mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-22 23:00:56 +01:00
"- fix for bug #1817: file in a searchable directory was always readable
- changed chgrp and chmod, to allow admins to modify files/dirs owned by root"
This commit is contained in:
parent
96e773777f
commit
9d9bd270a2
@ -227,13 +227,15 @@ class sqlfs_stream_wrapper implements iface_stream_wrapper
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
if ($mode != 'r' && !egw_vfs::check_access($url,egw_vfs::WRITABLE,$stat)) // we are not allowed to edit it
|
if ($mode == 'r' && !egw_vfs::check_access($url,egw_vfs::READABLE ,$stat) ||// we are not allowed to read
|
||||||
|
$mode != 'r' && !egw_vfs::check_access($url,egw_vfs::WRITABLE,$stat)) // or edit it
|
||||||
{
|
{
|
||||||
self::_remove_password($url);
|
self::_remove_password($url);
|
||||||
if (self::LOG_LEVEL) error_log(__METHOD__."($url,$mode,$options) file can not be edited!");
|
$op = $mode == 'r' ? 'read' : 'edited';
|
||||||
|
if (self::LOG_LEVEL) error_log(__METHOD__."($url,$mode,$options) file can not be $op!");
|
||||||
if (!($options & STREAM_URL_STAT_QUIET))
|
if (!($options & STREAM_URL_STAT_QUIET))
|
||||||
{
|
{
|
||||||
trigger_error(__METHOD__."($url,$mode,$options) file can not be edited!",E_USER_WARNING);
|
trigger_error(__METHOD__."($url,$mode,$options) file can not be $op!",E_USER_WARNING);
|
||||||
}
|
}
|
||||||
$this->opened_stream = $this->opened_path = $this->opened_mode = null;
|
$this->opened_stream = $this->opened_path = $this->opened_mode = null;
|
||||||
return false;
|
return false;
|
||||||
@ -790,7 +792,7 @@ class sqlfs_stream_wrapper implements iface_stream_wrapper
|
|||||||
trigger_error("No such file or directory $url !",E_USER_WARNING);
|
trigger_error("No such file or directory $url !",E_USER_WARNING);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (!egw_vfs::$is_root && $stat['uid'] != egw_vfs::$user)
|
if (!egw_vfs::has_owner_rights($path,$stat))
|
||||||
{
|
{
|
||||||
if (self::LOG_LEVEL) error_log(__METHOD__."($url,$owner) only owner or root can do that!");
|
if (self::LOG_LEVEL) error_log(__METHOD__."($url,$owner) only owner or root can do that!");
|
||||||
trigger_error("Only owner or root can do that!",E_USER_WARNING);
|
trigger_error("Only owner or root can do that!",E_USER_WARNING);
|
||||||
@ -831,7 +833,7 @@ class sqlfs_stream_wrapper implements iface_stream_wrapper
|
|||||||
trigger_error("No such file or directory $url !",E_USER_WARNING);
|
trigger_error("No such file or directory $url !",E_USER_WARNING);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (!egw_vfs::$is_root && $stat['uid'] != egw_vfs::$user)
|
if (!egw_vfs::has_owner_rights($path,$stat))
|
||||||
{
|
{
|
||||||
if (self::LOG_LEVEL) error_log(__METHOD__."($url,$owner) only owner or root can do that!");
|
if (self::LOG_LEVEL) error_log(__METHOD__."($url,$owner) only owner or root can do that!");
|
||||||
trigger_error("Only owner or root can do that!",E_USER_WARNING);
|
trigger_error("Only owner or root can do that!",E_USER_WARNING);
|
||||||
|
Loading…
Reference in New Issue
Block a user