Merge pull request #3758 from micbar/fix-public-pw

check for password during update public link

changelog/unreleased/fix-public-pw.md

@@ -0,0 +1,5 @@
+Bugfix: Fix public links with enforced password
+
+Fix the public link update operation in the case that a password is enforced.
+
+https://github.com/cs3org/reva/pull/3758

internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/public.go

@@ -389,6 +389,7 @@ func (h *Handler) updatePublicShare(w http.ResponseWriter, r *http.Request, shar
 				Type: link.UpdatePublicShareRequest_Update_TYPE_PERMISSIONS,
 				Grant: &link.Grant{
 					Permissions: publicSharePermissions,
+					Password:    r.FormValue("password"),
 				},
 			})
 		}

pkg/publicshare/manager/json/json.go

@@ -343,10 +343,22 @@ func (m *manager) UpdatePublicShare(ctx context.Context, u *user.User, req *link
 		old, _ := json.Marshal(share.Permissions)
 		new, _ := json.Marshal(req.Update.GetGrant().Permissions)
 
-		if m.writeableShareMustHavePassword && publicshare.IsWriteable(req.GetUpdate().GetGrant().GetPermissions()) && !share.PasswordProtected {
+		if m.writeableShareMustHavePassword &&
+			publicshare.IsWriteable(req.GetUpdate().GetGrant().GetPermissions()) &&
+			(!share.PasswordProtected && req.GetUpdate().GetGrant().GetPassword() == "") {
 			return nil, publicshare.ErrShareNeedsPassword
 		}
 
+		if req.GetUpdate().GetGrant().GetPassword() != "" {
+			passwordChanged = true
+			h, err := bcrypt.GenerateFromPassword([]byte(req.Update.GetGrant().Password), m.passwordHashCost)
+			if err != nil {
+				return nil, errors.Wrap(err, "could not hash share password")
+			}
+			newPasswordEncoded = string(h)
+			share.PasswordProtected = true
+		}
+
 		log.Debug().Str("json", "update grants").Msgf("from: `%v`\nto\n`%v`", old, new)
 		share.Permissions = req.Update.GetGrant().GetPermissions()
 	case link.UpdatePublicShareRequest_Update_TYPE_EXPIRATION: