hotline#158762 : donot show not readable directory of file

57e763c2 · Henri-Damien LAURENT · 03019f06 · 57e763c2 · 57e763c2 · 57e763c2
Commit 57e763c2 authored 2 years ago by Henri-Damien LAURENT
--- a/VERSIONS_HOTLINE/158762
+++ b/VERSIONS_HOTLINE/158762
+ - correctif #158762 : Cosmogramme : plus d'intégrations depuis le 17 mai
\ No newline at end of file
--- a/src/Storm/FileSystem/Disk.php
+++ b/src/Storm/FileSystem/Disk.php
@@ -82,13 +82,13 @@ class Storm_FileSystem_Disk extends Storm_FileSystem_Abstract {


  public function directoryNamesAt($path) {
-    if (!file_exists($path))
+    if (!file_exists($path) || !is_readable($path) )
      return [];

    $dirs = [];
    foreach (new DirectoryIterator($path) as $entry) {
-      if ($entry->isDir() && !$entry->isDot())
-        $dirs[$entry->getFilename()] = $entry->getFilename();
+      if ($entry->isDir() && $entry->isReadable() && !$entry->isDot())
+          $dirs[$entry->getFilename()] = $entry->getFilename();
    }

    asort($dirs);
@@ -97,12 +97,13 @@ class Storm_FileSystem_Disk extends Storm_FileSystem_Abstract {


  public function fileNamesAt($path) {
-    if (!file_exists($path))
+    if (!file_exists($path)
+        || !is_readable($path))
      return [];

    $files = [];
    foreach (new DirectoryIterator($path) as $entry) {
-      if ($entry->isFile() && !$entry->isDot())
+      if ($entry->isFile() && $entry->isReadable() && !$entry->isDot())
        $files[$entry->getFilename()] = $entry->getFilename();
    }


--- a/tests/Storm/FileSystem/DiskTest.php
+++ b/tests/Storm/FileSystem/DiskTest.php
+<?php
+/**
+ * Copyright (c) 2012-2022, Agence Française Informatique (AFI). All rights reserved.
+ *
+ * BOKEH is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE as published by
+ * the Free Software Foundation.
+ *
+ * There are special exceptions to the terms and conditions of the AGPL as it
+ * is applied to this software (see README file).
+ *
+ * BOKEH is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * along with BOKEH; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA
+ */
+
+
+abstract class Storm_FileSystem_DiskTestCase extends PHPUnit_Framework_TestCase {
+  protected Storm_FileSystem_Disk $_fs;
+
+  public function setUp() {
+    parent::setUp();
+    $this->_fs = new Storm_FileSystem_Disk;
+  }
+}
+
+class Storm_FileSystem_DiskBasicTest extends Storm_FileSystem_DiskTestCase {
+  protected $_directory,$_subdirectory;
+  public function setUp() {
+    parent::setUp();
+    $this->_directory = 'tmp';
+    $this->_subdirectory = 'mytest';
+    mkdir($this->_directory);
+    mkdir($this->_directory.'/'.$this->_subdirectory);
+    $file = fopen( $this->_directory.'/testfile','c');
+    fclose($file);
+  }
+
+  public function tearDown() {
+    chmod($this->_directory.'/testfile',0700);
+    unlink($this->_directory.'/testfile');
+    chmod($this->_directory.'/'.$this->_subdirectory,0700);
+    rmdir($this->_directory.'/'.$this->_subdirectory);
+    rmdir($this->_directory);
+    parent::tearDown();
+  }
+
+
+  /** @test */
+  public function directoryNamesAtForTempShouldContainsReadableSubDirectory() {
+    $this->assertEquals([$this->_subdirectory => $this->_subdirectory],
+                        $this->_fs->directoryNamesAt($this->_directory),
+                        var_dump($this->_fs->directoryNamesAt($this->_directory)));
+  }
+
+
+  /** @test */
+  public function fileNamesAtShouldBetestfile() {
+    $this->assertEquals(['testfile' => 'testfile'],
+                        $this->_fs->fileNamesAt($this->_directory),
+                        var_dump($this->_fs->fileNamesAt($this->_directory)));
+  }
+
+  /** @test */
+  public function directoryNamesTmpWithNoReadableDirectoryAtShouldBeEmpty() {
+    chmod($this->_directory.'/'.$this->_subdirectory,0000);
+    $this->assertEmpty($this->_fs->directoryNamesAt($this->_directory),
+                       var_dump($this->_fs->directoryNamesAt($this->_directory)));
+  }
+
+
+  /** @test */
+  public function directoryNamesAtForMytestDirectoryNotReadableShouldBeEmpty() {
+    chmod($this->_directory.'/'.$this->_subdirectory,0000);
+    $this->assertEmpty($this->_fs->directoryNamesAt($this->_directory.'/'.$this->_subdirectory));
+  }
+
+
+  /** @test */
+  public function fileNamesAtTempForTmpDirectoryShouldBeEmpty() {
+    chmod( $this->_directory.'/testfile',0000);
+    $this->assertEmpty($this->_fs->fileNamesAt($this->_directory));
+  }
+
+
+  /** @test */
+  public function fileNamesAtForTestfileShouldBeEmpty() {
+    chmod( $this->_directory.'/testfile',0000);
+    $this->assertEmpty($this->_fs->fileNamesAt($this->_directory.'/testfile'));
+  }
+}
\ No newline at end of file