groupfolders icon indicating copy to clipboard operation
groupfolders copied to clipboard
verified publisher icon nextcloud

403 Forbidden on "MOVE" when moving files from a groupfolder to a other

Open Ozerim opened this issue 2 years ago โ€ข 6 comments

  • Please use the ๐Ÿ‘ reaction to show that you are affected by the same issue.
  • Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
  • Subscribe to receive notifications on status change and new comments.

Steps to reproduce

  1. Create group folders A & B
  2. Both group folders are only set has admin group and no advanced permissions
  3. Inside of each folders create a folder ( x inside of A and y inside of B )
  4. Share folder x to group G_x and share folder y to group G_y
  5. Now set group G_x and G_y to a user
  6. Connect to the user and try to cut & paste a file from x folder to y folder

Expected behaviour

The file should be moved to the y folder

Actual behaviour

The file doesn't move from x folder

additional information

The admin can cut & paste without any issue. Seems like it's a permissions issue but the user has the correct permission to do such task.

Server configuration

Operating system:

Debian 12 (Bookworm)

Web server:

nginx 1.22.1

Database:

MariaDB 10.11.4

PHP version:

PHP 8.2.8

Nextcloud version: (see Nextcloud admin page)

27.1.2

Group folders version:

15.3.1

Client configuration

Browser:

Firefox/Chrome

Operating system:

Windows 10/11

Logs

Web server error log

Web server error log 
08:31:06||XXXX_XXXX/test.txt -> XXXX_XXXX/test.txt|4|1|1698309029|8a62cf4af9eb252c7f77aa6a70d22186|0|00141238ocvf27t1842r|2|The server replied "403 Forbidden"  on "MOVE"

Nextcloud log (data/nextcloud.log)

Nextcloud log 

{"reqId":"CZhPTU5tBbaFTc45x95s","level":3,"time":"2023-10-26T15:44:35+00:00","remoteAddr":"90.93.71.109","user":"user","app":"core","method":"MOVE","url":"/remote.php/dav/files/user/INTER_AGENCE_COMMUN%20(2)/TEST.txt","message":"unable to rename, source directory is not writable : /srv/nextcloud/nextcloud_DATA/INTER_AGENCE_COMMUN","userAgent":"Mozilla/5.0 (Windows) mirall/3.10.0stable-Win64 (build 20230915) (Nextcloud, windows-10.0.22621 ClientArchitecture: x86_64 OsArchitecture: x86_64)","version":"27.1.2.1","data":{"app":"core"}}

Ozerim avatar Oct 30 '23 11:10 Ozerim

Hmm. Based on the error I would expect it to complain about /srv/nextcloud/nextcloud_DATA/INTER_AGENCE_COMMUN%20(2)/ rather than /srv/nextcloud/nextcloud_DATA/INTER_AGENCE_COMMUN (if anything).

I assume /srv/nextcloud/nextcloud_DATA/INTER_AGENCE_COMMUN is bogus (i.e. neither the source nor destination parent folder)?

Does this only happen with folders with spaces enclosed in them by chance?

https://github.com/nextcloud/server/blob/16bfe0cc65c3c4603c24d10c904c1aef39d5a9a2/lib/private/Files/Storage/Local.php#L345-L352

joshtrichards avatar Oct 31 '23 01:10 joshtrichards

@joshtrichards I've tried on a fresh nextcloud install with folder named "Test1" and "Test2" and the same problem happened... So don't think the issue come from the folder especially.

Ozerim avatar Oct 31 '23 09:10 Ozerim

Hi everyone,

Same problem here.

Context :

  • Group Folder A with admin rights only
  • In Group Folder A, create a shared folder DATA_A with permissions given to group G_DATA_A

(we prefer to create a subfolder that we share directly with the user, rather than giving him direct rights to the folder created by Group Folder)

  • Group Folder B with admin rights only

  • In Group Folder B, create a folder DATA_B with permissions given to group G_DATA_B

  • User with rights to folders G_DATA_A and G_DATA_B, if you try to move a file from DATA_A to DATA_B via the web interface : error

{"reqId":"bNBtrCYrGxfKlRilLo84","level":3,"time":"2023-12-20T11:16:53+00:00","remoteAddr":"xxxx","user":"e.barre","app":"no app in context","method":"POST","url":"/ocs/v2.php/apps/files/api/v1/templates/create","message":"Could not create path \"/e.barre/files/00_LOGOS/toto.txt\"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0","version":"27.1.4.1","exception":{"Exception":"OCP\\Files\\NotPermittedException","Message":"Could not create path \"/e.barre/files/00_LOGOS/toto.txt\"","Code":0,"Trace":[{"file":"/srv/nextcloud/www/lib/private/Files/Template/TemplateManager.php","line":162,"function":"newFile","class":"OC\\Files\\Node\\Folder","type":"->"},{"file":"/srv/nextcloud/www/apps/files/lib/Controller/TemplateController.php","line":57,"function":"createFromTemplate","class":"OC\\Files\\Template\\TemplateManager","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/srv/nextcloud/www/lib/private/AppFramework/Http/Dispatcher.php","line":230,"function":"create","class":"OCA\\Files\\Controller\\TemplateController","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/srv/nextcloud/www/lib/private/AppFramework/Http/Dispatcher.php","line":137,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/srv/nextcloud/www/lib/private/AppFramework/App.php","line":183,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/srv/nextcloud/www/lib/private/Route/Router.php","line":315,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/srv/nextcloud/www/ocs/v1.php","line":64,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/srv/nextcloud/www/ocs/v2.php","line":23,"args":["/srv/nextcloud/www/ocs/v1.php"],"function":"require_once"}],"File":"/srv/nextcloud/www/lib/private/Files/Node/Folder.php","Line":193,"message":"Could not create path \"/e.barre/files/00_LOGOS/toto.txt\"","exception":{},"CustomMessage":"Could not create path \"/e.barre/files/00_LOGOS/toto.txt\""}}

To correct the error, we need to revise our system and not create a subfolder :

  • Creation of a Group Folder A, with admin group rights and also permission for group G_DATA_A

  • Creation of a Group Folder B, with admin group rights and G_DATA_B group permissions.

And now you can move a file between folders!

It's not too serious, but it's a mistake we didn't have before. However, I can't say which version it's been in, as we only noticed it recently, and several version upgrades have been carried out on the Nextcloud server and also on the Group Folders application.

supr4s avatar Dec 20 '23 13:12 supr4s

I tried again on the latest LTS (28.0.4). Same thing, but different error message:

unable to rename, source directory is not writable: /srv/nextcloud/nextcloud_DATA/PARTAGE-DEMO01

Still unable to move a file to another Group Folder. No problem to copy/paste a file/folder.

supr4s avatar Mar 29 '24 13:03 supr4s

Related: #1097 & #3086

joshtrichards avatar Sep 10 '24 20:09 joshtrichards