From 736045c67da248745925d047eef235da38b18f62 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Tue, 9 Mar 2021 21:37:14 +0100
Subject: [PATCH] Code changes for #10020: Added ability to set chmod (default:
 0640) for "proxified" files (downloaded to /proxy/ directory). This allows
 customization, e.g. if people want 0600 instead without changing the code.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Roland Häder <roland@mxchange.org>
---
 src/Module/Proxy.php       | 8 ++++++--
 static/defaults.config.php | 4 ++++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/Module/Proxy.php b/src/Module/Proxy.php
index f20b13bcef..c7f7673b8a 100644
--- a/src/Module/Proxy.php
+++ b/src/Module/Proxy.php
@@ -131,7 +131,9 @@ class Proxy extends BaseModule
 		// Store original image
 		if ($direct_cache) {
 			// direct cache , store under ./proxy/
-			file_put_contents($basepath . '/proxy/' . ProxyUtils::proxifyUrl($request['url'], true), $image->asString());
+			$filename = $basepath . '/proxy/' . ProxyUtils::proxifyUrl($request['url'], true)
+			file_put_contents($filename, $image->asString());
+			chmod($filename, DI::config()->get('system', 'proxy_file_chmod', 0640));
 		} elseif($cachefile !== '') {
 			// cache file
 			file_put_contents($cachefile, $image->asString());
@@ -149,7 +151,9 @@ class Proxy extends BaseModule
 
 		// Store scaled image
 		if ($direct_cache && $request['sizetype'] != '') {
-			file_put_contents($basepath . '/proxy/' . ProxyUtils::proxifyUrl($request['url'], true) . $request['sizetype'], $image->asString());
+			$filename = $basepath . '/proxy/' . ProxyUtils::proxifyUrl($request['url'], true) . $request['sizetype'];
+			file_put_contents($filename, $image->asString());
+			chmod($filename, DI::config()->get('system', 'proxy_file_chmod', 0640));
 		}
 
 		self::responseImageHttpCache($image);
diff --git a/static/defaults.config.php b/static/defaults.config.php
index 7578e3c550..b075db36a0 100644
--- a/static/defaults.config.php
+++ b/static/defaults.config.php
@@ -570,6 +570,10 @@ return [
 		// xrd_timeout (Integer)
 		// Timeout in seconds for fetching the XRD links.
 		'xrd_timeout' => 20,
+
+		// proxy_file_chmod (Integer)
+		// Access rights for downloaded files in /proxy/ directory
+		'proxy_file_chmod' => 0640,
 	],
 	'experimental' => [
 		// exp_themes (Boolean)