Prevent recursive copy/move operations on the API level #3009
Conversation
aduffeck
requested review from
a team,
labkode,
ishank011 and
glpatcern
as code owners
aduffeck
force-pushed
the
prevent-recursive-copy-move
branch
from
f59eaf0
to
ca09131
Compare
aduffeck
force-pushed
the
prevent-recursive-copy-move
branch
from
9e88aa8
to
a37ef2e
Compare
aduffeck
force-pushed
the
prevent-recursive-copy-move
branch
from
3b5e1b9
to
f44e9e8
Compare
There was a problem hiding this comment.
I see now why you were unhappy. Doing a GetPath request as the owner requires ocdav to know the machine auth api key ...
what would happen if we send the GetPath as the current user?
In theory the storage driver should give us a path relative to the same root when calling GetPath with two different references. Each call should look up the highest resourceid the user has access to and we should be able to compare the path. We can also check thet the references resourceid that we get in GetPath is the same ... dang ... GetPath has no resource id ... fck
I remember discussing having to extend GetPath with the space root for exactly this reason ... maybe in #1721 (comment)
Then again, we extended ResourceInfo with Name and could use the filedmask to query Path and Space in a Stat request instead of a GetPath request ... 🤔
| if isShareJailRoot(req.ResourceId) { | ||
| return &provider.GetPathResponse{ | ||
| Status: status.NewOK(ctx), | ||
| Path: "/", | ||
| }, nil | ||
| } | ||
|
|
There was a problem hiding this comment.
👍 minimal implementation so we can get the path to the share jail root
| @@ -690,7 +703,8 @@ func (s *service) Stat(ctx context.Context, req *provider.StatRequest) (*provide | |||
| PermissionSet: &provider.ResourcePermissions{ | |||
| // TODO | |||
| }, | |||
| Etag: shareMd[earliestShare.Id.OpaqueId].ETag, | |||
| Etag: shareMd[earliestShare.Id.OpaqueId].ETag, | |||
| Owner: owner.Id, | |||
There was a problem hiding this comment.
👍 yes, the share jail is always owned by the current user
| } | ||
| if isChild { | ||
| w.WriteHeader(http.StatusBadRequest) | ||
| b, err := errors.Marshal(http.StatusBadRequest, "can not copy a folder into one of its children", "") |
|
@aduffeck this is good and fixes the loop. cc: @butonic Now the related test fails because the API request returns HTTP status 400 in this case. But oC10 returns 409 in this case. Is it easy to make another PR that adjusts the return status to 409? See my updated issue owncloud/ocis#3023 and PR #3030 that enables the test again. |
|
@phil-davis changing the response code will be a trivial change. I'll prepare a PR soon. |
Done in #3031 and works. @aduffeck what happens about reva master branch? Do we backport this type of fix? reva master branch also has the |
* Prevent recursive copy/move operations on the API level * Add changelog * Enable machine auth in ocdav * Fix error message * Also detect recursive operations when the SSP is involved * Fix hound issues * Set the owner on the stat response to the share jail * Implement GetPath() for the share jail root * Return a better error when the ocdav machine auth config is missing
* Prevent recursive copy/move operations on the API level * Add changelog * Enable machine auth in ocdav * Fix error message * Also detect recursive operations when the SSP is involved * Fix hound issues * Set the owner on the stat response to the share jail * Implement GetPath() for the share jail root * Return a better error when the ocdav machine auth config is missing
Fixes owncloud/ocis#3992
and owncloud/ocis#3023
and owncloud/ocis#4098
(people keep reporting this!)