1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
<?php
/**
* @author Morris Jobke <hey@morrisjobke.de>
* @author Robin Appelman <icewind@owncloud.com>
*
* @copyright Copyright (c) 2015, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OC\Files\Storage\Wrapper;
use OC\Files\Cache\Wrapper\CachePermissionsMask;
use OCP\Constants;
/**
* Mask the permissions of a storage
*
* This can be used to restrict update, create, delete and/or share permissions of a storage
*
* Note that the read permissions cant be masked
*/
class PermissionsMask extends Wrapper {
/**
* @var int the permissions bits we want to keep
*/
private $mask;
/**
* @param array $arguments ['storage' => $storage, 'mask' => $mask]
*
* $storage: The storage the permissions mask should be applied on
* $mask: The permission bits that should be kept, a combination of the \OCP\Constant::PERMISSION_ constants
*/
public function __construct($arguments) {
parent::__construct($arguments);
$this->mask = $arguments['mask'];
}
private function checkMask($permissions) {
return ($this->mask & $permissions) === $permissions;
}
public function isUpdatable($path) {
return $this->checkMask(Constants::PERMISSION_UPDATE) and parent::isUpdatable($path);
}
public function isCreatable($path) {
return $this->checkMask(Constants::PERMISSION_CREATE) and parent::isCreatable($path);
}
public function isDeletable($path) {
return $this->checkMask(Constants::PERMISSION_DELETE) and parent::isDeletable($path);
}
public function isSharable($path) {
return $this->checkMask(Constants::PERMISSION_SHARE) and parent::isSharable($path);
}
public function getPermissions($path) {
return $this->storage->getPermissions($path) & $this->mask;
}
public function rename($path1, $path2) {
return $this->checkMask(Constants::PERMISSION_UPDATE) and parent::rename($path1, $path2);
}
public function copy($path1, $path2) {
return $this->checkMask(Constants::PERMISSION_CREATE) and parent::copy($path1, $path2);
}
public function touch($path, $mtime = null) {
$permissions = $this->file_exists($path) ? Constants::PERMISSION_UPDATE : Constants::PERMISSION_CREATE;
return $this->checkMask($permissions) and parent::touch($path, $mtime);
}
public function mkdir($path) {
return $this->checkMask(Constants::PERMISSION_CREATE) and parent::mkdir($path);
}
public function rmdir($path) {
return $this->checkMask(Constants::PERMISSION_DELETE) and parent::rmdir($path);
}
public function unlink($path) {
return $this->checkMask(Constants::PERMISSION_DELETE) and parent::unlink($path);
}
public function file_put_contents($path, $data) {
$permissions = $this->file_exists($path) ? Constants::PERMISSION_UPDATE : Constants::PERMISSION_CREATE;
return $this->checkMask($permissions) and parent::file_put_contents($path, $data);
}
public function fopen($path, $mode) {
if ($mode === 'r' or $mode === 'rb') {
return parent::fopen($path, $mode);
} else {
$permissions = $this->file_exists($path) ? Constants::PERMISSION_UPDATE : Constants::PERMISSION_CREATE;
return $this->checkMask($permissions) ? parent::fopen($path, $mode) : false;
}
}
/**
* get a cache instance for the storage
*
* @param string $path
* @param \OC\Files\Storage\Storage (optional) the storage to pass to the cache
* @return \OC\Files\Cache\Cache
*/
public function getCache($path = '', $storage = null) {
if (!$storage) {
$storage = $this;
}
$sourceCache = parent::getCache($path, $storage);
return new CachePermissionsMask($sourceCache, $this->mask);
}
}
|
