/** * @dataProvider setUploadLimitWriteProvider */ public function testSetUploadLimitWrite($htaccessWritable, $userIniWritable, $setSize, $expectedSize, $htaccessStr, $userIniStr) { $files = $this->getUploadLimitTestFiles(); chmod($files['.htaccess'], $htaccessWritable ? 0644 : 0444); chmod($files['.user.ini'], $userIniWritable ? 0644 : 0444); $htaccessSize = filesize($files['.htaccess']); $userIniSize = filesize($files['.user.ini']); $htaccessSizeMod = 2 * (strlen($htaccessStr) - strlen(self::UPLOAD_LIMIT_DEFAULT_STR)); $userIniSizeMod = 2 * (strlen($userIniStr) - strlen(self::UPLOAD_LIMIT_DEFAULT_STR)); $this->assertEquals($expectedSize, \OC_Files::setUploadLimit($setSize, $files)); // check file contents $htaccess = file_get_contents($files['.htaccess']); $this->assertEquals(1, preg_match('/php_value upload_max_filesize ' . $htaccessStr . '/', $htaccess)); $this->assertEquals(1, preg_match('/php_value post_max_size ' . $htaccessStr . '/', $htaccess)); $this->assertEquals($htaccessSize + $htaccessSizeMod, filesize($files['.htaccess'])); $userIni = file_get_contents($files['.user.ini']); $this->assertEquals(1, preg_match('/upload_max_filesize=' . $userIniStr . '/', $userIni)); $this->assertEquals(1, preg_match('/post_max_size=' . $userIniStr . '/', $userIni)); $this->assertEquals($userIniSize + $userIniSizeMod, filesize($files['.user.ini'])); }
* but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Affero General Public * License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ OCP\User::checkAdminUser(); $htaccessWorking = getenv('htaccessWorking') == 'true'; $upload_max_filesize = OCP\Util::computerFileSize(ini_get('upload_max_filesize')); $post_max_size = OCP\Util::computerFileSize(ini_get('post_max_size')); $maxUploadFilesize = OCP\Util::humanFileSize(min($upload_max_filesize, $post_max_size)); if ($_POST && OC_Util::isCallRegistered()) { if (isset($_POST['maxUploadSize'])) { if (($setMaxSize = OC_Files::setUploadLimit(OCP\Util::computerFileSize($_POST['maxUploadSize']))) !== false) { $maxUploadFilesize = OCP\Util::humanFileSize($setMaxSize); } } } OCP\App::setActiveNavigationEntry("files_administration"); $htaccessWritable = is_writable(OC::$SERVERROOT . '/.htaccess'); $tmpl = new OCP\Template('files', 'admin'); /* * extended version * + only users with permission can delete files(in the files app only) * + file type restriction */ $filetyprestriction = \OC_Appconfig::getValue('core', 'filetyperes_enabled', 'no'); $allowed_types = \OC_Appconfig::getValue('core', 'allowed_filetypes', ''); $deleteGroupsList = \OC_Appconfig::getValue('core', 'delete', '');
/** * Returns an array of ['filename' => 'SHA512-hash-of-file'] for all files found * in the iterator. * * @param \RecursiveIteratorIterator $iterator * @param string $path * @return array Array of hashes. */ private function generateHashes(\RecursiveIteratorIterator $iterator, $path) { $hashes = []; $copiedWebserverSettingFiles = false; $tmpFolder = ''; $baseDirectoryLength = strlen($path); foreach ($iterator as $filename => $data) { /** @var \DirectoryIterator $data */ if ($data->isDir()) { continue; } $relativeFileName = substr($filename, $baseDirectoryLength); $relativeFileName = ltrim($relativeFileName, '/'); // Exclude signature.json files in the appinfo and root folder if ($relativeFileName === 'appinfo/signature.json') { continue; } // Exclude signature.json files in the appinfo and core folder if ($relativeFileName === 'core/signature.json') { continue; } // The .user.ini and the .htaccess file of ownCloud can contain some // custom modifications such as for example the maximum upload size // to ensure that this will not lead to false positives this will // copy the file to a temporary folder and reset it to the default // values. if ($filename === $this->environmentHelper->getServerRoot() . '/.htaccess' || $filename === $this->environmentHelper->getServerRoot() . '/.user.ini') { if (!$copiedWebserverSettingFiles) { $tmpFolder = rtrim($this->tempManager->getTemporaryFolder(), '/'); copy($this->environmentHelper->getServerRoot() . '/.htaccess', $tmpFolder . '/.htaccess'); copy($this->environmentHelper->getServerRoot() . '/.user.ini', $tmpFolder . '/.user.ini'); \OC_Files::setUploadLimit(\OCP\Util::computerFileSize('513MB'), ['.htaccess' => $tmpFolder . '/.htaccess', '.user.ini' => $tmpFolder . '/.user.ini']); } } // The .user.ini file can contain custom modifications to the file size // as well. if ($filename === $this->environmentHelper->getServerRoot() . '/.user.ini') { $fileContent = file_get_contents($tmpFolder . '/.user.ini'); $hashes[$relativeFileName] = hash('sha512', $fileContent); continue; } // The .htaccess file in the root folder of ownCloud can contain // custom content after the installation due to the fact that dynamic // content is written into it at installation time as well. This // includes for example the 404 and 403 instructions. // Thus we ignore everything below the first occurrence of // "#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####" and have the // hash generated based on this. if ($filename === $this->environmentHelper->getServerRoot() . '/.htaccess') { $fileContent = file_get_contents($tmpFolder . '/.htaccess'); $explodedArray = explode('#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####', $fileContent); if (count($explodedArray) === 2) { $hashes[$relativeFileName] = hash('sha512', $explodedArray[0]); continue; } } $hashes[$relativeFileName] = hash_file('sha512', $filename); } return $hashes; }
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE * License as published by the Free Software Foundation; either * version 3 of the License, or any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Affero General Public * License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ // Init owncloud require_once '../lib/base.php'; OC_User::checkAdminUser(); $htaccessWorking = getenv('htaccessWorking') == 'true'; if (isset($_POST['maxUploadSize'])) { $maxUploadFilesize = $_POST['maxUploadSize']; OC_Files::setUploadLimit(OC_Helper::computerFileSize($maxUploadFilesize)); } else { $upload_max_filesize = OC_Helper::computerFileSize(ini_get('upload_max_filesize')); $post_max_size = OC_Helper::computerFileSize(ini_get('post_max_size')); $maxUploadFilesize = min($upload_max_filesize, $post_max_size); } OC_App::setActiveNavigationEntry("files_administration"); // return template $tmpl = new OC_Template("files", "admin", "user"); $tmpl->assign('htaccessWorking', $htaccessWorking); $tmpl->assign('uploadMaxFilesize', $maxUploadFilesize); $tmpl->printPage();