Skip to content

fix: only write activites for actual public uploads #2431

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
miaulalala wants to merge 2 commits into
base: master
Choose a base branch
from
Open

fix: only write activites for actual public uploads #2431

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f297929
fix: only write activites for actualy public uploads
miaulalala Mar 6, 2026
b5ed1f9
chore: update psalm baseline
miaulalala Mar 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions lib/CurrentUser.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,11 +102,31 @@ public function getCloudId() {
return $this->cloudId;
}

/**
* Check if the current request is via a public share link
*/
public function isPublicShareToken(): bool {
/** @psalm-suppress NoInterfaceProperties */
if (!empty($this->request->server['PHP_AUTH_USER'])) {
$token = $this->request->server['PHP_AUTH_USER'];
try {
$share = $this->shareManager->getShareByToken($token);
return $share->getShareType() === IShare::TYPE_LINK
|| $share->getShareType() === IShare::TYPE_EMAIL;
} catch (ShareNotFound $e) {
// No share found for this token
}
}
Comment on lines +110 to +119
Copy link
Collaborator

@artonge artonge Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checking the share based on PHP_AUTH_USER would probably conflict the day a user as the same ID as a share. Share's tokens can be manually set nowadays.

Copy link
Collaborator Author

@miaulalala miaulalala Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hm, since it's for activities only, I think it's still better than what we have currently, which is writing an activity on any file action


return false;
}

/**
* Get the cloud ID from the sharing token
* @return string|null
*/
protected function getCloudIDFromToken() {
/** @psalm-suppress NoInterfaceProperties */
if (!empty($this->request->server['PHP_AUTH_USER'])) {
$token = $this->request->server['PHP_AUTH_USER'];
/**
Expand Down
2 changes: 1 addition & 1 deletion lib/FilesHooks.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ public function fileCreate($path) {
return;
}

if ($this->currentUser->getUserIdentifier() !== '') {
if ($this->currentUser->getUserIdentifier() !== '' || !$this->currentUser->isPublicShareToken()) {
$this->addNotificationsForFileAction($path, Files::TYPE_SHARE_CREATED, 'created_self', 'created_by');
} else {
$this->addNotificationsForFileAction($path, Files_Sharing::TYPE_PUBLIC_UPLOAD, '', 'created_public');
Expand Down
38 changes: 32 additions & 6 deletions tests/FilesHooksTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -167,16 +167,42 @@ protected function getUserMock(string $uid): IUser {

public static function dataFileCreate(): array {
return [
['user', 'created_self', 'created_by', Files::TYPE_SHARE_CREATED],
['', '', 'created_public', Files_Sharing::TYPE_PUBLIC_UPLOAD],
['user', false, 'created_self', 'created_by', Files::TYPE_SHARE_CREATED],
['', true, '', 'created_public', Files_Sharing::TYPE_PUBLIC_UPLOAD],
['', false, 'created_self', 'created_by', Files::TYPE_SHARE_CREATED],
];
}

#[DataProvider('dataFileCreate')]
public function testFileCreate(string $currentUser, string $selfSubject, string $othersSubject, string $type): void {
$filesHooks = $this->getFilesHooks([
'addNotificationsForFileAction',
], $currentUser);
public function testFileCreate(string $currentUser, bool $isPublicShare, string $selfSubject, string $othersSubject, string $type): void {
$currentUserMock = $this->createMock(CurrentUser::class);
$currentUserMock->method('getUID')->willReturn($currentUser);
$currentUserMock->method('getUserIdentifier')->willReturn($currentUser);
$currentUserMock->method('isPublicShareToken')->willReturn($isPublicShare);

$logger = $this->createMock(LoggerInterface::class);

$filesHooks = $this->getMockBuilder(FilesHooks::class)
->setConstructorArgs([
$this->activityManager,
$this->data,
$this->settings,
$this->groupManager,
$this->view,
$this->rootFolder,
$this->shareHelper,
Server::get(IDBConnection::class),
$this->urlGenerator,
$logger,
$currentUserMock,
$this->userMountCache,
$this->config,
$this->notificationGenerator,
$this->tagManager,
$this->teamManager,
])
->onlyMethods(['addNotificationsForFileAction'])
->getMock();

$filesHooks->expects($this->once())
->method('addNotificationsForFileAction')
Expand Down
7 changes: 1 addition & 6 deletions tests/psalm-baseline.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<files psalm-version="6.12.1@e71404b0465be25cf7f8a631b298c01c5ddd864f">
<files psalm-version="6.15.1@28dc127af1b5aecd52314f6f645bafc10d0e11f9">
<file src="lib/BackgroundJob/RemoteActivity.php">
<UndefinedClass>
<code><![CDATA[ClientException]]></code>
</UndefinedClass>
</file>
<file src="lib/CurrentUser.php">
<NoInterfaceProperties>
<code><![CDATA[$this->request->server]]></code>
</NoInterfaceProperties>
</file>
<file src="lib/Data.php">
<UndefinedDocblockClass>
<code><![CDATA[$favoriteFilter->filterFavorites($query);]]></code>
Expand Down
Loading