Make it possible to disable local storage mount type

[PVince81]

In some scenarios, the ownCloud admin is not the same person as the sysadmin.
In such scenarios, the ownCloud admin only has access to the web interface and cannot run CLI commands and is not supposed to do anything outside of the OC folder.
Allowing such admin to mount arbitrary folders with the "Local" external storage could be considered a security issue in such specific scenarios.

So the idea would be to introduce a config.php option (which is edited by the sysadmin) to prevent admins to mount external storages of the type "Local".

@hodyroff @jvillafanez @DeepDiver1975

[hodyroff]

Yes.
@pmaier1

[pmaier1]

Sounds good, effort probably low (?!), adding to 9.2 milestone

[PVince81]

Yeah, I think doable in 1-2 md.

[PVince81]

I'd say the technical approach is as follows: if the config.php switch is false (defaults to true), then remove the registration of the "Local" storage backend completely. This will make it disappear from the web UI and any storages mounted already with this backend will disappear too.

[PVince81]

Thanks a lot to @grischdian for implementing this in #26990

[pmaier1]

@PVince81 Please change the default of 'files_external_deny_local' to 'true' for 10.0 (mounting local storage should have to be enabled explicitly)

[PVince81]

@pmaier1 it is possible to change the default, yes.

This will be a bit more work because we need to make sure that if "Local" storages were mounted in past versions, then the default will still set itself to no. Without this, an upgrade to OC 10 with legitimate local storages would see them suddenly unmounted which could cause sync clients to start deleting local files when they see the folder is gone. (not good)

So: write a migration that checks all existing storage configs. If any of the storage configs contain at least one with the "Local" external storage, then set it explicitly to "yes".
If nothing was found, don't set anything and let it default to "no".

Makes sense ?

[PVince81]

Further clarification:

The current implementation is an absolute setting. This means that if existing local storages existed, flipping the switch would make them disappear.

However actual the requirement is different:

• the setting must only prevent creating new "Local" storage mounts from the web UI when disabled. So if "Local" storages existed before, they will continue to exist.
• the setting must be disabled by default (no "Local" storages can be created)
• occ commands for external storage are not affected by the setting.

Let's add a second config.php setting called "files_external_allow_create_new_local" that fits this purpose.

The permission check needs to be done in the UI controllers:

• do not allow creating here if the setting is unset: https://github.com/owncloud/core/blob/master/apps/files_external/lib/Controller/StoragesController.php#L115.
• filter out the "Local" backend from the backend list displayed in the UI

@grischdian another challenge ? or @noveens ?

[noveens]

Would love to take this after #27359 .

[PVince81]

@noveens do you still intend to work on this or should someone else take over ?

[noveens]

@PVince81 ,
Will take this in 3-4 days.

Thanks for reminding 😃

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.