1 files changed, 119 insertions, 70 deletions
diff --git a/apps/dav/lib/Connector/Sabre/QuotaPlugin.php b/apps/dav/lib/Connector/Sabre/QuotaPlugin.php
index f2b652e3320..bbb378edc9b 100644
--- a/apps/dav/lib/Connector/Sabre/QuotaPlugin.php
+++ b/apps/dav/lib/Connector/Sabre/QuotaPlugin.php
@@ -1,40 +1,22 @@
 <?php
+
 /**
- * @copyright Copyright (c) 2016, ownCloud, Inc.
- * @copyright Copyright (C) 2012 entreCables S.L. All rights reserved.
- * @copyright Copyright (C) 2012 entreCables S.L. All rights reserved.
- *
- * @author Christoph Wurst <christoph@winzerhof-wurst.at>
- * @author Felix Moeller <mail@felixmoeller.de>
- * @author Joas Schilling <coding@schilljs.com>
- * @author Robin Appelman <robin@icewind.nl>
- * @author Roeland Jago Douma <roeland@famdouma.nl>
- * @author scambra <sergio@entrecables.com>
- * @author Thomas Müller <thomas.mueller@tmit.eu>
- * @author Vincent Petry <vincent@nextcloud.com>
- *
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
+ * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
+ * SPDX-FileCopyrightText: 2012 entreCables S.L. All rights reserved
+ * SPDX-License-Identifier: AGPL-3.0-only
  */
 namespace OCA\DAV\Connector\Sabre;
 
+use OC\Files\View;
 use OCA\DAV\Upload\FutureFile;
+use OCA\DAV\Upload\UploadFolder;
 use OCP\Files\StorageNotAvailableException;
 use Sabre\DAV\Exception\InsufficientStorage;
 use Sabre\DAV\Exception\ServiceUnavailable;
 use Sabre\DAV\INode;
+use Sabre\HTTP\RequestInterface;
+use Sabre\HTTP\ResponseInterface;
 
 /**
  * This plugin check user quota and deny creating files when they exceeds the quota.
@@ -44,10 +26,6 @@ use Sabre\DAV\INode;
  * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
  */
 class QuotaPlugin extends \Sabre\DAV\ServerPlugin {
-
-	/** @var \OC\Files\View */
-	private $view;
-
 	/**
 	 * Reference to main server object
 	 *
@@ -56,10 +34,11 @@ class QuotaPlugin extends \Sabre\DAV\ServerPlugin {
 	private $server;
 
 	/**
-	 * @param \OC\Files\View $view
+	 * @param View $view
 	 */
-	public function __construct($view) {
-		$this->view = $view;
+	public function __construct(
+		private $view,
+	) {
 	}
 
 	/**
@@ -78,7 +57,9 @@ class QuotaPlugin extends \Sabre\DAV\ServerPlugin {
 
 		$server->on('beforeWriteContent', [$this, 'beforeWriteContent'], 10);
 		$server->on('beforeCreateFile', [$this, 'beforeCreateFile'], 10);
+		$server->on('method:MKCOL', [$this, 'onCreateCollection'], 30);
 		$server->on('beforeMove', [$this, 'beforeMove'], 10);
+		$server->on('beforeCopy', [$this, 'beforeCopy'], 10);
 	}
 
 	/**
@@ -90,6 +71,19 @@ class QuotaPlugin extends \Sabre\DAV\ServerPlugin {
 	 * @param bool $modified modified
 	 */
 	public function beforeCreateFile($uri, $data, INode $parent, $modified) {
+		$request = $this->server->httpRequest;
+		if ($parent instanceof UploadFolder && $request->getHeader('Destination')) {
+			// If chunked upload and Total-Length header is set, use that
+			// value for quota check. This allows us to also check quota while
+			// uploading chunks and not only when the file is assembled.
+			$length = $request->getHeader('OC-Total-Length');
+			$destinationPath = $this->server->calculateUri($request->getHeader('Destination'));
+			$quotaPath = $this->getPathForDestination($destinationPath);
+			if ($quotaPath && is_numeric($length)) {
+				return $this->checkQuota($quotaPath, (int)$length);
+			}
+		}
+
 		if (!$parent instanceof Node) {
 			return;
 		}
@@ -98,6 +92,31 @@ class QuotaPlugin extends \Sabre\DAV\ServerPlugin {
 	}
 
 	/**
+	 * Check quota before creating directory
+	 *
+	 * @param RequestInterface $request
+	 * @param ResponseInterface $response
+	 * @return bool
+	 * @throws InsufficientStorage
+	 * @throws \Sabre\DAV\Exception\Forbidden
+	 */
+	public function onCreateCollection(RequestInterface $request, ResponseInterface $response): bool {
+		try {
+			$destinationPath = $this->server->calculateUri($request->getUrl());
+			$quotaPath = $this->getPathForDestination($destinationPath);
+		} catch (\Exception $e) {
+			return true;
+		}
+		if ($quotaPath) {
+			// MKCOL does not have a Content-Length header, so we can use
+			// a fixed value for the quota check.
+			return $this->checkQuota($quotaPath, 4096, true);
+		}
+
+		return true;
+	}
+
+	/**
 	 * Check quota before writing content
 	 *
 	 * @param string $uri target file URI
@@ -114,40 +133,76 @@ class QuotaPlugin extends \Sabre\DAV\ServerPlugin {
 	}
 
 	/**
-	 * Check if we're moving a Futurefile in which case we need to check
+	 * Check if we're moving a FutureFile in which case we need to check
 	 * the quota on the target destination.
-	 *
-	 * @param string $source source path
-	 * @param string $destination destination path
 	 */
-	public function beforeMove($source, $destination) {
-		$sourceNode = $this->server->tree->getNodeForPath($source);
+	public function beforeMove(string $sourcePath, string $destinationPath): bool {
+		$sourceNode = $this->server->tree->getNodeForPath($sourcePath);
 		if (!$sourceNode instanceof FutureFile) {
-			return;
+			return true;
 		}
 
-		// get target node for proper path conversion
-		if ($this->server->tree->nodeExists($destination)) {
-			$destinationNode = $this->server->tree->getNodeForPath($destination);
-			$path = $destinationNode->getPath();
-		} else {
-			$parentNode = $this->server->tree->getNodeForPath(dirname($destination));
-			$path = $parentNode->getPath();
+		try {
+			// The final path is not known yet, we check the quota on the parent
+			$path = $this->getPathForDestination($destinationPath);
+		} catch (\Exception $e) {
+			return true;
 		}
 
 		return $this->checkQuota($path, $sourceNode->getSize());
 	}
 
+	/**
+	 * Check quota on the target destination before a copy.
+	 */
+	public function beforeCopy(string $sourcePath, string $destinationPath): bool {
+		$sourceNode = $this->server->tree->getNodeForPath($sourcePath);
+		if (!$sourceNode instanceof Node) {
+			return true;
+		}
+
+		try {
+			$path = $this->getPathForDestination($destinationPath);
+		} catch (\Exception $e) {
+			return true;
+		}
+
+		return $this->checkQuota($path, $sourceNode->getSize());
+	}
+
+	private function getPathForDestination(string $destinationPath): string {
+		// get target node for proper path conversion
+		if ($this->server->tree->nodeExists($destinationPath)) {
+			$destinationNode = $this->server->tree->getNodeForPath($destinationPath);
+			if (!$destinationNode instanceof Node) {
+				throw new \Exception('Invalid destination node');
+			}
+			return $destinationNode->getPath();
+		}
+
+		$parent = dirname($destinationPath);
+		if ($parent === '.') {
+			$parent = '';
+		}
+
+		$parentNode = $this->server->tree->getNodeForPath($parent);
+		if (!$parentNode instanceof Node) {
+			throw new \Exception('Invalid destination node');
+		}
+
+		return $parentNode->getPath();
+	}
+
 
 	/**
 	 * This method is called before any HTTP method and validates there is enough free space to store the file
 	 *
 	 * @param string $path relative to the users home
-	 * @param int $length
+	 * @param int|float|null $length
 	 * @throws InsufficientStorage
 	 * @return bool
 	 */
-	public function checkQuota($path, $length = null) {
+	public function checkQuota(string $path, $length = null, $isDir = false) {
 		if ($length === null) {
 			$length = $this->getLength();
 		}
@@ -158,29 +213,21 @@ class QuotaPlugin extends \Sabre\DAV\ServerPlugin {
 				$parentPath = '';
 			}
 			$req = $this->server->httpRequest;
-			if ($req->getHeader('OC-Chunked')) {
-				$info = \OC_FileChunking::decodeName($newName);
-				$chunkHandler = $this->getFileChunking($info);
-				// subtract the already uploaded size to see whether
-				// there is still enough space for the remaining chunks
-				$length -= $chunkHandler->getCurrentSize();
-				// use target file name for free space check in case of shared files
-				$path = rtrim($parentPath, '/') . '/' . $info['name'];
-			}
+
+			// Strip any duplicate slashes
+			$path = str_replace('//', '/', $path);
+
 			$freeSpace = $this->getFreeSpace($path);
 			if ($freeSpace >= 0 && $length > $freeSpace) {
-				if (isset($chunkHandler)) {
-					$chunkHandler->cleanup();
+				if ($isDir) {
+					throw new InsufficientStorage("Insufficient space in $path. $freeSpace available. Cannot create directory");
 				}
+
 				throw new InsufficientStorage("Insufficient space in $path, $length required, $freeSpace available");
 			}
 		}
-		return true;
-	}
 
-	public function getFileChunking($info) {
-		// FIXME: need a factory for better mocking support
-		return new \OC_FileChunking($info);
+		return true;
 	}
 
 	public function getLength() {
@@ -192,11 +239,13 @@ class QuotaPlugin extends \Sabre\DAV\ServerPlugin {
 		}
 
 		$ocLength = $req->getHeader('OC-Total-Length');
-		if (is_numeric($length) && is_numeric($ocLength)) {
-			return max($length, $ocLength);
+		if (!is_numeric($ocLength)) {
+			return $length;
 		}
-
-		return $length;
+		if (!is_numeric($length)) {
+			return $ocLength;
+		}
+		return max($length, $ocLength);
 	}
 
 	/**