From 6d5549ce8d7b62323683b2e1a5d719e10e0d70f5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Fri, 22 Dec 2023 09:35:23 +0100
Subject: [PATCH] fix: Consider owner group membership for public share links
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 lib/TokenManager.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/TokenManager.php b/lib/TokenManager.php
index c58e846786..b1128953c2 100644
--- a/lib/TokenManager.php
+++ b/lib/TokenManager.php
@@ -105,11 +105,11 @@ public function generateWopiToken(string $fileId, ?string $shareToken = null, ?s
 				throw new ShareNotFound();
 			}
 
+			$owneruid = $share->getShareOwner();
 			$updatable = (bool)($share->getPermissions() & \OCP\Constants::PERMISSION_UPDATE);
+			$updatable = $updatable && $this->permissionManager->userCanEdit($owneruid);
 			$hideDownload = $share->getHideDownload();
-			$owneruid = $share->getShareOwner();
 			$rootFolder = $this->rootFolder->getUserFolder($owneruid);
-
 		} elseif ($this->userId !== null) {
 			try {
 				$editoruid = $this->userId;