From 622fab873743bb44ac94eb0e6b297d2aec5c0464 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Vod=C3=A1=C4=8Dek?= Date: Wed, 9 May 2012 15:35:39 +0200 Subject: [PATCH 1/2] added some permission related tests --- .../vfs/vfsStreamWrapperFileTestCase.php | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/src/test/php/org/bovigo/vfs/vfsStreamWrapperFileTestCase.php b/src/test/php/org/bovigo/vfs/vfsStreamWrapperFileTestCase.php index 94f40c8e..20b4a8f8 100644 --- a/src/test/php/org/bovigo/vfs/vfsStreamWrapperFileTestCase.php +++ b/src/test/php/org/bovigo/vfs/vfsStreamWrapperFileTestCase.php @@ -439,5 +439,32 @@ public function cannotOpenExistingNonwritableFileWithModeW() $this->baz1->chmod(0400); $this->assertFalse(@fopen($this->baz1URL, 'w')); } + + /** + * @test + */ + public function cannotOpenNonReadableFileWithModeR() + { + $this->baz1->chmod(0); + $this->assertFalse(@fopen($this->baz1URL, 'r')); + } + + /** + * @test + */ + public function cannotRenameToNonWritableDir() + { + $this->bar->chmod(0); + $this->assertFalse(@rename($this->baz2URL, vfsStream::url('foo/bar/baz3'))); + } + + /** + * @test + */ + public function cannotReadFileFromNonReadableDir() + { + $this->bar->chmod(0); + $this->assertFalse(@file_get_contents($this->baz1URL)); + } } ?> \ No newline at end of file From 96699afaf5ee51b689a57a0b48363baba10818be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Vod=C3=A1=C4=8Dek?= Date: Wed, 9 May 2012 15:51:42 +0200 Subject: [PATCH 2/2] fixes for some permission related bugs --- .../php/org/bovigo/vfs/vfsStreamWrapper.php | 24 ++++++++++++------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/src/main/php/org/bovigo/vfs/vfsStreamWrapper.php b/src/main/php/org/bovigo/vfs/vfsStreamWrapper.php index 6087ac8a..b6b2c983 100644 --- a/src/main/php/org/bovigo/vfs/vfsStreamWrapper.php +++ b/src/main/php/org/bovigo/vfs/vfsStreamWrapper.php @@ -249,12 +249,18 @@ public function stream_open($path, $mode, $options, $opened_path) ) { return false; } - + if (self::TRUNCATE === $mode) { $this->content->openWithTruncate(); } elseif (self::APPEND === $mode) { $this->content->openForAppend(); } else { + if (!$this->content->isReadable(vfsStream::getCurrentUser(), vfsStream::getCurrentGroup())) { + if (($options & STREAM_REPORT_ERRORS) === STREAM_REPORT_ERRORS) { + trigger_error('Permission denied', E_USER_WARNING); + } + return false; + } $this->content->open(); } @@ -572,23 +578,25 @@ public function rename($path_from, $path_to) trigger_error(' No such file or directory', E_USER_WARNING); return false; } - - $dstContent = clone $srcContent; - $dstNames = $this->splitPath($dstRealPath); - // Renaming the filename - $dstContent->rename($dstNames['basename']); - // Copying to the destination + $dstNames = $this->splitPath($dstRealPath); $dstParentContent = $this->getContent($dstNames['dirname']); if (null == $dstParentContent) { trigger_error('No such file or directory', E_USER_WARNING); return false; } - + if (!$dstParentContent->isWritable(vfsStream::getCurrentUser(), vfsStream::getCurrentGroup())) { + trigger_error('Permission denied', E_USER_WARNING); + return false; + } if ($dstParentContent->getType() !== vfsStreamContent::TYPE_DIR) { trigger_error('Target is not a directory', E_USER_WARNING); return false; } + $dstContent = clone $srcContent; + // Renaming the filename + $dstContent->rename($dstNames['basename']); + // Copying to the destination $dstParentContent->addChild($dstContent); // Removing the source return $this->doUnlink($srcRealPath);