/** * Background scanner main job * @return null */ public function run() { if (!$this->initFS()) { return; } // locate files that are not checked yet $dirMimetypeId = \OC::$server->getMimeTypeLoader()->getId('httpd/unix-directory'); $sql = 'SELECT `*PREFIX*filecache`.`fileid`, `*PREFIX*storages`.*' . ' FROM `*PREFIX*filecache`' . ' LEFT JOIN `*PREFIX*files_antivirus` ON `*PREFIX*files_antivirus`.`fileid` = `*PREFIX*filecache`.`fileid`' . ' JOIN `*PREFIX*storages` ON `*PREFIX*storages`.`numeric_id` = `*PREFIX*filecache`.`storage`' . ' WHERE `mimetype` != ?' . ' AND (`*PREFIX*storages`.`id` LIKE ? OR `*PREFIX*storages`.`id` LIKE ?)' . ' AND (`*PREFIX*files_antivirus`.`fileid` IS NULL OR `mtime` > `check_time`)' . ' AND `path` LIKE ?'; $stmt = \OCP\DB::prepare($sql, 5); try { $result = $stmt->execute(array($dirMimetypeId, 'local::%', 'home::%', 'files/%')); if (\OCP\DB::isError($result)) { \OCP\Util::writeLog('files_antivirus', __METHOD__ . 'DB error: ' . \OCP\DB::getErrorMessage($result), \OCP\Util::ERROR); return; } } catch (\Exception $e) { \OCP\Util::writeLog('files_antivirus', __METHOD__ . ', exception: ' . $e->getMessage(), \OCP\Util::ERROR); return; } $view = new \OC\Files\View('/'); while ($row = $result->fetchRow()) { $path = $view->getPath($row['fileid']); if (!is_null($path)) { $item = new Item($this->l10n, $view, $path, $row['fileid']); $scanner = $this->scannerFactory->getScanner(); $status = $scanner->scan($item); $status->dispatch($item, true); } } \OC_Util::tearDownFS(); }
/** * Background scanner main job * @return null */ public function run() { if (!$this->initFS()) { return; } // locate files that are not checked yet $dirMimeTypeId = \OC::$server->getMimeTypeLoader()->getId('httpd/unix-directory'); try { $qb = \OC::$server->getDatabaseConnection()->getQueryBuilder(); $qb->select(['fc.fileid'])->from('filecache', 'fc')->leftJoin('fc', 'files_antivirus', 'fa', $qb->expr()->eq('fa.fileid', 'fc.fileid'))->innerJoin('fc', 'storages', 'ss', $qb->expr()->andX($qb->expr()->eq('fc.storage', 'ss.numeric_id'), $qb->expr()->orX($qb->expr()->like('ss.id', $qb->expr()->literal('local::%')), $qb->expr()->like('ss.id', $qb->expr()->literal('home::%')))))->where($qb->expr()->neq('fc.mimetype', $qb->expr()->literal($dirMimeTypeId)))->andWhere($qb->expr()->orX($qb->expr()->isNull('fa.fileid'), $qb->expr()->gt('fc.mtime', 'fa.check_time')))->andWhere($qb->expr()->like('fc.path', $qb->expr()->literal('files/%')))->andWhere($qb->expr()->neq('fc.size', '0'))->setMaxResults(5); $result = $qb->execute(); } catch (\Exception $e) { \OC::$server->getLogger()->error(__METHOD__ . ', exception: ' . $e->getMessage(), ['app' => 'files_antivirus']); return; } $view = new \OC\Files\View(''); try { while ($row = $result->fetch()) { $path = $view->getPath($row['fileid']); if (!is_null($path)) { $item = new Item($this->l10n, $view, $path, $row['fileid']); $scanner = $this->scannerFactory->getScanner(); $status = $scanner->scan($item); $status->dispatch($item, true); } } } catch (\Exception $e) { \OC::$server->getLogger()->error(__METHOD__ . ', exception: ' . $e->getMessage(), ['app' => 'files_antivirus']); } \OC_Util::tearDownFS(); }
public function generateFileToken($fileId, $version) { // Get the FS view of the current user. $view = \OC\Files\Filesystem::getView(); // Get the virtual path (if the file is shared). $path = $view->getPath($fileId); if (!$view->is_file($path) || !$view->isUpdatable($path)) { throw new \Exception('Invalid fileId.'); } // Figure out the real owner, if not us. $owner = $view->getOwner($path); // Create a view into the owner's FS. $view = new \OC\Files\View('/' . $owner . '/files'); // Find the real path. $path = $view->getPath($fileId); if (!$view->is_file($path)) { throw new \Exception('Invalid fileId.'); } $editor = \OC::$server->getUserSession()->getUser()->getUID(); $token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_UPPER . \OCP\Security\ISecureRandom::CHAR_DIGITS); \OC::$server->getLogger()->debug('Issuing token for {editor} file {fileId}, version {version} owned by {owner}, path {path}: {token}', ['owner' => $owner, 'editor' => $editor, 'fileId' => $fileId, 'version' => $version, 'path' => $path, 'token' => $token]); $wopi = new \OCA\Richdocuments\Db\Wopi([$owner, $editor, $fileId, $version, $path, $token, time() + self::TOKEN_LIFETIME_SECONDS]); if (!$wopi->insert()) { throw new \Exception('Failed to add wopi token into database'); } return $token; }
public static function getUidAndFilename($filename) { $uid = \OC\Files\Filesystem::getOwner($filename); \OC\Files\Filesystem::initMountPoints($uid); if ($uid != \OCP\User::getUser()) { $info = \OC\Files\Filesystem::getFileInfo($filename); $ownerView = new \OC\Files\View('/' . $uid . '/files'); $filename = $ownerView->getPath($info['fileid']); } return array($uid, $filename); }
/** * @param string $filename * @return array * @throws \OC\User\NoUserException */ public static function getUidAndFilename($filename) { $uid = \OC\Files\Filesystem::getOwner($filename); \OC\Files\Filesystem::initMountPoints($uid); if ($uid != \OCP\User::getUser()) { $info = \OC\Files\Filesystem::getFileInfo($filename); $ownerView = new \OC\Files\View('/' . $uid . '/files'); try { $filename = $ownerView->getPath($info['fileid']); } catch (NotFoundException $e) { $filename = null; } } return [$uid, $filename]; }
\OCP\Util::writeLog('core-preview', 'Passed token parameter is not valid', \OCP\Util::DEBUG); exit; } if (!isset($linkedItem['uid_owner']) || !isset($linkedItem['file_source'])) { \OC_Response::setStatus(\OC_Response::STATUS_INTERNAL_SERVER_ERROR); \OCP\Util::writeLog('core-preview', 'Passed token seems to be valid, but it does not contain all necessary information . ("' . $token . '")', \OCP\Util::WARN); exit; } $rootLinkItem = OCP\Share::resolveReShare($linkedItem); $userId = $rootLinkItem['uid_owner']; OCP\JSON::checkUserExists($rootLinkItem['uid_owner']); \OC_Util::setupFS($userId); \OC\Files\Filesystem::initMountPoints($userId); $view = new \OC\Files\View('/' . $userId . '/files'); $pathId = $linkedItem['file_source']; $path = $view->getPath($pathId); if ($path === null) { \OC_Response::setStatus(\OC_Response::STATUS_NOT_FOUND); \OCP\Util::writeLog('core-preview', 'Could not resolve file for shared item', \OCP\Util::WARN); exit; } $pathInfo = $view->getFileInfo($path); $sharedFile = null; if ($linkedItem['item_type'] === 'folder') { $isValid = \OC\Files\Filesystem::isValidPath($file); if (!$isValid) { \OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST); \OCP\Util::writeLog('core-preview', 'Passed filename is not valid, might be malicious (file:"' . $file . '";ip:"' . \OC::$server->getRequest()->getRemoteAddress() . '")', \OCP\Util::WARN); exit; } $sharedFile = \OC\Files\Filesystem::normalizePath($file);
/** * @brief get uid of the owners of the file and the path to the file * @param string $path Path of the file to check * @throws \Exception * @note $shareFilePath must be relative to data/UID/files. Files * relative to /Shared are also acceptable * @return array */ public function getUidAndFilename($path) { $view = new \OC\Files\View($this->userFilesDir); $fileOwnerUid = $view->getOwner($path); // handle public access if ($this->isPublic) { $filename = $path; $fileOwnerUid = $GLOBALS['fileOwner']; return array($fileOwnerUid, $filename); } else { // Check that UID is valid if (!\OCP\User::userExists($fileOwnerUid)) { throw new \Exception('Could not find owner (UID = "' . var_export($fileOwnerUid, 1) . '") of file "' . $path . '"'); } // NOTE: Bah, this dependency should be elsewhere \OC\Files\Filesystem::initMountPoints($fileOwnerUid); // If the file owner is the currently logged in user if ($fileOwnerUid === $this->userId) { // Assume the path supplied is correct $filename = $path; } else { $info = $view->getFileInfo($path); $ownerView = new \OC\Files\View('/' . $fileOwnerUid . '/files'); // Fetch real file path from DB $filename = $ownerView->getPath($info['fileid']); // TODO: Check that this returns a path without including the user data dir } return array($fileOwnerUid, \OC_Filesystem::normalizePath($filename)); } }
/** * @expectedException \OCP\Files\NotFoundException */ function testGetPathNotExisting() { $storage1 = $this->getTestStorage(); \OC\Files\Filesystem::mount($storage1, [], '/'); $rootView = new \OC\Files\View(''); $cachedData = $rootView->getFileInfo('/foo.txt'); /** @var int $id1 */ $id1 = $cachedData['fileid']; $folderView = new \OC\Files\View('/substorage'); $this->assertNull($folderView->getPath($id1)); }
$view = new \OC\Files\View('/' . $owner . '/files'); // second part is the (duplicated) share name list($folderId, , $img) = explode('/', $img, 3); $shareInfo = \OCP\Share::getItemSharedWithBySource('file', $folderId); if ($shareInfo) { $sharedFolder = $view->getPath($folderId); if ($sharedFolder) { $img = $sharedFolder . '/' . $img; } else { \OC_Response::setStatus(404); exit; } } else { \OC_Response::setStatus(403); exit; } } } session_write_close(); if (is_array($linkItem) && isset($linkItem['uid_owner'])) { // prepend path to share $ownerView = new \OC\Files\View('/' . $owner . '/files'); $path = $ownerView->getPath($linkItem['file_source']); if ($path === null) { exit; } $img = $path . '/' . $img; } $square = isset($_GET['square']) ? (bool) $_GET['square'] : false; $image = new \OCA\Gallery\Thumbnail('/' . $img, $owner, $square); $image->show();
$result = $mailNotification->sendLinkShareMail($to_address, $file, $link, $expiration); if (empty($result)) { // Get the token from the link $linkParts = explode('/', $link); $token = array_pop($linkParts); // Get the share for the token $share = \OCP\Share::getShareByToken($token, false); if ($share !== false) { $currentUser = \OC::$server->getUserSession()->getUser()->getUID(); $file = '/' . ltrim($file, '/'); // Check whether share belongs to the user and whether the file is the same if ($share['file_target'] === $file && $share['uid_owner'] === $currentUser) { // Get the path for the user $view = new \OC\Files\View('/' . $currentUser . '/files'); $fileId = (int) $share['item_source']; $path = $view->getPath((int) $share['item_source']); if ($path !== null) { $event = \OC::$server->getActivityManager()->generateEvent(); $event->setApp(\OCA\Files_Sharing\Activity::FILES_SHARING_APP)->setType(\OCA\Files_Sharing\Activity::TYPE_SHARED)->setAuthor($currentUser)->setAffectedUser($currentUser)->setObject('files', $fileId, $path)->setSubject(\OCA\Files_Sharing\Activity::SUBJECT_SHARED_EMAIL, [$path, $to_address]); \OC::$server->getActivityManager()->publish($event); } } } \OCP\JSON::success(); } else { $l = \OC::$server->getL10N('core'); OCP\JSON::error(array('data' => array('message' => $l->t("Couldn't send mail to following users: %s ", implode(', ', $result))))); } break; } } else {
* later. * See the COPYING-README file. */ OCP\JSON::checkLoggedIn(); OCP\JSON::checkAppEnabled('gallery'); session_write_close(); list($owner, $img) = explode('/', $_GET['file'], 2); if ($owner !== OC_User::getUser()) { \OC\Files\Filesystem::initMountPoints($owner); $parts = explode('/', $img, 3); if (count($parts) === 3) { list($shareId, , $img) = $parts; } else { $shareId = $parts[0]; $img = ''; } if (OCP\Share::getItemSharedWith('gallery', $shareId)) { $ownerView = new \OC\Files\View('/' . $owner . '/files'); $sharedGallery = $ownerView->getPath($shareId); if ($img) { $img = $sharedGallery . '/' . $img; } else { $img = $sharedGallery; } } else { OC_JSON::error('no such file'); die; } } $image = new \OCA\Gallery\AlbumThumbnail('/' . $img, $owner); $image->show();
$images = \OC\Files\Filesystem::searchByMime('image'); $user = \OC_User::getUser(); foreach ($images as &$image) { $image['path'] = $user . $image['path']; } $shared = array(); $sharedSources = OCP\Share::getItemsSharedWith('gallery'); $users = array(); foreach ($sharedSources as $sharedSource) { $owner = $sharedSource['uid_owner']; if (array_search($owner, $users) === false) { $users[] = $owner; } \OC\Files\Filesystem::initMountPoints($owner); $ownerView = new \OC\Files\View('/' . $owner . '/files'); $path = $ownerView->getPath($sharedSource['item_source']); if ($path) { $shareName = basename($path); $shareView = new \OC\Files\View('/' . $owner . '/files' . $path); $sharedImages = $shareView->searchByMime('image'); foreach ($sharedImages as $sharedImage) { $sharedImage['path'] = $owner . '/' . $sharedSource['item_source'] . '/' . $shareName . $sharedImage['path']; $images[] = $sharedImage; } } } $displayNames = array(); foreach ($users as $user) { $displayNames[$user] = \OCP\User::getDisplayName($user); } OCP\JSON::setContentTypeHeader();
public static function getSharesFromItem($target) { $result = array(); $owner = \OC\Files\Filesystem::getOwner($target); \OC\Files\Filesystem::initMountPoints($owner); $info = \OC\Files\Filesystem::getFileInfo($target); $ownerView = new \OC\Files\View('/' . $owner . '/files'); if ($owner != \OCP\User::getUser()) { $path = $ownerView->getPath($info['fileid']); } else { $path = $target; } $ids = array(); while ($path !== dirname($path)) { $info = $ownerView->getFileInfo($path); if ($info instanceof \OC\Files\FileInfo) { $ids[] = $info['fileid']; } else { \OCP\Util::writeLog('sharing', 'No fileinfo available for: ' . $path, \OCP\Util::WARN); } $path = dirname($path); } if (!empty($ids)) { $idList = array_chunk($ids, 99, true); foreach ($idList as $subList) { $statement = "SELECT `share_with`, `share_type`, `file_target` FROM `*PREFIX*share` WHERE `file_source` IN (" . implode(',', $subList) . ") AND `share_type` IN (0, 1, 2)"; $query = \OCP\DB::prepare($statement); $r = $query->execute(); $result = array_merge($result, $r->fetchAll()); } } return $result; }
/** * get uid of the owners of the file and the path to the file * @param string $path Path of the file to check * @throws \Exception * @note $shareFilePath must be relative to data/UID/files. Files * relative to /Shared are also acceptable * @return array */ public function getUidAndFilename($path) { $pathinfo = pathinfo($path); $partfile = false; $parentFolder = false; if (array_key_exists('extension', $pathinfo) && $pathinfo['extension'] === 'part') { // if the real file exists we check this file $filePath = $this->userFilesDir . '/' . $pathinfo['dirname'] . '/' . $pathinfo['filename']; if ($this->view->file_exists($filePath)) { $pathToCheck = $pathinfo['dirname'] . '/' . $pathinfo['filename']; } else { // otherwise we look for the parent $pathToCheck = $pathinfo['dirname']; $parentFolder = true; } $partfile = true; } else { $pathToCheck = $path; } $view = new \OC\Files\View($this->userFilesDir); $fileOwnerUid = $view->getOwner($pathToCheck); // handle public access if ($this->isPublic) { return array($this->userId, $path); } else { // Check that UID is valid if (!\OCP\User::userExists($fileOwnerUid)) { throw new \Exception('Could not find owner (UID = "' . var_export($fileOwnerUid, 1) . '") of file "' . $path . '"'); } // NOTE: Bah, this dependency should be elsewhere \OC\Files\Filesystem::initMountPoints($fileOwnerUid); // If the file owner is the currently logged in user if ($fileOwnerUid === $this->userId) { // Assume the path supplied is correct $filename = $path; } else { $info = $view->getFileInfo($pathToCheck); $ownerView = new \OC\Files\View('/' . $fileOwnerUid . '/files'); // Fetch real file path from DB $filename = $ownerView->getPath($info['fileid']); if ($parentFolder) { $filename = $filename . '/' . $pathinfo['filename']; } if ($partfile) { $filename = $filename . '.' . $pathinfo['extension']; } } return array($fileOwnerUid, \OC\Files\Filesystem::normalizePath($filename)); } }
/** * Return the source * * @param string $path * @return array */ protected function getSourcePathAndOwner($path) { $uidOwner = \OC\Files\Filesystem::getOwner($path); if ($uidOwner != $this->currentUser) { \OC\Files\Filesystem::initMountPoints($uidOwner); $info = \OC\Files\Filesystem::getFileInfo($path); $ownerView = new \OC\Files\View('/' . $uidOwner . '/files'); $path = $ownerView->getPath($info['fileid']); } return array($path, $uidOwner); }
/** * unshare file/folder from a user with whom you shared the file before */ public static function postUnshare($params) { if (\OCP\App::isEnabled('files_encryption') === false) { return true; } if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') { $view = new \OC\Files\View('/'); $userId = $params['uidOwner']; $userView = new \OC\Files\View('/' . $userId . '/files'); $util = new Util($view, $userId); $path = $userView->getPath($params['fileSource']); // for group shares get a list of the group members if ($params['shareType'] === \OCP\Share::SHARE_TYPE_GROUP) { $userIds = \OC_Group::usersInGroup($params['shareWith']); } else { if ($params['shareType'] === \OCP\Share::SHARE_TYPE_LINK || $params['shareType'] === \OCP\Share::SHARE_TYPE_REMOTE) { $userIds = array($util->getPublicShareKeyId()); } else { $userIds = array($params['shareWith']); } } $mountManager = \OC\Files\Filesystem::getMountManager(); $mount = $mountManager->find('/' . $userId . '/files' . $path); $mountPoint = $mount->getMountPoint(); // if we unshare a folder we need a list of all (sub-)files if ($params['itemType'] === 'folder') { $allFiles = $util->getAllFiles($path, $mountPoint); } else { $allFiles = array($path); } foreach ($allFiles as $path) { // check if the user still has access to the file, otherwise delete share key $sharingUsers = $util->getSharingUsersArray(true, $path); // Unshare every user who no longer has access to the file $delUsers = array_diff($userIds, $sharingUsers); $keyPath = Keymanager::getKeyPath($view, $util, $path); // delete share key Keymanager::delShareKey($view, $delUsers, $keyPath, $userId, $path); } } }
/** * get file owner and path * @param string $filename * @return string[] with the owner's uid and the owner's path */ private static function getUidAndFilename($filename) { $uid = \OC\Files\Filesystem::getOwner($filename); \OC\Files\Filesystem::initMountPoints($uid); $filename = (strpos($filename, '/') !== 0) ? '/' . $filename : $filename; if ($uid != \OCP\User::getUser()) { $info = \OC\Files\Filesystem::getFileInfo($filename); if (!$info) { return array($uid, '/files' . $filename); } $ownerView = new \OC\Files\View('/' . $uid . '/files'); $filename = $ownerView->getPath($info['fileid']); } return array($uid, '/files' . $filename); }
/** * @medium */ function testGetPath() { $storage1 = $this->getTestStorage(); $storage2 = $this->getTestStorage(); $storage3 = $this->getTestStorage(); \OC\Files\Filesystem::mount($storage1, array(), '/'); \OC\Files\Filesystem::mount($storage2, array(), '/substorage'); \OC\Files\Filesystem::mount($storage3, array(), '/folder/anotherstorage'); $rootView = new \OC\Files\View(''); $cachedData = $rootView->getFileInfo('/foo.txt'); $id1 = $cachedData['fileid']; $this->assertEquals('/foo.txt', $rootView->getPath($id1)); $cachedData = $rootView->getFileInfo('/substorage/foo.txt'); $id2 = $cachedData['fileid']; $this->assertEquals('/substorage/foo.txt', $rootView->getPath($id2)); $folderView = new \OC\Files\View('/substorage'); $this->assertEquals('/foo.txt', $folderView->getPath($id2)); $this->assertNull($folderView->getPath($id1)); }
/** * Return the source * * @param string $path * @return array */ public static function getSourcePathAndOwner($path) { $uidOwner = \OC\Files\Filesystem::getOwner($path); if ($uidOwner != \OCP\User::getUser()) { \OC\Files\Filesystem::initMountPoints($uidOwner); $info = \OC\Files\Filesystem::getFileInfo($path); $ownerView = new \OC\Files\View('/' . $uidOwner . '/files'); $path = $ownerView->getPath($info['fileid']); } return array($path, $uidOwner); }