mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-22 23:00:56 +01:00
"- fix for bug #1817: file in a searchable directory was always readable
- changed chgrp and chmod, to allow admins to modify files/dirs owned by root"
This commit is contained in:
parent
96e773777f
commit
9d9bd270a2
@ -227,13 +227,15 @@ class sqlfs_stream_wrapper implements iface_stream_wrapper
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($mode != 'r' && !egw_vfs::check_access($url,egw_vfs::WRITABLE,$stat)) // we are not allowed to edit it
|
||||
if ($mode == 'r' && !egw_vfs::check_access($url,egw_vfs::READABLE ,$stat) ||// we are not allowed to read
|
||||
$mode != 'r' && !egw_vfs::check_access($url,egw_vfs::WRITABLE,$stat)) // or edit it
|
||||
{
|
||||
self::_remove_password($url);
|
||||
if (self::LOG_LEVEL) error_log(__METHOD__."($url,$mode,$options) file can not be edited!");
|
||||
$op = $mode == 'r' ? 'read' : 'edited';
|
||||
if (self::LOG_LEVEL) error_log(__METHOD__."($url,$mode,$options) file can not be $op!");
|
||||
if (!($options & STREAM_URL_STAT_QUIET))
|
||||
{
|
||||
trigger_error(__METHOD__."($url,$mode,$options) file can not be edited!",E_USER_WARNING);
|
||||
trigger_error(__METHOD__."($url,$mode,$options) file can not be $op!",E_USER_WARNING);
|
||||
}
|
||||
$this->opened_stream = $this->opened_path = $this->opened_mode = null;
|
||||
return false;
|
||||
@ -790,7 +792,7 @@ class sqlfs_stream_wrapper implements iface_stream_wrapper
|
||||
trigger_error("No such file or directory $url !",E_USER_WARNING);
|
||||
return false;
|
||||
}
|
||||
if (!egw_vfs::$is_root && $stat['uid'] != egw_vfs::$user)
|
||||
if (!egw_vfs::has_owner_rights($path,$stat))
|
||||
{
|
||||
if (self::LOG_LEVEL) error_log(__METHOD__."($url,$owner) only owner or root can do that!");
|
||||
trigger_error("Only owner or root can do that!",E_USER_WARNING);
|
||||
@ -831,7 +833,7 @@ class sqlfs_stream_wrapper implements iface_stream_wrapper
|
||||
trigger_error("No such file or directory $url !",E_USER_WARNING);
|
||||
return false;
|
||||
}
|
||||
if (!egw_vfs::$is_root && $stat['uid'] != egw_vfs::$user)
|
||||
if (!egw_vfs::has_owner_rights($path,$stat))
|
||||
{
|
||||
if (self::LOG_LEVEL) error_log(__METHOD__."($url,$owner) only owner or root can do that!");
|
||||
trigger_error("Only owner or root can do that!",E_USER_WARNING);
|
||||
|
Loading…
Reference in New Issue
Block a user