Skip to content

Commit 32d2203

Browse files
vitormattosvitormattos
committed
fix: run signed file writes as owner
Signed-off-by: Vitor Mattos <1079143+vitormattos@users.noreply.github.com>
1 parent 39e4ac1 commit 32d2203

1 file changed

Lines changed: 28 additions & 4 deletions

File tree

lib/Service/SignFileService.php

Lines changed: 28 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -594,6 +594,22 @@ private function addCredentialsToJobArgs(array $args, SignRequestEntity $signReq
594594
return $args;
595595
}
596596

597+
private function runWithVolatileActiveUser(?IUser $user, callable $callback): mixed {
598+
$currentUser = $this->userSession->getUser();
599+
600+
if ($user === null || $currentUser?->getUID() === $user->getUID()) {
601+
return $callback();
602+
}
603+
604+
$this->userSession->setVolatileActiveUser($user);
605+
606+
try {
607+
return $callback();
608+
} finally {
609+
$this->userSession->setVolatileActiveUser($currentUser);
610+
}
611+
}
612+
597613
/**
598614
* @return DateTimeInterface|null Last signed date
599615
*/
@@ -614,7 +630,11 @@ private function signSequentially(array $signRequests): ?DateTimeInterface {
614630
$this->validateDocMdpAllowsSignatures();
615631

616632
try {
617-
$signedFile = $this->getEngine()->sign();
633+
$fileToSign = $this->getFileToSign();
634+
$signedFile = $this->runWithVolatileActiveUser(
635+
$fileToSign->getOwner(),
636+
fn (): File => $this->getEngine()->sign(),
637+
);
618638
} catch (LibresignException|Exception $e) {
619639
$this->cleanupUnsignedSignedFile();
620640
$this->recordSignatureAttempt($e);
@@ -1439,17 +1459,21 @@ private function createSignedFile(File $originalFile, string $content): File {
14391459
$this->l10n->t('signed') . '.' . $originalFile->getExtension(),
14401460
basename($originalFile->getPath())
14411461
);
1442-
$owner = $originalFile->getOwner()->getUID();
1462+
$owner = $originalFile->getOwner();
1463+
$ownerUid = $owner->getUID();
14431464

14441465
$fileId = $this->libreSignFile->getId();
14451466
$extension = $originalFile->getExtension();
14461467
$uniqueFilename = substr((string)$filename, 0, -strlen($extension) - 1) . '_' . $fileId . '.' . $extension;
14471468

14481469
try {
14491470
/** @var \OCP\Files\Folder */
1450-
$parentFolder = $this->root->getUserFolder($owner)->getFirstNodeById($originalFile->getParentId());
1471+
$parentFolder = $this->root->getUserFolder($ownerUid)->getFirstNodeById($originalFile->getParentId());
14511472

1452-
$this->createdSignedFile = $parentFolder->newFile($uniqueFilename, $content);
1473+
$this->createdSignedFile = $this->runWithVolatileActiveUser(
1474+
$owner,
1475+
fn (): File => $parentFolder->newFile($uniqueFilename, $content),
1476+
);
14531477

14541478
return $this->createdSignedFile;
14551479
} catch (NotPermittedException) {

0 commit comments

Comments
 (0)