diff options
-rw-r--r-- | include/reddav.php | 89 | ||||
-rw-r--r-- | mod/cloud.php | 84 |
2 files changed, 95 insertions, 78 deletions
diff --git a/include/reddav.php b/include/reddav.php index fc4a53b17..34dbfa0fd 100644 --- a/include/reddav.php +++ b/include/reddav.php @@ -92,6 +92,8 @@ class RedDirectory extends DAV\Node implements DAV\ICollection { $this->folder_hash = ''; $this->getDir(); + if($this->auth->browser) + $this->auth->browser->set_writeable(); } @@ -657,3 +659,90 @@ dbg(0); } +class RedBasicAuth extends Sabre\DAV\Auth\Backend\AbstractBasic { + + public $channel_name = ''; + public $channel_id = 0; + public $channel_hash = ''; + public $observer = ''; + public $browser; + public $owner_id; + + protected function validateUserPass($username, $password) { + require_once('include/auth.php'); + $record = account_verify_password($email,$pass); + if($record && $record['account_default_channel']) { + $r = q("select * from channel where channel_account_id = %d and channel_id = %d limit 1", + intval($record['account_id']), + intval($record['account_default_channel']) + ); + if($r) { + $this->currentUser = $r[0]['channel_address']; + $this->channel_name = $r[0]['channel_address']; + $this->channel_id = $r[0]['channel_id']; + $this->channel_hash = $this->observer = $r[0]['channel_hash']; + return true; + } + } + $r = q("select * from channel where channel_address = '%s' limit 1", + dbesc($username) + ); + if($r) { + $x = q("select * from account where account_id = %d limit 1", + intval($r[0]['channel_account_id']) + ); + if($x) { + foreach($x as $record) { + if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED) + && (hash('whirlpool',$record['account_salt'] . $password) === $record['account_password'])) { + logger('(DAV) RedBasicAuth: password verified for ' . $username); + $this->currentUser = $r[0]['channel_address']; + $this->channel_name = $r[0]['channel_address']; + $this->channel_id = $r[0]['channel_id']; + $this->channel_hash = $this->observer = $r[0]['channel_hash']; + return true; + } + } + } + } + logger('(DAV) RedBasicAuth: password failed for ' . $username); + return false; + } + + function setCurrentUser($name) { + $this->currentUser = $name; + } + + function setBrowserPlugin($browser) { + $this->browser = $browser; + } + +} + + +class RedBrowser extends DAV\Browser\Plugin { + + private $auth; + + function __construct(&$auth) { + + $this->auth = $auth; + + + } + + function set_writeable() { + logger('RedBrowser: ' . print_r($this->auth,true)); + + if(! $this->auth->owner_id) + $this->enablePost = false; + + + if(! perm_is_allowed($this->auth->owner_id, get_observer_hash(), 'write_storage')) + $this->enablePost = false; + else + $this->enablePost = true; + + } + +}
\ No newline at end of file diff --git a/mod/cloud.php b/mod/cloud.php index 1b2b65d05..a72d0f108 100644 --- a/mod/cloud.php +++ b/mod/cloud.php @@ -1,23 +1,5 @@ <?php - // This module is currently !!!HIGHLY EXPERIMENTAL!!! - // You should think twice before running this on a production server - // as security mechanisms are not yet implemented and those that - // are implemented probably don't work. - - // DAV mounts will probably fail if you don't use SSL, because some platforms refuse to send - // basic auth over non-encrypted connections. - // One could use digest auth - but then one has to calculate the A1 digest and store it for - // all acounts. We aren't doing that. We have a stored password already. We don't need another - // one. The login unfortunately is the channel nickname (webbie) as we have no way of passing - // the destination channel to DAV. You should be able to login with your account credentials - // and be directed to your default channel. - - // This interface does not yet support Red stored files. Consider any content in your "store" - // directory to be throw-away until advised otherwise. - - - use Sabre\DAV; require_once('vendor/autoload.php'); @@ -44,69 +26,10 @@ -class RedBasicAuth extends Sabre\DAV\Auth\Backend\AbstractBasic { - - public $channel_name = ''; - public $channel_id = 0; - public $channel_hash = ''; - public $observer = ''; - - public $owner_id; - - protected function validateUserPass($username, $password) { - require_once('include/auth.php'); - $record = account_verify_password($email,$pass); - if($record && $record['account_default_channel']) { - $r = q("select * from channel where channel_account_id = %d and channel_id = %d limit 1", - intval($record['account_id']), - intval($record['account_default_channel']) - ); - if($r) { - $this->currentUser = $r[0]['channel_address']; - $this->channel_name = $r[0]['channel_address']; - $this->channel_id = $r[0]['channel_id']; - $this->channel_hash = $this->observer = $r[0]['channel_hash']; - return true; - } - } - $r = q("select * from channel where channel_address = '%s' limit 1", - dbesc($username) - ); - if($r) { - $x = q("select * from account where account_id = %d limit 1", - intval($r[0]['channel_account_id']) - ); - if($x) { - foreach($x as $record) { - if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED) - && (hash('whirlpool',$record['account_salt'] . $password) === $record['account_password'])) { - logger('(DAV) RedBasicAuth: password verified for ' . $username); - $this->currentUser = $r[0]['channel_address']; - $this->channel_name = $r[0]['channel_address']; - $this->channel_id = $r[0]['channel_id']; - $this->channel_hash = $this->observer = $r[0]['channel_hash']; - return true; - } - } - } - } - logger('(DAV) RedBasicAuth: password failed for ' . $username); - return false; - } - - function setCurrentUser($name) { - $this->currentUser = $name; - } - - -} function cloud_init(&$a) { - if(! get_config('system','enable_cloud')) - killme(); - require_once('include/reddav.php'); $auth = new RedBasicAuth(); @@ -136,7 +59,12 @@ function cloud_init(&$a) { if(! $auth->observer) $auth->Authenticate($server,'Red Matrix'); - $browser = new DAV\Browser\Plugin(); +// $browser = new DAV\Browser\Plugin(); + + $browser = new RedBrowser($auth); + + $auth->setBrowserPlugin($browser); + $server->addPlugin($browser); |