mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-16 03:30:49 +01:00
404 lines
13 KiB
PHP
404 lines
13 KiB
PHP
<?php
|
|
/**
|
|
* eGroupWare API: VFS - WebDAV access using the new stream wrapper VFS interface
|
|
*
|
|
* Using the PEAR HTTP/WebDAV/Server/Filesystem class (which need to be installed!)
|
|
*
|
|
* @link http://www.egroupware.org
|
|
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
|
* @package api
|
|
* @subpackage vfs
|
|
* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
|
* @author Hartmut Holzgraefe <hartmut@php.net> original HTTP/WebDAV/Server/Filesystem class, of which some code is used
|
|
* @version $Id$
|
|
*/
|
|
|
|
require_once('HTTP/WebDAV/Server/Filesystem.php');
|
|
require_once(EGW_API_INC.'/class.egw_vfs.inc.php');
|
|
|
|
/**
|
|
* FileManger - WebDAV access using the new stream wrapper VFS interface
|
|
*
|
|
* Using the PEAR HTTP/WebDAV/Server/Filesystem class (which need to be installed!)
|
|
*
|
|
* @todo table to store locks and properties
|
|
* @todo filesystem class uses PEAR's System::find which we dont require nor know if it works on custom streamwrapper
|
|
*/
|
|
class vfs_webdav_server extends HTTP_WebDAV_Server_Filesystem
|
|
{
|
|
var $dav_powered_by = 'eGroupWare WebDAV server';
|
|
|
|
/**
|
|
* Base directory is the URL of our VFS root
|
|
*
|
|
* @var string
|
|
*/
|
|
var $base = 'vfs://default';
|
|
|
|
/**
|
|
* Debug level: 0 = nothing, 1 = function calls, 2 = more info, eg. complete $_SERVER array
|
|
*
|
|
* The debug messages are send to the apache error_log
|
|
*
|
|
* @var integer
|
|
*/
|
|
var $debug = 0;
|
|
|
|
/**
|
|
* Serve a webdav request
|
|
*
|
|
* Reimplemented to not check our vfs base path with realpath and connect to mysql DB
|
|
*
|
|
* @access public
|
|
* @param string
|
|
*/
|
|
function ServeRequest($base = false)
|
|
{
|
|
// special treatment for litmus compliance test
|
|
// reply on its identifier header
|
|
// not needed for the test itself but eases debugging
|
|
foreach (apache_request_headers() as $key => $value)
|
|
{
|
|
if (stristr($key, "litmus"))
|
|
{
|
|
error_log("Litmus test $value");
|
|
header("X-Litmus-reply: ".$value);
|
|
}
|
|
}
|
|
|
|
// let the base class do all the work
|
|
HTTP_WebDAV_Server::ServeRequest();
|
|
}
|
|
|
|
/**
|
|
* DELETE method handler
|
|
*
|
|
* @param array general parameter passing array
|
|
* @return bool true on success
|
|
*/
|
|
function DELETE($options)
|
|
{
|
|
$path = $this->base . "/" .$options["path"];
|
|
|
|
if (!file_exists($path))
|
|
{
|
|
return "404 Not found";
|
|
}
|
|
|
|
if (is_dir($path))
|
|
{
|
|
/*$query = "DELETE FROM {$this->db_prefix}properties
|
|
WHERE path LIKE '".$this->_slashify($options["path"])."%'";
|
|
mysql_query($query); */
|
|
// recursive delete the directory
|
|
if ($dir = egw_vfs::dir_opendir($options["path"]))
|
|
{
|
|
while(($file = readdir($dir)))
|
|
{
|
|
if ($file == '.' || $file == '..') continue;
|
|
|
|
if (is_dir($path.'/'.$file))
|
|
{
|
|
// recursivly call ourself with the dir
|
|
$opts = $options;
|
|
$opts['path'] .= '/'.$file;
|
|
$this->DELETE($opts);
|
|
}
|
|
else
|
|
{
|
|
unlink($path.'/'.$file);
|
|
}
|
|
}
|
|
closedir($dir);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
unlink($path);
|
|
}
|
|
/*$query = "DELETE FROM {$this->db_prefix}properties
|
|
WHERE path = '$options[path]'";
|
|
mysql_query($query);*/
|
|
|
|
return "204 No Content";
|
|
}
|
|
|
|
/**
|
|
* Get properties for a single file/resource
|
|
*
|
|
* @param string resource path
|
|
* @return array resource properties
|
|
*/
|
|
function fileinfo($path)
|
|
{
|
|
error_log(__METHOD__."($path)");
|
|
// map URI path to filesystem path
|
|
$fspath = $this->base . $path;
|
|
|
|
// create result array
|
|
$info = array();
|
|
// TODO remove slash append code when base clase is able to do it itself
|
|
$info["path"] = is_dir($fspath) ? $this->_slashify($path) : $path;
|
|
$info["props"] = array();
|
|
|
|
// no special beautified displayname here ...
|
|
$info["props"][] = $this->mkprop("displayname", strtoupper($path));
|
|
|
|
// creation and modification time
|
|
$info["props"][] = $this->mkprop("creationdate", filectime($fspath));
|
|
$info["props"][] = $this->mkprop("getlastmodified", filemtime($fspath));
|
|
|
|
// type and size (caller already made sure that path exists)
|
|
if (is_dir($fspath)) {
|
|
// directory (WebDAV collection)
|
|
$info["props"][] = $this->mkprop("resourcetype", "collection");
|
|
$info["props"][] = $this->mkprop("getcontenttype", "httpd/unix-directory");
|
|
} else {
|
|
// plain file (WebDAV resource)
|
|
$info["props"][] = $this->mkprop("resourcetype", "");
|
|
if (egw_vfs::is_readable($path)) {
|
|
$info["props"][] = $this->mkprop("getcontenttype", egw_vfs::mime_content_type($path));
|
|
} else {
|
|
error_log(__METHOD__."($path) $fspath is not readable!");
|
|
$info["props"][] = $this->mkprop("getcontenttype", "application/x-non-readable");
|
|
}
|
|
$info["props"][] = $this->mkprop("getcontentlength", filesize($fspath));
|
|
}
|
|
/*
|
|
// get additional properties from database
|
|
$query = "SELECT ns, name, value
|
|
FROM {$this->db_prefix}properties
|
|
WHERE path = '$path'";
|
|
$res = mysql_query($query);
|
|
while ($row = mysql_fetch_assoc($res)) {
|
|
$info["props"][] = $this->mkprop($row["ns"], $row["name"], $row["value"]);
|
|
}
|
|
mysql_free_result($res);
|
|
*/
|
|
//error_log(__METHOD__."($path) info=".print_r($info,true));
|
|
return $info;
|
|
}
|
|
|
|
/**
|
|
* Used eg. by get
|
|
*
|
|
* @todo replace all calls to _mimetype with egw_vfs::mime_content_type()
|
|
* @param string $path
|
|
* @return string
|
|
*/
|
|
function _mimetype($path)
|
|
{
|
|
return egw_vfs::mime_content_type($path);
|
|
}
|
|
|
|
/**
|
|
* PROPPATCH method handler
|
|
*
|
|
* The current version only allows Webdrive to set creation and modificaton dates.
|
|
* They are not stored as (arbitrary) WebDAV properties with their own namespace and name,
|
|
* but in the regular vfs attributes.
|
|
*
|
|
* @todo Store a properties in the DB and retrieve them in PROPFIND again.
|
|
* @param array general parameter passing array
|
|
* @return bool true on success
|
|
*/
|
|
function PROPPATCH(&$options)
|
|
{
|
|
$path = $GLOBALS['egw']->translation->convert($options['path'],'utf-8');
|
|
|
|
foreach ($options["props"] as $key => $prop) {
|
|
$attributes = array();
|
|
switch($prop['ns'])
|
|
{
|
|
// allow Webdrive to set creation and modification time
|
|
case 'http://www.southrivertech.com/':
|
|
switch($prop['name'])
|
|
{
|
|
case 'srt_modifiedtime':
|
|
case 'getlastmodified':
|
|
egw_vfs::touch($path,strtotime($prop['val']));
|
|
break;
|
|
case 'srt_creationtime':
|
|
// not supported via the streamwrapper interface atm.
|
|
//$attributes['created'] = strtotime($prop['val']);
|
|
break;
|
|
}
|
|
break;
|
|
|
|
case 'DAV:':
|
|
switch($prop['name'])
|
|
{
|
|
// allow netdrive to change the modification time
|
|
case 'getlastmodified':
|
|
egw_vfs::touch($path,strtotime($prop['val']));
|
|
break;
|
|
// not sure why, the filesystem example of the WebDAV class does it ...
|
|
default:
|
|
$options["props"][$key]['status'] = "403 Forbidden";
|
|
break;
|
|
}
|
|
break;
|
|
}
|
|
if ($this->debug) $props[] = '('.$prop["ns"].')'.$prop['name'].'='.$prop['val'];
|
|
}
|
|
if ($this->debug)
|
|
{
|
|
error_log(__METHOD__.": path=$options[path], props=".implode(', ',$props));
|
|
if ($attributes) error_log(__METHOD__.": path=$options[path], set attributes=".str_replace("\n",' ',print_r($attributes,true)));
|
|
}
|
|
|
|
return ""; // this is as the filesystem example handler does it, no true or false ...
|
|
}
|
|
|
|
/**
|
|
* LOCK method handler
|
|
*
|
|
* @param array general parameter passing array
|
|
* @return bool true on success
|
|
*/
|
|
function LOCK(&$options)
|
|
{
|
|
// behaving like LOCK is not implemented
|
|
return "412 Precondition failed";
|
|
/*
|
|
// get absolute fs path to requested resource
|
|
$fspath = $this->base . $options["path"];
|
|
|
|
// TODO recursive locks on directories not supported yet
|
|
if (is_dir($fspath) && !empty($options["depth"])) {
|
|
return "409 Conflict";
|
|
}
|
|
|
|
$options["timeout"] = time()+300; // 5min. hardcoded
|
|
|
|
if (isset($options["update"])) { // Lock Update
|
|
$where = "WHERE path = '$options[path]' AND token = '$options[update]'";
|
|
|
|
$query = "SELECT owner, exclusivelock FROM {$this->db_prefix}locks $where";
|
|
$res = mysql_query($query);
|
|
$row = mysql_fetch_assoc($res);
|
|
mysql_free_result($res);
|
|
|
|
if (is_array($row)) {
|
|
$query = "UPDATE {$this->db_prefix}locks
|
|
SET expires = '$options[timeout]'
|
|
, modified = ".time()."
|
|
$where";
|
|
mysql_query($query);
|
|
|
|
$options['owner'] = $row['owner'];
|
|
$options['scope'] = $row["exclusivelock"] ? "exclusive" : "shared";
|
|
$options['type'] = $row["exclusivelock"] ? "write" : "read";
|
|
|
|
return true;
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
$query = "INSERT INTO {$this->db_prefix}locks
|
|
SET token = '$options[locktoken]'
|
|
, path = '$options[path]'
|
|
, created = ".time()."
|
|
, modified = ".time()."
|
|
, owner = '$options[owner]'
|
|
, expires = '$options[timeout]'
|
|
, exclusivelock = " .($options['scope'] === "exclusive" ? "1" : "0")
|
|
;
|
|
mysql_query($query);
|
|
|
|
return mysql_affected_rows() ? "200 OK" : "409 Conflict";*/
|
|
}
|
|
|
|
/**
|
|
* UNLOCK method handler
|
|
*
|
|
* @param array general parameter passing array
|
|
* @return bool true on success
|
|
*/
|
|
function UNLOCK(&$options)
|
|
{
|
|
// behaving like LOCK is not implemented
|
|
return "405 Method not allowed";
|
|
/*
|
|
$query = "DELETE FROM {$this->db_prefix}locks
|
|
WHERE path = '$options[path]'
|
|
AND token = '$options[token]'";
|
|
mysql_query($query);
|
|
|
|
return mysql_affected_rows() ? "204 No Content" : "409 Conflict";*/
|
|
}
|
|
|
|
/**
|
|
* checkLock() helper
|
|
*
|
|
* @param string resource path to check for locks
|
|
* @return bool true on success
|
|
*/
|
|
function checkLock($path)
|
|
{
|
|
// behave like checkLock is not implemented
|
|
return false;
|
|
/*
|
|
$result = false;
|
|
|
|
$query = "SELECT owner, token, created, modified, expires, exclusivelock
|
|
FROM {$this->db_prefix}locks
|
|
WHERE path = '$path'
|
|
";
|
|
$res = mysql_query($query);
|
|
|
|
if ($res) {
|
|
$row = mysql_fetch_array($res);
|
|
mysql_free_result($res);
|
|
|
|
if ($row) {
|
|
$result = array( "type" => "write",
|
|
"scope" => $row["exclusivelock"] ? "exclusive" : "shared",
|
|
"depth" => 0,
|
|
"owner" => $row['owner'],
|
|
"token" => $row['token'],
|
|
"created" => $row['created'],
|
|
"modified" => $row['modified'],
|
|
"expires" => $row['expires']
|
|
);
|
|
}
|
|
}
|
|
|
|
return $result;*/
|
|
}
|
|
|
|
/**
|
|
* Remove not (yet) implemented LOCK methods, so we can use the mostly unchanged HTTP_WebDAV_Server_Filesystem class
|
|
*
|
|
* @return array
|
|
*/
|
|
function _allow()
|
|
{
|
|
$allow = parent::_allow();
|
|
unset($allow['LOCK']);
|
|
unset($allow['UNLOCK']);
|
|
return $allow;
|
|
}
|
|
|
|
/**
|
|
* auth check in the session creation in dav.php, to avoid being redirected to login.php
|
|
*
|
|
* @param string $type
|
|
* @param string $login account_lid or account_lid@domain
|
|
* @param string $password this is checked in the session creation
|
|
* @return boolean true if authorized or false otherwise
|
|
*/
|
|
function checkAuth($type,$login,$password)
|
|
{
|
|
list($account_lid,$domain) = explode('@',$login);
|
|
|
|
$auth = ($login === $GLOBALS['egw_info']['user']['account_lid'] ||
|
|
($account_lid === $GLOBALS['egw_info']['user']['account_lid'] && $domain === $GLOBALS['egw']->session->account_domain)) &&
|
|
$GLOBALS['egw_info']['user']['apps']['filemanager'];
|
|
|
|
if ($this->debug) error_log("vfs_webdav_server::checkAuth('$type','$login','\$password'): account_lid='$account_lid', domain='$domain' ==> ".(int)$auth);
|
|
|
|
return $auth;
|
|
}
|
|
} |