Home Explore Help
Sign In
RISCI_ATOM
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Files Issues 23 Wiki
Browse Source

Excludes not writable app roots from the directory permission check

Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
Michael Weimann 5 years ago
parent
ebcfe33d0d
commit
3f790bb85b
2 changed files with 51 additions and 10 deletions
Split View Show Diff Stats
  1. 30 10
      settings/Controller/CheckSetupController.php
  2. 21 0
      tests/Settings/Controller/CheckSetupControllerTest.php

+ 30 - 10
settings/Controller/CheckSetupController.php
View File 

@@ -542,16 +542,11 @@ Raw output
 
 		$appDirsWithDifferentOwner = [];
 
 
 		foreach (OC::$APPSROOTS as $appRoot) {
 
-			$appsPath = $appRoot['path'];
 
-			$appsDir = new DirectoryIterator($appRoot['path']);
 
-			foreach ($appsDir as $fileInfo) {
 
-				if ($fileInfo->isDir() && !$fileInfo->isDot()) {
 
-					$absAppPath = $appsPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename();
 
-					$appDirUser = posix_getpwuid(fileowner($absAppPath));
 
-					if ($appDirUser !== $currentUser) {
 
-						$appDirsWithDifferentOwner[] = $absAppPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename();
 
-					}
 
-				}
 
+			if ($appRoot['writable'] === true) {
 
+				$appDirsWithDifferentOwner = array_merge(
 
+					$appDirsWithDifferentOwner,
 
+					$this->getAppDirsWithDifferentOwnerForAppRoot($currentUser, $appRoot)
 
+				);
 
 			}
 
 		}
 
 
@@ -559,6 +554,31 @@ Raw output
 
 		return $appDirsWithDifferentOwner;
 
 	}
 
 
+	/**
 
+	 * Tests if the directories for one apps directory are writable by the current user.
 
+	 *
 
+	 * @param array $currentUser The current user
 
+	 * @param array $appRoot The app root config
 
+	 * @return string[] The none writable directory paths inside the app root
 
+	 */
 
+	private function getAppDirsWithDifferentOwnerForAppRoot(array $currentUser, array $appRoot): array {
 
+		$appDirsWithDifferentOwner = [];
 
+		$appsPath = $appRoot['path'];
 
+		$appsDir = new DirectoryIterator($appRoot['path']);
 
+
 
+		foreach ($appsDir as $fileInfo) {
 
+			if ($fileInfo->isDir() && !$fileInfo->isDot()) {
 
+				$absAppPath = $appsPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename();
 
+				$appDirUser = posix_getpwuid(fileowner($absAppPath));
 
+				if ($appDirUser !== $currentUser) {
 
+					$appDirsWithDifferentOwner[] = $absAppPath . DIRECTORY_SEPARATOR . $fileInfo->getFilename();
 
+				}
 
+			}
 
+		}
 
+
 
+		return $appDirsWithDifferentOwner;
 
+	}
 
+
 
 	/**
 
 	 * @return DataResponse
 
 	 */

+ 21 - 0
tests/Settings/Controller/CheckSetupControllerTest.php
View File 

@@ -629,6 +629,27 @@ class CheckSetupControllerTest extends TestCase {
 
 		);
 
 	}
 
 
+	/**
 
+	 * Calls the check for a none existing app root that is marked as not writable.
 
+	 * It's expected that no error happens since the check shouldn't apply.
 
+	 *
 
+	 * @return void
 
+	 */
 
+	public function testAppDirectoryOwnersNotWritable() {
 
+		$tempDir = tempnam(sys_get_temp_dir(), 'apps') . 'dir';
 
+		OC::$APPSROOTS = [
 
+			[
 
+				'path' => $tempDir,
 
+				'url' => '/apps',
 
+				'writable' => false,
 
+			],
 
+		];
 
+		$this->assertSame(
 
+			[],
 
+			$this->invokePrivate($this->checkSetupController, 'getAppDirsWithDifferentOwner')
 
+		);
 
+	}
 
+
 
 	public function testIsBuggyNss400() {
 
 		$this->config->expects($this->any())
 
 			->method('getSystemValue')