/**
* @param string $username
* @param string $password
*
* @return bool
*/
public function authCallback($username, $password)
{
try {
$accessManager = AccessManager::singleton();
$authResult = $accessManager->checkLogin($username, $password);
// module development must be enabled to login via WebDav
$quota = new \Cms\Quota();
if (!$quota->getModuleQuota()->getEnableDev()) {
Registry::getLogger()->log(__METHOD__, __LINE__, sprintf('DAV access denied: module development is disabled (%s)', $username), SbLog::ERR);
return false;
}
// login success?
if (!$accessManager->isAuthResultValid($authResult)) {
Registry::getLogger()->log(__METHOD__, __LINE__, sprintf('DAV access denied: incorrect user credentials (%s)', $username), SbLog::NOTICE);
return false;
}
// only superusers are allowed to login via webdav
$identity = $authResult->getIdentity();
if (!is_array($identity) || !isset($identity['superuser']) || $identity['superuser'] != true) {
Registry::getLogger()->log(__METHOD__, __LINE__, sprintf('DAV access denied: user is not a superuser (%s)', $username), SbLog::ERR);
return false;
}
} catch (\Exception $e) {
Registry::getLogger()->logException(__METHOD__, __LINE__, $e, SbLog::ERR);
return false;
}
// authentication successful
return true;
}
public function infoAction()
{
$quota = new \Cms\Quota();
$serverData = array('mode' => CmsVersion::getMode(), 'maxUploadSize' => $this->getMaxUploadSize(), 'urls' => $this->getPublicUrlEndpoints(), 'quota' => $quota->toArray(), 'supportedPublishTypes' => $this->getSupportedPublishTypes(), 'language' => Registry::getConfig()->translation->default);
$this->responseData->setData(new ServerInfoResponse($serverData));
// XHR request
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest') {
// return as json
$this->setResponseType(self::RESPONSE_TYPE_JSON);
return;
}
// return as javascript
$this->setResponseType(self::RESPONSE_TYPE_JS_VAR, array('name' => 'CMSSERVER'));
return;
}
/**
* @param \Cms\Access\Auth\Result|null $authResult
*
* @throws \Cms\Exception
*/
protected function checkIfSpaceIsExpired($authResult)
{
$quota = new \Cms\Quota();
if (!$quota->isSpaceExpired()) {
return;
}
$exceptionData = array();
if ($authResult instanceof \Cms\Access\Auth\Result) {
$identity = $authResult->getIdentity();
if (isset($identity['owner']) && $identity['owner'] == true) {
$cfg = Registry::getConfig();
if (isset($cfg->owner) && isset($cfg->owner->dashboardUrl)) {
$exceptionData['redirect'] = $cfg->owner->dashboardUrl;
}
}
}
throw new \Cms\Exception(9, __METHOD__, __LINE__, $exceptionData);
}