when downloading from web, skip files that are not accessible

* avoids a 403, but enables download of resources that are not restricted
* single file downloads still cause 403

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
Arthur Schiwon 2019-12-16 18:51:19 +01:00
parent 79eae96f45
commit af91efd315
No known key found for this signature in database
GPG Key ID: 7424F1874854DF23
2 changed files with 15 additions and 5 deletions

View File

@ -113,12 +113,16 @@ class Streamer {
$userFolder = \OC::$server->getRootFolder()->get(Filesystem::getRoot());
/** @var Folder $dirNode */
$dirNode = $userFolder->get($rootDir);
$dirNode = $userFolder->get($dir);
$files = $dirNode->getDirectoryListing();
foreach($files as $file) {
if($file instanceof File) {
try {
$fh = $file->fopen('r');
} catch (NotPermittedException $e) {
continue;
}
$this->addFileFromStream(
$fh,
$internalDir . $file->getName(),
@ -127,7 +131,9 @@ class Streamer {
);
fclose($fh);
} elseif ($file instanceof Folder) {
$this->addDirRecursive($file->getName(), $internalDir);
if($file->isReadable()) {
$this->addDirRecursive($dir . '/' . $file->getName(), $internalDir);
}
}
}
}

View File

@ -180,7 +180,11 @@ class OC_Files {
$userFolder = \OC::$server->getRootFolder()->get(\OC\Files\Filesystem::getRoot());
$file = $userFolder->get($file);
if($file instanceof \OC\Files\Node\File) {
try {
$fh = $file->fopen('r');
} catch (\OCP\Files\NotPermittedException $e) {
continue;
}
$fileSize = $file->getSize();
$fileTime = $file->getMTime();
} else {