diff options
author | Julius Härtl <jus@bitgrid.net> | 2020-04-03 17:55:23 +0300 |
---|---|---|
committer | Julius Härtl <jus@bitgrid.net> | 2020-04-03 17:55:23 +0300 |
commit | 95cb77786afb22f99152710d8f7f4d99ad932ce7 (patch) | |
tree | e96f2c3dae5669d6c9bbf1aa41104b123b5445f9 | |
parent | 7f79ae465320e8a1908b33a265cc6048e8a07673 (diff) |
Check ACL before restoring from the trash bin
Signed-off-by: Julius Härtl <jus@bitgrid.net>
-rw-r--r-- | lib/Trash/TrashBackend.php | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/Trash/TrashBackend.php b/lib/Trash/TrashBackend.php index 3c01ea8b..dd57384b 100644 --- a/lib/Trash/TrashBackend.php +++ b/lib/Trash/TrashBackend.php @@ -32,6 +32,7 @@ use OCP\Constants; use OCP\Files\Folder; use OCP\Files\Node; use OCP\Files\NotFoundException; +use OCP\Files\NotPermittedException; use OCP\Files\Storage\IStorage; use OCP\IUser; @@ -100,6 +101,9 @@ class TrashBackend implements ITrashBackend { if ($node === null) { throw new NotFoundException(); } + if (!$this->userHasAccessToPath($item->getUser(), $folderId . '/' . $item->getOriginalLocation(), Constants::PERMISSION_UPDATE)) { + throw new NotPermittedException(); + } $trashStorage = $node->getStorage(); $targetFolder = $this->mountProvider->getFolder($folderId); @@ -177,10 +181,10 @@ class TrashBackend implements ITrashBackend { return in_array($folderId, $folderIds); } - private function userHasAccessToPath(IUser $user, string $path) { - $permissions = $this->aclManagerFactory->getACLManager($user) + private function userHasAccessToPath(IUser $user, string $path, $permission = Constants::PERMISSION_READ) { + $activePermissions = $this->aclManagerFactory->getACLManager($user) ->getACLPermissionsForPath('__groupfolders/' . ltrim($path, '/')); - return ($permissions & Constants::PERMISSION_READ) === Constants::PERMISSION_READ; + return ($activePermissions & $permission); } /** |