mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #21468 from owncloud/getmount-id-filter 

Filter getStorage to make sure the user has access to it
This commit is contained in:
Thomas Müller 2016-01-08 18:19:28 +01:00
parent 756876b5dc 88bfe1477d
commit 5618e9a8b1
7 changed files with 102 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
apps/files_external/lib/storageconfig.php
View File

@ -29,6 +29,8 @@ use \OCA\Files_External\Lib\Auth\AuthMechanism;
* External storage configuration * External storage configuration
*/ */
class StorageConfig implements \JsonSerializable { class StorageConfig implements \JsonSerializable {
const MOUNT_TYPE_ADMIN = 1;
const MOUNT_TYPE_PERSONAl = 2;
/** /**
* Storage config id * Storage config id
@ -107,6 +109,13 @@ class StorageConfig implements \JsonSerializable {
*/ */
private $mountOptions = []; private $mountOptions = [];
/**
* Whether it's a personal or admin mount
*
* @var int
*/
private $type;
/** /**
* Creates a storage config * Creates a storage config
* *
@ -349,6 +358,20 @@ class StorageConfig implements \JsonSerializable {
$this->statusMessage = $message; $this->statusMessage = $message;
} }
/**
* @return int self::MOUNT_TYPE_ADMIN or self::MOUNT_TYPE_PERSONAl
*/
public function getType() {
return $this->type;
}
/**
* @param int $type self::MOUNT_TYPE_ADMIN or self::MOUNT_TYPE_PERSONAl
*/
public function setType($type) {
$this->type = $type;
}
/** /**
* Serialize config to JSON * Serialize config to JSON
* *

4
apps/files_external/service/globalstoragesservice.php
View File

@ -157,4 +157,8 @@ class GlobalStoragesService extends StoragesService {
public function getVisibilityType() { public function getVisibilityType() {
return BackendService::VISIBILITY_ADMIN; return BackendService::VISIBILITY_ADMIN;
} }
protected function isApplicable(StorageConfig $config) {
return true;
}
} }

19
apps/files_external/service/storagesservice.php
View File

@ -23,12 +23,9 @@
namespace OCA\Files_external\Service; namespace OCA\Files_external\Service;
use \OCP\IUserSession;
use \OC\Files\Filesystem; use \OC\Files\Filesystem;
use \OCA\Files_external\Lib\StorageConfig; use \OCA\Files_external\Lib\StorageConfig;
use \OCA\Files_external\NotFoundException; use \OCA\Files_external\NotFoundException;
use \OCA\Files_External\Service\BackendService;
use \OCA\Files_External\Lib\Backend\Backend; use \OCA\Files_External\Lib\Backend\Backend;
use \OCA\Files_External\Lib\Auth\AuthMechanism; use \OCA\Files_External\Lib\Auth\AuthMechanism;
use \OCP\Files\StorageNotAvailableException; use \OCP\Files\StorageNotAvailableException;
@ -85,6 +82,7 @@ abstract class StoragesService {
array_values($applicableGroups), array_values($applicableGroups),
$mount['priority'] $mount['priority']
); );
$config->setType($mount['type']);
$config->setId((int)$mount['mount_id']); $config->setId((int)$mount['mount_id']);
return $config; return $config;
} catch (\UnexpectedValueException $e) { } catch (\UnexpectedValueException $e) {
@ -132,9 +130,22 @@ abstract class StoragesService {
throw new NotFoundException('Storage with id "' . $id . '" not found'); throw new NotFoundException('Storage with id "' . $id . '" not found');
} }
return $this->getStorageConfigFromDBMount($mount); $config = $this->getStorageConfigFromDBMount($mount);
if ($this->isApplicable($config)) {
return $config;
} else {
throw new NotFoundException('Storage with id "' . $id . '" not found');
}
} }
/**
* Check whether this storage service should provide access to a storage
*
* @param StorageConfig $config
* @return bool
*/
abstract protected function isApplicable(StorageConfig $config);
/** /**
* Gets all storages, valid or not * Gets all storages, valid or not
* *

18
apps/files_external/service/userglobalstoragesservice.php
View File

@ -152,4 +152,22 @@ class UserGlobalStoragesService extends GlobalStoragesService {
return 0; return 0;
} }
protected function isApplicable(StorageConfig $config) {
$applicableUsers = $config->getApplicableUsers();
$applicableGroups = $config->getApplicableGroups();
if (count($applicableUsers) === 0 && count($applicableGroups) === 0) {
return true;
}
if (in_array($this->getUser()->getUID(), $applicableUsers, true)) {
return true;
}
$groupIds = $this->groupManager->getUserGroupIds($this->getUser());
foreach ($groupIds as $groupId) {
if (in_array($groupId, $applicableGroups, true)) {
return true;
}
}
return false;
}
} }

4
apps/files_external/service/userstoragesservice.php
View File

@ -130,4 +130,8 @@ class UserStoragesService extends StoragesService {
public function getVisibilityType() { public function getVisibilityType() {
return BackendService::VISIBILITY_PERSONAL; return BackendService::VISIBILITY_PERSONAL;
} }
protected function isApplicable(StorageConfig $config) {
return ($config->getApplicableUsers() === [$this->getUser()->getUID()]) && $config->getType() === StorageConfig::MOUNT_TYPE_PERSONAl;
}
} }

8
apps/files_external/tests/service/userglobalstoragesservicetest.php
View File

@ -21,6 +21,7 @@
*/ */
namespace OCA\Files_External\Tests\Service; namespace OCA\Files_External\Tests\Service;
use OCA\Files_external\NotFoundException;
use OCA\Files_external\Service\StoragesService; use OCA\Files_external\Service\StoragesService;
use \OCA\Files_External\Service\UserGlobalStoragesService; use \OCA\Files_External\Service\UserGlobalStoragesService;
use \OCP\IGroupManager; use \OCP\IGroupManager;
@ -140,6 +141,13 @@ class UserGlobalStoragesServiceTest extends GlobalStoragesServiceTest {
$this->assertEquals('/mountpoint', $retrievedStorage->getMountPoint()); $this->assertEquals('/mountpoint', $retrievedStorage->getMountPoint());
} else { } else {
$this->assertEquals(0, count($storages)); $this->assertEquals(0, count($storages));
try {
$this->service->getStorage($newStorage->getId());
$this->fail('Failed asserting that storage can\'t be accessed by id');
} catch (NotFoundException $e) {
}
} }
} }

30
apps/files_external/tests/service/userstoragesservicetest.php
View File

@ -23,6 +23,8 @@ namespace OCA\Files_external\Tests\Service;
use \OC\Files\Filesystem; use \OC\Files\Filesystem;
use OCA\Files_external\Service\GlobalStoragesService;
use OCA\Files_external\Service\StoragesService;
use \OCA\Files_external\Service\UserStoragesService; use \OCA\Files_external\Service\UserStoragesService;
use \OCA\Files_external\NotFoundException; use \OCA\Files_external\NotFoundException;
use \OCA\Files_external\Lib\StorageConfig; use \OCA\Files_external\Lib\StorageConfig;
@ -38,9 +40,16 @@ class UserStoragesServiceTest extends StoragesServiceTest {
private $userId; private $userId;
/**
* @var StoragesService
*/
protected $globalStoragesService;
public function setUp() { public function setUp() {
parent::setUp(); parent::setUp();
$this->globalStoragesService = new GlobalStoragesService($this->backendService, $this->dbConfig);
$this->userId = $this->getUniqueID('user_'); $this->userId = $this->getUniqueID('user_');
$this->createUser($this->userId, $this->userId); $this->createUser($this->userId, $this->userId);
$this->user = \OC::$server->getUserManager()->get($this->userId); $this->user = \OC::$server->getUserManager()->get($this->userId);
@ -174,4 +183,25 @@ class UserStoragesServiceTest extends StoragesServiceTest {
$this->userId $this->userId
); );
} }
/**
* @expectedException \OCA\Files_external\NotFoundException
*/
public function testGetAdminStorage() {
$backend = $this->backendService->getBackend('identifier:\OCA\Files_External\Lib\Backend\SMB');
$authMechanism = $this->backendService->getAuthMechanism('identifier:\Auth\Mechanism');
$storage = new StorageConfig();
$storage->setMountPoint('mountpoint');
$storage->setBackend($backend);
$storage->setAuthMechanism($authMechanism);
$storage->setBackendOptions(['password' => 'testPassword']);
$storage->setApplicableUsers([$this->userId]);
$newStorage = $this->globalStoragesService->addStorage($storage);
$this->assertInstanceOf('\OCA\Files_external\Lib\StorageConfig', $this->globalStoragesService->getStorage($newStorage->getId()));
$this->service->getStorage($newStorage->getId());
}
} }