mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 984 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
52940 Commits
372 Branches
Tree: 1a9330cd69
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1a9330cd69'
${ noResults }
nextcloud/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php

AnonymousOptionsPlugin.php 2.8KB
Raw Blame History

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. <?php

  2. /**

  3.  * @copyright Copyright (c) 2018 Robin Appelman <robin@icewind.nl>

  4.  *

  5.  * @author Bastien Durel <bastien@durel.org>

  6.  * @author Christoph Wurst <christoph@winzerhof-wurst.at>

  7.  * @author Georg Ehrke <oc.list@georgehrke.com>

  8.  * @author Julius Härtl <jus@bitgrid.net>

  9.  * @author Robin Appelman <robin@icewind.nl>

  10.  *

  11.  * @license GNU AGPL version 3 or any later version

  12.  *

  13.  * This program is free software: you can redistribute it and/or modify

  14.  * it under the terms of the GNU Affero General Public License as

  15.  * published by the Free Software Foundation, either version 3 of the

  16.  * License, or (at your option) any later version.

  17.  *

  18.  * This program is distributed in the hope that it will be useful,

  19.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  20.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  21.  * GNU Affero General Public License for more details.

  22.  *

  23.  * You should have received a copy of the GNU Affero General Public License

  24.  * along with this program. If not, see <http://www.gnu.org/licenses/>.

  25.  *

  26.  */

  27. 

  28. namespace OCA\DAV\Connector\Sabre;

  29. 

  30. use Sabre\DAV\CorePlugin;

  31. use Sabre\DAV\FS\Directory;

  32. use Sabre\DAV\ServerPlugin;

  33. use Sabre\DAV\Tree;

  34. use Sabre\HTTP\RequestInterface;

  35. use Sabre\HTTP\ResponseInterface;

  36. 

  37. class AnonymousOptionsPlugin extends ServerPlugin {

  38. 

  39. 	/**

  40. 	 * @var \Sabre\DAV\Server

  41. 	 */

  42. 	private $server;

  43. 

  44. 	/**

  45. 	 * @param \Sabre\DAV\Server $server

  46. 	 * @return void

  47. 	 */

  48. 	public function initialize(\Sabre\DAV\Server $server) {

  49. 		$this->server = $server;

  50. 		// before auth

  51. 		$this->server->on('beforeMethod:*', [$this, 'handleAnonymousOptions'], 9);

  52. 	}

  53. 

  54. 	/**

  55. 	 * @return bool

  56. 	 */

  57. 	public function isRequestInRoot($path) {

  58. 		return $path === '' || (is_string($path) && strpos($path, '/') === false);

  59. 	}

  60. 

  61. 	/**

  62. 	 * @throws \Sabre\DAV\Exception\Forbidden

  63. 	 * @return bool

  64. 	 */

  65. 	public function handleAnonymousOptions(RequestInterface $request, ResponseInterface $response) {

  66. 		$isOffice = preg_match('/Microsoft Office/i', $request->getHeader('User-Agent'));

  67. 		$emptyAuth = $request->getHeader('Authorization') === null

  68. 			|| $request->getHeader('Authorization') === ''

  69. 			|| trim($request->getHeader('Authorization')) === 'Bearer';

  70. 		$isAnonymousOption = $request->getMethod() === 'OPTIONS' && $emptyAuth;

  71. 		$isOfficeHead = $request->getMethod() === 'HEAD' && $isOffice && $emptyAuth;

  72. 		if ($isAnonymousOption || $isOfficeHead) {

  73. 			/** @var CorePlugin $corePlugin */

  74. 			$corePlugin = $this->server->getPlugin('core');

  75. 			// setup a fake tree for anonymous access

  76. 			$this->server->tree = new Tree(new Directory(''));

  77. 			$corePlugin->httpOptions($request, $response);

  78. 			$this->server->emit('afterMethod', [$request, $response]);

  79. 			$this->server->emit('afterMethod:OPTIONS', [$request, $response]);

  80. 

  81. 			$this->server->sapi->sendResponse($response);

  82. 			return false;

  83. 		}

  84. 	}

  85. }