diff options
| author | Andy Scherzinger <info@andy-scherzinger.de> | 2023-08-01 16:53:18 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-08-01 16:53:18 +0200 |
| commit | 46da23f0188ece6fb2ee352545191b8c68f00061 (patch) | |
| tree | 52b0f41869892b31993632a39420d50424666efc | |
| parent | 59fe990632d0e6d66f2cbaac3477df5f9ae6f539 (diff) | |
| parent | 2fe6370923cb4b052d7472681a2c6a254f4c6892 (diff) | |
| download | nextcloud-server-46da23f0188ece6fb2ee352545191b8c68f00061.tar.gz nextcloud-server-46da23f0188ece6fb2ee352545191b8c68f00061.zip | |
Merge pull request #39614 from nextcloud/dav-permissions-share-root-write-27
[27] fix share roots always being marked as writable
| -rw-r--r-- | apps/dav/tests/unit/Connector/Sabre/NodeTest.php | 76 | ||||
| -rw-r--r-- | lib/public/Files/DavUtil.php | 18 |
2 files changed, 70 insertions, 24 deletions
diff --git a/apps/dav/tests/unit/Connector/Sabre/NodeTest.php b/apps/dav/tests/unit/Connector/Sabre/NodeTest.php index 751e4c138b2..83765d338f2 100644 --- a/apps/dav/tests/unit/Connector/Sabre/NodeTest.php +++ b/apps/dav/tests/unit/Connector/Sabre/NodeTest.php @@ -25,14 +25,20 @@ * along with this program. If not, see <http://www.gnu.org/licenses/> * */ + namespace OCA\DAV\Tests\unit\Connector\Sabre; use OC\Files\FileInfo; +use OC\Files\Mount\MountPoint; use OC\Files\View; use OC\Share20\ShareAttributes; +use OCA\Files_Sharing\SharedMount; use OCA\Files_Sharing\SharedStorage; +use OCP\Constants; +use OCP\Files\Cache\ICacheEntry; use OCP\Files\Mount\IMountPoint; use OCP\Files\Storage; +use OCP\ICache; use OCP\Share\IAttributes; use OCP\Share\IManager; use OCP\Share\IShare; @@ -46,40 +52,66 @@ use OCP\Share\IShare; class NodeTest extends \Test\TestCase { public function davPermissionsProvider() { return [ - [\OCP\Constants::PERMISSION_ALL, 'file', false, false, 'RGDNVW'], - [\OCP\Constants::PERMISSION_ALL, 'dir', false, false, 'RGDNVCK'], - [\OCP\Constants::PERMISSION_ALL, 'file', true, false, 'SRGDNVW'], - [\OCP\Constants::PERMISSION_ALL, 'file', true, true, 'SRMGDNVW'], - [\OCP\Constants::PERMISSION_ALL - \OCP\Constants::PERMISSION_SHARE, 'file', true, false, 'SGDNVW'], - [\OCP\Constants::PERMISSION_ALL - \OCP\Constants::PERMISSION_UPDATE, 'file', false, false, 'RGD'], - [\OCP\Constants::PERMISSION_ALL - \OCP\Constants::PERMISSION_DELETE, 'file', false, false, 'RGNVW'], - [\OCP\Constants::PERMISSION_ALL - \OCP\Constants::PERMISSION_CREATE, 'file', false, false, 'RGDNVW'], - [\OCP\Constants::PERMISSION_ALL - \OCP\Constants::PERMISSION_READ, 'file', false, false, 'RDNVW'], - [\OCP\Constants::PERMISSION_ALL - \OCP\Constants::PERMISSION_CREATE, 'dir', false, false, 'RGDNV'], - [\OCP\Constants::PERMISSION_ALL - \OCP\Constants::PERMISSION_READ, 'dir', false, false, 'RDNVCK'], + [Constants::PERMISSION_ALL, 'file', false, Constants::PERMISSION_ALL, false, 'test', 'RGDNVW'], + [Constants::PERMISSION_ALL, 'dir', false, Constants::PERMISSION_ALL, false, 'test', 'RGDNVCK'], + [Constants::PERMISSION_ALL, 'file', true, Constants::PERMISSION_ALL, false, 'test', 'SRGDNVW'], + [Constants::PERMISSION_ALL, 'file', true, Constants::PERMISSION_ALL, true, 'test', 'SRMGDNVW'], + [Constants::PERMISSION_ALL, 'file', true, Constants::PERMISSION_ALL, true, '' , 'SRMGDNVW'], + [Constants::PERMISSION_ALL, 'file', true, Constants::PERMISSION_ALL - Constants::PERMISSION_UPDATE, true, '' , 'SRMGDNV'], + [Constants::PERMISSION_ALL - Constants::PERMISSION_SHARE, 'file', true, Constants::PERMISSION_ALL, false, 'test', 'SGDNVW'], + [Constants::PERMISSION_ALL - Constants::PERMISSION_UPDATE, 'file', false, Constants::PERMISSION_ALL, false, 'test', 'RGD'], + [Constants::PERMISSION_ALL - Constants::PERMISSION_DELETE, 'file', false, Constants::PERMISSION_ALL, false, 'test', 'RGNVW'], + [Constants::PERMISSION_ALL - Constants::PERMISSION_CREATE, 'file', false, Constants::PERMISSION_ALL, false, 'test', 'RGDNVW'], + [Constants::PERMISSION_ALL - Constants::PERMISSION_READ, 'file', false, Constants::PERMISSION_ALL, false, 'test', 'RDNVW'], + [Constants::PERMISSION_ALL - Constants::PERMISSION_CREATE, 'dir', false, Constants::PERMISSION_ALL, false, 'test', 'RGDNV'], + [Constants::PERMISSION_ALL - Constants::PERMISSION_READ, 'dir', false, Constants::PERMISSION_ALL, false, 'test', 'RDNVCK'], ]; } /** * @dataProvider davPermissionsProvider */ - public function testDavPermissions($permissions, $type, $shared, $mounted, $expected): void { + public function testDavPermissions($permissions, $type, $shared, $shareRootPermissions, $mounted, $internalPath, $expected): void { $info = $this->getMockBuilder(FileInfo::class) ->disableOriginalConstructor() - ->setMethods(['getPermissions', 'isShared', 'isMounted', 'getType']) + ->onlyMethods(['getPermissions', 'isShared', 'isMounted', 'getType', 'getInternalPath', 'getStorage', 'getMountPoint']) ->getMock(); - $info->expects($this->any()) - ->method('getPermissions') + $info->method('getPermissions') ->willReturn($permissions); - $info->expects($this->any()) - ->method('isShared') + $info->method('isShared') ->willReturn($shared); - $info->expects($this->any()) - ->method('isMounted') + $info->method('isMounted') ->willReturn($mounted); - $info->expects($this->any()) - ->method('getType') + $info->method('getType') ->willReturn($type); + $info->method('getInternalPath') + ->willReturn($internalPath); + $info->method('getMountPoint') + ->willReturnCallback(function() use ($shared) { + if ($shared) { + return $this->createMock(SharedMount::class); + } else { + return $this->createMock(MountPoint::class); + } + }); + $storage = $this->createMock(Storage\IStorage::class); + if ($shared) { + $storage->method('instanceOfStorage') + ->willReturn(true); + $cache = $this->createMock(ICache::class); + $storage->method('getCache') + ->willReturn($cache); + $shareRootEntry = $this->createMock(ICacheEntry::class); + $cache->method('get') + ->willReturn($shareRootEntry); + $shareRootEntry->method('getPermissions') + ->willReturn($shareRootPermissions); + } else { + $storage->method('instanceOfStorage') + ->willReturn(false); + } + $info->method('getStorage') + ->willReturn($storage); $view = $this->getMockBuilder(View::class) ->disableOriginalConstructor() ->getMock(); @@ -256,7 +288,7 @@ class NodeTest extends \Test\TestCase { public function invalidSanitizeMtimeProvider() { return [ - [-1337], [0], ['abcdef'], ['-1337'], ['0'], [12321], [24 * 60 * 60 - 1] + [-1337], [0], ['abcdef'], ['-1337'], ['0'], [12321], [24 * 60 * 60 - 1], ]; } diff --git a/lib/public/Files/DavUtil.php b/lib/public/Files/DavUtil.php index 343f3c2ac0f..2e7efdccd07 100644 --- a/lib/public/Files/DavUtil.php +++ b/lib/public/Files/DavUtil.php @@ -32,6 +32,9 @@ namespace OCP\Files; +use OCP\Constants; +use OC\Files\Mount\MoveableMount; + /** * This class provides different helper functions related to WebDAV protocol * @@ -73,10 +76,21 @@ class DavUtil { $p .= 'D'; } if ($info->isUpdateable()) { - $p .= 'NV'; // Renameable, Moveable + $p .= 'NV'; // Renameable, Movable } + + // since we always add update permissions for the root of movable mounts + // we need to check the shared cache item directly to determine if it's writable + $storage = $info->getStorage(); + if ($info->getInternalPath() === '' && $info->getMountPoint() instanceof MoveableMount) { + $rootEntry = $storage->getCache()->get(''); + $isWritable = $rootEntry->getPermissions() & Constants::PERMISSION_UPDATE; + } else { + $isWritable = $info->isUpdateable(); + } + if ($info->getType() === FileInfo::TYPE_FILE) { - if ($info->isUpdateable()) { + if ($isWritable) { $p .= 'W'; } } else { |