From ccfd028919ee06611ebe0525a0a701830bd77516 Mon Sep 17 00:00:00 2001
From: redmatrix <git@macgirvin.com>
Date: Tue, 14 Jun 2016 17:04:29 -0700
Subject: readme for the module directory, also provide an undocumented way to
 reset the timestamp on connection photos to force a refresh without messing
 with the database directly.

---
 Zotlabs/Module/Connedit.php | 22 ++++++++-----
 Zotlabs/Module/README.md    | 80 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 94 insertions(+), 8 deletions(-)
 create mode 100644 Zotlabs/Module/README.md

(limited to 'Zotlabs')

diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php
index 33deac4c8..3feba5370 100644
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -16,14 +16,14 @@ require_once('include/zot.php');
 require_once('include/widgets.php');
 require_once('include/photos.php');
 
-/* @brief Initialize the connection-editor
- *
- *
- */
-
 
 class Connedit extends \Zotlabs\Web\Controller {
 
+	/* @brief Initialize the connection-editor
+	 *
+	 *
+	 */
+
 	function init() {
 	
 		if(! local_channel())
@@ -51,7 +51,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 	 *
 	 */
 	
-		function post() {
+	function post() {
 	
 		if(! local_channel())
 			return;
@@ -357,7 +357,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 	 *
 	 */
 	
-		function get() {
+	function get() {
 	
 		$sort_type = 0;
 		$o = '';
@@ -418,7 +418,13 @@ class Connedit extends \Zotlabs\Web\Controller {
 				goaway(z_root() . '/connedit/' . $contact_id);
 	
 			}
-	
+			if($cmd === 'resetphoto') {
+				q("update xchan set xchan_photo_date = '2001-01-01 00:00:00' where xchan_hash = '%s' limit 1",
+					dbesc($orig_record[0]['xchan_hash'])
+				);
+				$cmd = 'refresh';
+			}	
+
 			if($cmd === 'refresh') {
 				if($orig_record[0]['xchan_network'] === 'zot') {
 					if(! zot_refresh($orig_record[0],\App::get_channel()))
diff --git a/Zotlabs/Module/README.md b/Zotlabs/Module/README.md
new file mode 100644
index 000000000..3b870dd7b
--- /dev/null
+++ b/Zotlabs/Module/README.md
@@ -0,0 +1,80 @@
+Zotlabs/Module
+==============
+
+
+This directory contains controller modules for handling web requests. The
+lowercase class name indicates the head of the URL path which this module
+handles. There are other methods of attaching (routing) URL paths to
+controllers, but this is the primary method used in this project.
+
+Module controllers MUST reside in this directory and namespace to be
+autoloaded (unless other specific routing methods are employed). They
+typically use and extend the class definition in Zotlabs/Web/Controller 
+as a template. 
+
+Template:
+
+	<?php
+
+	namespace Zotlabs\Web;
+
+
+	class Controller {
+
+		function init() {}
+		function post() {}
+		function get() {}
+
+	}
+
+
+Typical Module declaration for the '/foo' URL route:
+
+
+	<?php
+	namespace Zotlabs\Module;
+
+	class Foo extends \Zotlabs\Web\Controller {
+
+		function init() {
+			// init() handler goes here
+		}
+
+		function post() {
+			// post handler goes here
+		}
+
+		function get() {
+			return 'Hello world.' . EOL;
+		}
+
+	}
+
+This model provides callbacks for public functions named init(), post(), 
+and get(). init() is always called. post() is called if $_POST variables
+are present, and get() is called if none of the prior functions terminated
+the handler. The get() method typically retuns a string which represents 
+the contents of the content region of the resulting page. Modules which emit 
+json, xml or other machine-readable formats typically emit their contents
+inside the init() function and call 'killme()' to terminate the Module. 
+
+Modules are passed the URL path as argc,argv arguments. For a path such as
+
+	https://mysite.something/foo/bar/baz
+
+The app will typically invoke the Module class 'Foo' and pass it 
+
+	$x = argc(); // $x = 3
+
+	$x = argv(0); // $x = 'foo'
+	$x = argv(1); // $x = 'bar'
+	$x = argv(2); // $x = 'baz'
+
+These are handled in a similar fashion to their counterparts in the Unix shell
+or C/C++ languages. Do not confuse the argc(),argv() functions with the
+global variables $argc,$argv which are passed to command line programs. These 
+are handled separately by command line and Zotlabs/Daemon class functions. 
+
+
+
+ 
\ No newline at end of file
-- 
cgit v1.2.3


From 212d8b6cfd28151b5b8abdd3f1fcd3b3daeeb0da Mon Sep 17 00:00:00 2001
From: redmatrix <git@macgirvin.com>
Date: Tue, 14 Jun 2016 20:30:34 -0700
Subject: support cookie auth in Sabre DAV

---
 Zotlabs/Storage/BasicAuth.php | 53 +++++++++++++++++++++++++++++++++++++++++++
 Zotlabs/Web/Controller.php    |  3 ++-
 2 files changed, 55 insertions(+), 1 deletion(-)

(limited to 'Zotlabs')

diff --git a/Zotlabs/Storage/BasicAuth.php b/Zotlabs/Storage/BasicAuth.php
index 121a9c3a1..60fc2c988 100644
--- a/Zotlabs/Storage/BasicAuth.php
+++ b/Zotlabs/Storage/BasicAuth.php
@@ -3,6 +3,8 @@
 namespace Zotlabs\Storage;
 
 use Sabre\DAV;
+use Sabre\HTTP\RequestInterface;
+use Sabre\HTTP\ResponseInterface;
 
 /**
  * @brief Authentication backend class for DAV.
@@ -145,6 +147,57 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
 		return true;
 	}
 
+    /**
+     * When this method is called, the backend must check if authentication was
+     * successful.
+     *
+     * The returned value must be one of the following
+     *
+     * [true, "principals/username"]
+     * [false, "reason for failure"]
+     *
+     * If authentication was successful, it's expected that the authentication
+     * backend returns a so-called principal url.
+     *
+     * Examples of a principal url:
+     *
+     * principals/admin
+     * principals/user1
+     * principals/users/joe
+     * principals/uid/123457
+     *
+     * If you don't use WebDAV ACL (RFC3744) we recommend that you simply
+     * return a string such as:
+     *
+     * principals/users/[username]
+     *
+     * @param RequestInterface $request
+     * @param ResponseInterface $response
+     * @return array
+     */
+    function check(RequestInterface $request, ResponseInterface $response) {
+
+		if(local_channel()) {
+			return [ true, $this->principalPrefix . $this->channel_name ];
+		}
+
+        $auth = new \Sabre\HTTP\Auth\Basic(
+            $this->realm,
+            $request,
+            $response
+        );
+
+        $userpass = $auth->getCredentials();
+        if (!$userpass) {
+            return [false, "No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured"];
+        }
+        if (!$this->validateUserPass($userpass[0], $userpass[1])) {
+            return [false, "Username or password was incorrect"];
+        }
+        return [true, $this->principalPrefix . $userpass[0]];
+
+    }
+
 	protected function check_module_access($channel_id) {
 		if($channel_id && \App::$module === 'cdav') {
 			$x = get_pconfig($channel_id,'cdav','enabled');
diff --git a/Zotlabs/Web/Controller.php b/Zotlabs/Web/Controller.php
index ac835e008..2d0f58891 100644
--- a/Zotlabs/Web/Controller.php
+++ b/Zotlabs/Web/Controller.php
@@ -9,4 +9,5 @@ class Controller {
 	function post() {}
 	function get() {}
 
-}
\ No newline at end of file
+}
+
-- 
cgit v1.2.3