From baac7040d767d8e693cf15ff10e4a73fe533b55e Mon Sep 17 00:00:00 2001 From: provokateurin Date: Tue, 14 Jul 2026 15:01:37 +0200 Subject: [PATCH] fix(files_sharing): Allow access to shares by disabled users if hide_disabled_user_shares is enabled Signed-off-by: provokateurin --- .../files_sharing/lib/Controller/ShareController.php | 12 ------------ lib/private/Share20/Manager.php | 4 ++-- tests/lib/Share20/ManagerTest.php | 2 +- 3 files changed, 3 insertions(+), 15 deletions(-) diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php index bc078cb0b2bde..fbc98d3af8dd7 100644 --- a/apps/files_sharing/lib/Controller/ShareController.php +++ b/apps/files_sharing/lib/Controller/ShareController.php @@ -274,18 +274,6 @@ protected function emitShareAccessEvent(IShare $share, string $step = '', int $e * @return bool */ private function validateShare(IShare $share) { - // If the owner is disabled no access to the link is granted - $owner = $this->userManager->get($share->getShareOwner()); - if ($owner === null || !$owner->isEnabled()) { - return false; - } - - // If the initiator of the share is disabled no access is granted - $initiator = $this->userManager->get($share->getSharedBy()); - if ($initiator === null || !$initiator->isEnabled()) { - return false; - } - return $share->getNode()->isReadable() && $share->getNode()->isShareable(); } diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index dbaa7241ca50c..970f17c0f4079 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -1534,8 +1534,8 @@ private function checkShare(IShare $share, int &$added = 1): void { $added--; throw new ShareNotFound($this->l->t('The requested share does not exist anymore')); } - if ($this->config->getAppValue('files_sharing', 'hide_disabled_user_shares', 'no') === 'yes') { - $uids = array_unique([$share->getShareOwner(),$share->getSharedBy()]); + if ($this->config->getAppValue('files_sharing', 'hide_disabled_user_shares', 'yes') === 'yes') { + $uids = array_unique([$share->getShareOwner(), $share->getSharedBy()]); foreach ($uids as $uid) { $user = $this->userManager->get($uid); if ($user?->isEnabled() === false) { diff --git a/tests/lib/Share20/ManagerTest.php b/tests/lib/Share20/ManagerTest.php index 6a0cdae3b20c1..f0000c89fffdf 100644 --- a/tests/lib/Share20/ManagerTest.php +++ b/tests/lib/Share20/ManagerTest.php @@ -3278,7 +3278,7 @@ public function testGetShareByTokenHideDisabledUser(): void { ->method('getAppValue') ->willReturnMap([ ['core', 'shareapi_allow_links', 'yes', 'yes'], - ['files_sharing', 'hide_disabled_user_shares', 'no', 'yes'], + ['files_sharing', 'hide_disabled_user_shares', 'yes', 'yes'], ]); $this->l->expects($this->once())