Skip to content
This repository has been archived by the owner on Nov 25, 2020. It is now read-only.

Commit

Permalink
Do not silently rename, allow exceptions/error to be caught.
Browse files Browse the repository at this point in the history
  • Loading branch information
@cdujeu
cdujeu committed Oct 11, 2016
1 parent 73fa3c5 commit 9ec2908
Showing 1 changed file with 20 additions and 7 deletions.
27 changes: 20 additions & 7 deletions core/src/plugins/access.fs/FsAccessDriver.php
View file
Expand Up @@ -684,7 +684,7 @@ public function downloadAction(ServerRequestInterface &$request, ResponseInterfa

$node = $selection->getUniqueNode();
$dlFile = $node->getUrl();
if(!is_readable($dlFile)){
if(!$this->isReadable($node)){
throw new \Exception("Cannot access file!");
}
$this->logInfo("Get_content", ["files"=>$this->addSlugToPath($selection)]);
Expand Down Expand Up @@ -834,14 +834,14 @@ public function switchAction(ServerRequestInterface &$request, ResponseInterface
$jsonData = new \stdClass;
if($selection->isUnique()){
$stat = @stat($selection->getUniqueNode()->getUrl());
if ($stat !== false && is_readable($selection->getUniqueNode()->getUrl())) {
if ($stat !== false && !$this->isReadable($selection->getUniqueNode())) {
$jsonData = $stat;
}
}else{
$nodes = $selection->buildNodes();
foreach($nodes as $node){
$stat = @stat($node->getUrl());
if(!$stat || !is_readable($node->getUrl())) {
if(!$stat || !$this->isReadable($node)) {
$stat = new \stdClass();
}
$path = $node->getPath();
Expand Down Expand Up @@ -1275,7 +1275,8 @@ public function switchAction(ServerRequestInterface &$request, ResponseInterface
$lsOptions = $this->parseLsOptions((isSet($httpVars["options"])?$httpVars["options"]:"a"));

$startTime = microtime();
$path = $selection->nodeForPath(($dir!= ""?($dir[0]=="/"?"":"/").$dir:""))->getUrl();
$dirNode = $selection->nodeForPath(($dir!= ""?($dir[0]=="/"?"":"/").$dir:""));
$path = $dirNode->getUrl();
$nonPatchedPath = $path;
if ($patch) {
$nonPatchedPath = PathUtils::unPatchPathForBaseDir($path);
Expand All @@ -1284,7 +1285,7 @@ public function switchAction(ServerRequestInterface &$request, ResponseInterface
if($testPath === null || $testPath === false){
throw new \Exception("There was a problem trying to open folder ". $path. ", please check your Administrator");
}
if(!is_readable($path) && !is_writeable($path)){
if(!$this->isReadable($dirNode) && !$this->isWriteable($dirNode)){
throw new \Exception("You are not allowed to access folder " . $path);
}
// Backward compat
Expand Down Expand Up @@ -1317,7 +1318,7 @@ public function switchAction(ServerRequestInterface &$request, ResponseInterface
Controller::applyHook("node.read", [&$parentAjxpNode]);
$nodesList->setParentNode($parentAjxpNode);
foreach($uniqueNodes as $node){
if(!file_exists($node->getUrl()) || (!is_readable($node->getUrl()) && !is_writable($node->getUrl()))) continue;
if(!file_exists($node->getUrl()) || (!$this->isReadable($node) && !$this->isWriteable($node))) continue;
$nodeName = $node->getLabel();
if (!$this->filterNodeName($ctx, $node->getPath(), $nodeName, $isLeaf, $lsOptions)) {
continue;
Expand Down Expand Up @@ -2266,10 +2267,22 @@ public function isWriteable(AJXP_Node $node)
$real = $node->getRealFile();
return posix_access($real, POSIX_W_OK);
}
//clearstatcache();
return is_writable($node->getUrl());
}

/**
* @param AJXP_Node $node
* @return bool
*/
public function isReadable(AJXP_Node $node)
{
if ( $this->getContextualOption($node->getContext(), "USE_POSIX") == true && extension_loaded('posix')) {
$real = $node->getRealFile();
return posix_access($real, POSIX_R_OK);
}
return is_readable($node->getUrl());
}

/**
* Change file permissions
*
Expand Down

0 comments on commit 9ec2908

Please sign in to comment.