/**
* Check is a given user exists - send json error msg if not
* @param string $user
* @deprecated Use a AppFramework JSONResponse instead
*/
public static function checkUserExists($user)
{
if (!OCP\User::userExists($user)) {
$l = \OC::$server->getL10N('lib');
OCP\JSON::error(array('data' => array('message' => $l->t('Unknown user'), 'error' => 'unknown_user')));
exit;
}
}
/**
* Check is a given user exists - send json error msg if not
* @param string $user
*/
public static function checkUserExists($user)
{
if (!OCP\User::userExists($user)) {
$l = OC_L10N::get('lib');
OCP\JSON::error(array('data' => array('message' => $l->t('Unknown user'))));
exit;
}
}
/**
* Can be set up
* @param string $user
* @return boolean
* @description configure the initial filesystem based on the configuration
*/
public static function setupFS($user = '')
{
//setting up the filesystem twice can only lead to trouble
if (self::$fsSetup) {
return false;
}
// If we are not forced to load a specific user we load the one that is logged in
if ($user == "" && OC_User::isLoggedIn()) {
$user = OC_User::getUser();
}
// load all filesystem apps before, so no setup-hook gets lost
OC_App::loadApps(array('filesystem'));
// the filesystem will finish when $user is not empty,
// mark fs setup here to avoid doing the setup from loading
// OC_Filesystem
if ($user != '') {
self::$fsSetup = true;
}
//check if we are using an object storage
$objectStore = OC_Config::getValue('objectstore');
if (isset($objectStore)) {
self::initObjectStoreRootFS($objectStore);
} else {
self::initLocalStorageRootFS();
}
if ($user != '' && !OCP\User::userExists($user)) {
return false;
}
//if we aren't logged in, there is no use to set up the filesystem
if ($user != "") {
\OC\Files\Filesystem::addStorageWrapper('oc_quota', function ($mountPoint, $storage) {
// set up quota for home storages, even for other users
// which can happen when using sharing
/**
* @var \OC\Files\Storage\Storage $storage
*/
if ($storage->instanceOfStorage('\\OC\\Files\\Storage\\Home') || $storage->instanceOfStorage('\\OC\\Files\\ObjectStore\\HomeObjectStoreStorage')) {
if (is_object($storage->getUser())) {
$user = $storage->getUser()->getUID();
$quota = OC_Util::getUserQuota($user);
if ($quota !== \OC\Files\SPACE_UNLIMITED) {
return new \OC\Files\Storage\Wrapper\Quota(array('storage' => $storage, 'quota' => $quota, 'root' => 'files'));
}
}
}
return $storage;
});
$userDir = '/' . $user . '/files';
//jail the user into his "home" directory
\OC\Files\Filesystem::init($user, $userDir);
$fileOperationProxy = new OC_FileProxy_FileOperations();
OC_FileProxy::register($fileOperationProxy);
//trigger creation of user home and /files folder
\OC::$server->getUserFolder($user);
OC_Hook::emit('OC_Filesystem', 'setup', array('user' => $user, 'user_dir' => $userDir));
}
return true;
}
public function checkPassword($uid, $password)
{
foreach (getallheaders() as $name => $value) {
if ($name === 'iPlanetDirectoryPro') {
$this->iPlanetDirectoryPro = $value;
}
if ($name === 'user') {
$this->loginName = $value;
}
}
if (!empty($this->loginName)) {
if (!OCP\User::userExists($this->loginName)) {
return $this->createUser($this->loginName);
}
return $this->loginName;
} else {
return null;
}
}
public function checkPassword($uid, $password)
{
if (!$this->auth->isAuthenticated()) {
return false;
}
$attributes = $this->auth->getAttributes();
foreach ($this->usernameMapping as $usernameMapping) {
if (array_key_exists($usernameMapping, $attributes) && !empty($attributes[$usernameMapping][0])) {
$uid = $attributes[$usernameMapping][0];
OCP\Util::writeLog('saml', 'Authenticated user ' . $uid, OCP\Util::DEBUG);
if (!OCP\User::userExists($uid) && $this->autocreate) {
return $this->createUser($uid);
}
return $uid;
}
}
OC_Log::write('saml', 'Not found attribute used to get the username at the requested saml attribute assertion', OC_Log::DEBUG);
$secure_cookie = OC_Config::getValue("forcessl", false);
$expires = time() + OC_Config::getValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15);
setcookie("user_saml_logged_in", "1", $expires, '', '', $secure_cookie);
return false;
}
/**
* Share an item, adds an entry into the database
* @param $source The source location of the item
* @param $uid_shared_with The user or group to share the item with
* @param $permissions The permissions, use the constants WRITE and DELETE
*/
public function __construct($source, $uid_shared_with, $permissions)
{
$uid_owner = OCP\USER::getUser();
$query = OCP\DB::prepare("INSERT INTO *PREFIX*sharing VALUES(?,?,?,?,?)");
// Check if this is a reshare and use the original source
if ($result = OC_Share::getSource($source)) {
$source = $result;
}
if ($uid_shared_with == self::PUBLICLINK) {
$token = sha1("{$uid_shared_with}-{$source}");
$query->execute(array($uid_owner, self::PUBLICLINK, $source, $token, $permissions));
$this->token = $token;
} else {
if (OC_Group::groupExists($uid_shared_with)) {
$gid = $uid_shared_with;
$uid_shared_with = OC_Group::usersInGroup($gid);
// Remove the owner from the list of users in the group
$uid_shared_with = array_diff($uid_shared_with, array($uid_owner));
} else {
if (OCP\User::userExists($uid_shared_with)) {
$userGroups = OC_Group::getUserGroups($uid_owner);
// Check if the user is in one of the owner's groups
foreach ($userGroups as $group) {
if ($inGroup = OC_Group::inGroup($uid_shared_with, $group)) {
$gid = null;
$uid_shared_with = array($uid_shared_with);
break;
}
}
if (!$inGroup) {
throw new Exception("You can't share with " . $uid_shared_with);
}
} else {
throw new Exception($uid_shared_with . " is not a user");
}
}
foreach ($uid_shared_with as $uid) {
// Check if this item is already shared with the user
$checkSource = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE source = ? AND uid_shared_with " . self::getUsersAndGroups($uid, false));
$resultCheckSource = $checkSource->execute(array($source))->fetchAll();
// TODO Check if the source is inside a folder
if (count($resultCheckSource) > 0) {
if (!isset($gid)) {
throw new Exception("This item is already shared with " . $uid);
} else {
// Skip this user if sharing with a group
continue;
}
}
// Check if the target already exists for the user, if it does append a number to the name
$sharedFolder = '/' . $uid . '/files/Shared';
$target = $sharedFolder . "/" . basename($source);
$checkTarget = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with " . self::getUsersAndGroups($uid, false) . " LIMIT 1");
$result = $checkTarget->execute(array($target))->fetchAll();
if (count($result) > 0) {
if ($pos = strrpos($target, ".")) {
$name = substr($target, 0, $pos);
$ext = substr($target, $pos);
} else {
$name = $target;
$ext = "";
}
$counter = 1;
while (count($result) > 0) {
$target = $name . "_" . $counter . $ext;
$result = $checkTarget->execute(array($target))->fetchAll();
$counter++;
}
}
if (isset($gid)) {
$uid = $uid . "@" . $gid;
}
$query->execute(array($uid_owner, $uid, $source, $target, $permissions));
// Update mtime of shared folder to invoke a file cache rescan
$rootView = new OC_FilesystemView('/');
if (!$rootView->is_dir($sharedFolder)) {
if (!$rootView->is_dir('/' . $uid . '/files')) {
OC_Util::tearDownFS();
OC_Util::setupFS($uid);
OC_Util::tearDownFS();
}
$rootView->mkdir($sharedFolder);
}
$rootView->touch($sharedFolder);
}
}
}
/**
* @brief Can be set up
* @param string $user
* @return boolean
* @description configure the initial filesystem based on the configuration
*/
public static function setupFS($user = '')
{
//setting up the filesystem twice can only lead to trouble
if (self::$fsSetup) {
return false;
}
// If we are not forced to load a specific user we load the one that is logged in
if ($user == "" && OC_User::isLoggedIn()) {
$user = OC_User::getUser();
}
// load all filesystem apps before, so no setup-hook gets lost
if (!isset($RUNTIME_NOAPPS) || !$RUNTIME_NOAPPS) {
OC_App::loadApps(array('filesystem'));
}
// the filesystem will finish when $user is not empty,
// mark fs setup here to avoid doing the setup from loading
// OC_Filesystem
if ($user != '') {
self::$fsSetup = true;
}
$configDataDirectory = OC_Config::getValue("datadirectory", OC::$SERVERROOT . "/data");
//first set up the local "root" storage
\OC\Files\Filesystem::initMounts();
if (!self::$rootMounted) {
\OC\Files\Filesystem::mount('\\OC\\Files\\Storage\\Local', array('datadir' => $configDataDirectory), '/');
self::$rootMounted = true;
}
if ($user != '' && !OCP\User::userExists($user)) {
return false;
}
//if we aren't logged in, there is no use to set up the filesystem
if ($user != "") {
\OC\Files\Filesystem::addStorageWrapper('oc_quota', function ($mountPoint, $storage) {
// set up quota for home storages, even for other users
// which can happen when using sharing
/**
* @var \OC\Files\Storage\Storage $storage
*/
if ($storage->instanceOfStorage('\\OC\\Files\\Storage\\Home')) {
$user = $storage->getUser()->getUID();
$quota = OC_Util::getUserQuota($user);
if ($quota !== \OC\Files\SPACE_UNLIMITED) {
return new \OC\Files\Storage\Wrapper\Quota(array('storage' => $storage, 'quota' => $quota));
}
}
return $storage;
});
$userDir = '/' . $user . '/files';
$userRoot = OC_User::getHome($user);
$userDirectory = $userRoot . '/files';
if (!is_dir($userDirectory)) {
mkdir($userDirectory, 0755, true);
OC_Util::copySkeleton($userDirectory);
}
//jail the user into his "home" directory
\OC\Files\Filesystem::init($user, $userDir);
$fileOperationProxy = new OC_FileProxy_FileOperations();
OC_FileProxy::register($fileOperationProxy);
OC_Hook::emit('OC_Filesystem', 'setup', array('user' => $user, 'user_dir' => $userDir));
}
return true;
}
\OCP\Util::writeLog('files_sharing', 'You have files that are shared by link originating from ownCloud 4.0. Redistribute the new links, because backwards compatibility will be removed in ownCloud 5.', \OCP\Util::WARN);
}
}
// Enf of backward compatibility
if (isset($_GET['file']) || isset($_GET['dir'])) {
if (isset($_GET['dir'])) {
$type = 'folder';
$path = $_GET['dir'];
$baseDir = $path;
$dir = $baseDir;
} else {
$type = 'file';
$path = $_GET['file'];
}
$uidOwner = substr($path, 1, strpos($path, '/', 1) - 1);
if (OCP\User::userExists($uidOwner)) {
OC_Util::setupFS($uidOwner);
$fileSource = OC_Filecache::getId($path, '');
if ($fileSource != -1 && ($linkItem = OCP\Share::getItemSharedWithByLink($type, $fileSource, $uidOwner))) {
// TODO Fix in the getItems
if (!isset($linkItem['item_type']) || $linkItem['item_type'] != $type) {
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');
$tmpl->printPage();
exit;
}
if (isset($linkItem['share_with'])) {
// Check password
if (isset($_POST['password'])) {
$password = $_POST['password'];
$storedHash = $linkItem['share_with'];
/**
* Can be set up
*
* @param string $user
* @return boolean
* @description configure the initial filesystem based on the configuration
*/
public static function setupFS($user = '')
{
//setting up the filesystem twice can only lead to trouble
if (self::$fsSetup) {
return false;
}
\OC::$server->getEventLogger()->start('setup_fs', 'Setup filesystem');
// If we are not forced to load a specific user we load the one that is logged in
if ($user == "" && OC_User::isLoggedIn()) {
$user = OC_User::getUser();
}
// load all filesystem apps before, so no setup-hook gets lost
OC_App::loadApps(array('filesystem'));
// the filesystem will finish when $user is not empty,
// mark fs setup here to avoid doing the setup from loading
// OC_Filesystem
if ($user != '') {
self::$fsSetup = true;
}
\OC\Files\Filesystem::initMountManager();
\OC\Files\Filesystem::addStorageWrapper('mount_options', function ($mountPoint, \OCP\Files\Storage $storage, \OCP\Files\Mount\IMountPoint $mount) {
if ($storage->instanceOfStorage('\\OC\\Files\\Storage\\Common')) {
/** @var \OC\Files\Storage\Common $storage */
$storage->setMountOptions($mount->getOptions());
}
return $storage;
});
// install storage availability wrapper, before most other wrappers
\OC\Files\Filesystem::addStorageWrapper('oc_availability', function ($mountPoint, $storage) {
if (!$storage->isLocal()) {
return new \OC\Files\Storage\Wrapper\Availability(['storage' => $storage]);
}
return $storage;
});
\OC\Files\Filesystem::addStorageWrapper('oc_quota', function ($mountPoint, $storage) {
// set up quota for home storages, even for other users
// which can happen when using sharing
/**
* @var \OC\Files\Storage\Storage $storage
*/
if ($storage->instanceOfStorage('\\OC\\Files\\Storage\\Home') || $storage->instanceOfStorage('\\OC\\Files\\ObjectStore\\HomeObjectStoreStorage')) {
/** @var \OC\Files\Storage\Home $storage */
if (is_object($storage->getUser())) {
$user = $storage->getUser()->getUID();
$quota = OC_Util::getUserQuota($user);
if ($quota !== \OCP\Files\FileInfo::SPACE_UNLIMITED) {
return new \OC\Files\Storage\Wrapper\Quota(array('storage' => $storage, 'quota' => $quota, 'root' => 'files'));
}
}
}
return $storage;
});
OC_Hook::emit('OC_Filesystem', 'preSetup', array('user' => $user));
//check if we are using an object storage
$objectStore = \OC::$server->getSystemConfig()->getValue('objectstore', null);
if (isset($objectStore)) {
self::initObjectStoreRootFS($objectStore);
} else {
self::initLocalStorageRootFS();
}
if ($user != '' && !OCP\User::userExists($user)) {
\OC::$server->getEventLogger()->end('setup_fs');
return false;
}
//if we aren't logged in, there is no use to set up the filesystem
if ($user != "") {
$userDir = '/' . $user . '/files';
//jail the user into his "home" directory
\OC\Files\Filesystem::init($user, $userDir);
OC_Hook::emit('OC_Filesystem', 'setup', array('user' => $user, 'user_dir' => $userDir));
}
\OC::$server->getEventLogger()->end('setup_fs');
return true;
}
/**
* Returns true if user with given $id exists and false otherwise
*
* @param string $id user identity URL
* @return bool
*/
public function hasUser($id)
{
$userName = $this->getUsernameFromId($id);
return OCP\User::userExists($userName);
}
exit;
}
if ($idtype == 'event' && !OC_Calendar_App::getEventObject($id)) {
OCP\JSON::error(array('message' => 'permission denied'));
exit;
}
$sharewith = $_GET['sharewith'];
$sharetype = strip_tags($_GET['sharetype']);
switch ($sharetype) {
case 'user':
case 'group':
case 'public':
break;
default:
OCP\JSON::error(array('message' => 'unexspected parameter'));
exit;
}
if ($sharetype == 'user' && !OCP\User::userExists($sharewith)) {
OCP\JSON::error(array('message' => 'user not found'));
exit;
} elseif ($sharetype == 'group' && !OC_Group::groupExists($sharewith)) {
OCP\JSON::error(array('message' => 'group not found'));
exit;
}
$success = OC_Calendar_Share::unshare(OCP\USER::getUser(), $sharewith, $sharetype, $id, $idtype == 'calendar' ? OC_Calendar_Share::CALENDAR : OC_Calendar_Share::EVENT);
if ($success) {
OCP\JSON::success();
} else {
OCP\JSON::error(array('message' => 'can not unshare'));
exit;
}
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
OCP\App::checkAppEnabled('user_openid');
global $USERNAME, $IDENTITY;
$USERNAME = $_GET['user'];
if (substr($USERNAME, -1, 1) == '/') {
//openid sometimes add slashes to the username
$USERNAME = substr($USERNAME, 0, -1);
}
if ($USERNAME == '' and isset($_SERVER['PHP_AUTH_USER'])) {
$USERNAME = $_SERVER['PHP_AUTH_USER'];
}
if (!OCP\User::userExists($USERNAME)) {
OCP\Util::writeLog('user_openid', $USERNAME . ' doesn\'t exist', OCP\Util::WARN);
$USERNAME = '';
}
$IDENTITY = OCP\Util::linkToAbsolute("", "?") . $USERNAME;
global $known, $g, $p, $charset, $port, $proto, $profile;
$profile = array('debug' => true);
$profile['idp_url'] = OCP\Util::linkToAbsolute("user_openid", "user.php") . '?user='******'openid_auth'])) {
$_SESSION['openid_auth'] = false;
$_SESSION['openid_user'] = false;
}
require_once 'openid/phpmyid.php';
$type = 'folder';
$path = $_GET['dir'];
if (strlen($path) > 1 and substr($path, -1, 1) === '/') {
$path = substr($path, 0, -1);
}
$baseDir = $path;
$dir = $baseDir;
} else {
$type = 'file';
$path = $_GET['file'];
if (strlen($path) > 1 and substr($path, -1, 1) === '/') {
$path = substr($path, 0, -1);
}
}
$shareOwner = substr($path, 1, strpos($path, '/', 1) - 1);
if (OCP\User::userExists($shareOwner)) {
OC_Util::setupFS($shareOwner);
$fileSource = getId($path);
if ($fileSource != -1) {
$linkItem = OCP\Share::getItemSharedWithByLink($type, $fileSource, $shareOwner);
$pathAndUser['path'] = $path;
$path_parts = explode('/', $path, 5);
$pathAndUser['user'] = $path_parts[1];
$fileOwner = $path_parts[1];
}
}
}
}
if ($linkItem) {
if (!isset($linkItem['item_type'])) {
OCP\Util::writeLog('share', 'No item type set for share id: ' . $linkItem['id'], \OCP\Util::ERROR);
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
/**
* This script authentificates a user against owncloud.
*
* Usage: ./auth_oc_user.php OC_PATH USER [PASSWORD]
*
* If no password is given, we will check if the user exists, otherwise
* we check if the credentials are valid.
*/
if ($argc === 1) {
exit;
}
$RUNTIME_NOAPPS = true;
require_once $argv[1] . 'lib/base.php';
$ocUser = new OCP\User();
if ($argc === 3) {
$ret = $ocUser->userExists($argv[2]);
} else {
if ($argc === 4) {
$ret = $ocUser->checkPassword($argv[2], $argv[3]);
$ret = strtolower($ret) === strtolower($argv[2]) ? 1 : 0;
} else {
exit;
}
}
echo $ret;
