Skip to content

Commit

Permalink
#225 add CMSFileSystem with checking the accessed files
Browse files Browse the repository at this point in the history
  • Loading branch information
Thorsten Marx committed Aug 5, 2024
1 parent 75ebfbb commit 664995e
Show file tree
Hide file tree
Showing 7 changed files with 44 additions and 12 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@
*/
public interface DBFileSystem {

Path base();
Path hostBase();

Path resolve(String path);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,26 @@
* @author t.marx
*/
public interface CMSFileSystem {


/**
* Resolves a file if it is a child of the host base directory
*
* @param path
* @return
*/
CMSFile resolve (String path);

/**
* creates a base directory for content.
*
* @return
*/
CMSFile contentBase ();

/**
* creates a base directory for assets
*
* @return
*/
CMSFile assetBase ();
}
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
import com.github.thmarx.cms.api.db.DBFileSystem;
import com.github.thmarx.cms.api.exceptions.AccessNotAllowedException;
import com.github.thmarx.cms.api.utils.PathUtil;
import java.nio.file.Path;
import lombok.RequiredArgsConstructor;

/**
Expand All @@ -39,17 +40,26 @@ public class WrappedCMSFileSystem implements CMSFileSystem {

@Override
public CMSFile resolve(String uri) {
return resolveWithBase(uri, dbFileSytem.hostBase());
}

private CMSFile resolveWithBase(final String uri, final Path basePath) {
var resolved = dbFileSytem.resolve(uri);

if (!PathUtil.isChild(dbFileSytem.base(), resolved)) {
if (!PathUtil.isChild(dbFileSytem.hostBase(), resolved)) {
throw new AccessNotAllowedException("not allowed to access nodes outside the host base directory");
}

return new NIOCMSFile(resolved, dbFileSytem.base());
return new NIOCMSFile(resolved, basePath);
}

@Override
public CMSFile contentBase() {
return resolve(Constants.Folders.CONTENT);
return resolveWithBase(Constants.Folders.CONTENT, dbFileSytem.resolve(Constants.Folders.CONTENT));
}

@Override
public CMSFile assetBase() {
return resolveWithBase(Constants.Folders.ASSETS, dbFileSytem.resolve(Constants.Folders.ASSETS));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ public class FileSystem implements ModuleFileSystem, DBFileSystem {
private MetaData metaData;

@Override
public Path base () {
public Path hostBase () {
return hostBaseDirectory;
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -121,13 +121,13 @@ public Theme loadTheme(Configuration configuration, MessageSource messageSource)
@Provides
@Singleton
public UserService userService(DB db) {
return new UserService(db.getFileSystem().base());
return new UserService(db.getFileSystem().hostBase());
}

@Provides
@Singleton
public AuthService authService(DB db) {
return new AuthService(db.getFileSystem().base());
return new AuthService(db.getFileSystem().hostBase());
}

@Provides
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ public List<NavNode> path() {
List<NavNode> navNodes = new ArrayList<>();
var contentBase = db.getCMSFileSystem().contentBase();
var node = currentNode;
while (node.hasParent()) {
while (node != null) {
var uri = PathUtil.toRelativeFile(node, contentBase);
final Optional<ContentNode> contentNode = db.getContent().byUri(uri);
if (contentNode.isPresent()) {
Expand All @@ -96,7 +96,11 @@ public List<NavNode> path() {
navNodes.add(navNode);
}
}
node = node.getParent();
if (node.hasParent()) {
node = node.getParent();
} else {
node = null;
}
}

navNodes = navNodes.reversed();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ static void setup() throws IOException {
});
fileSystem.init();

configuration = new Configuration(fileSystem.base());
configuration = new Configuration(fileSystem.hostBase());
}

@AfterAll
Expand Down

0 comments on commit 664995e

Please sign in to comment.