Merge branch 'feature/advanced-security' of github.com:ONLYOFFICE/AppServer into feature/advanced-security

2022-12-15 13:11:43 +03:00 · 2022-12-15 13:11:43 +03:00 · ebb1e59d64
commit ebb1e59d64
parent 55f8c5f290 5abfaf135f
2 changed files with 3 additions and 19 deletions
--- a/products/ASC.Files/Core/Core/Security/FileSecurity.cs
+++ b/products/ASC.Files/Core/Core/Security/FileSecurity.cs
@ -91,7 +91,6 @@ public class FileSecurity : IFileSecurity
                    FilesSecurityActions.Pin,
                    FilesSecurityActions.EditAccess,
                    FilesSecurityActions.Duplicate,
-                    FilesSecurityActions.ReadAccess
                }
            }
    };
@ -320,11 +319,6 @@ public class FileSecurity : IFileSecurity
        return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.EditHistory);
    }

-    public Task<bool> CanReadAccessAsync<T>(FileEntry<T> entry)
-    {
-        return CanAsync(entry, _authContext.CurrentAccount.ID, FilesSecurityActions.ReadAccess);
-    }
-
    public Task<IEnumerable<Guid>> WhoCanReadAsync<T>(FileEntry<T> entry)
    {
        return WhoCanAsync(entry, FilesSecurityActions.Read);
@ -644,8 +638,7 @@ public class FileSecurity : IFileSecurity
            if (action != FilesSecurityActions.Read)
            {
                if ((action == FilesSecurityActions.Pin ||
-                     action == FilesSecurityActions.EditAccess
-                     || action == FilesSecurityActions.ReadAccess) &&
+                     action == FilesSecurityActions.EditAccess) &&
                    !isRoom)
                {
                    return false;
@ -766,8 +759,7 @@ public class FileSecurity : IFileSecurity
                    action != FilesSecurityActions.Delete &&
                    action != FilesSecurityActions.ReadHistory &&
                    action != FilesSecurityActions.Copy &&
-                    action != FilesSecurityActions.Move &&
-                    action != FilesSecurityActions.ReadAccess
+                    action != FilesSecurityActions.Move
                    )
                {
                    return false;
@ -851,13 +843,6 @@ public class FileSecurity : IFileSecurity
            case FilesSecurityActions.Read:
            case FilesSecurityActions.Pin:
                return e.Access != FileShare.Restrict;
-            case FilesSecurityActions.ReadAccess:
-                if ((e.RootFolderType != FolderType.Archive && e.Access != FileShare.Restrict) ||
-                    e.Access == FileShare.RoomAdmin)
-                {
-                    return true;
-                }
-                break;
            case FilesSecurityActions.Comment:
                if (e.Access == FileShare.Comment ||
                    e.Access == FileShare.Review ||
@ -1632,6 +1617,5 @@ public class FileSecurity : IFileSecurity
        Pin,
        EditAccess,
        Duplicate,
-        ReadAccess,
    }
 }
--- a/products/ASC.Files/Core/Utils/FileSharing.cs
+++ b/products/ASC.Files/Core/Utils/FileSharing.cs
@ -429,7 +429,7 @@ public class FileSharing
            throw new ArgumentNullException(FilesCommonResource.ErrorMassage_BadRequest);
        }

-        if (!await _fileSecurity.CanReadAccessAsync(entry))
+        if (!await _fileSecurity.CanReadAsync(entry))
        {
            _logger.ErrorUserCanTGetSharedInfo(_authContext.CurrentAccount.ID, entry.FileEntryType, entry.Id.ToString());