aboutsummaryrefslogblamecommitdiffstats
path: root/mod/cloud.php
blob: 7f6dc09620fb8a10b16b00207e95c4c794b5cfb4 (plain) (tree)
1
2
3
4
5
6
7
8
9
     
                      
                                                 
  
                                             
   
 
              
                     
 
                                    
 



                                       
 
                          
                                           
                              
                                                                      
 
                      
                       

                                 
 
                                                                                                                                                     
 
                   
                                                   
 
                                          
 
                                       
                       
                                      
                                                                           
                                                                       
                                                                                   
                                                        
                                                                                 
                 
                                           
         
 
                              
                                             
                                                                                                             
                                                                        
                                                                                                                   
 
                                                                                                           
                                                                      
                                                                                                                 
 
                                                             
                                   
                                                 
                                                                     
                                                                        


                                                         







                                                                                     
                                
                                                                
 
                                                                            
                      
                                                               
                                                        
                                                       
                                      

                                                
 
                                                                          
                                                            
         
 
                                                      
                                                             
                                                
                                          
                                     


                                                          

                                                          
                 
 
<?php
/**
 * @file mod/cloud.php
 * @brief Initialize Hubzilla's cloud (SabreDAV).
 *
 * Module for accessing the DAV storage area.
 */

use Sabre\DAV;
use RedMatrix\RedDAV;

// composer autoloader for SabreDAV
require_once('vendor/autoload.php');

/**
 * @brief Fires up the SabreDAV server.
 *
 * @param App &$a
 */

function cloud_init(&$a) {
	require_once('include/reddav.php');

	if (! is_dir('store'))
		os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);

	$which = null;
	if (argc() > 1)
		$which = argv(1);

	$profile = 0;

	$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which . '" />' . "\r\n";

	if ($which)
		profile_load($a, $which, $profile);

	$auth = new RedDAV\RedBasicAuth();

	$ob_hash = get_observer_hash();

	if ($ob_hash) {
		if (local_channel()) {
			$channel = $a->get_channel();
			$auth->setCurrentUser($channel['channel_address']);
			$auth->channel_id = $channel['channel_id'];
			$auth->channel_hash = $channel['channel_hash'];
			$auth->channel_account_id = $channel['channel_account_id'];
			if($channel['channel_timezone'])
				$auth->setTimezone($channel['channel_timezone']);
		}
		$auth->observer = $ob_hash;
	}

	if ($_GET['davguest'])
		$_SESSION['davguest'] = true;

	$_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
	$_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
	$_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']);

	$_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
	$_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
	$_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']);

	$rootDirectory = new RedDAV\RedDirectory('/', $auth);

	// A SabreDAV server-object
	$server = new DAV\Server($rootDirectory);
	// prevent overwriting changes each other with a lock backend
	$lockBackend = new DAV\Locks\Backend\File('store/[data]/locks');
	$lockPlugin = new DAV\Locks\Plugin($lockBackend);

	$server->addPlugin($lockPlugin);

	// The next section of code allows us to bypass prompting for http-auth if a
	// FILE is being accessed anonymously and permissions allow this. This way
	// one can create hotlinks to public media files in their cloud and anonymous
	// viewers won't get asked to login.
	// If a DIRECTORY is accessed or there are permission issues accessing the
	// file and we aren't previously authenticated via zot, prompt for HTTP-auth.
	// This will be the default case for mounting a DAV directory. 
	// In order to avoid prompting for passwords for viewing a DIRECTORY, add
	// the URL query parameter 'davguest=1'.

	$isapublic_file = false;
	$davguest = ((x($_SESSION, 'davguest')) ? true : false);

	if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) {
		try { 
			$x = RedFileData('/' . $a->cmd, $auth);
			if($x instanceof RedDAV\RedFile)
				$isapublic_file = true;
		}
		catch (Exception $e) {
			$isapublic_file = false;
		}
	}

	if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) {
		logger('mod_cloud: auth exception');
		http_status_exit(401, 'Permission denied.');
	}

	require_once('include/RedDAV/RedBrowser.php');
	// provide a directory view for the cloud in Hubzilla
	$browser = new RedDAV\RedBrowser($auth);
	$auth->setBrowserPlugin($browser);

	$server->addPlugin($browser);

	// Experimental QuotaPlugin
//	require_once('include/RedDAV/QuotaPlugin.php');
//	$server->addPlugin(new RedDAV\QuotaPlugin($auth));

	// All we need to do now, is to fire up the server
	$server->exec();

	killme();
}