diff options
| author | Robin Appelman <icewind1991@gmail.com> | 2012-01-08 01:53:40 +0100 |
|---|---|---|
| committer | Robin Appelman <icewind1991@gmail.com> | 2012-01-08 01:53:40 +0100 |
| commit | d1edc360d9bd7d97c35d25b54dadec61004cd869 (patch) | |
| tree | 7344744268280ccbdc194746a7b40dfc90a33260 /lib/filesystem.php | |
| parent | 3844fb0e4ce093bb3c2e67d20f85f61b7723efdc (diff) | |
| parent | 8f8985c3e53862e2ca6446f296d4835a9577faac (diff) | |
| download | nextcloud-server-d1edc360d9bd7d97c35d25b54dadec61004cd869.tar.gz nextcloud-server-d1edc360d9bd7d97c35d25b54dadec61004cd869.zip | |
merge master into filesystem
Diffstat (limited to 'lib/filesystem.php')
| -rw-r--r-- | lib/filesystem.php | 56 |
1 files changed, 20 insertions, 36 deletions
diff --git a/lib/filesystem.php b/lib/filesystem.php index c3830b34168..8765775dc29 100644 --- a/lib/filesystem.php +++ b/lib/filesystem.php @@ -107,35 +107,6 @@ class OC_Filesystem{ } /** - * check if the current users has the right premissions to read a file - * @param string path - * @return bool - */ - static private function canRead($path){ - if(substr($path,0,1)!=='/'){ - $path='/'.$path; - } - if(strstr($path,'/../') || strrchr($path, '/') === '/..' ){ - return false; - } - return true;//dummy untill premissions are correctly implemented, also the correcty value because for now users are locked in their seperate data dir and can read/write everything in there - } - /** - * check if the current users has the right premissions to write a file - * @param string path - * @return bool - */ - static private function canWrite($path){ - if(substr($path,0,1)!=='/'){ - $path='/'.$path; - } - if(strstr($path,'/../') || strrchr($path, '/') === '/..' ){ - return false; - } - return true;//dummy untill premissions are correctly implemented, also the correcty value because for now users are locked in their seperate data dir and can read/write everything in there - } - - /** * mount an OC_Filestorage in our virtual filesystem * @param OC_Filestorage storage * @param string mountpoint @@ -204,15 +175,28 @@ class OC_Filesystem{ */ static public function getLocalFile($path){ $parent=substr($path,0,strrpos($path,'/')); - if(self::canRead($parent) and $storage=self::getStorage($path)){ + if(self::isValidPath($parent) and $storage=self::getStorage($path)){ return $storage->getLocalFile(self::getInternalPath($path)); } } /** + * check if the requested path is valid + * @param string path + * @return bool + */ + static public function isValidPath($path){ + if(substr($path,0,1)!=='/'){ + $path='/'.$path; + } + if(strstr($path,'/../') || strrchr($path, '/') === '/..' ){ + return false; + } + return true; + } + /** * following functions are equivilent to their php buildin equivilents for arguments/return values. */ - static public function mkdir($path){ return self::basicOperation('mkdir',$path,array('create','write')); } @@ -274,7 +258,7 @@ class OC_Filesystem{ return self::basicOperation('unlink',$path,array('delete')); } static public function rename($path1,$path2){ - if(OC_FileProxy::runPreProxies('rename',$path1,$path2) and self::canWrite($path1) and self::canWrite($path2)){ + if(OC_FileProxy::runPreProxies('rename',$path1,$path2) and self::is_writeable($path1) and self::isValidPath($path2)){ $run=true; OC_Hook::emit( 'OC_Filesystem', 'rename', array( 'oldpath' => $path1 ,'newpath'=>$path2, 'run' => &$run)); if($run){ @@ -295,7 +279,7 @@ class OC_Filesystem{ } } static public function copy($path1,$path2){ - if(OC_FileProxy::runPreProxies('copy',$path1,$path2) and self::canRead($path1) and self::canWrite($path2)){ + if(OC_FileProxy::runPreProxies('copy',$path1,$path2) and self::is_readable($path1) and self::isValidPath($path2)){ $run=true; OC_Hook::emit( 'OC_Filesystem', 'copy', array( 'oldpath' => $path1 ,'newpath'=>$path2, 'run' => &$run)); $exists=self::file_exists($path2); @@ -350,13 +334,13 @@ class OC_Filesystem{ return self::basicOperation('fopen',$path,$hooks,$mode); } static public function toTmpFile($path){ - if(OC_FileProxy::runPreProxies('toTmpFile',$path) and self::canRead($path) and $storage=self::getStorage($path)){ + if(OC_FileProxy::runPreProxies('toTmpFile',$path) and self::isValidPath($path) and $storage=self::getStorage($path)){ OC_Hook::emit( 'OC_Filesystem', 'read', array( 'path' => $path)); return $storage->toTmpFile(self::getInternalPath($path)); } } static public function fromTmpFile($tmpFile,$path){ - if(OC_FileProxy::runPreProxies('copy',$tmpFile,$path) and self::canWrite($path) and $storage=self::getStorage($path)){ + if(OC_FileProxy::runPreProxies('copy',$tmpFile,$path) and self::isValidPath($path) and $storage=self::getStorage($path)){ $run=true; $exists=self::file_exists($path); if(!$exists){ @@ -413,7 +397,7 @@ class OC_Filesystem{ * @return mixed */ private static function basicOperation($operation,$path,$hooks=array(),$extraParam=null){ - if(OC_FileProxy::runPreProxies($operation,$path, $extraParam) and self::canRead($path) and $storage=self::getStorage($path)){ + if(OC_FileProxy::runPreProxies($operation,$path, $extraParam) and self::isValidPath($path) and $storage=self::getStorage($path)){ $interalPath=self::getInternalPath($path); $run=true; foreach($hooks as $hook){ |