From 924baded11366161f2d12f571c5e93ff1733690c Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Thu, 2 Oct 2025 10:39:34 +0200 Subject: [PATCH] fix(SecureView): node cannot be found when within groupfolder Signed-off-by: Arthur Schiwon --- lib/PermissionManager.php | 17 ++++++++++++----- lib/Storage/SecureViewWrapper.php | 22 ++++++++++++++-------- 2 files changed, 26 insertions(+), 13 deletions(-) diff --git a/lib/PermissionManager.php b/lib/PermissionManager.php index 5e081c414..e7806a867 100644 --- a/lib/PermissionManager.php +++ b/lib/PermissionManager.php @@ -9,6 +9,7 @@ declare(strict_types=1); namespace OCA\Richdocuments; use OCP\Constants; +use OCP\Files\Cache\ICacheEntry; use OCP\Files\Node; use OCP\IConfig; use OCP\IGroupManager; @@ -112,18 +113,21 @@ class PermissionManager { return false; } - public function shouldWatermark(Node $node, ?string $userId = null, ?IShare $share = null): bool { + public function shouldWatermark(Node|ICacheEntry $nodeOrCacheEntry, ?string $userId = null, ?IShare $share = null, ?string $ownerId = null): bool { if ($this->config->getAppValue(AppConfig::WATERMARK_APP_NAMESPACE, 'watermark_enabled', 'no') === 'no') { return false; } - if (!in_array($node->getMimetype(), $this->appConfig->getMimeTypes(), true)) { + if (!in_array($nodeOrCacheEntry->getMimetype(), $this->appConfig->getMimeTypes(), true)) { return false; } - $fileId = $node->getId(); + $fileId = $nodeOrCacheEntry->getId(); - $isUpdatable = $node->isUpdateable() && (!$share || $share->getPermissions() & Constants::PERMISSION_UPDATE); + $isUpdatable = $nodeOrCacheEntry instanceof Node + ? $nodeOrCacheEntry->isUpdateable() + : $nodeOrCacheEntry->getPermissions() & Constants::PERMISSION_UPDATE; + $isUpdatable = $isUpdatable && (!$share || $share->getPermissions() & Constants::PERMISSION_UPDATE); $hasShareAttributes = $share && method_exists($share, 'getAttributes') && $share->getAttributes() instanceof IAttributes; $isDisabledDownload = $hasShareAttributes && $share->getAttributes()->getAttribute('permissions', 'download') === false; @@ -153,7 +157,10 @@ class PermissionManager { } if ($this->config->getAppValue(AppConfig::WATERMARK_APP_NAMESPACE, 'watermark_shareAll', 'no') === 'yes') { - if ($userId === null || $node->getOwner()?->getUID() !== $userId) { + if (!$ownerId && $nodeOrCacheEntry instanceof Node) { + $ownerId = $nodeOrCacheEntry->getOwner()?->getUID(); + } + if ($userId === null || $ownerId !== $userId) { return true; } } diff --git a/lib/Storage/SecureViewWrapper.php b/lib/Storage/SecureViewWrapper.php index 7041f24d7..a3ce2c616 100644 --- a/lib/Storage/SecureViewWrapper.php +++ b/lib/Storage/SecureViewWrapper.php @@ -89,19 +89,25 @@ class SecureViewWrapper extends Wrapper { fclose($fp); } - try { - $node = $this->rootFolder->get($this->mountPoint . $path); - } catch (NotFoundException) { - // If the file is just created we may need to check the parent as this is only just about figuring out if it is a share - $node = $this->rootFolder->get(dirname($this->mountPoint . $path)); + $storage = $sourceStorage ?? $this; + $cacheEntry = $storage->getCache()->get($path); + if (!$cacheEntry) { + $parent = dirname($path); + if ($parent === '.') { + $parent = ''; + } + $cacheEntry = $storage->getCache()->get($parent); + if (!$cacheEntry) { + throw new NotFoundException(sprintf('Could not find cache entry for path and parent of %s within storage %s ', $path, $storage->getId())); + } } - $isSharedStorage = $node->getStorage()->instanceOfStorage(ISharedStorage::class); + $isSharedStorage = $storage->instanceOfStorage(ISharedStorage::class); - $share = $isSharedStorage ? $node->getStorage()->getShare() : null; + $share = $isSharedStorage ? $storage->getShare() : null; $userId = $this->userSession->getUser()?->getUID(); - return $this->permissionManager->shouldWatermark($node, $userId, $share); + return $this->permissionManager->shouldWatermark($cacheEntry, $userId, $share, $storage->getOwner($path) ?: null); }