Add share attributes + prevent download permission

Makes it possible to store download permission

Signed-off-by: Vincent Petry <vincent@nextcloud.com>

1 files changed, 31 insertions, 2 deletions

diff --git a/lib/private/legacy/OC_Files.php b/lib/private/legacy/OC_Files.php
index 02e15fd08d5..220fa0e3429 100644
--- a/lib/private/legacy/OC_Files.php
+++ b/lib/private/legacy/OC_Files.php
@@ -44,6 +44,8 @@ use bantu\IniGetWrapper\IniGetWrapper;
 use OC\Files\View;
 use OC\Streamer;
 use OCP\Lock\ILockingProvider;
+use OCP\EventDispatcher\GenericEvent;
+use OCP\EventDispatcher\IEventDispatcher;
 
 /**
  * Class for file server access
@@ -167,6 +169,14 @@ class OC_Files {
 				}
 			}
 
+			//Dispatch an event to see if any apps have problem with download
+			$event = new GenericEvent(null, ['dir' => $dir, 'files' => $files, 'run' => true]);
+			$dispatcher = \OC::$server->query(IEventDispatcher::class);
+			$dispatcher->dispatch('file.beforeCreateZip', $event);
+			if (($event->getArgument('run') === false) or ($event->hasArgument('errorMessage'))) {
+				throw new \OC\ForbiddenException($event->getArgument('errorMessage'));
+			}
+
 			$streamer = new Streamer(\OC::$server->getRequest(), $fileSize, $numberOfFiles);
 			OC_Util::obEnd();
 
@@ -212,6 +222,8 @@ class OC_Files {
 			$streamer->finalize();
 			set_time_limit($executionTime);
 			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
+			$event = new GenericEvent(null, ['result' => 'success', 'dir' => $dir, 'files' => $files]);
+			$dispatcher->dispatch('file.afterCreateZip', $event);
 		} catch (\OCP\Lock\LockedException $ex) {
 			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
 			OC::$server->getLogger()->logException($ex);
@@ -222,13 +234,16 @@ class OC_Files {
 			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
 			OC::$server->getLogger()->logException($ex);
 			$l = \OC::$server->getL10N('lib');
-			\OC_Template::printErrorPage($l->t('Cannot read file'), $ex->getMessage(), 200);
+			\OC_Template::printErrorPage($l->t('Cannot download file'), $ex->getMessage(), 200);
 		} catch (\Exception $ex) {
 			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
 			OC::$server->getLogger()->logException($ex);
 			$l = \OC::$server->getL10N('lib');
 			$hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
-			\OC_Template::printErrorPage($l->t('Cannot read file'), $hint, 200);
+			if ($event && $event->hasArgument('message')) {
+				$hint .= ' ' . $event->getArgument('message');
+			}
+			\OC_Template::printErrorPage($l->t('Cannot download file'), $hint, 200);
 		}
 	}
 
@@ -287,6 +302,7 @@ class OC_Files {
 	 * @param string $name
 	 * @param string $dir
 	 * @param array $params ; 'head' boolean to only send header of the request ; 'range' http range header
+	 * @throws \OC\ForbiddenException
 	 */
 	private static function getSingleFile($view, $dir, $name, $params) {
 		$filename = $dir . '/' . $name;
@@ -322,6 +338,19 @@ class OC_Files {
 			$rangeArray = self::parseHttpRangeHeader(substr($params['range'], 6), $fileSize);
 		}
 
+		$dispatcher = \OC::$server->query(IEventDispatcher::class);
+		$event = new GenericEvent(null, ['path' => $filename]);
+		$dispatcher->dispatch('file.beforeGetDirect', $event);
+
+		if (!\OC\Files\Filesystem::isReadable($filename) || $event->hasArgument('errorMessage')) {
+			if (!$event->hasArgument('errorMessage')) {
+				$msg = $event->getArgument('errorMessage');
+			} else {
+				$msg = 'Access denied';
+			}
+			throw new \OC\ForbiddenException($msg);
+		}
+
 		self::sendHeaders($filename, $name, $rangeArray);
 
 		if (isset($params['head']) && $params['head']) {