aboutsummaryrefslogtreecommitdiffstats
path: root/vendor/sabre/dav/lib/DAVACL/FS
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/sabre/dav/lib/DAVACL/FS')
-rw-r--r--vendor/sabre/dav/lib/DAVACL/FS/Collection.php153
-rw-r--r--vendor/sabre/dav/lib/DAVACL/FS/File.php123
-rw-r--r--vendor/sabre/dav/lib/DAVACL/FS/HomeCollection.php188
3 files changed, 464 insertions, 0 deletions
diff --git a/vendor/sabre/dav/lib/DAVACL/FS/Collection.php b/vendor/sabre/dav/lib/DAVACL/FS/Collection.php
new file mode 100644
index 000000000..5fab4768c
--- /dev/null
+++ b/vendor/sabre/dav/lib/DAVACL/FS/Collection.php
@@ -0,0 +1,153 @@
+<?php
+
+namespace Sabre\DAVACL\FS;
+
+use Sabre\DAV\FSExt\Directory as BaseCollection;
+use Sabre\DAVACL\IACL;
+use Sabre\DAV\Exception\Forbidden;
+use Sabre\DAV\Exception\NotFound;
+
+/**
+ * This is an ACL-enabled collection.
+ *
+ * @copyright Copyright (C) fruux GmbH (https://fruux.com/)
+ * @author Evert Pot (http://evertpot.com/)
+ * @license http://sabre.io/license/ Modified BSD License
+ */
+class Collection extends BaseCollection implements IACL {
+
+ /**
+ * A list of ACL rules.
+ *
+ * @var array
+ */
+ protected $acl;
+
+ /**
+ * Owner uri, or null for no owner.
+ *
+ * @var string|null
+ */
+ protected $owner;
+
+ /**
+ * Constructor
+ *
+ * @param string $path on-disk path.
+ * @param array $acl ACL rules.
+ * @param string|null $owner principal owner string.
+ */
+ function __construct($path, array $acl, $owner = null) {
+
+ parent::__construct($path);
+ $this->acl = $acl;
+ $this->owner = $owner;
+
+ }
+
+ /**
+ * Returns a specific child node, referenced by its name
+ *
+ * This method must throw Sabre\DAV\Exception\NotFound if the node does not
+ * exist.
+ *
+ * @param string $name
+ * @throws DAV\Exception\NotFound
+ * @return DAV\INode
+ */
+ function getChild($name) {
+
+ $path = $this->path . '/' . $name;
+
+ if (!file_exists($path)) throw new NotFound('File could not be located');
+ if ($name == '.' || $name == '..') throw new Forbidden('Permission denied to . and ..');
+
+ if (is_dir($path)) {
+
+ return new self($path, $this->acl, $this->owner);
+
+ } else {
+
+ return new File($path, $this->acl, $this->owner);
+
+ }
+
+ }
+
+ /**
+ * Returns the owner principal
+ *
+ * This must be a url to a principal, or null if there's no owner
+ *
+ * @return string|null
+ */
+ function getOwner() {
+
+ return $this->owner;
+
+ }
+
+ /**
+ * Returns a group principal
+ *
+ * This must be a url to a principal, or null if there's no owner
+ *
+ * @return string|null
+ */
+ function getGroup() {
+
+ return null;
+
+ }
+
+ /**
+ * Returns a list of ACE's for this node.
+ *
+ * Each ACE has the following properties:
+ * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
+ * currently the only supported privileges
+ * * 'principal', a url to the principal who owns the node
+ * * 'protected' (optional), indicating that this ACE is not allowed to
+ * be updated.
+ *
+ * @return array
+ */
+ function getACL() {
+
+ return $this->acl;
+
+ }
+
+ /**
+ * Updates the ACL
+ *
+ * This method will receive a list of new ACE's as an array argument.
+ *
+ * @param array $acl
+ * @return void
+ */
+ function setACL(array $acl) {
+
+ throw new Forbidden('Setting ACL is not allowed here');
+
+ }
+
+ /**
+ * Returns the list of supported privileges for this node.
+ *
+ * The returned data structure is a list of nested privileges.
+ * See Sabre\DAVACL\Plugin::getDefaultSupportedPrivilegeSet for a simple
+ * standard structure.
+ *
+ * If null is returned from this method, the default privilege set is used,
+ * which is fine for most common usecases.
+ *
+ * @return array|null
+ */
+ function getSupportedPrivilegeSet() {
+
+ return null;
+
+ }
+
+}
diff --git a/vendor/sabre/dav/lib/DAVACL/FS/File.php b/vendor/sabre/dav/lib/DAVACL/FS/File.php
new file mode 100644
index 000000000..0d549528b
--- /dev/null
+++ b/vendor/sabre/dav/lib/DAVACL/FS/File.php
@@ -0,0 +1,123 @@
+<?php
+
+namespace Sabre\DAVACL\FS;
+
+use Sabre\DAV\FSExt\File as BaseFile;
+use Sabre\DAVACL\IACL;
+use Sabre\DAV\Exception\Forbidden;
+
+/**
+ * This is an ACL-enabled file node.
+ *
+ * @copyright Copyright (C) fruux GmbH (https://fruux.com/)
+ * @author Evert Pot (http://evertpot.com/)
+ * @license http://sabre.io/license/ Modified BSD License
+ */
+class File extends BaseFile implements IACL {
+
+ /**
+ * A list of ACL rules.
+ *
+ * @var array
+ */
+ protected $acl;
+
+ /**
+ * Owner uri, or null for no owner.
+ *
+ * @var string|null
+ */
+ protected $owner;
+
+ /**
+ * Constructor
+ *
+ * @param string $path on-disk path.
+ * @param array $acl ACL rules.
+ * @param string|null $owner principal owner string.
+ */
+ function __construct($path, array $acl, $owner = null) {
+
+ parent::__construct($path);
+ $this->acl = $acl;
+ $this->owner = $owner;
+
+ }
+
+ /**
+ * Returns the owner principal
+ *
+ * This must be a url to a principal, or null if there's no owner
+ *
+ * @return string|null
+ */
+ function getOwner() {
+
+ return $this->owner;
+
+ }
+
+ /**
+ * Returns a group principal
+ *
+ * This must be a url to a principal, or null if there's no owner
+ *
+ * @return string|null
+ */
+ function getGroup() {
+
+ return null;
+
+ }
+
+ /**
+ * Returns a list of ACE's for this node.
+ *
+ * Each ACE has the following properties:
+ * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
+ * currently the only supported privileges
+ * * 'principal', a url to the principal who owns the node
+ * * 'protected' (optional), indicating that this ACE is not allowed to
+ * be updated.
+ *
+ * @return array
+ */
+ function getACL() {
+
+ return $this->acl;
+
+ }
+
+ /**
+ * Updates the ACL
+ *
+ * This method will receive a list of new ACE's as an array argument.
+ *
+ * @param array $acl
+ * @return void
+ */
+ function setACL(array $acl) {
+
+ throw new Forbidden('Setting ACL is not allowed here');
+
+ }
+
+ /**
+ * Returns the list of supported privileges for this node.
+ *
+ * The returned data structure is a list of nested privileges.
+ * See Sabre\DAVACL\Plugin::getDefaultSupportedPrivilegeSet for a simple
+ * standard structure.
+ *
+ * If null is returned from this method, the default privilege set is used,
+ * which is fine for most common usecases.
+ *
+ * @return array|null
+ */
+ function getSupportedPrivilegeSet() {
+
+ return null;
+
+ }
+
+}
diff --git a/vendor/sabre/dav/lib/DAVACL/FS/HomeCollection.php b/vendor/sabre/dav/lib/DAVACL/FS/HomeCollection.php
new file mode 100644
index 000000000..c27616770
--- /dev/null
+++ b/vendor/sabre/dav/lib/DAVACL/FS/HomeCollection.php
@@ -0,0 +1,188 @@
+<?php
+
+namespace Sabre\DAVACL\FS;
+
+use Sabre\DAV\Exception\Forbidden;
+use Sabre\DAVACL\AbstractPrincipalCollection;
+use Sabre\DAVACL\IACL;
+use Sabre\DAVACL\PrincipalBackend\BackendInterface;
+use Sabre\Uri;
+
+/**
+ * This collection contains a collection for every principal.
+ * It is similar to /home on many unix systems.
+ *
+ * The per-user collections can only be accessed by the user who owns the
+ * collection.
+ *
+ * @copyright Copyright (C) fruux GmbH (https://fruux.com/)
+ * @author Evert Pot (http://evertpot.com/)
+ * @license http://sabre.io/license/ Modified BSD License
+ */
+class HomeCollection extends AbstractPrincipalCollection implements IACL {
+
+ /**
+ * Name of this collection.
+ *
+ * @var string
+ */
+ public $collectionName = 'home';
+
+ /**
+ * Path to where the users' files are actually stored.
+ *
+ * @var string
+ */
+ protected $storagePath;
+
+ /**
+ * Creates the home collection.
+ *
+ * @param BackendInterface $principalBackend
+ * @param string $storagePath Where the actual files are stored.
+ * @param string $principalPrefix list of principals to iterate.
+ */
+ function __construct(BackendInterface $principalBackend, $storagePath, $principalPrefix = 'principals') {
+
+ parent::__construct($principalBackend, $principalPrefix);
+ $this->storagePath = $storagePath;
+
+ }
+
+ /**
+ * Returns the name of the node.
+ *
+ * This is used to generate the url.
+ *
+ * @return string
+ */
+ function getName() {
+
+ return $this->collectionName;
+
+ }
+
+ /**
+ * Returns a principals' collection of files.
+ *
+ * The passed array contains principal information, and is guaranteed to
+ * at least contain a uri item. Other properties may or may not be
+ * supplied by the authentication backend.
+ *
+ * @param array $principalInfo
+ * @return void
+ */
+ function getChildForPrincipal(array $principalInfo) {
+
+ $owner = $principalInfo['uri'];
+ $acl = [
+ [
+ 'privilege' => '{DAV:}read',
+ 'principal' => $owner,
+ 'protected' => true,
+ ],
+ [
+ 'privilege' => '{DAV:}write',
+ 'principal' => $owner,
+ 'protected' => true,
+ ],
+ ];
+
+ list(, $principalBaseName) = Uri\split($owner);
+
+ $path = $this->storagePath . '/' . $principalBaseName;
+
+ if (!is_dir($path)) {
+ mkdir($path, 0777, true);
+ }
+ return new Collection(
+ $path,
+ $acl,
+ $owner
+ );
+
+ }
+
+ /**
+ * Returns the owner principal
+ *
+ * This must be a url to a principal, or null if there's no owner
+ *
+ * @return string|null
+ */
+ function getOwner() {
+
+ return null;
+
+ }
+
+ /**
+ * Returns a group principal
+ *
+ * This must be a url to a principal, or null if there's no owner
+ *
+ * @return string|null
+ */
+ function getGroup() {
+
+ return null;
+
+ }
+
+ /**
+ * Returns a list of ACE's for this node.
+ *
+ * Each ACE has the following properties:
+ * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
+ * currently the only supported privileges
+ * * 'principal', a url to the principal who owns the node
+ * * 'protected' (optional), indicating that this ACE is not allowed to
+ * be updated.
+ *
+ * @return array
+ */
+ function getACL() {
+
+ return [
+ [
+ 'principal' => '{DAV:}authenticated',
+ 'privilege' => '{DAV:}read',
+ 'protected' => true,
+ ]
+ ];
+
+ }
+
+ /**
+ * Updates the ACL
+ *
+ * This method will receive a list of new ACE's as an array argument.
+ *
+ * @param array $acl
+ * @return void
+ */
+ function setACL(array $acl) {
+
+ throw new Forbidden('Setting ACL is not allowed here');
+
+ }
+
+ /**
+ * Returns the list of supported privileges for this node.
+ *
+ * The returned data structure is a list of nested privileges.
+ * See Sabre\DAVACL\Plugin::getDefaultSupportedPrivilegeSet for a simple
+ * standard structure.
+ *
+ * If null is returned from this method, the default privilege set is used,
+ * which is fine for most common usecases.
+ *
+ * @return array|null
+ */
+ function getSupportedPrivilegeSet() {
+
+ return null;
+
+ }
+
+}