close #148 change permissions when writing a file

app/class/Chmodexception.php

@@ -0,0 +1,16 @@
+<?php
+
+namespace Wcms;
+
+class Chmodexception extends Ioexception
+{
+    public function __construct(
+        string $message,
+        int $permissions,
+        int $code = 0,
+        ?\Throwable $previous = null
+    ) {
+        $message .= sprintf(' permissions: %o', $permissions);
+        parent::__construct($message, $code, $previous);
+    }
+}

app/class/Colors.php

@@ -94,14 +94,11 @@ public function tocss(array $tagcolor): string
     /**
      * Write css in the file
      * @param string $rawcss
-     * @throws \InvalidArgumentException If cant create
      */
     public function writecssfile(string $file, string $rawcss)
     {
         accessfile($file, true);
-        if (!file_put_contents($file, $rawcss)) {
-            throw new \InvalidArgumentException("cant create file : $this->file", 1);
-        }
+        Model::writefile($file, $rawcss);
     }
 
     /**

app/class/Config.php

@@ -91,7 +91,8 @@ public static function createconfig(array $datas)
     public static function savejson()
     {
         $json = self::tojson();
-        return file_put_contents(Model::CONFIG_FILE, $json);
+
+        return Model::writefile(Model::CONFIG_FILE, $json);
     }
 
 

app/class/Controlleradmin.php

@@ -47,7 +47,7 @@ public function update()
     {
         accessfile(Model::GLOBAL_CSS_FILE, true);
 
-        $globalcss = file_put_contents(Model::GLOBAL_CSS_FILE, $_POST['globalcss']);
+        $globalcss = Model::writefile(Model::GLOBAL_CSS_FILE, $_POST['globalcss']);
 
         Config::hydrate($_POST);
         if (Config::savejson() !== false && $globalcss !== false) {

app/class/Flywheel/Repository.php

@@ -2,6 +2,8 @@
 
 namespace Wcms\Flywheel;
 
+use Wcms\Model;
+
 class Repository extends \JamesMoss\Flywheel\Repository
 {
     /**
@@ -28,4 +30,11 @@ public function getAllIds()
             return $this->getIdFromPath($path, $ext);
         }, $this->getAllFiles());
     }
+
+    protected function write($path, $contents): bool
+    {
+        $ret = parent::write($path, $contents);
+        chmod($path, Model::PERMISSION);
+        return $ret;
+    }
 }

app/class/Ioexception.php

@@ -0,0 +1,10 @@
+<?php
+
+namespace Wcms;
+
+use RuntimeException;
+
+class Ioexception extends RuntimeException
+{
+
+}

app/class/Model.php

@@ -2,6 +2,8 @@
 
 namespace Wcms;
 
+use RuntimeException;
+
 abstract class Model
 {
 
@@ -23,6 +25,8 @@ abstract class Model
     public const DATABASE_DIR = './database/';
     public const PAGES_DIR = self::DATABASE_DIR . 'pages/';
 
+    public const PERMISSION = 0660;
+
     public const MEDIA_SORTBY = [
         'id' => 'id',
         'size' => 'size',
@@ -235,4 +239,37 @@ public static function sendflashmessage(string $content, string $type = 'info')
         }
         $_SESSION['user' . Config::basepath()]['flashmessages'][] = ['content' => $content, 'type' => $type];
     }
+
+    /**
+     * @param string $filename
+     * @param mixed $data
+     * @param int $permissions optionnal permission in octal format (a zero before three numbers)
+     *
+     * @return bool False if file is not writen, otherwise true (even if permission warning)
+     *
+     * Send flash messages:
+     * - error when problem writing the file
+     * - warning when problem with permissions
+     */
+    public static function writefile(string $filename, $data, int $permissions = self::PERMISSION): bool
+    {
+        if ($permissions < 0600 || $permissions > 0777) {
+            self::sendflashmessage(
+                sprintf("Invalid permissions 0%o, using default: 0%o", $permissions, self::PERMISSION),
+                'warning'
+            );
+            $permissions = self::PERMISSION;
+        }
+        try {
+            file_put_content_chmod($filename, $data, $permissions);
+        } catch (Chmodexception $e) {
+            Logger::warning($e->getMessage());
+            self::sendflashmessage($e->getMessage(), 'warning');
+        } catch (Ioexception $e) {
+            Logger::error($e->getMessage());
+            self::sendflashmessage($e->getMessage(), 'error');
+            return false;
+        }
+        return true;
+    }
 }

app/class/Modelfont.php

@@ -71,11 +71,9 @@ public function fontface(array $fontlist)
     }
 
 
-    public function write(string $fontface)
+    public function write(string $fontface): bool
     {
-        $write = file_put_contents(Model::ASSETS_CSS_DIR . 'fonts.css', $fontface);
-        if ($write !== false) {
-        }
+        return self::writefile(self::ASSETS_CSS_DIR . 'fonts.css', $fontface);
     }
 
     public function upload(array $file, $maxsize = 2 ** 24, $id = null)

app/class/Modelrender.php

@@ -206,10 +206,10 @@ public function elementparser(Element $element)
      */
     public function write(string $html)
     {
-        file_put_contents(Model::HTML_RENDER_DIR . $this->page->id() . '.html', $html);
-        file_put_contents(Model::RENDER_DIR . $this->page->id() . '.css', $this->page->css());
-        //file_put_contents(Model::RENDER_DIR . $this->page->id() . '.quick.css', $this->page->quickcss());
-        file_put_contents(Model::RENDER_DIR . $this->page->id() . '.js', $this->page->javascript());
+        self::writefile(self::HTML_RENDER_DIR . $this->page->id() . '.html', $html);
+        self::writefile(self::RENDER_DIR . $this->page->id() . '.css', $this->page->css());
+        //self::writefile(self::RENDER_DIR . $this->page->id() . '.quick.css', $this->page->quickcss());
+        self::writefile(self::RENDER_DIR . $this->page->id() . '.js', $this->page->javascript());
     }
 
 
@@ -218,11 +218,11 @@ public function writetemplates()
     {
         if (array_key_exists('css', $this->page->template())) {
             $tempaltecsspage = $this->get($this->page->template()['css']);
-            file_put_contents(Model::RENDER_DIR . $tempaltecsspage->id() . '.css', $tempaltecsspage->css());
+            self::writefile(Model::RENDER_DIR . $tempaltecsspage->id() . '.css', $tempaltecsspage->css());
         }
         if (array_key_exists('javascript', $this->page->template())) {
             $templatejspage = $this->get($this->page->template()['javascript']);
-            file_put_contents(Model::RENDER_DIR . $templatejspage->id() . '.js', $templatejspage->javascript());
+            self::writefile(Model::RENDER_DIR . $templatejspage->id() . '.js', $templatejspage->javascript());
         }
     }
 

app/fn/fn.php

@@ -1,6 +1,9 @@
 <?php
 
+use Wcms\Chmodexception;
+use Wcms\Ioexception;
 use Wcms\Mediaopt;
+use Wcms\Model;
 
 use function Clue\StreamFilter\fun;
 
@@ -469,3 +472,29 @@ function parse_size($size)
         return round($size);
     }
 }
+
+/**
+ * @param string $filename Path to the file where to write the data.
+ * @param mixed $data The data to write. Can be either a string, an array or a stream resource.
+ * @param int $permissions in octal value
+ *
+ * @throws Ioexception when file_put_contents fails
+ * @throws Chmodexception when chmod fails
+ */
+function file_put_content_chmod(string $filename, $data, int $permissions): int
+{
+    $create = !file_exists($filename);
+    $length = file_put_contents($filename, $data);
+    if ($length === false) {
+        throw new Ioexception("Error while writing $filename");
+    }
+    if ($create) {
+        if ($permissions < 0700 || $permissions > 0777) {
+            throw new Chmodexception("Incorrect value", $permissions);
+        }
+        if (!chmod($filename, $permissions)) {
+            throw new Chmodexception("Error while setting file permissions $filename", $permissions);
+        }
+    }
+    return $length;
+}