Wrong fe_groups in field "access" of the solr core, when indexing with solrfal

[haraldwitt]

Example / Description:
Set any group at the root of a private storage. All files indexed with solrfal will get this group in the core field "access". So a user might get shown more search results as he should see. Clicking on some of the result-links will result in "No access" message of fal_securedownload. Furtermore the user could see secret informations in the prview of the search result.

Reason:
\BeechIt\FalSecuredownload\Aspects\SolrFalAspect::class contains the folloing line:

$resourcePermissions = $this->checkPermissionsService->getPermissions($item->getFile());

In getPermissions is the following loop:

foreach ($this->getFolderRootLine($resource->getParentFolder()) as $folder)

The array contains the rootline from the root of the storage down to the ressource.
But it should be examined in the reverse order. This is because "The deeper the folder structure, the more restrictive the permissions". And the most restrictive permission from the view of the ressource should match.
So an arry_reverse() would help.
This should be sure because the method is only called from:

• Aspects/SolrFalAspect.php line 52
• Hooks/KeSearchFilesHook.php lines 77 and 102

But there is another method, also calling getFolderRootLine().

checkFolderRootLineAccess(Folder $folder, $userFeGroups)

Here it could be wrong too because it also makes a break at the first match. Not checked it till now!
In case it's also wrong it would surely be better to remove the array_reverse() at the return statement of getFolderRootLine()?

This issue should also solve issue #161