[Bug]: Copying From A Read-only Share To Own Storage Leaves Files Read-only
Bug Report: Copying from a Read-Only Share to Own Storage Leaves Files Read-Only
Introduction
Nextcloud is a popular cloud storage solution that allows users to share files and folders with others. However, a bug has been discovered that affects the behavior of file permissions when copying files from a read-only shared folder to a user's own storage space. In this article, we will delve into the details of this bug, its symptoms, and the steps to reproduce it.
Bug Description
When a user copies files from a folder that has been shared read-only with a group, to their own storage area, the data permissions remain read-only. This means that the user cannot make the copied data read-write, even though they are the owner of the files. This behavior is unexpected and can cause inconvenience to users who rely on Nextcloud for their file storage needs.
Steps to Reproduce
To reproduce this bug, follow these steps:
- Navigate to a folder that has been shared read-only: Go to the Nextcloud interface and navigate to a folder that has been shared read-only with a group you belong to.
- Select and copy data from the read-only folder: Select the files and folders you want to copy and click on the "Copy" button.
- Navigate to where the copied data resides: Go to the location where the copied data is stored, which should be your own storage space.
- Check the file permissions: Check the file permissions of the copied files and folders. You should find that they are still read-only, even though you are the owner of the files.
Expected Behavior
The expected behavior is that all data copied to a user's own storage space should have full read-write permissions for the user. This means that the user should be able to modify, delete, or share the copied files and folders without any restrictions.
Nextcloud Server Version
The Nextcloud Server version affected by this bug is 31.
Operating System
The operating system used to reproduce this bug is RHEL/CentOS.
PHP Engine Version
The PHP engine version used is PHP 8.3.
Web Server
The web server used is Apache (supported).
Database Engine Version
The database engine version used is PostgreSQL.
Is this Bug Present after an Update or on a Fresh Install?
This bug is present on a fresh Nextcloud Server install.
Are you Using the Nextcloud Server Encryption Module?
No, the Nextcloud Server Encryption module is not being used.
What User-Backends are you Using?
The default user-backend (database) is being used.
Configuration Report
The configuration report is provided below:
{
"system": {
"debug": false,
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"instanceid": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"trusted_domains": [
"***REMOVED SENSITIVE VALUE***",
"***REMOVED SENSITIVE VALUE***"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"logfile": "***REMOVED SENSITIVE VALUE***",
"loglevel": 0,
"log_rotate_size": 0,
"loglevel_dirty_database_queries": 1,
"overwrite.cli.url": "***REMOVED SENSITIVE VALUE***",
"dbtype": "pgsql",
"version": "31.0.2.1",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "***REMOVED SENSITIVE VALUE***",
"dbtableprefix": "oc_",
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"htaccess.RewriteBase": "\/",
"knowledgebaseenabled": false,
"auth.bruteforce.protection.enabled": false,
"skeletondirectory": "",
"updatechecker": false,
"appstoreenabled": false,
"enable_previews": false,
"cron_log": true,
"maintenance": false,
"maintenance_window_start": 1,
"integrity.check.disabled": true,
"mail_sendmailmode": "smtp",
"mail_smtpmode": "sendmail",
"mail_smtpauthtype": "PLAIN",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"sharing.enable_autocomplete": false,
"sharing.minSearchStringLength": 99,
"sharing.maxAutocompleteResults": 0,
"session_lifetime": 31536000,
"session_keepalive": true,
"remember_login_cookie_lifetime": 31536000,
"localstorage.allowsymlinks": true,
"apps_paths": [
{
"path": "***REMOVED SENSITIVE VALUE***",
"url": "\/apps",
"writable": true
}
],
"gs.enabled": false,
"app_install_overwrite": [
"ida"
],
"filelocking.enabled": true,
"memcache.locking": "\\OC\\Memcache\\Redis",
"memcache.local": "\\OC\\Memcache\\Redis",
"memcache.distributed": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 6379
},
"theme": "ida",
"config_is_read_only": true,
"default_language": "en",
"default_locale": "fi_FI",
"default_phone_region": "FI",
"reduce_to_languages": [
"en",
"fi",
"sv"
],
"default_timezone": "UTC",
"knowledgebase.embedded": false,
"enable_avatars": false,
"allow_user_to_change_display_name": false,
"logtimezone": "UTC",
"logdateformat": "Y-m-d\\TH:i:s\\Z"
}
}
List of Activated Apps
The list of activated apps is provided below:
Enabled:
- admin_audit: 1.21.0
- app_api: 5.0.2
- cloud_federation_api: 1.14.0
- dav: 1.33.0
- federatedfilesharing: 1.21.0
- files: 2.3.1
- files_sharing: 1.23.1
- ida: 3
- lookup_server_connector: 1.19.0
- oauth2: 1.19.1
- profile: 1.0.0
- provisioning_api: 1.21.0
- settings: 1.14.0
- theming: 2.6.1
- twofactor_backupcodes: 1.20.0
- viewer: 4.0.0
- workflowengine: 2.13.0
Disabled:
- activity: 4.0.0 (installed 4.0.0)
- bruteforcesettings: 4.0.0 (installed 4.0.0)
- circles: 31.0.0 (installed 31.0.0)
- comments: 1.21.0 (installed 1.21.0)
- contactsinteraction: 1.12.0 (installed 1.12.0)
- dashboard: 7.11.0 (installed 7.11.0)
- encryption: 2.19.0
- federation: 1.21.0 (installed 1.21.0)
- files_downloadlimit: 4.0.0 (installed 4.0.0)
- files_external: 1.23.0
- files_pdfviewer: 4.0.0 (installed 4.0.0)
- files_reminders: 1.4.0 (installed 1.4.0)
- files_trashbin: 1.21.0 (installed 1.21.0)
- files_versions: 1.24.0 (installed 1.24.0)
- firstrunwizard: 4.0.0 (installed 4.0.0)
- logreader: 4.0.0 (installed 4.0.0)
- nextcloud_announcements: 3.0.0 (installed 3.0.0)
- notifications: 4.0.0 (installed 4.0.0)
- password_policy: 3.0.0 (installed 3.0.0)
- photos: 4.0.0-dev.1 (installed 4.0.0-dev.1)
- privacy: 3.0.0 (installed 3.0.0)
- recommendations: 4.0.0 (installed 4.0.0)
- related_resources: 2.0.0 (installed 2.0.0)
- serverinfo: 3.0.0 (installed 3.0.0)
- sharebymail: 1.21.0 (installed 1.21.0)
- support: 3.0.0 (installed 3.0.<br/>
**Q&A: Bug Report - Copying from a Read-Only Share to Own Storage Leaves Files Read-Only**
**Q: What is the bug report about?**
A: The bug report is about a issue where copying files from a read-only shared folder to a user's own storage space leaves the files read-only, even though the user is the owner of the files.
**Q: What are the steps to reproduce this bug?**
A: To reproduce this bug, follow these steps:
1. Navigate to a folder that has been shared read-only with a group you belong to.
2. Select and copy data from that read-only folder to your own space.
3. Navigate to where the copied data resides -- permissions are still read-only and cannot be changed by the user.
**Q: What is the expected behavior?**
A: The expected behavior is that all data copied to a user's own storage space should have full read-write permissions for the user.
**Q: Is this bug present after an update or on a fresh install?**
A: This bug is present on a fresh Nextcloud Server install.
**Q: Are you using the Nextcloud Server Encryption module?**
A: No, the Nextcloud Server Encryption module is not being used.
**Q: What user-backends are you using?**
A: The default user-backend (database) is being used.
**Q: Can you provide the configuration report?**
A: Yes, the configuration report is provided below:
```json
{
"system": {
"debug": false,
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"instanceid": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"trusted_domains": [
"***REMOVED SENSITIVE VALUE***",
"***REMOVED SENSITIVE VALUE***"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"logfile": "***REMOVED SENSITIVE VALUE***",
"loglevel": 0,
"log_rotate_size": 0,
"loglevel_dirty_database_queries": 1,
"overwrite.cli.url": "***REMOVED SENSITIVE VALUE***",
"dbtype": "pgsql",
"version": "31.0.2.1",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "***REMOVED SENSITIVE VALUE***",
"dbtableprefix": "oc_",
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"htaccess.RewriteBase": "\/",
"knowledgebaseenabled": false,
"auth.bruteforce.protection.enabled": false,
"skeletondirectory": "",
"updatechecker": false,
"appstoreenabled": false,
"enable_previews": false,
"cron_log": true,
"maintenance": false,
"maintenance_window_start": 1,
"integrity.check.disabled": true,
"mail_sendmailmode": "smtp",
"mail_smtpmode": "sendmail",
"mail_smtpauthtype": "PLAIN",
"mail_from_address": "***REMOVEDENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"sharing.enable_autocomplete": false,
"sharing.minSearchStringLength": 99,
"sharing.maxAutocompleteResults": 0,
"session_lifetime": 31536000,
"session_keepalive": true,
"remember_login_cookie_lifetime": 31536000,
"localstorage.allowsymlinks": true,
"apps_paths": [
{
"path": "***REMOVED SENSITIVE VALUE***",
"url": "\/apps",
"writable": true
}
],
"gs.enabled": false,
"app_install_overwrite": [
"ida"
],
"filelocking.enabled": true,
"memcache.locking": "\\OC\\Memcache\\Redis",
"memcache.local": "\\OC\\Memcache\\Redis",
"memcache.distributed": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 6379
},
"theme": "ida",
"config_is_read_only": true,
"default_language": "en",
"default_locale": "fi_FI",
"default_phone_region": "FI",
"reduce_to_languages": [
"en",
"fi",
"sv"
],
"default_timezone": "UTC",
"knowledgebase.embedded": false,
"enable_avatars": false,
"allow_user_to_change_display_name": false,
"logtimezone": "UTC",
"logdateformat": "Y-m-d\\TH:i:s\\Z"
}
}
Q: Can you provide the list of activated apps?
A: Yes, the list of activated apps is provided below:
Enabled:
- admin_audit: 1.21.0
- app_api: 5.0.2
- cloud_federation_api: 1.14.0
- dav: 1.33.0
- federatedfilesharing: 1.21.0
- files: 2.3.1
- files_sharing: 1.23.1
- ida: 3
- lookup_server_connector: 1.19.0
- oauth2: 1.19.1
- profile: 1.0.0
- provisioning_api: 1.21.0
- settings: 1.14.0
- theming: 2.6.1
- twofactor_backupcodes: 1.20.0
- viewer: 4.0.0
- workflowengine: 2.13.0
Disabled:
- activity: 4.0.0 (installed 4.0.0)
- bruteforcesettings: 4.0.0 (installed 4.0.0)
- circles: 31.0.0 (installed 31.0.0)
- comments: 1.21.0 (installed 1.21.0)
- contactsinteraction: 1.12.0 (installed 1.12.0)
- dashboard: 7.11.0 (installed 7.11.0)
- encryption: 2.19.0
federation: 1.21.0 (installed 1.21.0)
- files_downloadlimit: 4.0.0 (installed 4.0.0)
- files_external: 1.23.0
- files_pdfviewer: 4.0.0 (installed 4.0.0)
- files_reminders: 1.4.0 (installed 1.4.0)
- files_trashbin: 1.21.0 (installed 1.21.0)
- files_versions: 1.24.0 (installed 1.24.0)
- firstrunwizard: 4.0.0 (installed 4.0.0)
- logreader: 4.0.0 (installed 4.0.0)
- nextcloud_announcements: 3.0.0 (installed 3.0.0)
- notifications: 4.0.0 (installed 4.0.0)
- password_policy: 3.0.0 (installed 3.0.0)
- photos: 4.0.0-dev.1 (installed 4.0.0-dev.1)
- privacy: 3.0.0 (installed 3.0.0)
- recommendations: 4.0.0 (installed 4.0.0)
- related_resources: 2.0.0 (installed 2.0.0)
- serverinfo: 3.0.0 (installed 3.0.0)
- sharebymail: 1.21.0 (installed 1.21.0)
- support: 3.0.0 (installed 3.0.0)
- survey_client: 3.0.0 (installed 3.0.0)
- suspicious_login: 9.0.1
- systemtags: 1.21.1 (installed 1.21.1)
- text: 5.0.0 (installed 5.0.0)
- twofactor_nextcloud_notification: 5.0.0
- twofactor_totp: 13.0.0-dev.0
- updatenotification: 1.21.0 (installed 1.21.0)
- user_ldap: 1.22.0
- user_status: 1.11.0 (installed 1.11.0)
- weather_status: 1.11.0 (installed 1.11.0)
- webhook_listeners: 1.2.0 (installed 1.2.0)
Q: What is the Nextcloud Signing status?
A: The Nextcloud Signing status is not provided.
**Q: Can you provide the