User can see files which he is not athirized to access #16474
Description
Hello I am "only"admin, on a cloud service setup by provider.
Steps to reproduce
- unauthorised User click recent files
- files which he is not athirized to access
- authorisation set by group folder
Expected behaviour
See only files files which he is athirized to access
Actual behaviour
Tell us what happens instead
Server configuration
version: 16.0.1.1 -
versionstring: 16.0.1
Enabled:
- accessibility: 1.2.0
- activity: 2.9.1
- calendar: 1.7.0
- cloud_federation_api: 0.2.0
- comments: 1.6.0 - dav: 1.9.2
- federatedfilesharing: 1.6.0
- federation: 1.6.0 - files: 1.11.0
- files_pdfviewer: 1.5.0
- files_rightclick: 0.13.0
- files_sharing: 1.8.0
- files_texteditor: 2.8.0
- files_trashbin: 1.6.0
- files_versions: 1.9.0
- files_videoplayer: 1.5.0
- firstrunwizard: 2.5.0
- gallery: 18.3.0
- groupfolders: 4.0.4
- logreader: 2.1.0
- lookup_server_connector: 1.4.0
- nextcloud_announcements: 1.5.0
- notifications: 2.4.1
- oauth2: 1.4.2
- occweb: 0.0.4
- onlyoffice: 2.4.0
- privacy: 1.0.0
- provisioning_api: 1.6.0
- serverinfo: 1.6.0
- sharebymail: 1.6.0
- systemtags: 1.6.0
- theming: 1.7.0
- twofactor_backupcodes: 1.5.0
- viewer: 1.0.0
- workflowengine: 1.6.0
Disabled:
- admin_audit
- contacts
- encryption
- files_external
- password_policy
- recommendations
- registration
- support
- survey_client
- updatenotification
- user_ldap