Properly handle SMB ACL blocking scanning a directory

This makes sure that a possible ForbiddenException is properly passed
through the storage as a ForbiddenException and can be catched when
trying to fetch the quota info of a parent folder

Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
Julius Härtl 2021-01-29 11:26:19 +01:00
parent 6a3321cefe
commit e9ae943bba
No known key found for this signature in database
GPG Key ID: 4C614C6ED2CDE6DF
2 changed files with 10 additions and 2 deletions

View File

@ -41,6 +41,7 @@ use OCA\DAV\Connector\Sabre\Exception\InvalidPath;
use OCP\Files\FileInfo;
use OCP\Files\ForbiddenException;
use OCP\Files\InvalidPathException;
use OCP\Files\NotPermittedException;
use OCP\Files\StorageNotAvailableException;
use OCP\Lock\ILockingProvider;
use OCP\Lock\LockedException;
@ -343,6 +344,8 @@ class Directory extends \OCA\DAV\Connector\Sabre\Node implements \Sabre\DAV\ICol
return [0, 0];
} catch (\OCP\Files\StorageNotAvailableException $e) {
return [0, 0];
} catch (NotPermittedException $e) {
return [0, 0];
}
}

View File

@ -61,6 +61,7 @@ use OCP\Constants;
use OCP\Files\EntityTooLargeException;
use OCP\Files\Notify\IChange;
use OCP\Files\Notify\IRenameChange;
use OCP\Files\NotPermittedException;
use OCP\Files\Storage\INotifyStorage;
use OCP\Files\StorageAuthException;
use OCP\Files\StorageNotAvailableException;
@ -235,7 +236,11 @@ class SMB extends Common implements INotifyStorage {
protected function getFolderContents($path): iterable {
try {
$path = ltrim($this->buildPath($path), '/');
try {
$files = $this->share->dir($path);
} catch (ForbiddenException $e) {
throw new NotPermittedException();
}
foreach ($files as $file) {
$this->statCache[$path . '/' . $file->getName()] = $file;
}
@ -595,7 +600,7 @@ class SMB extends Common implements INotifyStorage {
$files = $this->getFolderContents($path);
} catch (NotFoundException $e) {
return false;
} catch (ForbiddenException $e) {
} catch (NotPermittedException $e) {
return false;
}
$names = array_map(function ($info) {