From 990ed1b1815d80c03cefd12c2b25e27ff2616c55 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= <jfd@butonic.de>
Date: Mon, 8 Feb 2021 15:39:58 +0100
Subject: [PATCH] Fix public link webdav permissions (#1461)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
---
 .../unreleased/fix-public-link-permissions.md     |  5 +++++
 internal/http/services/owncloud/ocdav/propfind.go | 15 ++++-----------
 2 files changed, 9 insertions(+), 11 deletions(-)
 create mode 100644 changelog/unreleased/fix-public-link-permissions.md

diff --git a/changelog/unreleased/fix-public-link-permissions.md b/changelog/unreleased/fix-public-link-permissions.md
new file mode 100644
index 0000000000..32cd404828
--- /dev/null
+++ b/changelog/unreleased/fix-public-link-permissions.md
@@ -0,0 +1,5 @@
+Bugfix: Fix public link webdav permissions 
+
+We now correctly render `oc:permissions` on the root collection of a publicly shared folder when it has more than read permissions.
+
+https://github.com/cs3org/reva/pull/1461
diff --git a/internal/http/services/owncloud/ocdav/propfind.go b/internal/http/services/owncloud/ocdav/propfind.go
index 39dec0ff39..cfc9f3293d 100644
--- a/internal/http/services/owncloud/ocdav/propfind.go
+++ b/internal/http/services/owncloud/ocdav/propfind.go
@@ -346,16 +346,13 @@ func (s *svc) mdToPropResponse(ctx context.Context, pf *propfindXML, md *provide
 
 	isShared := !isCurrentUserOwner(ctx, md.Owner)
 	var wdp string
-	switch {
-	case ls != nil:
-		// link share only appears on root collection
-		wdp = ""
-	case md.PermissionSet != nil:
+	isPublic := ls != nil
+	if md.PermissionSet != nil {
 		wdp = role.WebDAVPermissions(
 			md.Type == provider.ResourceType_RESOURCE_TYPE_CONTAINER,
 			isShared,
 			false,
-			false,
+			isPublic,
 		)
 		sublog.Debug().Interface("role", role).Str("dav-permissions", wdp).Msg("converted PermissionSet")
 	}
@@ -490,11 +487,7 @@ func (s *svc) mdToPropResponse(ctx context.Context, pf *propfindXML, md *provide
 					// R = Shareable (Reshare)
 					// M = Mounted
 					// in contrast, the ocs:share-permissions further down below indicate clients the maximum permissions that can be granted
-					if md.PermissionSet != nil {
-						propstatOK.Prop = append(propstatOK.Prop, s.newProp("oc:permissions", wdp))
-					} else {
-						propstatNotFound.Prop = append(propstatNotFound.Prop, s.newProp("oc:permissions", ""))
-					}
+					propstatOK.Prop = append(propstatOK.Prop, s.newProp("oc:permissions", wdp))
 				case "public-link-permission": // only on a share root node
 					if ls != nil && md.PermissionSet != nil {
 						propstatOK.Prop = append(