Introduce MODIFY permission for external storages
This commit is contained in:
Robin McCorkell
parent
f0c8cfa9a6
commit
d2e3c17c00
|
|
@ -98,7 +98,7 @@ class GlobalStoragesController extends StoragesController {
|
|||
return $newStorage;
|
||||
}
|
||||
|
||||
$response = $this->validate($newStorage);
|
||||
$response = $this->validate($newStorage, BackendService::PERMISSION_CREATE);
|
||||
if (!empty($response)) {
|
||||
return $response;
|
||||
}
|
||||
|
|
@ -154,7 +154,7 @@ class GlobalStoragesController extends StoragesController {
|
|||
}
|
||||
$storage->setId($id);
|
||||
|
||||
$response = $this->validate($storage);
|
||||
$response = $this->validate($storage, BackendService::PERMISSION_MODIFY);
|
||||
if (!empty($response)) {
|
||||
return $response;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -125,10 +125,11 @@ abstract class StoragesController extends Controller {
|
|||
* Validate storage config
|
||||
*
|
||||
* @param StorageConfig $storage storage config
|
||||
* @param int $permissionCheck permission to check
|
||||
*
|
||||
* @return DataResponse|null returns response in case of validation error
|
||||
*/
|
||||
protected function validate(StorageConfig $storage) {
|
||||
protected function validate(StorageConfig $storage, $permissionCheck = BackendService::PERMISSION_CREATE) {
|
||||
$mountPoint = $storage->getMountPoint();
|
||||
if ($mountPoint === '' || $mountPoint === '/') {
|
||||
return new DataResponse(
|
||||
|
|
@ -165,7 +166,7 @@ abstract class StoragesController extends Controller {
|
|||
);
|
||||
}
|
||||
|
||||
if (!$backend->isPermitted($this->getUserType(), BackendService::PERMISSION_CREATE)) {
|
||||
if (!$backend->isPermitted($this->getUserType(), $permissionCheck)) {
|
||||
// not permitted to use backend
|
||||
return new DataResponse(
|
||||
array(
|
||||
|
|
@ -176,7 +177,7 @@ abstract class StoragesController extends Controller {
|
|||
Http::STATUS_UNPROCESSABLE_ENTITY
|
||||
);
|
||||
}
|
||||
if (!$authMechanism->isPermitted($this->getUserType(), BackendService::PERMISSION_CREATE)) {
|
||||
if (!$authMechanism->isPermitted($this->getUserType(), $permissionCheck)) {
|
||||
// not permitted to use auth mechanism
|
||||
return new DataResponse(
|
||||
array(
|
||||
|
|
|
|||
|
|
@ -103,7 +103,7 @@ class UserStoragesController extends StoragesController {
|
|||
return $newStorage;
|
||||
}
|
||||
|
||||
$response = $this->validate($newStorage);
|
||||
$response = $this->validate($newStorage, BackendService::PERMISSION_CREATE);
|
||||
if (!empty($response)) {
|
||||
return $response;
|
||||
}
|
||||
|
|
@ -151,7 +151,7 @@ class UserStoragesController extends StoragesController {
|
|||
}
|
||||
$storage->setId($id);
|
||||
|
||||
$response = $this->validate($storage);
|
||||
$response = $this->validate($storage, BackendService::PERMISSION_MODIFY);
|
||||
if (!empty($response)) {
|
||||
return $response;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -35,8 +35,9 @@ class BackendService {
|
|||
const PERMISSION_NONE = 0;
|
||||
const PERMISSION_MOUNT = 1;
|
||||
const PERMISSION_CREATE = 2;
|
||||
const PERMISSION_MODIFY = 4;
|
||||
|
||||
const PERMISSION_DEFAULT = 3; // MOUNT | CREATE
|
||||
const PERMISSION_DEFAULT = 7; // MOUNT | CREATE | MODIFY
|
||||
|
||||
/** User contants */
|
||||
const USER_ADMIN = 'admin';
|
||||
|
|
|
|||
|
|
@ -49,15 +49,21 @@ class UserStoragesControllerTest extends StoragesControllerTest {
|
|||
}
|
||||
|
||||
public function testAddOrUpdateStorageDisallowedBackend() {
|
||||
$backend = $this->getBackendMock();
|
||||
$backend->method('isPermitted')
|
||||
$backend1 = $this->getBackendMock();
|
||||
$backend1->expects($this->once())
|
||||
->method('isPermitted')
|
||||
->with(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE)
|
||||
->willReturn(false);
|
||||
$backend2 = $this->getBackendMock();
|
||||
$backend2->expects($this->once())
|
||||
->method('isPermitted')
|
||||
->with(BackendService::USER_PERSONAL, BackendService::PERMISSION_MODIFY)
|
||||
->willReturn(false);
|
||||
$authMech = $this->getAuthMechMock();
|
||||
|
||||
$storageConfig = new StorageConfig(1);
|
||||
$storageConfig->setMountPoint('mount');
|
||||
$storageConfig->setBackend($backend);
|
||||
$storageConfig->setBackend($backend1);
|
||||
$storageConfig->setAuthMechanism($authMech);
|
||||
$storageConfig->setBackendOptions([]);
|
||||
|
||||
|
|
@ -82,6 +88,8 @@ class UserStoragesControllerTest extends StoragesControllerTest {
|
|||
|
||||
$this->assertEquals(Http::STATUS_UNPROCESSABLE_ENTITY, $response->getStatus());
|
||||
|
||||
$storageConfig->setBackend($backend2);
|
||||
|
||||
$response = $this->controller->update(
|
||||
1,
|
||||
'mount',
|
||||
|
|
|
|||
Loading…
Reference in New Issue