public function toggleDisclaimer($actionName, $httpVars, $fileVars)
{
$u = AuthService::getLoggedUser();
$u->personalRole->setParameterValue("action.disclaimer", "DISCLAIMER_ACCEPTED", $httpVars["validate"] == "true" ? "yes" : "no", AJXP_REPO_SCOPE_ALL);
if ($httpVars["validate"] == "true") {
$u->removeLock();
$u->save("superuser");
AuthService::updateUser($u);
ConfService::switchUserToActiveRepository($u);
$force = $u->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
$passId = -1;
if ($force != "" && $u->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
$passId = $force;
}
$res = ConfService::switchUserToActiveRepository($u, $passId);
if (!$res) {
AuthService::disconnect();
AJXP_XMLWriter::header();
AJXP_XMLWriter::requireAuth(true);
AJXP_XMLWriter::close();
}
ConfService::getInstance()->invalidateLoadedRepositories();
} else {
$u->setLock("validate_disclaimer");
$u->save("superuser");
AuthService::disconnect();
AJXP_XMLWriter::header();
AJXP_XMLWriter::requireAuth(true);
AJXP_XMLWriter::close();
}
}
public function switchActions($actionName, $httpVars, $fileVars)
{
switch ($actionName) {
case "accept_invitation":
$remoteShareId = \AJXP_Utils::sanitize($httpVars["remote_share_id"], AJXP_SANITIZE_ALPHANUM);
$store = new SQLStore();
$remoteShare = $store->remoteShareById($remoteShareId);
if ($remoteShare !== null) {
$client = new OCSClient();
$client->acceptInvitation($remoteShare);
$remoteShare->setStatus(OCS_INVITATION_STATUS_ACCEPTED);
$store->storeRemoteShare($remoteShare);
}
break;
case "reject_invitation":
$remoteShareId = \AJXP_Utils::sanitize($httpVars["remote_share_id"], AJXP_SANITIZE_ALPHANUM);
$store = new SQLStore();
$remoteShare = $store->remoteShareById($remoteShareId);
if ($remoteShare !== null) {
$client = new OCSClient();
$client->declineInvitation($remoteShare);
$store->deleteRemoteShare($remoteShare);
\ConfService::getInstance()->invalidateLoadedRepositories();
}
break;
default:
break;
}
return null;
}
protected function setUp()
{
$pServ = AJXP_PluginsService::getInstance();
ConfService::init();
$confPlugin = ConfService::getInstance()->confPluginSoftLoad($pServ);
$pServ->loadPluginsRegistry(AJXP_INSTALL_PATH . "/plugins", $confPlugin);
ConfService::start();
}
/**
* @return bool
*/
private function loadRegistryFromCache()
{
if (!defined("AJXP_SKIP_CACHE") || AJXP_SKIP_CACHE === false) {
$reqs = AJXP_Utils::loadSerialFile(AJXP_PLUGINS_REQUIRES_FILE);
if (count($reqs)) {
foreach ($reqs as $fileName) {
if (!is_file($fileName)) {
// Cache is out of sync
return false;
}
require_once $fileName;
}
$kvCache = ConfService::getInstance()->getKeyValueCache();
$test = $kvCache->fetch("plugins_registry");
if ($test !== FALSE) {
$this->registry = $test;
} else {
$res = AJXP_Utils::loadSerialFile(AJXP_PLUGINS_CACHE_FILE);
$this->registry = $res;
$kvCache->save("plugins_registry", $res);
}
// Refresh streamWrapperPlugins
foreach ($this->registry as $plugs) {
foreach ($plugs as $plugin) {
if (method_exists($plugin, "detectStreamWrapper") && $plugin->detectStreamWrapper(false) !== false) {
$this->streamWrapperPlugins[] = $plugin->getId();
}
}
}
return true;
} else {
return false;
}
} else {
return false;
}
}
// Don't overwrite cookie
if (!isset($_COOKIE["AjaXplorer"])) {
$_COOKIE["AjaXplorer"] = $_GET["ajxp_sessid"];
}
}
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
if (is_file(TESTS_RESULT_FILE)) {
set_error_handler(array("AJXP_XMLWriter", "catchError"), E_ALL & ~E_NOTICE & ~E_STRICT);
set_exception_handler(array("AJXP_XMLWriter", "catchException"));
}
$pServ = AJXP_PluginsService::getInstance();
ConfService::init();
$confPlugin = ConfService::getInstance()->confPluginSoftLoad($pServ);
try {
$pServ->loadPluginsRegistry(AJXP_INSTALL_PATH . "/plugins", $confPlugin);
} catch (Exception $e) {
die("Severe error while loading plugins registry : " . $e->getMessage());
}
ConfService::start();
$confStorageDriver = ConfService::getConfStorageImpl();
require_once $confStorageDriver->getUserClassFileName();
//new AjxpSessionHandler();
if (!isset($OVERRIDE_SESSION)) {
session_name("AjaXplorer");
}
session_start();
if (isset($_GET["tmp_repository_id"])) {
ConfService::switchRootDir($_GET["tmp_repository_id"], true);
public function save($context = "superuser")
{
$kvCache = ConfService::getInstance()->getKeyValueCache();
$this->_save($context);
$kvCache->save("pydio:user:" . $this->getId(), $this);
}
/**
* Instantiate a new AbstractAjxpUser
*
* @param String $userId
* @return AbstractAjxpUser
*/
public function createUserObject($userId)
{
$kvCache = ConfService::getInstance()->getKeyValueCache();
$test = $kvCache->fetch("pydio:user:"******"AbstractAjxpUser")) {
if ($test->personalRole == null) {
$test->personalRole = $test->roles["AJXP_USR_/" . $userId];
}
$test->recomputeMergedRole();
return $test;
}
$userId = AuthService::filterUserSensitivity($userId);
$abstractUser = $this->instantiateAbstractUserImpl($userId);
if (!$abstractUser->storageExists()) {
AuthService::updateDefaultRights($abstractUser);
}
AuthService::updateAutoApplyRole($abstractUser);
AuthService::updateAuthProvidedData($abstractUser);
$args = array(&$abstractUser);
AJXP_Controller::applyIncludeHook("include.user.updateUserObject", $args);
$kvCache->save("pydio:user:" . $userId, $abstractUser);
return $abstractUser;
}
public static function getFilteredXMLRegistry($extendedVersion = true, $clone = false, $useCache = false)
{
if ($useCache) {
$kvCache = ConfService::getInstance()->getKeyValueCache();
$cacheKey = self::getRegistryCacheKey($extendedVersion);
$cachedXml = $kvCache->fetch($cacheKey);
if ($cachedXml !== false) {
$registry = new DOMDocument("1.0", "utf-8");
$registry->loadXML($cachedXml);
AJXP_PluginsService::updateXmlRegistry($registry, $extendedVersion);
if ($clone) {
return $registry->cloneNode(true);
} else {
return $registry;
}
}
}
$registry = AJXP_PluginsService::getXmlRegistry($extendedVersion);
$changes = self::filterRegistryFromRole($registry);
if ($changes) {
AJXP_PluginsService::updateXmlRegistry($registry, $extendedVersion);
}
if ($useCache && isset($kvCache) && isset($cacheKey)) {
$kvCache->save($cacheKey, $registry->saveXML());
}
if ($clone) {
$cloneDoc = $registry->cloneNode(true);
$registry = $cloneDoc;
}
return $registry;
}
/**
* Delete a role by its id
* @static
* @param string $roleId
* @return void
*/
public static function deleteRole($roleId)
{
ConfService::getConfStorageImpl()->deleteRole($roleId);
//CacheService::deleteAll(AJXP_CACHE_SERVICE_NS_SHARED);
ConfService::getInstance()->invalidateLoadedRepositories();
}
/**
* Delete a role by its id
* @static
* @param string $roleId
* @return void
*/
public static function deleteRole($roleId)
{
ConfService::getConfStorageImpl()->deleteRole($roleId);
ConfService::getInstance()->getKeyValueCache()->deleteAll();
}
/**
* Write an entry to the log.
*
* @param String $level Log severity: one of LOG_LEVEL_* (DEBUG,INFO,NOTICE,WARNING,ERROR)
* @param String $ip The client ip
* @param String $user The user login
* @param String $source The source of the message
* @param String $prefix The prefix of the message
* @param String $message The message to log
* @param array $nodesPathes
*/
public function write2($level, $ip, $user, $source, $prefix, $message, $nodesPathes = array())
{
if ($prefix == "Log In" && $message == "context=API") {
// Limit the number of logs
$test = dibi::query('SELECT [logdate] FROM [ajxp_log] WHERE [user]=%s AND [message]=%s AND [params]=%s ORDER BY [logdate] DESC %lmt %ofs', $user, $prefix, $message, 1, 0);
$lastInsert = $test->fetchSingle();
$now = new DateTime('NOW');
if (is_a($lastInsert, "DibiDateTime")) {
$lastTimestamp = $lastInsert->getTimestamp();
} else {
$lastTimestamp = strtotime($lastInsert);
}
if ($lastInsert !== false && $now->getTimestamp() - $lastTimestamp < 60 * 60) {
// IGNORING, LIMIT API LOGINS TO ONE PER HOUR, OR IT WILL FILL THE LOGS
return;
}
}
$files = array(array("dirname" => "", "basename" => ""));
if (AJXP_Utils::detectXSS($message)) {
$message = "XSS Detected in Message!";
} else {
if (count($nodesPathes)) {
$files = array();
foreach ($nodesPathes as $path) {
$parts = pathinfo($path);
$files[] = array("dirname" => $parts["dirname"], "basename" => $parts["basename"]);
}
}
}
foreach ($files as $fileDef) {
$log_row = array('logdate' => new DateTime('NOW'), 'remote_ip' => $this->inet_ptod($ip), 'severity' => strtoupper((string) $level), 'user' => $user, 'source' => $source, 'message' => $prefix, 'params' => $message, 'repository_id' => ConfService::getInstance()->getContextRepositoryId(), 'device' => $_SERVER['HTTP_USER_AGENT'], 'dirname' => $fileDef["dirname"], 'basename' => $fileDef["basename"]);
//we already handle exception for write2 in core.log
dibi::query('INSERT INTO [ajxp_log]', $log_row);
}
}
public function postVerificationCode($action, $httpVars, $fileVars)
{
if ($action != "duo_post_verification_code") {
return;
}
$u = AuthService::getLoggedUser();
if ($u == null) {
return;
}
$sigResponse = $httpVars["sig_response"];
require_once $this->getBaseDir() . "/duo_php/duo_web.php";
$appUnique = $this->getFilteredOption("DUO_AUTH_AKEY");
$iKey = $this->getFilteredOption("DUO_AUTH_IKEY");
$sKey = $this->getFilteredOption("DUO_AUTH_SKEY");
$verif = Duo::verifyResponse($iKey, $sKey, $appUnique, $sigResponse);
if ($verif != null && $verif == $u->getId()) {
$u->removeLock();
$u->save("superuser");
$u->recomputeMergedRole();
AuthService::updateUser($u);
ConfService::switchUserToActiveRepository($u);
$force = $u->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
$passId = -1;
if ($force != "" && $u->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
$passId = $force;
}
$res = ConfService::switchUserToActiveRepository($u, $passId);
if (!$res) {
AuthService::disconnect();
AJXP_XMLWriter::header();
AJXP_XMLWriter::requireAuth(true);
AJXP_XMLWriter::close();
}
ConfService::getInstance()->invalidateLoadedRepositories();
} else {
AuthService::disconnect();
AJXP_XMLWriter::header();
AJXP_XMLWriter::requireAuth(true);
AJXP_XMLWriter::close();
}
}
