aboutsummaryrefslogtreecommitdiffstats
path: root/mod/cloud.php
diff options
context:
space:
mode:
authorPaolo T <tuscanhobbit@users.noreply.github.com>2014-02-25 16:33:40 +0100
committerPaolo T <tuscanhobbit@users.noreply.github.com>2014-02-25 16:33:40 +0100
commit0a98f6b878ec89be7282621192d9daf80f125e6c (patch)
tree718a4771ce1fb86931531226898b0b5d00e4a337 /mod/cloud.php
parent34d30e4d7eb48bd801482531a0d775328bd43ab4 (diff)
parentb1021df485fb6129acda5bba616bac10aea75a45 (diff)
downloadvolse-hubzilla-0a98f6b878ec89be7282621192d9daf80f125e6c.tar.gz
volse-hubzilla-0a98f6b878ec89be7282621192d9daf80f125e6c.tar.bz2
volse-hubzilla-0a98f6b878ec89be7282621192d9daf80f125e6c.zip
Merge pull request #1 from friendica/master
Update this fork
Diffstat (limited to 'mod/cloud.php')
-rw-r--r--mod/cloud.php151
1 files changed, 89 insertions, 62 deletions
diff --git a/mod/cloud.php b/mod/cloud.php
index cdd926444..3606325bd 100644
--- a/mod/cloud.php
+++ b/mod/cloud.php
@@ -1,23 +1,5 @@
<?php
- // This module is currently !!!HIGHLY EXPERIMENTAL!!!
- // You should think twice before running this on a production server
- // as security mechanisms are not yet implemented and those that
- // are implemented probably don't work.
-
- // DAV mounts will probably fail if you don't use SSL, because some platforms refuse to send
- // basic auth over non-encrypted connections.
- // One could use digest auth - but then one has to calculate the A1 digest and store it for
- // all acounts. We aren't doing that. We have a stored password already. We don't need another
- // one. The login unfortunately is the channel nickname (webbie) as we have no way of passing
- // the destination channel to DAV. You should be able to login with your account credentials
- // and be directed to your default channel.
-
- // This interface does not yet support Red stored files. Consider any content in your "store"
- // directory to be throw-away until advised otherwise.
-
-
-
use Sabre\DAV;
require_once('vendor/autoload.php');
@@ -44,64 +26,109 @@
-class RedBasicAuth extends Sabre\DAV\Auth\Backend\AbstractBasic {
- protected function validateUserPass($username, $password) {
- require_once('include/auth.php');
- $record = account_verify_password($email,$pass);
- if($record && $record['account_default_channel']) {
- $r = q("select * from channel where channel_account_id = %d and channel_id = %d limit 1",
- intval($record['account_id']),
- intval($record['account_default_channel'])
- );
- if($r) {
- $this->currentUser = $r[0]['channel_address'];
- return true;
- }
- }
- $r = q("select channel_account_id from channel where channel_address = '%s' limit 1",
- dbesc($username)
- );
- if($r) {
- $x = q("select * from account where account_id = %d limit 1",
- intval($r[0]['channel_account_id'])
- );
- if($x) {
- foreach($x as $record) {
- if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)
- && (hash('whirlpool',$record['account_salt'] . $password) === $record['account_password'])) {
- logger('(DAV) RedBasicAuth: password verified for ' . $username);
- return true;
- }
- }
- }
- }
- logger('(DAV) RedBasicAuth: password failed for ' . $username);
- return false;
- }
-}
+function cloud_init(&$a) {
+
+ require_once('include/reddav.php');
+
+ if(! is_dir('store'))
+ mkdir('store',STORAGE_DEFAULT_PERMISSIONS,false);
+
+ $which = null;
+ if(argc() > 1)
+ $which = argv(1);
+
+ $profile = 0;
+ $channel = $a->get_channel();
+
+ $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which .'" />' . "\r\n" ;
+
+ if($which)
+ profile_load($a,$which,$profile);
+
+
+
+
+ $auth = new RedBasicAuth();
+
+ $ob_hash = get_observer_hash();
-function cloud_init() {
+ if($ob_hash) {
+ if(local_user()) {
+ $channel = $a->get_channel();
+ $auth->setCurrentUser($channel['channel_address']);
+ $auth->channel_name = $channel['channel_address'];
+ $auth->channel_id = $channel['channel_id'];
+ $auth->channel_hash = $channel['channel_hash'];
+ if($channel['channel_timezone'])
+ $auth->timezone = $channel['channel_timezone'];
+ }
+ $auth->observer = $ob_hash;
+ }
- if(! get_config('system','enable_cloud'))
- killme();
+ if($_GET['davguest'])
+ $_SESSION['davguest'] = true;
- $rootDirectory = new DAV\FS\Directory('store');
+
+
+ $_SERVER['QUERY_STRING'] = str_replace(array('?f=','&f='),array('',''),$_SERVER['QUERY_STRING']);
+ $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
+ $_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism','',$_SERVER['QUERY_STRING']);
+
+ $_SERVER['REQUEST_URI'] = str_replace(array('?f=','&f='),array('',''),$_SERVER['REQUEST_URI']);
+ $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
+ $_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism','',$_SERVER['REQUEST_URI']);
+
+ $rootDirectory = new RedDirectory('/',$auth);
$server = new DAV\Server($rootDirectory);
- $lockBackend = new DAV\Locks\Backend\File('store/data/locks');
+ $lockBackend = new DAV\Locks\Backend\File('store/[data]/locks');
$lockPlugin = new DAV\Locks\Plugin($lockBackend);
$server->addPlugin($lockPlugin);
- $auth = new RedBasicAuth();
+ // The next section of code allows us to bypass prompting for http-auth if a FILE is being accessed anonymously and permissions
+ // allow this. This way one can create hotlinks to public media files in their cloud and anonymous viewers won't get asked to login.
+ // If a DIRECTORY is accessed or there are permission issues accessing the file and we aren't previously authenticated via zot,
+ // prompt for HTTP-auth. This will be the default case for mounting a DAV directory.
+ // In order to avoid prompting for passwords for viewing a DIRECTORY, add the URL query parameter 'davguest=1'
- $auth->Authenticate($server,'Red Matrix');
+ $isapublic_file = false;
+ $davguest = ((x($_SESSION,'davguest')) ? true : false);
+
+ if((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) {
+ try {
+ $x = RedFileData('/' . $a->cmd,$auth);
+ if($x instanceof RedFile)
+ $isapublic_file = true;
+ }
+ catch ( Exception $e ) {
+ $isapublic_file = false;
+ }
+ }
+
+ if((! $auth->observer) && (! $isapublic_file) && (! $davguest)) {
+ try {
+ $auth->Authenticate($server, t('Red Matrix - Guests: Username: {your email address}, Password: +++'));
+ }
+ catch ( Exception $e) {
+ logger('mod_cloud: auth exception' . $e->getMessage());
+ http_status_exit($e->getHTTPCode(),$e->getMessage());
+ }
+ }
+
+// $browser = new DAV\Browser\Plugin();
+
+ $browser = new RedBrowser($auth);
+
+ $auth->setBrowserPlugin($browser);
+
+
+ $server->addPlugin($browser);
// All we need to do now, is to fire up the server
$server->exec();
- exit;
-
+ killme();
} \ No newline at end of file