Add version to .htaccess

Currently if a user does not replace the .htaccess file with the new update this can lead to serious problems in case Apache is used as webserver.

This commit adds the version to the .htaccess file and the update routine fails in case not the newest version is specified in there. This obviously means that every release has to update the version specified in .htaccess as well. But I see no better solution for it.

Conflicts:
	lib/private/updater.php
This commit is contained in:
Lukas Reschke 2015-01-08 12:05:54 +01:00
parent 14e534e933
commit 7fbb7f4dc4
4 changed files with 50 additions and 3 deletions

View File

@ -1,3 +1,4 @@
# Version: 8.0.0
<IfModule mod_fcgid.c>
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>

View File

@ -242,14 +242,43 @@ class OC_Setup {
return $error;
}
/**
* @return string Absolute path to htaccess
*/
private function pathToHtaccess() {
return OC::$SERVERROOT.'/.htaccess';
}
/**
* Checks if the .htaccess contains the current version parameter
*
* @return bool
*/
private function isCurrentHtaccess() {
$version = \OC_Util::getVersion();
unset($version[3]);
return !strpos(
file_get_contents($this->pathToHtaccess()),
'Version: '.implode('.', $version)
) === false;
}
/**
* Append the correct ErrorDocument path for Apache hosts
*
* @throws \OC\HintException If .htaccess does not include the current version
*/
public static function updateHtaccess() {
$setupHelper = new OC_Setup(\OC::$server->getConfig());
if(!$setupHelper->isCurrentHtaccess()) {
throw new \OC\HintException('.htaccess file has the wrong version. Please upload the correct version.');
}
$content = "\n";
$content.= "ErrorDocument 403 ".OC::$WEBROOT."/core/templates/403.php\n";//custom 403 error page
$content.= "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php";//custom 404 error page
@file_put_contents(OC::$SERVERROOT.'/.htaccess', $content, FILE_APPEND); //suppress errors in case we don't have permissions for it
@file_put_contents($setupHelper->pathToHtaccess(), $content, FILE_APPEND); //suppress errors in case we don't have permissions for it
}
public static function protectDataDirectory() {

View File

@ -189,7 +189,11 @@ class Updater extends BasicEmitter {
// Update htaccess files for apache hosts
if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) {
try {
\OC_Setup::updateHtaccess();
} catch (\Exception $e) {
throw new \Exception($e->getMessage());
}
}
// create empty file in data dir, so we can later find

View File

@ -19,7 +19,7 @@ class Test_OC_Setup extends \Test\TestCase {
parent::setUp();
$this->config = $this->getMock('\OCP\IConfig');
$this->setupClass = $this->getMock('\OC_Setup', array('class_exists', 'is_callable'), array($this->config));
$this->setupClass = $this->getMock('\OC_Setup', ['class_exists', 'is_callable'], [$this->config]);
}
public function testGetSupportedDatabasesWithOneWorking() {
@ -102,4 +102,17 @@ class Test_OC_Setup extends \Test\TestCase {
->will($this->returnValue('NotAnArray'));
$this->setupClass->getSupportedDatabases();
}
/**
* This is actual more an integration test whether the version parameter in the .htaccess
* was updated as well when the version has been incremented.
* If it hasn't this test will fail.
*/
public function testHtaccessIsCurrent() {
$result = Test_Helper::invokePrivate(
$this->setupClass,
'isCurrentHtaccess'
);
$this->assertTrue($result);
}
}