PageRenderTime 38ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 1ms

/php-5.4.5/ext/standard/tests/file/windows_acls/common.inc

#
Pascal | 199 lines | 84 code | 23 blank | 92 comment | 14 complexity | 53a5feba6acacfd9f3e876acb6a83073 MD5 | raw file
Possible License(s): MPL-2.0-no-copyleft-exception, BSD-3-Clause, LGPL-2.1 
    

  1. <?php
    2. 

  2. error_reporting(E_ALL);
    3. 

  3. define('PHPT_ACL_READ',  1 << 1);
    4. 

  4. define('PHPT_ACL_WRITE', 1 << 2);
    5. 

  5. define('PHPT_ACL_EXEC',  1 << 3);
    6. 

  6. define('PHPT_ACL_NONE',  1 << 4);
    7. 

  7. define('PHPT_ACL_FULL',  1 << 5);
    8. 

  8. 

  9. define('PHPT_ACL_GRANT',  1);
    10. 

  10. define('PHPT_ACL_DENY',  2);
    11. 

  11. 

  12. function skipif() {
    13. 

  13. 	if(substr(PHP_OS, 0, 3) != 'WIN' ) {
    14. 

  14. 		die('skip windows only test');
    15. 

  15. 	}
    16. 

  16. 	if(stripos(php_uname(), 'XP') !== FALSE) {
    17. 

  17. 		die('skip windows 2003 or newer only test');
    18. 

  18. 	}
    19. 

  19. }
    20. 

  20. 

  21. function get_username(){
    22. 

  22. 	$user = getenv('USERNAME');
    23. 

  23. 

  24. 	if (!$user) {
    25. 

  25. 		$user = get_current_user();
    26. 

  26. 	}
    27. 

  27. 

  28. 	if (!$user) {
    29. 

  29. 		$user =  exec('echo %USERNAME%');
    30. 

  30. 	}
    31. 

  31. 

  32. 	return $user;
    33. 

  33. }
    34. 

  34. 

  35. function get_domainname()
    36. 

  36. {
    37. 

  37. 	$domain = getenv('USERDOMAIN');
    38. 

  38. 

  39. 	return $domain;
    40. 

  40. }
    41. 

  41. 

  42. function get_icacls()
    43. 

  43. {
    44. 

  44. 	$sysroot = exec('echo %SYSTEMROOT%');
    45. 

  45. 

  46. 	return "$sysroot\\System32\\icacls.exe";
    47. 

  47. }
    48. 

  48. 

  49. function fix_acls() {
    50. 

  50. 	$user = get_username();
    51. 

  51. 	/* Current user needs to be owner of the test files. As well
    52. 

  52. 	   all the other users having acls on the files must loose them.
    53. 

  53. 	   The following fixes this just partially, as dynamically reading
    54. 

  54. 	   all the users having acls on a file could be sophisticated. */
    55. 

  55. 	exec(get_icacls() . ' . /setowner $user /T /L /Q 2> nul');
    56. 

  56. 	exec(get_icacls() . ' . /remove:g Administrators /T /L /Q 2> nul');
    57. 

  57. }
    58. 

  58. 

  59. function icacls_set($path, $mode, $perm) {
    60. 

  60. 	$icacls = get_icacls();
    61. 

  61. 	$user = get_username();
    62. 

  62. 	$path_escaped =  '"' . $path . '"';
    63. 

  63. 	$perm_entry = array();
    64. 

  64. 

  65. 	if ($perm & PHPT_ACL_READ) $perm_entry[]  = 'R';
    66. 

  66. 	if ($perm & PHPT_ACL_WRITE) $perm_entry[] = 'W';
    67. 

  67. 	if ($perm & PHPT_ACL_EXEC) $perm_entry[]  = 'RX';
    68. 

  68. 	if ($perm & PHPT_ACL_FULL) $perm_entry[]  = 'F';
    69. 

  69. 

  70. 	// Deny all
    71. 

  71. 	$cmd = $icacls . ' ' . $path_escaped . ' /inheritance:r /deny ' . $user . ':(F,M,R,RX,W)';
    72. 

  72. 	exec($cmd);
    73. 

  73. 

  74. 	if ($perm & PHPT_ACL_NONE) {
    75. 

  75. 		/*
    76. 

  76. 		 This is required to remove all the previously denied
    77. 

  77. 		 permission for the USER. Just granting permission doesn't
    78. 

  78. 		 remove the previously denied permission.
    79. 

  79. 		*/
    80. 

  80. 		$cmd = $icacls . ' ' . $path_escaped . ' /remove:d ' . $user;
    81. 

  81. 		exec($cmd);
    82. 

  82. 		$cmd = $icacls . ' ' . $path_escaped . ' /remove:g ' . $user;
    83. 

  83. 		exec($cmd);
    84. 

  84. 		return;
    85. 

  85. 	}
    86. 

  86. 

  87. 	if ($mode == PHPT_ACL_GRANT) {
    88. 

  88. 		$mode = 'grant';
    89. 

  89. 	} else {
    90. 

  90. 		$mode = 'deny';
    91. 

  91. 	}
    92. 

  92. 

  93. 

  94. 	// Deny all
    95. 

  95. 	$cmd = $icacls . ' ' . $path_escaped . ' /deny ' . $user . ':(F,M,R,RX,W)';
    96. 

  96. 	exec($cmd);
    97. 

  97. 

  98. 	/*
    99. 

  99. 	 This is required to remove all the previously denied
    100. 

  100. 	 permission for the USER. Just granting permission doesn't
    101. 

  101. 	 remove the previously denied permission.
    102. 

  102. 	*/
    103. 

  103. 	$cmd = $icacls . ' ' . $path_escaped . ' /remove:d ' . $user;
    104. 

  104. 	exec($cmd);
    105. 

  105. 	$cmd = $icacls . ' ' . $path_escaped . ' /remove:g ' . $user;
    106. 

  106. 	exec($cmd);
    107. 

  107. 

  108. 

  109. 	/*
    110. 

  110. 	 Required to set no permission and check that is_readable()
    111. 

  111. 	 returns false. If the $perm_entry contains 'N' skip this step.
    112. 

  112. 	 This will make the file/dir with NO aceess.
    113. 

  113. 	*/
    114. 

  114. 	if (!in_array('N', $perm_entry)) {
    115. 

  115. 		/*
    116. 

  116. 		 This is required to remove all the previously denied
    117. 

  117. 		 permission for the USER. Just granting permission doesn't
    118. 

  118. 		 remove the previously denied permission.
    119. 

  119. 		*/
    120. 

  120. 		$cmd = $icacls . ' ' . $path_escaped . ' /remove:d ' . $user;
    121. 

  121. 		exec($cmd);
    122. 

  122. 		$cmd = $icacls . ' ' . $path_escaped . ' /remove:g ' . $user;
    123. 

  123. 		exec($cmd);
    124. 

  124. 

  125. 		$cmd = $icacls . ' ' . $path_escaped . ' /' . $mode . ' ' . $user;
    126. 

  126. 		$cmd .= ':' . '(' . implode($perm_entry, ',') . ')';
    127. 

  127. 		exec($cmd);
    128. 

  128. 	}
    129. 

  129. }
    130. 

  130. 

  131. function create_dir($name, $perms) {
    132. 

  132. 	if (empty($name)) {
    133. 

  133. 		echo "create_dir: Empty name is not allowed\n";
    134. 

  134. 		return;
    135. 

  135. 	}
    136. 

  136. 

  137. 	mkdir($name);
    138. 

  138. 	$dst = realpath($name);
    139. 

  139. 	icacls_set($name, PHPT_ACL_GRANT, $perms);
    140. 

  140. }
    141. 

  141. 

  142. function create_file($name, $perms) {
    143. 

  143. 	if (empty($name)) {
    144. 

  144. 		echo "create_file: Empty name is not allowed\n";
    145. 

  145. 		return;
    146. 

  146. 	}
    147. 

  147. 

  148. 	touch($name);
    149. 

  149. 	icacls_set($name, PHPT_ACL_GRANT, $perms);
    150. 

  150. }
    151. 

  151. 

  152. function delete_file($path) {
    153. 

  153. 	icacls_set($path, PHPT_ACL_GRANT, PHPT_ACL_FULL);
    154. 

  154. 	if (is_file($path)) {
    155. 

  155. 		unlink($path);
    156. 

  156. 	} else {
    157. 

  157. 		echo "delete_file: '$path' is not a file\n";
    158. 

  158. 		return;
    159. 

  159. 	}
    160. 

  160. }
    161. 

  161. 

  162. function delete_dir($path) {
    163. 

  163. 	if (is_dir($path)) {
    164. 

  164. 		icacls_set($path, PHPT_ACL_GRANT, PHPT_ACL_FULL);
    165. 

  165. 		rmdir($path);
    166. 

  166. 	} else {
    167. 

  167. 		echo "delete_dir: '$path' is not a directory\n";
    168. 

  168. 		return;
    169. 

  169. 	}
    170. 

  170. }
    171. 

  171. if (0) {
    172. 

  172. $path = __DIR__ . '/a.txt';
    173. 

  173. create_file($path, PHPT_ACL_NONE);
    174. 

  174. if (!is_writable($path)) {
    175. 

  175. 	echo "PHPT_ACL_NONE success!!\n";
    176. 

  176. } else {
    177. 

  177. 	echo "PHPT_ACL_NONE failed!!\n";
    178. 

  178. }
    179. 

  179. delete_file($path);
    180. 

  180. 

  181. $path = __DIR__ . '/a.txt';
    182. 

  182. create_file($path, PHPT_ACL_READ);
    183. 

  183. if (!is_writable($path)) {
    184. 

  184. 	echo "PHPT_ACL_READ success!!\n";
    185. 

  185. } else {
    186. 

  186. 	echo "PHPT_ACL_READ failed!!\n";
    187. 

  187. }
    188. 

  188. delete_file($path);
    189. 

  189. 

  190. $path = __DIR__ . '/adir';
    191. 

  191. create_dir($path, PHPT_ACL_READ);
    192. 

  192. if (!is_writable($path)) {
    193. 

  193. 	echo "PHPT_ACL_READ dir success!!\n";
    194. 

  194. } else {
    195. 

  195. 	echo "PHPT_ACL_READ dir failed!!\n";
    196. 

  196. }
    197. 

  197. delete_dir($path);
    198. 

  198. 

  199. }
    200. 

  200.