This commit is contained in:
Morris Jobke 2016-07-26 14:22:10 +02:00
Коммит be1be5b945
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 9CE5ED29E7FCD38A
16 изменённых файлов: 1356 добавлений и 0 удалений

55
.gitignore поставляемый Normal file
Просмотреть файл

@ -0,0 +1,55 @@
# just sane ignores
.*.sw[po]
*.bak
*.BAK
*~
*.orig
*.class
.cvsignore
Thumbs.db
*.py[co]
_darcs/*
CVS/*
.svn/*
RCS/*
*.backup*
# kdevelop
.kdev
*.kdev4
*.kate-swp
# Lokalize
*lokalize*
# eclipse
.project
.settings
# netbeans
nbproject
# phpStorm
.idea
*.iml
# geany
*.geany
# Cloud9IDE
.settings.xml
.c9revisions
# vim ex mode
.vimrc
# Mac OS
.DS_Store
# WebFinger
.well-known
/.buildpath
# Tests - auto-generated files
/tests/coverage*
/tests/clover.xml

12
.scrutinizer.yml Normal file
Просмотреть файл

@ -0,0 +1,12 @@
filter:
excluded_paths:
- 'l10n/*'
- 'tests/*'
imports:
- javascript
- php
tools:
external_code_coverage:
timeout: 7200 # Timeout in seconds: 2 hours

71
.travis.yml Normal file
Просмотреть файл

@ -0,0 +1,71 @@
language: php
php:
- 5.4
- 5.5
- 5.6
- 7
env:
global:
- CORE_BRANCH=master
- APP_NAME=files_accesscontrol
matrix:
- DB=sqlite
branches:
only:
- master
- /^stable\d+(\.\d+)?$/
before_install:
- wget https://raw.githubusercontent.com/nextcloud/travis_ci/master/before_install.sh
- bash ./before_install.sh $APP_NAME $CORE_BRANCH $DB
# Add some output debugging information
- cd ../server
- ./occ check
- ./occ status
- ./occ app:list
script:
- cd apps/$APP_NAME/
# Test the app
- sh -c "if [ '$JSTESTS' != '1' -a '$CODECHECK' = '1' ]; then find . -name \*.php -exec php -l \"{}\" \;; fi"
- cd ../../
- sh -c "if [ '$JSTESTS' != '1' -a '$CODECHECK' = '1' ]; then ./occ app:check-code $APP_NAME -c private -c strong-comparison; fi"
- sh -c "if [ '$JSTESTS' != '1' -a '$CODECHECK' = '2' ]; then ./occ app:check-code $APP_NAME -c deprecation; fi"
- cd apps/$APP_NAME/
# Run phpunit tests
- cd tests/
- sh -c "if [ '$JSTESTS' != '1' -a '$CODECHECK' != '1' -a '$CODECHECK' != '2' ]; then phpunit --configuration phpunit.xml; fi"
# Create coverage report
- sh -c "if [ '$JSTESTS' != '1' -a '$CODECHECK' != '1' -a '$CODECHECK' != '2' ]; then wget https://scrutinizer-ci.com/ocular.phar; fi"
- sh -c "if [ '$JSTESTS' != '1' -a '$CODECHECK' != '1' -a '$CODECHECK' != '2' ]; then php ocular.phar code-coverage:upload --format=php-clover clover.xml; fi"
- cd ../
# Run Javascript unit tests
- cd tests/js
- sh -c "if [ '$JSTESTS' = '1' ]; then npm install --deps; node_modules/karma/bin/karma start karma.config.js --single-run; fi"
- cd ../
matrix:
include:
- php: 5.4
env: DB=mysql
- php: 5.4
env: DB=pgsql
- php: 5.4
env: DB=oracle
- php: 5.4
env: DB=mysql;CODECHECK=1
- php: 5.4
env: DB=mysql;CODECHECK=2
- php: 5.4
env: DB=mysql;JSTESTS=1
allow_failures:
- env: DB=mysql;CODECHECK=2
- env: DB=oracle # TODO: temporary until it is fixed
fast_finish: true

25
CONTRIBUTING.md Normal file
Просмотреть файл

@ -0,0 +1,25 @@
## Submitting issues
If you have questions about how to install or use Nextcloud, please direct these to our [forum][forum]. We are also available on [IRC][irc].
### Short version
* The [**issue template can be found here**][template]. Please always use the issue template when reporting issues.
### Guidelines
* Please search the existing issues first, it's likely that your issue was already reported or even fixed.
- Go to one of the repositories, click "issues" and type any word in the top search/command bar.
- You can also filter by appending e. g. "state:open" to the search string.
- More info on [search syntax within github](https://help.github.com/articles/searching-issues)
* This repository ([Files Access Control](https://github.com/nextcloud/files_accesscontrol/issues)) is *only* for issues within the Nextcloud Files Access Control App code.
* __SECURITY__: Report any potential security bug to us via [our HackerOne page](https://hackerone.com/nextcloud) or security@nextcloud.com following our [security policy](https://nextcloud.com/security/) instead of filing an issue in our bug tracker.
* Report the issue using our [template][template], it includes all the information we need to track down the issue.
Help us to maximize the effort we can spend fixing issues and adding new features, by not reporting duplicate issues.
[template]: https://raw.github.com/nextcloud/server/master/issue_template.md
[forum]: https://help.nextcloud.com/
[irc]: https://webchat.freenode.net/?channels=nextcloud
### Contribute Code and translations
Please check [server's contribution guidelines](https://github.com/nextcloud/server/blob/master/CONTRIBUTING.md#contributing-to-source-code) for further information about contributing code and translations.

10
README.md Normal file
Просмотреть файл

@ -0,0 +1,10 @@
# Nextcloud Files Access Control App
An app for Nextcloud to control the access to files based on some conditions
## QA metrics on master branch:
[![Build Status](https://travis-ci.org/nextcloud/files_accesscontrol.svg?branch=master)](https://travis-ci.org/nextcloud/files_accesscontrol/branches)
[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/nextcloud/files_accesscontrol/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/nextcloud/files_accesscontrol/?branch=master)
[![Code Coverage](https://scrutinizer-ci.com/g/nextcloud/files_accesscontrol/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/nextcloud/files_accesscontrol/?branch=master)

23
appinfo/app.php Normal file
Просмотреть файл

@ -0,0 +1,23 @@
<?php
/**
* @copyright Copyright (c) 2016 Morris Jobke <hey@morrisjobke.de>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
$application = new \OCA\FilesAccessControl\AppInfo\Application();
$application->registerHooksAndListeners();

23
appinfo/info.xml Normal file
Просмотреть файл

@ -0,0 +1,23 @@
<?xml version="1.0"?>
<info>
<id>files_accesscontrol</id>
<name>Files Access Control</name>
<description>An app for Nextcloud to control the access to files based on some conditions</description>
<licence>AGPL</licence>
<author>Morris Jobke</author>
<version>0.6.0</version>
<namespace>FilesAccessControl</namespace>
<category>other</category>
<website>https://github.com/nextcloud/files_accesscontrol</website>
<bugs>https://github.com/nextcloud/files_accesscontrol/issues</bugs>
<repository type="git">https://github.com/nextcloud/files_accesscontrol.git</repository>
<types>
<filesystem/>
</types>
<dependencies>
<owncloud min-version="9.2" max-version="9.2" />
</dependencies>
</info>

81
issue_template.md Normal file
Просмотреть файл

@ -0,0 +1,81 @@
<!--
Thanks for reporting issues back to Nextcloud! This is the issue tracker of the Nextcloud Files Access Control App, if you have any support question please check out https://help.nextcloud.com/
This is the bug tracker for the Nextcloud Files Access Control App. Find other components at https://github.com/nextcloud/server/blob/master/CONTRIBUTING.md#guidelines
To make it possible for us to help you please fill out below information carefully.
-->
### Steps to reproduce
1.
2.
3.
### Expected behaviour
Tell us what should happen
### Actual behaviour
Tell us what happens instead
### Server configuration
**Operating system**:
**Web server:**
**Database:**
**PHP version:**
**Nextcloud version:** (see Nextcloud admin page)
**Where did you install Nextcloud from:**
**Signing status:**
```
Login as admin user into your Nextcloud and access
http://example.com/index.php/settings/integrity/failed
paste the results here.
```
**List of activated apps:**
```
If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your Nextcloud installation folder
```
**The content of config/config.php:**
```
If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your Nextcloud installation folder
```
**Are you using external storage, if yes which one:** local/smb/sftp/...
**Are you using encryption:** yes/no
**Are you using an external user-backend, if yes which one:** LDAP/ActiveDirectory/Webdav/...
### Client configuration
**Browser:**
**Operating system:**
### Logs
#### Nextcloud log (data/owncloud.log)
```
Insert your Nextcloud log here
```
#### Browser log
```
Insert your browser log here, this could for example include:
a) The javascript console log
b) The network log
c) ...
```

72
js/admin.js Normal file
Просмотреть файл

@ -0,0 +1,72 @@
/**
* @copyright Copyright (c) 2016 Morris Jobke <hey@morrisjobke.de>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
(function() {
OCA.FilesAccessControl = OCA.FilesAccessControl || {};
/**
* @class OCA.FilesAccessControl.Operation
*/
OCA.FilesAccessControl.Operation =
OCA.WorkflowEngine.Operation.extend({
defaults: {
'class': 'OCA\\FilesAccessControl\\Operation',
'name': '',
'checks': [],
'operation': 'deny'
}
});
/**
* @class OCA.FilesAccessControl.OperationsCollection
*
* collection for all configurated operations
*/
OCA.FilesAccessControl.OperationsCollection =
OCA.WorkflowEngine.OperationsCollection.extend({
model: OCA.FilesAccessControl.Operation
});
/**
* @class OCA.FilesAccessControl.OperationsView
*
* this creates the view for configured operations
*/
OCA.FilesAccessControl.OperationsView =
OCA.WorkflowEngine.OperationsView.extend({
initialize: function() {
this._initialize('OCA\\FilesAccessControl\\Operation');
}
});
})();
$(document).ready(function() {
var availableChecks = new OCA.WorkflowEngine.AvailableChecksCollection();
availableChecks.fetch();
availableChecks.once('sync', function(){
new OCA.FilesAccessControl.OperationsView({
el: '#workflowengine .rules',
collection: new OCA.FilesAccessControl.OperationsCollection()
});
});
OCA.WorkflowEngine.availableChecks = availableChecks;
});

76
lib/AccessControl.php Normal file
Просмотреть файл

@ -0,0 +1,76 @@
<?php
/**
* @copyright Copyright (c) 2016 Morris Jobke <hey@morrisjobke.de>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\FilesAccessControl;
use OCP\Files\ForbiddenException;
use OCP\WorkflowEngine\IManager;
use Symfony\Component\EventDispatcher\GenericEvent;
class AccessControl {
/**
* AccessControl constructor.
*
* @param IManager $manager
*/
public function __construct(IManager $manager) {
$this->manager = $manager;
}
/**
* @param GenericEvent $event
*/
public function listen(GenericEvent $event) {
if ($event->getArgument('slot') !== StorageWrapper::SLOT_BEFORE) {
return;
}
/** @var StorageWrapper $storage */
$storage = $event->getSubject();
if ($event->hasArgument('path')) {
$this->checkFileAccess($storage, $event->getArgument('path'));
}
if ($event->hasArgument('path1')) {
$this->checkFileAccess($storage, $event->getArgument('path1'));
}
if ($event->hasArgument('path2')) {
$this->checkFileAccess($storage, $event->getArgument('path2'));
}
}
/**
* @param StorageWrapper $storage
* @param string $path
* @throws ForbiddenException
*/
protected function checkFileAccess(StorageWrapper $storage, $path) {
$this->manager->setFileInfo($storage, $path);
$match = $this->manager->getMatchingOperations('OCA\FilesAccessControl\Operation');
if (!empty($match)) {
// All Checks of one operation matched: prevent access
throw new ForbiddenException('Access denied', true);
}
}
}

Просмотреть файл

@ -0,0 +1,82 @@
<?php
/**
* @copyright Copyright (c) 2016 Morris Jobke <hey@morrisjobke.de>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\FilesAccessControl\AppInfo;
use OC\Files\Filesystem;
use OCA\FilesAccessControl\StorageWrapper;
use OCP\Files\Storage\IStorage;
use OCP\Util;
use Symfony\Component\EventDispatcher\GenericEvent;
class Application extends \OCP\AppFramework\App {
public function __construct() {
parent::__construct('files_accesscontrol');
}
/**
* Register all hooks and listeners
*/
public function registerHooksAndListeners() {
Util::connectHook('OC_Filesystem', 'preSetup', $this, 'addStorageWrapper');
\OCP\App::registerAdmin('files_accesscontrol', 'settings/admin');
$container = $this->getContainer();
$container->getServer()->getEventDispatcher()->addListener(
'OCA\FilesAccessControl\StorageWrapper\Event',
function(GenericEvent $event) use ($container) {
/** @var \OCA\FilesAccessControl\AccessControl $accessControl */
$accessControl = $container->query('OCA\FilesAccessControl\AccessControl');
$accessControl->listen($event);
},
-10
);
}
/**
* @internal
*/
public function addStorageWrapper() {
// Needs to be added as the first layer
Filesystem::addStorageWrapper('files_accesscontrol', [$this, 'addStorageWrapperCallback'], -10);
}
/**
* @internal
* @param $mountPoint
* @param IStorage $storage
* @return StorageWrapper|IStorage
*/
public function addStorageWrapperCallback($mountPoint, IStorage $storage) {
if (!\OC::$CLI && !$storage->instanceOfStorage('OC\Files\Storage\Shared')) {
$dispatcher = $this->getContainer()->getServer()->getEventDispatcher();
return new StorageWrapper([
'storage' => $storage,
'mountPoint' => $mountPoint,
'dispatcher' => $dispatcher,
]);
}
return $storage;
}
}

Просмотреть файл

@ -0,0 +1,64 @@
<?php
/**
* @copyright Copyright (c) 2016 Morris Jobke <hey@morrisjobke.de>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\FilesAccessControl\Controller;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\IL10N;
use OCP\IRequest;
use Symfony\Component\EventDispatcher\EventDispatcher;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
class AdminController extends Controller {
/** @var EventDispatcher */
protected $eventDispatcher;
/** @var IL10N */
protected $l10n;
/**
* @param string $appName
* @param IRequest $request
* @param EventDispatcherInterface $eventDispatcher
* @param IL10N $l10n
*/
public function __construct($appName,
IRequest $request,
EventDispatcherInterface $eventDispatcher,
IL10N $l10n) {
parent::__construct($appName, $request);
$this->eventDispatcher = $eventDispatcher;
$this->l10n = $l10n;
}
/**
* @return TemplateResponse
*/
public function index() {
$this->eventDispatcher->dispatch('OCP\WorkflowEngine::loadAdditionalSettingScripts');
\OCP\Util::addScript($this->appName, 'admin');
return new TemplateResponse('workflowengine', 'admin', [
'heading' => $this->l10n->t('Files Access Control')
], 'blank');
}
}

679
lib/StorageWrapper.php Normal file
Просмотреть файл

@ -0,0 +1,679 @@
<?php
/**
* @copyright Copyright (c) 2016 Morris Jobke <hey@morrisjobke.de>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
// TODO should be in the generic app
namespace OCA\FilesAccessControl;
use OC\Files\Storage\Wrapper\Wrapper;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\EventDispatcher\GenericEvent;
class StorageWrapper extends Wrapper {
const SLOT_BEFORE = 'before';
/** @var EventDispatcherInterface */
protected $dispatcher;
/**
* @param array $parameters
*/
public function __construct($parameters) {
parent::__construct($parameters);
$this->dispatcher = $parameters['dispatcher'];
}
/**
* @param array $data
*/
protected function emitEvent(array $data) {
$this->dispatcher->dispatch(
'OCA\FilesAccessControl\StorageWrapper\Event',
new GenericEvent($this, $data)
);
}
/*
* Storage wrapper methods
*/
/**
* see http://php.net/manual/en/function.mkdir.php
*
* @param string $path
* @return bool
*/
public function mkdir($path) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->mkdir($path);
}
/**
* see http://php.net/manual/en/function.rmdir.php
*
* @param string $path
* @return bool
*/
public function rmdir($path) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->rmdir($path);
}
// /**
// * see http://php.net/manual/en/function.opendir.php
// *
// * @param string $path
// * @return resource
// */
// public function opendir($path) {
// return $this->storage->opendir($path);
// }
//
// /**
// * see http://php.net/manual/en/function.is_dir.php
// *
// * @param string $path
// * @return bool
// */
// public function is_dir($path) {
// return $this->storage->is_dir($path);
// }
//
// /**
// * see http://php.net/manual/en/function.is_file.php
// *
// * @param string $path
// * @return bool
// */
// public function is_file($path) {
// return $this->storage->is_file($path);
// }
//
// /**
// * see http://php.net/manual/en/function.stat.php
// * only the following keys are required in the result: size and mtime
// *
// * @param string $path
// * @return array
// */
// public function stat($path) {
// return $this->storage->stat($path);
// }
//
// /**
// * see http://php.net/manual/en/function.filetype.php
// *
// * @param string $path
// * @return bool
// */
// public function filetype($path) {
// return $this->storage->filetype($path);
// }
//
// /**
// * see http://php.net/manual/en/function.filesize.php
// * The result for filesize when called on a folder is required to be 0
// *
// * @param string $path
// * @return int
// */
// public function filesize($path) {
// return $this->storage->filesize($path);
// }
/**
* check if a file can be created in $path
*
* @param string $path
* @return bool
*/
public function isCreatable($path) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->isCreatable($path);
}
/**
* check if a file can be read
*
* @param string $path
* @return bool
*/
public function isReadable($path) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->isReadable($path);
}
/**
* check if a file can be written to
*
* @param string $path
* @return bool
*/
public function isUpdatable($path) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->isUpdatable($path);
}
/**
* check if a file can be deleted
*
* @param string $path
* @return bool
*/
public function isDeletable($path) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->isDeletable($path);
}
// /**
// * check if a file can be shared
// *
// * @param string $path
// * @return bool
// */
// public function isSharable($path) {
// return $this->storage->isSharable($path);
// }
//
// /**
// * get the full permissions of a path.
// * Should return a combination of the PERMISSION_ constants defined in lib/public/constants.php
// *
// * @param string $path
// * @return int
// */
// public function getPermissions($path) {
// return $this->storage->getPermissions($path);
// }
//
// /**
// * see http://php.net/manual/en/function.file_exists.php
// *
// * @param string $path
// * @return bool
// */
// public function file_exists($path) {
// return $this->storage->file_exists($path);
// }
//
// /**
// * see http://php.net/manual/en/function.filemtime.php
// *
// * @param string $path
// * @return int
// */
// public function filemtime($path) {
// return $this->storage->filemtime($path);
// }
/**
* see http://php.net/manual/en/function.file_get_contents.php
*
* @param string $path
* @return string
*/
public function file_get_contents($path) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->file_get_contents($path);
}
/**
* see http://php.net/manual/en/function.file_put_contents.php
*
* @param string $path
* @param string $data
* @return bool
*/
public function file_put_contents($path, $data) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->file_put_contents($path, $data);
}
/**
* see http://php.net/manual/en/function.unlink.php
*
* @param string $path
* @return bool
*/
public function unlink($path) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->unlink($path);
}
/**
* see http://php.net/manual/en/function.rename.php
*
* @param string $path1
* @param string $path2
* @return bool
*/
public function rename($path1, $path2) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path1' => $path1,
'path2' => $path2,
]);
return $this->storage->rename($path1, $path2);
}
/**
* see http://php.net/manual/en/function.copy.php
*
* @param string $path1
* @param string $path2
* @return bool
*/
public function copy($path1, $path2) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path1' => $path1,
'path2' => $path2,
]);
return $this->storage->copy($path1, $path2);
}
/**
* see http://php.net/manual/en/function.fopen.php
*
* @param string $path
* @param string $mode
* @return resource
*/
public function fopen($path, $mode) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->fopen($path, $mode);
}
// /**
// * get the mimetype for a file or folder
// * The mimetype for a folder is required to be "httpd/unix-directory"
// *
// * @param string $path
// * @return string
// */
// public function getMimeType($path) {
// return $this->storage->getMimeType($path);
// }
//
// /**
// * see http://php.net/manual/en/function.hash.php
// *
// * @param string $type
// * @param string $path
// * @param bool $raw
// * @return string
// */
// public function hash($type, $path, $raw = false) {
// return $this->storage->hash($type, $path, $raw);
// }
//
// /**
// * see http://php.net/manual/en/function.free_space.php
// *
// * @param string $path
// * @return int
// */
// public function free_space($path) {
// return $this->storage->free_space($path);
// }
//
// /**
// * search for occurrences of $query in file names
// *
// * @param string $query
// * @return array
// */
// public function search($query) {
// return $this->storage->search($query);
// }
/**
* see http://php.net/manual/en/function.touch.php
* If the backend does not support the operation, false should be returned
*
* @param string $path
* @param int $mtime
* @return bool
*/
public function touch($path, $mtime = null) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->touch($path, $mtime);
}
// /**
// * get the path to a local version of the file.
// * The local version of the file can be temporary and doesn't have to be persistent across requests
// *
// * @param string $path
// * @return string
// */
// public function getLocalFile($path) {
// return $this->storage->getLocalFile($path);
// }
//
// /**
// * check if a file or folder has been updated since $time
// *
// * @param string $path
// * @param int $time
// * @return bool
// *
// * hasUpdated for folders should return at least true if a file inside the folder is add, removed or renamed.
// * returning true for other changes in the folder is optional
// */
// public function hasUpdated($path, $time) {
// return $this->storage->hasUpdated($path, $time);
// }
//
// /**
// * get a cache instance for the storage
// *
// * @param string $path
// * @param \OC\Files\Storage\Storage (optional) the storage to pass to the cache
// * @return \OC\Files\Cache\Cache
// */
// public function getCache($path = '', $storage = null) {
// if (!$storage) {
// $storage = $this;
// }
// return $this->storage->getCache($path, $storage);
// }
//
// /**
// * get a scanner instance for the storage
// *
// * @param string $path
// * @param \OC\Files\Storage\Storage (optional) the storage to pass to the scanner
// * @return \OC\Files\Cache\Scanner
// */
// public function getScanner($path = '', $storage = null) {
// if (!$storage) {
// $storage = $this;
// }
// return $this->storage->getScanner($path, $storage);
// }
//
//
// /**
// * get the user id of the owner of a file or folder
// *
// * @param string $path
// * @return string
// */
// public function getOwner($path) {
// return $this->storage->getOwner($path);
// }
//
// /**
// * get a watcher instance for the cache
// *
// * @param string $path
// * @param \OC\Files\Storage\Storage (optional) the storage to pass to the watcher
// * @return \OC\Files\Cache\Watcher
// */
// public function getWatcher($path = '', $storage = null) {
// if (!$storage) {
// $storage = $this;
// }
// return $this->storage->getWatcher($path, $storage);
// }
//
// public function getPropagator($storage = null) {
// if (!$storage) {
// $storage = $this;
// }
// return $this->storage->getPropagator($storage);
// }
//
// public function getUpdater($storage = null) {
// if (!$storage) {
// $storage = $this;
// }
// return $this->storage->getUpdater($storage);
// }
//
// /**
// * @return \OC\Files\Cache\Storage
// */
// public function getStorageCache() {
// return $this->storage->getStorageCache();
// }
//
// /**
// * get the ETag for a file or folder
// *
// * @param string $path
// * @return string
// */
// public function getETag($path) {
// return $this->storage->getETag($path);
// }
//
// /**
// * Returns true
// *
// * @return true
// */
// public function test() {
// return $this->storage->test();
// }
//
// /**
// * Returns the wrapped storage's value for isLocal()
// *
// * @return bool wrapped storage's isLocal() value
// */
// public function isLocal() {
// return $this->storage->isLocal();
// }
//
// /**
// * Check if the storage is an instance of $class or is a wrapper for a storage that is an instance of $class
// *
// * @param string $class
// * @return bool
// */
// public function instanceOfStorage($class) {
// return is_a($this, $class) or $this->storage->instanceOfStorage($class);
// }
//
// /**
// * Pass any methods custom to specific storage implementations to the wrapped storage
// *
// * @param string $method
// * @param array $args
// * @return mixed
// */
// public function __call($method, $args) {
// return call_user_func_array(array($this->storage, $method), $args);
// }
/**
* A custom storage implementation can return an url for direct download of a give file.
*
* For now the returned array can hold the parameter url - in future more attributes might follow.
*
* @param string $path
* @return array
*/
public function getDirectDownload($path) {
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $path,
]);
return $this->storage->getDirectDownload($path);
}
// /**
// * Get availability of the storage
// *
// * @return array [ available, last_checked ]
// */
// public function getAvailability() {
// return $this->storage->getAvailability();
// }
//
// /**
// * Set availability of the storage
// *
// * @param bool $isAvailable
// */
// public function setAvailability($isAvailable) {
// $this->storage->setAvailability($isAvailable);
// }
//
// /**
// * @param string $path the path of the target folder
// * @param string $fileName the name of the file itself
// * @return void
// * @throws InvalidPathException
// */
// public function verifyPath($path, $fileName) {
// $this->storage->verifyPath($path, $fileName);
// }
/**
* @param \OCP\Files\Storage $sourceStorage
* @param string $sourceInternalPath
* @param string $targetInternalPath
* @return bool
*/
public function copyFromStorage(\OCP\Files\Storage $sourceStorage, $sourceInternalPath, $targetInternalPath) {
if ($sourceStorage === $this) {
return $this->copy($sourceInternalPath, $targetInternalPath);
}
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $targetInternalPath,
]);
return $this->storage->copyFromStorage($sourceStorage, $sourceInternalPath, $targetInternalPath);
}
/**
* @param \OCP\Files\Storage $sourceStorage
* @param string $sourceInternalPath
* @param string $targetInternalPath
* @return bool
*/
public function moveFromStorage(\OCP\Files\Storage $sourceStorage, $sourceInternalPath, $targetInternalPath) {
if ($sourceStorage === $this) {
return $this->rename($sourceInternalPath, $targetInternalPath);
}
$this->emitEvent([
'slot' => self::SLOT_BEFORE,
'method' => __FUNCTION__,
'path' => $targetInternalPath,
]);
return $this->storage->moveFromStorage($sourceStorage, $sourceInternalPath, $targetInternalPath);
}
// /**
// * @param string $path
// * @return array
// */
// public function getMetaData($path) {
// return $this->storage->getMetaData($path);
// }
//
// /**
// * @param string $path
// * @param int $type \OCP\Lock\ILockingProvider::LOCK_SHARED or \OCP\Lock\ILockingProvider::LOCK_EXCLUSIVE
// * @param \OCP\Lock\ILockingProvider $provider
// * @throws \OCP\Lock\LockedException
// */
// public function acquireLock($path, $type, ILockingProvider $provider) {
// if ($this->storage->instanceOfStorage('\OCP\Files\Storage\ILockingStorage')) {
// $this->storage->acquireLock($path, $type, $provider);
// }
// }
//
// /**
// * @param string $path
// * @param int $type \OCP\Lock\ILockingProvider::LOCK_SHARED or \OCP\Lock\ILockingProvider::LOCK_EXCLUSIVE
// * @param \OCP\Lock\ILockingProvider $provider
// */
// public function releaseLock($path, $type, ILockingProvider $provider) {
// if ($this->storage->instanceOfStorage('\OCP\Files\Storage\ILockingStorage')) {
// $this->storage->releaseLock($path, $type, $provider);
// }
// }
//
// /**
// * @param string $path
// * @param int $type \OCP\Lock\ILockingProvider::LOCK_SHARED or \OCP\Lock\ILockingProvider::LOCK_EXCLUSIVE
// * @param \OCP\Lock\ILockingProvider $provider
// */
// public function changeLock($path, $type, ILockingProvider $provider) {
// if ($this->storage->instanceOfStorage('\OCP\Files\Storage\ILockingStorage')) {
// $this->storage->changeLock($path, $type, $provider);
// }
// }
}

27
settings/admin.php Normal file
Просмотреть файл

@ -0,0 +1,27 @@
<?php
/**
* @copyright Copyright (c) 2016 Morris Jobke <hey@morrisjobke.de>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
$app = new \OCA\FilesAccessControl\AppInfo\Application();
$container = $app->getContainer();
/** @var \OCP\AppFramework\Http\TemplateResponse $response */
$response = $container->query('OCA\FilesAccessControl\Controller\AdminController')->index();
return $response->render();

32
tests/bootstrap.php Normal file
Просмотреть файл

@ -0,0 +1,32 @@
<?php
/**
* @copyright Copyright (c) 2016 Morris Jobke <hey@morrisjobke.de>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
if (!defined('PHPUNIT_RUN')) {
define('PHPUNIT_RUN', 1);
}
require_once __DIR__.'/../../../lib/base.php';
if(!class_exists('PHPUnit_Framework_TestCase')) {
require_once('PHPUnit/Autoload.php');
}
OC_Hook::clear();

24
tests/phpunit.xml Normal file
Просмотреть файл

@ -0,0 +1,24 @@
<?xml version="1.0" encoding="utf-8" ?>
<phpunit bootstrap="bootstrap.php"
strict="true"
verbose="true"
timeoutForSmallTests="900"
timeoutForMediumTests="900"
timeoutForLargeTests="900"
>
<testsuite name='Files Access Control Tests'>
<directory suffix='Test.php'>.</directory>
</testsuite>
<!-- filters for code coverage -->
<filter>
<whitelist>
<directory suffix=".php">../../files_accesscontrol/appinfo</directory>
<directory suffix=".php">../../files_accesscontrol/lib</directory>
</whitelist>
</filter>
<logging>
<!-- and this is where your report will be written -->
<log type="coverage-clover" target="./clover.xml"/>
</logging>
</phpunit>