Server IP : 103.119.228.120 / Your IP : 18.117.172.189 Web Server : Apache System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64 User : nobody ( 99) PHP Version : 5.6.40 Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/local/ssl/local/ssl/local/ssl/local/ssl/local/ssl/local/share/perl5/Net/DAV/ |
Upload File : |
package Net::DAV::LockManager; use strict; use warnings; use File::Spec (); use Net::DAV::UUID; use Net::DAV::Lock; our $VERSION = '1.304'; $VERSION = eval $VERSION; sub new { my ($class, $db) = (shift, shift); my %obj = @_; $obj{'db'} = $db; return bless \%obj, $class; } sub can_modify { my ($self, $req) = @_; _validate_lock_request( $req, 'user' ); my ($resource, $token) = @{$req}{qw/path token/}; my $lock = $self->_get_lock( $resource ) || $self->_get_indirect_lock( $resource ); return 1 unless $lock; return 0 unless $token; return _is_permitted( $req, $lock ); } sub lock { my ($self, $req) = @_; _validate_lock_request( $req, 'user', 'owner' ); my $path = $req->{'path'}; return undef unless $self->can_modify( $req ) && !$self->_get_lock( $path ); foreach my $lock ( $self->{'db'}->list_descendants( $path ) ) { return undef unless _is_permitted( $req, $lock ); } return $self->_add_lock(Net::DAV::Lock->new({ 'path' => $path, (defined $req->{'timeout'} ? ('expiry' => time() + $req->{'timeout'}) : ()), 'creator' => $req->{'user'}, 'owner' => $req->{'owner'}, (defined $req->{'depth'} ? ('depth' => $req->{'depth'}) : ()), (defined $req->{'scope'} ? ('scope' => $req->{'scope'}) : ()), })); } sub refresh_lock { my ($self, $req) = @_; _validate_lock_request( $req, 'user', 'token' ); my $lock = $self->_get_lock( $req->{'path'} ); return undef unless $lock; return undef unless _is_permitted( $req, $lock ); $lock->renew( time() + ($req->{'timeout'} || $Net::DAV::Lock::DEFAULT_LOCK_TIMEOUT) ); return $self->_update_lock( $lock ); } sub unlock { my ($self, $req) = @_; _validate_lock_request( $req, 'user', 'token' ); my $lock = $self->_get_lock( $req->{'path'} ); return 0 unless $lock; return 0 unless _is_permitted( $req, $lock ); $self->_remove_lock( $lock ); return 1; } sub find_lock { my ($self, $req) = @_; _validate_lock_request( $req ); my $path = $req->{'path'}; return $self->_get_lock( $path ) || $self->_get_indirect_lock( $path ); } sub list_all_locks { my ($self, $req) = @_; _validate_lock_request( $req ); my $path = $req->{'path'}; my @locks; my $lock = $self->_get_lock( $path ); push @locks, $lock if defined $lock; while ( $path =~ s{/[^/]+$}{} ) { $path = '/' unless length $path; my $lock = $self->_get_lock( $path ); push @locks, $lock if $lock && $lock->depth eq 'infinity'; } return @locks; } # # Retrieve a lock from the lock database, given the path to the lock. # Return undef if none. This method also has the side effect of expiring # any old locks persisted upon fetching. # sub _get_lock { my ($self, $path) = @_; my $lock = $self->{'db'}->get( $path ); return undef unless $lock; if (time() >= $lock->expiry) { $self->_remove_lock($lock); return undef; } return $lock; } # # Add the given lock to the database. # sub _add_lock { my ($self, $lock) = @_; return $self->{'db'}->add($lock); } # # Update the lock provided. # sub _update_lock { my ($self, $lock) = @_; return $self->{'db'}->update($lock); } # # Remove the lock object passed from the database. # sub _remove_lock { my ($self, $lock) = @_; $self->{'db'}->remove($lock); return 1; } # # Get the lock of the nearest ancestor that applies to this resource. # Returns undef if none found. # sub _get_indirect_lock { my ($self, $res) = @_; while ( $res =~ s{/[^/]+$}{} ) { $res = '/' unless length $res; my $lock = $self->_get_lock( $res ); return $lock if $lock && $lock->depth eq 'infinity'; } return; } # # Return true or false depending on whether or not the information reflected # in the request is appropriate for the lock obtained from the database. In # other words, make sure the token and user match the request. # sub _is_permitted { my ($req, $lock) = @_; return 0 unless $req->{'user'} eq $lock->creator; return 0 if !defined $req->{'token'}; if ( 'ARRAY' eq ref $req->{'token'} ) { return 0 unless grep { $_ eq $lock->token } @{$req->{'token'}}; } else { return 0 unless $req->{'token'} eq $lock->token; } return 1; } # # Perform general parameter validation. # # The parameter passed in should be a hash reference to be validated. The # optional list that follows are names of required parameters besides the # 'path' and 'user' parameters that are always required. # # Throws exception on failure. # sub _validate_lock_request { my ($req, @required) = @_; die "Parameter should be a hash reference.\n" unless 'HASH' eq ref $req; foreach my $arg ( qw/path/, @required ) { die "Missing required '$arg' parameter.\n" unless exists $req->{$arg}; } die "Not a clean path\n" if $req->{'path'} =~ m{(?:^|/)\.\.?(?:$|/)}; die "Not a clean path\n" if $req->{'path'} !~ m{^/} && !($req->{'path'} =~ s{^https?://[^/]+/}{/}); if( defined $req->{'user'} && $req->{'user'} !~ m{^[0-9a-z_.][-a-z0-9_.]*$}i ) { die "Not a valid user name.\n"; # May need better validation. } # Validate optional parameters as necessary. if( defined $req->{'scope'} && $Net::DAV::Lock::DEFAULT_SCOPE ne $req->{'scope'} ) { die "'$req->{'scope'}' is not a supported value for scope.\n"; } if( defined $req->{'depth'} && '0' ne $req->{'depth'} && 'infinity' ne $req->{'depth'} ) { die "'$req->{'depth'}' is not a supported value for depth.\n"; } if( defined $req->{'timeout'} && $req->{'timeout'} =~ /\D/ ) { die "'$req->{'timeout'}' is not a supported value for timeout.\n"; } if ( defined $req->{'token'} ) { unless ( !ref $req->{'token'} || 'ARRAY' eq ref $req->{'token'} ) { die "Invalid token, not a string or array reference.\n"; } } # Remove trailing / from path to make pathnames canonical. $req->{'path'} =~ s{/$}{} unless $req->{'path'} eq '/'; return; } 1; __END__ Copyright (c) 2011, cPanel, Inc. All rights reserved. This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See L<perlartistic>.