egroupware/filemanager/doc/INSTALL_WebDAV

INSTALL : WebDAV file share
---------------------------
Note: if you don't know what WebDAV is you probably don't need it.  The default
vfs_sql is generally faster and easier to setup.

Filemanager's WebDAV support allows you to store your files online in 
egroupware, in a way that cooperates well with other web applications (for
instance, in Windows you can then access your files as a "web folder", and
similarly KDE, Gnome, MacOSX, and amultitude of applications (eg MS Office and
OpenOffice.org) all include some way of browsing files on a WebDAV share)


Installation
------------
To install:

1/	Setup a WebDAV server - currently this code has only been well tested using
	Apache's mod_dav (http://www.webdav.org/mod_dav/).  mod_dav is included in
	Apache 2, and most Linux distributions include it as a package.

	To setup mod_dav ensure that you have the module installed correctly ( RTFM :)
	and create a virtual host (eg files.yourdomain.com) something like this:

		<VirtualHost files.yourdomain.com:80>
			AccessFileName .htaccess
			ServerAdmin webmaster@yourdomain.com
			DocumentRoot /var/files
			<Location />
				AllowOverride All
				Options +Indexes
				DAV on
				DirectoryIndex /
				RemoveHandler cgi-script .cgi .pl
				RemoveType application/x-httpd-php .php .php3
				RemoveType application/x-httpd-php-source .phps
			</Location>
			<Files ~ "^\.ht">
				#This ensures egroupware can modify .htaccess files
				order deny,allow
				deny from all
				#make sure your egroupware server is included here.
				allow from localhost .localdomain
			</Files>
			ServerName files.yourdomain.com
			ErrorLog logs/dav_err
			CustomLog logs/dav_acc combined
		</VirtualHost>

2/	On the setup page (egroupware/setup/config.php) specify
	the WebDAV server URL (eg http://files.yourdomain.com ) in the: "Full path
	for users and groups files" text area, and select DAV in the:
	"Select where you want to store/retrieve filesystem information"
	combo.  If your file repository supports SSL you might want to enter
	'https://files.yourdomain.com' instead - note that phpGroupWare itself wont
	use SSL to access the repository, but when it redirects the users browser to
	the repository it will use the secure https url.

3/	Make sure your WebDAV repository contains a "home" directory (important!)
	So if your WebDAV directory is /var/files, you would need:
		/var/files/
		/var/files/home/

4/ 	You now want some kind of authentication on the WebDAV repository, so that 
	users accessing it directly still need their egroupware	password.  By default 
	there is no security through Apache's WebDAV module and anyone could access
	your files.

	To enable authentication you must use a third-party Apache authentication
	module.  Which you use depends on how you have setup authentication in
	phpGroupWare - for instance if you use an SQL DB (the default) then set up
	mod_auth_pgsql (http://www.giuseppetanzilli.it/mod_auth_pgsql/) or
	mod_auth_mysql (http://modauthmysql.sourceforge.net/)

	An example .htaccess file for your repository's root
	(e.g. /var/files) when using mod_auth_mysql would be:

		Options None
		DirectoryIndex index.html
		RemoveHandler cgi-script .cgi .pl
		RemoveType application/x-httpd-php .php .php3
		RemoveType application/x-httpd-php-source .phps

		AuthMySQL_Host localhost
		AuthMySQL_User <mysql user>
		AuthMySQL_Password <mysql password>
		Auth_MySQL_DB <mysql egroupware database>

		AuthMySQL_Password_Table phpgw_accounts
		AuthMySQL_Username_Field account_lid
		AuthMySQL_Password_Field account_pwd

		Auth_MySQL_Encryption_Types PHP_MD5

		AuthName "V-Manager"
		AuthType Basic
		require valid-user

	eGroupWare's WebDAV vfs class has some suppose for adding
	.htaccess files when creating new directories but does not do
	so when creating a new directory for a new user so you will
	need to do this by hand or modify the vfs_dav class.  The .htaccess
	file would look like "require user boab"

	Filemanager also support group directories.  Unfortunatly
	mod_auth_mysql does not easily support authentication on these and you
	have to modify it's source with the following patch:

--- mod_auth_mysql.c-orig       2004-05-24 23:51:55.000000000 +0100
+++ mod_auth_mysql.c    2004-05-24 23:52:08.000000000 +0100
@@ -862,8 +862,11 @@
 #endif

        query = ap_pstrcat(r->pool,"select count(*) from ", auth_table,
-       " where ", auth_user_field, "='", esc_user, "'",
-       " and FIND_IN_SET('", esc_group, "',", auth_group_field,")", auth_group_clause, NULL);
+                          " AS groups, ", auth_table, " AS users, phpgw_acl AS acl",
+                          " where users.", auth_user_field, "='", esc_user, "'", " AND groups.account_type='g'",
+                          " AND users.account_type='u' AND groups.account_id=acl.acl_location AND users.account_id=acl.acl_account",
+                          " AND groups.", auth_group_field, "='", esc_group, "'", NULL);
+       //         " and FIND_IN_SET('", esc_group, "',", auth_group_field,")", auth_group_clause, NULL);

        ap_log_error(APLOG_MARK, APLOG_NOERRNO | APLOG_DEBUG, r->server,
                "Group query created; [%s]", query);

	Recompile (if building from Debian source packages:
	dpkg-buildpackage -rfakeroot -uc -b), then add this to your
	root .htaccess file:

		AuthMySQL_Group_Table phpgw_accounts
		Auth_MySQL_Group_Field account_lid

	And finally make the group directories by hand: 

		mkdir home/Admins; mkdir home/Default

	and each directory's .htaccess file by hand:

		require group Admins

TODO:

Create group directories automaticly
Create .htaccess file for group directories automaticly
Create .htaccess files for new user directories automaticly
Only list group directories to which the user has access