diff --git a/app/dexter.pl b/app/dexter.pl index 45b2fd1..d6225f3 100755 --- a/app/dexter.pl +++ b/app/dexter.pl @@ -339,6 +339,7 @@ sub make_size_human_readable ($size) { sub user_save_file_to_path ($user, $file, $path) { my ( $code, $message ) = check_user_can_create_file($user, $path); + ( $code, $message ) = check_dexter_can_edit_file($path); return $code, $message if $code != 200; my $path_string = $ROOT_DIRECTORY . $path->to_route; @@ -350,6 +351,7 @@ sub user_save_file_to_path ($user, $file, $path) { sub user_mkdir_at_path ($user, $path) { my ( $code, $message ) = check_user_can_create_file($user, $path); + ( $code, $message ) = check_dexter_can_edit_file($path); return $code, $message if $code != 200; my $path_string = $ROOT_DIRECTORY . $path->to_route; @@ -361,6 +363,7 @@ sub user_mkdir_at_path ($user, $path) { sub user_delete_path ($user, $path) { my ( $code, $message ) = check_user_can_delete_file($user, $path); + ( $code, $message ) = check_dexter_can_edit_file($path); return $code, $message if $code != 200; my $path_string = $ROOT_DIRECTORY . $path->to_route; @@ -381,9 +384,11 @@ sub user_delete_path ($user, $path) { sub user_move_path_to_path ($user, $path, $new_path) { my ( $code, $message ) = check_user_can_delete_file($user, $path); + ( $code, $message ) = check_dexter_can_edit_file($path); return $code, $message if $code != 200; ( $code, $message ) = check_user_can_create_file($user, $new_path); + ( $code, $message ) = check_dexter_can_edit_file($new_path); return $code, $message if $code != 200; my $path_string = $ROOT_DIRECTORY . $path->to_route; @@ -605,6 +610,16 @@ sub check_user_can_delete_file ($user, $path) { return 200, ''; } +sub check_dexter_can_edit_file ($path) { + my $path_string = $path->to_route; + + if ( not -w $ROOT_DIRECTORY . $path_string ) { + return 500, "Dexter cannot edit the file at '$path_string'!"; + } + + return 200, ''; +} + if ( module_installed('OpenBSD::Unveil') ) {