function testLockEtc()
{
mkdir(SABRE_TEMPDIR . '/mstest');
$tree = new DAV\FS\Directory(SABRE_TEMPDIR . '/mstest');
$server = new DAV\Server($tree);
$server->debugExceptions = true;
$locksBackend = new Backend\File(SABRE_TEMPDIR . '/locksdb');
$locksPlugin = new Plugin($locksBackend);
$server->addPlugin($locksPlugin);
$response1 = new HTTP\ResponseMock();
$server->httpRequest = $this->getLockRequest();
$server->httpResponse = $response1;
$server->sapi = new HTTP\SapiMock();
$server->exec();
$this->assertEquals(201, $server->httpResponse->getStatus(), 'Full response body:' . $response1->getBodyAsString());
$this->assertTrue(!!$server->httpResponse->getHeaders('Lock-Token'));
$lockToken = $server->httpResponse->getHeader('Lock-Token');
//sleep(10);
$response2 = new HTTP\ResponseMock();
$server->httpRequest = $this->getLockRequest2();
$server->httpResponse = $response2;
$server->exec();
$this->assertEquals(201, $server->httpResponse->status);
$this->assertTrue(!!$server->httpResponse->getHeaders('Lock-Token'));
//sleep(10);
$response3 = new HTTP\ResponseMock();
$server->httpRequest = $this->getPutRequest($lockToken);
$server->httpResponse = $response3;
$server->exec();
$this->assertEquals(204, $server->httpResponse->status);
}
function testLockEtc()
{
mkdir(SABRE_TEMPDIR . '/mstest');
$tree = new DAV\FS\Directory(SABRE_TEMPDIR . '/mstest');
$server = new DAV\Server($tree);
$server->debugExceptions = true;
$locksBackend = new Backend\File(SABRE_TEMPDIR . '/locksdb');
$locksPlugin = new Plugin($locksBackend);
$server->addPlugin($locksPlugin);
$response1 = new HTTP\ResponseMock();
$server->httpRequest = $this->getLockRequest();
$server->httpResponse = $response1;
$server->exec();
$this->assertEquals('HTTP/1.1 201 Created', $server->httpResponse->status);
$this->assertTrue(isset($server->httpResponse->headers['Lock-Token']));
$lockToken = $server->httpResponse->headers['Lock-Token'];
//sleep(10);
$response2 = new HTTP\ResponseMock();
$server->httpRequest = $this->getLockRequest2();
$server->httpResponse = $response2;
$server->exec();
$this->assertEquals('HTTP/1.1 201 Created', $server->httpResponse->status);
$this->assertTrue(isset($server->httpResponse->headers['Lock-Token']));
//sleep(10);
$response3 = new HTTP\ResponseMock();
$server->httpRequest = $this->getPutRequest($lockToken);
$server->httpResponse = $response3;
$server->exec();
$this->assertEquals('HTTP/1.1 204 No Content', $server->httpResponse->status);
}
/**
* @param Request $request
*
* @return StreamedResponse
*/
public function indexAction(Request $request)
{
date_default_timezone_set('Europe/Paris');
$baseUri = $this->generateUrl('caldav');
$pmanager = $this->get('pmanager');
// Backends:
$authBackend = new Auth($pmanager);
$calendarBackend = new Calendar($pmanager, $this->generateUrl('event_read', [], true), $this->get('cocur_slugify'));
$principalBackend = new Principals($pmanager);
$tree = [new Collection($principalBackend), new CalendarRoot($principalBackend, $calendarBackend)];
$server = new Server($tree);
$server->setBaseUri($baseUri);
$server->addPlugin(new AuthPlugin($authBackend, 'SabreDAV'));
$server->addPlugin(new ACLPlugin());
$server->addPlugin(new ICSExportPlugin());
$server->addPlugin(new CalDAVPlugin());
$server->addPlugin(new SubscriptionsPlugin());
$server->addPlugin(new SchedulePlugin());
$server->addPlugin(new SyncPlugin());
$server->addPlugin(new BrowserPlugin());
$callback = function () use($server, $request) {
/* These two lines fix a weird bug
where SabreDAV wouldn't give the correct answer to a propfind */
$url = $server->httpRequest->getUrl();
$server->httpRequest = new SabreRequest($request->getMethod(), $url, $request->headers->all(), $request->getContent());
$server->exec();
/* These two lines log the request and the response */
$responseBody = $server->httpResponse->getBodyAsString();
$this->logIt($request, $server->httpResponse, $responseBody);
};
return new StreamedResponse($callback);
}
function init()
{
if (!is_dir('store')) {
os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
}
$which = null;
if (argc() > 1) {
$which = argv(1);
}
$profile = 0;
\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n";
if ($which) {
profile_load($which, $profile);
}
$auth = new \Zotlabs\Storage\BasicAuth();
$ob_hash = get_observer_hash();
if ($ob_hash) {
if (local_channel()) {
$channel = \App::get_channel();
$auth->setCurrentUser($channel['channel_address']);
$auth->channel_id = $channel['channel_id'];
$auth->channel_hash = $channel['channel_hash'];
$auth->channel_account_id = $channel['channel_account_id'];
if ($channel['channel_timezone']) {
$auth->setTimezone($channel['channel_timezone']);
}
}
$auth->observer = $ob_hash;
}
if ($_GET['davguest']) {
$_SESSION['davguest'] = true;
}
$_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['QUERY_STRING']);
$_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['REQUEST_URI']);
$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
// A SabreDAV server-object
$server = new SDAV\Server($rootDirectory);
// prevent overwriting changes each other with a lock backend
$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
$lockPlugin = new SDAV\Locks\Plugin($lockBackend);
$server->addPlugin($lockPlugin);
$is_readable = false;
// provide a directory view for the cloud in Hubzilla
$browser = new \Zotlabs\Storage\Browser($auth);
$auth->setBrowserPlugin($browser);
$server->addPlugin($browser);
// Experimental QuotaPlugin
// require_once('\Zotlabs\Storage/QuotaPlugin.php');
// $server->addPlugin(new \Zotlabs\Storage\\QuotaPlugin($auth));
ob_start();
// All we need to do now, is to fire up the server
$server->exec();
ob_end_flush();
killme();
}
/**
* @depends testCalendarMultiGetReport
*/
function testCalendarMultiGetReportEndBeforeStart()
{
$body = '<?xml version="1.0"?>' . '<c:calendar-multiget xmlns:c="urn:ietf:params:xml:ns:caldav" xmlns:d="DAV:">' . '<d:prop>' . ' <c:calendar-data>' . ' <c:expand start="20200101T000000Z" end="20110101T000000Z" />' . ' </c:calendar-data>' . ' <d:getetag />' . '</d:prop>' . '<d:href>/calendars/user1/UUID-123467/UUID-2345</d:href>' . '</c:calendar-multiget>';
$request = new HTTP\Request('REPORT', '/calendars/user1', ['Depth' => '1']);
$request->setBody($body);
$this->server->httpRequest = $request;
$this->server->exec();
$this->assertEquals(400, $this->response->status, 'Invalid HTTP status received. Full response body: ' . $this->response->body);
}
function testSimpleCopyCollection()
{
$serverVars = array('REQUEST_URI' => '/col', 'REQUEST_METHOD' => 'COPY', 'HTTP_DESTINATION' => '/col2');
$request = new HTTP\Request($serverVars);
$this->server->httpRequest = $request;
$this->server->exec();
$this->assertEquals('HTTP/1.1 201 Created', $this->response->status, 'Incorrect status received. Full response body: ' . $this->response->body);
$this->assertEquals(array('Content-Length' => '0'), $this->response->headers);
$this->assertEquals('Test contents', file_get_contents(SABRE_TEMPDIR . '/col2/test.txt'));
}
function testSimpleCopyCollection()
{
$serverVars = array('REQUEST_URI' => '/col', 'REQUEST_METHOD' => 'COPY', 'HTTP_DESTINATION' => '/col2');
$request = HTTP\Sapi::createFromServerArray($serverVars);
$this->server->httpRequest = $request;
$this->server->exec();
$this->assertEquals(201, $this->response->status, 'Incorrect status received. Full response body: ' . $this->response->body);
$this->assertEquals(array('X-Sabre-Version' => [Version::VERSION], 'Content-Length' => ['0']), $this->response->getHeaders());
$this->assertEquals('Test contents', file_get_contents(SABRE_TEMPDIR . '/col2/test.txt'));
}
function testReportPassThrough()
{
$fakeServer = new DAV\Server(new DAV\SimpleCollection('bla'));
$plugin = new Plugin(new Backend\Mock(), 'realm');
$fakeServer->addPlugin($plugin);
$request = new HTTP\Request(array('REQUEST_METHOD' => 'REPORT', 'HTTP_CONTENT_TYPE' => 'application/xml', 'REQUEST_URI' => '/'));
$request->setBody('<?xml version="1.0"?><s:somereport xmlns:s="http://www.rooftopsolutions.nl/NS/example" />');
$fakeServer->httpRequest = $request;
$fakeServer->httpResponse = new HTTP\ResponseMock();
$fakeServer->exec();
$this->assertEquals('HTTP/1.1 403 Forbidden', $fakeServer->httpResponse->status);
}
/**
* @depends testNoAdminAccess
*/
function testAdminAccess()
{
$principalBackend = new PrincipalBackend\Mock();
$tree = array(new MockACLNode('adminonly', array()), new PrincipalCollection($principalBackend));
$fakeServer = new DAV\Server($tree);
$plugin = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock(), 'realm');
$fakeServer->addPlugin($plugin);
$plugin = new Plugin();
$plugin->adminPrincipals = array('principals/admin');
$fakeServer->addPlugin($plugin);
$request = new HTTP\Request(array('REQUEST_METHOD' => 'OPTIONS', 'HTTP_DEPTH' => 1, 'REQUEST_URI' => '/adminonly'));
$response = new HTTP\ResponseMock();
$fakeServer->httpRequest = $request;
$fakeServer->httpResponse = $response;
$fakeServer->exec();
$this->assertEquals('HTTP/1.1 200 OK', $response->status);
}
function init()
{
// workaround for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
$_SERVER['PHP_AUTH_PW'] = $password;
}
}
if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
$_SERVER['PHP_AUTH_PW'] = $password;
}
}
if (!is_dir('store')) {
os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
}
if (argc() > 1) {
profile_load(argv(1), 0);
}
$auth = new \Zotlabs\Storage\BasicAuth();
$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV');
$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
// A SabreDAV server-object
$server = new SDAV\Server($rootDirectory);
$authPlugin = new \Sabre\DAV\Auth\Plugin($auth);
$server->addPlugin($authPlugin);
// prevent overwriting changes each other with a lock backend
$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
$lockPlugin = new SDAV\Locks\Plugin($lockBackend);
$server->addPlugin($lockPlugin);
// provide a directory view for the cloud in Hubzilla
$browser = new \Zotlabs\Storage\Browser($auth);
$auth->setBrowserPlugin($browser);
// Experimental QuotaPlugin
// require_once('Zotlabs/Storage/QuotaPlugin.php');
// $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth));
// All we need to do now, is to fire up the server
$server->exec();
killme();
}
public function indexAction()
{
// Now we're creating a whole bunch of objects
$rootDirectory = new DAV\FS\Directory('../public');
// The server object is responsible for making sense out of the WebDAV protocol
$server = new DAV\Server($rootDirectory);
// If your server is not on your webroot, make sure the following line has the correct information
$server->setBaseUri('/list/index');
// The lock manager is responsible for making sure users don't overwrite each others changes.
//$lockBackend = new DAV\Locks\Backend\File('../data/locks');
//$lockPlugin = new DAV\Locks\Plugin($lockBackend);
//$server->addPlugin($lockPlugin);
// This ensures that we get a pretty index in the browser, but it is optional.
//$server->addPlugin(new DAV\Browser\Plugin(false));
// All we need to do now, is to fire up the server
$server->exec();
}
/**
* Run the server
*/
public function runServer()
{
$pdo = $this->getPdoConnection();
$principalBackend = new PrincipalBackendTypo3($pdo);
$tree = [new Collection($principalBackend), new CalendarRoot($principalBackend, new BackendTypo3($pdo))];
$server = new Server($tree);
$server->setBaseUri('/CalDav/');
/* Server Plugins */
$authPlugin = new AuthPlugin(new AuthBackendTypo3($pdo));
$server->addPlugin($authPlugin);
#$aclPlugin = new \Sabre\DAVACL\Plugin();
#$server->addPlugin($aclPlugin);
$caldavPlugin = new Plugin();
$server->addPlugin($caldavPlugin);
if (GeneralUtility::getApplicationContext()->isDevelopment()) {
$server->addPlugin(new BrowserPlugin());
}
$server->exec();
}
/**
* @depends testTreeMove
* @depends testCopyMoveInfo
*/
function testEverything()
{
// Request object
$serverVars = array('REQUEST_METHOD' => 'MOVE', 'REQUEST_URI' => '/webdav/bar', 'HTTP_DESTINATION' => 'http://dev2.tribalos.com/webdav/%C3%A0fo%C3%B3', 'HTTP_OVERWRITE' => 'F');
$request = new HTTP\Request($serverVars);
$request->setBody('');
$response = new HTTP\ResponseMock();
// Server setup
mkdir(SABRE_TEMPDIR . '/issue33');
$dir = new FS\Directory(SABRE_TEMPDIR . '/issue33');
$dir->createDirectory('bar');
$tree = new ObjectTree($dir);
$server = new Server($tree);
$server->setBaseUri('/webdav/');
$server->httpRequest = $request;
$server->httpResponse = $response;
$server->exec();
$this->assertTrue(file_exists(SABRE_TEMPDIR . '/issue33/' . urldecode('%C3%A0fo%C3%B3')));
}
/**
* @param Exception $e
*/
function handleException(Exception $e)
{
$request = \OC::$server->getRequest();
// in case the request content type is text/xml - we assume it's a WebDAV request
$isXmlContentType = strpos($request->getHeader('Content-Type'), 'text/xml');
if ($isXmlContentType === 0) {
// fire up a simple server to properly process the exception
$server = new Server();
if (!$e instanceof RemoteException) {
// we shall not log on RemoteException
$server->addPlugin(new ExceptionLoggerPlugin('webdav', \OC::$server->getLogger()));
}
$server->on('beforeMethod', function () use($e) {
if ($e instanceof RemoteException) {
switch ($e->getCode()) {
case OC_Response::STATUS_SERVICE_UNAVAILABLE:
throw new ServiceUnavailable($e->getMessage());
case OC_Response::STATUS_NOT_FOUND:
throw new \Sabre\DAV\Exception\NotFound($e->getMessage());
}
}
$class = get_class($e);
$msg = $e->getMessage();
throw new ServiceUnavailable("{$class}: {$msg}");
});
$server->exec();
} else {
$statusCode = OC_Response::STATUS_INTERNAL_SERVER_ERROR;
if ($e instanceof \OC\ServiceUnavailableException) {
$statusCode = OC_Response::STATUS_SERVICE_UNAVAILABLE;
}
if ($e instanceof RemoteException) {
// we shall not log on RemoteException
OC_Response::setStatus($e->getCode());
OC_Template::printErrorPage($e->getMessage());
} else {
\OCP\Util::writeLog('remote', $e->getMessage(), \OCP\Util::FATAL);
OC_Response::setStatus($statusCode);
OC_Template::printExceptionErrorPage($e);
}
}
}
// The lock manager is reponsible for making sure users don't overwrite
// each others changes.
$lockBackend = new DAV\Locks\Backend\File($dolibarr_main_data_root . '/cdav/.locks');
// Principals Backend
$principalBackend = new DAVACL\PrincipalBackend\Dolibarr($user, $db);
// CardDav & CalDav Backend
$carddavBackend = new Sabre\CardDAV\Backend\Dolibarr($user, $db, $langs);
$caldavBackend = new Sabre\CalDAV\Backend\Dolibarr($user, $db, $langs, $cdavLib);
// Setting up the directory tree //
$nodes = array(new DAVACL\PrincipalCollection($principalBackend), new \Sabre\CardDAV\AddressBookRoot($principalBackend, $carddavBackend), new \Sabre\CalDAV\CalendarRoot($principalBackend, $caldavBackend), new DAV\FS\Directory($dolibarr_main_data_root . '/cdav/public'));
// admin can access all dolibarr documents
if ($user->admin) {
$nodes[] = new DAV\FS\Directory($dolibarr_main_data_root);
}
// The server object is responsible for making sense out of the WebDAV protocol
$server = new DAV\Server($nodes);
// If your server is not on your webroot, make sure the following line has the
// correct information
$server->setBaseUri(dol_buildpath('cdav/server.php', 1) . '/');
$server->addPlugin(new \Sabre\DAV\Auth\Plugin($authBackend));
$server->addPlugin(new \Sabre\DAV\Locks\Plugin($lockBackend));
$server->addPlugin(new \Sabre\DAV\Browser\Plugin());
$server->addPlugin(new \Sabre\CardDAV\Plugin());
$server->addPlugin(new \Sabre\CalDAV\Plugin());
$server->addPlugin(new \Sabre\DAVACL\Plugin());
// $server->addPlugin(new \Sabre\DAV\Sync\Plugin());
// All we need to do now, is to fire up the server
$server->exec();
if (is_object($db)) {
$db->close();
}
/**
* @brief Fires up the SabreDAV server.
*
* @param App &$a
*/
function cloud_init(&$a)
{
require_once 'include/reddav.php';
if (!is_dir('store')) {
os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
}
$which = null;
if (argc() > 1) {
$which = argv(1);
}
$profile = 0;
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which . '" />' . "\r\n";
if ($which) {
profile_load($a, $which, $profile);
}
$auth = new RedDAV\RedBasicAuth();
$ob_hash = get_observer_hash();
if ($ob_hash) {
if (local_channel()) {
$channel = $a->get_channel();
$auth->setCurrentUser($channel['channel_address']);
$auth->channel_id = $channel['channel_id'];
$auth->channel_hash = $channel['channel_hash'];
$auth->channel_account_id = $channel['channel_account_id'];
if ($channel['channel_timezone']) {
$auth->setTimezone($channel['channel_timezone']);
}
}
$auth->observer = $ob_hash;
}
if ($_GET['davguest']) {
$_SESSION['davguest'] = true;
}
$_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['QUERY_STRING']);
$_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['REQUEST_URI']);
$rootDirectory = new RedDAV\RedDirectory('/', $auth);
// A SabreDAV server-object
$server = new DAV\Server($rootDirectory);
// prevent overwriting changes each other with a lock backend
$lockBackend = new DAV\Locks\Backend\File('store/[data]/locks');
$lockPlugin = new DAV\Locks\Plugin($lockBackend);
$server->addPlugin($lockPlugin);
$is_readable = false;
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
try {
$x = RedFileData('/' . $a->cmd, $auth);
} catch (\Exception $e) {
if ($e instanceof Sabre\DAV\Exception\Forbidden) {
http_status_exit(401, 'Permission denied.');
}
}
}
require_once 'include/RedDAV/RedBrowser.php';
// provide a directory view for the cloud in Hubzilla
$browser = new RedDAV\RedBrowser($auth);
$auth->setBrowserPlugin($browser);
$server->addPlugin($browser);
// Experimental QuotaPlugin
// require_once('include/RedDAV/QuotaPlugin.php');
// $server->addPlugin(new RedDAV\QuotaPlugin($auth));
// All we need to do now, is to fire up the server
$server->exec();
killme();
}
function testNegotiateDefault()
{
$cbackend = TestUtil::getBackend();
$pbackend = new DAVACL\PrincipalBackend\Mock();
$props = array('uri' => 'UUID-123467', 'principaluri' => 'admin', 'id' => 1);
$tree = array(new Calendar($cbackend, $props), new DAVACL\PrincipalCollection($pbackend));
$p = new ICSExportPlugin();
$s = new DAV\Server($tree);
$s->sapi = new HTTP\SapiMock();
$s->addPlugin($p);
$s->addPlugin(new Plugin());
$h = HTTP\Sapi::createFromServerArray(['REQUEST_URI' => '/UUID-123467?export', 'REQUEST_METHOD' => 'GET', 'HTTP_ACCEPT' => 'text/plain']);
$s->httpRequest = $h;
$s->httpResponse = new HTTP\ResponseMock();
$s->exec();
$this->assertEquals(200, $s->httpResponse->status, 'Invalid status received. Response body: ' . $s->httpResponse->body);
$this->assertEquals('text/calendar', $s->httpResponse->getHeader('Content-Type'));
}
function testACLIntegrationNotBlocked()
{
if (!SABRE_HASSQLITE) {
$this->markTestSkipped('SQLite driver is not available');
}
$cbackend = TestUtil::getBackend();
$pbackend = new DAVACL\PrincipalBackend\Mock();
$props = array('uri' => 'UUID-123467', 'principaluri' => 'admin', 'id' => 1);
$tree = array(new Calendar($cbackend, $props), new DAVACL\PrincipalCollection($pbackend));
$p = new ICSExportPlugin();
$s = new DAV\Server($tree);
$s->addPlugin($p);
$s->addPlugin(new Plugin());
$s->addPlugin(new DAVACL\Plugin());
$s->addPlugin(new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock(), 'SabreDAV'));
// Forcing login
$s->getPlugin('acl')->adminPrincipals = array('principals/admin');
$h = new HTTP\Request(array('QUERY_STRING' => 'export', 'REQUEST_URI' => '/UUID-123467', 'REQUEST_METHOD' => 'GET'));
$s->httpRequest = $h;
$s->httpResponse = new HTTP\ResponseMock();
$s->exec();
$this->assertEquals('HTTP/1.1 200 OK', $s->httpResponse->status, 'Invalid status received. Response body: ' . $s->httpResponse->body);
$this->assertEquals(array('Content-Type' => 'text/calendar'), $s->httpResponse->headers);
$obj = VObject\Reader::read($s->httpResponse->body);
$this->assertEquals(5, count($obj->children()));
$this->assertEquals(1, count($obj->VERSION));
$this->assertEquals(1, count($obj->CALSCALE));
$this->assertEquals(1, count($obj->PRODID));
$this->assertEquals(1, count($obj->VTIMEZONE));
$this->assertEquals(1, count($obj->VEVENT));
}
/**
* (non-PHPdoc)
* @see Tinebase_Server_Interface::handle()
*/
public function handle(\Zend\Http\Request $request = null, $body = null)
{
$this->_request = $request instanceof \Zend\Http\Request ? $request : Tinebase_Core::get(Tinebase_Core::REQUEST);
if ($body !== null) {
$this->_body = $body;
} else {
if ($this->_request instanceof \Zend\Http\Request) {
$this->_body = fopen('php://temp', 'r+');
fwrite($this->_body, $request->getContent());
rewind($this->_body);
}
}
try {
list($loginName, $password) = $this->_getAuthData($this->_request);
} catch (Tinebase_Exception_NotFound $tenf) {
header('WWW-Authenticate: Basic realm="WebDAV for Tine 2.0"');
header('HTTP/1.1 401 Unauthorized');
return;
}
if (Tinebase_Core::isLogLevel(Zend_Log::INFO)) {
Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' is CalDav, CardDAV or WebDAV request.');
}
Tinebase_Core::initFramework();
if (Tinebase_Controller::getInstance()->login($loginName, $password, $this->_request, self::REQUEST_TYPE) !== true) {
header('WWW-Authenticate: Basic realm="WebDAV for Tine 2.0"');
header('HTTP/1.1 401 Unauthorized');
return;
}
if (Tinebase_Core::isLogLevel(Zend_Log::INFO)) {
Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' requestUri:' . $this->_request->getRequestUri());
}
self::$_server = new \Sabre\DAV\Server(new Tinebase_WebDav_Root());
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
$contentType = self::$_server->httpRequest->getHeader('Content-Type');
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . " requestContentType: " . $contentType);
if (preg_match('/^text/', $contentType)) {
// NOTE inputstream can not be rewinded
$debugStream = fopen('php://temp', 'r+');
stream_copy_to_stream($this->_body, $debugStream);
rewind($debugStream);
$this->_body = $debugStream;
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . " <<< *DAV request\n" . stream_get_contents($this->_body));
rewind($this->_body);
} else {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . " <<< *DAV request\n -- BINARY DATA --");
}
}
self::$_server->httpRequest->setBody($this->_body);
// compute base uri
self::$_server->setBaseUri($this->_request->getBaseUrl() . '/');
$tempDir = Tinebase_Core::getTempDir();
if (!empty($tempDir)) {
self::$_server->addPlugin(new \Sabre\DAV\Locks\Plugin(new \Sabre\DAV\Locks\Backend\File($tempDir . '/webdav.lock')));
}
self::$_server->addPlugin(new \Sabre\DAV\Auth\Plugin(new Tinebase_WebDav_Auth(), null));
$aclPlugin = new \Sabre\DAVACL\Plugin();
$aclPlugin->defaultUsernamePath = Tinebase_WebDav_PrincipalBackend::PREFIX_USERS;
$aclPlugin->principalCollectionSet = array(Tinebase_WebDav_PrincipalBackend::PREFIX_USERS, Tinebase_WebDav_PrincipalBackend::PREFIX_GROUPS);
$aclPlugin->principalSearchPropertySet = array('{DAV:}displayname' => 'Display name', '{' . \Sabre\DAV\Server::NS_SABREDAV . '}email-address' => 'Email address', '{' . \Sabre\CalDAV\Plugin::NS_CALENDARSERVER . '}email-address-set' => 'Email addresses', '{' . \Sabre\CalDAV\Plugin::NS_CALENDARSERVER . '}first-name' => 'First name', '{' . \Sabre\CalDAV\Plugin::NS_CALENDARSERVER . '}last-name' => 'Last name', '{' . \Sabre\CalDAV\Plugin::NS_CALDAV . '}calendar-user-address-set' => 'Calendar user address set', '{' . \Sabre\CalDAV\Plugin::NS_CALDAV . '}calendar-user-type' => 'Calendar user type');
self::$_server->addPlugin($aclPlugin);
self::$_server->addPlugin(new \Sabre\CardDAV\Plugin());
self::$_server->addPlugin(new Calendar_Frontend_CalDAV_SpeedUpPlugin());
// this plugin must be loaded before CalDAV plugin
self::$_server->addPlugin(new \Sabre\CalDAV\Plugin());
self::$_server->addPlugin(new \Sabre\CalDAV\SharingPlugin());
self::$_server->addPlugin(new Calendar_Frontend_CalDAV_PluginAutoSchedule());
self::$_server->addPlugin(new Calendar_Frontend_CalDAV_PluginDefaultAlarms());
self::$_server->addPlugin(new Calendar_Frontend_CalDAV_PluginManagedAttachments());
self::$_server->addPlugin(new Calendar_Frontend_CalDAV_PluginPrivateEvents());
self::$_server->addPlugin(new Tinebase_WebDav_Plugin_Inverse());
self::$_server->addPlugin(new Tinebase_WebDav_Plugin_OwnCloud());
self::$_server->addPlugin(new Tinebase_WebDav_Plugin_PrincipalSearch());
#self::$_server->addPlugin(new DAV\Sync\Plugin());
self::$_server->addPlugin(new \Sabre\DAV\Browser\Plugin());
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
ob_start();
}
self::$_server->exec();
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . " >>> *DAV response:\n" . ob_get_contents());
ob_end_flush();
}
Tinebase_Controller::getInstance()->logout($this->_request->getServer('REMOTE_ADDR'));
}
/**
* This was a test written for issue #515.
*/
public function testNoneMatchCorrectEtagEnsureSapiSent()
{
$root = new SimpleCollection('root', array(new ServerPreconditionsNode()));
$server = new Server($root);
$server->sapi = new HTTP\SapiMock();
HTTP\SapiMock::$sent = 0;
$httpRequest = new HTTP\Request('GET', '/foo', ['If-None-Match' => '"abc123"']);
$server->httpRequest = $httpRequest;
$server->httpResponse = new HTTP\ResponseMock();
$server->exec();
$this->assertFalse($server->checkPreconditions($httpRequest, $server->httpResponse));
$this->assertEquals(304, $server->httpResponse->getStatus());
$this->assertEquals(['ETag' => '"abc123"', 'X-Sabre-Version' => Version::VERSION], $server->httpResponse->getHeaders());
$this->assertEquals(1, HTTP\SapiMock::$sent);
}
/**
* Starts the DAV Server
*/
public function exec()
{
$this->davServer->exec();
}
/**
* Starts processing
*
* @return void
*/
function start()
{
$this->server->exec();
}
function init()
{
// workaround for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
$_SERVER['PHP_AUTH_PW'] = $password;
}
}
if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
$_SERVER['PHP_AUTH_PW'] = $password;
}
}
require_once 'include/reddav.php';
if (!is_dir('store')) {
os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
}
$which = null;
if (argc() > 1) {
$which = argv(1);
}
$profile = 0;
\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n";
if ($which) {
profile_load($a, $which, $profile);
}
$auth = new \Zotlabs\Storage\BasicAuth();
// $authBackend = new \Sabre\DAV\Auth\Backend\BasicCallBack(function($userName,$password) {
// if(account_verify_password($userName,$password))
// return true;
// return false;
// });
// $ob_hash = get_observer_hash();
// if ($ob_hash) {
// if (local_channel()) {
// $channel = \App::get_channel();
// $auth->setCurrentUser($channel['channel_address']);
// $auth->channel_id = $channel['channel_id'];
// $auth->channel_hash = $channel['channel_hash'];
// $auth->channel_account_id = $channel['channel_account_id'];
// if($channel['channel_timezone'])
// $auth->setTimezone($channel['channel_timezone']);
// }
// $auth->observer = $ob_hash;
// }
// if ($_GET['davguest'])
// $_SESSION['davguest'] = true;
// $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
// $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
// $_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']);
//
// $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
// $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
// $_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']);
$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
// A SabreDAV server-object
$server = new SDAV\Server($rootDirectory);
$authPlugin = new \Sabre\DAV\Auth\Plugin($auth);
$server->addPlugin($authPlugin);
// prevent overwriting changes each other with a lock backend
$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
$lockPlugin = new SDAV\Locks\Plugin($lockBackend);
$server->addPlugin($lockPlugin);
// The next section of code allows us to bypass prompting for http-auth if a
// FILE is being accessed anonymously and permissions allow this. This way
// one can create hotlinks to public media files in their cloud and anonymous
// viewers won't get asked to login.
// If a DIRECTORY is accessed or there are permission issues accessing the
// file and we aren't previously authenticated via zot, prompt for HTTP-auth.
// This will be the default case for mounting a DAV directory.
// In order to avoid prompting for passwords for viewing a DIRECTORY, add
// the URL query parameter 'davguest=1'.
// $isapublic_file = false;
// $davguest = ((x($_SESSION, 'davguest')) ? true : false);
// if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) {
// try {
// $x = RedFileData('/' . \App::$cmd, $auth);
// if($x instanceof \Zotlabs\Storage\File)
// $isapublic_file = true;
// }
// catch (Exception $e) {
// $isapublic_file = false;
// }
// }
// if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) {
// try {
// $auth->Authenticate($server, t('$Projectname channel'));
// }
// catch (Exception $e) {
// logger('mod_cloud: auth exception' . $e->getMessage());
// http_status_exit($e->getHTTPCode(), $e->getMessage());
// }
// }
// require_once('Zotlabs/Storage/Browser.php');
// provide a directory view for the cloud in Hubzilla
$browser = new \Zotlabs\Storage\Browser($auth);
$auth->setBrowserPlugin($browser);
// Experimental QuotaPlugin
// require_once('Zotlabs/Storage/QuotaPlugin.php');
// $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth));
// All we need to do now, is to fire up the server
$server->exec();
killme();
}
function testFilterComponentBadComponent()
{
$cbackend = TestUtil::getBackend();
$pbackend = new DAVACL\PrincipalBackend\Mock();
$props = ['uri' => 'UUID-123467', 'principaluri' => 'admin', 'id' => 1];
// add a todo to the calendar (see /tests/Sabre/TestUtil)
$cbackend->createCalendarObject(1, 'UUID-3456', TestUtil::getTestTODO());
$tree = [new Calendar($cbackend, $props), new DAVACL\PrincipalCollection($pbackend)];
$p = new ICSExportPlugin();
$s = new DAV\Server($tree);
$s->sapi = new HTTP\SapiMock();
$s->addPlugin($p);
$s->addPlugin(new Plugin());
$h = HTTP\Sapi::createFromServerArray(['REQUEST_URI' => '/UUID-123467?export&componentType=VVOODOO', 'REQUEST_METHOD' => 'GET']);
$s->httpRequest = $h;
$s->httpResponse = new HTTP\ResponseMock();
$s->exec();
$this->assertEquals(400, $s->httpResponse->status, 'Invalid status received. Response body: ' . $s->httpResponse->body);
}
/**
* @brief Fires up the SabreDAV server.
*
* @param App &$a
*/
function cloud_init(&$a)
{
require_once 'include/reddav.php';
if (!is_dir('store')) {
os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
}
$which = null;
if (argc() > 1) {
$which = argv(1);
}
$profile = 0;
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which . '" />' . "\r\n";
if ($which) {
profile_load($a, $which, $profile);
}
$auth = new RedDAV\RedBasicAuth();
$ob_hash = get_observer_hash();
if ($ob_hash) {
if (local_channel()) {
$channel = $a->get_channel();
$auth->setCurrentUser($channel['channel_address']);
$auth->channel_id = $channel['channel_id'];
$auth->channel_hash = $channel['channel_hash'];
$auth->channel_account_id = $channel['channel_account_id'];
if ($channel['channel_timezone']) {
$auth->setTimezone($channel['channel_timezone']);
}
}
$auth->observer = $ob_hash;
}
if ($_GET['davguest']) {
$_SESSION['davguest'] = true;
}
$_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['QUERY_STRING']);
$_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['REQUEST_URI']);
$rootDirectory = new RedDAV\RedDirectory('/', $auth);
// A SabreDAV server-object
$server = new DAV\Server($rootDirectory);
// prevent overwriting changes each other with a lock backend
$lockBackend = new DAV\Locks\Backend\File('store/[data]/locks');
$lockPlugin = new DAV\Locks\Plugin($lockBackend);
$server->addPlugin($lockPlugin);
/* This next bit should no longer be needed... */
// The next section of code allows us to bypass prompting for http-auth if a
// FILE is being accessed anonymously and permissions allow this. This way
// one can create hotlinks to public media files in their cloud and anonymous
// viewers won't get asked to login.
// If a DIRECTORY is accessed or there are permission issues accessing the
// file and we aren't previously authenticated via zot, prompt for HTTP-auth.
// This will be the default case for mounting a DAV directory.
// In order to avoid prompting for passwords for viewing a DIRECTORY, add
// the URL query parameter 'davguest=1'.
// $isapublic_file = false;
// $davguest = ((x($_SESSION, 'davguest')) ? true : false);
// if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) {
// try {
// $x = RedFileData('/' . $a->cmd, $auth);
// if($x instanceof RedDAV\RedFile)
// $isapublic_file = true;
// }
// catch (Exception $e) {
// $isapublic_file = false;
// }
// }
// if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) {
// logger('mod_cloud: auth exception');
// http_status_exit(401, 'Permission denied.');
// }
require_once 'include/RedDAV/RedBrowser.php';
// provide a directory view for the cloud in Hubzilla
$browser = new RedDAV\RedBrowser($auth);
$auth->setBrowserPlugin($browser);
$server->addPlugin($browser);
// Experimental QuotaPlugin
// require_once('include/RedDAV/QuotaPlugin.php');
// $server->addPlugin(new RedDAV\QuotaPlugin($auth));
// All we need to do now, is to fire up the server
$server->exec();
killme();
}
