Fix permissions when copying from ObjectStorage

Make sure that when a user copy a file from a directory they don't have
all permissions to a directory where they have more permissions, the
permissions are correctly set to the one from the parent taget folder.

This was caused by the ObjectStoreStorage::copyFromStorage using
the jailed storage and cache entry instead of the unjailed one like other
storages (the local one).
Steps to reproduce

+ Use object storage
+ Create a groupfolder with one group having full permission and another one
  who can just read files.
+ With an user who is in the second group, copy a file from the groupfolder to
  the home folder of this user.
+ The file in the home folder of the user will be read only and can't be deleted
  even though it is in their home folder and they are the owner. In oc_filecache,
  the permissions stored for this file are 1 (READ)

Signed-off-by: Carl Schwan <carl@carlschwan.eu>

diff --git a/lib/private/Files/Cache/Cache.php b/lib/private/Files/Cache/Cache.php
index ae707fb5b54cb5e68e39259ff5d02635e8a6d15b..3ede9fac61884c326c76a8f73fede719d2190db6 100644 (file)
--- a/lib/private/Files/Cache/Cache.php
+++ b/lib/private/Files/Cache/Cache.php
@@ -1097,7 +1097,7 @@ class Cache implements ICache {
         * @param ICache $sourceCache
         * @param ICacheEntry $sourceEntry
         * @param string $targetPath
-        * @return int fileid of copied entry
+        * @return int fileId of copied entry
         */
        public function copyFromCache(ICache $sourceCache, ICacheEntry $sourceEntry, string $targetPath): int {
                if ($sourceEntry->getId() < 0) {

diff --git a/lib/private/Files/ObjectStore/ObjectStoreStorage.php b/lib/private/Files/ObjectStore/ObjectStoreStorage.php
index a6654a7e9a420ea59d17a59bf4d82f4dda14bd79..94b9da665531913b28e3b9a8afbb0cadd7dfb429 100644 (file)
--- a/lib/private/Files/ObjectStore/ObjectStoreStorage.php
+++ b/lib/private/Files/ObjectStore/ObjectStoreStorage.php
@@ -540,7 +540,15 @@ class ObjectStoreStorage extends \OC\Files\Storage\Common {
                if ($sourceStorage->instanceOfStorage(ObjectStoreStorage::class)) {
                        /** @var ObjectStoreStorage $sourceStorage */
                        if ($sourceStorage->getObjectStore()->getStorageId() === $this->getObjectStore()->getStorageId()) {
+                               /** @var CacheEntry $sourceEntry */
                                $sourceEntry = $sourceStorage->getCache()->get($sourceInternalPath);
+                               $sourceEntryData = $sourceEntry->getData();
+                               // $sourceEntry['permissions'] here is the permissions from the jailed storage for the current
+                               // user. Instead we use $sourceEntryData['scan_permissions'] that are the permissions from the
+                               // unjailed storage.
+                               if (is_array($sourceEntryData) && array_key_exists('scan_permissions', $sourceEntryData)) {
+                                       $sourceEntry['permissions'] = $sourceEntryData['scan_permissions'];
+                               }
                                $this->copyInner($sourceEntry, $targetInternalPath);
                                return true;
                        }