Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[stable27] reuse the cache entry we already have when doing rule checking #422

Merged
merged 2 commits into from
Sep 20, 2023
Merged

[stable27] reuse the cache entry we already have when doing rule checking #422

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
91dbe87
reuse the cache entry we already have when doing rule checking
icewind1991 Jul 8, 2023
ca95fbd
chore(release): Add changelog and bump version
nickvergessen Sep 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
# Changelog
All notable changes to this project will be documented in this file.

## 1.17.1 - 2023-09-20
### Fixed
- Improve performance of checking the rules
[#422](https://github.com/nextcloud/files_accesscontrol/pull/422)

## 1.17.0 - 2023-05-15
### Changed
- Nextcloud 27 compatibility
Expand Down
2 changes: 1 addition & 1 deletion appinfo/info.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ An example would be to deny access to MS Excel/XLSX files owned by the "Human Re

Learn more about File Access Control on [https://nextcloud.com/workflow](https://nextcloud.com/workflow)</description>

<version>1.17.0</version>
<version>1.17.1</version>
<licence>agpl</licence>
<author>Arthur Schiwon</author>
<author>Joas Schilling</author>
Expand Down
2 changes: 1 addition & 1 deletion lib/CacheWrapper.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ public function __construct(ICache $cache, IStorage $storage, Operation $operati
protected function formatCacheEntry($entry) {
if (isset($entry['path']) && isset($entry['permissions'])) {
try {
$this->operation->checkFileAccess($this->storage, $entry['path'], $entry['mimetype'] === 'httpd/unix-directory');
$this->operation->checkFileAccess($this->storage, $entry['path'], $entry['mimetype'] === 'httpd/unix-directory', $entry);
} catch (ForbiddenException $e) {
$entry['permissions'] &= $this->mask;
}
Expand Down
39 changes: 31 additions & 8 deletions lib/Operation.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,11 +22,16 @@
namespace OCA\FilesAccessControl;

use Exception;
use OC\Files\FileInfo;
use OC\Files\Node\Folder;
use OC\Files\View;
use OCA\WorkflowEngine\Entity\File;
use OCP\EventDispatcher\Event;
use OCP\Files\Cache\ICacheEntry;
use OCP\Files\ForbiddenException;
use OCP\Files\IRootFolder;
use OCP\Files\Mount\IMountManager;
use OCP\Files\Mount\IMountPoint;
use OCP\Files\Node;
use OCP\Files\NotFoundException;
use OCP\Files\Storage\IStorage;
Expand Down Expand Up @@ -69,9 +74,10 @@ public function __construct(
}

/**
* @param array|ICacheEntry|null $cacheEntry
* @throws ForbiddenException
*/
public function checkFileAccess(IStorage $storage, string $path, bool $isDir = false): void {
public function checkFileAccess(IStorage $storage, string $path, bool $isDir = false, $cacheEntry = null): void {
if (!$this->isBlockablePath($storage, $path) || $this->isCreatingSkeletonFiles() || $this->nestingLevel !== 0) {
// Allow creating skeletons and theming
// https://github.com/nextcloud/files_accesscontrol/issues/5
Expand All @@ -84,7 +90,7 @@ public function checkFileAccess(IStorage $storage, string $path, bool $isDir = f
$filePath = $this->translatePath($storage, $path);
$ruleMatcher = $this->manager->getRuleMatcher();
$ruleMatcher->setFileInfo($storage, $filePath, $isDir);
$node = $this->getNode($storage, $path);
$node = $this->getNode($storage, $path, $cacheEntry);
if ($node !== null) {
$ruleMatcher->setEntitySubject($this->fileEntity, $node);
}
Expand Down Expand Up @@ -280,16 +286,33 @@ public function onEvent(string $eventName, Event $event, IRuleMatcher $ruleMatch
// Noop
}

private function getNode(IStorage $storage, string $path): ?Node {
/**
* @param array|ICacheEntry|null $cacheEntry
*/
private function getNode(IStorage $storage, string $path, $cacheEntry = null): ?Node {
/** @var IMountPoint|false $mountPoint */
$mountPoint = current($this->mountManager->findByStorageId($storage->getId()));
if ($mountPoint === false) {
if (!$mountPoint) {
return null;
}

$fullPath = $mountPoint->getMountPoint() . $path;
try {
return $this->rootFolder->get($fullPath);
} catch (NotFoundException $e) {
return null;
if ($cacheEntry) {
// todo: LazyNode?
$info = new FileInfo($fullPath, $mountPoint->getStorage(), $path, $cacheEntry, $mountPoint);
$isDir = $info->getType() === FileInfo::TYPE_FOLDER;
$view = new View('');
if ($isDir) {
return new Folder($this->rootFolder, $view, $path, $info);
} else {
return new \OC\Files\Node\File($this->rootFolder, $view, $path, $info);
}
} else {
try {
return $this->rootFolder->get($fullPath);
} catch (NotFoundException $e) {
return null;
}
}
}
}
1 change: 0 additions & 1 deletion lib/StorageWrapper.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,6 @@
use OCP\Files\Storage\IWriteStreamStorage;

class StorageWrapper extends Wrapper implements IWriteStreamStorage {

/** @var Operation */
protected $operation;

Expand Down