ClientFile: move client_allow_file() into the Client class

src/client/Client.hxx

@@ -36,6 +36,7 @@
 
 struct sockaddr;
 class EventLoop;
+class Path;
 struct Partition;
 
 class Client final : private FullyBufferedSocket, TimeoutMonitor {
@@ -156,6 +157,18 @@ public:
 	void UnsubscribeAll();
 	bool PushMessage(const ClientMessage &msg);
 
+	/**
+	 * Is this client allowed to use the specified local file?
+	 *
+	 * Note that this function is vulnerable to timing/symlink attacks.
+	 * We cannot fix this as long as there are plugins that open a file by
+	 * its name, and not by file descriptor / callbacks.
+	 *
+	 * @param path_fs the absolute path name in filesystem encoding
+	 * @return true if access is allowed
+	 */
+	bool AllowFile(Path path_fs, Error &error) const;
+
 private:
 	/* virtual methods from class BufferedSocket */
 	virtual InputResult OnSocketInput(void *data, size_t length) override;