public function toggleDisclaimer($actionName, $httpVars, $fileVars)
 {
     $u = AuthService::getLoggedUser();
     $u->personalRole->setParameterValue("action.disclaimer", "DISCLAIMER_ACCEPTED", $httpVars["validate"] == "true" ? "yes" : "no", AJXP_REPO_SCOPE_ALL);
     if ($httpVars["validate"] == "true") {
         $u->removeLock();
         $u->save("superuser");
         AuthService::updateUser($u);
         ConfService::switchUserToActiveRepository($u);
         $force = $u->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
         $passId = -1;
         if ($force != "" && $u->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
             $passId = $force;
         }
         $res = ConfService::switchUserToActiveRepository($u, $passId);
         if (!$res) {
             AuthService::disconnect();
             AJXP_XMLWriter::header();
             AJXP_XMLWriter::requireAuth(true);
             AJXP_XMLWriter::close();
         }
         ConfService::getInstance()->invalidateLoadedRepositories();
     } else {
         $u->setLock("validate_disclaimer");
         $u->save("superuser");
         AuthService::disconnect();
         AJXP_XMLWriter::header();
         AJXP_XMLWriter::requireAuth(true);
         AJXP_XMLWriter::close();
     }
 }
 public function switchActions($actionName, $httpVars, $fileVars)
 {
     switch ($actionName) {
         case "accept_invitation":
             $remoteShareId = \AJXP_Utils::sanitize($httpVars["remote_share_id"], AJXP_SANITIZE_ALPHANUM);
             $store = new SQLStore();
             $remoteShare = $store->remoteShareById($remoteShareId);
             if ($remoteShare !== null) {
                 $client = new OCSClient();
                 $client->acceptInvitation($remoteShare);
                 $remoteShare->setStatus(OCS_INVITATION_STATUS_ACCEPTED);
                 $store->storeRemoteShare($remoteShare);
             }
             break;
         case "reject_invitation":
             $remoteShareId = \AJXP_Utils::sanitize($httpVars["remote_share_id"], AJXP_SANITIZE_ALPHANUM);
             $store = new SQLStore();
             $remoteShare = $store->remoteShareById($remoteShareId);
             if ($remoteShare !== null) {
                 $client = new OCSClient();
                 $client->declineInvitation($remoteShare);
                 $store->deleteRemoteShare($remoteShare);
                 \ConfService::getInstance()->invalidateLoadedRepositories();
             }
             break;
         default:
             break;
     }
     return null;
 }
 protected function setUp()
 {
     $pServ = AJXP_PluginsService::getInstance();
     ConfService::init();
     $confPlugin = ConfService::getInstance()->confPluginSoftLoad($pServ);
     $pServ->loadPluginsRegistry(AJXP_INSTALL_PATH . "/plugins", $confPlugin);
     ConfService::start();
 }
 /**
  * @return bool
  */
 private function loadRegistryFromCache()
 {
     if (!defined("AJXP_SKIP_CACHE") || AJXP_SKIP_CACHE === false) {
         $reqs = AJXP_Utils::loadSerialFile(AJXP_PLUGINS_REQUIRES_FILE);
         if (count($reqs)) {
             foreach ($reqs as $fileName) {
                 if (!is_file($fileName)) {
                     // Cache is out of sync
                     return false;
                 }
                 require_once $fileName;
             }
             $kvCache = ConfService::getInstance()->getKeyValueCache();
             $test = $kvCache->fetch("plugins_registry");
             if ($test !== FALSE) {
                 $this->registry = $test;
             } else {
                 $res = AJXP_Utils::loadSerialFile(AJXP_PLUGINS_CACHE_FILE);
                 $this->registry = $res;
                 $kvCache->save("plugins_registry", $res);
             }
             // Refresh streamWrapperPlugins
             foreach ($this->registry as $plugs) {
                 foreach ($plugs as $plugin) {
                     if (method_exists($plugin, "detectStreamWrapper") && $plugin->detectStreamWrapper(false) !== false) {
                         $this->streamWrapperPlugins[] = $plugin->getId();
                     }
                 }
             }
             return true;
         } else {
             return false;
         }
     } else {
         return false;
     }
 }
Exemple #5
0
    // Don't overwrite cookie
    if (!isset($_COOKIE["AjaXplorer"])) {
        $_COOKIE["AjaXplorer"] = $_GET["ajxp_sessid"];
    }
}
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
if (is_file(TESTS_RESULT_FILE)) {
    set_error_handler(array("AJXP_XMLWriter", "catchError"), E_ALL & ~E_NOTICE & ~E_STRICT);
    set_exception_handler(array("AJXP_XMLWriter", "catchException"));
}
$pServ = AJXP_PluginsService::getInstance();
ConfService::init();
$confPlugin = ConfService::getInstance()->confPluginSoftLoad($pServ);
try {
    $pServ->loadPluginsRegistry(AJXP_INSTALL_PATH . "/plugins", $confPlugin);
} catch (Exception $e) {
    die("Severe error while loading plugins registry : " . $e->getMessage());
}
ConfService::start();
$confStorageDriver = ConfService::getConfStorageImpl();
require_once $confStorageDriver->getUserClassFileName();
//new AjxpSessionHandler();
if (!isset($OVERRIDE_SESSION)) {
    session_name("AjaXplorer");
}
session_start();
if (isset($_GET["tmp_repository_id"])) {
    ConfService::switchRootDir($_GET["tmp_repository_id"], true);
 public function save($context = "superuser")
 {
     $kvCache = ConfService::getInstance()->getKeyValueCache();
     $this->_save($context);
     $kvCache->save("pydio:user:" . $this->getId(), $this);
 }
 /**
  * Instantiate a new AbstractAjxpUser
  *
  * @param String $userId
  * @return AbstractAjxpUser
  */
 public function createUserObject($userId)
 {
     $kvCache = ConfService::getInstance()->getKeyValueCache();
     $test = $kvCache->fetch("pydio:user:"******"AbstractAjxpUser")) {
         if ($test->personalRole == null) {
             $test->personalRole = $test->roles["AJXP_USR_/" . $userId];
         }
         $test->recomputeMergedRole();
         return $test;
     }
     $userId = AuthService::filterUserSensitivity($userId);
     $abstractUser = $this->instantiateAbstractUserImpl($userId);
     if (!$abstractUser->storageExists()) {
         AuthService::updateDefaultRights($abstractUser);
     }
     AuthService::updateAutoApplyRole($abstractUser);
     AuthService::updateAuthProvidedData($abstractUser);
     $args = array(&$abstractUser);
     AJXP_Controller::applyIncludeHook("include.user.updateUserObject", $args);
     $kvCache->save("pydio:user:" . $userId, $abstractUser);
     return $abstractUser;
 }
 public static function getFilteredXMLRegistry($extendedVersion = true, $clone = false, $useCache = false)
 {
     if ($useCache) {
         $kvCache = ConfService::getInstance()->getKeyValueCache();
         $cacheKey = self::getRegistryCacheKey($extendedVersion);
         $cachedXml = $kvCache->fetch($cacheKey);
         if ($cachedXml !== false) {
             $registry = new DOMDocument("1.0", "utf-8");
             $registry->loadXML($cachedXml);
             AJXP_PluginsService::updateXmlRegistry($registry, $extendedVersion);
             if ($clone) {
                 return $registry->cloneNode(true);
             } else {
                 return $registry;
             }
         }
     }
     $registry = AJXP_PluginsService::getXmlRegistry($extendedVersion);
     $changes = self::filterRegistryFromRole($registry);
     if ($changes) {
         AJXP_PluginsService::updateXmlRegistry($registry, $extendedVersion);
     }
     if ($useCache && isset($kvCache) && isset($cacheKey)) {
         $kvCache->save($cacheKey, $registry->saveXML());
     }
     if ($clone) {
         $cloneDoc = $registry->cloneNode(true);
         $registry = $cloneDoc;
     }
     return $registry;
 }
 /**
  * Delete a role by its id
  * @static
  * @param string $roleId
  * @return void
  */
 public static function deleteRole($roleId)
 {
     ConfService::getConfStorageImpl()->deleteRole($roleId);
     //CacheService::deleteAll(AJXP_CACHE_SERVICE_NS_SHARED);
     ConfService::getInstance()->invalidateLoadedRepositories();
 }
 /**
  * Delete a role by its id
  * @static
  * @param string $roleId
  * @return void
  */
 public static function deleteRole($roleId)
 {
     ConfService::getConfStorageImpl()->deleteRole($roleId);
     ConfService::getInstance()->getKeyValueCache()->deleteAll();
 }
 /**
  * Write an entry to the log.
  *
  * @param String $level Log severity: one of LOG_LEVEL_* (DEBUG,INFO,NOTICE,WARNING,ERROR)
  * @param String $ip The client ip
  * @param String $user The user login
  * @param String $source The source of the message
  * @param String $prefix The prefix of the message
  * @param String $message The message to log
  * @param array $nodesPathes
  */
 public function write2($level, $ip, $user, $source, $prefix, $message, $nodesPathes = array())
 {
     if ($prefix == "Log In" && $message == "context=API") {
         // Limit the number of logs
         $test = dibi::query('SELECT [logdate] FROM [ajxp_log] WHERE [user]=%s AND [message]=%s AND [params]=%s ORDER BY [logdate] DESC %lmt %ofs', $user, $prefix, $message, 1, 0);
         $lastInsert = $test->fetchSingle();
         $now = new DateTime('NOW');
         if (is_a($lastInsert, "DibiDateTime")) {
             $lastTimestamp = $lastInsert->getTimestamp();
         } else {
             $lastTimestamp = strtotime($lastInsert);
         }
         if ($lastInsert !== false && $now->getTimestamp() - $lastTimestamp < 60 * 60) {
             // IGNORING, LIMIT API LOGINS TO ONE PER HOUR, OR IT WILL FILL THE LOGS
             return;
         }
     }
     $files = array(array("dirname" => "", "basename" => ""));
     if (AJXP_Utils::detectXSS($message)) {
         $message = "XSS Detected in Message!";
     } else {
         if (count($nodesPathes)) {
             $files = array();
             foreach ($nodesPathes as $path) {
                 $parts = pathinfo($path);
                 $files[] = array("dirname" => $parts["dirname"], "basename" => $parts["basename"]);
             }
         }
     }
     foreach ($files as $fileDef) {
         $log_row = array('logdate' => new DateTime('NOW'), 'remote_ip' => $this->inet_ptod($ip), 'severity' => strtoupper((string) $level), 'user' => $user, 'source' => $source, 'message' => $prefix, 'params' => $message, 'repository_id' => ConfService::getInstance()->getContextRepositoryId(), 'device' => $_SERVER['HTTP_USER_AGENT'], 'dirname' => $fileDef["dirname"], 'basename' => $fileDef["basename"]);
         //we already handle exception for write2 in core.log
         dibi::query('INSERT INTO [ajxp_log]', $log_row);
     }
 }
 public function postVerificationCode($action, $httpVars, $fileVars)
 {
     if ($action != "duo_post_verification_code") {
         return;
     }
     $u = AuthService::getLoggedUser();
     if ($u == null) {
         return;
     }
     $sigResponse = $httpVars["sig_response"];
     require_once $this->getBaseDir() . "/duo_php/duo_web.php";
     $appUnique = $this->getFilteredOption("DUO_AUTH_AKEY");
     $iKey = $this->getFilteredOption("DUO_AUTH_IKEY");
     $sKey = $this->getFilteredOption("DUO_AUTH_SKEY");
     $verif = Duo::verifyResponse($iKey, $sKey, $appUnique, $sigResponse);
     if ($verif != null && $verif == $u->getId()) {
         $u->removeLock();
         $u->save("superuser");
         $u->recomputeMergedRole();
         AuthService::updateUser($u);
         ConfService::switchUserToActiveRepository($u);
         $force = $u->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
         $passId = -1;
         if ($force != "" && $u->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
             $passId = $force;
         }
         $res = ConfService::switchUserToActiveRepository($u, $passId);
         if (!$res) {
             AuthService::disconnect();
             AJXP_XMLWriter::header();
             AJXP_XMLWriter::requireAuth(true);
             AJXP_XMLWriter::close();
         }
         ConfService::getInstance()->invalidateLoadedRepositories();
     } else {
         AuthService::disconnect();
         AJXP_XMLWriter::header();
         AJXP_XMLWriter::requireAuth(true);
         AJXP_XMLWriter::close();
     }
 }