summaryrefslogtreecommitdiffstats
path: root/lib/private/connector
diff options
context:
space:
mode:
authorBjoern Schiessle <schiessle@owncloud.com>2013-10-08 11:27:08 +0200
committerBjoern Schiessle <schiessle@owncloud.com>2013-10-08 11:27:08 +0200
commitdd202d9ad3a542cb4c86baad92cadb2cb975afcf (patch)
treef369e87269f64c199eb35c151c3c758b001064cb /lib/private/connector
parent0293d8e04f614c330be8aac7e968eec8469fb0e5 (diff)
downloadnextcloud-server-dd202d9ad3a542cb4c86baad92cadb2cb975afcf.tar.gz
nextcloud-server-dd202d9ad3a542cb4c86baad92cadb2cb975afcf.zip
updating a existing large file creates new file chunks. Therefore createFile() needs to check not only if we can write to the parent folder but also if we can update the existing file"
Diffstat (limited to 'lib/private/connector')
-rw-r--r--lib/private/connector/sabre/directory.php18
1 files changed, 16 insertions, 2 deletions
diff --git a/lib/private/connector/sabre/directory.php b/lib/private/connector/sabre/directory.php
index af0dfd70f08..d0334780361 100644
--- a/lib/private/connector/sabre/directory.php
+++ b/lib/private/connector/sabre/directory.php
@@ -50,8 +50,22 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa
*/
public function createFile($name, $data = null) {
- if (!\OC\Files\Filesystem::isCreatable($this->path)) {
- throw new \Sabre_DAV_Exception_Forbidden();
+ // for chunked upload also updating a existing file is a "createFile"
+ // because we create all the chunks before reasamble them to the existing file.
+ if (isset($_SERVER['HTTP_OC_CHUNKED'])) {
+
+ // exit if we can't create a new file and we don't updatable existing file
+ $info = OC_FileChunking::decodeName($name);
+ if (!\OC\Files\Filesystem::isCreatable($this->path) &&
+ !\OC\Files\Filesystem::isUpdatable($this->path . '/' . $info['name'])) {
+ throw new \Sabre_DAV_Exception_Forbidden();
+ }
+
+ } else {
+ // For non-chunked upload it is enough to check if we can create a new file
+ if (!\OC\Files\Filesystem::isCreatable($this->path)) {
+ throw new \Sabre_DAV_Exception_Forbidden();
+ }
}
$path = $this->path . '/' . $name;