diff options
author | Julius Härtl <jus@bitgrid.net> | 2021-03-31 15:44:47 +0200 |
---|---|---|
committer | Julius Härtl <jus@bitgrid.net> | 2021-04-01 13:48:21 +0200 |
commit | 37591f05dca56090059c4356636406c8982d3f33 (patch) | |
tree | 71d59b4a27d5c44a765060ec33a2a0c26b484fed /lib | |
parent | bd2e6309b5b7719f42f10097ffdef09bcb7447dd (diff) | |
download | nextcloud-server-37591f05dca56090059c4356636406c8982d3f33.tar.gz nextcloud-server-37591f05dca56090059c4356636406c8982d3f33.zip |
Get the parent directory before creating a file from a template
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/private/DirectEditing/Manager.php | 8 | ||||
-rw-r--r-- | lib/private/Files/Template/TemplateManager.php | 6 |
2 files changed, 12 insertions, 2 deletions
diff --git a/lib/private/DirectEditing/Manager.php b/lib/private/DirectEditing/Manager.php index 0e7e988eef2..1ea09e74d59 100644 --- a/lib/private/DirectEditing/Manager.php +++ b/lib/private/DirectEditing/Manager.php @@ -27,6 +27,7 @@ namespace OC\DirectEditing; use Doctrine\DBAL\FetchMode; +use OC\Files\Node\Folder; use OCP\AppFramework\Http\NotFoundResponse; use OCP\AppFramework\Http\Response; use OCP\AppFramework\Http\TemplateResponse; @@ -130,7 +131,12 @@ class Manager implements IManager { if ($userFolder->nodeExists($path)) { throw new \RuntimeException('File already exists'); } else { - $file = $userFolder->newFile($path); + if (!$userFolder->nodeExists(dirname($path))) { + throw new \RuntimeException('Invalid path'); + } + /** @var Folder $folder */ + $folder = $userFolder->get(dirname($path)); + $file = $folder->newFile(basename($path)); $editor = $this->getEditor($editorId); $creators = $editor->getCreators(); foreach ($creators as $creator) { diff --git a/lib/private/Files/Template/TemplateManager.php b/lib/private/Files/Template/TemplateManager.php index 33d42bc9c42..c1dd4f3448e 100644 --- a/lib/private/Files/Template/TemplateManager.php +++ b/lib/private/Files/Template/TemplateManager.php @@ -155,7 +155,11 @@ class TemplateManager implements ITemplateManager { } catch (NotFoundException $e) { } try { - $targetFile = $userFolder->newFile($filePath); + if (!$userFolder->nodeExists(dirname($filePath))) { + throw new GenericFileException($this->l10n->t('Invalid path')); + } + $folder = $userFolder->get(dirname($filePath)); + $targetFile = $folder->newFile(basename($filePath)); if ($templateType === 'user' && $templateId !== '') { $template = $userFolder->get($templateId); $template->copy($targetFile->getPath()); |