summaryrefslogtreecommitdiffstats
path: root/lib/private/Repair
diff options
context:
space:
mode:
authorRoeland Jago Douma <rullzer@owncloud.com>2016-05-30 14:56:19 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2016-06-10 12:44:49 +0200
commit1b66db72d916a763b1c22613b9df5c42e93593a8 (patch)
tree8c53f3fe90b25e86ddc48b09cba4801d85de02de /lib/private/Repair
parenta0d8702a1c168a178846ceba849b1521e6462b0f (diff)
downloadnextcloud-server-1b66db72d916a763b1c22613b9df5c42e93593a8.tar.gz
nextcloud-server-1b66db72d916a763b1c22613b9df5c42e93593a8.zip
Repair job to fix permissions for avatars
Fixes #22978 On some older installations the permissions for the userRoot and the avatars are not correct. This breaks since we now use the Node API in the avatar code. This repair job makes sure that the permissions are set correctly. * Unit tests added
Diffstat (limited to 'lib/private/Repair')
-rw-r--r--lib/private/Repair/AvatarPermissions.php107
1 files changed, 107 insertions, 0 deletions
diff --git a/lib/private/Repair/AvatarPermissions.php b/lib/private/Repair/AvatarPermissions.php
new file mode 100644
index 00000000000..1d96a79ac1f
--- /dev/null
+++ b/lib/private/Repair/AvatarPermissions.php
@@ -0,0 +1,107 @@
+<?php
+/**
+ * @author Roeland Jago Douma <rullzer@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+namespace OC\Repair;
+
+use OCP\IDBConnection;
+use OCP\Migration\IOutput;
+use OCP\Migration\IRepairStep;
+
+/**
+ * Class AvatarPermissions
+ *
+ * @package OC\Repair
+ */
+class AvatarPermissions implements IRepairStep {
+ /** @var IDBConnection */
+ private $connection;
+
+ /**
+ * AvatarPermissions constructor.
+ *
+ * @param IDBConnection $connection
+ */
+ public function __construct(IDBConnection $connection) {
+ $this->connection = $connection;
+ }
+
+ /**
+ * @return string
+ */
+ public function getName() {
+ return 'Fix permissions so avatars can be stored again';
+ }
+
+ /**
+ * @param IOutput $output
+ */
+ public function run(IOutput $output) {
+ $output->startProgress(2);
+ $this->fixUserRootPermissions();
+ $output->advance();
+ $this->fixAvatarPermissions();
+ $output->finishProgress();
+ }
+
+ /**
+ * Make sure all user roots have permissions 23 (all but share)
+ */
+ protected function fixUserRootPermissions() {
+ $qb = $this->connection->getQueryBuilder();
+ $qb2 = $this->connection->getQueryBuilder();
+
+ $qb->select('numeric_id')
+ ->from('storages')
+ ->where($qb->expr()->like('id', $qb2->createParameter('like')));
+
+ $qb2->update('filecache')
+ ->set('permissions', $qb2->createNamedParameter(23))
+ ->where($qb2->expr()->eq('path', $qb2->createNamedParameter('')))
+ ->andWhere($qb2->expr()->in('storage', $qb2->createFunction($qb->getSQL())))
+ ->andWhere($qb2->expr()->neq('permissions', $qb2->createNamedParameter(23)))
+ ->setParameter('like', 'home::%');
+
+
+ $qb2->execute();
+ }
+
+ /**
+ * Make sure all avatar files in the user roots have permission 27
+ */
+ protected function fixAvatarPermissions() {
+ $qb = $this->connection->getQueryBuilder();
+ $qb2 = $this->connection->getQueryBuilder();
+
+ $qb->select('numeric_id')
+ ->from('storages')
+ ->where($qb->expr()->like('id', $qb2->createParameter('like')));
+
+ $qb2->update('filecache')
+ ->set('permissions', $qb2->createNamedParameter(27))
+ ->where($qb2->expr()->like('path', $qb2->createNamedParameter('avatar.%')))
+ ->andWhere($qb2->expr()->in('storage', $qb2->createFunction($qb->getSQL())))
+ ->andWhere($qb2->expr()->neq('permissions', $qb2->createNamedParameter(27)))
+ ->setParameter('like', 'home::%');
+
+ $qb2->execute();
+ }
+
+}
+