From 1159f4bb45aef4a338c14c514db1fd862edb8126 Mon Sep 17 00:00:00 2001 From: nathangray Date: Tue, 31 Oct 2017 10:38:35 -0600 Subject: [PATCH] Less restrictions on anonymous user, use permissions instead --- filemanager/inc/class.filemanager_ui.inc.php | 24 +++++++++++--------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/filemanager/inc/class.filemanager_ui.inc.php b/filemanager/inc/class.filemanager_ui.inc.php index 8de57ecf96..c30d6fdc04 100644 --- a/filemanager/inc/class.filemanager_ui.inc.php +++ b/filemanager/inc/class.filemanager_ui.inc.php @@ -1275,7 +1275,8 @@ class filemanager_ui if (($readonlys['uid'] = !Vfs::$is_root) && !$content['uid']) $content['ro_uid_root'] = 'root'; // only owner can change group & perms if (($readonlys['gid'] = !$content['is_owner'] || - Vfs::parse_url(Vfs::resolve_url($content['path']),PHP_URL_SCHEME) == 'oldvfs')) // no uid, gid or perms in oldvfs + Vfs::parse_url(Vfs::resolve_url($content['path']),PHP_URL_SCHEME) == 'oldvfs') ||// no uid, gid or perms in oldvfs + !Vfs::is_writable($path)) { if (!$content['gid']) $content['ro_gid_root'] = 'root'; foreach($content['perms'] as $name => $value) @@ -1283,6 +1284,7 @@ class filemanager_ui $readonlys['perms['.$name.']'] = true; } } + $readonlys['gid'] = $readonlys['gid'] || !Vfs::is_writable($path); $readonlys['name'] = $path == '/' || !($dir = Vfs::dirname($path)) || !Vfs::is_writable($dir); $readonlys['comment'] = !Vfs::is_writable($path); $readonlys['tabs']['filemanager.file.preview'] = $readonlys['tabs']['filemanager.file.perms'] = $content['is_link']; @@ -1388,6 +1390,11 @@ class filemanager_ui $tpl->setElementAttribute('sudouser', 'help','Enter setup user and password to get root rights'); $tpl->setElementAttribute('sudouser', 'onclick','app.filemanager.set_sudoButton(widget,"logout")'); } + else if (self::is_anonymous($GLOBALS['egw_info']['user']['account_id'])) + { + // Just hide sudo for anonymous users + $readonlys['sudouser'] = true; + } if (($extra_tabs = Vfs::getExtraInfo($path,$content))) { // add to existing tabs in template @@ -1419,23 +1426,18 @@ class filemanager_ui Framework::window_focus(); $GLOBALS['egw_info']['flags']['app_header'] = lang('Preferences').' '.Vfs::decodePath($path); - // Anonymous users cannot do anything - if(self::is_anonymous($GLOBALS['egw_info']['user']['account_id'])) - { - $readonlys['__ALL__'] = true; - $readonlys['gid'] = true; - } - $tpl->exec('filemanager.filemanager_ui.file',$content,$sel_options,$readonlys,$preserve,2); } /** * Check if the user is anonymous user - * @param type $user_id + * @param integer $account_id */ - protected static function is_anonymous($user_id) + protected static function is_anonymous($account_id) { - return in_array($user_id, $GLOBALS['egw']->accounts->members('NoGroup', true)); + $acl = new Api\Acl($account_id); + $acl->read_repository(); + return $acl->check('anonymous', 1, 'phpgwapi'); } /**