Excludes not writable app roots from the directory permission check

Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
This commit is contained in:
Michael Weimann 2018-08-09 19:48:55 +02:00
parent ebcfe33d0d
commit 3f790bb85b
No known key found for this signature in database
GPG Key ID: 34F0524D4DA694A1
2 changed files with 51 additions and 10 deletions

View File

@ -542,16 +542,11 @@ Raw output
$appDirsWithDifferentOwner = []; $appDirsWithDifferentOwner = [];
foreach (OC::$APPSROOTS as $appRoot) { foreach (OC::$APPSROOTS as $appRoot) {
$appsPath = $appRoot['path']; if ($appRoot['writable'] === true) {
$appsDir = new DirectoryIterator($appRoot['path']); $appDirsWithDifferentOwner = array_merge(
foreach ($appsDir as $fileInfo) { $appDirsWithDifferentOwner,
if ($fileInfo->isDir() && !$fileInfo->isDot()) { $this->getAppDirsWithDifferentOwnerForAppRoot($currentUser, $appRoot)
$absAppPath = $appsPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename(); );
$appDirUser = posix_getpwuid(fileowner($absAppPath));
if ($appDirUser !== $currentUser) {
$appDirsWithDifferentOwner[] = $absAppPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename();
}
}
} }
} }
@ -559,6 +554,31 @@ Raw output
return $appDirsWithDifferentOwner; return $appDirsWithDifferentOwner;
} }
/**
* Tests if the directories for one apps directory are writable by the current user.
*
* @param array $currentUser The current user
* @param array $appRoot The app root config
* @return string[] The none writable directory paths inside the app root
*/
private function getAppDirsWithDifferentOwnerForAppRoot(array $currentUser, array $appRoot): array {
$appDirsWithDifferentOwner = [];
$appsPath = $appRoot['path'];
$appsDir = new DirectoryIterator($appRoot['path']);
foreach ($appsDir as $fileInfo) {
if ($fileInfo->isDir() && !$fileInfo->isDot()) {
$absAppPath = $appsPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename();
$appDirUser = posix_getpwuid(fileowner($absAppPath));
if ($appDirUser !== $currentUser) {
$appDirsWithDifferentOwner[] = $absAppPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename();
}
}
}
return $appDirsWithDifferentOwner;
}
/** /**
* @return DataResponse * @return DataResponse
*/ */

View File

@ -629,6 +629,27 @@ class CheckSetupControllerTest extends TestCase {
); );
} }
/**
* Calls the check for a none existing app root that is marked as not writable.
* It's expected that no error happens since the check shouldn't apply.
*
* @return void
*/
public function testAppDirectoryOwnersNotWritable() {
$tempDir = tempnam(sys_get_temp_dir(), 'apps') . 'dir';
OC::$APPSROOTS = [
[
'path' => $tempDir,
'url' => '/apps',
'writable' => false,
],
];
$this->assertSame(
[],
$this->invokePrivate($this->checkSetupController, 'getAppDirsWithDifferentOwner')
);
}
public function testIsBuggyNss400() { public function testIsBuggyNss400() {
$this->config->expects($this->any()) $this->config->expects($this->any())
->method('getSystemValue') ->method('getSystemValue')