Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OCS error message for attempting to access share via share id as an unauthorized user is not informative #1233

Closed
Talank opened this issue Jul 15, 2020 · 1 comment
Closed

OCS error message for attempting to access share via share id as an unauthorized user is not informative #1233

Talank opened this issue Jul 15, 2020 · 1 comment
Labels
Type:Bug

Comments

@Talank
Copy link
Contributor

Talank commented Jul 15, 2020

While a user tries to get the info of the share using the share id, the ocs status message is Only GET, POST and PUT are allowed if that user is not allowed to access the share.

Steps to reproduce

  1. Create users: Alice and Brian and Carol
  2. User Alice created and shared file toShareWithBrian.txt with the user "Brian"
  3. As user Carol, send a HTTP GET request to the OCS API endpoint /ocs/v2.php/apps/files_sharing/api/v1/shares/<LAST_SHARE_ID>

Expected behavior

The response should be something like that in OC10 in which the ocs status code is 404

Actual behavior (In OCIS)

As user Carol, when HTTP GET request is sent for /ocs/v2.php/apps/files_sharing/api/v1/shares/501b093e-39b9-431c-9234-c343ae215903 where 501b093e-39b9-431c-9234-c343ae215903 is the share id for the share of file toShareWithBrian.txt, I get the following response

<?xml version="1.0" encoding="UTF-8"?>
<ocs>
   <meta>
      <status>error</status>
      <statuscode>400</statuscode>
      <message>Only GET, POST and PUT are allowed</message>
   </meta>
</ocs>

In OC10

<?xml version="1.0"?>
<ocs>
 <meta>
  <status>failure</status>
  <statuscode>404</statuscode>
  <message>Wrong share ID, share doesn't exist</message>
  <totalitems></totalitems>
  <itemsperpage></itemsperpage>
 </meta>
 <data/>
</ocs>
@butonic butonic transferred this issue from owncloud/ocis-reva Jan 18, 2021
@refs refs added Category:Technical Technical ehancements Type:Bug Category:Feature-Parity and removed Category:Technical Technical ehancements labels Jan 18, 2021
@settings settings bot removed the p3-medium label Apr 7, 2021
This was referenced Feb 20, 2024
Merged
Merged
@saw-jan
Copy link
Member

saw-jan commented Feb 21, 2024

Fixed by cs3org/reva#4529 and #8412

@saw-jan saw-jan closed this as completed Feb 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type:Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@refs @Talank @saw-jan