From db96b0bb0b67ceb99c49e131aef9f3d3f436a23c Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Tue, 27 Feb 2018 14:06:14 +0100 Subject: [PATCH 1/3] Make it possible to make external storages read only Signed-off-by: Roeland Jago Douma --- apps/files_external/js/settings.js | 12 ++++++++++-- apps/files_external/lib/Command/ListCommand.php | 3 ++- apps/files_external/templates/settings.php | 1 + lib/private/legacy/util.php | 17 +++++++++++++++++ 4 files changed, 30 insertions(+), 3 deletions(-) diff --git a/apps/files_external/js/settings.js b/apps/files_external/js/settings.js index ffe1e97207..983348397d 100644 --- a/apps/files_external/js/settings.js +++ b/apps/files_external/js/settings.js @@ -48,6 +48,12 @@ var MOUNT_OPTIONS_DROPDOWN_TEMPLATE = ' '+ ' '+ ' '+ + '
  • ' + + ' ' + + ' ' + + ' ' + + ' ' + + '
    • ' + ' '+ ''; @@ -916,7 +922,8 @@ MountConfigListView.prototype = _.extend({ 'previews': true, 'enable_sharing': false, 'filesystem_check_changes': 1, - 'encoding_compatibility': false + 'encoding_compatibility': false, + 'readonly': false, })); } @@ -1303,7 +1310,8 @@ MountConfigListView.prototype = _.extend({ 'previews', 'filesystem_check_changes', 'enable_sharing', - 'encoding_compatibility' + 'encoding_compatibility', + 'readonly' ]; if (this._encryptionEnabled) { visibleOptions.push('encrypt'); diff --git a/apps/files_external/lib/Command/ListCommand.php b/apps/files_external/lib/Command/ListCommand.php index efb2669e28..89bdcf5e5d 100644 --- a/apps/files_external/lib/Command/ListCommand.php +++ b/apps/files_external/lib/Command/ListCommand.php @@ -192,7 +192,8 @@ class ListCommand extends Base { 'previews' => true, 'filesystem_check_changes' => 1, 'enable_sharing' => false, - 'encoding_compatibility' => false + 'encoding_compatibility' => false, + 'readonly' => false, ]; $rows = array_map(function (StorageConfig $config) use ($userId, $defaultMountOptions, $full) { $storageConfig = $config->getBackendOptions(); diff --git a/apps/files_external/templates/settings.php b/apps/files_external/templates/settings.php index 895be719ab..236faf37d6 100644 --- a/apps/files_external/templates/settings.php +++ b/apps/files_external/templates/settings.php @@ -12,6 +12,7 @@ $l->t("Check for changes"); $l->t("Never"); $l->t("Once every direct access"); + $l->t('Read only'); script('files_external', 'settings'); style('files_external', 'settings'); diff --git a/lib/private/legacy/util.php b/lib/private/legacy/util.php index d3599d14e7..356d336f68 100644 --- a/lib/private/legacy/util.php +++ b/lib/private/legacy/util.php @@ -259,6 +259,23 @@ class OC_Util { return $storage; }); + \OC\Files\Filesystem::addStorageWrapper('readonly', function ($mountPoint, \OCP\Files\Storage\IStorage $storage, \OCP\Files\Mount\IMountPoint $mount) { + /* + * Do not allow any operations that modify the storage + */ + if ($mount->getOption('readonly', false)) { + return new \OC\Files\Storage\Wrapper\PermissionsMask([ + 'storage' => $storage, + 'mask' => \OCP\Constants::PERMISSION_ALL & ~( + \OCP\Constants::PERMISSION_UPDATE | + \OCP\Constants::PERMISSION_CREATE | + \OCP\Constants::PERMISSION_DELETE + ), + ]); + } + return $storage; + }); + OC_Hook::emit('OC_Filesystem', 'preSetup', array('user' => $user)); \OC\Files\Filesystem::logWarningWhenAddingStorageWrapper(true); From 953691abb252aa35e8cc290b4135fbdf88fa9e7f Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Thu, 8 Mar 2018 19:53:17 +0100 Subject: [PATCH 2/3] External mount does not get DELETE and UPDATE if readonly Signed-off-by: Roeland Jago Douma --- apps/dav/lib/Connector/Sabre/Node.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/dav/lib/Connector/Sabre/Node.php b/apps/dav/lib/Connector/Sabre/Node.php index fd237b604a..9e78d21a39 100644 --- a/apps/dav/lib/Connector/Sabre/Node.php +++ b/apps/dav/lib/Connector/Sabre/Node.php @@ -272,7 +272,7 @@ abstract class Node implements \Sabre\DAV\INode { $mountpointpath = substr($mountpointpath, 0, -1); } - if ($mountpointpath === $this->info->getPath()) { + if (!$mountpoint->getOption('readonly', false) && $mountpointpath === $this->info->getPath()) { $permissions |= \OCP\Constants::PERMISSION_DELETE | \OCP\Constants::PERMISSION_UPDATE; } } From ea5393e9f84284f23414c75bc015d23ce47a8656 Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Thu, 8 Mar 2018 20:56:26 +0100 Subject: [PATCH 3/3] Fix tests Signed-off-by: Roeland Jago Douma --- apps/files_external/tests/js/settingsSpec.js | 3 ++- apps/files_sharing/tests/js/sharedfilelistSpec.js | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/apps/files_external/tests/js/settingsSpec.js b/apps/files_external/tests/js/settingsSpec.js index 56bdcff834..fbbb341c30 100644 --- a/apps/files_external/tests/js/settingsSpec.js +++ b/apps/files_external/tests/js/settingsSpec.js @@ -376,7 +376,8 @@ describe('OCA.External.Settings tests', function() { previews: true, enable_sharing: false, filesystem_check_changes: 0, - encoding_compatibility: false + encoding_compatibility: false, + readonly: false }); }); }); diff --git a/apps/files_sharing/tests/js/sharedfilelistSpec.js b/apps/files_sharing/tests/js/sharedfilelistSpec.js index 492a7255c6..0897e9c956 100644 --- a/apps/files_sharing/tests/js/sharedfilelistSpec.js +++ b/apps/files_sharing/tests/js/sharedfilelistSpec.js @@ -727,7 +727,8 @@ describe('OCA.Sharing.FileList tests', function() { etag: 'abc', shareOwner: 'User One', recipients: 'User Two', - mountType: 'external-root' + mountType: 'external-root', + sharePermissions: OC.PERMISSION_READ, }]); $tr = fileList.$el.find('tr:first'); @@ -749,7 +750,8 @@ describe('OCA.Sharing.FileList tests', function() { etag: 'abc', shareOwner: 'User One', recipients: 'User Two', - mountType: 'external-root' + mountType: 'external-root', + sharePermissions: OC.PERMISSION_READ | OC.PERMISSION_SHARE, }]); $tr = fileList.$el.find('tr:first');