From 4d646a75f5650fcbde0da785802bb55a65e60a86 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Julius=20H=C3=A4rtl?= Date: Wed, 20 Nov 2019 09:06:47 +0100 Subject: [PATCH] Use files node API for single file downloads MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- lib/private/legacy/files.php | 42 ++++++++++++++++++++++++------------ 1 file changed, 28 insertions(+), 14 deletions(-) diff --git a/lib/private/legacy/files.php b/lib/private/legacy/files.php index 140c02e77b6..d8de0381606 100644 --- a/lib/private/legacy/files.php +++ b/lib/private/legacy/files.php @@ -284,30 +284,44 @@ class OC_Files { */ private static function getSingleFile($view, $dir, $name, $params) { $filename = $dir . '/' . $name; + $file = null; + + try { + $userFolder = \OC::$server->getRootFolder()->get(\OC\Files\Filesystem::getRoot()); + $file = $userFolder->get($filename); + if(!$file instanceof \OC\Files\Node\File || !$file->isReadable()) { + http_response_code(403); + die('403 Forbidden'); + } + $fileSize = $file->getSize(); + } catch (\OCP\Files\NotPermittedException $e) { + http_response_code(403); + die('403 Forbidden'); + } catch (\OCP\Files\InvalidPathException $e) { + http_response_code(403); + die('403 Forbidden'); + } catch (\OCP\Files\NotFoundException $e) { + http_response_code(404); + $tmpl = new OC_Template('', '404', 'guest'); + $tmpl->printPage(); + exit(); + } + OC_Util::obEnd(); $view->lockFile($filename, ILockingProvider::LOCK_SHARED); $rangeArray = array(); if (isset($params['range']) && substr($params['range'], 0, 6) === 'bytes=') { - $rangeArray = self::parseHttpRangeHeader(substr($params['range'], 6), - \OC\Files\Filesystem::filesize($filename)); - } - - if (\OC\Files\Filesystem::isReadable($filename)) { - self::sendHeaders($filename, $name, $rangeArray); - } elseif (!\OC\Files\Filesystem::file_exists($filename)) { - http_response_code(404); - $tmpl = new OC_Template('', '404', 'guest'); - $tmpl->printPage(); - exit(); - } else { - http_response_code(403); - die('403 Forbidden'); + $rangeArray = self::parseHttpRangeHeader(substr($params['range'], 6), $fileSize); } + + self::sendHeaders($filename, $name, $rangeArray); + if (isset($params['head']) && $params['head']) { return; } + if (!empty($rangeArray)) { try { if (count($rangeArray) == 1) { -- 2.39.5