files_texteditor
files_texteditor copied to clipboard
owncloud
Editing a file without permissions using WND doesn't show a warning.
Steps to reproduce
- Mount a WND folder and be sure it will only have read only permissions.
- Put some text files inside the mount folder in the origin operating system.
- Edit one of those files using owncloud.
Expected behaviour
A warning appears telling you that you don't have permissions to do that.
Actual behaviour
you can't edit the file, but the save file feels like it was saved and no warning appears at all.
Server configuration
Operating system: Ubuntu 14.04
Web server: Apache
Database: MySQL
PHP version: 5.5.9
ownCloud version: (see ownCloud admin page) {"installed":true,"maintenance":false,"version":"8.1.0.6","versionstring":"8.1 beta 2","edition":"Enterprise"}
Updated from an older ownCloud or fresh install: Fresh
List of activated apps: Windows network drive. Experimental files locking.
The content of config/config.php:
Are you using external storage, if yes which one: local/smb/sftp/... WND.
Are you using encryption: No.
Logs
{"reqId":"yqUsvpVbndULCcraGkfp","remoteAddr":"HIDDEN_IP","app":"index","message":"Exception: {\"Exception\":\"OCP\\\\Files\\\\NotPermittedException\",\"Message\":\"Couldn't upload file: networkjobs.cpp\",\"Code\":13,\"Trace\":\"#0 [internal function]: OCA\\\\windows_network_drive\\\\lib\\\\WND->writeBack('\\\/tmp\\\/oc_tmp_aAq...')\\n#1 \\\/opt\\\/owncloud\\\/lib\\\/private\\\/files\\\/stream\\\/close.php(103): call_user_func(Array, '\\\/tmp\\\/oc_tmp_aAq...')\\n#2 [internal function]: OC\\\\Files\\\\Stream\\\\Close->stream_close()\\n#3 \\\/opt\\\/owncloud\\\/lib\\\/private\\\/files\\\/storage\\\/wrapper\\\/encryption.php(199): fclose(Resource id #53)\\n#4 \\\/opt\\\/owncloud\\\/lib\\\/private\\\/files\\\/storage\\\/wrapper\\\/wrapper.php(242): OC\\\\Files\\\\Storage\\\\Wrapper\\\\Encryption->file_put_contents('networkjobs.cpp', '\\\/*? * Copyright...')\\n#5 \\\/opt\\\/owncloud\\\/lib\\\/private\\\/files\\\/view.php(1001): OC\\\\Files\\\\Storage\\\\Wrapper\\\\Wrapper->file_put_contents('networkjobs.cpp', '\\\/*? * Copyright...')\\n#6 \\\/opt\\\/owncloud\\\/lib\\\/private\\\/files\\\/view.php(579): OC\\\\Files\\\\View->basicOperation('file_put_conten...', '\\\/WND_B\\\/networkj...', Array, '\\\/*? * Copyright...')\\n#7 \\\/opt\\\/owncloud\\\/apps\\\/files_texteditor\\\/controller\\\/filehandlingcontroller.php(137): OC\\\\Files\\\\View->file_put_contents('\\\/WND_B\\\/networkj...', '\\\/*? * Copyright...')\\n#8 [internal function]: OCA\\\\Files_Texteditor\\\\Controller\\\\FileHandlingController->save('\\\/WND_B\\\/networkj...', '\\\/*? * Copyright...', 1434468003)\\n#9 \\\/opt\\\/owncloud\\\/lib\\\/private\\\/appframework\\\/http\\\/dispatcher.php(159): call_user_func_array(Array, Array)\\n#10 \\\/opt\\\/owncloud\\\/lib\\\/private\\\/appframework\\\/http\\\/dispatcher.php(89): OC\\\\AppFramework\\\\Http\\\\Dispatcher->executeController(Object(OCA\\\\Files_Texteditor\\\\Controller\\\\FileHandlingController), 'save')\\n#11 \\\/opt\\\/owncloud\\\/lib\\\/private\\\/appframework\\\/app.php(107): OC\\\\AppFramework\\\\Http\\\\Dispatcher->dispatch(Object(OCA\\\\Files_Texteditor\\\\Controller\\\\FileHandlingController), 'save')\\n#12 \\\/opt\\\/owncloud\\\/lib\\\/private\\\/appframework\\\/routing\\\/routeactionhandler.php(45): OC\\\\AppFramework\\\\App::main('FileHandlingCon...', 'save', Object(OC\\\\AppFramework\\\\DependencyInjection\\\\DIContainer), Array)\\n#13 [internal function]: OC\\\\AppFramework\\\\routing\\\\RouteActionHandler->__invoke(Array)\\n#14 \\\/opt\\\/owncloud\\\/lib\\\/private\\\/route\\\/router.php(274): call_user_func(Object(OC\\\\AppFramework\\\\routing\\\\RouteActionHandler), Array)\\n#15 \\\/opt\\\/owncloud\\\/lib\\\/base.php(867): OC\\\\Route\\\\Router->match('\\\/apps\\\/files_tex...')\\n#16 \\\/opt\\\/owncloud\\\/index.php(40): OC::handleRequest()\\n#17 {main}\",\"File\":\"\\\/opt\\\/owncloud\\\/apps\\\/windows_network_drive\\\/lib\\\/wnd.php\",\"Line\":363}","level":4,"time":"2015-06-17T13:20:17+00:00"}
Client configuration
browser Chrome 43
Logs
PUT http://HIDDEN_HOST/index.php/apps/files_texteditor/ajax/savefile 500 (Internal Server Error)send @ jquery.min.js?v=88ec093845728ed0e3b24d4d19df0df6:6x.extend.ajax @ jquery.min.js?v=88ec093845728ed0e3b24d4d19df0df6:6doFileSave @ editor.js?v=88ec093845728ed0e3b24d4d19df0df6:161x.event.dispatch @ jquery.min.js?v=88ec093845728ed0e3b24d4d19df0df6:5v.handle @ jquery.min.js?v=88ec093845728ed0e3b24d4d19df0df6:5
files?dir=%2FWND_B:1 Uncaught SyntaxError: Unexpected token <
@SergioBertolinSG can you please retest this with the new editor. I believe it is fixed now.
Retested with daily master. The bug is still there with the new editor.
but the save file feels like it was saved
@SergioBertolinSG Can you clarify what you mean by this?
You opens the file, edit it and save it. The editor says the file was saved correctly. But it wasn't, because you don't have permissions.
Hmm if write permissions are not available the editor wont actually let you edit the file. I've verified this by sharing a file with a user and deselecting edit permissions, logging in as the target user and trying to open the file. The editor loads but you can't change anything.
https://github.com/owncloud/files_texteditor/blob/master/controller/filehandlingcontroller.php#L86 @icewind1991 Ideas on why this might be returning true incorrectly? It also seems that saving completes successfully which is strange as well.
I'm going to quote myself from another issue:
There is also a possible misunderstanding between the "dos" permissions and the acls applicable to the share. By giving full access to the user, I think he will be modifying the acls. We're only taking into account the "dos" permissions, so that won't be enough According to http://superuser.com/questions/106181/equivalent-of-chmod-to-change-file-permissions-in-windows you can use the "attrib" command (in windows) to modify the read-only attribute as desired
attrib -R <read-only folder> # to remove the read-only attribute
attrib +R <non-ro folder> # to set the read-only attibute
You can check more info here
So you might have permission to write a file from ownCloud, but the acls in windows might deny the saving of the file. Anyway, WND should return an error if the file isn't saved correctly
Anyway, WND should return an error if the file isn't saved correctly
@jvillafanez @SergioBertolinSG Who can take care of this?
I tested this issue, and it still reproducing {"installed":true,"maintenance":false,"version":"9.0.0.12","versionstring":"9.0.0 beta 2","edition":"Enterprise"}
@jmaciasportela could you verify if there is any exception being thrown from the WND backend if the file can't be saved?
https://github.com/owncloud/windows_network_drive/commit/93ccf55d5cb656a2c75132970210fe6083c6dbb3 was throwing a NotPermittedException if the file couldn't be saved, but I'm not seeing it in newer code
As @jvillafanez says, I changed the code to use streams and I didn't added code to throw exceptions in some case, but this is not the only problem in 8.1.
files_texteditor doesn't catch any exception in 8.1 version https://github.com/owncloud/files_texteditor/blob/stable8.1/controller/filehandlingcontroller.php#L140 but in master it does https://github.com/owncloud/files_texteditor/blob/master/controller/filehandlingcontroller.php#L154
So now we need to do two taks. Add exceptions to WND code, and also modify files_texteditor to catch the exception.
@PVince81 Which exception should we use ForbiddenException ?
@jmaciasportela I don't think it's necessary to add exceptions. The text editor should be either using the JS-side permissions from the file list or use the storage's isUpdatable check on the file.
If it does that properly (CC @tomneedham) then maybe the WND storage isn't returning the correct permissions for such files ?
Is this related to that other bug in WND regarding detecting changed permissions ? @SergioBertolinSG you might need to run "occ files:scan" after changing the permissions on WND. See https://github.com/owncloud/windows_network_drive/issues/340
@PVince81 in this case, the mount point is in mode read-only from the beginning.
<tr class="appear" data-id="13" data-type="file" data-size="9" data-file="Maci.txt" data-mime="text/plain" data-mtime="1456479285000" data-etag="56d01c3c7bddf" data-permissions="11" data-mounttype="external" data-share-permissions="3">
data-permissions = 11 is not correct I guest.
Yeah, those permissions look incorrect.
I think they're read from Storage::getPermissions
The editor does not use the permission from the file list - instead it checks isUpdateable https://github.com/owncloud/files_texteditor/blob/master/controller/filehandlingcontroller.php#L89
Permissions in WND aren't implemented very well. I don't think we should rely on permissions too much; if the file can't be saved due to any reason (in this particular case, the user doesn't have enough permissions to do so), an error should be shown
Still happening in stable9 looking forward to 9.0.1. Include this to 9.0.1?