From 73742a653782741968d29586ee5df75ec0304643 Mon Sep 17 00:00:00 2001
From: gloas <gloas@afi-sa.fr>
Date: Tue, 17 Apr 2018 17:03:32 +0200
Subject: [PATCH] hotline #73474 fix custom folders visibility

---
 VERSIONS_HOTLINE/73474                        |  2 +
 library/Class/FileManager.php                 | 15 ++++++-
 .../controllers/FileManagerControllerTest.php | 39 +++++++++++++++++++
 3 files changed, 55 insertions(+), 1 deletion(-)
 create mode 100644 VERSIONS_HOTLINE/73474

diff --git a/VERSIONS_HOTLINE/73474 b/VERSIONS_HOTLINE/73474
new file mode 100644
index 00000000000..7208611c3d7
--- /dev/null
+++ b/VERSIONS_HOTLINE/73474
@@ -0,0 +1,2 @@
+ - ticket #73474 : Explorateur de fichiers : les dossiers ajoutés directement dans le dossier "userfiles" sont mainteant visible.
+ 
\ No newline at end of file
diff --git a/library/Class/FileManager.php b/library/Class/FileManager.php
index 09cdbc3c6c0..0e54e9bb82f 100644
--- a/library/Class/FileManager.php
+++ b/library/Class/FileManager.php
@@ -223,7 +223,20 @@ class Class_FileManager extends Class_Entity {
     if ($user->isSuperAdmin())
       return true;
 
-    return preg_match('/^' . USERFILES . '\/(bannieres|css|file|flash|image|js)/', $path);
+    $restrcited_path = ['album',
+                        'etageres',
+                        'flash',
+                        'i18n',
+                        'photobib',
+                        'temp',
+                        'versions',
+                        'web_thumbnails'];
+
+    foreach($restrcited_path as $restrcited)
+      if(USERFILES . '/' . $restrcited == $path)
+        return false;
+
+    return true;
   }
 
 
diff --git a/tests/application/modules/admin/controllers/FileManagerControllerTest.php b/tests/application/modules/admin/controllers/FileManagerControllerTest.php
index b82ea59064f..ecdfeb53cfb 100644
--- a/tests/application/modules/admin/controllers/FileManagerControllerTest.php
+++ b/tests/application/modules/admin/controllers/FileManagerControllerTest.php
@@ -1584,4 +1584,43 @@ class FileManagerControllerWithSpecialCharTest extends FileManagerControllerTest
   public function urlPublicShouldBePrenset() {
     $this->assertXPathContentContains('//dd', '/userfiles/my \'direct"ory/new\'_ima"ge.jpg');
   }
+}
+
+
+
+
+class FileManagerControllerRigthsOnPathTest extends ModelTestCase {
+  protected $_storm_default_to_volatile = true;
+
+
+  public function setUp() {
+    parent::setUp();
+    $admin = $this->fixture('Class_Users',
+                            ['id' => 3,
+                             'login' => 'admin',
+                             'password' => 'admin']);
+    $admin->beAdminPortail();
+    ZendAfi_Auth::getInstance()->logUser($admin);
+  }
+
+
+  public function getPaths() {
+    return [
+            [true, 'userfiles'],
+            [true, 'userfiles/custom'],
+            [true, 'userfiles/image'],
+            [true, 'userfiles/album_1'],
+            [false, 'userfiles/album'],
+            [false, 'custom']
+    ];
+  }
+
+
+  /**
+   * @dataProvider getPaths
+   * @test
+   */
+  public function checkRightsOnPath($has_right, $path) {
+    $this->assertEquals($has_right, Class_FileManager::userHasRightOnPath($path));
+  }
 }
\ No newline at end of file
-- 
GitLab