123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245 |
- <?php
- /* Copyright (C) 2018 Destailleur Laurent <eldy@users.sourceforge.net>
- * Copyright (C) 2019 Regis Houssin <regis.houssin@inodbox.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <https://www.gnu.org/licenses/>.
- *
- * You can test with the WebDav client cadaver:
- * cadaver http://myurl/dav/fileserver.php
- */
- /**
- * \file htdocs/dav/fileserver.php
- * \ingroup dav
- * \brief Server DAV
- */
- if (!defined('NOTOKENRENEWAL')) {
- define('NOTOKENRENEWAL', '1');
- }
- if (!defined('NOREQUIREMENU')) {
- define('NOREQUIREMENU', '1'); // If there is no menu to show
- }
- if (!defined('NOREQUIREHTML')) {
- define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php
- }
- if (!defined('NOREQUIREAJAX')) {
- define('NOREQUIREAJAX', '1');
- }
- if (!defined('NOLOGIN')) {
- define("NOLOGIN", 1); // This means this output page does not require to be logged.
- }
- if (!defined('NOCSRFCHECK')) {
- define("NOCSRFCHECK", 1); // We accept to go on this page from external web site.
- }
- require "../main.inc.php";
- require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
- require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
- require_once DOL_DOCUMENT_ROOT.'/dav/dav.class.php';
- require_once DOL_DOCUMENT_ROOT.'/dav/dav.lib.php';
- require_once DOL_DOCUMENT_ROOT.'/includes/sabre/autoload.php';
- $user = new User($db);
- if (isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_USER'] != '') {
- $user->fetch('', $_SERVER['PHP_AUTH_USER']);
- $user->getrights();
- }
- // Load translation files required by the page
- $langs->loadLangs(array("main", "other"));
- if (empty($conf->dav->enabled)) {
- accessforbidden();
- }
- // Restrict API to some IPs
- if (!empty($conf->global->DAV_RESTRICT_ON_IP)) {
- $allowedip = explode(' ', $conf->global->DAV_RESTRICT_ON_IP);
- $ipremote = getUserRemoteIP();
- if (!in_array($ipremote, $allowedip)) {
- dol_syslog('Remote ip is '.$ipremote.', not into list ' . getDolGlobalString('DAV_RESTRICT_ON_IP'));
- print 'DAV not allowed from the IP '.$ipremote;
- header('HTTP/1.1 503 DAV not allowed from your IP '.$ipremote);
- //print $conf->global->DAV_RESTRICT_ON_IP;
- exit(0);
- }
- }
- $entity = (GETPOST('entity', 'int') ? GETPOST('entity', 'int') : (!empty($conf->entity) ? $conf->entity : 1));
- // settings
- $publicDir = $conf->dav->multidir_output[$entity].'/public';
- $privateDir = $conf->dav->multidir_output[$entity].'/private';
- $ecmDir = $conf->ecm->multidir_output[$entity];
- $tmpDir = $conf->dav->multidir_output[$entity]; // We need root dir, not a dir that can be deleted
- //var_dump($tmpDir);mkdir($tmpDir);exit;
- // Authentication callback function
- $authBackend = new \Sabre\DAV\Auth\Backend\BasicCallBack(function ($username, $password) {
- global $user, $conf;
- global $dolibarr_main_authentication, $dolibarr_auto_user;
- if (empty($user->login)) {
- dol_syslog("Failed to authenticate to DAV, login is not provided", LOG_WARNING);
- return false;
- }
- if ($user->socid > 0) {
- dol_syslog("Failed to authenticate to DAV, user is an external user", LOG_WARNING);
- return false;
- }
- if ($user->login != $username) {
- dol_syslog("Failed to authenticate to DAV, login does not match the login of loaded user", LOG_WARNING);
- return false;
- }
- // Authentication mode
- if (empty($dolibarr_main_authentication)) {
- $dolibarr_main_authentication = 'dolibarr';
- }
- // Authentication mode: forceuser
- if ($dolibarr_main_authentication == 'forceuser') {
- if (empty($dolibarr_auto_user)) {
- $dolibarr_auto_user = 'auto';
- }
- if ($dolibarr_auto_user != $username) {
- dol_syslog("Warning: your instance is set to use the automatic forced login '".$dolibarr_auto_user."' that is not the requested login. DAV usage is forbidden in this mode.");
- return false;
- }
- }
- $authmode = explode(',', $dolibarr_main_authentication);
- $entity = (GETPOST('entity', 'int') ? GETPOST('entity', 'int') : (!empty($conf->entity) ? $conf->entity : 1));
- if (checkLoginPassEntity($username, $password, $entity, $authmode, 'dav') != $username) {
- return false;
- }
- // Check if user status is enabled
- if ($user->statut != $user::STATUS_ENABLED) {
- // Status is disabled
- dol_syslog("The user has been disabled.");
- return false;
- }
- // Check if session was unvalidated by a password change
- if (($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"])) {
- // Session is no more valid
- dol_syslog("The user has a date for session invalidation = ".$user->flagdelsessionsbefore." and a session date = ".$_SESSION["dol_logindate"].". We must invalidate its sessions.");
- return false;
- }
- // Check date validity
- if ($user->isNotIntoValidityDateRange()) {
- // User validity dates are no more valid
- dol_syslog("The user login has a validity between [".$user->datestartvalidity." and ".$user->dateendvalidity."], curren date is ".dol_now());
- return false;
- }
- return true;
- });
- $authBackend->setRealm(constant('DOL_APPLICATION_TITLE').' - WebDAV');
- /*
- * Actions and View
- */
- // Create the root node
- // Setting up the directory tree //
- $nodes = array();
- // Enable directories and features according to DAV setup
- // Public dir
- if (!empty($conf->global->DAV_ALLOW_PUBLIC_DIR)) {
- $nodes[] = new \Sabre\DAV\FS\Directory($publicDir);
- }
- // Private dir
- $nodes[] = new \Sabre\DAV\FS\Directory($privateDir);
- // ECM dir
- if (isModEnabled('ecm') && !empty($conf->global->DAV_ALLOW_ECM_DIR)) {
- $nodes[] = new \Sabre\DAV\FS\Directory($ecmDir);
- }
- // Principals Backend
- //$principalBackend = new \Sabre\DAVACL\PrincipalBackend\Dolibarr($user,$db);
- // /principals
- //$nodes[] = new \Sabre\DAVACL\PrincipalCollection($principalBackend);
- // CardDav & CalDav Backend
- //$carddavBackend = new \Sabre\CardDAV\Backend\Dolibarr($user,$db,$langs);
- //$caldavBackend = new \Sabre\CalDAV\Backend\Dolibarr($user,$db,$langs, $cdavLib);
- // /addressbook
- //$nodes[] = new \Sabre\CardDAV\AddressBookRoot($principalBackend, $carddavBackend);
- // /calendars
- //$nodes[] = new \Sabre\CalDAV\CalendarRoot($principalBackend, $caldavBackend);
- // The rootnode needs in turn to be passed to the server class
- $server = new \Sabre\DAV\Server($nodes);
- // If you want to run the SabreDAV server in a custom location (using mod_rewrite for instance)
- // You can override the baseUri here.
- $baseUri = DOL_URL_ROOT.'/dav/fileserver.php/';
- if (isset($baseUri)) {
- $server->setBaseUri($baseUri);
- }
- // Add authentication function
- if ((empty($conf->global->DAV_ALLOW_PUBLIC_DIR)
- || !preg_match('/'.preg_quote(DOL_URL_ROOT.'/dav/fileserver.php/public', '/').'/', $_SERVER["PHP_SELF"]))
- && !preg_match('/^sabreAction=asset&assetName=[a-zA-Z0-9%\-\/]+\.(png|css|woff|ico|ttf)$/', $_SERVER["QUERY_STRING"]) // URL for Sabre browser resources
- ) {
- //var_dump($_SERVER["QUERY_STRING"]);exit;
- $server->addPlugin(new \Sabre\DAV\Auth\Plugin($authBackend));
- }
- // Support for LOCK and UNLOCK
- $lockBackend = new \Sabre\DAV\Locks\Backend\File($tmpDir.'/.locksdb');
- $lockPlugin = new \Sabre\DAV\Locks\Plugin($lockBackend);
- $server->addPlugin($lockPlugin);
- // Support for the html browser
- if (empty($conf->global->DAV_DISABLE_BROWSER)) {
- $browser = new \Sabre\DAV\Browser\Plugin();
- $server->addPlugin($browser);
- }
- // Automatically guess (some) contenttypes, based on extension
- //$server->addPlugin(new \Sabre\DAV\Browser\GuessContentType());
- //$server->addPlugin(new \Sabre\CardDAV\Plugin());
- //$server->addPlugin(new \Sabre\CalDAV\Plugin());
- //$server->addPlugin(new \Sabre\DAVACL\Plugin());
- // Temporary file filter
- /*$tempFF = new \Sabre\DAV\TemporaryFileFilterPlugin($tmpDir);
- $server->addPlugin($tempFF);
- */
- // And off we go!
- $server->exec();
- if (is_object($db)) {
- $db->close();
- }
|