aboutsummaryrefslogtreecommitdiffstats
path: root/apps/dav/appinfo
diff options
context:
space:
mode:
authorJohn Molakvoæ <skjnldsv@protonmail.com>2022-05-15 10:38:55 +0200
committerJohn Molakvoæ <skjnldsv@protonmail.com>2024-01-09 10:56:06 +0100
commit7b6a650b6e09b07d4b85a4ae84eb64a6c32b217f (patch)
treef5e479b0bca0a027ef289135c8216cda10f82b14 /apps/dav/appinfo
parentfdc64ea2f527d25c382901ed906f71fca89fd1b3 (diff)
downloadnextcloud-server-7b6a650b6e09b07d4b85a4ae84eb64a6c32b217f.tar.gz
nextcloud-server-7b6a650b6e09b07d4b85a4ae84eb64a6c32b217f.zip
feat: public dav endpoint v2
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
Diffstat (limited to 'apps/dav/appinfo')
-rw-r--r--apps/dav/appinfo/info.xml4
-rw-r--r--apps/dav/appinfo/v1/publicwebdav.php2
-rw-r--r--apps/dav/appinfo/v2/publicremote.php122
3 files changed, 123 insertions, 5 deletions
diff --git a/apps/dav/appinfo/info.xml b/apps/dav/appinfo/info.xml
index d436596ca5a..02dec49a546 100644
--- a/apps/dav/appinfo/info.xml
+++ b/apps/dav/appinfo/info.xml
@@ -86,8 +86,4 @@
<provider>OCA\DAV\CardDAV\Activity\Provider\Card</provider>
</providers>
</activity>
-
- <public>
- <webdav>appinfo/v1/publicwebdav.php</webdav>
- </public>
</info>
diff --git a/apps/dav/appinfo/v1/publicwebdav.php b/apps/dav/appinfo/v1/publicwebdav.php
index 8ca9c6c577c..b5a88afb16e 100644
--- a/apps/dav/appinfo/v1/publicwebdav.php
+++ b/apps/dav/appinfo/v1/publicwebdav.php
@@ -43,7 +43,7 @@ OC_Util::obEnd();
\OC::$server->getSession()->close();
// Backends
-$authBackend = new OCA\DAV\Connector\PublicAuth(
+$authBackend = new OCA\DAV\Connector\LegacyPublicAuth(
\OC::$server->getRequest(),
\OC::$server->getShareManager(),
\OC::$server->getSession(),
diff --git a/apps/dav/appinfo/v2/publicremote.php b/apps/dav/appinfo/v2/publicremote.php
new file mode 100644
index 00000000000..501f9188c1f
--- /dev/null
+++ b/apps/dav/appinfo/v2/publicremote.php
@@ -0,0 +1,122 @@
+<?php
+/**
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ *
+ * @author Bjoern Schiessle <bjoern@schiessle.org>
+ * @author Björn Schießle <bjoern@schiessle.org>
+ * @author Christoph Wurst <christoph@winzerhof-wurst.at>
+ * @author Joas Schilling <coding@schilljs.com>
+ * @author Julius Härtl <jus@bitgrid.net>
+ * @author Lukas Reschke <lukas@statuscode.ch>
+ * @author Morris Jobke <hey@morrisjobke.de>
+ * @author Robin Appelman <robin@icewind.nl>
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ * @author Thomas Müller <thomas.mueller@tmit.eu>
+ * @author Vincent Petry <vincent@nextcloud.com>
+ *
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+// load needed apps
+$RUNTIME_APPTYPES = ['filesystem', 'authentication', 'logging'];
+
+OC_App::loadApps($RUNTIME_APPTYPES);
+
+OC_Util::obEnd();
+\OC::$server->getSession()->close();
+
+// Backends
+$authBackend = new OCA\DAV\Connector\Sabre\PublicAuth(
+ \OC::$server->getRequest(),
+ \OC::$server->getShareManager(),
+ \OC::$server->getSession(),
+ \OC::$server->getBruteForceThrottler()
+);
+$authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend);
+
+$serverFactory = new OCA\DAV\Connector\Sabre\ServerFactory(
+ \OC::$server->getConfig(),
+ \OC::$server->get(Psr\Log\LoggerInterface::class),
+ \OC::$server->getDatabaseConnection(),
+ \OC::$server->getUserSession(),
+ \OC::$server->getMountManager(),
+ \OC::$server->getTagManager(),
+ \OC::$server->getRequest(),
+ \OC::$server->getPreviewManager(),
+ \OC::$server->getEventDispatcher(),
+ \OC::$server->getL10N('dav')
+);
+
+$requestUri = \OC::$server->getRequest()->getRequestUri();
+
+$linkCheckPlugin = new \OCA\DAV\Files\Sharing\PublicLinkCheckPlugin();
+$filesDropPlugin = new \OCA\DAV\Files\Sharing\FilesDropPlugin();
+
+// Define root url with /public.php/dav/files/TOKEN
+preg_match('/(^files\/\w+)/i', substr($requestUri, strlen($baseuri)), $match);
+$baseuri = $baseuri . $match[0];
+
+$server = $serverFactory->createServer($baseuri, $requestUri, $authPlugin, function (\Sabre\DAV\Server $server) use ($authBackend, $linkCheckPlugin, $filesDropPlugin) {
+ $isAjax = (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] === 'XMLHttpRequest');
+ /** @var \OCA\FederatedFileSharing\FederatedShareProvider $shareProvider */
+ $federatedShareProvider = \OC::$server->query(\OCA\FederatedFileSharing\FederatedShareProvider::class);
+ if ($federatedShareProvider->isOutgoingServer2serverShareEnabled() === false && !$isAjax) {
+ // this is what is thrown when trying to access a non-existing share
+ throw new \Sabre\DAV\Exception\NotAuthenticated();
+ }
+
+ $share = $authBackend->getShare();
+ $owner = $share->getShareOwner();
+ $isReadable = $share->getPermissions() & \OCP\Constants::PERMISSION_READ;
+ $fileId = $share->getNodeId();
+
+ // FIXME: should not add storage wrappers outside of preSetup, need to find a better way
+ $previousLog = \OC\Files\Filesystem::logWarningWhenAddingStorageWrapper(false);
+ \OC\Files\Filesystem::addStorageWrapper('sharePermissions', function ($mountPoint, $storage) use ($share) {
+ return new \OC\Files\Storage\Wrapper\PermissionsMask(['storage' => $storage, 'mask' => $share->getPermissions() | \OCP\Constants::PERMISSION_SHARE]);
+ });
+ \OC\Files\Filesystem::addStorageWrapper('shareOwner', function ($mountPoint, $storage) use ($share) {
+ return new \OCA\DAV\Storage\PublicOwnerWrapper(['storage' => $storage, 'owner' => $share->getShareOwner()]);
+ });
+ \OC\Files\Filesystem::logWarningWhenAddingStorageWrapper($previousLog);
+
+ OC_Util::tearDownFS();
+ OC_Util::setupFS($owner);
+ $ownerView = new \OC\Files\View('/'. $owner . '/files');
+ $path = $ownerView->getPath($fileId);
+ $fileInfo = $ownerView->getFileInfo($path);
+
+ if ($fileInfo === false) {
+ throw new \Sabre\DAV\Exception\NotFound();
+ }
+
+ $linkCheckPlugin->setFileInfo($fileInfo);
+
+ // If not readble (files_drop) enable the filesdrop plugin
+ if (!$isReadable) {
+ $filesDropPlugin->enable();
+ }
+
+ $view = new \OC\Files\View($ownerView->getAbsolutePath($path));
+ $filesDropPlugin->setView($view);
+
+ return $view;
+});
+
+$server->addPlugin($linkCheckPlugin);
+$server->addPlugin($filesDropPlugin);
+
+// And off we go!
+$server->exec();