diff options
| author | Andrew Manning <tamanning@zoho.com> | 2016-04-20 21:05:01 -0400 |
|---|---|---|
| committer | Andrew Manning <tamanning@zoho.com> | 2016-04-20 21:05:01 -0400 |
| commit | b96eb1c8230ae2f5986d6f22934c606bbca9728e (patch) | |
| tree | fecd2279927b61da28801094dc7d6b1cfa8d98fe /Zotlabs/Module/Dav.php | |
| parent | 7594796ee11c0b245d02d145868a13ac3d84ebfc (diff) | |
| parent | 635580091a227529cb491e6441a5acbfff3177be (diff) | |
| download | volse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.tar.gz volse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.tar.bz2 volse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.zip | |
Merge branch 'dev' into toggle-context-help
Diffstat (limited to 'Zotlabs/Module/Dav.php')
| -rw-r--r-- | Zotlabs/Module/Dav.php | 150 |
1 files changed, 150 insertions, 0 deletions
diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php new file mode 100644 index 000000000..42eb3d0c1 --- /dev/null +++ b/Zotlabs/Module/Dav.php @@ -0,0 +1,150 @@ +<?php + +namespace Zotlabs\Module; +/** + * @file mod/dav.php + * @brief Initialize Hubzilla's cloud (SabreDAV). + * + * Module for accessing the DAV storage area from a DAV client. + */ + +use \Sabre\DAV as SDAV; +use \Zotlabs\Storage; + +// composer autoloader for SabreDAV +require_once('vendor/autoload.php'); + + +/** + * @brief Fires up the SabreDAV server. + * + * @param App &$a + */ + +class Dav extends \Zotlabs\Web\Controller { + + function init() { + + // workaround for HTTP-auth in CGI mode + if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { + $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + if (x($_SERVER, 'HTTP_AUTHORIZATION')) { + $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + require_once('include/reddav.php'); + + if (! is_dir('store')) + os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); + + $which = null; + if (argc() > 1) + $which = argv(1); + + $profile = 0; + + \App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n"; + + if ($which) + profile_load($a, $which, $profile); + + $auth = new \Zotlabs\Storage\BasicAuth(); + + $ob_hash = get_observer_hash(); + + if ($ob_hash) { + if (local_channel()) { + $channel = \App::get_channel(); + $auth->setCurrentUser($channel['channel_address']); + $auth->channel_id = $channel['channel_id']; + $auth->channel_hash = $channel['channel_hash']; + $auth->channel_account_id = $channel['channel_account_id']; + if($channel['channel_timezone']) + $auth->setTimezone($channel['channel_timezone']); + } + $auth->observer = $ob_hash; + } + + if ($_GET['davguest']) + $_SESSION['davguest'] = true; + + $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); + $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); + $_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']); + + $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); + $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); + $_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']); + + $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth); + + // A SabreDAV server-object + $server = new \SDAV\Server($rootDirectory); + // prevent overwriting changes each other with a lock backend + $lockBackend = new \SDAV\Locks\Backend\File('store/[data]/locks'); + $lockPlugin = new \SDAV\Locks\Plugin($lockBackend); + + $server->addPlugin($lockPlugin); + + // The next section of code allows us to bypass prompting for http-auth if a + // FILE is being accessed anonymously and permissions allow this. This way + // one can create hotlinks to public media files in their cloud and anonymous + // viewers won't get asked to login. + // If a DIRECTORY is accessed or there are permission issues accessing the + // file and we aren't previously authenticated via zot, prompt for HTTP-auth. + // This will be the default case for mounting a DAV directory. + // In order to avoid prompting for passwords for viewing a DIRECTORY, add + // the URL query parameter 'davguest=1'. + + $isapublic_file = false; + $davguest = ((x($_SESSION, 'davguest')) ? true : false); + + if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) { + try { + $x = RedFileData('/' . \App::$cmd, $auth); + if($x instanceof \Zotlabs\Storage\File) + $isapublic_file = true; + } + catch (Exception $e) { + $isapublic_file = false; + } + } + + if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) { + try { + $auth->Authenticate($server, t('$Projectname channel')); + } + catch (Exception $e) { + logger('mod_cloud: auth exception' . $e->getMessage()); + http_status_exit($e->getHTTPCode(), $e->getMessage()); + } + } + + // require_once('Zotlabs/Storage/Browser.php'); + // provide a directory view for the cloud in Hubzilla + $browser = new \Zotlabs\Storage\Browser($auth); + $auth->setBrowserPlugin($browser); + + // Experimental QuotaPlugin + // require_once('Zotlabs/Storage/QuotaPlugin.php'); + // $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth)); + + // All we need to do now, is to fire up the server + $server->exec(); + + killme(); + } + +} |