From 251c7640a30b2411ba30119a1c471c845e1419ef Mon Sep 17 00:00:00 2001 From: Sam Talonborn Date: Thu, 16 Nov 2023 10:16:03 -0800 Subject: [PATCH] Check directory permissions for adding new files. --- app/dexter.pl | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/app/dexter.pl b/app/dexter.pl index c0d373b..1a8bcab 100755 --- a/app/dexter.pl +++ b/app/dexter.pl @@ -339,7 +339,7 @@ sub make_size_human_readable ($size) { sub user_save_file_to_path ($user, $file, $path) { my ( $code, $message ) = check_user_can_create_file($user, $path); - ( $code, $message ) = check_dexter_can_edit_file($path); + ( $code, $message ) = check_dexter_can_create_file($path); return $code, $message if $code != 200; my $path_string = $ROOT_DIRECTORY . $path->to_route; @@ -351,7 +351,7 @@ sub user_save_file_to_path ($user, $file, $path) { sub user_mkdir_at_path ($user, $path) { my ( $code, $message ) = check_user_can_create_file($user, $path); - ( $code, $message ) = check_dexter_can_edit_file($path); + ( $code, $message ) = check_dexter_can_create_file($path); return $code, $message if $code != 200; my $path_string = $ROOT_DIRECTORY . $path->to_route; @@ -388,7 +388,7 @@ sub user_move_path_to_path ($user, $path, $new_path) { return $code, $message if $code != 200; ( $code, $message ) = check_user_can_create_file($user, $new_path); - ( $code, $message ) = check_dexter_can_edit_file($new_path); + ( $code, $message ) = check_dexter_can_create_file($new_path); return $code, $message if $code != 200; my $path_string = $ROOT_DIRECTORY . $path->to_route; @@ -620,6 +620,16 @@ sub check_dexter_can_edit_file ($path) { return 200, ''; } +sub check_dexter_can_create_file ($path) { + my $path_string = $path->clone->trailing_slash(0)->to_dir->to_route; + + if ( not -w $ROOT_DIRECTORY . $path_string ) { + return 500, "Dexter cannot create the file at '$path_string'!"; + } + + return 200, ''; +} + if ( module_installed('OpenBSD::Unveil') ) {