diff options
author | Haakon Meland Eriksen <haakon.eriksen@far.no> | 2014-06-24 19:34:36 +0200 |
---|---|---|
committer | Haakon Meland Eriksen <haakon.eriksen@far.no> | 2014-06-24 19:34:36 +0200 |
commit | b8dc9e855af2d30f33d0f90dc13d8cad0a7b3e70 (patch) | |
tree | 718df6305bcb82c8dcb4b287a7132422e748cdfb /mod/cloud.php | |
parent | c2d520f1be115fb3cb5da2a35eb10146cecee8aa (diff) | |
parent | a92fb0b04c3e6474ec48faf8e4cc65c382e89d66 (diff) | |
download | volse-hubzilla-b8dc9e855af2d30f33d0f90dc13d8cad0a7b3e70.tar.gz volse-hubzilla-b8dc9e855af2d30f33d0f90dc13d8cad0a7b3e70.tar.bz2 volse-hubzilla-b8dc9e855af2d30f33d0f90dc13d8cad0a7b3e70.zip |
Merge remote-tracking branch 'upstream/master'
Diffstat (limited to 'mod/cloud.php')
-rw-r--r-- | mod/cloud.php | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/mod/cloud.php b/mod/cloud.php new file mode 100644 index 000000000..3606325bd --- /dev/null +++ b/mod/cloud.php @@ -0,0 +1,134 @@ +<?php + + use Sabre\DAV; + + require_once('vendor/autoload.php'); + + + // workaround for HTTP-auth in CGI mode + if(x($_SERVER,'REDIRECT_REMOTE_USER')) { + $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + if(x($_SERVER,'HTTP_AUTHORIZATION')) { + $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"],6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + + + + +function cloud_init(&$a) { + + require_once('include/reddav.php'); + + if(! is_dir('store')) + mkdir('store',STORAGE_DEFAULT_PERMISSIONS,false); + + $which = null; + if(argc() > 1) + $which = argv(1); + + $profile = 0; + $channel = $a->get_channel(); + + $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which .'" />' . "\r\n" ; + + if($which) + profile_load($a,$which,$profile); + + + + + $auth = new RedBasicAuth(); + + $ob_hash = get_observer_hash(); + + if($ob_hash) { + if(local_user()) { + $channel = $a->get_channel(); + $auth->setCurrentUser($channel['channel_address']); + $auth->channel_name = $channel['channel_address']; + $auth->channel_id = $channel['channel_id']; + $auth->channel_hash = $channel['channel_hash']; + if($channel['channel_timezone']) + $auth->timezone = $channel['channel_timezone']; + } + $auth->observer = $ob_hash; + } + + if($_GET['davguest']) + $_SESSION['davguest'] = true; + + + + $_SERVER['QUERY_STRING'] = str_replace(array('?f=','&f='),array('',''),$_SERVER['QUERY_STRING']); + $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); + $_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism','',$_SERVER['QUERY_STRING']); + + $_SERVER['REQUEST_URI'] = str_replace(array('?f=','&f='),array('',''),$_SERVER['REQUEST_URI']); + $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); + $_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism','',$_SERVER['REQUEST_URI']); + + $rootDirectory = new RedDirectory('/',$auth); + $server = new DAV\Server($rootDirectory); + $lockBackend = new DAV\Locks\Backend\File('store/[data]/locks'); + $lockPlugin = new DAV\Locks\Plugin($lockBackend); + + $server->addPlugin($lockPlugin); + + // The next section of code allows us to bypass prompting for http-auth if a FILE is being accessed anonymously and permissions + // allow this. This way one can create hotlinks to public media files in their cloud and anonymous viewers won't get asked to login. + // If a DIRECTORY is accessed or there are permission issues accessing the file and we aren't previously authenticated via zot, + // prompt for HTTP-auth. This will be the default case for mounting a DAV directory. + // In order to avoid prompting for passwords for viewing a DIRECTORY, add the URL query parameter 'davguest=1' + + $isapublic_file = false; + $davguest = ((x($_SESSION,'davguest')) ? true : false); + + if((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) { + try { + $x = RedFileData('/' . $a->cmd,$auth); + if($x instanceof RedFile) + $isapublic_file = true; + } + catch ( Exception $e ) { + $isapublic_file = false; + } + } + + if((! $auth->observer) && (! $isapublic_file) && (! $davguest)) { + try { + $auth->Authenticate($server, t('Red Matrix - Guests: Username: {your email address}, Password: +++')); + } + catch ( Exception $e) { + logger('mod_cloud: auth exception' . $e->getMessage()); + http_status_exit($e->getHTTPCode(),$e->getMessage()); + } + } + +// $browser = new DAV\Browser\Plugin(); + + $browser = new RedBrowser($auth); + + $auth->setBrowserPlugin($browser); + + + $server->addPlugin($browser); + + + // All we need to do now, is to fire up the server + $server->exec(); + + killme(); +}
\ No newline at end of file |