diff options
| author | Bart Visscher <bartv@thisnet.nl> | 2014-01-31 16:43:12 +0100 |
|---|---|---|
| committer | Bart Visscher <bartv@thisnet.nl> | 2014-01-31 16:43:12 +0100 |
| commit | bca725dc32e159d756f023d428816b8f9821b732 (patch) | |
| tree | c3e1910e952728433c2572cea96fa8024c79d1d5 /lib/base.php | |
| parent | 09d2ba017e603fe6ac237da7830d86d74b2da61c (diff) | |
| parent | 271088a7a23ffcdb2082b6dfc5b6f50833612a0f (diff) | |
| download | nextcloud-server-bca725dc32e159d756f023d428816b8f9821b732.tar.gz nextcloud-server-bca725dc32e159d756f023d428816b8f9821b732.zip | |
Merge branch 'master' into setup
Conflicts:
core/setup.php
Diffstat (limited to 'lib/base.php')
| -rw-r--r-- | lib/base.php | 235 |
1 files changed, 163 insertions, 72 deletions
diff --git a/lib/base.php b/lib/base.php index 1246aee8110..0a890942c3b 100644 --- a/lib/base.php +++ b/lib/base.php @@ -57,6 +57,9 @@ class OC { * web path in 'url' */ public static $APPSROOTS = array(); + + public static $configDir; + /* * requested app */ @@ -69,8 +72,9 @@ class OC { * check if owncloud runs in cli mode */ public static $CLI = false; - /* - * OC router + + /** + * @var OC_Router */ protected static $router = null; @@ -99,6 +103,13 @@ class OC { get_include_path() ); + if(defined('PHPUNIT_RUN') and PHPUNIT_RUN and is_dir(OC::$SERVERROOT . '/tests/config/')) { + self::$configDir = OC::$SERVERROOT . '/tests/config/'; + } else { + self::$configDir = OC::$SERVERROOT . '/config/'; + } + OC_Config::$object = new \OC\Config(self::$configDir); + OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT))); $scriptName = OC_Request::scriptName(); if (substr($scriptName, -1) == '/') { @@ -130,8 +141,8 @@ class OC { OC::$THIRDPARTYROOT = rtrim(dirname(OC::$SERVERROOT), '/'); } else { throw new Exception('3rdparty directory not found! Please put the ownCloud 3rdparty' - .' folder in the ownCloud folder or the folder above.' - .' You can also configure the location in the config.php file.'); + . ' folder in the ownCloud folder or the folder above.' + . ' You can also configure the location in the config.php file.'); } // search the apps folder $config_paths = OC_Config::getValue('apps_paths', array()); @@ -155,7 +166,7 @@ class OC { if (empty(OC::$APPSROOTS)) { throw new Exception('apps directory not found! Please put the ownCloud apps folder in the ownCloud folder' - .' or the folder above. You can also configure the location in the config.php file.'); + . ' or the folder above. You can also configure the location in the config.php file.'); } $paths = array(); foreach (OC::$APPSROOTS as $path) { @@ -174,14 +185,23 @@ class OC { } public static function checkConfig() { - if (file_exists(OC::$SERVERROOT . "/config/config.php") - and !is_writable(OC::$SERVERROOT . "/config/config.php")) { + if (file_exists(self::$configDir . "/config.php") + and !is_writable(self::$configDir . "/config.php") + ) { $defaults = new OC_Defaults(); - OC_Template::printErrorPage( - "Can't write into config directory!", - 'This can usually be fixed by ' - .'<a href="' . $defaults->getDocBaseUrl() . '/server/5.0/admin_manual/installation/installation_source.html#set-the-directory-permissions" target="_blank">giving the webserver write access to the config directory</a>.' - ); + if (self::$CLI) { + echo "Can't write into config directory!\n"; + echo "This can usually be fixed by giving the webserver write access to the config directory\n"; + echo "\n"; + echo "See " . \OC_Helper::linkToDocs('admin-dir_permissions') . "\n"; + exit; + } else { + OC_Template::printErrorPage( + "Can't write into config directory!", + 'This can usually be fixed by ' + . '<a href="' . \OC_Helper::linkToDocs('admin-dir_permissions') . '" target="_blank">giving the webserver write access to the config directory</a>.' + ); + } } } @@ -223,41 +243,73 @@ class OC { header('Retry-After: 120'); // render error page - OC_Template::printErrorPage('ownCloud is in maintenance mode'); + $tmpl = new OC_Template('', 'update.user', 'guest'); + $tmpl->printPage(); + die(); } } - public static function checkUpgrade($showTemplate = true) { + public static function checkSingleUserMode() { + $user = OC_User::getUserSession()->getUser(); + $group = OC_Group::getManager()->get('admin'); + if ($user && OC_Config::getValue('singleuser', false) && !$group->inGroup($user)) { + // send http status 503 + header('HTTP/1.1 503 Service Temporarily Unavailable'); + header('Status: 503 Service Temporarily Unavailable'); + header('Retry-After: 120'); + + // render error page + $tmpl = new OC_Template('', 'singleuser.user', 'guest'); + $tmpl->printPage(); + die(); + } + } + + /** + * check if the instance needs to preform an upgrade + * + * @return bool + */ + public static function needUpgrade() { if (OC_Config::getValue('installed', false)) { $installedVersion = OC_Config::getValue('version', '0.0.0'); $currentVersion = implode('.', OC_Util::getVersion()); - if (version_compare($currentVersion, $installedVersion, '>')) { - if ($showTemplate && !OC_Config::getValue('maintenance', false)) { - OC_Config::setValue('theme', ''); - $minimizerCSS = new OC_Minimizer_CSS(); - $minimizerCSS->clearCache(); - $minimizerJS = new OC_Minimizer_JS(); - $minimizerJS->clearCache(); - OC_Util::addscript('update'); - $tmpl = new OC_Template('', 'update', 'guest'); - $tmpl->assign('version', OC_Util::getVersionString()); - $tmpl->printPage(); - exit(); - } else { - return true; - } - } + return version_compare($currentVersion, $installedVersion, '>'); + } else { return false; } } + public static function checkUpgrade($showTemplate = true) { + if (self::needUpgrade()) { + if ($showTemplate && !OC_Config::getValue('maintenance', false)) { + OC_Config::setValue('theme', ''); + $minimizerCSS = new OC_Minimizer_CSS(); + $minimizerCSS->clearCache(); + $minimizerJS = new OC_Minimizer_JS(); + $minimizerJS->clearCache(); + OC_Util::addScript('config'); // needed for web root + OC_Util::addScript('update'); + $tmpl = new OC_Template('', 'update.admin', 'guest'); + $tmpl->assign('version', OC_Util::getVersionString()); + $tmpl->printPage(); + exit(); + } else { + return true; + } + } + return false; + } + public static function initTemplateEngine() { // Add the stuff we need always + // TODO: read from core/js/core.json OC_Util::addScript("jquery-1.10.0.min"); OC_Util::addScript("jquery-migrate-1.2.1.min"); OC_Util::addScript("jquery-ui-1.10.0.custom"); OC_Util::addScript("jquery-showpassword"); OC_Util::addScript("jquery.infieldlabel"); + OC_Util::addScript("jquery.placeholder"); OC_Util::addScript("jquery-tipsy"); OC_Util::addScript("compatibility"); OC_Util::addScript("jquery.ocdialog"); @@ -280,6 +332,7 @@ class OC { } OC_Util::addStyle("styles"); + OC_Util::addStyle("icons"); OC_Util::addStyle("apps"); OC_Util::addStyle("fixes"); OC_Util::addStyle("multiselect"); @@ -304,15 +357,9 @@ class OC { self::$session = new \OC\Session\Internal(OC_Util::getInstanceId()); // if session cant be started break with http 500 error } catch (Exception $e) { - OC_Log::write('core', 'Session could not be initialized', - OC_Log::ERROR); - - header('HTTP/1.1 500 Internal Server Error'); - OC_Util::addStyle("styles"); - $error = 'Session could not be initialized. Please contact your '; - $error .= 'system administrator'; - - OC_Template::printErrorPage($error); + //show the user a detailed error page + OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR); + OC_Template::printExceptionErrorPage($e); } $sessionLifeTime = self::getSessionLifeTime(); @@ -344,6 +391,9 @@ class OC { return OC_Config::getValue('session_lifetime', 60 * 60 * 24); } + /** + * @return OC_Router + */ public static function getRouter() { if (!isset(OC::$router)) { OC::$router = new OC_Router(); @@ -372,8 +422,6 @@ class OC { self::$loader->registerPrefix('Doctrine\\DBAL', 'doctrine/dbal/lib'); self::$loader->registerPrefix('Symfony\\Component\\Routing', 'symfony/routing'); self::$loader->registerPrefix('Symfony\\Component\\Console', 'symfony/console'); - self::$loader->registerPrefix('Sabre\\VObject', '3rdparty'); - self::$loader->registerPrefix('Sabre_', '3rdparty'); self::$loader->registerPrefix('Patchwork', '3rdparty'); spl_autoload_register(array(self::$loader, 'load')); @@ -431,8 +479,22 @@ class OC { } self::initPaths(); + if (OC_Config::getValue('instanceid', false)) { + // \OC\Memcache\Cache has a hidden dependency on + // OC_Util::getInstanceId() for namespacing. See #5409. + try { + self::$loader->setMemoryCache(\OC\Memcache\Factory::createLowLatency('Autoloader')); + } catch (\Exception $ex) { + } + } OC_Util::isSetLocaleWorking(); + // setup 3rdparty autoloader + $vendorAutoLoad = OC::$THIRDPARTYROOT . '/3rdparty/autoload.php'; + if (file_exists($vendorAutoLoad)) { + require_once $vendorAutoLoad; + } + // set debug mode if an xdebug session is active if (!defined('DEBUG') || !DEBUG) { if (isset($_COOKIE['XDEBUG_SESSION'])) { @@ -471,7 +533,14 @@ class OC { $errors = OC_Util::checkServer(); if (count($errors) > 0) { - OC_Template::printGuestPage('', 'error', array('errors' => $errors)); + if (self::$CLI) { + foreach ($errors as $error) { + echo $error['error'] . "\n"; + echo $error['hint'] . "\n\n"; + } + } else { + OC_Template::printGuestPage('', 'error', array('errors' => $errors)); + } exit; } @@ -487,8 +556,13 @@ class OC { OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); - if (isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('user_id') - && $_SERVER['PHP_AUTH_USER'] != self::$session->get('user_id')) { + if (isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('loginname') + && $_SERVER['PHP_AUTH_USER'] !== self::$session->get('loginname')) { + $sessionUser = self::$session->get('loginname'); + $serverUser = $_SERVER['PHP_AUTH_USER']; + OC_Log::write('core', + "Session loginname ($sessionUser) doesn't match SERVER[PHP_AUTH_USER] ($serverUser).", + OC_Log::WARN); OC_User::logout(); } @@ -496,7 +570,7 @@ class OC { // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; - if (!$RUNTIME_NOAPPS) { + if (!$RUNTIME_NOAPPS && !self::checkUpgrade(false)) { if ($RUNTIME_APPTYPES) { OC_App::loadApps($RUNTIME_APPTYPES); } else { @@ -545,12 +619,6 @@ class OC { } } - // write error into log if locale can't be set - if (OC_Util::isSetLocaleWorking() == false) { - OC_Log::write('core', - 'setting locale to en_US.UTF-8/en_US.UTF8 failed. Support is probably not installed on your system', - OC_Log::ERROR); - } if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) { if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { OC_Util::addScript('backgroundjobs'); @@ -562,13 +630,9 @@ class OC { * register hooks for the cache */ public static function registerCacheHooks() { - if (OC_Config::getValue('installed', false)) { //don't try to do this before we are properly setup - // register cache cleanup jobs - try { //if this is executed before the upgrade to the new backgroundjob system is completed it will throw an exception - \OCP\BackgroundJob::registerJob('OC\Cache\FileGlobalGC'); - } catch (Exception $e) { + if (OC_Config::getValue('installed', false) && !self::needUpgrade()) { //don't try to do this before we are properly setup + \OCP\BackgroundJob::registerJob('OC\Cache\FileGlobalGC'); - } // NOTE: This will be replaced to use OCP $userSession = \OC_User::getUserSession(); $userSession->listen('postLogin', '\OC\Cache\File', 'loginListener'); @@ -579,14 +643,9 @@ class OC { * register hooks for the cache */ public static function registerLogRotate() { - if (OC_Config::getValue('installed', false) && OC_Config::getValue('log_rotate_size', false)) { + if (OC_Config::getValue('installed', false) && OC_Config::getValue('log_rotate_size', false) && !self::needUpgrade()) { //don't try to do this before we are properly setup - // register cache cleanup jobs - try { //if this is executed before the upgrade to the new backgroundjob system is completed it will throw an exception - \OCP\BackgroundJob::registerJob('OC\Log\Rotate', OC_Config::getValue("datadirectory", OC::$SERVERROOT.'/data').'/owncloud.log'); - } catch (Exception $e) { - - } + \OCP\BackgroundJob::registerJob('OC\Log\Rotate', OC_Config::getValue("datadirectory", OC::$SERVERROOT . '/data') . '/owncloud.log'); } } @@ -605,13 +664,15 @@ class OC { public static function registerPreviewHooks() { OC_Hook::connect('OC_Filesystem', 'post_write', 'OC\Preview', 'post_write'); OC_Hook::connect('OC_Filesystem', 'delete', 'OC\Preview', 'post_delete'); + OC_Hook::connect('\OCP\Versions', 'delete', 'OC\Preview', 'post_delete'); + OC_Hook::connect('\OCP\Trashbin', 'delete', 'OC\Preview', 'post_delete'); } /** * register hooks for sharing */ public static function registerShareHooks() { - if(\OC_Config::getValue('installed')) { + if (\OC_Config::getValue('installed')) { OC_Hook::connect('OC_User', 'post_deleteUser', 'OCP\Share', 'post_deleteUser'); OC_Hook::connect('OC_User', 'post_addToGroup', 'OCP\Share', 'post_addToGroup'); OC_Hook::connect('OC_User', 'post_removeFromGroup', 'OCP\Share', 'post_removeFromGroup'); @@ -635,7 +696,7 @@ class OC { } $request = OC_Request::getPathInfo(); - if(substr($request, -3) !== '.js') {// we need these files during the upgrade + if (substr($request, -3) !== '.js') { // we need these files during the upgrade self::checkMaintenanceMode(); self::checkUpgrade(); } @@ -643,11 +704,12 @@ class OC { // Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP OC::tryBasicAuthLogin(); - if (!self::$CLI) { + if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) { try { if (!OC_Config::getValue('maintenance', false)) { OC_App::loadApps(); } + self::checkSingleUserMode(); OC::getRouter()->match(OC_Request::getRawPathInfo()); return; } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) { @@ -680,7 +742,11 @@ class OC { } // Handle WebDAV if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') { - header('location: ' . OC_Helper::linkToRemote('webdav')); + // not allowed any more to prevent people + // mounting this root directly. + // Users need to mount remote.php/webdav instead. + header('HTTP/1.1 405 Method Not Allowed'); + header('Status: 405 Method Not Allowed'); return; } @@ -744,12 +810,23 @@ class OC { protected static function handleLogin() { OC_App::loadApps(array('prelogin')); $error = array(); - // remember was checked after last login - if (OC::tryRememberLogin()) { + + // auth possible via apache module? + if (OC::tryApacheAuth()) { + $error[] = 'apacheauthfailed'; + } // remember was checked after last login + elseif (OC::tryRememberLogin()) { $error[] = 'invalidcookie'; - // Someone wants to log in : - } elseif (OC::tryFormLogin()) { + } // logon via web form + elseif (OC::tryFormLogin()) { $error[] = 'invalidpassword'; + if ( OC_Config::getValue('log_authfailip', false) ) { + OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'], + OC_Log::WARN); + } else { + OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:set log_authfailip=true in conf', + OC_Log::WARN); + } } OC_Util::displayLoginPage(array_unique($error)); @@ -766,6 +843,20 @@ class OC { } } + protected static function tryApacheAuth() { + $return = OC_User::handleApacheAuth(); + + // if return is true we are logged in -> redirect to the default page + if ($return === true) { + $_REQUEST['redirect_url'] = \OC_Request::requestUri(); + OC_Util::redirectToDefaultPage(); + exit; + } + + // in case $return is null apache based auth is not enabled + return is_null($return) ? false : true; + } + protected static function tryRememberLogin() { if (!isset($_COOKIE["oc_remember_login"]) || !isset($_COOKIE["oc_token"]) |