aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Weimann <mail@michael-weimann.eu>2018-08-09 19:48:55 +0200
committerMichael Weimann <mail@michael-weimann.eu>2018-08-09 19:49:01 +0200
commit3f790bb85b3544680f4af2e3e005d736a5aff8a0 (patch)
treee7ce6422d05867d4ff4433f856f563e3fd66d227
parentebcfe33d0d0233dceaa80ad3a44126dee480eb97 (diff)
downloadnextcloud-server-3f790bb85b3544680f4af2e3e005d736a5aff8a0.tar.gz
nextcloud-server-3f790bb85b3544680f4af2e3e005d736a5aff8a0.zip
Excludes not writable app roots from the directory permission check
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
-rw-r--r--settings/Controller/CheckSetupController.php40
-rw-r--r--tests/Settings/Controller/CheckSetupControllerTest.php21
2 files changed, 51 insertions, 10 deletions
diff --git a/settings/Controller/CheckSetupController.php b/settings/Controller/CheckSetupController.php
index d3b520a7686..e6c88b6f7ca 100644
--- a/settings/Controller/CheckSetupController.php
+++ b/settings/Controller/CheckSetupController.php
@@ -542,16 +542,11 @@ Raw output
$appDirsWithDifferentOwner = [];
foreach (OC::$APPSROOTS as $appRoot) {
- $appsPath = $appRoot['path'];
- $appsDir = new DirectoryIterator($appRoot['path']);
- foreach ($appsDir as $fileInfo) {
- if ($fileInfo->isDir() && !$fileInfo->isDot()) {
- $absAppPath = $appsPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename();
- $appDirUser = posix_getpwuid(fileowner($absAppPath));
- if ($appDirUser !== $currentUser) {
- $appDirsWithDifferentOwner[] = $absAppPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename();
- }
- }
+ if ($appRoot['writable'] === true) {
+ $appDirsWithDifferentOwner = array_merge(
+ $appDirsWithDifferentOwner,
+ $this->getAppDirsWithDifferentOwnerForAppRoot($currentUser, $appRoot)
+ );
}
}
@@ -560,6 +555,31 @@ Raw output
}
/**
+ * Tests if the directories for one apps directory are writable by the current user.
+ *
+ * @param array $currentUser The current user
+ * @param array $appRoot The app root config
+ * @return string[] The none writable directory paths inside the app root
+ */
+ private function getAppDirsWithDifferentOwnerForAppRoot(array $currentUser, array $appRoot): array {
+ $appDirsWithDifferentOwner = [];
+ $appsPath = $appRoot['path'];
+ $appsDir = new DirectoryIterator($appRoot['path']);
+
+ foreach ($appsDir as $fileInfo) {
+ if ($fileInfo->isDir() && !$fileInfo->isDot()) {
+ $absAppPath = $appsPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename();
+ $appDirUser = posix_getpwuid(fileowner($absAppPath));
+ if ($appDirUser !== $currentUser) {
+ $appDirsWithDifferentOwner[] = $absAppPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename();
+ }
+ }
+ }
+
+ return $appDirsWithDifferentOwner;
+ }
+
+ /**
* @return DataResponse
*/
public function check() {
diff --git a/tests/Settings/Controller/CheckSetupControllerTest.php b/tests/Settings/Controller/CheckSetupControllerTest.php
index 5bed7e322eb..677a2a0aa0b 100644
--- a/tests/Settings/Controller/CheckSetupControllerTest.php
+++ b/tests/Settings/Controller/CheckSetupControllerTest.php
@@ -629,6 +629,27 @@ class CheckSetupControllerTest extends TestCase {
);
}
+ /**
+ * Calls the check for a none existing app root that is marked as not writable.
+ * It's expected that no error happens since the check shouldn't apply.
+ *
+ * @return void
+ */
+ public function testAppDirectoryOwnersNotWritable() {
+ $tempDir = tempnam(sys_get_temp_dir(), 'apps') . 'dir';
+ OC::$APPSROOTS = [
+ [
+ 'path' => $tempDir,
+ 'url' => '/apps',
+ 'writable' => false,
+ ],
+ ];
+ $this->assertSame(
+ [],
+ $this->invokePrivate($this->checkSetupController, 'getAppDirsWithDifferentOwner')
+ );
+ }
+
public function testIsBuggyNss400() {
$this->config->expects($this->any())
->method('getSystemValue')