diff options
| author | Robin Appelman <icewind@owncloud.com> | 2014-11-10 16:00:25 +0100 |
|---|---|---|
| committer | Robin Appelman <icewind@owncloud.com> | 2014-11-27 15:25:57 +0100 |
| commit | 33b64868d7b65e751bd8d729ce69d6f46e6c3d8d (patch) | |
| tree | 33f1e7cf8514425ec1a3c747f9ad5f627a9d92a7 /lib | |
| parent | abb6e89c5d83102c2838bd6a48b5bf6e73e9660d (diff) | |
| download | nextcloud-server-33b64868d7b65e751bd8d729ce69d6f46e6c3d8d.tar.gz nextcloud-server-33b64868d7b65e751bd8d729ce69d6f46e6c3d8d.zip | |
Add storage and cache wrappers to apply a permissions mask to a storage
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/files/cache/wrapper/cachepermissionsmask.php | 32 | ||||
| -rw-r--r-- | lib/private/files/storage/wrapper/permissionsmask.php | 33 |
2 files changed, 53 insertions, 12 deletions
diff --git a/lib/private/files/cache/wrapper/cachepermissionsmask.php b/lib/private/files/cache/wrapper/cachepermissionsmask.php new file mode 100644 index 00000000000..6ce6a4ebc44 --- /dev/null +++ b/lib/private/files/cache/wrapper/cachepermissionsmask.php @@ -0,0 +1,32 @@ +<?php +/** + * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com> + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +namespace OC\Files\Cache\Wrapper; + +class CachePermissionsMask extends CacheWrapper { + /** + * @var int + */ + protected $mask; + + /** + * @param \OC\Files\Cache\Cache $cache + * @param int $mask + */ + public function __construct($cache, $mask) { + parent::__construct($cache); + $this->mask = $mask; + } + + protected function formatCacheEntry($entry) { + if (isset($entry['permissions'])) { + $entry['permissions'] &= $this->mask; + } + return $entry; + } +} diff --git a/lib/private/files/storage/wrapper/permissionsmask.php b/lib/private/files/storage/wrapper/permissionsmask.php index be5cb6bbaa3..955cb54591b 100644 --- a/lib/private/files/storage/wrapper/permissionsmask.php +++ b/lib/private/files/storage/wrapper/permissionsmask.php @@ -9,18 +9,27 @@ namespace OC\Files\Storage\Wrapper; use OC\Files\Cache\Wrapper\CachePermissionsMask; +use OCP\Constants; /** * Mask the permissions of a storage * + * This can be used to restrict update, create, delete and/or share permissions of a storage + * * Note that the read permissions cant be masked */ class PermissionsMask extends Wrapper { /** - * @var int + * @var int the permissions bits we want to keep */ private $mask; + /** + * @param array $arguments ['storage' => $storage, 'mask' => $mask] + * + * $storage: The storage the permissions mask should be applied on + * $mask: The permission bits that should be kept, a combination of the \OCP\Constant::PERMISSION_ constants + */ public function __construct($arguments) { parent::__construct($arguments); $this->mask = $arguments['mask']; @@ -31,15 +40,15 @@ class PermissionsMask extends Wrapper { } public function isUpdatable($path) { - return $this->checkMask(\OCP\PERMISSION_UPDATE) and parent::isUpdatable($path); + return $this->checkMask(Constants::PERMISSION_UPDATE) and parent::isUpdatable($path); } public function isCreatable($path) { - return $this->checkMask(\OCP\PERMISSION_CREATE) and parent::isCreatable($path); + return $this->checkMask(Constants::PERMISSION_CREATE) and parent::isCreatable($path); } public function isDeletable($path) { - return $this->checkMask(\OCP\PERMISSION_DELETE) and parent::isDeletable($path); + return $this->checkMask(Constants::PERMISSION_DELETE) and parent::isDeletable($path); } public function getPermissions($path) { @@ -47,32 +56,32 @@ class PermissionsMask extends Wrapper { } public function rename($path1, $path2) { - return $this->checkMask(\OCP\PERMISSION_UPDATE) and parent::rename($path1, $path2); + return $this->checkMask(Constants::PERMISSION_UPDATE) and parent::rename($path1, $path2); } public function copy($path1, $path2) { - return $this->checkMask(\OCP\PERMISSION_CREATE) and parent::copy($path1, $path2); + return $this->checkMask(Constants::PERMISSION_CREATE) and parent::copy($path1, $path2); } public function touch($path, $mtime = null) { - $permissions = $this->file_exists($path) ? \OCP\PERMISSION_UPDATE : \OCP\PERMISSION_CREATE; + $permissions = $this->file_exists($path) ? Constants::PERMISSION_UPDATE : Constants::PERMISSION_CREATE; return $this->checkMask($permissions) and parent::touch($path, $mtime); } public function mkdir($path) { - return $this->checkMask(\OCP\PERMISSION_CREATE) and parent::mkdir($path); + return $this->checkMask(Constants::PERMISSION_CREATE) and parent::mkdir($path); } public function rmdir($path) { - return $this->checkMask(\OCP\PERMISSION_DELETE) and parent::rmdir($path); + return $this->checkMask(Constants::PERMISSION_DELETE) and parent::rmdir($path); } public function unlink($path) { - return $this->checkMask(\OCP\PERMISSION_DELETE) and parent::unlink($path); + return $this->checkMask(Constants::PERMISSION_DELETE) and parent::unlink($path); } public function file_put_contents($path, $data) { - $permissions = $this->file_exists($path) ? \OCP\PERMISSION_UPDATE : \OCP\PERMISSION_CREATE; + $permissions = $this->file_exists($path) ? Constants::PERMISSION_UPDATE : Constants::PERMISSION_CREATE; return $this->checkMask($permissions) and parent::file_put_contents($path, $data); } @@ -80,7 +89,7 @@ class PermissionsMask extends Wrapper { if ($mode === 'r' or $mode === 'rb') { return parent::fopen($path, $mode); } else { - $permissions = $this->file_exists($path) ? \OCP\PERMISSION_UPDATE : \OCP\PERMISSION_CREATE; + $permissions = $this->file_exists($path) ? Constants::PERMISSION_UPDATE : Constants::PERMISSION_CREATE; return $this->checkMask($permissions) ? parent::fopen($path, $mode) : false; } } |