diff options
-rw-r--r-- | include/attach.php | 15 | ||||
-rw-r--r-- | include/reddav.php | 109 | ||||
-rw-r--r-- | mod/cloud.php | 2 |
3 files changed, 115 insertions, 11 deletions
diff --git a/include/attach.php b/include/attach.php index 3eb7a9366..cd211f2a2 100644 --- a/include/attach.php +++ b/include/attach.php @@ -526,11 +526,14 @@ function attach_mkdir($channel,$observer_hash,$arr = null) { $sql_options = ''; $basepath = 'store/' . $channel['channel_address']; + + logger('attach_mkdir: basepath: ' . $basepath); + if(! is_dir($basepath)) - @mkdir($basepath,STORAGE_DEFAULT_PERMISSIONS,true); + mkdir($basepath,STORAGE_DEFAULT_PERMISSIONS,true); - if(! perm_is_allowed($channel_id, get_observer_hash(),'write_storage')) { + if(! perm_is_allowed($channel_id, $observer_hash,'write_storage')) { $ret['message'] = t('Permission denied.'); return $ret; } @@ -607,10 +610,10 @@ function attach_mkdir($channel,$observer_hash,$arr = null) { dbesc(''), dbesc($created), dbesc($created), - dbesc(($arr && array_key_exists('allow_cid',$arr)) ? $arr['allow_cid'] : ''), - dbesc(($arr && array_key_exists('allow_gid',$arr)) ? $arr['allow_gid'] : ''), - dbesc(($arr && array_key_exists('deny_cid',$arr)) ? $arr['deny_cid'] : ''), - dbesc(($arr && array_key_exists('deny_gid',$arr)) ? $arr['deny_gid'] : '') + dbesc(($arr && array_key_exists('allow_cid',$arr)) ? $arr['allow_cid'] : $channel['channel_allow_cid']), + dbesc(($arr && array_key_exists('allow_gid',$arr)) ? $arr['allow_gid'] : $channel['channel_allow_gid']), + dbesc(($arr && array_key_exists('deny_cid',$arr)) ? $arr['deny_cid'] : $channel['channel_deny_cid']), + dbesc(($arr && array_key_exists('deny_gid',$arr)) ? $arr['deny_gid'] : $channel['channel_deny_gid']) ); if($r) { diff --git a/include/reddav.php b/include/reddav.php index 79c68a000..beec0ac21 100644 --- a/include/reddav.php +++ b/include/reddav.php @@ -75,12 +75,12 @@ class RedInode implements DAV\INode { class RedDirectory extends DAV\Node implements DAV\ICollection { private $red_path; + private $folder_hash; private $ext_path; private $root_dir = ''; private $auth; - function __construct($ext_path,&$auth_plugin) { logger('RedDirectory::__construct() ' . $ext_path); $this->ext_path = $ext_path; @@ -89,7 +89,9 @@ class RedDirectory extends DAV\Node implements DAV\ICollection { $this->red_path = '/'; $this->auth = $auth_plugin; logger('Red_Directory: ' . print_r($this,true)); + $this->folder_hash = ''; + $this->getDir(); } @@ -202,12 +204,24 @@ dbg(0); function createDirectory($name) { - if(! perm_is_allowed($this->auth->channel_id,$this->auth->observer,'write_storage')) { + + logger('RedDirectory::createDirectory: ' . $name); + + if((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id,$this->auth->observer,'write_storage'))) { throw new DAV\Exception\Forbidden('Permission denied.'); return; } + $r = q("select * from channel where channel_id = %d limit 1", + dbesc($this->auth->owner_id) + ); + + if($r) { + $result = attach_mkdir($r[0],$this->auth->observer,array('filename' => $name,'folder' => $this->folder_hash)); + logger('RedDirectory::createDirectory: ' . print_r($result,true)); + + } @@ -235,6 +249,64 @@ dbg(0); } + function getDir() { + + logger('getDir: ' . $this->ext_path); + + $x = strpos($this->ext_path,'/cloud'); + if($x === false) + return; + if($x === 0) { + $file = substr($file,6); + } + + if((! $file) || ($file === '/')) { + return; + } + + $file = trim($file,'/'); + $path_arr = explode('/', $file); + + if(! $path_arr) + return; + + $channel_name = $path_arr[0]; + + $r = q("select channel_id from channel where channel_address = '%s' limit 1", + dbesc($channel_name) + ); + + if(! $r) + return; + + $channel_id = $r[0]['channel_id']; + $this->auth->owner_id = $channel_id; + + $path = '/' . $channel_name; + + $folder = ''; + + for($x = 1; $x < count($path_arr); $x ++) { +dbg(1); + $r = q("select id, hash, filename, flags from attach where folder = '%s' and (flags & %d)", + dbesc($folder), + intval($channel_id), + intval(ATTACH_FLAG_DIR) + ); +dbg(0); + if($r && ( $r[0]['flags'] & ATTACH_FLAG_DIR)) { + $folder = $r[0]['hash']; + $path = $path . '/' . $r[0]['filename']; + } + } + $this->folder_hash = $folder; + return; + } + + + + + } @@ -390,6 +462,7 @@ logger('dbg1: ' . print_r($r,true)); return null; $channel_id = $r[0]['channel_id']; + $auth->owner_id = $channel_id; $path = '/' . $channel_name; @@ -437,7 +510,7 @@ logger('dbg2: ' . print_r($r,true)); function RedFileData($file, &$auth,$test = false) { -logger('RedFileData:' . $file); +logger('RedFileData:' . $file . (($test) ? ' (test mode) ' : '')); $x = strpos($file,'/cloud'); @@ -479,6 +552,11 @@ logger('file=' . $file); $path = '/' . $channel_name; + $auth->owner_id = $channel_id; + + $permission_error = false; + + $folder = ''; //dbg(1); @@ -510,13 +588,27 @@ dbg(0); ); } - if(! $r) + if(! $r) { + $errors = true; + $r = q("select id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach + where folder = '%s' and filename = '%s' and uid = %d group by filename limit 1", + dbesc($folder), + basename($file), + intval($channel_id) + ); + if($r) + $permission_error = true; + + } + } logger('dbg1: ' . print_r($r,true)); if($path === '/' . $file) { + if($test) + return true; // final component was a directory. return new RedDirectory('/cloud/' . $file,$auth); } @@ -524,11 +616,18 @@ dbg(0); if($errors) { if($test) return false; - throw new DAV\Exception\Forbidden('Permission denied.'); + if($permission_error) { + logger('RedFileData: permission error'); + throw new DAV\Exception\Forbidden('Permission denied.'); + } + logger('RedFileData: not found'); return; } if($r) { + if($test) + return true; + if($r[0]['flags'] & ATTACH_FLAG_DIR) return new RedDirectory('/cloud' . $path . '/' . $r[0]['filename'],$auth); else diff --git a/mod/cloud.php b/mod/cloud.php index 024aa9ef3..1b2b65d05 100644 --- a/mod/cloud.php +++ b/mod/cloud.php @@ -51,6 +51,8 @@ class RedBasicAuth extends Sabre\DAV\Auth\Backend\AbstractBasic { public $channel_hash = ''; public $observer = ''; + public $owner_id; + protected function validateUserPass($username, $password) { require_once('include/auth.php'); $record = account_verify_password($email,$pass); |