aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Dav.php
blob: 866520461b5929c9481c0ddae273685cb9efafac (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?php
/**
 * @file Zotlabs/Module/Dav.php
 * @brief Initialize Hubzilla's cloud (SabreDAV).
 *
 * Module for accessing the DAV storage area from a DAV client.
 */

namespace Zotlabs\Module;

use Sabre\DAV as SDAV;
use Zotlabs\Storage;
use Zotlabs\Web\HTTPSig;

require_once('include/attach.php');
require_once('include/auth.php');
require_once('include/security.php');


class Dav extends \Zotlabs\Web\Controller {

	/**
	 * @brief Fires up the SabreDAV server.
	 *
	 */
	function init() {

		foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) {

			/* Basic authentication */

			if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,5) === 'Basic') {
				$userpass = @base64_decode(substr(trim($_SERVER[$head]),6)) ;
				if(strlen($userpass)) {
					list($name, $password) = explode(':', $userpass);
					$_SERVER['PHP_AUTH_USER'] = $name;
					$_SERVER['PHP_AUTH_PW']   = $password;
				}
				break;
			}

			/* Signature authentication */

			if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') {
				if($head !== 'HTTP_AUTHORIZATION') {
					$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head];
					continue;
				}

				$sigblock = HTTPSig::parse_sigheader($_SERVER[$head]);
				if($sigblock) {
					$keyId = str_replace('acct:','',$sigblock['keyId']);
					if($keyId) {
						$r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
							dbesc($keyId)
						);
						if($r) {
							$c = channelx_by_hash($r[0]['hubloc_hash']);
							if($c) {
								$a = q("select * from account where account_id = %d limit 1",
									intval($c['channel_account_id'])
								);
								if($a) {
									$record = [ 'channel' => $c, 'account' => $a[0] ];
									$channel_login = $c['channel_id'];
								}
							}
						}
						if(! $record)
							continue;

						if($record) {
							$verified = HTTPSig::verify('',$record['channel']['channel_pubkey']);
							if(! ($verified && $verified['header_signed'] && $verified['header_valid'])) {
								$record = null;
							}
							if($record['account']) {
						        authenticate_success($record['account']);
						        if($channel_login) {
						            change_channel($channel_login);
								}
							}
							break;
						}
					}
				}
			}
		}

		if (! is_dir('store'))
			os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);

		if (argc() > 1)
			profile_load(argv(1),0);


		$auth = new \Zotlabs\Storage\BasicAuth();
		$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV');

		$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);

		// A SabreDAV server-object
		$server = new SDAV\Server($rootDirectory);


		$authPlugin = new \Sabre\DAV\Auth\Plugin($auth);
		$server->addPlugin($authPlugin);


		// prevent overwriting changes each other with a lock backend
		$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
		$lockPlugin = new SDAV\Locks\Plugin($lockBackend);

		$server->addPlugin($lockPlugin);

		// provide a directory view for the cloud in Hubzilla
		$browser = new \Zotlabs\Storage\Browser($auth);
		$auth->setBrowserPlugin($browser);

		// Experimental QuotaPlugin
		// $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth));

		// All we need to do now, is to fire up the server
		$server->exec();

		killme();
	}

}