Able to upload a file of certain mime-type despite rule that prohibits it

[mathiasconradt]

Steps to reproduce

Install and enable files_accesscontrol. Setup a rule to disallow uploading .exe files:

Expected behaviour

The introduction text says that when a rule applies, neither read nor write is allowed. However, uploading (write) operation is still possible.

Actual behaviour

File should not be allowed for upload in the first place. (Read-access is properly blocked as expected though.)

So either the rule does not apply correctly, or the introduction text at the top of the files access control app is not correct stating that "writing" the files would also not be possible.

Server configuration

NC 13.0.5

[mathiasconradt]

What happens for users syncing with the desktop client in this case by the way is the following:

They get the message that something has failed. ("File was deleted from server."). While this is technically exactly what might have happened, it might be a confusing notification.

On the other hand, the error message is not really clear: it says "The file has been deleted from the server." when it actually is still there visible in the web UI.

[MorrisJobke]

cc @nickvergessen

[nickvergessen]

Ah nice, this is broken because it uses a new dav/uploads endoint. Therefor https://github.com/nextcloud/server/blob/394a61f1e62d143addcec44ce9479994f8fbc587/apps/workflowengine/lib/Check/FileMimeType.php#L171 is incorrect now.
Also since it's a part file being renamed now, it's a MOVE not a PUT anymore.

This makes us fail to read a mime type => upload works.
The rest works as expected.

[nickvergessen]

I will try to have a look at the conf

[nickvergessen]

Fix is in nextcloud/server#10828