This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * @author Björn Schießle <[email protected]> |
||
4 | * @author Joas Schilling <[email protected]> |
||
5 | * @author Morris Jobke <[email protected]> |
||
6 | * @author Robin Appelman <[email protected]> |
||
7 | * @author Roeland Jago Douma <[email protected]> |
||
8 | * @author Vincent Petry <[email protected]> |
||
9 | * |
||
10 | * @copyright Copyright (c) 2018, ownCloud GmbH |
||
11 | * @license AGPL-3.0 |
||
12 | * |
||
13 | * This code is free software: you can redistribute it and/or modify |
||
14 | * it under the terms of the GNU Affero General Public License, version 3, |
||
15 | * as published by the Free Software Foundation. |
||
16 | * |
||
17 | * This program is distributed in the hope that it will be useful, |
||
18 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
19 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
20 | * GNU Affero General Public License for more details. |
||
21 | * |
||
22 | * You should have received a copy of the GNU Affero General Public License, version 3, |
||
23 | * along with this program. If not, see <http://www.gnu.org/licenses/> |
||
24 | * |
||
25 | */ |
||
26 | |||
27 | namespace OCA\Files_Sharing; |
||
28 | |||
29 | use OC\Files\Filesystem; |
||
30 | use OC\Files\Mount\MountPoint; |
||
31 | use OC\Files\Mount\MoveableMount; |
||
32 | use OC\Files\View; |
||
33 | |||
34 | /** |
||
35 | * Shared mount points can be moved by the user |
||
36 | */ |
||
37 | class SharedMount extends MountPoint implements MoveableMount { |
||
38 | /** |
||
39 | * @var \OCA\Files_Sharing\SharedStorage $storage |
||
40 | */ |
||
41 | protected $storage = null; |
||
42 | |||
43 | /** |
||
44 | * @var \OC\Files\View |
||
45 | */ |
||
46 | private $recipientView; |
||
47 | |||
48 | /** |
||
49 | * @var string |
||
50 | */ |
||
51 | private $user; |
||
52 | |||
53 | /** @var \OCP\Share\IShare */ |
||
54 | private $superShare; |
||
55 | |||
56 | /** @var \OCP\Share\IShare[] */ |
||
57 | private $groupedShares; |
||
58 | |||
59 | /** |
||
60 | * @param string $storage |
||
61 | * @param SharedMount[] $mountpoints |
||
62 | * @param array|null $arguments |
||
63 | * @param \OCP\Files\Storage\IStorageFactory $loader |
||
64 | */ |
||
65 | public function __construct($storage, array $mountpoints, $arguments = null, $loader = null) { |
||
66 | $this->user = $arguments['user']; |
||
67 | $this->recipientView = new View('/' . $this->user . '/files'); |
||
68 | |||
69 | $this->superShare = $arguments['superShare']; |
||
70 | $this->groupedShares = $arguments['groupedShares']; |
||
71 | |||
72 | $newMountPoint = $this->verifyMountPoint($this->superShare, $mountpoints); |
||
73 | $absMountPoint = '/' . $this->user . '/files' . $newMountPoint; |
||
74 | $arguments['ownerView'] = new View('/' . $this->superShare->getShareOwner() . '/files'); |
||
75 | parent::__construct($storage, $absMountPoint, $arguments, $loader); |
||
76 | } |
||
77 | |||
78 | /** |
||
79 | * check if the parent folder exists otherwise move the mount point up |
||
80 | * |
||
81 | * @param \OCP\Share\IShare $share |
||
82 | * @param SharedMount[] $mountpoints |
||
83 | * @return string |
||
84 | */ |
||
85 | private function verifyMountPoint(\OCP\Share\IShare $share, array $mountpoints) { |
||
86 | $mountPoint = \basename($share->getTarget()); |
||
87 | $parent = \dirname($share->getTarget()); |
||
88 | |||
89 | if (!$this->recipientView->is_dir($parent)) { |
||
90 | $parent = Helper::getShareFolder($this->recipientView); |
||
91 | } |
||
92 | |||
93 | $newMountPoint = $this->generateUniqueTarget( |
||
94 | \OC\Files\Filesystem::normalizePath($parent . '/' . $mountPoint), |
||
95 | $this->recipientView, |
||
96 | $mountpoints |
||
97 | ); |
||
98 | |||
99 | if ($newMountPoint !== $share->getTarget()) { |
||
100 | $this->updateFileTarget($newMountPoint, $share); |
||
101 | } |
||
102 | |||
103 | return $newMountPoint; |
||
104 | } |
||
105 | |||
106 | /** |
||
107 | * update fileTarget in the database if the mount point changed |
||
108 | * |
||
109 | * @param string $newPath |
||
110 | * @param \OCP\Share\IShare $share |
||
111 | * @return bool |
||
112 | */ |
||
113 | private function updateFileTarget($newPath, &$share) { |
||
114 | $share->setTarget($newPath); |
||
115 | |||
116 | foreach ($this->groupedShares as $share) { |
||
117 | $share->setTarget($newPath); |
||
118 | \OC::$server->getShareManager()->moveShare($share, $this->user); |
||
119 | } |
||
120 | } |
||
121 | |||
122 | /** |
||
123 | * @param string $path |
||
124 | * @param View $view |
||
125 | * @param SharedMount[] $mountpoints |
||
126 | * @return mixed |
||
127 | */ |
||
128 | private function generateUniqueTarget($path, $view, array $mountpoints) { |
||
129 | $pathinfo = \pathinfo($path); |
||
130 | $ext = (isset($pathinfo['extension'])) ? '.'.$pathinfo['extension'] : ''; |
||
131 | $name = $pathinfo['filename']; |
||
132 | $dir = $pathinfo['dirname']; |
||
133 | |||
134 | // Helper function to find existing mount points |
||
135 | $mountpointExists = function ($path) use ($mountpoints) { |
||
136 | foreach ($mountpoints as $mountpoint) { |
||
137 | if ($mountpoint->getShare()->getTarget() === $path) { |
||
138 | return true; |
||
139 | } |
||
140 | } |
||
141 | return false; |
||
142 | }; |
||
143 | |||
144 | $i = 2; |
||
145 | View Code Duplication | while ($view->file_exists($path) || $mountpointExists($path)) { |
|
0 ignored issues
–
show
|
|||
146 | $path = Filesystem::normalizePath($dir . '/' . $name . ' ('.$i.')' . $ext); |
||
147 | $i++; |
||
148 | } |
||
149 | |||
150 | return $path; |
||
151 | } |
||
152 | |||
153 | /** |
||
154 | * Format a path to be relative to the /user/files/ directory |
||
155 | * |
||
156 | * @param string $path the absolute path |
||
157 | * @return string e.g. turns '/admin/files/test.txt' into '/test.txt' |
||
158 | * @throws \OCA\Files_Sharing\Exceptions\BrokenPath |
||
159 | */ |
||
160 | protected function stripUserFilesPath($path) { |
||
161 | $trimmed = \ltrim($path, '/'); |
||
162 | $split = \explode('/', $trimmed); |
||
163 | |||
164 | // it is not a file relative to data/user/files |
||
165 | if (\count($split) < 3 || $split[1] !== 'files') { |
||
166 | \OCP\Util::writeLog('file sharing', |
||
167 | 'Can not strip userid and "files/" from path: ' . $path, |
||
168 | \OCP\Util::ERROR); |
||
169 | throw new \OCA\Files_Sharing\Exceptions\BrokenPath('Path does not start with /user/files', 10); |
||
170 | } |
||
171 | |||
172 | // skip 'user' and 'files' |
||
173 | $sliced = \array_slice($split, 2); |
||
174 | $relPath = \implode('/', $sliced); |
||
175 | |||
176 | return '/' . $relPath; |
||
177 | } |
||
178 | |||
179 | /** |
||
180 | * Check whether it is allowed to move a mount point to a given target. |
||
181 | * It is not allowed to move a mount point into a different mount point or |
||
182 | * into an already shared folder |
||
183 | * |
||
184 | * @param string $target absolute target path |
||
185 | * @return bool true if allowed, false otherwise |
||
186 | */ |
||
187 | public function isTargetAllowed($target) { |
||
188 | list($targetStorage, $targetInternalPath) = \OC\Files\Filesystem::resolvePath($target); |
||
189 | // note: cannot use the view because the target is already locked |
||
190 | $fileId = (int)$targetStorage->getCache()->getId($targetInternalPath); |
||
191 | if ($fileId === -1) { |
||
192 | // target might not exist, need to check parent instead |
||
193 | $fileId = (int)$targetStorage->getCache()->getId(\dirname($targetInternalPath)); |
||
194 | } |
||
195 | |||
196 | $targetNodes = \OC::$server->getRootFolder()->getById($fileId); |
||
197 | if (empty($targetNodes)) { |
||
198 | return false; |
||
199 | } |
||
200 | |||
201 | $shareManager = \OC::$server->getShareManager(); |
||
202 | $targetNode = $targetNodes[0]; |
||
203 | // FIXME: make it stop earlier in '/$userId/files' |
||
204 | while ($targetNode !== null && $targetNode->getPath() !== '/') { |
||
205 | $shares = $shareManager->getSharesByPath($targetNode); |
||
206 | |||
207 | foreach ($shares as $share) { |
||
208 | if ($this->user === $share->getShareOwner()) { |
||
209 | \OCP\Util::writeLog('files', |
||
210 | 'It is not allowed to move one mount point into a shared folder', |
||
211 | \OCP\Util::DEBUG); |
||
212 | return false; |
||
213 | } |
||
214 | } |
||
215 | |||
216 | $targetNode = $targetNode->getParent(); |
||
217 | } |
||
218 | |||
219 | return true; |
||
220 | } |
||
221 | |||
222 | /** |
||
223 | * Move the mount point to $target |
||
224 | * |
||
225 | * @param string $target the target mount point |
||
226 | * @return bool |
||
227 | */ |
||
228 | public function moveMount($target) { |
||
229 | if (!$this->isTargetAllowed($target)) { |
||
230 | return false; |
||
231 | } |
||
232 | |||
233 | $relTargetPath = $this->stripUserFilesPath($target); |
||
234 | $share = $this->storage->getShare(); |
||
235 | |||
236 | $result = true; |
||
237 | |||
238 | try { |
||
239 | $this->updateFileTarget($relTargetPath, $share); |
||
240 | $this->setMountPoint($target); |
||
241 | $this->storage->setMountPoint($relTargetPath); |
||
242 | } catch (\Exception $e) { |
||
243 | \OCP\Util::writeLog('file sharing', |
||
244 | 'Could not rename mount point for shared folder "' . $this->getMountPoint() . '" to "' . $target . '"', |
||
245 | \OCP\Util::ERROR); |
||
246 | } |
||
247 | |||
248 | return $result; |
||
249 | } |
||
250 | |||
251 | /** |
||
252 | * Remove the mount points |
||
253 | * |
||
254 | * @return bool |
||
255 | */ |
||
256 | public function removeMount() { |
||
257 | $mountManager = \OC\Files\Filesystem::getMountManager(); |
||
258 | /** @var $storage \OCA\Files_Sharing\SharedStorage */ |
||
259 | $storage = $this->getStorage(); |
||
260 | $result = $storage->unshareStorage(); |
||
261 | $mountManager->removeMount($this->mountPoint); |
||
262 | |||
263 | return $result; |
||
264 | } |
||
265 | |||
266 | /** |
||
267 | * @return \OCP\Share\IShare |
||
268 | */ |
||
269 | public function getShare() { |
||
270 | return $this->superShare; |
||
271 | } |
||
272 | |||
273 | /** |
||
274 | * Get the file id of the root of the storage |
||
275 | * |
||
276 | * @return int |
||
277 | */ |
||
278 | public function getStorageRootId() { |
||
279 | return $this->getShare()->getNodeId(); |
||
280 | } |
||
281 | |||
282 | public function getStorageNumericId() { |
||
283 | $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); |
||
284 | $query->select('storage') |
||
285 | ->from('filecache') |
||
286 | ->where($query->expr()->eq('fileid', $query->createNamedParameter($this->getStorageRootId()))); |
||
287 | |||
288 | $result = $query->execute(); |
||
289 | $row = $result->fetch(); |
||
290 | $result->closeCursor(); |
||
291 | if ($row) { |
||
292 | return $row['storage']; |
||
293 | } |
||
294 | return -1; |
||
295 | } |
||
296 | } |
||
297 |
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.