wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #19407 from owncloud/lock-zip-content

Browse source 
Lock zip content
This commit is contained in:
Thomas Müller 2015-10-06 11:47:43 +02:00
commit 319e61f0ea
2 changed files with 135 additions and 84 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

207
lib/private/files.php
View file

@ -35,7 +35,7 @@
* *
*/ */
use OC\Lock\NoopLockingProvider; use OC\Files\View;
use OC\Streamer; use OC\Streamer;
use OCP\Lock\ILockingProvider; use OCP\Lock\ILockingProvider;
@ -58,10 +58,11 @@ class OC_Files {
OC_Response::setContentDispositionHeader($name, 'attachment'); OC_Response::setContentDispositionHeader($name, 'attachment');
header('Content-Transfer-Encoding: binary'); header('Content-Transfer-Encoding: binary');
OC_Response::disableCaching(); OC_Response::disableCaching();
$filesize = \OC\Files\Filesystem::filesize($filename); $fileSize = \OC\Files\Filesystem::filesize($filename);
header('Content-Type: '.\OC_Helper::getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename))); $type = \OC::$server->getMimeTypeDetector()->getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename));
if ($filesize > -1) { header('Content-Type: '.$type);
OC_Response::setContentLengthHeader($filesize); if ($fileSize > -1) {
OC_Response::setContentLengthHeader($fileSize);
} }
} }
@ -73,105 +74,131 @@ class OC_Files {
* @param boolean $onlyHeader ; boolean to only send header of the request * @param boolean $onlyHeader ; boolean to only send header of the request
*/ */
public static function get($dir, $files, $onlyHeader = false) { public static function get($dir, $files, $onlyHeader = false) {
$view = \OC\Files\Filesystem::getView(); $view = \OC\Files\Filesystem::getView();
$getType = self::FILE;
$filename = $dir;
try {
if (is_array($files) && count($files) === 1) { if (is_array($files) && count($files) === 1) {
$files = $files[0]; $files = $files[0];
} $filename = $dir . '/' . $files;
if (!$view->is_dir($files)) {
if (is_array($files)) { self::getSingleFile($view, $dir, $files, $onlyHeader);
$getType = self::ZIP_FILES; return;
$basename = basename($dir); }
if ($basename) {
$name = $basename;
} else {
$name = 'download';
} }
$filename = $dir . '/' . $name; $name = 'download';
} else { if (is_array($files)) {
$filename = $dir . '/' . $files; $getType = self::ZIP_FILES;
if (\OC\Files\Filesystem::is_dir($dir . '/' . $files)) { $basename = basename($dir);
if ($basename) {
$name = $basename;
}
$filename = $dir . '/' . $name;
} else {
$filename = $dir . '/' . $files;
$getType = self::ZIP_DIR; $getType = self::ZIP_DIR;
// downloading root ? // downloading root ?
if ($files === '') { if ($files !== '') {
$name = 'download';
} else {
$name = $files; $name = $files;
} }
} else {
$getType = self::FILE;
$name = $files;
} }
}
if ($getType === self::FILE) {
$streamer = false;
} else {
$streamer = new Streamer(); $streamer = new Streamer();
} OC_Util::obEnd();
OC_Util::obEnd();
try { self::lockFiles($view, $dir, $files);
if ($getType === self::FILE) {
$view->lockFile($filename, ILockingProvider::LOCK_SHARED); $streamer->sendHeaders($name);
} $executionTime = intval(ini_get('max_execution_time'));
set_time_limit(0);
if ($streamer) { if ($getType === self::ZIP_FILES) {
$streamer->sendHeaders($name); foreach ($files as $file) {
} elseif (\OC\Files\Filesystem::isReadable($filename)) { $file = $dir . '/' . $file;
self::sendHeaders($filename, $name); if (\OC\Files\Filesystem::is_file($file)) {
} elseif (!\OC\Files\Filesystem::file_exists($filename)) { $fileSize = \OC\Files\Filesystem::filesize($file);
header("HTTP/1.0 404 Not Found"); $fh = \OC\Files\Filesystem::fopen($file, 'r');
$tmpl = new OC_Template('', '404', 'guest'); $streamer->addFileFromStream($fh, basename($file), $fileSize);
$tmpl->printPage(); fclose($fh);
exit(); } elseif (\OC\Files\Filesystem::is_dir($file)) {
} else { $streamer->addDirRecursive($file);
header("HTTP/1.0 403 Forbidden");
die('403 Forbidden');
}
if ($onlyHeader) {
return;
}
if ($streamer) {
$executionTime = intval(ini_get('max_execution_time'));
set_time_limit(0);
if ($getType === self::ZIP_FILES) {
foreach ($files as $file) {
$file = $dir . '/' . $file;
if (\OC\Files\Filesystem::is_file($file)) {
$fileSize = \OC\Files\Filesystem::filesize($file);
$fh = \OC\Files\Filesystem::fopen($file, 'r');
$streamer->addFileFromStream($fh, basename($file), $fileSize);
fclose($fh);
} elseif (\OC\Files\Filesystem::is_dir($file)) {
$streamer->addDirRecursive($file);
}
} }
} elseif ($getType === self::ZIP_DIR) {
$file = $dir . '/' . $files;
$streamer->addDirRecursive($file);
} }
$streamer->finalize(); } elseif ($getType === self::ZIP_DIR) {
set_time_limit($executionTime); $file = $dir . '/' . $files;
} else { $streamer->addDirRecursive($file);
\OC\Files\Filesystem::readfile($filename);
}
if ($getType === self::FILE) {
$view->unlockFile($filename, ILockingProvider::LOCK_SHARED);
} }
$streamer->finalize();
set_time_limit($executionTime);
self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
} catch (\OCP\Lock\LockedException $ex) { } catch (\OCP\Lock\LockedException $ex) {
self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
OC::$server->getLogger()->logException($ex);
$l = \OC::$server->getL10N('core'); $l = \OC::$server->getL10N('core');
$hint = method_exists($ex, 'getHint') ? $ex->getHint() : ''; $hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
\OC_Template::printErrorPage($l->t('File is currently busy, please try again later'), $hint); \OC_Template::printErrorPage($l->t('File is currently busy, please try again later'), $hint);
} catch (\Exception $ex) { } catch (\Exception $ex) {
self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
OC::$server->getLogger()->logException($ex);
$l = \OC::$server->getL10N('core'); $l = \OC::$server->getL10N('core');
$hint = method_exists($ex, 'getHint') ? $ex->getHint() : ''; $hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
\OC_Template::printErrorPage($l->t('Can\'t read file'), $hint); \OC_Template::printErrorPage($l->t('Can\'t read file'), $hint);
} }
} }
/**
* @param View $view
* @param string $name
*/
private static function getSingleFile($view, $dir, $name, $onlyHeader) {
$filename = $dir . '/' . $name;
OC_Util::obEnd();
$view->lockFile($filename, ILockingProvider::LOCK_SHARED);
if (\OC\Files\Filesystem::isReadable($filename)) {
self::sendHeaders($filename, $name);
} elseif (!\OC\Files\Filesystem::file_exists($filename)) {
header("HTTP/1.0 404 Not Found");
$tmpl = new OC_Template('', '404', 'guest');
$tmpl->printPage();
exit();
} else {
header("HTTP/1.0 403 Forbidden");
die('403 Forbidden');
}
if ($onlyHeader) {
return;
}
$view->readfile($filename);
}
/**
* @param View $view
* @param $dir
* @param string[]|string $files
*/
public static function lockFiles($view, $dir, $files) {
if (!is_array($files)) {
$file = $dir . '/' . $files;
$files = [$file];
}
foreach ($files as $file) {
$file = $dir . '/' . $file;
$view->lockFile($file, ILockingProvider::LOCK_SHARED);
if ($view->is_dir($file)) {
$contents = $view->getDirectoryContent($file);
$contents = array_map(function($fileInfo) use ($file) {
/** @var \OCP\Files\FileInfo $fileInfo */
return $file . '/' . $fileInfo->getName();
}, $contents);
self::lockFiles($view, $dir, $contents);
}
}
}
/** /**
* set the maximum upload size limit for apache hosts using .htaccess * set the maximum upload size limit for apache hosts using .htaccess
* *
@ -253,4 +280,28 @@ class OC_Files {
} }
return false; return false;
} }
/**
* @param $dir
* @param $files
* @param $getType
* @param View $view
* @param $filename
*/
private static function unlockAllTheFiles($dir, $files, $getType, $view, $filename) {
if ($getType === self::FILE) {
$view->unlockFile($filename, ILockingProvider::LOCK_SHARED);
}
if ($getType === self::ZIP_FILES) {
foreach ($files as $file) {
$file = $dir . '/' . $file;
$view->unlockFile($file, ILockingProvider::LOCK_SHARED);
}
}
if ($getType === self::ZIP_DIR) {
$file = $dir . '/' . $files;
$view->unlockFile($file, ILockingProvider::LOCK_SHARED);
}
}
} }

12
lib/private/streamer.php
View file

@ -90,9 +90,9 @@ class Streamer {
/** /**
* Add a file to the archive at the specified location and file name. * Add a file to the archive at the specified location and file name.
* *
* @param string $stream Stream to read data from * @param string $stream Stream to read data from
* @param string $internalName Filepath and name to be used in the archive. * @param string $internalName Filepath and name to be used in the archive.
* @param int $size Filesize * @param int $size Filesize
* @return bool $success * @return bool $success
*/ */
public function addFileFromStream($stream, $internalName, $size){ public function addFileFromStream($stream, $internalName, $size){
@ -102,17 +102,17 @@ class Streamer {
return $this->streamerInstance->addFileFromStream($stream, $internalName, $size); return $this->streamerInstance->addFileFromStream($stream, $internalName, $size);
} }
} }
/** /**
* Add an empty directory entry to the archive. * Add an empty directory entry to the archive.
* *
* @param string $directoryPath Directory Path and name to be added to the archive. * @param string $dirName Directory Path and name to be added to the archive.
* @return bool $success * @return bool $success
*/ */
public function addEmptyDir($dirName){ public function addEmptyDir($dirName){
return $this->streamerInstance->addEmptyDir($dirName); return $this->streamerInstance->addEmptyDir($dirName);
} }
/** /**
* Close the archive. * Close the archive.
* A closed archive can no longer have new files added to it. After * A closed archive can no longer have new files added to it. After