Overview
Comment: | Fix call to checkSkeletonWriteAccess |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | templates |
Files: | files | file ages | folders |
SHA3-256: |
363a2ae0abbc15dfb319e650cc661dba |
User & Date: | bohwaz on 2022-08-08 01:24:05 |
Other Links: | branch diff | manifest | tags |
Context
2022-08-08
| ||
01:24 | Use css.php for document preview check-in: 8e6f365a1f user: bohwaz tags: templates | |
01:24 | Fix call to checkSkeletonWriteAccess check-in: 363a2ae0ab user: bohwaz tags: templates | |
01:23 | Make UserException a RuntimeException if happening during upgrade check-in: 52f7fac86d user: bohwaz tags: templates | |
Changes
Modified src/include/lib/Garradin/Entities/Files/File.php from [06a4ee4a96] to [45bc2b7e11].
︙ | ︙ | |||
228 229 230 231 232 233 234 | * @return bool */ public function rename(string $new_path): bool { self::validatePath($new_path); self::validateFileName(Utils::basename($new_path)); | | > > | > > > > | 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 | * @return bool */ public function rename(string $new_path): bool { self::validatePath($new_path); self::validateFileName(Utils::basename($new_path)); if ($new_path == $this->path) { throw new UserException(sprintf('Impossible de renommer "%s" lui-même', $this->path)); } if (0 === strpos($new_path . '/', $this->path . '/')) { if ($this->type != self::TYPE_DIRECTORY) { throw new UserException(sprintf('Impossible de renommer "%s" vers "%s"', $this->path, $new_path)); } } self::ensureDirectoryExists(Utils::dirname($new_path)); $return = Files::callStorage('move', $this, $new_path); Plugin::fireSignal('files.move', ['file' => $this, 'new_path' => $new_path]); |
︙ | ︙ | |||
865 866 867 868 869 870 871 | else if ($context == self::CONTEXT_DOCUMENTS && $session->canAccess($session::SECTION_DOCUMENTS, $session::ACCESS_READ)) { return true; } return false; } | | | | 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 | else if ($context == self::CONTEXT_DOCUMENTS && $session->canAccess($session::SECTION_DOCUMENTS, $session::ACCESS_READ)) { return true; } return false; } static public function checkSkeletonWriteAccess(string $path, ?Session $session): bool { if (strpos($path, self::CONTEXT_SKELETON . '/web') === 0) { return $session->canAccess($session::SECTION_WEB, $session::ACCESS_ADMIN); } return $session->canAccess($session::SECTION_CONFIG, $session::ACCESS_ADMIN); } public function checkWriteAccess(?Session $session): bool |
︙ | ︙ | |||
891 892 893 894 895 896 897 | // Only managers can change files return $session->canAccess($session::SECTION_DOCUMENTS, $session::ACCESS_WRITE); case self::CONTEXT_CONFIG: return $session->canAccess($session::SECTION_CONFIG, $session::ACCESS_ADMIN); case self::CONTEXT_TRANSACTION: return $session->canAccess($session::SECTION_ACCOUNTING, $session::ACCESS_WRITE); case self::CONTEXT_SKELETON: | | | | 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 | // Only managers can change files return $session->canAccess($session::SECTION_DOCUMENTS, $session::ACCESS_WRITE); case self::CONTEXT_CONFIG: return $session->canAccess($session::SECTION_CONFIG, $session::ACCESS_ADMIN); case self::CONTEXT_TRANSACTION: return $session->canAccess($session::SECTION_ACCOUNTING, $session::ACCESS_WRITE); case self::CONTEXT_SKELETON: return self::checkSkeletonWriteAccess($this->path, $session); case self::CONTEXT_USER: return $session->canAccess($session::SECTION_USERS, $session::ACCESS_WRITE); } return false; } public function checkDeleteAccess(?Session $session): bool { if (null === $session) { return false; } switch ($this->context()) { case self::CONTEXT_WEB: return $session->canAccess($session::SECTION_WEB, $session::ACCESS_WRITE); case self::CONTEXT_SKELETON: return self::checkSkeletonWriteAccess($this->path, $session); case self::CONTEXT_DOCUMENTS: // Only admins can delete files return $session->canAccess($session::SECTION_DOCUMENTS, $session::ACCESS_ADMIN); case self::CONTEXT_CONFIG: return $session->canAccess($session::SECTION_CONFIG, $session::ACCESS_ADMIN); case self::CONTEXT_TRANSACTION: return $session->canAccess($session::SECTION_ACCOUNTING, $session::ACCESS_ADMIN); |
︙ | ︙ | |||
934 935 936 937 938 939 940 | return false; } $context = strtok($path, '/'); switch ($context) { case self::CONTEXT_SKELETON: | | | 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 | return false; } $context = strtok($path, '/'); switch ($context) { case self::CONTEXT_SKELETON: return self::checkSkeletonWriteAccess($path, $session); case self::CONTEXT_WEB: return $session->canAccess($session::SECTION_WEB, $session::ACCESS_WRITE); case self::CONTEXT_DOCUMENTS: return $session->canAccess($session::SECTION_DOCUMENTS, $session::ACCESS_WRITE); case self::CONTEXT_CONFIG: return $session->canAccess($session::SECTION_CONFIG, $session::ACCESS_ADMIN); case self::CONTEXT_TRANSACTION: |
︙ | ︙ |