Require transitive on shares when assembling file schema blobs.

Change-Id: I48be9855829448ddcb076d3b826c0394c1499f99

pkg/server/share.go

@@ -71,8 +71,6 @@ func newShareFromConfig(ld blobserver.Loader, conf jsonconfig.Obj) (h http.Handl
 }
 
 // Unauthenticated user.  Be paranoid.
-//
-// TODO: check IsTransitive on the share blob? http://camlistore.org/issue/226
 func handleGetViaSharing(conn http.ResponseWriter, req *http.Request,
 	blobRef blob.Ref, fetcher blob.StreamingFetcher) {
 	if !httputil.IsGet(req) {
@@ -105,6 +103,7 @@ func handleGetViaSharing(conn http.ResponseWriter, req *http.Request,
 	fetchChain := make([]blob.Ref, 0)
 	fetchChain = append(fetchChain, viaBlobs...)
 	fetchChain = append(fetchChain, blobRef)
+	isTransitive := false
 	for i, br := range fetchChain {
 		switch i {
 		case 0:
@@ -143,7 +142,8 @@ func handleGetViaSharing(conn http.ResponseWriter, req *http.Request,
 				auth.SendUnauthorized(conn, req)
 				return
 			}
-			if len(fetchChain) > 2 && !share.IsTransitive() {
+			isTransitive = share.IsTransitive()
+			if len(fetchChain) > 2 && !isTransitive {
 				log.Print("Share is not transitive")
 				auth.SendUnauthorized(conn, req)
 				return
@@ -177,19 +177,20 @@ func handleGetViaSharing(conn http.ResponseWriter, req *http.Request,
 		}
 	}
 
-	viaPathOkay = true
-
 	if assemble, _ := strconv.ParseBool(req.FormValue("assemble")); assemble {
-		// TODO: check IsTransitive on the share blob? http://camlistore.org/issue/226
+		if !isTransitive {
+			auth.SendUnauthorized(conn, req)
+			return
+		}
 		dh := &DownloadHandler{
 			Fetcher: fetcher,
 			// TODO(aa): It would be nice to specify a local cache here, as the UI handler does.
 		}
 		dh.ServeHTTP(conn, req, blobRef)
 	} else {
-		// TODO: check IsTransitive on the share blob? http://camlistore.org/issue/226
 		gethandler.ServeBlobRef(conn, req, blobRef, fetcher)
 	}
+	viaPathOkay = true
 }
 
 func (h *shareHandler) ServeHTTP(rw http.ResponseWriter, req *http.Request) {