BUG Ensure root path of any local adapter is safely created and mappe…

…d from symlink Fixes silverstripe/silverstripe-asset-admin#362
silverstripe · Jan 25, 2017 · 5d6c903 · 5d6c903
1 parent 0c149b9
commit 5d6c903
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 14 deletions.
diff --git a/src/Assets/Flysystem/AssetAdapter.php b/src/Assets/Flysystem/AssetAdapter.php
@@ -5,6 +5,7 @@
 use League\Flysystem\Adapter\Local;
 use League\Flysystem\Config as FlysystemConfig;
 use SilverStripe\Assets\File;
+use SilverStripe\Assets\Filesystem;
 use SilverStripe\Core\Config\Config;
 use SilverStripe\ORM\ArrayList;
 use SilverStripe\View\ArrayData;
@@ -43,8 +44,10 @@ class AssetAdapter extends Local
 
     public function __construct($root = null, $writeFlags = LOCK_EX, $linkHandling = self::DISALLOW_LINKS)
     {
-        // Get root path
+        // Get root path, and ensure that this exists and is safe
         $root = $this->findRoot($root);
+        Filesystem::makeFolder($root);
+        $root = realpath($root);
 
         // Override permissions with config
         $permissions = Config::inst()->get(get_class($this), 'file_permissions');

diff --git a/src/Assets/Flysystem/PublicAssetAdapter.php b/src/Assets/Flysystem/PublicAssetAdapter.php
@@ -7,6 +7,13 @@
 
 class PublicAssetAdapter extends AssetAdapter implements PublicAdapter
 {
+    /**
+     * Prefix between the root url and base of the assets folder
+     * Used for generating public urls
+     *
+     * @var string
+     */
+    protected $parentUrlPrefix = null;
 
     /**
      * Server specific configuration necessary to block http traffic to a local folder
@@ -26,11 +33,18 @@ class PublicAssetAdapter extends AssetAdapter implements PublicAdapter
     protected function findRoot($root)
     {
         if ($root) {
-            return parent::findRoot($root);
+            $path = parent::findRoot($root);
+        } else {
+            $path = ASSETS_PATH;
         }
 
-        // Empty root will set the path to assets
-        return ASSETS_PATH;
+        // Detect segment between root directory and assets root
+        if (stripos($path, BASE_PATH) === 0) {
+            $this->parentUrlPrefix = substr($path, strlen(BASE_PATH));
+        } else {
+            $this->parentUrlPrefix = ASSETS_DIR;
+        }
+        return $path;
     }
 
     /**
@@ -41,15 +55,6 @@ protected function findRoot($root)
      */
     public function getPublicUrl($path)
     {
-        $rootPath = realpath(BASE_PATH);
-        $filesPath = realpath($this->pathPrefix);
-
-        if (stripos($filesPath, $rootPath) === 0) {
-            $dir = substr($filesPath, strlen($rootPath));
-            return Controller::join_links(Director::baseURL(), $dir, $path);
-        }
-
-        // File outside of webroot can't be used
-        return null;
+        return Controller::join_links(Director::baseURL(), $this->parentUrlPrefix, $path);
     }
 }