diff options
Diffstat (limited to 'Zotlabs/Storage')
-rw-r--r-- | Zotlabs/Storage/BasicAuth.php | 11 | ||||
-rw-r--r-- | Zotlabs/Storage/Directory.php | 28 | ||||
-rw-r--r-- | Zotlabs/Storage/File.php | 16 |
3 files changed, 42 insertions, 13 deletions
diff --git a/Zotlabs/Storage/BasicAuth.php b/Zotlabs/Storage/BasicAuth.php index a5c01fbb7..3a48f5004 100644 --- a/Zotlabs/Storage/BasicAuth.php +++ b/Zotlabs/Storage/BasicAuth.php @@ -2,6 +2,7 @@ namespace Zotlabs\Storage; +use App; use Sabre\DAV; use Sabre\HTTP\RequestInterface; use Sabre\HTTP\ResponseInterface; @@ -128,6 +129,16 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { $this->channel_name = $r['channel_address']; $this->channel_id = $r['channel_id']; $this->channel_hash = $this->observer = $r['channel_hash']; + + if ($this->observer) { + $r = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($this->observer) + ); + if ($r) { + App::set_observer(array_shift($r)); + } + } + $_SESSION['uid'] = $r['channel_id']; $_SESSION['account_id'] = $r['channel_account_id']; $_SESSION['authenticated'] = true; diff --git a/Zotlabs/Storage/Directory.php b/Zotlabs/Storage/Directory.php index ae36fc1c0..1231dfa25 100644 --- a/Zotlabs/Storage/Directory.php +++ b/Zotlabs/Storage/Directory.php @@ -3,6 +3,7 @@ namespace Zotlabs\Storage; use Sabre\DAV; +use Zotlabs\Lib\Libsync; /** * @brief RedDirectory class. @@ -179,7 +180,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo if ($ch) { $sync = attach_export_data($ch, $this->folder_hash); if ($sync) - build_sync_packet($ch['channel_id'], array('file' => array($sync))); + Libsync::build_sync_packet($ch['channel_id'], array('file' => array($sync))); } $this->red_path = $new_path; @@ -280,8 +281,19 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo $xpath = attach_syspaths($this->auth->owner_id, $hash); - // returns the number of bytes that were written to the file, or FALSE on failure - $size = file_put_contents($f, $data); + + if (is_resource($data)) { + $fp = fopen($f,'wb'); + if ($fp) { + pipe_streams($data,$fp); + fclose($fp); + } + $size = filesize($f); + } + else { + $size = file_put_contents($f, $data); + } + // delete attach entry if file_put_contents() failed if ($size === false) { logger('file_put_contents() failed to ' . $f); @@ -314,7 +326,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo $d = q("UPDATE attach SET filesize = '%s', os_path = '%s', display_path = '%s', is_photo = %d, edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc($size), dbesc($xpath['os_path']), - dbesc($xpath['display_path']), + dbesc($xpath['path']), intval($is_photo), dbesc($edited), dbesc($hash), @@ -363,12 +375,12 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo $p = photo_upload($c[0], \App::get_observer(), $args); } - \Zotlabs\Daemon\Master::Summon([ 'Thumbnail' , $this->folder_hash ]); + \Zotlabs\Daemon\Master::Summon([ 'Thumbnail' , $hash ]); $sync = attach_export_data($c[0], $hash); if ($sync) - build_sync_packet($c[0]['channel_id'], array('file' => array($sync))); + Libsync::build_sync_packet($c[0]['channel_id'], array('file' => array($sync))); } /** @@ -401,7 +413,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo logger('createDirectory: attach_export_data returns $sync:' . print_r($sync, true), LOGGER_DEBUG); if($sync) { - build_sync_packet($r[0]['channel_id'], array('file' => array($sync))); + Libsync::build_sync_packet($r[0]['channel_id'], array('file' => array($sync))); } } else { @@ -432,7 +444,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo if ($ch) { $sync = attach_export_data($ch, $this->folder_hash, true); if ($sync) - build_sync_packet($ch['channel_id'], array('file' => array($sync))); + Libsync::build_sync_packet($ch['channel_id'], array('file' => array($sync))); } } diff --git a/Zotlabs/Storage/File.php b/Zotlabs/Storage/File.php index 4610aceb7..76295d922 100644 --- a/Zotlabs/Storage/File.php +++ b/Zotlabs/Storage/File.php @@ -3,6 +3,7 @@ namespace Zotlabs\Storage; use Sabre\DAV; +use Zotlabs\Lib\Libsync; /** * @brief This class represents a file in DAV. @@ -26,7 +27,7 @@ class File extends DAV\Node implements DAV\IFile { * * filename (string) * * filetype (string) */ - private $data; + public $data; /** * @see \\Sabre\\DAV\\Auth\\Backend\\BackendInterface * @var \\Zotlabs\\Storage\\BasicAuth $auth @@ -106,7 +107,7 @@ class File extends DAV\Node implements DAV\IFile { if($ch) { $sync = attach_export_data($ch,$this->data['hash']); if($sync) - build_sync_packet($ch['channel_id'],array('file' => array($sync))); + Libsync::build_sync_packet($ch['channel_id'],array('file' => array($sync))); } } @@ -120,6 +121,11 @@ class File extends DAV\Node implements DAV\IFile { logger('put file: ' . basename($this->name), LOGGER_DEBUG); $size = 0; + if ((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) { + logger('permission denied for put operation'); + throw new DAV\Exception\Forbidden('Permission denied.'); + } + // @todo only 3 values are needed $c = q("SELECT * FROM channel WHERE channel_id = %d AND channel_removed = 0 LIMIT 1", intval($this->auth->owner_id) @@ -169,7 +175,7 @@ class File extends DAV\Node implements DAV\IFile { } $gis = @getimagesize($f); logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA); - if(($gis) && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) { + if(($gis) && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG || $gis[2] === IMAGETYPE_WEBP)) { $is_photo = 1; } @@ -254,7 +260,7 @@ class File extends DAV\Node implements DAV\IFile { $sync = attach_export_data($c[0],$this->data['hash']); if($sync) - build_sync_packet($c[0]['channel_id'],array('file' => array($sync))); + Libsync::build_sync_packet($c[0]['channel_id'],array('file' => array($sync))); } @@ -378,7 +384,7 @@ class File extends DAV\Node implements DAV\IFile { if($ch) { $sync = attach_export_data($ch, $this->data['hash'], true); if($sync) - build_sync_packet($ch['channel_id'], array('file' => array($sync))); + Libsync::build_sync_packet($ch['channel_id'], array('file' => array($sync))); } } } |