diff options
author | Haakon Meland Eriksen <haakon.eriksen@far.no> | 2015-12-14 18:55:43 +0100 |
---|---|---|
committer | Haakon Meland Eriksen <haakon.eriksen@far.no> | 2015-12-14 18:55:43 +0100 |
commit | 3b1ab5e79cbbf2a8f65cb4dc388e2257a3e857af (patch) | |
tree | 84b87fb47a27035afd2a354d11c36e8259f4c18e /mod/cloud.php | |
parent | 565126a888d70dce853a2351b698bbc0695f0ba9 (diff) | |
parent | dcf7946673fd57325fc848df8f8cea7a84cc35b6 (diff) | |
download | volse-hubzilla-3b1ab5e79cbbf2a8f65cb4dc388e2257a3e857af.tar.gz volse-hubzilla-3b1ab5e79cbbf2a8f65cb4dc388e2257a3e857af.tar.bz2 volse-hubzilla-3b1ab5e79cbbf2a8f65cb4dc388e2257a3e857af.zip |
Merge remote-tracking branch 'upstream/master'
Diffstat (limited to 'mod/cloud.php')
-rw-r--r-- | mod/cloud.php | 42 |
1 files changed, 12 insertions, 30 deletions
diff --git a/mod/cloud.php b/mod/cloud.php index efb33f935..67fc199bf 100644 --- a/mod/cloud.php +++ b/mod/cloud.php @@ -73,36 +73,18 @@ function cloud_init(&$a) { $server->addPlugin($lockPlugin); -/* This next bit should no longer be needed... */ - - // The next section of code allows us to bypass prompting for http-auth if a - // FILE is being accessed anonymously and permissions allow this. This way - // one can create hotlinks to public media files in their cloud and anonymous - // viewers won't get asked to login. - // If a DIRECTORY is accessed or there are permission issues accessing the - // file and we aren't previously authenticated via zot, prompt for HTTP-auth. - // This will be the default case for mounting a DAV directory. - // In order to avoid prompting for passwords for viewing a DIRECTORY, add - // the URL query parameter 'davguest=1'. - -// $isapublic_file = false; -// $davguest = ((x($_SESSION, 'davguest')) ? true : false); - -// if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) { -// try { -// $x = RedFileData('/' . $a->cmd, $auth); -// if($x instanceof RedDAV\RedFile) -// $isapublic_file = true; -// } -// catch (Exception $e) { -// $isapublic_file = false; -// } -// } - -// if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) { -// logger('mod_cloud: auth exception'); -// http_status_exit(401, 'Permission denied.'); -// } + $is_readable = false; + + if($_SERVER['REQUEST_METHOD'] === 'GET') { + try { + $x = RedFileData('/' . $a->cmd, $auth); + } + catch(\Exception $e) { + if($e instanceof Sabre\DAV\Exception\Forbidden) { + http_status_exit(401, 'Permission denied.'); + } + } + } require_once('include/RedDAV/RedBrowser.php'); // provide a directory view for the cloud in Hubzilla |