shares: add permission to deny sharing without password

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2025-12-07 23:00:55 +03:00 · 2022-02-19 13:31:58 +01:00
parent c6b8644828
commit c19b03a3f7
8 changed files with 177 additions and 18 deletions
--- a/dataprovider/share.go
+++ b/dataprovider/share.go
@@ -255,12 +255,15 @@ func (s *Share) validate() error {
 	return nil
 }

-// CheckPassword verifies the share password if set
-func (s *Share) CheckPassword(password string) (bool, error) {
+// CheckCredentials verifies the share credentials if a password if set
+func (s *Share) CheckCredentials(username, password string) (bool, error) {
 	if s.Password == "" {
 		return true, nil
 	}
-	if password == "" {
+	if username == "" || password == "" {
+		return false, ErrInvalidCredentials
+	}
+	if username != s.Username {
 		return false, ErrInvalidCredentials
 	}
 	if strings.HasPrefix(s.Password, bcryptPwdPrefix) {