Some documentation for include/reddav.php and a bit code cleanup.
Removed some duplicate code in RedBasicAuth and restructured a bit. Still work in progress.
This commit is contained in:
Klaus Weidenbach
@@ -1,31 +1,34 @@
|
||||
<?php
|
||||
/**
|
||||
* @file mod/cloud.php
|
||||
* @brief Initialize Red Matrix's cloud (SabreDAV)
|
||||
* @brief Initialize RedMatrix's cloud (SabreDAV).
|
||||
*
|
||||
* Module for accessing the DAV storage area.
|
||||
*/
|
||||
|
||||
use Sabre\DAV;
|
||||
require_once('vendor/autoload.php');
|
||||
use Sabre\DAV;
|
||||
|
||||
// workaround for HTTP-auth in CGI mode
|
||||
if(x($_SERVER,'REDIRECT_REMOTE_USER')) {
|
||||
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
|
||||
if(strlen($userpass)) {
|
||||
list($name, $password) = explode(':', $userpass);
|
||||
$_SERVER['PHP_AUTH_USER'] = $name;
|
||||
$_SERVER['PHP_AUTH_PW'] = $password;
|
||||
}
|
||||
}
|
||||
// composer autoloader for SabreDAV
|
||||
require_once('vendor/autoload.php');
|
||||
|
||||
if(x($_SERVER,'HTTP_AUTHORIZATION')) {
|
||||
$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
|
||||
if(strlen($userpass)) {
|
||||
list($name, $password) = explode(':', $userpass);
|
||||
$_SERVER['PHP_AUTH_USER'] = $name;
|
||||
$_SERVER['PHP_AUTH_PW'] = $password;
|
||||
}
|
||||
// workaround for HTTP-auth in CGI mode
|
||||
if(x($_SERVER, 'REDIRECT_REMOTE_USER')) {
|
||||
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
|
||||
if(strlen($userpass)) {
|
||||
list($name, $password) = explode(':', $userpass);
|
||||
$_SERVER['PHP_AUTH_USER'] = $name;
|
||||
$_SERVER['PHP_AUTH_PW'] = $password;
|
||||
}
|
||||
}
|
||||
|
||||
if(x($_SERVER, 'HTTP_AUTHORIZATION')) {
|
||||
$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
|
||||
if(strlen($userpass)) {
|
||||
list($name, $password) = explode(':', $userpass);
|
||||
$_SERVER['PHP_AUTH_USER'] = $name;
|
||||
$_SERVER['PHP_AUTH_PW'] = $password;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Fires up the SabreDAV server.
|
||||
@@ -33,14 +36,12 @@
|
||||
* @param App &$a
|
||||
*/
|
||||
function cloud_init(&$a) {
|
||||
|
||||
// call ($currenttheme)_init since we're operating outside of index.php
|
||||
|
||||
$theme_info_file = "view/theme/".current_theme()."/php/theme.php";
|
||||
$theme_info_file = "view/theme/" . current_theme() . "/php/theme.php";
|
||||
if (file_exists($theme_info_file)){
|
||||
require_once($theme_info_file);
|
||||
if(function_exists(str_replace('-','_',current_theme()) . '_init')) {
|
||||
$func = str_replace('-','_',current_theme()) . '_init';
|
||||
if(function_exists(str_replace('-', '_', current_theme()) . '_init')) {
|
||||
$func = str_replace('-', '_', current_theme()) . '_init';
|
||||
$func($a);
|
||||
}
|
||||
}
|
||||
@@ -48,16 +49,15 @@ function cloud_init(&$a) {
|
||||
require_once('include/reddav.php');
|
||||
|
||||
if(! is_dir('store'))
|
||||
os_mkdir('store',STORAGE_DEFAULT_PERMISSIONS,false);
|
||||
os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
|
||||
|
||||
$which = null;
|
||||
if(argc() > 1)
|
||||
$which = argv(1);
|
||||
|
||||
$profile = 0;
|
||||
$channel = $a->get_channel();
|
||||
|
||||
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which . '" />' . "\r\n" ;
|
||||
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which . '" />' . "\r\n";
|
||||
|
||||
if($which)
|
||||
profile_load($a, $which, $profile);
|
||||
@@ -70,12 +70,11 @@ function cloud_init(&$a) {
|
||||
if(local_user()) {
|
||||
$channel = $a->get_channel();
|
||||
$auth->setCurrentUser($channel['channel_address']);
|
||||
$auth->channel_name = $channel['channel_address'];
|
||||
$auth->channel_id = $channel['channel_id'];
|
||||
$auth->channel_hash = $channel['channel_hash'];
|
||||
$auth->channel_account_id = $channel['channel_account_id'];
|
||||
if($channel['channel_timezone'])
|
||||
$auth->timezone = $channel['channel_timezone'];
|
||||
$auth->setTimezone($channel['channel_timezone']);
|
||||
}
|
||||
$auth->observer = $ob_hash;
|
||||
}
|
||||
@@ -83,13 +82,13 @@ function cloud_init(&$a) {
|
||||
if($_GET['davguest'])
|
||||
$_SESSION['davguest'] = true;
|
||||
|
||||
$_SERVER['QUERY_STRING'] = str_replace(array('?f=','&f='),array('',''),$_SERVER['QUERY_STRING']);
|
||||
$_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
|
||||
$_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
|
||||
$_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism','',$_SERVER['QUERY_STRING']);
|
||||
$_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']);
|
||||
|
||||
$_SERVER['REQUEST_URI'] = str_replace(array('?f=','&f='),array('',''),$_SERVER['REQUEST_URI']);
|
||||
$_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
|
||||
$_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
|
||||
$_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism','',$_SERVER['REQUEST_URI']);
|
||||
$_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']);
|
||||
|
||||
$rootDirectory = new RedDirectory('/', $auth);
|
||||
|
||||
@@ -101,11 +100,15 @@ function cloud_init(&$a) {
|
||||
|
||||
$server->addPlugin($lockPlugin);
|
||||
|
||||
// The next section of code allows us to bypass prompting for http-auth if a FILE is being accessed anonymously and permissions
|
||||
// allow this. This way one can create hotlinks to public media files in their cloud and anonymous viewers won't get asked to login.
|
||||
// If a DIRECTORY is accessed or there are permission issues accessing the file and we aren't previously authenticated via zot,
|
||||
// prompt for HTTP-auth. This will be the default case for mounting a DAV directory.
|
||||
// In order to avoid prompting for passwords for viewing a DIRECTORY, add the URL query parameter 'davguest=1'
|
||||
// The next section of code allows us to bypass prompting for http-auth if a
|
||||
// FILE is being accessed anonymously and permissions allow this. This way
|
||||
// one can create hotlinks to public media files in their cloud and anonymous
|
||||
// viewers won't get asked to login.
|
||||
// If a DIRECTORY is accessed or there are permission issues accessing the
|
||||
// file and we aren't previously authenticated via zot, prompt for HTTP-auth.
|
||||
// This will be the default case for mounting a DAV directory.
|
||||
// In order to avoid prompting for passwords for viewing a DIRECTORY, add
|
||||
// the URL query parameter 'davguest=1'.
|
||||
|
||||
$isapublic_file = false;
|
||||
$davguest = ((x($_SESSION, 'davguest')) ? true : false);
|
||||
@@ -116,22 +119,21 @@ function cloud_init(&$a) {
|
||||
if($x instanceof RedFile)
|
||||
$isapublic_file = true;
|
||||
}
|
||||
catch ( Exception $e ) {
|
||||
catch (Exception $e) {
|
||||
$isapublic_file = false;
|
||||
}
|
||||
}
|
||||
|
||||
if((! $auth->observer) && (! $isapublic_file) && (! $davguest)) {
|
||||
try {
|
||||
$auth->Authenticate($server, t('Red Matrix - Guests: Username: {your email address}, Password: +++'));
|
||||
$auth->Authenticate($server, t('RedMatrix - Guests: Username: {your email address}, Password: +++'));
|
||||
}
|
||||
catch ( Exception $e) {
|
||||
catch (Exception $e) {
|
||||
logger('mod_cloud: auth exception' . $e->getMessage());
|
||||
http_status_exit($e->getHTTPCode(), $e->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// provide a directory view for the cloud in Red Matrix
|
||||
$browser = new RedBrowser($auth);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user