From b2cbf02a301be8357ca89d2a51d473230edf1e56 Mon Sep 17 00:00:00 2001
From: Bartek Wajda <bartlomiej.wajda@ibexa.co>
Date: Fri, 5 Jan 2024 14:06:15 +0100
Subject: [PATCH] IBX-7485: Implemented custom Filesystem that handles
 corrupted filepaths

---
 eZ/Publish/Core/IO/Filesystem.php | 79 +++++++++++++++++++++++++++++++
 eZ/Publish/Core/settings/io.yml   |  2 +-
 2 files changed, 80 insertions(+), 1 deletion(-)
 create mode 100644 eZ/Publish/Core/IO/Filesystem.php

diff --git a/eZ/Publish/Core/IO/Filesystem.php b/eZ/Publish/Core/IO/Filesystem.php
new file mode 100644
index 0000000000..70c992bf6e
--- /dev/null
+++ b/eZ/Publish/Core/IO/Filesystem.php
@@ -0,0 +1,79 @@
+<?php
+
+/**
+ * @copyright Copyright (C) Ibexa AS. All rights reserved.
+ * @license For full copyright and license information view LICENSE file distributed with this source code.
+ */
+declare(strict_types=1);
+
+namespace eZ\Publish\Core\IO;
+
+use League\Flysystem\Filesystem as FlysystemFilesystem;
+use LogicException;
+
+class Filesystem extends FlysystemFilesystem
+{
+    public function getMetadata($path)
+    {
+        $path = $this->normalizeRelativePath($path);
+        $this->assertPresent($path);
+
+        return $this->getAdapter()->getMetadata($path);
+    }
+
+    public function has($path): bool
+    {
+        $path = $this->normalizeRelativePath($path);
+
+        return !(strlen($path) === 0) && (bool)$this->getAdapter()->has($path);
+    }
+
+    public function getMimetype($path)
+    {
+        $path = $this->normalizeRelativePath($path);
+        $this->assertPresent($path);
+
+        if ((!$object = $this->getAdapter()->getMimetype($path)) || !array_key_exists('mimetype', $object)) {
+            return false;
+        }
+
+        return $object['mimetype'];
+    }
+
+    public function delete($path)
+    {
+        $path = $this->normalizeRelativePath($path);
+        $this->assertPresent($path);
+
+        return $this->getAdapter()->delete($path);
+    }
+
+    private function normalizeRelativePath(string $path): string
+    {
+        $path = str_replace('\\', '/', $path);
+        $parts = [];
+
+        foreach (explode('/', $path) as $part) {
+            switch ($part) {
+                case '':
+                case '.':
+                    break;
+
+                case '..':
+                    if (empty($parts)) {
+                        throw new LogicException(
+                            'Path is outside of the defined root, path: [' . $path . ']'
+                        );
+                    }
+                    array_pop($parts);
+                    break;
+
+                default:
+                    $parts[] = $part;
+                    break;
+            }
+        }
+
+        return implode('/', $parts);
+    }
+}
diff --git a/eZ/Publish/Core/settings/io.yml b/eZ/Publish/Core/settings/io.yml
index 20b2b60e3b..ce94655233 100644
--- a/eZ/Publish/Core/settings/io.yml
+++ b/eZ/Publish/Core/settings/io.yml
@@ -35,7 +35,7 @@ services:
             - "@ezpublish.core.io.default_url_decorator"
 
     ezpublish.core.io.flysystem.base_filesystem:
-        class: League\Flysystem\Filesystem
+        class: eZ\Publish\Core\IO\Filesystem
         abstract: true
 
     ezpublish.core.io.flysystem.default_filesystem: