mirror of https://github.com/nextcloud/server
Block shares that dont have the correct source permissions
This commit is contained in:
Robin Appelman
parent
8b3d7d09d5
commit
e3b5639fc1
|
|
@ -32,6 +32,7 @@ namespace OC\Files\Storage;
|
|||
|
||||
use OC\Files\Filesystem;
|
||||
use OCA\Files_Sharing\ISharedStorage;
|
||||
use OCP\Constants;
|
||||
use OCP\Files\Cache\ICacheEntry;
|
||||
use OCP\Files\Storage\IStorage;
|
||||
use OCP\Lock\ILockingProvider;
|
||||
|
|
@ -83,6 +84,10 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage {
|
|||
$this->sourceRootInfo = $this->sourceStorage->getCache()->get($sourceInternalPath);
|
||||
}
|
||||
|
||||
private function isValid() {
|
||||
return ($this->sourceRootInfo->getPermissions() & Constants::PERMISSION_SHARE) === Constants::PERMISSION_SHARE;
|
||||
}
|
||||
|
||||
/**
|
||||
* get id of the mount point
|
||||
*
|
||||
|
|
@ -133,6 +138,9 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage {
|
|||
* @return string|false source file path or false if not found
|
||||
*/
|
||||
public function getSourcePath($target) {
|
||||
if (!$this->isValid()){
|
||||
return false;
|
||||
}
|
||||
$source = $this->getFile($target);
|
||||
if ($source) {
|
||||
if (!isset($source['fullPath'])) {
|
||||
|
|
@ -157,6 +165,9 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage {
|
|||
* @return int CRUDS permissions granted
|
||||
*/
|
||||
public function getPermissions($target = '') {
|
||||
if (!$this->isValid()) {
|
||||
return 0;
|
||||
}
|
||||
$permissions = $this->share['permissions'];
|
||||
// part files and the mount point always have delete permissions
|
||||
if ($target === '' || pathinfo($target, PATHINFO_EXTENSION) === 'part') {
|
||||
|
|
@ -253,13 +264,14 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage {
|
|||
}
|
||||
|
||||
public function isReadable($path) {
|
||||
$isReadable = false;
|
||||
if ($source = $this->getSourcePath($path)) {
|
||||
list($storage, $internalPath) = \OC\Files\Filesystem::resolvePath($source);
|
||||
$isReadable = $storage->isReadable($internalPath);
|
||||
if (!$this->isValid()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $isReadable && $this->file_exists($path);
|
||||
if (!$this->file_exists($path)) {
|
||||
return false;
|
||||
}
|
||||
list($storage, $internalPath) = $this->resolvePath($path);
|
||||
return $storage->isReadable($internalPath);
|
||||
}
|
||||
|
||||
public function isUpdatable($path) {
|
||||
|
|
|
|||
|
|
@ -46,6 +46,7 @@ use Icewind\Streams\CallbackWrapper;
|
|||
use OC\Files\Mount\MoveableMount;
|
||||
use OC\Files\Storage\Storage;
|
||||
use OC\User\User;
|
||||
use OCP\Constants;
|
||||
use OCP\Files\Cache\ICacheEntry;
|
||||
use OCP\Files\FileNameTooLongException;
|
||||
use OCP\Files\InvalidCharacterInPathException;
|
||||
|
|
@ -1335,7 +1336,7 @@ class View {
|
|||
|
||||
$data = $this->getCacheEntry($storage, $internalPath, $directory);
|
||||
|
||||
if (!$data instanceof ICacheEntry || !isset($data['fileid'])) {
|
||||
if (!$data instanceof ICacheEntry || !isset($data['fileid']) || !($data->getPermissions() && Constants::PERMISSION_READ)) {
|
||||
return [];
|
||||
}
|
||||
|
||||
|
|
@ -1385,7 +1386,7 @@ class View {
|
|||
$rootEntry = $subCache->get('');
|
||||
}
|
||||
|
||||
if ($rootEntry) {
|
||||
if ($rootEntry && ($rootEntry->getPermissions() && Constants::PERMISSION_READ)) {
|
||||
$relativePath = trim(substr($mountPoint, $dirLength), '/');
|
||||
if ($pos = strpos($relativePath, '/')) {
|
||||
//mountpoint inside subfolder add size to the correct folder
|
||||
|
|
|
|||
Loading…
Reference in New Issue