From 9e5d6114d54479724bc7552cccd276fc691b1c37 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Wed, 20 Nov 2019 09:06:47 +0100
Subject: [PATCH] Use files node API for single file downloads
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 lib/private/legacy/files.php | 42 ++++++++++++++++++++++++------------
 1 file changed, 28 insertions(+), 14 deletions(-)

diff --git a/lib/private/legacy/files.php b/lib/private/legacy/files.php
index be433f3382..28396a9d07 100644
--- a/lib/private/legacy/files.php
+++ b/lib/private/legacy/files.php
@@ -284,30 +284,44 @@ class OC_Files {
 	 */
 	private static function getSingleFile($view, $dir, $name, $params) {
 		$filename = $dir . '/' . $name;
+		$file = null;
+
+		try {
+			$userFolder = \OC::$server->getRootFolder()->get(\OC\Files\Filesystem::getRoot());
+			$file = $userFolder->get($filename);
+			if(!$file instanceof \OC\Files\Node\File || !$file->isReadable()) {
+				http_response_code(403);
+				die('403 Forbidden');
+			}
+			$fileSize = $file->getSize();
+		} catch (\OCP\Files\NotPermittedException $e) {
+			http_response_code(403);
+			die('403 Forbidden');
+		} catch (\OCP\Files\InvalidPathException $e) {
+			http_response_code(403);
+			die('403 Forbidden');
+		} catch (\OCP\Files\NotFoundException $e) {
+			http_response_code(404);
+			$tmpl = new OC_Template('', '404', 'guest');
+			$tmpl->printPage();
+			exit();
+		}
+
 		OC_Util::obEnd();
 		$view->lockFile($filename, ILockingProvider::LOCK_SHARED);
 		
 		$rangeArray = array();
 
 		if (isset($params['range']) && substr($params['range'], 0, 6) === 'bytes=') {
-			$rangeArray = self::parseHttpRangeHeader(substr($params['range'], 6), 
-								 \OC\Files\Filesystem::filesize($filename));
-		}
-		
-		if (\OC\Files\Filesystem::isReadable($filename)) {
-			self::sendHeaders($filename, $name, $rangeArray);
-		} elseif (!\OC\Files\Filesystem::file_exists($filename)) {
-			http_response_code(404);
-			$tmpl = new OC_Template('', '404', 'guest');
-			$tmpl->printPage();
-			exit();
-		} else {
-			http_response_code(403);
-			die('403 Forbidden');
+			$rangeArray = self::parseHttpRangeHeader(substr($params['range'], 6), $fileSize);
 		}
+
+		self::sendHeaders($filename, $name, $rangeArray);
+
 		if (isset($params['head']) && $params['head']) {
 			return;
 		}
+
 		if (!empty($rangeArray)) {
 			try {
 			    if (count($rangeArray) == 1) {