[Pkg-owncloud-commits] [owncloud] 68/104: Prevent deleting storage root
David Prévot
taffit at moszumanska.debian.org
Sat Jan 18 13:33:41 UTC 2014
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to branch master
in repository owncloud.
commit 1cbe1896e786e4c5ae860fcab00ed32348982bed
Author: Vincent Petry <pvince81 at owncloud.com>
Date: Wed Jan 8 13:17:36 2014 +0100
Prevent deleting storage root
Storage mount points are not deletable, so make sure that the unlink
operation and its hooks aren't run in such cases.
Note that some storages might recursively delete their contents when
calling unlink on their root. This fix prevents that as well.
Backport of f642ad3 to stable6
---
lib/private/files/view.php | 13 +++++++++++++
tests/lib/files/view.php | 42 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 55 insertions(+)
diff --git a/lib/private/files/view.php b/lib/private/files/view.php
index ac45a88..8893911 100644
--- a/lib/private/files/view.php
+++ b/lib/private/files/view.php
@@ -336,6 +336,19 @@ class View {
}
public function unlink($path) {
+ if ($path === '' || $path === '/') {
+ // do not allow deleting the root
+ return false;
+ }
+ $postFix = (substr($path, -1, 1) === '/') ? '/' : '';
+ $absolutePath = Filesystem::normalizePath($this->getAbsolutePath($path));
+ list($storage, $internalPath) = Filesystem::resolvePath($absolutePath . $postFix);
+ if (!$internalPath || $internalPath === '' || $internalPath === '/') {
+ // do not allow deleting the storage's root / the mount point
+ // because for some storages it might delete the whole contents
+ // but isn't supposed to work that way
+ return false;
+ }
return $this->basicOperation('unlink', $path, array('delete'));
}
diff --git a/tests/lib/files/view.php b/tests/lib/files/view.php
index b59cef9..76a7fd5 100644
--- a/tests/lib/files/view.php
+++ b/tests/lib/files/view.php
@@ -309,6 +309,48 @@ class View extends \PHPUnit_Framework_TestCase {
/**
* @medium
*/
+ function testUnlink() {
+ $storage1 = $this->getTestStorage();
+ $storage2 = $this->getTestStorage();
+ \OC\Files\Filesystem::mount($storage1, array(), '/');
+ \OC\Files\Filesystem::mount($storage2, array(), '/substorage');
+
+ $rootView = new \OC\Files\View('');
+ $rootView->file_put_contents('/foo.txt', 'asd');
+ $rootView->file_put_contents('/substorage/bar.txt', 'asd');
+
+ $this->assertTrue($rootView->file_exists('foo.txt'));
+ $this->assertTrue($rootView->file_exists('substorage/bar.txt'));
+
+ $this->assertTrue($rootView->unlink('foo.txt'));
+ $this->assertTrue($rootView->unlink('substorage/bar.txt'));
+
+ $this->assertFalse($rootView->file_exists('foo.txt'));
+ $this->assertFalse($rootView->file_exists('substorage/bar.txt'));
+ }
+
+ /**
+ * @medium
+ */
+ function testUnlinkRootMustFail() {
+ $storage1 = $this->getTestStorage();
+ $storage2 = $this->getTestStorage();
+ \OC\Files\Filesystem::mount($storage1, array(), '/');
+ \OC\Files\Filesystem::mount($storage2, array(), '/substorage');
+
+ $rootView = new \OC\Files\View('');
+ $rootView->file_put_contents('/foo.txt', 'asd');
+ $rootView->file_put_contents('/substorage/bar.txt', 'asd');
+
+ $this->assertFalse($rootView->unlink(''));
+ $this->assertFalse($rootView->unlink('/'));
+ $this->assertFalse($rootView->unlink('substorage'));
+ $this->assertFalse($rootView->unlink('/substorage'));
+ }
+
+ /**
+ * @medium
+ */
function testTouch() {
$storage = $this->getTestStorage(true, '\Test\Files\TemporaryNoTouch');
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list