mirror of
https://github.com/drakkan/sftpgo.git
synced 2025-12-07 06:40:54 +03:00
simplify rename permission
before this patch we allow a rename in the following cases: - the user has rename permission on both source and target path - the user has delete permission on source path and create/upload on target path we now check only the rename/rename_files/rename_dirs permissions. This is what SFTPGo users expect. This is a backward incompatible change and it will not backported to the 2.2.x branch Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
@@ -163,26 +163,49 @@ func TestRenameVirtualFolders(t *testing.T) {
|
||||
func TestRenamePerms(t *testing.T) {
|
||||
src := "source"
|
||||
target := "target"
|
||||
sub := "/sub"
|
||||
subTarget := sub + "/target"
|
||||
u := dataprovider.User{}
|
||||
u.Permissions = map[string][]string{}
|
||||
u.Permissions["/"] = []string{dataprovider.PermCreateDirs, dataprovider.PermUpload, dataprovider.PermCreateSymlinks,
|
||||
dataprovider.PermDeleteFiles}
|
||||
conn := NewBaseConnection("", ProtocolSFTP, "", "", u)
|
||||
assert.False(t, conn.hasRenamePerms(src, target, nil))
|
||||
u.Permissions["/"] = []string{dataprovider.PermCreateDirs, dataprovider.PermUpload, dataprovider.PermCreateSymlinks,
|
||||
dataprovider.PermDeleteFiles, dataprovider.PermDeleteDirs}
|
||||
u.Permissions["/"] = []string{dataprovider.PermRename}
|
||||
assert.True(t, conn.hasRenamePerms(src, target, nil))
|
||||
u.Permissions["/"] = []string{dataprovider.PermCreateDirs, dataprovider.PermUpload, dataprovider.PermDeleteFiles,
|
||||
dataprovider.PermDeleteDirs}
|
||||
assert.False(t, conn.hasRenamePerms(src, target, nil))
|
||||
|
||||
info := vfs.NewFileInfo(src, true, 0, time.Now(), false)
|
||||
u.Permissions["/"] = []string{dataprovider.PermCreateDirs, dataprovider.PermUpload, dataprovider.PermDeleteFiles}
|
||||
u.Permissions["/"] = []string{dataprovider.PermRenameFiles}
|
||||
assert.False(t, conn.hasRenamePerms(src, target, info))
|
||||
u.Permissions["/"] = []string{dataprovider.PermCreateDirs, dataprovider.PermUpload, dataprovider.PermDeleteDirs}
|
||||
u.Permissions["/"] = []string{dataprovider.PermRenameDirs}
|
||||
assert.True(t, conn.hasRenamePerms(src, target, info))
|
||||
u.Permissions["/"] = []string{dataprovider.PermRename}
|
||||
assert.True(t, conn.hasRenamePerms(src, target, info))
|
||||
u.Permissions["/"] = []string{dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermDeleteDirs}
|
||||
assert.False(t, conn.hasRenamePerms(src, target, info))
|
||||
// test with different permissions between source and target
|
||||
u.Permissions["/"] = []string{dataprovider.PermRename}
|
||||
u.Permissions[sub] = []string{dataprovider.PermRenameFiles}
|
||||
assert.False(t, conn.hasRenamePerms(src, subTarget, info))
|
||||
u.Permissions[sub] = []string{dataprovider.PermRenameDirs}
|
||||
assert.True(t, conn.hasRenamePerms(src, subTarget, info))
|
||||
// test files
|
||||
info = vfs.NewFileInfo(src, false, 0, time.Now(), false)
|
||||
u.Permissions["/"] = []string{dataprovider.PermRenameDirs}
|
||||
assert.False(t, conn.hasRenamePerms(src, target, info))
|
||||
u.Permissions["/"] = []string{dataprovider.PermRenameFiles}
|
||||
assert.True(t, conn.hasRenamePerms(src, target, info))
|
||||
u.Permissions["/"] = []string{dataprovider.PermRename}
|
||||
assert.True(t, conn.hasRenamePerms(src, target, info))
|
||||
// test with different permissions between source and target
|
||||
u.Permissions["/"] = []string{dataprovider.PermRename}
|
||||
u.Permissions[sub] = []string{dataprovider.PermRenameDirs}
|
||||
assert.False(t, conn.hasRenamePerms(src, subTarget, info))
|
||||
u.Permissions[sub] = []string{dataprovider.PermRenameFiles}
|
||||
assert.True(t, conn.hasRenamePerms(src, subTarget, info))
|
||||
}
|
||||
|
||||
func TestUpdateQuotaAfterRename(t *testing.T) {
|
||||
|
||||
Reference in New Issue
Block a user