diff options
| -rw-r--r-- | apps/files_sharing/appinfo/info.xml | 2 | ||||
| -rw-r--r-- | apps/files_sharing/appinfo/version | 2 | ||||
| -rw-r--r-- | apps/files_sharing/lib/connector/publicauth.php | 71 | ||||
| -rw-r--r-- | apps/files_sharing/publicwebdav.php | 58 |
4 files changed, 131 insertions, 2 deletions
diff --git a/apps/files_sharing/appinfo/info.xml b/apps/files_sharing/appinfo/info.xml index 9a199281a76..9b42c1e17b5 100644 --- a/apps/files_sharing/appinfo/info.xml +++ b/apps/files_sharing/appinfo/info.xml @@ -13,6 +13,6 @@ </types> <public> <files>public.php</files> - <webdav>public.php</webdav> + <webdav>publicwebdav.php</webdav> </public> </info> diff --git a/apps/files_sharing/appinfo/version b/apps/files_sharing/appinfo/version index bd73f47072b..267577d47e4 100644 --- a/apps/files_sharing/appinfo/version +++ b/apps/files_sharing/appinfo/version @@ -1 +1 @@ -0.4 +0.4.1 diff --git a/apps/files_sharing/lib/connector/publicauth.php b/apps/files_sharing/lib/connector/publicauth.php new file mode 100644 index 00000000000..0831129ce79 --- /dev/null +++ b/apps/files_sharing/lib/connector/publicauth.php @@ -0,0 +1,71 @@ +<?php + +/** + * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com> + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +namespace OCA\Files_Sharing\Connector; + +class PublicAuth extends \Sabre_DAV_Auth_Backend_AbstractBasic { + + /** + * @var \OCP\IConfig + */ + private $config; + + private $share; + + /** + * @param \OCP\IConfig $config + */ + public function __construct($config) { + $this->config = $config; + } + + /** + * Validates a username and password + * + * This method should return true or false depending on if login + * succeeded. + * + * @param string $username + * @param string $password + * + * @return bool + */ + protected function validateUserPass($username, $password) { + $linkItem = \OCP\Share::getShareByToken($username, false); + $this->share = $linkItem; + if (!$linkItem) { + return false; + } + + // check if the share is password protected + if (isset($linkItem['share_with'])) { + if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_LINK) { + // Check Password + $forcePortable = (CRYPT_BLOWFISH != 1); + $hasher = new \PasswordHash(8, $forcePortable); + if (!$hasher->CheckPassword($password . $this->config->getSystemValue('passwordsalt', ''), $linkItem['share_with'])) { + return false; + } else { + return true; + } + } else { + return false; + } + } else { + return true; + } + } + + /** + * @return array + */ + public function getShare() { + return $this->share; + } +} diff --git a/apps/files_sharing/publicwebdav.php b/apps/files_sharing/publicwebdav.php new file mode 100644 index 00000000000..954c3a3144d --- /dev/null +++ b/apps/files_sharing/publicwebdav.php @@ -0,0 +1,58 @@ +<?php +/** + * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com> + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +// load needed apps +$RUNTIME_APPTYPES = array('filesystem', 'authentication', 'logging'); + +OC_App::loadApps($RUNTIME_APPTYPES); + +OC_Util::obEnd(); + +// Backends +$authBackend = new OCA\Files_Sharing\Connector\PublicAuth(\OC::$server->getConfig()); +$lockBackend = new OC_Connector_Sabre_Locks(); +$requestBackend = new OC_Connector_Sabre_Request(); + +// Fire up server +$objectTree = new \OC\Connector\Sabre\ObjectTree(); +$server = new OC_Connector_Sabre_Server($objectTree); +$server->httpRequest = $requestBackend; +$server->setBaseUri($baseuri); + +// Load plugins +$defaults = new OC_Defaults(); +$server->addPlugin(new Sabre_DAV_Auth_Plugin($authBackend, $defaults->getName())); +$server->addPlugin(new Sabre_DAV_Locks_Plugin($lockBackend)); +$server->addPlugin(new Sabre_DAV_Browser_Plugin(false)); // Show something in the Browser, but no upload +$server->addPlugin(new OC_Connector_Sabre_FilesPlugin()); +$server->addPlugin(new OC_Connector_Sabre_MaintenancePlugin()); +$server->addPlugin(new OC_Connector_Sabre_ExceptionLoggerPlugin('webdav')); + +// wait with registering these until auth is handled and the filesystem is setup +$server->subscribeEvent('beforeMethod', function () use ($server, $objectTree, $authBackend) { + $share = $authBackend->getShare(); + $owner = $share['uid_owner']; + $fileId = $share['file_source']; + OC_Util::setupFS($owner); + $ownerView = \OC\Files\Filesystem::getView(); + $path = $ownerView->getPath($fileId); + + + $view = new \OC\Files\View($ownerView->getAbsolutePath($path)); + $rootInfo = $view->getFileInfo(''); + + // Create ownCloud Dir + $rootDir = new OC_Connector_Sabre_Directory($view, $rootInfo); + $objectTree->init($rootDir, $view); + + $server->addPlugin(new OC_Connector_Sabre_AbortedUploadDetectionPlugin($view)); + $server->addPlugin(new OC_Connector_Sabre_QuotaPlugin($view)); +}, 30); // priority 30: after auth (10) and acl(20), before lock(50) and handling the request + +// And off we go! +$server->exec(); |