Roxen.git / server / modules / filesystems / filesystem.pike

version» Context lines:

Roxen.git/server/modules/filesystems/filesystem.pike:799:    TRACE_LEAVE(sprintf("%s failed. Directory name already exists. ",    id->method));    if (id->method == "MKCOL") {    return Roxen.http_status(405,    "Collection already exists.");    }    return 0;    }       // Disallow if the name is locked, or if the parent directory is locked. -  mapping(string:mixed) ret = write_access(coll, 0, id) || -  write_access(combine_path(coll, ".."), 0, id); +  mapping(string:mixed) ret = +  write_access(({coll, combine_path(coll, "..")}), 0, id);    if (ret) return ret;       mkdirs++;    object privs;    SETUID_TRACE("Creating directory/collection", 0);       if (query("no_symlinks") && (contains_symlinks(path, coll))) {    privs = 0;    errors++;    report_error(LOCALE(46,"Creation of %O failed. Permission denied.\n"),
Roxen.git/server/modules/filesystems/filesystem.pike:1308:       if (query("no_symlinks") &&    ((contains_symlinks(path, f)) ||    (contains_symlinks(path, id->misc->move_from)))) {    errors++;    TRACE_LEAVE("MV: Contains symlinks. Permission denied");    return Roxen.http_status(403, "Permission denied.");    }       // FIXME: What about moving of directories containing locked files? -  if (mapping(string:mixed) ret = write_access(f, 0, id) || -  write_access(relative_from, 0, id)) { +  if (mapping(string:mixed) ret = +  write_access(({ f, relative_from }), 0, id)) {    TRACE_LEAVE("MV: Locked");    return ret;    }       SETUID_TRACE("Moving file", 0);       code = mv(movefrom, norm_f);    int err_code = errno();    privs = 0;   
Roxen.git/server/modules/filesystems/filesystem.pike:1396:       if (query("no_symlinks") &&    ((contains_symlinks(path, norm_f)) ||    (contains_symlinks(path, moveto)))) {    privs = 0;    errors++;    TRACE_LEAVE("MOVE: Contains symlinks. Permission denied");    return Roxen.http_status(403, "Permission denied.");    }    -  if (mapping(string:mixed) ret = -  write_access(new_uri, 0, id) || -  write_access(f, 0, id)) { +  mapping(string:mixed) ret = +  write_access(({ combine_path(f, "../"), f, new_uri }), 0, id); +  if (ret) {    TRACE_LEAVE("MOVE: Locked");    return ret;    }       size = _file_size(moveto,id);       SETUID_TRACE("Moving file", 0);       if (size != -1) {    // Destination exists.
Roxen.git/server/modules/filesystems/filesystem.pike:1506:    "infinity")) {    // RFC 2518 8.6.2:    // The DELETE method on a collection MUST act as if a "Depth: infinity"    // header was used on it.    TRACE_LEAVE(sprintf("DELETE: Bad depth header: %O.",    id->request_headers->depth));    return Roxen.http_status(400, "Unsupported depth.");    }       if (size < 0) { -  mapping|int(0..1) res = write_access(combine_path(f, "../"), 1, id); -  if (mappingp(res) && (res->error == Protocols.HTTP.HTTP_PRECOND_FAILED)) { -  // NB: Preconditions in the If-header don't apply to the directory. -  // Force a retry at the level below. -  res = 1; -  } -  if (mappingp(res) || -  (res && mappingp(res = write_access(f, 1, id)))) { +  mapping|int(0..1) res = +  write_access(({ combine_path(f, "../"), f }), 1, id); +  if (mappingp(res)) {    SIMPLE_TRACE_LEAVE("DELETE: Recursive write access denied.");    return res;    }   #if 0    report_notice(LOCALE(64,"DELETING the directory %s.\n"), f);   #endif       accesses++;       SETUID_TRACE("Deleting directory", 0);
Roxen.git/server/modules/filesystems/filesystem.pike:1548:    } else {    return errno_to_status (errno(), 0, id);    }       if (id->multi_status_size() > start_ms_size) {    TRACE_LEAVE("DELETE: Partial failure.");    return ([]);    }    }    } else { -  mapping|int(0..1) res = write_access(combine_path(f, "../"), 0, id); -  if (mappingp(res) && (res->error == Protocols.HTTP.HTTP_PRECOND_FAILED)) { -  // NB: Preconditions in the If-header don't apply to the directory. -  res = 0; -  } -  if (res || (res = write_access(f, 0, id))) { +  mapping|int(0..1) res = +  write_access(({ combine_path(f, "../"), f }), 0, id); +  if (res) {    SIMPLE_TRACE_LEAVE("DELETE: Write access denied.");    return res;    }      #if 0    report_notice(LOCALE(49,"DELETING the file %s.\n"),f);   #endif       accesses++;   
Roxen.git/server/modules/filesystems/filesystem.pike:1610:    SIMPLE_TRACE_ENTER(this, "COPY: Copy %O to %O.", source, dest);    Stat source_st = stat_file(source, id);    if (!source_st) {    TRACE_LEAVE("COPY: Source doesn't exist.");    return Roxen.http_status(404, "File not found.");    }    if (!query("put")) {    TRACE_LEAVE("COPY: Put not allowed.");    return Roxen.http_status(405, "Not allowed.");    } -  mapping|int(0..1) res = write_access(dest, 0, id) || -  write_access(combine_path(dest, "../"), 0, id); +  mapping|int(0..1) res = +  write_access(({ dest, combine_path(dest, "../")}) , 0, id);    if (mappingp(res)) return res;    string dest_path = path + encode_path(dest);    dest_path = NORMALIZE_PATH (dest_path);    if (query("no_symlinks") && (contains_symlinks(path, dest))) {    errors++;    report_error(LOCALE(57,"Copy to %O failed. Permission denied.\n"),    dest);    TRACE_LEAVE("COPY: Contains symlinks. Permission denied");    return Roxen.http_status(403, "Permission denied.");    }