diff options
| author | Robin Appelman <icewind@owncloud.com> | 2013-01-07 00:16:10 +0100 |
|---|---|---|
| committer | Robin Appelman <icewind@owncloud.com> | 2013-01-07 00:16:10 +0100 |
| commit | e8d08d4930fae31a665c679b5ac1a147859eb099 (patch) | |
| tree | 426671882f753d0fea8f80c786bdd6892d57cdb5 /lib | |
| parent | 1137723b2a46c37d61e7f501694c73562b21ef74 (diff) | |
| parent | 0b007235b99fa8d66cdb8ca917fe2f45dd8e4edc (diff) | |
| download | nextcloud-server-e8d08d4930fae31a665c679b5ac1a147859eb099.tar.gz nextcloud-server-e8d08d4930fae31a665c679b5ac1a147859eb099.zip | |
merge master into filesystem
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/api.php | 200 | ||||
| -rw-r--r--[-rwxr-xr-x] | lib/app.php | 18 | ||||
| -rw-r--r-- | lib/base.php | 1384 | ||||
| -rw-r--r-- | lib/connector/sabre/quotaplugin.php | 2 | ||||
| -rw-r--r-- | lib/db.php | 10 | ||||
| -rw-r--r-- | lib/files/storage/local.php | 43 | ||||
| -rw-r--r-- | lib/helper.php | 63 | ||||
| -rw-r--r-- | lib/ocs.php | 488 | ||||
| -rw-r--r-- | lib/ocs/activity.php | 28 | ||||
| -rw-r--r-- | lib/ocs/cloud.php | 98 | ||||
| -rw-r--r-- | lib/ocs/config.php | 36 | ||||
| -rw-r--r-- | lib/ocs/person.php | 42 | ||||
| -rw-r--r-- | lib/ocs/privatedata.php | 66 | ||||
| -rw-r--r-- | lib/ocs/result.php | 75 | ||||
| -rw-r--r-- | lib/public/api.php | 44 | ||||
| -rw-r--r-- | lib/router.php | 18 |
16 files changed, 1427 insertions, 1188 deletions
diff --git a/lib/api.php b/lib/api.php new file mode 100644 index 00000000000..cb67e0c2a89 --- /dev/null +++ b/lib/api.php @@ -0,0 +1,200 @@ +<?php +/** +* ownCloud +* +* @author Tom Needham +* @author Michael Gapczynski +* @author Bart Visscher +* @copyright 2012 Tom Needham tom@owncloud.com +* @copyright 2012 Michael Gapczynski mtgap@owncloud.com +* @copyright 2012 Bart Visscher bartv@thisnet.nl +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +class OC_API { + + /** + * API authentication levels + */ + const GUEST_AUTH = 0; + const USER_AUTH = 1; + const SUBADMIN_AUTH = 2; + const ADMIN_AUTH = 3; + + private static $server; + + /** + * initialises the OAuth store and server + */ + private static function init() { + self::$server = new OC_OAuth_Server(new OC_OAuth_Store()); + } + + /** + * api actions + */ + protected static $actions = array(); + + /** + * registers an api call + * @param string $method the http method + * @param string $url the url to match + * @param callable $action the function to run + * @param string $app the id of the app registering the call + * @param int $authLevel the level of authentication required for the call + * @param array $defaults + * @param array $requirements + */ + public static function register($method, $url, $action, $app, + $authLevel = OC_API::USER_AUTH, + $defaults = array(), + $requirements = array()) { + $name = strtolower($method).$url; + $name = str_replace(array('/', '{', '}'), '_', $name); + if(!isset(self::$actions[$name])) { + OC::getRouter()->useCollection('ocs'); + OC::getRouter()->create($name, $url) + ->method($method) + ->action('OC_API', 'call'); + self::$actions[$name] = array(); + } + self::$actions[$name] = array('app' => $app, 'action' => $action, 'authlevel' => $authLevel); + } + + /** + * handles an api call + * @param array $parameters + */ + public static function call($parameters) { + // Prepare the request variables + if($_SERVER['REQUEST_METHOD'] == 'PUT') { + parse_str(file_get_contents("php://input"), $parameters['_put']); + } else if($_SERVER['REQUEST_METHOD'] == 'DELETE'){ + parse_str(file_get_contents("php://input"), $parameters['_delete']); + } + $name = $parameters['_route']; + // Check authentication and availability + if(self::isAuthorised(self::$actions[$name])) { + if(is_callable(self::$actions[$name]['action'])) { + $response = call_user_func(self::$actions[$name]['action'], $parameters); + } else { + $response = new OC_OCS_Result(null, 998, 'Api method not found'); + } + } else { + $response = new OC_OCS_Result(null, 997, 'Unauthorised'); + } + // Send the response + $formats = array('json', 'xml'); + $format = !empty($_GET['format']) && in_array($_GET['format'], $formats) ? $_GET['format'] : 'xml'; + self::respond($response, $format); + // logout the user to be stateless + OC_User::logout(); + } + + /** + * authenticate the api call + * @param array $action the action details as supplied to OC_API::register() + * @return bool + */ + private static function isAuthorised($action) { + $level = $action['authlevel']; + switch($level) { + case OC_API::GUEST_AUTH: + // Anyone can access + return true; + break; + case OC_API::USER_AUTH: + // User required + return self::loginUser(); + break; + case OC_API::SUBADMIN_AUTH: + // Check for subadmin + $user = self::loginUser(); + if(!$user) { + return false; + } else { + $subAdmin = OC_SubAdmin::isSubAdmin($user); + $admin = OC_Group::inGroup($user, 'admin'); + if($subAdmin || $admin) { + return true; + } else { + return false; + } + } + break; + case OC_API::ADMIN_AUTH: + // Check for admin + $user = self::loginUser(); + if(!$user) { + return false; + } else { + return OC_Group::inGroup($user, 'admin'); + } + break; + default: + // oops looks like invalid level supplied + return false; + break; + } + } + + /** + * http basic auth + * @return string|false (username, or false on failure) + */ + private static function loginUser(){ + $authUser = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : ''; + $authPw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : ''; + return OC_User::login($authUser, $authPw) ? $authUser : false; + } + + /** + * respond to a call + * @param int|array $result the result from the api method + * @param string $format the format xml|json + */ + private static function respond($result, $format='xml') { + $response = array('ocs' => $result->getResult()); + if ($format == 'json') { + OC_JSON::encodedPrint($response); + } else if ($format == 'xml') { + header('Content-type: text/xml; charset=UTF-8'); + $writer = new XMLWriter(); + $writer->openMemory(); + $writer->setIndent( true ); + $writer->startDocument(); + self::toXML($response, $writer); + $writer->endDocument(); + echo $writer->outputMemory(true); + } + } + + private static function toXML($array, $writer) { + foreach($array as $k => $v) { + if (is_numeric($k)) { + $k = 'element'; + } + if (is_array($v)) { + $writer->startElement($k); + self::toXML($v, $writer); + $writer->endElement(); + } else { + $writer->writeElement($k, $v); + } + } + } + +} diff --git a/lib/app.php b/lib/app.php index 0460a15502a..2926b794857 100755..100644 --- a/lib/app.php +++ b/lib/app.php @@ -137,6 +137,20 @@ class OC_App{ OC_Appconfig::setValue($app, 'types', $appTypes); } + + /** + * check if app is shipped + * @param string $appid the id of the app to check + * @return bool + */ + public static function isShipped($appid){ + $info = self::getAppInfo($appid); + if(isset($info['shipped']) && $info['shipped']=='true'){ + return true; + } else { + return false; + } + } /** * get all enabled apps @@ -634,12 +648,15 @@ class OC_App{ if ($currentVersion) { $installedVersion = $versions[$app]; if (version_compare($currentVersion, $installedVersion, '>')) { + $info = self::getAppInfo($app); OC_Log::write($app, 'starting app upgrade from '.$installedVersion.' to '.$currentVersion, OC_Log::DEBUG); try { OC_App::updateApp($app); + OC_Hook::emit('update', 'success', 'Updated '.$info['name'].' app'); } catch (Exception $e) { echo 'Failed to upgrade "'.$app.'". Exception="'.$e->getMessage().'"'; + OC_Hook::emit('update', 'failure', 'Failed to update '.$info['name'].' app: '.$e->getMessage()); die; } OC_Appconfig::setValue($app, 'installed_version', OC_App::getAppVersion($app)); @@ -664,6 +681,7 @@ class OC_App{ if(!isset($info['require']) or (($version[0].'.'.$version[1])>$info['require'])) { OC_Log::write('core', 'App "'.$info['name'].'" ('.$app.') can\'t be used because it is not compatible with this version of ownCloud', OC_Log::ERROR); OC_App::disable( $app ); + OC_Hook::emit('update', 'success', 'Disabled '.$info['name'].' app because it is not compatible'); } } } diff --git a/lib/base.php b/lib/base.php index 1e35f176802..3d3e7d59f90 100644 --- a/lib/base.php +++ b/lib/base.php @@ -27,707 +27,735 @@ require_once 'public/constants.php'; * No, we can not put this class in its own file because it is used by * OC_autoload! */ -class OC{ - /** - * Assoziative array for autoloading. classname => filename - */ - public static $CLASSPATH = array(); - /** - * The installation path for owncloud on the server (e.g. /srv/http/owncloud) - */ - public static $SERVERROOT = ''; - /** - * the current request path relative to the owncloud root (e.g. files/index.php) - */ - private static $SUBURI = ''; - /** - * the owncloud root path for http requests (e.g. owncloud/) - */ - public static $WEBROOT = ''; - /** - * The installation path of the 3rdparty folder on the server (e.g. /srv/http/owncloud/3rdparty) - */ - public static $THIRDPARTYROOT = ''; - /** - * the root path of the 3rdparty folder for http requests (e.g. owncloud/3rdparty) - */ - public static $THIRDPARTYWEBROOT = ''; - /** - * The installation path array of the apps folder on the server (e.g. /srv/http/owncloud) 'path' and - * web path in 'url' - */ - public static $APPSROOTS = array(); - /* - * requested app - */ - public static $REQUESTEDAPP = ''; - /* - * requested file of app - */ - public static $REQUESTEDFILE = ''; - /** - * check if owncloud runs in cli mode - */ - public static $CLI = false; - /* - * OC router - */ - protected static $router = null; - /** - * SPL autoload - */ - public static function autoload($className) { - if(array_key_exists($className, OC::$CLASSPATH)) { - $path = OC::$CLASSPATH[$className]; - /** @TODO: Remove this when necessary - Remove "apps/" from inclusion path for smooth migration to mutli app dir - */ - if (strpos($path, 'apps/')===0) { - OC_Log::write('core', 'include path for class "'.$className.'" starts with "apps/"', OC_Log::DEBUG); - $path = str_replace('apps/', '', $path); - } - } - elseif(strpos($className, 'OC_')===0) { - $path = strtolower(str_replace('_', '/', substr($className, 3)) . '.php'); - } - elseif(strpos($className, 'OC\\')===0) { - $path = strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); - } - elseif(strpos($className, 'OCP\\')===0) { - $path = 'public/'.strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); - } - elseif(strpos($className, 'OCA\\')===0) { - $path = 'apps/'.strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); - } - elseif(strpos($className, 'Sabre_')===0) { - $path = str_replace('_', '/', $className) . '.php'; - } - elseif(strpos($className, 'Symfony\\Component\\Routing\\')===0) { - $path = 'symfony/routing/'.str_replace('\\', '/', $className) . '.php'; - } - elseif(strpos($className, 'Sabre\\VObject')===0) { - $path = str_replace('\\', '/', $className) . '.php'; - } - elseif(strpos($className, 'Test_')===0) { - $path = 'tests/lib/'.strtolower(str_replace('_', '/', substr($className, 5)) . '.php'); - } - elseif(strpos($className, 'Test\\')===0) { - $path = 'tests/lib/'.strtolower(str_replace('\\', '/', substr($className, 5)) . '.php'); - }else{ - return false; - } - - if($fullPath = stream_resolve_include_path($path)) { - require_once $fullPath; - } - return false; - } - - public static function initPaths() { - // calculate the root directories - OC::$SERVERROOT=str_replace("\\", '/', substr(__DIR__, 0, -4)); - OC::$SUBURI= str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT))); - $scriptName=$_SERVER["SCRIPT_NAME"]; - if(substr($scriptName, -1)=='/') { - $scriptName.='index.php'; - //make sure suburi follows the same rules as scriptName - if(substr(OC::$SUBURI, -9)!='index.php') { - if(substr(OC::$SUBURI, -1)!='/') { - OC::$SUBURI=OC::$SUBURI.'/'; - } - OC::$SUBURI=OC::$SUBURI.'index.php'; - } - } - - OC::$WEBROOT=substr($scriptName, 0, strlen($scriptName)-strlen(OC::$SUBURI)); - - if(OC::$WEBROOT!='' and OC::$WEBROOT[0]!=='/') { - OC::$WEBROOT='/'.OC::$WEBROOT; - } - - // ensure we can find OC_Config - set_include_path( - OC::$SERVERROOT.'/lib'.PATH_SEPARATOR. - get_include_path() - ); - - // search the 3rdparty folder - if(OC_Config::getValue('3rdpartyroot', '')<>'' and OC_Config::getValue('3rdpartyurl', '')<>'') { - OC::$THIRDPARTYROOT=OC_Config::getValue('3rdpartyroot', ''); - OC::$THIRDPARTYWEBROOT=OC_Config::getValue('3rdpartyurl', ''); - }elseif(file_exists(OC::$SERVERROOT.'/3rdparty')) { - OC::$THIRDPARTYROOT=OC::$SERVERROOT; - OC::$THIRDPARTYWEBROOT=OC::$WEBROOT; - }elseif(file_exists(OC::$SERVERROOT.'/../3rdparty')) { - OC::$THIRDPARTYWEBROOT=rtrim(dirname(OC::$WEBROOT), '/'); - OC::$THIRDPARTYROOT=rtrim(dirname(OC::$SERVERROOT), '/'); - }else{ - echo("3rdparty directory not found! Please put the ownCloud 3rdparty folder in the ownCloud folder or the folder above. You can also configure the location in the config.php file."); - exit; - } - // search the apps folder - $config_paths = OC_Config::getValue('apps_paths', array()); - if(! empty($config_paths)) { - foreach($config_paths as $paths) { - if( isset($paths['url']) && isset($paths['path'])) { - $paths['url'] = rtrim($paths['url'], '/'); - $paths['path'] = rtrim($paths['path'], '/'); - OC::$APPSROOTS[] = $paths; - } - } - }elseif(file_exists(OC::$SERVERROOT.'/apps')) { - OC::$APPSROOTS[] = array('path'=> OC::$SERVERROOT.'/apps', 'url' => '/apps', 'writable' => true); - }elseif(file_exists(OC::$SERVERROOT.'/../apps')) { - OC::$APPSROOTS[] = array('path'=> rtrim(dirname(OC::$SERVERROOT), '/').'/apps', 'url' => '/apps', 'writable' => true); - } - - if(empty(OC::$APPSROOTS)) { - echo("apps directory not found! Please put the ownCloud apps folder in the ownCloud folder or the folder above. You can also configure the location in the config.php file."); - exit; - } - $paths = array(); - foreach( OC::$APPSROOTS as $path) - $paths[] = $path['path']; - - // set the right include path - set_include_path( - OC::$SERVERROOT.'/lib'.PATH_SEPARATOR. - OC::$SERVERROOT.'/config'.PATH_SEPARATOR. - OC::$THIRDPARTYROOT.'/3rdparty'.PATH_SEPARATOR. - implode($paths, PATH_SEPARATOR).PATH_SEPARATOR. - get_include_path().PATH_SEPARATOR. - OC::$SERVERROOT - ); - } - - public static function checkInstalled() { - // Redirect to installer if not installed - if (!OC_Config::getValue('installed', false) && OC::$SUBURI != '/index.php') { - if(!OC::$CLI) { - $url = 'http://'.$_SERVER['SERVER_NAME'].OC::$WEBROOT.'/index.php'; - header("Location: $url"); - } +class OC +{ + /** + * Assoziative array for autoloading. classname => filename + */ + public static $CLASSPATH = array(); + /** + * The installation path for owncloud on the server (e.g. /srv/http/owncloud) + */ + public static $SERVERROOT = ''; + /** + * the current request path relative to the owncloud root (e.g. files/index.php) + */ + private static $SUBURI = ''; + /** + * the owncloud root path for http requests (e.g. owncloud/) + */ + public static $WEBROOT = ''; + /** + * The installation path of the 3rdparty folder on the server (e.g. /srv/http/owncloud/3rdparty) + */ + public static $THIRDPARTYROOT = ''; + /** + * the root path of the 3rdparty folder for http requests (e.g. owncloud/3rdparty) + */ + public static $THIRDPARTYWEBROOT = ''; + /** + * The installation path array of the apps folder on the server (e.g. /srv/http/owncloud) 'path' and + * web path in 'url' + */ + public static $APPSROOTS = array(); + /* + * requested app + */ + public static $REQUESTEDAPP = ''; + /* + * requested file of app + */ + public static $REQUESTEDFILE = ''; + /** + * check if owncloud runs in cli mode + */ + public static $CLI = false; + /* + * OC router + */ + protected static $router = null; + + /** + * SPL autoload + */ + public static function autoload($className) + { + if (array_key_exists($className, OC::$CLASSPATH)) { + $path = OC::$CLASSPATH[$className]; + /** @TODO: Remove this when necessary + Remove "apps/" from inclusion path for smooth migration to mutli app dir + */ + if (strpos($path, 'apps/') === 0) { + OC_Log::write('core', 'include path for class "' . $className . '" starts with "apps/"', OC_Log::DEBUG); + $path = str_replace('apps/', '', $path); + } + } elseif (strpos($className, 'OC_') === 0) { + $path = strtolower(str_replace('_', '/', substr($className, 3)) . '.php'); + } elseif (strpos($className, 'OC\\') === 0) { + $path = strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); + } elseif (strpos($className, 'OCP\\') === 0) { + $path = 'public/' . strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); + } elseif (strpos($className, 'OCA\\') === 0) { + $path = 'apps/' . strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); + } elseif (strpos($className, 'Sabre_') === 0) { + $path = str_replace('_', '/', $className) . '.php'; + } elseif (strpos($className, 'Symfony\\Component\\Routing\\') === 0) { + $path = 'symfony/routing/' . str_replace('\\', '/', $className) . '.php'; + } elseif (strpos($className, 'Sabre\\VObject') === 0) { + $path = str_replace('\\', '/', $className) . '.php'; + } elseif (strpos($className, 'Test_') === 0) { + $path = 'tests/lib/' . strtolower(str_replace('_', '/', substr($className, 5)) . '.php'); + } else { + return false; + } + + if ($fullPath = stream_resolve_include_path($path)) { + require_once $fullPath; + } + return false; + } + + public static function initPaths() + { + // calculate the root directories + OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4)); + OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT))); + $scriptName = $_SERVER["SCRIPT_NAME"]; + if (substr($scriptName, -1) == '/') { + $scriptName .= 'index.php'; + //make sure suburi follows the same rules as scriptName + if (substr(OC::$SUBURI, -9) != 'index.php') { + if (substr(OC::$SUBURI, -1) != '/') { + OC::$SUBURI = OC::$SUBURI . '/'; + } + OC::$SUBURI = OC::$SUBURI . 'index.php'; + } + } + + OC::$WEBROOT = substr($scriptName, 0, strlen($scriptName) - strlen(OC::$SUBURI)); + + if (OC::$WEBROOT != '' and OC::$WEBROOT[0] !== '/') { + OC::$WEBROOT = '/' . OC::$WEBROOT; + } + + // ensure we can find OC_Config + set_include_path( + OC::$SERVERROOT . '/lib' . PATH_SEPARATOR . + get_include_path() + ); + + // search the 3rdparty folder + if (OC_Config::getValue('3rdpartyroot', '') <> '' and OC_Config::getValue('3rdpartyurl', '') <> '') { + OC::$THIRDPARTYROOT = OC_Config::getValue('3rdpartyroot', ''); + OC::$THIRDPARTYWEBROOT = OC_Config::getValue('3rdpartyurl', ''); + } elseif (file_exists(OC::$SERVERROOT . '/3rdparty')) { + OC::$THIRDPARTYROOT = OC::$SERVERROOT; + OC::$THIRDPARTYWEBROOT = OC::$WEBROOT; + } elseif (file_exists(OC::$SERVERROOT . '/../3rdparty')) { + OC::$THIRDPARTYWEBROOT = rtrim(dirname(OC::$WEBROOT), '/'); + OC::$THIRDPARTYROOT = rtrim(dirname(OC::$SERVERROOT), '/'); + } else { + echo("3rdparty directory not found! Please put the ownCloud 3rdparty folder in the ownCloud folder or the folder above. You can also configure the location in the config.php file."); + exit; + } + // search the apps folder + $config_paths = OC_Config::getValue('apps_paths', array()); + if (!empty($config_paths)) { + foreach ($config_paths as $paths) { + if (isset($paths['url']) && isset($paths['path'])) { + $paths['url'] = rtrim($paths['url'], '/'); + $paths['path'] = rtrim($paths['path'], '/'); + OC::$APPSROOTS[] = $paths; + } + } + } elseif (file_exists(OC::$SERVERROOT . '/apps')) { + OC::$APPSROOTS[] = array('path' => OC::$SERVERROOT . '/apps', 'url' => '/apps', 'writable' => true); + } elseif (file_exists(OC::$SERVERROOT . '/../apps')) { + OC::$APPSROOTS[] = array('path' => rtrim(dirname(OC::$SERVERROOT), '/') . '/apps', 'url' => '/apps', 'writable' => true); + } + + if (empty(OC::$APPSROOTS)) { + echo("apps directory not found! Please put the ownCloud apps folder in the ownCloud folder or the folder above. You can also configure the location in the config.php file."); + exit; + } + $paths = array(); + foreach (OC::$APPSROOTS as $path) + $paths[] = $path['path']; + + // set the right include path + set_include_path( + OC::$SERVERROOT . '/lib' . PATH_SEPARATOR . + OC::$SERVERROOT . '/config' . PATH_SEPARATOR . + OC::$THIRDPARTYROOT . '/3rdparty' . PATH_SEPARATOR . + implode($paths, PATH_SEPARATOR) . PATH_SEPARATOR . + get_include_path() . PATH_SEPARATOR . + OC::$SERVERROOT + ); + } + + public static function checkConfig() { + if (file_exists(OC::$SERVERROOT . "/config/config.php") and !is_writable(OC::$SERVERROOT . "/config/config.php")) { + $tmpl = new OC_Template('', 'error', 'guest'); + $tmpl->assign('errors', array(1 => array('error' => "Can't write into config directory 'config'", 'hint' => "You can usually fix this by giving the webserver user write access to the config directory in owncloud"))); + $tmpl->printPage(); exit(); } } - public static function checkSSL() { - // redirect to https site if configured - if( OC_Config::getValue( "forcessl", false )) { - header('Strict-Transport-Security: max-age=31536000'); - ini_set("session.cookie_secure", "on"); - if(OC_Request::serverProtocol()<>'https' and !OC::$CLI) { - $url = "https://". OC_Request::serverHost() . $_SERVER['REQUEST_URI']; - header("Location: $url"); - exit(); - } + public static function checkInstalled() + { + // Redirect to installer if not installed + if (!OC_Config::getValue('installed', false) && OC::$SUBURI != '/index.php') { + if (!OC::$CLI) { + $url = 'http://' . $_SERVER['SERVER_NAME'] . OC::$WEBROOT . '/index.php'; + header("Location: $url"); + } + exit(); + } + } + + public static function checkSSL() + { + // redirect to https site if configured + if (OC_Config::getValue("forcessl", false)) { + header('Strict-Transport-Security: max-age=31536000'); + ini_set("session.cookie_secure", "on"); + if (OC_Request::serverProtocol() <> 'https' and !OC::$CLI) { + $url = "https://" . OC_Request::serverHost() . $_SERVER['REQUEST_URI']; + header("Location: $url"); + exit(); + } + } + } + + public static function checkMaintenanceMode() { + // Allow ajax update script to execute without being stopped + if (OC_Config::getValue('maintenance', false) && OC::$SUBURI != '/core/ajax/update.php') { + $tmpl = new OC_Template('', 'error', 'guest'); + $tmpl->assign('errors', array(1 => array('error' => 'ownCloud is in maintenance mode'))); + $tmpl->printPage(); + exit(); } } - public static function checkUpgrade() { - if(OC_Config::getValue('installed', false)) { - $installedVersion=OC_Config::getValue('version', '0.0.0'); - $currentVersion=implode('.', OC_Util::getVersion()); + public static function checkUpgrade($showTemplate = true) { + if (OC_Config::getValue('installed', false)) { + $installedVersion = OC_Config::getValue('version', '0.0.0'); + $currentVersion = implode('.', OC_Util::getVersion()); if (version_compare($currentVersion, $installedVersion, '>')) { - // Check if the .htaccess is existing - this is needed for upgrades from really old ownCloud versions - if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) { - if(!OC_Util::ishtaccessworking()) { - if(!file_exists(OC::$SERVERROOT.'/data/.htaccess')) { - OC_Setup::protectDataDirectory(); - } - } - } - OC_Log::write('core', 'starting upgrade from '.$installedVersion.' to '.$currentVersion, OC_Log::DEBUG); - $result=OC_DB::updateDbFromStructure(OC::$SERVERROOT.'/db_structure.xml'); - if(!$result) { - echo 'Error while upgrading the database'; - die(); - } - if(file_exists(OC::$SERVERROOT."/config/config.php") and !is_writable(OC::$SERVERROOT."/config/config.php")) { - $tmpl = new OC_Template( '', 'error', 'guest' ); - $tmpl->assign('errors', array(1=>array('error'=>"Can't write into config directory 'config'", 'hint'=>"You can usually fix this by giving the webserver user write access to the config directory in owncloud"))); + if ($showTemplate && !OC_Config::getValue('maintenance', false)) { + OC_Config::setValue('maintenance', true); + OC_Log::write('core', 'starting upgrade from ' . $installedVersion . ' to ' . $currentVersion, OC_Log::DEBUG); + $tmpl = new OC_Template('', 'update', 'guest'); + $tmpl->assign('version', OC_Util::getVersionString()); $tmpl->printPage(); - exit; + exit(); + } else { + return true; } - $minimizerCSS = new OC_Minimizer_CSS(); - $minimizerCSS->clearCache(); - $minimizerJS = new OC_Minimizer_JS(); - $minimizerJS->clearCache(); - OC_Config::setValue('version', implode('.', OC_Util::getVersion())); - OC_App::checkAppsRequirements(); - // load all apps to also upgrade enabled apps - OC_App::loadApps(); - } - } - } - - public static function initTemplateEngine() { - // Add the stuff we need always - OC_Util::addScript( "jquery-1.7.2.min" ); - OC_Util::addScript( "jquery-ui-1.8.16.custom.min" ); - OC_Util::addScript( "jquery-showpassword" ); - OC_Util::addScript( "jquery.infieldlabel" ); - OC_Util::addScript( "jquery-tipsy" ); - OC_Util::addScript( "oc-dialogs" ); - OC_Util::addScript( "js" ); - OC_Util::addScript( "eventsource" ); - OC_Util::addScript( "config" ); - //OC_Util::addScript( "multiselect" ); - OC_Util::addScript('search', 'result'); - OC_Util::addScript('router'); - - if( OC_Config::getValue( 'installed', false )) { - if( OC_Appconfig::getValue( 'core', 'backgroundjobs_mode', 'ajax' ) == 'ajax' ) { - OC_Util::addScript( 'backgroundjobs' ); } - } - - OC_Util::addStyle( "styles" ); - OC_Util::addStyle( "multiselect" ); - OC_Util::addStyle( "jquery-ui-1.8.16.custom" ); - OC_Util::addStyle( "jquery-tipsy" ); - } - - public static function initSession() { - // prevents javascript from accessing php session cookies - ini_set('session.cookie_httponly', '1;'); - - // set the session name to the instance id - which is unique - session_name(OC_Util::getInstanceId()); - - // (re)-initialize session - session_start(); - - // regenerate session id periodically to avoid session fixation - if (!isset($_SESSION['SID_CREATED'])) { - $_SESSION['SID_CREATED'] = time(); - } else if (time() - $_SESSION['SID_CREATED'] > 900) { - session_regenerate_id(true); - $_SESSION['SID_CREATED'] = time(); - } - - // session timeout - if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 3600)) { - if (isset($_COOKIE[session_name()])) { - setcookie(session_name(), '', time() - 42000, '/'); - } - session_unset(); - session_destroy(); - session_start(); - } - $_SESSION['LAST_ACTIVITY'] = time(); - } - - public static function getRouter() { - if (!isset(OC::$router)) { - OC::$router = new OC_Router(); - OC::$router->loadRoutes(); - } - - return OC::$router; - } - - public static function init() { - // register autoloader - spl_autoload_register(array('OC', 'autoload')); - setlocale(LC_ALL, 'en_US.UTF-8'); - - // set some stuff - //ob_start(); - error_reporting(E_ALL | E_STRICT); - if (defined('DEBUG') && DEBUG) { - ini_set('display_errors', 1); - } - self::$CLI=(php_sapi_name() == 'cli'); - - date_default_timezone_set('UTC'); - ini_set('arg_separator.output', '&'); - - // try to switch magic quotes off. - if(get_magic_quotes_gpc()) { - @set_magic_quotes_runtime(false); - } - - //try to configure php to enable big file uploads. - //this doesn´t work always depending on the webserver and php configuration. - //Let´s try to overwrite some defaults anyways - - //try to set the maximum execution time to 60min - @set_time_limit(3600); - @ini_set('max_execution_time', 3600); - @ini_set('max_input_time', 3600); - - //try to set the maximum filesize to 10G - @ini_set('upload_max_filesize', '10G'); - @ini_set('post_max_size', '10G'); - @ini_set('file_uploads', '50'); - - //try to set the session lifetime to 60min - @ini_set('gc_maxlifetime', '3600'); - - //copy http auth headers for apache+php-fcgid work around - if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { - $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; - } - - //set http auth headers for apache+php-cgi work around - if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { - list($name, $password) = explode(':', base64_decode($matches[1]), 2); - $_SERVER['PHP_AUTH_USER'] = strip_tags($name); - $_SERVER['PHP_AUTH_PW'] = strip_tags($password); - } - - //set http auth headers for apache+php-cgi work around if variable gets renamed by apache - if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { - list($name, $password) = explode(':', base64_decode($matches[1]), 2); - $_SERVER['PHP_AUTH_USER'] = strip_tags($name); - $_SERVER['PHP_AUTH_PW'] = strip_tags($password); - } - - self::initPaths(); - - register_shutdown_function(array('OC_Log', 'onShutdown')); - set_error_handler(array('OC_Log', 'onError')); - set_exception_handler(array('OC_Log', 'onException')); - - // set debug mode if an xdebug session is active - if (!defined('DEBUG') || !DEBUG) { - if(isset($_COOKIE['XDEBUG_SESSION'])) { - define('DEBUG', true); - } - } - - // register the stream wrappers - require_once 'streamwrappers.php'; - stream_wrapper_register("fakedir", "OC_FakeDirStream"); - stream_wrapper_register('static', 'OC_StaticStreamWrapper'); - stream_wrapper_register('close', 'OC_CloseStreamWrapper'); - - self::checkInstalled(); - self::checkSSL(); - self::initSession(); - self::initTemplateEngine(); - self::checkUpgrade(); - - $errors=OC_Util::checkServer(); - if(count($errors)>0) { - OC_Template::printGuestPage('', 'error', array('errors' => $errors)); - exit; - } - - // User and Groups - if( !OC_Config::getValue( "installed", false )) { - $_SESSION['user_id'] = ''; - } - - OC_User::useBackend(new OC_User_Database()); - OC_Group::useBackend(new OC_Group_Database()); - - if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SESSION['user_id']) && $_SERVER['PHP_AUTH_USER'] != $_SESSION['user_id']) { - OC_User::logout(); - } - - // Load Apps - // This includes plugins for users and filesystems as well - global $RUNTIME_NOAPPS; - global $RUNTIME_APPTYPES; - if(!$RUNTIME_NOAPPS ) { - if($RUNTIME_APPTYPES) { - OC_App::loadApps($RUNTIME_APPTYPES); - }else{ - OC_App::loadApps(); - } - } - - //setup extra user backends - OC_User::setupBackends(); - - self::registerCacheHooks(); - self::registerFilesystemHooks(); - self::registerShareHooks(); - - //make sure temporary files are cleaned up - register_shutdown_function(array('OC_Helper', 'cleanTmp')); - - //parse the given parameters - self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app'])?str_replace(array('\0', '/', '\\', '..'), '', strip_tags($_GET['app'])):OC_Config::getValue('defaultapp', 'files')); - if(substr_count(self::$REQUESTEDAPP, '?') != 0) { - $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); - $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1); - parse_str($param, $get); - $_GET = array_merge($_GET, $get); - self::$REQUESTEDAPP = $app; - $_GET['app'] = $app; - } - self::$REQUESTEDFILE = (isset($_GET['getfile'])?$_GET['getfile']:null); - if(substr_count(self::$REQUESTEDFILE, '?') != 0) { - $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); - $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); - parse_str($param, $get); - $_GET = array_merge($_GET, $get); - self::$REQUESTEDFILE = $file; - $_GET['getfile'] = $file; - } - if(!is_null(self::$REQUESTEDFILE)) { - $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE; - $parent = OC_App::getAppPath(OC::$REQUESTEDAPP); - if(!OC_Helper::issubdirectory($subdir, $parent)) { - self::$REQUESTEDFILE = null; - header('HTTP/1.0 404 Not Found'); - exit; - } - } - } - - /** - * register hooks for the cache - */ - public static function registerCacheHooks() { - // register cache cleanup jobs - OC_BackgroundJob_RegularTask::register('OC_Cache_FileGlobal', 'gc'); - OC_Hook::connect('OC_User', 'post_login', 'OC_Cache_File', 'loginListener'); - } - - /** - * register hooks for the filesystem - */ - public static function registerFilesystemHooks() { - // Check for blacklisted files - OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted'); - OC_Hook::connect('OC_Filesystem', 'rename', 'OC_Filesystem', 'isBlacklisted'); - } - - /** - * register hooks for sharing - */ - public static function registerShareHooks() { - OC_Hook::connect('OC_User', 'post_deleteUser', 'OCP\Share', 'post_deleteUser'); - OC_Hook::connect('OC_User', 'post_addToGroup', 'OCP\Share', 'post_addToGroup'); - OC_Hook::connect('OC_User', 'post_removeFromGroup', 'OCP\Share', 'post_removeFromGroup'); - OC_Hook::connect('OC_User', 'post_deleteGroup', 'OCP\Share', 'post_deleteGroup'); - } - - /** - * @brief Handle the request - */ - public static function handleRequest() { - if (!OC_Config::getValue('installed', false)) { - require_once 'core/setup.php'; - exit(); - } - // Handle redirect URL for logged in users - if(isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) { - $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url'])); - header( 'Location: '.$location ); - return; - } - // Handle WebDAV - if($_SERVER['REQUEST_METHOD']=='PROPFIND') { - header('location: '.OC_Helper::linkToRemote('webdav')); - return; - } - try { - OC::getRouter()->match(OC_Request::getPathInfo()); - return; - } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) { - //header('HTTP/1.0 404 Not Found'); - } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) { - OC_Response::setStatus(405); - return; - } - $app = OC::$REQUESTEDAPP; - $file = OC::$REQUESTEDFILE; - $param = array('app' => $app, 'file' => $file); - // Handle app css files - if(substr($file, -3) == 'css') { - self::loadCSSFile($param); - return; - } - // Someone is logged in : - if(OC_User::isLoggedIn()) { - OC_App::loadApps(); - OC_User::setupBackends(); - if(isset($_GET["logout"]) and ($_GET["logout"])) { - OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']); - OC_User::logout(); - header("Location: ".OC::$WEBROOT.'/'); - }else{ - if(is_null($file)) { - $param['file'] = 'index.php'; - } - $file_ext = substr($param['file'], -3); - if ($file_ext != 'php' - || !self::loadAppScriptFile($param)) { - header('HTTP/1.0 404 Not Found'); - } - } - return; - } - // Not handled and not logged in - self::handleLogin(); - } - - public static function loadAppScriptFile($param) { - OC_App::loadApps(); - $app = $param['app']; - $file = $param['file']; - $app_path = OC_App::getAppPath($app); - $file = $app_path . '/' . $file; - unset($app, $app_path); - if (file_exists($file)) { - require_once $file; - return true; - } - return false; - } - - public static function loadCSSFile($param) { - $app = $param['app']; - $file = $param['file']; - $app_path = OC_App::getAppPath($app); - if (file_exists($app_path . '/' . $file)) { - $app_web_path = OC_App::getAppWebPath($app); - $filepath = $app_web_path . '/' . $file; - $minimizer = new OC_Minimizer_CSS(); - $info = array($app_path, $app_web_path, $file); - $minimizer->output(array($info), $filepath); - } - } - - protected static function handleLogin() { - OC_App::loadApps(array('prelogin')); - $error = array(); - // remember was checked after last login - if (OC::tryRememberLogin()) { - $error[] = 'invalidcookie'; - - // Someone wants to log in : - } elseif (OC::tryFormLogin()) { - $error[] = 'invalidpassword'; - - // The user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP - } elseif (OC::tryBasicAuthLogin()) { - $error[] = 'invalidpassword'; - } - OC_Util::displayLoginPage(array_unique($error)); - } - - protected static function cleanupLoginTokens($user) { - $cutoff = time() - OC_Config::getValue('remember_login_cookie_lifetime', 60*60*24*15); - $tokens = OC_Preferences::getKeys($user, 'login_token'); - foreach($tokens as $token) { - $time = OC_Preferences::getValue($user, 'login_token', $token); - if ($time < $cutoff) { - OC_Preferences::deleteKey($user, 'login_token', $token); - } - } - } - - protected static function tryRememberLogin() { - if(!isset($_COOKIE["oc_remember_login"]) - || !isset($_COOKIE["oc_token"]) - || !isset($_COOKIE["oc_username"]) - || !$_COOKIE["oc_remember_login"]) { - return false; - } - OC_App::loadApps(array('authentication')); - if(defined("DEBUG") && DEBUG) { - OC_Log::write('core', 'Trying to login from cookie', OC_Log::DEBUG); - } - // confirm credentials in cookie - if(isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username'])) { - // delete outdated cookies - self::cleanupLoginTokens($_COOKIE['oc_username']); - // get stored tokens - $tokens = OC_Preferences::getKeys($_COOKIE['oc_username'], 'login_token'); - // test cookies token against stored tokens - if (in_array($_COOKIE['oc_token'], $tokens, true)) { - // replace successfully used token with a new one - OC_Preferences::deleteKey($_COOKIE['oc_username'], 'login_token', $_COOKIE['oc_token']); - $token = OC_Util::generate_random_bytes(32); - OC_Preferences::setValue($_COOKIE['oc_username'], 'login_token', $token, time()); - OC_User::setMagicInCookie($_COOKIE['oc_username'], $token); - // login - OC_User::setUserId($_COOKIE['oc_username']); - OC_Util::redirectToDefaultPage(); - // doesn't return - } - // if you reach this point you have changed your password - // or you are an attacker - // we can not delete tokens here because users may reach - // this point multiple times after a password change - OC_Log::write('core', 'Authentication cookie rejected for user '.$_COOKIE['oc_username'], OC_Log::WARN); - } - OC_User::unsetMagicInCookie(); - return true; - } - - protected static function tryFormLogin() { - if(!isset($_POST["user"]) || !isset($_POST['password'])) { return false; } - - OC_App::loadApps(); - - //setup extra user backends - OC_User::setupBackends(); - - if(OC_User::login($_POST["user"], $_POST["password"])) { - self::cleanupLoginTokens($_POST['user']); - if(!empty($_POST["remember_login"])) { - if(defined("DEBUG") && DEBUG) { - OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG); - } - $token = OC_Util::generate_random_bytes(32); - OC_Preferences::setValue($_POST['user'], 'login_token', $token, time()); - OC_User::setMagicInCookie($_POST["user"], $token); - } - else { - OC_User::unsetMagicInCookie(); - } - OC_Util::redirectToDefaultPage(); - exit(); - } - return true; } - protected static function tryBasicAuthLogin() { - if (!isset($_SERVER["PHP_AUTH_USER"]) - || !isset($_SERVER["PHP_AUTH_PW"])) { - return false; + public static function initTemplateEngine() + { + // Add the stuff we need always + OC_Util::addScript("jquery-1.7.2.min"); + OC_Util::addScript("jquery-ui-1.8.16.custom.min"); + OC_Util::addScript("jquery-showpassword"); + OC_Util::addScript("jquery.infieldlabel"); + OC_Util::addScript("jquery-tipsy"); + OC_Util::addScript("oc-dialogs"); + OC_Util::addScript("js"); + OC_Util::addScript("eventsource"); + OC_Util::addScript("config"); + //OC_Util::addScript( "multiselect" ); + OC_Util::addScript('search', 'result'); + OC_Util::addScript('router'); + + OC_Util::addStyle("styles"); + OC_Util::addStyle("multiselect"); + OC_Util::addStyle("jquery-ui-1.8.16.custom"); + OC_Util::addStyle("jquery-tipsy"); + } + + public static function initSession() + { + // prevents javascript from accessing php session cookies + ini_set('session.cookie_httponly', '1;'); + + // set the session name to the instance id - which is unique + session_name(OC_Util::getInstanceId()); + + // (re)-initialize session + session_start(); + + // regenerate session id periodically to avoid session fixation + if (!isset($_SESSION['SID_CREATED'])) { + $_SESSION['SID_CREATED'] = time(); + } else if (time() - $_SESSION['SID_CREATED'] > 900) { + session_regenerate_id(true); + $_SESSION['SID_CREATED'] = time(); + } + + // session timeout + if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 3600)) { + if (isset($_COOKIE[session_name()])) { + setcookie(session_name(), '', time() - 42000, '/'); + } + session_unset(); + session_destroy(); + session_start(); + } + $_SESSION['LAST_ACTIVITY'] = time(); + } + + public static function getRouter() + { + if (!isset(OC::$router)) { + OC::$router = new OC_Router(); + OC::$router->loadRoutes(); + } + + return OC::$router; + } + + public static function init() + { + // register autoloader + spl_autoload_register(array('OC', 'autoload')); + setlocale(LC_ALL, 'en_US.UTF-8'); + + // set some stuff + //ob_start(); + error_reporting(E_ALL | E_STRICT); + if (defined('DEBUG') && DEBUG) { + ini_set('display_errors', 1); + } + self::$CLI = (php_sapi_name() == 'cli'); + + date_default_timezone_set('UTC'); + ini_set('arg_separator.output', '&'); + + // try to switch magic quotes off. + if (get_magic_quotes_gpc()) { + @set_magic_quotes_runtime(false); + } + + //try to configure php to enable big file uploads. + //this doesn´t work always depending on the webserver and php configuration. + //Let´s try to overwrite some defaults anyways + + //try to set the maximum execution time to 60min + @set_time_limit(3600); + @ini_set('max_execution_time', 3600); + @ini_set('max_input_time', 3600); + + //try to set the maximum filesize to 10G + @ini_set('upload_max_filesize', '10G'); + @ini_set('post_max_size', '10G'); + @ini_set('file_uploads', '50'); + + //try to set the session lifetime to 60min + @ini_set('gc_maxlifetime', '3600'); + + //copy http auth headers for apache+php-fcgid work around + if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { + $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; + } + + //set http auth headers for apache+php-cgi work around + if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { + list($name, $password) = explode(':', base64_decode($matches[1]), 2); + $_SERVER['PHP_AUTH_USER'] = strip_tags($name); + $_SERVER['PHP_AUTH_PW'] = strip_tags($password); + } + + //set http auth headers for apache+php-cgi work around if variable gets renamed by apache + if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { + list($name, $password) = explode(':', base64_decode($matches[1]), 2); + $_SERVER['PHP_AUTH_USER'] = strip_tags($name); + $_SERVER['PHP_AUTH_PW'] = strip_tags($password); + } + + self::initPaths(); + + register_shutdown_function(array('OC_Log', 'onShutdown')); + set_error_handler(array('OC_Log', 'onError')); + set_exception_handler(array('OC_Log', 'onException')); + + // set debug mode if an xdebug session is active + if (!defined('DEBUG') || !DEBUG) { + if (isset($_COOKIE['XDEBUG_SESSION'])) { + define('DEBUG', true); + } + } + + // register the stream wrappers + require_once 'streamwrappers.php'; + stream_wrapper_register("fakedir", "OC_FakeDirStream"); + stream_wrapper_register('static', 'OC_StaticStreamWrapper'); + stream_wrapper_register('close', 'OC_CloseStreamWrapper'); + + self::checkConfig(); + self::checkInstalled(); + self::checkSSL(); + self::initSession(); + self::initTemplateEngine(); + self::checkMaintenanceMode(); + self::checkUpgrade(); + + $errors = OC_Util::checkServer(); + if (count($errors) > 0) { + OC_Template::printGuestPage('', 'error', array('errors' => $errors)); + exit; + } + + // User and Groups + if (!OC_Config::getValue("installed", false)) { + $_SESSION['user_id'] = ''; + } + + OC_User::useBackend(new OC_User_Database()); + OC_Group::useBackend(new OC_Group_Database()); + + if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SESSION['user_id']) && $_SERVER['PHP_AUTH_USER'] != $_SESSION['user_id']) { + OC_User::logout(); + } + + // Load Apps + // This includes plugins for users and filesystems as well + global $RUNTIME_NOAPPS; + global $RUNTIME_APPTYPES; + if (!$RUNTIME_NOAPPS) { + if ($RUNTIME_APPTYPES) { + OC_App::loadApps($RUNTIME_APPTYPES); + } else { + OC_App::loadApps(); + } + } + + //setup extra user backends + OC_User::setupBackends(); + + self::registerCacheHooks(); + self::registerFilesystemHooks(); + self::registerShareHooks(); + + //make sure temporary files are cleaned up + register_shutdown_function(array('OC_Helper', 'cleanTmp')); + + //parse the given parameters + self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? str_replace(array('\0', '/', '\\', '..'), '', strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files')); + if (substr_count(self::$REQUESTEDAPP, '?') != 0) { + $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); + $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1); + parse_str($param, $get); + $_GET = array_merge($_GET, $get); + self::$REQUESTEDAPP = $app; + $_GET['app'] = $app; + } + self::$REQUESTEDFILE = (isset($_GET['getfile']) ? $_GET['getfile'] : null); + if (substr_count(self::$REQUESTEDFILE, '?') != 0) { + $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); + $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); + parse_str($param, $get); + $_GET = array_merge($_GET, $get); + self::$REQUESTEDFILE = $file; + $_GET['getfile'] = $file; + } + if (!is_null(self::$REQUESTEDFILE)) { + $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE; + $parent = OC_App::getAppPath(OC::$REQUESTEDAPP); + if (!OC_Helper::issubdirectory($subdir, $parent)) { + self::$REQUESTEDFILE = null; + header('HTTP/1.0 404 Not Found'); + exit; + } + } + + // write error into log if locale can't be set + if (OC_Util::issetlocaleworking() == false) { + OC_Log::write('core', 'setting locate to en_US.UTF-8 failed. Support is probably not installed on your system', OC_Log::ERROR); + } + if (OC_Config::getValue('installed', false)) { + if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { + OC_Util::addScript('backgroundjobs'); } - OC_App::loadApps(array('authentication')); - if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { - //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); - OC_User::unsetMagicInCookie(); - $_REQUEST['redirect_url'] = (isset($_SERVER['REQUEST_URI'])?$_SERVER['REQUEST_URI']:''); - OC_Util::redirectToDefaultPage(); - } - return true; } + } + + /** + * register hooks for the cache + */ + public static function registerCacheHooks() + { + // register cache cleanup jobs + OC_BackgroundJob_RegularTask::register('OC_Cache_FileGlobal', 'gc'); + OC_Hook::connect('OC_User', 'post_login', 'OC_Cache_File', 'loginListener'); + } + + /** + * register hooks for the filesystem + */ + public static function registerFilesystemHooks() + { + // Check for blacklisted files + OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted'); + OC_Hook::connect('OC_Filesystem', 'rename', 'OC_Filesystem', 'isBlacklisted'); + } + + /** + * register hooks for sharing + */ + public static function registerShareHooks() + { + OC_Hook::connect('OC_User', 'post_deleteUser', 'OCP\Share', 'post_deleteUser'); + OC_Hook::connect('OC_User', 'post_addToGroup', 'OCP\Share', 'post_addToGroup'); + OC_Hook::connect('OC_User', 'post_removeFromGroup', 'OCP\Share', 'post_removeFromGroup'); + OC_Hook::connect('OC_User', 'post_deleteGroup', 'OCP\Share', 'post_deleteGroup'); + } + + /** + * @brief Handle the request + */ + public static function handleRequest() + { + if (!OC_Config::getValue('installed', false)) { + require_once 'core/setup.php'; + exit(); + } + // Handle redirect URL for logged in users + if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) { + $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url'])); + header('Location: ' . $location); + return; + } + // Handle WebDAV + if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') { + header('location: ' . OC_Helper::linkToRemote('webdav')); + return; + } + try { + OC::getRouter()->match(OC_Request::getPathInfo()); + return; + } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) { + //header('HTTP/1.0 404 Not Found'); + } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) { + OC_Response::setStatus(405); + return; + } + $app = OC::$REQUESTEDAPP; + $file = OC::$REQUESTEDFILE; + $param = array('app' => $app, 'file' => $file); + // Handle app css files + if (substr($file, -3) == 'css') { + self::loadCSSFile($param); + return; + } + // Someone is logged in : + if (OC_User::isLoggedIn()) { + OC_App::loadApps(); + OC_User::setupBackends(); + if (isset($_GET["logout"]) and ($_GET["logout"])) { + if (isset($_COOKIE['oc_token'])) { + OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']); + } + OC_User::logout(); + header("Location: " . OC::$WEBROOT . '/'); + } else { + if (is_null($file)) { + $param['file'] = 'index.php'; + } + $file_ext = substr($param['file'], -3); + if ($file_ext != 'php' + || !self::loadAppScriptFile($param) + ) { + header('HTTP/1.0 404 Not Found'); + } + } + return; + } + // Not handled and not logged in + self::handleLogin(); + } + + public static function loadAppScriptFile($param) + { + OC_App::loadApps(); + $app = $param['app']; + $file = $param['file']; + $app_path = OC_App::getAppPath($app); + $file = $app_path . '/' . $file; + unset($app, $app_path); + if (file_exists($file)) { + require_once $file; + return true; + } + return false; + } + + public static function loadCSSFile($param) + { + $app = $param['app']; + $file = $param['file']; + $app_path = OC_App::getAppPath($app); + if (file_exists($app_path . '/' . $file)) { + $app_web_path = OC_App::getAppWebPath($app); + $filepath = $app_web_path . '/' . $file; + $minimizer = new OC_Minimizer_CSS(); + $info = array($app_path, $app_web_path, $file); + $minimizer->output(array($info), $filepath); + } + } + + protected static function handleLogin() + { + OC_App::loadApps(array('prelogin')); + $error = array(); + // remember was checked after last login + if (OC::tryRememberLogin()) { + $error[] = 'invalidcookie'; + + // Someone wants to log in : + } elseif (OC::tryFormLogin()) { + $error[] = 'invalidpassword'; + + // The user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP + } elseif (OC::tryBasicAuthLogin()) { + $error[] = 'invalidpassword'; + } + OC_Util::displayLoginPage(array_unique($error)); + } + + protected static function cleanupLoginTokens($user) + { + $cutoff = time() - OC_Config::getValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); + $tokens = OC_Preferences::getKeys($user, 'login_token'); + foreach ($tokens as $token) { + $time = OC_Preferences::getValue($user, 'login_token', $token); + if ($time < $cutoff) { + OC_Preferences::deleteKey($user, 'login_token', $token); + } + } + } + + protected static function tryRememberLogin() + { + if (!isset($_COOKIE["oc_remember_login"]) + || !isset($_COOKIE["oc_token"]) + || !isset($_COOKIE["oc_username"]) + || !$_COOKIE["oc_remember_login"] + ) { + return false; + } + OC_App::loadApps(array('authentication')); + if (defined("DEBUG") && DEBUG) { + OC_Log::write('core', 'Trying to login from cookie', OC_Log::DEBUG); + } + // confirm credentials in cookie + if (isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username'])) { + // delete outdated cookies + self::cleanupLoginTokens($_COOKIE['oc_username']); + // get stored tokens + $tokens = OC_Preferences::getKeys($_COOKIE['oc_username'], 'login_token'); + // test cookies token against stored tokens + if (in_array($_COOKIE['oc_token'], $tokens, true)) { + // replace successfully used token with a new one + OC_Preferences::deleteKey($_COOKIE['oc_username'], 'login_token', $_COOKIE['oc_token']); + $token = OC_Util::generate_random_bytes(32); + OC_Preferences::setValue($_COOKIE['oc_username'], 'login_token', $token, time()); + OC_User::setMagicInCookie($_COOKIE['oc_username'], $token); + // login + OC_User::setUserId($_COOKIE['oc_username']); + OC_Util::redirectToDefaultPage(); + // doesn't return + } + // if you reach this point you have changed your password + // or you are an attacker + // we can not delete tokens here because users may reach + // this point multiple times after a password change + OC_Log::write('core', 'Authentication cookie rejected for user ' . $_COOKIE['oc_username'], OC_Log::WARN); + } + OC_User::unsetMagicInCookie(); + return true; + } + + protected static function tryFormLogin() + { + if (!isset($_POST["user"]) || !isset($_POST['password'])) { + return false; + } + + OC_App::loadApps(); + + //setup extra user backends + OC_User::setupBackends(); + + if (OC_User::login($_POST["user"], $_POST["password"])) { + // setting up the time zone + if (isset($_POST['timezone-offset'])) { + $_SESSION['timezone'] = $_POST['timezone-offset']; + } + + self::cleanupLoginTokens($_POST['user']); + if (!empty($_POST["remember_login"])) { + if (defined("DEBUG") && DEBUG) { + OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG); + } + $token = OC_Util::generate_random_bytes(32); + OC_Preferences::setValue($_POST['user'], 'login_token', $token, time()); + OC_User::setMagicInCookie($_POST["user"], $token); + } else { + OC_User::unsetMagicInCookie(); + } + OC_Util::redirectToDefaultPage(); + exit(); + } + return true; + } + + protected static function tryBasicAuthLogin() + { + if (!isset($_SERVER["PHP_AUTH_USER"]) + || !isset($_SERVER["PHP_AUTH_PW"]) + ) { + return false; + } + OC_App::loadApps(array('authentication')); + if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { + //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); + OC_User::unsetMagicInCookie(); + $_REQUEST['redirect_url'] = (isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : ''); + OC_Util::redirectToDefaultPage(); + } + return true; + } } // define runtime variables - unless this already has been done -if( !isset( $RUNTIME_NOAPPS )) { - $RUNTIME_NOAPPS = false; +if (!isset($RUNTIME_NOAPPS)) { + $RUNTIME_NOAPPS = false; } -if(!function_exists('get_temp_dir')) { - function get_temp_dir() { - if( $temp=ini_get('upload_tmp_dir') ) return $temp; - if( $temp=getenv('TMP') ) return $temp; - if( $temp=getenv('TEMP') ) return $temp; - if( $temp=getenv('TMPDIR') ) return $temp; - $temp=tempnam(__FILE__, ''); - if (file_exists($temp)) { - unlink($temp); - return dirname($temp); - } - if( $temp=sys_get_temp_dir()) return $temp; - - return null; - } +if (!function_exists('get_temp_dir')) { + function get_temp_dir() + { + if ($temp = ini_get('upload_tmp_dir')) return $temp; + if ($temp = getenv('TMP')) return $temp; + if ($temp = getenv('TEMP')) return $temp; + if ($temp = getenv('TMPDIR')) return $temp; + $temp = tempnam(__FILE__, ''); + if (file_exists($temp)) { + unlink($temp); + return dirname($temp); + } + if ($temp = sys_get_temp_dir()) return $temp; + + return null; + } } OC::init(); diff --git a/lib/connector/sabre/quotaplugin.php b/lib/connector/sabre/quotaplugin.php index fbbb4a3cf6f..ce9a968eb3c 100644 --- a/lib/connector/sabre/quotaplugin.php +++ b/lib/connector/sabre/quotaplugin.php @@ -50,7 +50,7 @@ class OC_Connector_Sabre_QuotaPlugin extends Sabre_DAV_ServerPlugin { $uri='/'.$uri; } list($parentUri, $newName) = Sabre_DAV_URLUtil::splitPath($uri); - if ($length > OC_Filesystem::free_space($parentUri)) { + if ($length > \OC\Files\Filesystem::free_space($parentUri)) { throw new Sabre_DAV_Exception_InsufficientStorage(); } } diff --git a/lib/db.php b/lib/db.php index 7e60b41d230..74e7ca5b0e0 100644 --- a/lib/db.php +++ b/lib/db.php @@ -495,8 +495,9 @@ class OC_DB { if (PEAR::isError($previousSchema)) { $error = $previousSchema->getMessage(); $detail = $previousSchema->getDebugInfo(); - OC_Log::write('core', 'Failed to get existing database structure for upgrading ('.$error.', '.$detail.')', OC_Log::FATAL); - return false; + $message = 'Failed to get existing database structure for updating ('.$error.', '.$detail.')'; + OC_Log::write('core', $message, OC_Log::FATAL); + throw new Exception($message); } // Make changes and save them to an in-memory file @@ -523,8 +524,9 @@ class OC_DB { if (PEAR::isError($op)) { $error = $op->getMessage(); $detail = $op->getDebugInfo(); - OC_Log::write('core', 'Failed to update database structure ('.$error.', '.$detail.')', OC_Log::FATAL); - return false; + $message = 'Failed to update database structure ('.$error.', '.$detail.')'; + OC_Log::write('core', $message, OC_Log::FATAL); + throw new Exception($message); } return true; } diff --git a/lib/files/storage/local.php b/lib/files/storage/local.php index e888094627a..53e1c5b4f01 100644 --- a/lib/files/storage/local.php +++ b/lib/files/storage/local.php @@ -41,7 +41,15 @@ class Local extends \OC\Files\Storage\Common{ return is_file($this->datadir.$path); } public function stat($path) { - return stat($this->datadir.$path); + $fullPath = $this->datadir . $path; + $statResult = stat($fullPath); + + if ($statResult['size'] < 0) { + $size = self::getFileSizeFromOS($fullPath); + $statResult['size'] = $size; + $statResult[7] = $size; + } + return $statResult; } public function filetype($path) { $filetype=filetype($this->datadir.$path); @@ -54,7 +62,13 @@ class Local extends \OC\Files\Storage\Common{ if($this->is_dir($path)) { return 0; }else{ - return filesize($this->datadir.$path); + $fullPath = $this->datadir . $path; + $fileSize = filesize($fullPath); + if ($fileSize < 0) { + return self::getFileSizeFromOS($fullPath); + } + + return $fileSize; } } public function isReadable($path) { @@ -165,6 +179,30 @@ class Local extends \OC\Files\Storage\Common{ return $return; } + private static function getFileSizeFromOS($fullPath) { + $name = strtolower(php_uname('s')); + // Windows OS: we use COM to access the filesystem + if (strpos($name, 'win') !== false) { + if (class_exists('COM')) { + $fsobj = new COM("Scripting.FileSystemObject"); + $f = $fsobj->GetFile($fullPath); + return $f->Size; + } + } else if (strpos($name, 'bsd') !== false) { + if (\OC_Helper::is_function_enabled('exec')) { + return (float)exec('stat -f %z ' . escapeshellarg($fullPath)); + } + } else if (strpos($name, 'linux') !== false) { + if (\OC_Helper::is_function_enabled('exec')) { + return (float)exec('stat -c %s ' . escapeshellarg($fullPath)); + } + } else { + OC_Log::write('core', 'Unable to determine file size of "'.$fullPath.'". Unknown OS: '.$name, OC_Log::ERROR); + } + + return 0; + } + public function hash($path, $type, $raw=false) { return hash_file($type, $this->datadir.$path, $raw); } @@ -199,6 +237,7 @@ class Local extends \OC\Files\Storage\Common{ /** * check if a file or folder has been updated since $time + * @param string $path * @param int $time * @return bool */ diff --git a/lib/helper.php b/lib/helper.php index 2dcf0c6de79..b25ec01036a 100644 --- a/lib/helper.php +++ b/lib/helper.php @@ -31,8 +31,9 @@ class OC_Helper { /** * @brief Creates an url using a defined route * @param $route - * @param $parameters - * @param $args array with param=>value, will be appended to the returned url + * @param array $parameters + * @return + * @internal param array $args with param=>value, will be appended to the returned url * @returns the url * * Returns a url to the given app and file. @@ -128,6 +129,7 @@ class OC_Helper { /** * @brief Creates an absolute url for remote use * @param string $service id + * @param bool $add_slash * @return string the url * * Returns a absolute url to the given service. @@ -139,6 +141,7 @@ class OC_Helper { /** * @brief Creates an absolute url for public use * @param string $service id + * @param bool $add_slash * @return string the url * * Returns a absolute url to the given service. @@ -319,7 +322,7 @@ class OC_Helper { self::copyr("$src/$file", "$dest/$file"); } } - }elseif(file_exists($src) && !OC_Filesystem::isFileBlacklisted($src)) { + }elseif(file_exists($src) && !\OC\Files\Filesystem::isFileBlacklisted($src)) { copy($src, $dest); } } @@ -450,12 +453,14 @@ class OC_Helper { } /** - * detect if a given program is found in the search PATH - * - * @param string $program name - * @param string $optional search path, defaults to $PATH - * @return bool true if executable program found in path - */ + * detect if a given program is found in the search PATH + * + * @param $name + * @param bool $path + * @internal param string $program name + * @internal param string $optional search path, defaults to $PATH + * @return bool true if executable program found in path + */ public static function canExecute($name, $path = false) { // path defaults to PATH from environment if not set if ($path === false) { @@ -676,16 +681,16 @@ class OC_Helper { } /** - * @brief replaces a copy of string delimited by the start and (optionally) length parameters with the string given in replacement. - * - * @param string $input The input string. .Opposite to the PHP build-in function does not accept an array. - * @param string $replacement The replacement string. - * @param int $start If start is positive, the replacing will begin at the start'th offset into string. If start is negative, the replacing will begin at the start'th character from the end of string. - * @param int $length Length of the part to be replaced - * @param string $encoding The encoding parameter is the character encoding. Defaults to UTF-8 - * @return string - * - */ + * @brief replaces a copy of string delimited by the start and (optionally) length parameters with the string given in replacement. + * + * @param $string + * @param string $replacement The replacement string. + * @param int $start If start is positive, the replacing will begin at the start'th offset into string. If start is negative, the replacing will begin at the start'th character from the end of string. + * @param int $length Length of the part to be replaced + * @param string $encoding The encoding parameter is the character encoding. Defaults to UTF-8 + * @internal param string $input The input string. .Opposite to the PHP build-in function does not accept an array. + * @return string + */ public static function mb_substr_replace($string, $replacement, $start, $length = null, $encoding = 'UTF-8') { $start = intval($start); $length = intval($length); @@ -758,4 +763,24 @@ class OC_Helper { } return $str; } + + /** + * Checks if a function is available + * @param string $function_name + * @return bool + */ + public static function is_function_enabled($function_name) { + if (!function_exists($function_name)) { + return false; + } + $disabled = explode(', ', ini_get('disable_functions')); + if (in_array($function_name, $disabled)) { + return false; + } + $disabled = explode(', ', ini_get('suhosin.executor.func.blacklist')); + if (in_array($function_name, $disabled)) { + return false; + } + return true; + } } diff --git a/lib/ocs.php b/lib/ocs.php index b236ac07f2d..879aaa76687 100644 --- a/lib/ocs.php +++ b/lib/ocs.php @@ -73,14 +73,7 @@ class OC_OCS { } } - /** - main function to handle the REST request - **/ - public static function handle() { - // overwrite the 404 error page returncode - header("HTTP/1.0 200 OK"); - - + public static function notFound() { if($_SERVER['REQUEST_METHOD'] == 'GET') { $method='get'; }elseif($_SERVER['REQUEST_METHOD'] == 'PUT') { @@ -94,169 +87,10 @@ class OC_OCS { } $format = self::readData($method, 'format', 'text', ''); + $txt='Invalid query, please check the syntax. API specifications are here: http://www.freedesktop.org/wiki/Specifications/open-collaboration-services. DEBUG OUTPUT:'."\n"; + $txt.=OC_OCS::getDebugOutput(); + echo(OC_OCS::generateXml($format,'failed',999,$txt)); - $router = new OC_Router(); - $router->useCollection('root'); - // CONFIG - $router->create('config', '/config.{format}') - ->defaults(array('format' => $format)) - ->action('OC_OCS', 'apiConfig') - ->requirements(array('format'=>'xml|json')); - - // PERSON - $router->create('person_check', '/person/check.{format}') - ->post() - ->defaults(array('format' => $format)) - ->action(function ($parameters) { - $format = $parameters['format']; - $login = OC_OCS::readData('post', 'login', 'text'); - $passwd = OC_OCS::readData('post', 'password', 'text'); - OC_OCS::personCheck($format, $login, $passwd); - }) - ->requirements(array('format'=>'xml|json')); - - // ACTIVITY - // activityget - GET ACTIVITY page,pagesize als urlparameter - $router->create('activity_get', '/activity.{format}') - ->defaults(array('format' => $format)) - ->action(function ($parameters) { - $format = $parameters['format']; - $page = OC_OCS::readData('get', 'page', 'int', 0); - $pagesize = OC_OCS::readData('get', 'pagesize', 'int', 10); - if($pagesize<1 or $pagesize>100) $pagesize=10; - OC_OCS::activityGet($format, $page, $pagesize); - }) - ->requirements(array('format'=>'xml|json')); - // activityput - POST ACTIVITY - $router->create('activity_put', '/activity.{format}') - ->post() - ->defaults(array('format' => $format)) - ->action(function ($parameters) { - $format = $parameters['format']; - $message = OC_OCS::readData('post', 'message', 'text'); - OC_OCS::activityPut($format, $message); - }) - ->requirements(array('format'=>'xml|json')); - - // PRIVATEDATA - // get - GET DATA - $router->create('privatedata_get', - '/privatedata/getattribute/{app}/{key}.{format}') - ->defaults(array('app' => '', 'key' => '', 'format' => $format)) - ->action(function ($parameters) { - $format = $parameters['format']; - $app = addslashes(strip_tags($parameters['app'])); - $key = addslashes(strip_tags($parameters['key'])); - OC_OCS::privateDataGet($format, $app, $key); - }) - ->requirements(array('format'=>'xml|json')); - // set - POST DATA - $router->create('privatedata_set', - '/privatedata/setattribute/{app}/{key}.{format}') - ->post() - ->defaults(array('format' => $format)) - ->action(function ($parameters) { - $format = $parameters['format']; - $app = addslashes(strip_tags($parameters['app'])); - $key = addslashes(strip_tags($parameters['key'])); - $value=OC_OCS::readData('post', 'value', 'text'); - OC_OCS::privateDataSet($format, $app, $key, $value); - }) - ->requirements(array('format'=>'xml|json')); - // delete - POST DATA - $router->create('privatedata_delete', - '/privatedata/deleteattribute/{app}/{key}.{format}') - ->post() - ->defaults(array('format' => $format)) - ->action(function ($parameters) { - $format = $parameters['format']; - $app = addslashes(strip_tags($parameters['app'])); - $key = addslashes(strip_tags($parameters['key'])); - OC_OCS::privateDataDelete($format, $app, $key); - }) - ->requirements(array('format'=>'xml|json')); - - // CLOUD - // systemWebApps - $router->create('system_webapps', - '/cloud/system/webapps.{format}') - ->defaults(array('format' => $format)) - ->action(function ($parameters) { - $format = $parameters['format']; - OC_OCS::systemwebapps($format); - }) - ->requirements(array('format'=>'xml|json')); - - // quotaget - $router->create('quota_get', - '/cloud/user/{user}.{format}') - ->defaults(array('format' => $format)) - ->action(function ($parameters) { - $format = $parameters['format']; - $user = $parameters['user']; - OC_OCS::quotaGet($format, $user); - }) - ->requirements(array('format'=>'xml|json')); - // quotaset - $router->create('quota_set', - '/cloud/user/{user}.{format}') - ->post() - ->defaults(array('format' => $format)) - ->action(function ($parameters) { - $format = $parameters['format']; - $user = $parameters['user']; - $quota = self::readData('post', 'quota', 'int'); - OC_OCS::quotaSet($format, $user, $quota); - }) - ->requirements(array('format'=>'xml|json')); - - // keygetpublic - $router->create('keygetpublic', - '/cloud/user/{user}/publickey.{format}') - ->defaults(array('format' => $format)) - ->action(function ($parameters) { - $format = $parameters['format']; - $user = $parameters['user']; - OC_OCS::publicKeyGet($format, $user); - }) - ->requirements(array('format'=>'xml|json')); - - // keygetprivate - $router->create('keygetpublic', - '/cloud/user/{user}/privatekey.{format}') - ->defaults(array('format' => $format)) - ->action(function ($parameters) { - $format = $parameters['format']; - $user = $parameters['user']; - OC_OCS::privateKeyGet($format, $user); - }) - ->requirements(array('format'=>'xml|json')); - - -// add more calls here -// please document all the call in the draft spec -// http://www.freedesktop.org/wiki/Specifications/open-collaboration-services-1.7#CLOUD - -// TODO: -// users -// groups -// bookmarks -// sharing -// versioning -// news (rss) - try { - $router->match($_SERVER['PATH_INFO']); - } catch (ResourceNotFoundException $e) { - $txt='Invalid query, please check the syntax. ' - .'API specifications are here: ' - .'http://www.freedesktop.org/wiki/Specifications/open-collaboration-services.' - .'DEBUG OUTPUT:'."\n"; - $txt.=OC_OCS::getdebugoutput(); - echo(OC_OCS::generatexml($format, 'failed', 999, $txt)); - } catch (MethodNotAllowedException $e) { - OC_Response::setStatus(405); - } - exit(); } /** @@ -273,44 +107,6 @@ class OC_OCS { return($txt); } - /** - * checks if the user is authenticated - * checks the IP whitlist, apikeys and login/password combination - * if $forceuser is true and the authentication failed it returns an 401 http response. - * if $forceuser is false and authentification fails it returns an empty username string - * @param bool $forceuser - * @return username string - */ - private static function checkPassword($forceuser=true) { - //valid user account ? - if(isset($_SERVER['PHP_AUTH_USER'])) $authuser=$_SERVER['PHP_AUTH_USER']; else $authuser=''; - if(isset($_SERVER['PHP_AUTH_PW'])) $authpw=$_SERVER['PHP_AUTH_PW']; else $authpw=''; - - if(empty($authuser)) { - if($forceuser) { - header('WWW-Authenticate: Basic realm="your valid user account or api key"'); - header('HTTP/1.0 401 Unauthorized'); - exit; - }else{ - $identifieduser=''; - } - }else{ - if(!OC_User::login($authuser, $authpw)) { - if($forceuser) { - header('WWW-Authenticate: Basic realm="your valid user account or api key"'); - header('HTTP/1.0 401 Unauthorized'); - exit; - }else{ - $identifieduser=''; - } - }else{ - $identifieduser=$authuser; - } - } - - return($identifieduser); - } - /** * generates the xml or json response for the API call from an multidimenional data array. @@ -432,130 +228,6 @@ class OC_OCS { } /** - * return the config data of this server - * @param string $format - * @return string xml/json - */ - public static function apiConfig($parameters) { - $format = $parameters['format']; - $user=OC_OCS::checkpassword(false); - $url=substr(OCP\Util::getServerHost().$_SERVER['SCRIPT_NAME'], 0, -11).''; - - $xml['version']='1.7'; - $xml['website']='ownCloud'; - $xml['host']=OCP\Util::getServerHost(); - $xml['contact']=''; - $xml['ssl']='false'; - echo(OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'config', '', 1)); - } - - /** - * check if the provided login/apikey/password is valid - * @param string $format - * @param string $login - * @param string $passwd - * @return string xml/json - */ - private static function personCheck($format, $login, $passwd) { - if($login<>'') { - if(OC_User::login($login, $passwd)) { - $xml['person']['personid']=$login; - echo(OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'person', 'check', 2)); - }else{ - echo(OC_OCS::generatexml($format, 'failed', 102, 'login not valid')); - } - }else{ - echo(OC_OCS::generatexml($format, 'failed', 101, 'please specify all mandatory fields')); - } - } - - // ACTIVITY API ############################################# - - /** - * get my activities - * @param string $format - * @param string $page - * @param string $pagesize - * @return string xml/json - */ - private static function activityGet($format, $page, $pagesize) { - $user=OC_OCS::checkpassword(); - - //TODO - - $txt=OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'activity', 'full', 2, $totalcount, $pagesize); - echo($txt); - } - - /** - * submit a activity - * @param string $format - * @param string $message - * @return string xml/json - */ - private static function activityPut($format, $message) { - // not implemented in ownCloud - $user=OC_OCS::checkpassword(); - echo(OC_OCS::generatexml($format, 'ok', 100, '')); - } - - // PRIVATEDATA API ############################################# - - /** - * get private data and create the xml for ocs - * @param string $format - * @param string $app - * @param string $key - * @return string xml/json - */ - private static function privateDataGet($format, $app="", $key="") { - $user=OC_OCS::checkpassword(); - $result=OC_OCS::getData($user, $app, $key); - $xml=array(); - foreach($result as $i=>$log) { - $xml[$i]['key']=$log['key']; - $xml[$i]['app']=$log['app']; - $xml[$i]['value']=$log['value']; - } - - - $txt=OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'privatedata', 'full', 2, count($xml), 0);//TODO: replace 'privatedata' with 'attribute' once a new libattice has been released that works with it - echo($txt); - } - - /** - * set private data referenced by $key to $value and generate the xml for ocs - * @param string $format - * @param string $app - * @param string $key - * @param string $value - * @return string xml/json - */ - private static function privateDataSet($format, $app, $key, $value) { - $user=OC_OCS::checkpassword(); - if(OC_OCS::setData($user, $app, $key, $value)) { - echo(OC_OCS::generatexml($format, 'ok', 100, '')); - } - } - - /** - * delete private data referenced by $key and generate the xml for ocs - * @param string $format - * @param string $app - * @param string $key - * @return string xml/json - */ - private static function privateDataDelete($format, $app, $key) { - if($key=="" or $app=="") { - return; //key and app are NOT optional here - } - $user=OC_OCS::checkpassword(); - if(OC_OCS::deleteData($user, $app, $key)) { - echo(OC_OCS::generatexml($format, 'ok', 100, '')); - } - } - - /** * get private data * @param string $user * @param string $app @@ -586,156 +258,4 @@ class OC_OCS { return $result; } - /** - * set private data referenced by $key to $value - * @param string $user - * @param string $app - * @param string $key - * @param string $value - * @return bool - */ - public static function setData($user, $app, $key, $value) { - return OC_Preferences::setValue($user, $app, $key, $value); - } - - /** - * delete private data referenced by $key - * @param string $user - * @param string $app - * @param string $key - * @return string xml/json - */ - public static function deleteData($user, $app, $key) { - return OC_Preferences::deleteKey($user, $app, $key); - } - - - // CLOUD API ############################################# - - /** - * get a list of installed web apps - * @param string $format - * @return string xml/json - */ - private static function systemWebApps($format) { - $login=OC_OCS::checkpassword(); - $apps=OC_App::getEnabledApps(); - $values=array(); - foreach($apps as $app) { - $info=OC_App::getAppInfo($app); - if(isset($info['standalone'])) { - $newvalue=array('name'=>$info['name'], 'url'=>OC_Helper::linkToAbsolute($app, ''), 'icon'=>''); - $values[]=$newvalue; - } - - } - $txt=OC_OCS::generatexml($format, 'ok', 100, '', $values, 'cloud', '', 2, 0, 0); - echo($txt); - - } - - - /** - * get the quota of a user - * @param string $format - * @param string $user - * @return string xml/json - */ - private static function quotaGet($format, $user) { - $login=OC_OCS::checkpassword(); - if(OC_Group::inGroup($login, 'admin') or ($login==$user)) { - - if(OC_User::userExists($user)) { - // calculate the disc space - $user_dir = '/'.$user.'/files'; - \OC\Files\Filesystem::init($user_dir); - $rootInfo=\OC\Files\Filesystem::getFileInfo(''); - $sharedInfo=\OC\Files\Filesystem::getFileInfo('/Shared'); - $used=$rootInfo['size']-$sharedInfo['size']; - $free=\OC\Files\Filesystem::free_space(); - $total=$free+$used; - if($total==0) $total=1; // prevent division by zero - $relative=round(($used/$total)*10000)/100; - - $xml=array(); - $xml['quota']=$total; - $xml['free']=$free; - $xml['used']=$used; - $xml['relative']=$relative; - - $txt=OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'cloud', '', 1, 0, 0); - echo($txt); - }else{ - echo self::generateXml('', 'fail', 300, 'User does not exist'); - } - }else{ - echo self::generateXml('', 'fail', 300, 'You don´t have permission to access this ressource.'); - } - } - - /** - * set the quota of a user - * @param string $format - * @param string $user - * @param string $quota - * @return string xml/json - */ - private static function quotaSet($format, $user, $quota) { - $login=OC_OCS::checkpassword(); - if(OC_Group::inGroup($login, 'admin')) { - - // todo - // not yet implemented - // add logic here - error_log('OCS call: user:'.$user.' quota:'.$quota); - - $xml=array(); - $txt=OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'cloud', '', 1, 0, 0); - echo($txt); - }else{ - echo self::generateXml('', 'fail', 300, 'You don´t have permission to access this ressource.'); - } - } - - /** - * get the public key of a user - * @param string $format - * @param string $user - * @return string xml/json - */ - private static function publicKeyGet($format, $user) { - $login=OC_OCS::checkpassword(); - - if(OC_User::userExists($user)) { - // calculate the disc space - $txt='this is the public key of '.$user; - echo($txt); - }else{ - echo self::generateXml('', 'fail', 300, 'User does not exist'); - } - } - - /** - * get the private key of a user - * @param string $format - * @param string $user - * @return string xml/json - */ - private static function privateKeyGet($format, $user) { - $login=OC_OCS::checkpassword(); - if(OC_Group::inGroup($login, 'admin') or ($login==$user)) { - - if(OC_User::userExists($user)) { - // calculate the disc space - $txt='this is the private key of '.$user; - echo($txt); - }else{ - echo self::generateXml('', 'fail', 300, 'User does not exist'); - } - }else{ - echo self::generateXml('', 'fail', 300, 'You don´t have permission to access this ressource.'); - } - } - - } diff --git a/lib/ocs/activity.php b/lib/ocs/activity.php new file mode 100644 index 00000000000..c30e21018d3 --- /dev/null +++ b/lib/ocs/activity.php @@ -0,0 +1,28 @@ +<?php +/** +* ownCloud +* +* @author Frank Karlitschek +* @copyright 2012 Frank Karlitschek frank@owncloud.org +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +class OC_OCS_Activity { + + public static function activityGet($parameters){ + // TODO + } +} diff --git a/lib/ocs/cloud.php b/lib/ocs/cloud.php new file mode 100644 index 00000000000..58c906d7256 --- /dev/null +++ b/lib/ocs/cloud.php @@ -0,0 +1,98 @@ +<?php +/** +* ownCloud +* +* @author Frank Karlitschek +* @author Tom Needham +* @copyright 2012 Frank Karlitschek frank@owncloud.org +* @copyright 2012 Tom Needham tom@owncloud.com +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +class OC_OCS_Cloud { + + public static function getSystemWebApps($parameters) { + OC_Util::checkLoggedIn(); + $apps = OC_App::getEnabledApps(); + $values = array(); + foreach($apps as $app) { + $info = OC_App::getAppInfo($app); + if(isset($info['standalone'])) { + $newValue = array('name'=>$info['name'],'url'=>OC_Helper::linkToAbsolute($app,''),'icon'=>''); + $values[] = $newValue; + } + } + return new OC_OCS_Result($values); + } + + public static function getUserQuota($parameters) { + $user = OC_User::getUser(); + if(OC_Group::inGroup($user, 'admin') or ($user==$parameters['user'])) { + + if(OC_User::userExists($parameters['user'])) { + // calculate the disc space + $userDir = '/'.$parameters['user'].'/files'; + \OC\Files\Filesystem::init($useDir); + $rootInfo = \OC\Files\Filesystem::getFileInfo(''); + $sharedInfo = \OC\Files\Filesystem::getFileInfo('/Shared'); + $used = $rootInfo['size'] - $sharedInfo['size']; + $free = \OC\Files\Filesystem::free_space(); + $total = $free + $used; + if($total===0) $total = 1; // prevent division by zero + $relative = round(($used/$total)*10000)/100; + + $xml = array(); + $xml['quota'] = $total; + $xml['free'] = $free; + $xml['used'] = $used; + $xml['relative'] = $relative; + + return new OC_OCS_Result($xml); + } else { + return new OC_OCS_Result(null, 300); + } + } else { + return new OC_OCS_Result(null, 300); + } + } + + public static function getUserPublickey($parameters) { + + if(OC_User::userExists($parameters['user'])) { + // calculate the disc space + // TODO + return new OC_OCS_Result(array()); + } else { + return new OC_OCS_Result(null, 300); + } + } + + public static function getUserPrivatekey($parameters) { + $user = OC_User::getUser(); + if(OC_Group::inGroup($user, 'admin') or ($user==$parameters['user'])) { + + if(OC_User::userExists($user)) { + // calculate the disc space + $txt = 'this is the private key of '.$parameters['user']; + echo($txt); + } else { + return new OC_OCS_Result(null, 300, 'User does not exist'); + } + } else { + return new OC_OCS_Result('null', 300, 'You don´t have permission to access this ressource.'); + } + } +} diff --git a/lib/ocs/config.php b/lib/ocs/config.php new file mode 100644 index 00000000000..03c54aa2314 --- /dev/null +++ b/lib/ocs/config.php @@ -0,0 +1,36 @@ +<?php +/** +* ownCloud +* +* @author Frank Karlitschek +* @author Tom Needham +* @copyright 2012 Frank Karlitschek frank@owncloud.org +* @copyright 2012 Tom Needham tom@owncloud.com +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +class OC_OCS_Config { + + public static function apiConfig($parameters) { + $xml['version'] = '1.7'; + $xml['website'] = 'ownCloud'; + $xml['host'] = OCP\Util::getServerHost(); + $xml['contact'] = ''; + $xml['ssl'] = 'false'; + return new OC_OCS_Result($xml); + } + +} diff --git a/lib/ocs/person.php b/lib/ocs/person.php new file mode 100644 index 00000000000..169cc8211db --- /dev/null +++ b/lib/ocs/person.php @@ -0,0 +1,42 @@ +<?php +/** +* ownCloud +* +* @author Frank Karlitschek +* @author Tom Needham +* @copyright 2012 Frank Karlitschek frank@owncloud.org +* @copyright 2012 Tom Needham tom@owncloud.com +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +class OC_OCS_Person { + + public static function check($parameters) { + $login = isset($_POST['login']) ? $_POST['login'] : false; + $password = isset($_POST['password']) ? $_POST['password'] : false; + if($login && $password) { + if(OC_User::checkPassword($login, $password)) { + $xml['person']['personid'] = $login; + return new OC_OCS_Result($xml); + } else { + return new OC_OCS_Result(null, 102); + } + } else { + return new OC_OCS_Result(null, 101); + } + } + +} diff --git a/lib/ocs/privatedata.php b/lib/ocs/privatedata.php new file mode 100644 index 00000000000..e01ed5e8b07 --- /dev/null +++ b/lib/ocs/privatedata.php @@ -0,0 +1,66 @@ +<?php +/** +* ownCloud +* +* @author Frank Karlitschek +* @author Tom Needham +* @copyright 2012 Frank Karlitschek frank@owncloud.org +* @copyright 2012 Tom Needham tom@owncloud.com +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +class OC_OCS_Privatedata { + + public static function get($parameters) { + OC_Util::checkLoggedIn(); + $user = OC_User::getUser(); + $app = addslashes(strip_tags($parameters['app'])); + $key = addslashes(strip_tags($parameters['key'])); + $result = OC_OCS::getData($user,$app,$key); + $xml = array(); + foreach($result as $i=>$log) { + $xml[$i]['key']=$log['key']; + $xml[$i]['app']=$log['app']; + $xml[$i]['value']=$log['value']; + } + return new OC_OCS_Result($xml); + //TODO: replace 'privatedata' with 'attribute' once a new libattice has been released that works with it + } + + public static function set($parameters) { + OC_Util::checkLoggedIn(); + $user = OC_User::getUser(); + $app = addslashes(strip_tags($parameters['app'])); + $key = addslashes(strip_tags($parameters['key'])); + $value = OC_OCS::readData('post', 'value', 'text'); + if(OC_Preferences::setValue($user, $app, $key, $value)){ + return new OC_OCS_Result(null, 100); + } + } + + public static function delete($parameters) { + OC_Util::checkLoggedIn(); + $user = OC_User::getUser(); + $app = addslashes(strip_tags($parameters['app'])); + $key = addslashes(strip_tags($parameters['key'])); + if($key==="" or $app==="") { + return new OC_OCS_Result(null, 101); //key and app are NOT optional here + } + if(OC_Preferences::deleteKey($user, $app, $key)) { + return new OC_OCS_Result(null, 100); + } + } +} diff --git a/lib/ocs/result.php b/lib/ocs/result.php new file mode 100644 index 00000000000..b08d911f785 --- /dev/null +++ b/lib/ocs/result.php @@ -0,0 +1,75 @@ +<?php +/** +* ownCloud +* +* @author Tom Needham +* @copyright 2012 Tom Needham tom@owncloud.com +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +class OC_OCS_Result{ + + private $data, $message, $statusCode, $items, $perPage; + + /** + * create the OCS_Result object + * @param $data mixed the data to return + */ + public function __construct($data=null, $code=100, $message=null) { + $this->data = $data; + $this->statusCode = $code; + $this->message = $message; + } + + /** + * optionally set the total number of items available + * @param $items int + */ + public function setTotalItems(int $items) { + $this->items = $items; + } + + /** + * optionally set the the number of items per page + * @param $items int + */ + public function setItemsPerPage(int $items) { + $this->perPage = $items; + } + + /** + * returns the data associated with the api result + * @return array + */ + public function getResult() { + $return = array(); + $return['meta'] = array(); + $return['meta']['status'] = ($this->statusCode === 100) ? 'ok' : 'failure'; + $return['meta']['statuscode'] = $this->statusCode; + $return['meta']['message'] = $this->message; + if(isset($this->items)) { + $return['meta']['totalitems'] = $this->items; + } + if(isset($this->perPage)) { + $return['meta']['itemsperpage'] = $this->perPage; + } + $return['data'] = $this->data; + // Return the result data. + return $return; + } + + +}
\ No newline at end of file diff --git a/lib/public/api.php b/lib/public/api.php new file mode 100644 index 00000000000..a85daa1935c --- /dev/null +++ b/lib/public/api.php @@ -0,0 +1,44 @@ +<?php +/** +* ownCloud +* +* @author Tom Needham +* @copyright 2012 Tom Needham tom@owncloud.com +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +namespace OCP; + +/** + * This class provides functions to manage apps in ownCloud + */ +class API { + + /** + * registers an api call + * @param string $method the http method + * @param string $url the url to match + * @param callable $action the function to run + * @param string $app the id of the app registering the call + * @param int $authLevel the level of authentication required for the call (See OC_API constants) + * @param array $defaults + * @param array $requirements + */ + public static function register($method, $url, $action, $app, $authLevel = OC_API::USER_AUTH, $defaults = array(), $requirements = array()){ + \OC_API::register($method, $url, $action, $app, $authLevel, $defaults, $requirements); + } + +} diff --git a/lib/router.php b/lib/router.php index 8cb8fd4f33b..27e14c38abf 100644 --- a/lib/router.php +++ b/lib/router.php @@ -58,6 +58,23 @@ class OC_Router { * loads the api routes */ public function loadRoutes() { + + // TODO cache + $this->root = $this->getCollection('root'); + foreach(OC_APP::getEnabledApps() as $app){ + $file = OC_App::getAppPath($app).'/appinfo/routes.php'; + if(file_exists($file)){ + $this->useCollection($app); + require_once($file); + $collection = $this->getCollection($app); + $this->root->addCollection($collection, '/apps/'.$app); + } + } + // include ocs routes + require_once(OC::$SERVERROOT.'/ocs/routes.php'); + $collection = $this->getCollection('ocs'); + $this->root->addCollection($collection, '/ocs'); + foreach($this->getRoutingFiles() as $app => $file) { $this->useCollection($app); require_once $file; @@ -67,6 +84,7 @@ class OC_Router { $this->useCollection('root'); require_once 'settings/routes.php'; require_once 'core/routes.php'; + } protected function getCollection($name) { |