From b4dcd644620fe39c0ce6005f663cfb96712e5bdb Mon Sep 17 00:00:00 2001 From: Filippo Tessarotto Date: Fri, 3 Aug 2018 12:03:36 +0200 Subject: [PATCH] Cache: handle specific group permission --- .../DefinitionCache/Serializer.php | 2 +- .../DefinitionCache/SerializerTest.php | 22 +++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/library/HTMLPurifier/DefinitionCache/Serializer.php b/library/HTMLPurifier/DefinitionCache/Serializer.php index b82c6bb2..94e3f776 100644 --- a/library/HTMLPurifier/DefinitionCache/Serializer.php +++ b/library/HTMLPurifier/DefinitionCache/Serializer.php @@ -264,7 +264,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac private function _testPermissions($dir, $chmod) { // early abort, if it is writable, everything is hunky-dory - if (is_writable($dir)) { + if ($chmod === (0777 & fileperms($dir))) { return true; } if (!is_dir($dir)) { diff --git a/tests/HTMLPurifier/DefinitionCache/SerializerTest.php b/tests/HTMLPurifier/DefinitionCache/SerializerTest.php index 57c2c3e2..0a8e8da6 100644 --- a/tests/HTMLPurifier/DefinitionCache/SerializerTest.php +++ b/tests/HTMLPurifier/DefinitionCache/SerializerTest.php @@ -225,6 +225,28 @@ class HTMLPurifier_DefinitionCache_SerializerTest extends HTMLPurifier_Definitio } + public function testAlternateGroupPermissions() + { + $cache = new HTMLPurifier_DefinitionCache_Serializer('Test'); + $config = $this->generateConfigMock('serial'); + $config->version = '1.0.0'; + $config->returns('get', 1, array('Test.DefinitionRev')); + $dir = dirname(__FILE__) . '/SerializerTest'; + $config->returns('get', $dir, array('Cache.SerializerPath')); + $config->returns('get', 0770, array('Cache.SerializerPermissions')); + + $def_original = $this->generateDefinition(); + $cache->add($def_original, $config); + $this->assertFileExist($dir . '/Test/1.0.0,serial,1.ser'); + + $this->assertEqual(0660, 0777 & fileperms($dir . '/Test/1.0.0,serial,1.ser')); + $this->assertEqual(0770, 0777 & fileperms($dir . '/Test')); + + unlink($dir . '/Test/1.0.0,serial,1.ser'); + rmdir( $dir . '/Test'); + + } + public function testNoInfiniteLoop() { $cache = new HTMLPurifier_DefinitionCache_Serializer('Test');