1*cdf0e10cSrcweir /************************************************************************* 2*cdf0e10cSrcweir * 3*cdf0e10cSrcweir * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4*cdf0e10cSrcweir * 5*cdf0e10cSrcweir * Copyright 2000, 2010 Oracle and/or its affiliates. 6*cdf0e10cSrcweir * 7*cdf0e10cSrcweir * OpenOffice.org - a multi-platform office productivity suite 8*cdf0e10cSrcweir * 9*cdf0e10cSrcweir * This file is part of OpenOffice.org. 10*cdf0e10cSrcweir * 11*cdf0e10cSrcweir * OpenOffice.org is free software: you can redistribute it and/or modify 12*cdf0e10cSrcweir * it under the terms of the GNU Lesser General Public License version 3 13*cdf0e10cSrcweir * only, as published by the Free Software Foundation. 14*cdf0e10cSrcweir * 15*cdf0e10cSrcweir * OpenOffice.org is distributed in the hope that it will be useful, 16*cdf0e10cSrcweir * but WITHOUT ANY WARRANTY; without even the implied warranty of 17*cdf0e10cSrcweir * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18*cdf0e10cSrcweir * GNU Lesser General Public License version 3 for more details 19*cdf0e10cSrcweir * (a copy is included in the LICENSE file that accompanied this code). 20*cdf0e10cSrcweir * 21*cdf0e10cSrcweir * You should have received a copy of the GNU Lesser General Public License 22*cdf0e10cSrcweir * version 3 along with OpenOffice.org. If not, see 23*cdf0e10cSrcweir * <http://www.openoffice.org/license.html> 24*cdf0e10cSrcweir * for a copy of the LGPLv3 License. 25*cdf0e10cSrcweir * 26*cdf0e10cSrcweir ************************************************************************/ 27*cdf0e10cSrcweir 28*cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 29*cdf0e10cSrcweir #include "precompiled_svl.hxx" 30*cdf0e10cSrcweir #include <svl/restrictedpaths.hxx> 31*cdf0e10cSrcweir 32*cdf0e10cSrcweir #include <algorithm> 33*cdf0e10cSrcweir #include <osl/process.h> 34*cdf0e10cSrcweir #include <tools/urlobj.hxx> 35*cdf0e10cSrcweir #include <unotools/localfilehelper.hxx> 36*cdf0e10cSrcweir #include <unotools/syslocale.hxx> 37*cdf0e10cSrcweir 38*cdf0e10cSrcweir namespace svt 39*cdf0e10cSrcweir { 40*cdf0e10cSrcweir namespace 41*cdf0e10cSrcweir { 42*cdf0e10cSrcweir // ---------------------------------------------------------------- 43*cdf0e10cSrcweir /** retrieves the value of an environment variable 44*cdf0e10cSrcweir @return <TRUE/> if and only if the retrieved string value is not empty 45*cdf0e10cSrcweir */ 46*cdf0e10cSrcweir bool lcl_getEnvironmentValue( const sal_Char* _pAsciiEnvName, ::rtl::OUString& _rValue ) 47*cdf0e10cSrcweir { 48*cdf0e10cSrcweir _rValue = ::rtl::OUString(); 49*cdf0e10cSrcweir ::rtl::OUString sEnvName = ::rtl::OUString::createFromAscii( _pAsciiEnvName ); 50*cdf0e10cSrcweir osl_getEnvironment( sEnvName.pData, &_rValue.pData ); 51*cdf0e10cSrcweir return _rValue.getLength() != 0; 52*cdf0e10cSrcweir } 53*cdf0e10cSrcweir 54*cdf0e10cSrcweir //----------------------------------------------------------------- 55*cdf0e10cSrcweir void lcl_convertStringListToUrls( const String& _rColonSeparatedList, ::std::vector< String >& _rTokens, bool _bFinalSlash ) 56*cdf0e10cSrcweir { 57*cdf0e10cSrcweir const sal_Unicode s_cSeparator = 58*cdf0e10cSrcweir #if defined(WNT) 59*cdf0e10cSrcweir ';' 60*cdf0e10cSrcweir #else 61*cdf0e10cSrcweir ':' 62*cdf0e10cSrcweir #endif 63*cdf0e10cSrcweir ; 64*cdf0e10cSrcweir xub_StrLen nTokens = _rColonSeparatedList.GetTokenCount( s_cSeparator ); 65*cdf0e10cSrcweir _rTokens.resize( 0 ); _rTokens.reserve( nTokens ); 66*cdf0e10cSrcweir for ( xub_StrLen i=0; i<nTokens; ++i ) 67*cdf0e10cSrcweir { 68*cdf0e10cSrcweir // the current token in the list 69*cdf0e10cSrcweir String sCurrentToken = _rColonSeparatedList.GetToken( i, s_cSeparator ); 70*cdf0e10cSrcweir if ( !sCurrentToken.Len() ) 71*cdf0e10cSrcweir continue; 72*cdf0e10cSrcweir 73*cdf0e10cSrcweir INetURLObject aCurrentURL; 74*cdf0e10cSrcweir 75*cdf0e10cSrcweir String sURL; 76*cdf0e10cSrcweir if ( ::utl::LocalFileHelper::ConvertPhysicalNameToURL( sCurrentToken, sURL ) ) 77*cdf0e10cSrcweir aCurrentURL = INetURLObject( sURL ); 78*cdf0e10cSrcweir else 79*cdf0e10cSrcweir { 80*cdf0e10cSrcweir // smart URL parsing, assuming FILE protocol 81*cdf0e10cSrcweir aCurrentURL = INetURLObject( sCurrentToken, INET_PROT_FILE ); 82*cdf0e10cSrcweir } 83*cdf0e10cSrcweir 84*cdf0e10cSrcweir if ( _bFinalSlash ) 85*cdf0e10cSrcweir aCurrentURL.setFinalSlash( ); 86*cdf0e10cSrcweir else 87*cdf0e10cSrcweir aCurrentURL.removeFinalSlash( ); 88*cdf0e10cSrcweir _rTokens.push_back( aCurrentURL.GetMainURL( INetURLObject::NO_DECODE ) ); 89*cdf0e10cSrcweir } 90*cdf0e10cSrcweir } 91*cdf0e10cSrcweir 92*cdf0e10cSrcweir } 93*cdf0e10cSrcweir 94*cdf0e10cSrcweir //===================================================================== 95*cdf0e10cSrcweir //= CheckURLAllowed 96*cdf0e10cSrcweir //===================================================================== 97*cdf0e10cSrcweir struct CheckURLAllowed 98*cdf0e10cSrcweir { 99*cdf0e10cSrcweir protected: 100*cdf0e10cSrcweir #ifdef WNT 101*cdf0e10cSrcweir SvtSysLocale m_aSysLocale; 102*cdf0e10cSrcweir #endif 103*cdf0e10cSrcweir String m_sCheckURL; // the URL to check 104*cdf0e10cSrcweir bool m_bAllowParent; 105*cdf0e10cSrcweir public: 106*cdf0e10cSrcweir inline CheckURLAllowed( const String& _rCheckURL, bool bAllowParent = true ) 107*cdf0e10cSrcweir :m_sCheckURL( _rCheckURL ), m_bAllowParent( bAllowParent ) 108*cdf0e10cSrcweir { 109*cdf0e10cSrcweir #ifdef WNT 110*cdf0e10cSrcweir // on windows, assume that the relevant file systems are case insensitive, 111*cdf0e10cSrcweir // thus normalize the URL 112*cdf0e10cSrcweir m_sCheckURL = m_aSysLocale.GetCharClass().toLower( m_sCheckURL, 0, m_sCheckURL.Len() ); 113*cdf0e10cSrcweir #endif 114*cdf0e10cSrcweir } 115*cdf0e10cSrcweir 116*cdf0e10cSrcweir bool operator()( const String& _rApprovedURL ) 117*cdf0e10cSrcweir { 118*cdf0e10cSrcweir #ifdef WNT 119*cdf0e10cSrcweir // on windows, assume that the relevant file systems are case insensitive, 120*cdf0e10cSrcweir // thus normalize the URL 121*cdf0e10cSrcweir String sApprovedURL( m_aSysLocale.GetCharClass().toLower( _rApprovedURL, 0, _rApprovedURL.Len() ) ); 122*cdf0e10cSrcweir #else 123*cdf0e10cSrcweir String sApprovedURL( _rApprovedURL ); 124*cdf0e10cSrcweir #endif 125*cdf0e10cSrcweir 126*cdf0e10cSrcweir xub_StrLen nLenApproved = sApprovedURL.Len(); 127*cdf0e10cSrcweir xub_StrLen nLenChecked = m_sCheckURL.Len(); 128*cdf0e10cSrcweir 129*cdf0e10cSrcweir if ( nLenApproved > nLenChecked ) 130*cdf0e10cSrcweir { 131*cdf0e10cSrcweir if ( m_bAllowParent ) 132*cdf0e10cSrcweir { 133*cdf0e10cSrcweir if ( sApprovedURL.Search( m_sCheckURL ) == 0 ) 134*cdf0e10cSrcweir { 135*cdf0e10cSrcweir if ( ( m_sCheckURL.GetChar( nLenChecked - 1 ) == '/' ) 136*cdf0e10cSrcweir || ( sApprovedURL.GetChar( nLenChecked ) == '/' ) ) 137*cdf0e10cSrcweir return true; 138*cdf0e10cSrcweir } 139*cdf0e10cSrcweir } 140*cdf0e10cSrcweir else 141*cdf0e10cSrcweir { 142*cdf0e10cSrcweir // just a difference in final slash? 143*cdf0e10cSrcweir if ( ( nLenApproved == ( nLenChecked + 1 ) ) && 144*cdf0e10cSrcweir ( sApprovedURL.GetChar( nLenApproved - 1 ) == '/' ) ) 145*cdf0e10cSrcweir return true; 146*cdf0e10cSrcweir } 147*cdf0e10cSrcweir return false; 148*cdf0e10cSrcweir } 149*cdf0e10cSrcweir else if ( nLenApproved < nLenChecked ) 150*cdf0e10cSrcweir { 151*cdf0e10cSrcweir if ( m_sCheckURL.Search( sApprovedURL ) == 0 ) 152*cdf0e10cSrcweir { 153*cdf0e10cSrcweir if ( ( sApprovedURL.GetChar( nLenApproved - 1 ) == '/' ) 154*cdf0e10cSrcweir || ( m_sCheckURL.GetChar( nLenApproved ) == '/' ) ) 155*cdf0e10cSrcweir return true; 156*cdf0e10cSrcweir } 157*cdf0e10cSrcweir return false; 158*cdf0e10cSrcweir } 159*cdf0e10cSrcweir else 160*cdf0e10cSrcweir { 161*cdf0e10cSrcweir // strings have equal length 162*cdf0e10cSrcweir return ( sApprovedURL == m_sCheckURL ); 163*cdf0e10cSrcweir } 164*cdf0e10cSrcweir } 165*cdf0e10cSrcweir }; 166*cdf0e10cSrcweir 167*cdf0e10cSrcweir //===================================================================== 168*cdf0e10cSrcweir //= RestrictedPaths 169*cdf0e10cSrcweir //===================================================================== 170*cdf0e10cSrcweir //--------------------------------------------------------------------- 171*cdf0e10cSrcweir RestrictedPaths::RestrictedPaths() 172*cdf0e10cSrcweir :m_bFilterIsEnabled( true ) 173*cdf0e10cSrcweir { 174*cdf0e10cSrcweir ::rtl::OUString sRestrictedPathList; 175*cdf0e10cSrcweir if ( lcl_getEnvironmentValue( "RestrictedPath", sRestrictedPathList ) ) 176*cdf0e10cSrcweir // append a final slash. This ensures that when we later on check 177*cdf0e10cSrcweir // for unrestricted paths, we don't allow paths like "/home/user35" just because 178*cdf0e10cSrcweir // "/home/user3" is allowed - with the final slash, we make it "/home/user3/". 179*cdf0e10cSrcweir lcl_convertStringListToUrls( sRestrictedPathList, m_aUnrestrictedURLs, true ); 180*cdf0e10cSrcweir } 181*cdf0e10cSrcweir 182*cdf0e10cSrcweir RestrictedPaths::~RestrictedPaths() {} 183*cdf0e10cSrcweir 184*cdf0e10cSrcweir // -------------------------------------------------------------------- 185*cdf0e10cSrcweir bool RestrictedPaths::isUrlAllowed( const String& _rURL ) const 186*cdf0e10cSrcweir { 187*cdf0e10cSrcweir if ( m_aUnrestrictedURLs.empty() || !m_bFilterIsEnabled ) 188*cdf0e10cSrcweir return true; 189*cdf0e10cSrcweir 190*cdf0e10cSrcweir ::std::vector< String >::const_iterator aApprovedURL = ::std::find_if( 191*cdf0e10cSrcweir m_aUnrestrictedURLs.begin(), 192*cdf0e10cSrcweir m_aUnrestrictedURLs.end(), 193*cdf0e10cSrcweir CheckURLAllowed( _rURL, true ) 194*cdf0e10cSrcweir ); 195*cdf0e10cSrcweir 196*cdf0e10cSrcweir return ( aApprovedURL != m_aUnrestrictedURLs.end() ); 197*cdf0e10cSrcweir } 198*cdf0e10cSrcweir 199*cdf0e10cSrcweir // -------------------------------------------------------------------- 200*cdf0e10cSrcweir bool RestrictedPaths::isUrlAllowed( const String& _rURL, bool allowParents ) const 201*cdf0e10cSrcweir { 202*cdf0e10cSrcweir if ( m_aUnrestrictedURLs.empty() || !m_bFilterIsEnabled ) 203*cdf0e10cSrcweir return true; 204*cdf0e10cSrcweir 205*cdf0e10cSrcweir ::std::vector< String >::const_iterator aApprovedURL = ::std::find_if( 206*cdf0e10cSrcweir m_aUnrestrictedURLs.begin(), 207*cdf0e10cSrcweir m_aUnrestrictedURLs.end(), 208*cdf0e10cSrcweir CheckURLAllowed( _rURL, allowParents ) 209*cdf0e10cSrcweir ); 210*cdf0e10cSrcweir 211*cdf0e10cSrcweir return ( aApprovedURL != m_aUnrestrictedURLs.end() ); 212*cdf0e10cSrcweir } 213*cdf0e10cSrcweir 214*cdf0e10cSrcweir } // namespace svt 215