search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
merge the formfield patch from ooo-build
[ooovba.git] / svtools / source / misc / restrictedpaths.cxx
blob80581bb43f205dc8a9b340c635df30e12e3aa2dc
1 /*************************************************************************
2 *
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * Copyright 2008 by Sun Microsystems, Inc.
6 *
7 * OpenOffice.org - a multi-platform office productivity suite
8 *
9 * $RCSfile: restrictedpaths.cxx,v $
10 * $Revision: 1.8 $
11 *
12 * This file is part of OpenOffice.org.
13 *
14 * OpenOffice.org is free software: you can redistribute it and/or modify
15 * it under the terms of the GNU Lesser General Public License version 3
16 * only, as published by the Free Software Foundation.
17 *
18 * OpenOffice.org is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU Lesser General Public License version 3 for more details
22 * (a copy is included in the LICENSE file that accompanied this code).
23 *
24 * You should have received a copy of the GNU Lesser General Public License
25 * version 3 along with OpenOffice.org. If not, see
26 * <http://www.openoffice.org/license.html>
27 * for a copy of the LGPLv3 License.
28 *
29 ************************************************************************/
30
31 // MARKER(update_precomp.py): autogen include statement, do not remove
32 #include "precompiled_svtools.hxx"
33 #include <svtools/restrictedpaths.hxx>
34
35 #include <algorithm>
36 #include <osl/process.h>
37 #include <tools/urlobj.hxx>
38 #include <unotools/localfilehelper.hxx>
39 #include <svtools/syslocale.hxx>
40
41 namespace svt
42 {
43 namespace
44 {
45 // ----------------------------------------------------------------
46 /** retrieves the value of an environment variable
47 @return <TRUE/> if and only if the retrieved string value is not empty
48 */
49 bool lcl_getEnvironmentValue( const sal_Char* _pAsciiEnvName, ::rtl::OUString& _rValue )
50 {
51 _rValue = ::rtl::OUString();
52 ::rtl::OUString sEnvName = ::rtl::OUString::createFromAscii( _pAsciiEnvName );
53 osl_getEnvironment( sEnvName.pData, &_rValue.pData );
54 return _rValue.getLength() != 0;
55 }
56
57 //-----------------------------------------------------------------
58 void lcl_convertStringListToUrls( const String& _rColonSeparatedList, ::std::vector< String >& _rTokens, bool _bFinalSlash )
59 {
60 const sal_Unicode s_cSeparator =
61 #if defined(WNT)
62 ';'
63 #else
64 ':'
65 #endif
66 ;
67 xub_StrLen nTokens = _rColonSeparatedList.GetTokenCount( s_cSeparator );
68 _rTokens.resize( 0 ); _rTokens.reserve( nTokens );
69 for ( xub_StrLen i=0; i<nTokens; ++i )
70 {
71 // the current token in the list
72 String sCurrentToken = _rColonSeparatedList.GetToken( i, s_cSeparator );
73 if ( !sCurrentToken.Len() )
74 continue;
75
76 INetURLObject aCurrentURL;
77
78 String sURL;
79 if ( ::utl::LocalFileHelper::ConvertPhysicalNameToURL( sCurrentToken, sURL ) )
80 aCurrentURL = INetURLObject( sURL );
81 else
82 {
83 // smart URL parsing, assuming FILE protocol
84 aCurrentURL = INetURLObject( sCurrentToken, INET_PROT_FILE );
85 }
86
87 if ( _bFinalSlash )
88 aCurrentURL.setFinalSlash( );
89 else
90 aCurrentURL.removeFinalSlash( );
91 _rTokens.push_back( aCurrentURL.GetMainURL( INetURLObject::NO_DECODE ) );
92 }
93 }
94
95 }
96
97 //=====================================================================
98 //= CheckURLAllowed
99 //=====================================================================
100 struct CheckURLAllowed
101 {
102 protected:
103 #ifdef WNT
104 SvtSysLocale m_aSysLocale;
105 #endif
106 String m_sCheckURL; // the URL to check
107 bool m_bAllowParent;
108 public:
109 inline CheckURLAllowed( const String& _rCheckURL, bool bAllowParent = true )
110 :m_sCheckURL( _rCheckURL ), m_bAllowParent( bAllowParent )
111 {
112 #ifdef WNT
113 // on windows, assume that the relevant file systems are case insensitive,
114 // thus normalize the URL
115 m_sCheckURL = m_aSysLocale.GetCharClass().toLower( m_sCheckURL, 0, m_sCheckURL.Len() );
116 #endif
117 }
118
119 bool operator()( const String& _rApprovedURL )
120 {
121 #ifdef WNT
122 // on windows, assume that the relevant file systems are case insensitive,
123 // thus normalize the URL
124 String sApprovedURL( m_aSysLocale.GetCharClass().toLower( _rApprovedURL, 0, _rApprovedURL.Len() ) );
125 #else
126 String sApprovedURL( _rApprovedURL );
127 #endif
128
129 xub_StrLen nLenApproved = sApprovedURL.Len();
130 xub_StrLen nLenChecked = m_sCheckURL.Len();
131
132 if ( nLenApproved > nLenChecked )
133 {
134 if ( m_bAllowParent )
135 {
136 if ( sApprovedURL.Search( m_sCheckURL ) == 0 )
137 {
138 if ( ( m_sCheckURL.GetChar( nLenChecked - 1 ) == '/' )
139 || ( sApprovedURL.GetChar( nLenChecked ) == '/' ) )
140 return true;
141 }
142 }
143 else
144 {
145 // just a difference in final slash?
146 if ( ( nLenApproved == ( nLenChecked + 1 ) ) &&
147 ( sApprovedURL.GetChar( nLenApproved - 1 ) == '/' ) )
148 return true;
149 }
150 return false;
151 }
152 else if ( nLenApproved < nLenChecked )
153 {
154 if ( m_sCheckURL.Search( sApprovedURL ) == 0 )
155 {
156 if ( ( sApprovedURL.GetChar( nLenApproved - 1 ) == '/' )
157 || ( m_sCheckURL.GetChar( nLenApproved ) == '/' ) )
158 return true;
159 }
160 return false;
161 }
162 else
163 {
164 // strings have equal length
165 return ( sApprovedURL == m_sCheckURL );
166 }
167 }
168 };
169
170 //=====================================================================
171 //= RestrictedPaths
172 //=====================================================================
173 //---------------------------------------------------------------------
174 RestrictedPaths::RestrictedPaths()
175 :m_bFilterIsEnabled( true )
176 {
177 ::rtl::OUString sRestrictedPathList;
178 if ( lcl_getEnvironmentValue( "RestrictedPath", sRestrictedPathList ) )
179 // append a final slash. This ensures that when we later on check
180 // for unrestricted paths, we don't allow paths like "/home/user35" just because
181 // "/home/user3" is allowed - with the final slash, we make it "/home/user3/".
182 lcl_convertStringListToUrls( sRestrictedPathList, m_aUnrestrictedURLs, true );
183 }
184
185 RestrictedPaths::~RestrictedPaths() {}
186
187 // --------------------------------------------------------------------
188 bool RestrictedPaths::isUrlAllowed( const String& _rURL ) const
189 {
190 if ( m_aUnrestrictedURLs.empty() || !m_bFilterIsEnabled )
191 return true;
192
193 ::std::vector< String >::const_iterator aApprovedURL = ::std::find_if(
194 m_aUnrestrictedURLs.begin(),
195 m_aUnrestrictedURLs.end(),
196 CheckURLAllowed( _rURL, true )
197 );
198
199 return ( aApprovedURL != m_aUnrestrictedURLs.end() );
200 }
201
202 // --------------------------------------------------------------------
203 bool RestrictedPaths::isUrlAllowed( const String& _rURL, bool allowParents ) const
204 {
205 if ( m_aUnrestrictedURLs.empty() || !m_bFilterIsEnabled )
206 return true;
207
208 ::std::vector< String >::const_iterator aApprovedURL = ::std::find_if(
209 m_aUnrestrictedURLs.begin(),
210 m_aUnrestrictedURLs.end(),
211 CheckURLAllowed( _rURL, allowParents )
212 );
213
214 return ( aApprovedURL != m_aUnrestrictedURLs.end() );
215 }
216
217 } // namespace svt
vba interoperability for OOo