If redirect_url is not empty and remember_login is null and + * user not logged in and check if the string + * webroot+"/index.php/f/" is in redirect_url then + * user is trying to access files for which he needs to login. + */ + + if ((!empty($redirect_url)) and ($remember_login === null) and + ($this->userSession->isLoggedIn() === false) and + (strpos($this->urlGenerator->getAbsoluteURL(urldecode($redirect_url)), + $this->urlGenerator->getAbsoluteURL('/index.php/f/')) !== false)) { + + $parameters['accessLink'] = true; + } + return new TemplateResponse( $this->appName, 'login', $parameters, 'guest' ); diff --git a/core/templates/login.php b/core/templates/login.php index 262066569c63..77ae7ce0d274 100644 --- a/core/templates/login.php +++ b/core/templates/login.php @@ -66,6 +66,11 @@ t('Wrong password.')); ?>

+ +

+ t("You are trying to access a private link. Please log in first.")) ?> +

+