Block access to shares when sharing permissions are not met

[mejo-]

Describe the bug Currently we don't check if sharing permissions are met when accessing a share. This should be changed.

To Reproduce Steps to reproduce the behavior:

1. Add a share link as normal member
2. Limit sharing to admins
3. The share link from normal member still works

Expected behavior Limited sharing permissions should be considered when accessing a share link.

[max-nextcloud]

Frankly... I'm not sure about this one. I understand the sharing permission as the permission to create a share at that point in time. If the user had the permission the share exists even if the permission is later revoked. We also do not revert edits done by a user that looses editing permissions. But maybe I don't fully understand the background here.

[juliusknorr]

Is the link share one individual per user or just one common per collective? In the first case I'd say it makes sense to revoke (same if the user looses access to the collective then).

[mejo-]

Is the link share one individual per user or just one common per collective? In the first case I'd say it makes sense to revoke (same if the user looses access to the collective then).

Exactly, it's a individual share link per user (just like share links work everywhere in Nextcloud). I agree that we should revoke share links from users with lower member level when bumping the level required for sharing permissions.