public function authenticate(Sabre\DAV\Server $server, $realm)
{
//AJXP_Logger::debug("Try authentication on $realm", $server);
try {
$success = parent::authenticate($server, $realm);
} catch (Exception $e) {
$success = 0;
$errmsg = $e->getMessage();
if ($errmsg != "No digest authentication headers were found") {
$success = false;
}
}
if ($success) {
$res = AuthService::logUser($this->currentUser, null, true);
if ($res < 1) {
throw new Sabre\DAV\Exception\NotAuthenticated();
}
$this->updateCurrentUserRights(AuthService::getLoggedUser());
if (ConfService::getCoreConf("SESSION_SET_CREDENTIALS", "auth")) {
$webdavData = AuthService::getLoggedUser()->getPref("AJXP_WEBDAV_DATA");
AJXP_Safe::storeCredentials($this->currentUser, $this->_decodePassword($webdavData["PASS"], $this->currentUser));
}
} else {
if ($success === false) {
AJXP_Logger::warning(__CLASS__, "Login failed", array("user" => $this->currentUser, "error" => "Invalid WebDAV user or password"));
}
throw new Sabre\DAV\Exception\NotAuthenticated($errmsg);
}
ConfService::switchRootDir($this->repositoryId);
return true;
}
public function toggleDisclaimer($actionName, $httpVars, $fileVars)
{
$u = AuthService::getLoggedUser();
$u->personalRole->setParameterValue("action.disclaimer", "DISCLAIMER_ACCEPTED", $httpVars["validate"] == "true" ? "yes" : "no", AJXP_REPO_SCOPE_ALL);
if ($httpVars["validate"] == "true") {
$u->removeLock();
$u->save("superuser");
AuthService::updateUser($u);
ConfService::switchUserToActiveRepository($u);
$force = $u->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
$passId = -1;
if ($force != "" && $u->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
$passId = $force;
}
$res = ConfService::switchUserToActiveRepository($u, $passId);
if (!$res) {
AuthService::disconnect();
AJXP_XMLWriter::header();
AJXP_XMLWriter::requireAuth(true);
AJXP_XMLWriter::close();
}
ConfService::getInstance()->invalidateLoadedRepositories();
} else {
$u->setLock("validate_disclaimer");
$u->save("superuser");
AuthService::disconnect();
AJXP_XMLWriter::header();
AJXP_XMLWriter::requireAuth(true);
AJXP_XMLWriter::close();
}
}
protected function getUserId()
{
if (AuthService::usersEnabled()) {
return AuthService::getLoggedUser()->getId();
}
return "shared";
}
/**
* Filter the very basic keywords from the XML : AJXP_USER, AJXP_INSTALL_PATH, AJXP_DATA_PATH
* Calls the vars.filter hooks.
* @static
* @param $value
* @return mixed|string
*/
public static function filter($value)
{
if (is_string($value) && strpos($value, "AJXP_USER") !== false) {
if (AuthService::usersEnabled()) {
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser != null) {
$loggedUser = $loggedUser->getId();
$value = str_replace("AJXP_USER", $loggedUser, $value);
} else {
return "";
}
} else {
$value = str_replace("AJXP_USER", "shared", $value);
}
}
if (is_string($value) && strpos($value, "AJXP_INSTALL_PATH") !== false) {
$value = str_replace("AJXP_INSTALL_PATH", AJXP_INSTALL_PATH, $value);
}
if (is_string($value) && strpos($value, "AJXP_DATA_PATH") !== false) {
$value = str_replace("AJXP_DATA_PATH", AJXP_DATA_PATH, $value);
}
$tab = array(&$value);
AJXP_Controller::applyIncludeHook("vars.filter", $tab);
return $value;
}
/**
* Filter the very basic keywords from the XML : AJXP_USER, AJXP_INSTALL_PATH, AJXP_DATA_PATH
* Calls the vars.filter hooks.
* @static
* @param $value
* @param AbstractAjxpUser|String $resolveUser
* @return mixed|string
*/
public static function filter($value, $resolveUser = null)
{
if (is_string($value) && strpos($value, "AJXP_USER") !== false) {
if (AuthService::usersEnabled()) {
if ($resolveUser != null) {
if (is_string($resolveUser)) {
$resolveUserId = $resolveUser;
} else {
$resolveUserId = $resolveUser->getId();
}
$value = str_replace("AJXP_USER", $resolveUserId, $value);
} else {
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser != null) {
if ($loggedUser->hasParent() && $loggedUser->getResolveAsParent()) {
$loggedUserId = $loggedUser->getParent();
} else {
$loggedUserId = $loggedUser->getId();
}
$value = str_replace("AJXP_USER", $loggedUserId, $value);
} else {
return "";
}
}
} else {
$value = str_replace("AJXP_USER", "shared", $value);
}
}
if (is_string($value) && strpos($value, "AJXP_GROUP_PATH") !== false) {
if (AuthService::usersEnabled()) {
if ($resolveUser != null) {
if (is_string($resolveUser) && AuthService::userExists($resolveUser)) {
$loggedUser = ConfService::getConfStorageImpl()->createUserObject($resolveUser);
} else {
$loggedUser = $resolveUser;
}
} else {
$loggedUser = AuthService::getLoggedUser();
}
if ($loggedUser != null) {
$gPath = $loggedUser->getGroupPath();
$value = str_replace("AJXP_GROUP_PATH_FLAT", str_replace("/", "_", trim($gPath, "/")), $value);
$value = str_replace("AJXP_GROUP_PATH", $gPath, $value);
} else {
return "";
}
} else {
$value = str_replace(array("AJXP_GROUP_PATH", "AJXP_GROUP_PATH_FLAT"), "shared", $value);
}
}
if (is_string($value) && strpos($value, "AJXP_INSTALL_PATH") !== false) {
$value = str_replace("AJXP_INSTALL_PATH", AJXP_INSTALL_PATH, $value);
}
if (is_string($value) && strpos($value, "AJXP_DATA_PATH") !== false) {
$value = str_replace("AJXP_DATA_PATH", AJXP_DATA_PATH, $value);
}
$tab = array(&$value);
AJXP_Controller::applyIncludeHook("vars.filter", $tab);
return $value;
}
public function preProcess($action, $httpVars, $fileVars)
{
if (!is_array($this->pluginConf) || !isset($this->pluginConf["TO"])) {
throw new Exception("Cannot find configuration for plugin notify.phpmail-lite! Make sur the .inc file was dropped inside the /server/conf/ folder!");
}
require "lib/class.phpmailer-lite.php";
$mail = new PHPMailerLite(true);
$mail->Mailer = $this->pluginConf["MAILER"];
$mail->SetFrom($this->pluginConf["FROM"]["address"], $this->pluginConf["FROM"]["name"]);
foreach ($this->pluginConf["TO"] as $address) {
$mail->AddAddress($address["address"], $address["name"]);
}
$mail->WordWrap = 50;
// set word wrap to 50 characters
$mail->IsHTML(true);
// set email format to HTML
$mail->Subject = $this->pluginConf["SUBJECT"];
$mail->Body = str_replace("%user", AuthService::getLoggedUser()->getId(), $this->pluginConf["BODY"]);
$mail->AltBody = strip_tags($mail->Body);
if (!$mail->Send()) {
$message = "Message could not be sent. <p>";
$message .= "Mailer Error: " . $mail->ErrorInfo;
throw new Exception($message);
}
}
function tryToLogUser(&$httpVars, $isLast = false)
{
if (!isset($httpVars["get_action"]) || $httpVars["get_action"] != "login") {
return false;
}
$rememberLogin = "";
$rememberPass = "";
$secureToken = "";
$loggedUser = null;
include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php";
if (AuthService::suspectBruteForceLogin() && (!isset($httpVars["captcha_code"]) || !CaptchaProvider::checkCaptchaResult($httpVars["captcha_code"]))) {
$loggingResult = -4;
} else {
$userId = isset($httpVars["userid"]) ? AJXP_Utils::sanitize($httpVars["userid"], AJXP_SANITIZE_EMAILCHARS) : null;
$userPass = isset($httpVars["password"]) ? trim($httpVars["password"]) : null;
$rememberMe = isset($httpVars["remember_me"]) && $httpVars["remember_me"] == "true" ? true : false;
$cookieLogin = isset($httpVars["cookie_login"]) ? true : false;
$loggingResult = AuthService::logUser($userId, $userPass, false, $cookieLogin, $httpVars["login_seed"]);
if ($rememberMe && $loggingResult == 1) {
$rememberLogin = "******";
$rememberPass = "******";
}
if ($loggingResult == 1) {
session_regenerate_id(true);
$secureToken = AuthService::generateSecureToken();
}
if ($loggingResult < 1 && AuthService::suspectBruteForceLogin()) {
$loggingResult = -4;
// Force captcha reload
}
}
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser != null) {
$force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
$passId = -1;
if (isset($httpVars["tmp_repository_id"])) {
$passId = $httpVars["tmp_repository_id"];
} else {
if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
$passId = $force;
}
}
$res = ConfService::switchUserToActiveRepository($loggedUser, $passId);
if (!$res) {
AuthService::disconnect();
$loggingResult = -3;
}
}
if ($loggedUser != null && (AuthService::hasRememberCookie() || isset($rememberMe) && $rememberMe == true)) {
AuthService::refreshRememberCookie($loggedUser);
}
AJXP_XMLWriter::header();
AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass, $secureToken);
AJXP_XMLWriter::close();
if ($loggingResult > 0 || $isLast) {
exit;
}
}
protected function getUserId($private)
{
if (!$private) {
return AJXP_METADATA_SHAREDUSER;
}
if (AuthService::usersEnabled()) {
return AuthService::getLoggedUser()->getId();
}
return "shared";
}
private function getTreeName()
{
$base = AJXP_SHARED_CACHE_DIR . "/trees/tree-" . ConfService::getRepository()->getId();
$secuScope = ConfService::getRepository()->securityScope();
if ($secuScope == "USER") {
$base .= "-" . AuthService::getLoggedUser()->getId();
} else {
if ($secuScope == "GROUP") {
$base .= "-" . str_replace("/", "_", AuthService::getLoggedUser()->getGroupPath());
}
}
return $base . "-full.xml";
}
/**
* Updates the data
*
* The data argument is a readable stream resource.
*
* After a succesful put operation, you may choose to return an ETag. The
* etag must always be surrounded by double-quotes. These quotes must
* appear in the actual string you're returning.
*
* Clients may use the ETag from a PUT request to later on make sure that
* when they update the file, the contents haven't changed in the mean
* time.
*
* If you don't plan to store the file byte-by-byte, and you return a
* different object on a subsequent GET you are strongly recommended to not
* return an ETag, and just return null.
*
* @param resource $data
* @return string|null
*/
public function put($data)
{
// Warning, passed by ref
$p = $this->path;
if (!AuthService::getLoggedUser()->canWrite($this->repository->getId())) {
throw new \Sabre\DAV\Exception\Forbidden();
}
$this->getAccessDriver()->nodeWillChange($p, intval($_SERVER["CONTENT_LENGTH"]));
$stream = fopen($this->getUrl(), "w");
stream_copy_to_stream($data, $stream);
fclose($stream);
$toto = null;
$this->getAccessDriver()->nodeChanged($toto, $p);
return $this->getETag();
}
public function getRegistryContributions()
{
$logged = AuthService::getLoggedUser();
if (AuthService::usersEnabled()) {
if ($logged == null) {
return $this->registryContributions;
} else {
$xmlString = AJXP_XMLWriter::getUserXml($logged, false);
}
} else {
$xmlString = AJXP_XMLWriter::getUserXml(null, false);
}
$dom = new DOMDocument();
$dom->loadXML($xmlString);
$this->registryContributions[] = $dom->documentElement;
return $this->registryContributions;
}
public function getChildren()
{
$this->children = array();
$u = AuthService::getLoggedUser();
if ($u != null) {
$repos = ConfService::getAccessibleRepositories($u);
// Refilter to make sure the driver is an AjxpWebdavProvider
foreach ($repos as $repository) {
$accessType = $repository->getAccessType();
$driver = AJXP_PluginsService::getInstance()->getPluginByTypeName("access", $accessType);
if (is_a($driver, "AjxpWrapperProvider") && $repository->getOption("AJXP_WEBDAV_DISABLED") !== true) {
$this->children[$repository->getSlug()] = new Sabre\DAV\SimpleCollection($repository->getSlug());
}
}
}
return $this->children;
}
/**
* formats the error message in representable manner
*
* For the SQL driver we will normalise the information into our table row format.
*
* @param $message String this is the message to be formatted
* @param $severity Severity level of the message: one of LOG_LEVEL_* (DEBUG,INFO,NOTICE,WARNING,ERROR)
* @return String the formatted message.
*/
function formatMessage($message, $severity)
{
// Get the user if it exists
$user = "******";
if (AuthService::usersEnabled()) {
$logged = AuthService::getLoggedUser();
if ($logged != null) {
$user = $logged->getId();
} else {
$user = "******";
}
}
$message_parts = explode("\t", $message);
$severity = strtoupper((string) $severity);
$log_row = array('logdate' => $this->toMysqlDateTime(strtotime('NOW')), 'remote_ip' => $this->inet_ptod($_SERVER['REMOTE_ADDR']), 'severity' => $severity, 'user' => $user, 'message' => $message_parts[0], 'params' => $message_parts[1]);
return $log_row;
}
/**
* @param AJXP_Node $node
* @param string $cacheType
* @param string $details
* @return string
*/
public static function computeIdForNode($node, $cacheType, $details = '')
{
$repo = $node->getRepository();
if ($repo == null) {
return "failed-id";
}
$scope = $repo->securityScope();
$additional = "";
if ($scope === "USER") {
$additional = AuthService::getLoggedUser()->getId() . "@";
} else {
if ($scope == "GROUP") {
$additional = ltrim(str_replace("/", "__", AuthService::getLoggedUser()->getGroupPath()), "__") . "@";
}
}
$scheme = parse_url($node->getUrl(), PHP_URL_SCHEME);
return str_replace($scheme . "://", $cacheType . "://" . $additional, $node->getUrl()) . ($details ? "##" . $details : "");
}
function filterUsersPref($action, $httpVars, $fileVars)
{
if ($action != "save_user_pref") {
return;
}
$loggedUser = AuthService::getLoggedUser()->getId();
if ($loggedUser != "demo") {
return;
}
$i = 0;
while (isset($_GET["pref_name_" . $i]) && isset($_GET["pref_value_" . $i])) {
$prefName = $_GET["pref_name_" . $i];
$prefValue = stripslashes($_GET["pref_value_" . $i]);
if ($prefName == "password") {
throw new Exception("You are not allowed to change the password");
}
$i++;
}
}
public function authenticate(Sabre\DAV\Server $server, $realm)
{
//AJXP_Logger::debug("Try authentication on $realm", $server);
$success = parent::authenticate($server, $realm);
if ($success) {
$res = AuthService::logUser($this->currentUser, null, true);
if ($res < 1) {
throw new Sabre\DAV\Exception\NotAuthenticated();
}
$this->updateCurrentUserRights(AuthService::getLoggedUser());
if (ConfService::getCoreConf("SESSION_SET_CREDENTIALS", "auth")) {
$webdavData = AuthService::getLoggedUser()->getPref("AJXP_WEBDAV_DATA");
AJXP_Safe::storeCredentials($this->currentUser, $this->_decodePassword($webdavData["PASS"], $this->currentUser));
}
}
if ($success === false) {
throw new Sabre\DAV\Exception\NotAuthenticated();
}
ConfService::switchRootDir($this->repositoryId);
return true;
}
/**
* @param $channelName
* @param $clientId
* @throws Exception
* @return mixed
*/
public function suscribeToChannel($channelName, $clientId)
{
$this->loadChannel($channelName, true);
if (AuthService::usersEnabled()) {
$user = AuthService::getLoggedUser();
if ($user == null) {
throw new Exception("You must be logged in");
}
$GROUP_PATH = $user->getGroupPath();
$USER_ID = $user->getId();
} else {
$GROUP_PATH = '/';
$USER_ID = 'shared';
}
if ($GROUP_PATH == null) {
$GROUP_PATH = false;
}
$this->channels[$channelName]["CLIENTS"][$clientId] = array("ALIVE" => time(), "USER_ID" => $USER_ID, "GROUP_PATH" => $GROUP_PATH);
foreach ($this->channels[$channelName]["MESSAGES"] as &$object) {
$object->messageRC[$clientId] = $clientId;
}
}
function listUsers()
{
print '<columns switchGridMode="filelist"><column messageString="User Name" attributeName="ajxp_label" sortType="String"/><column messageString="Is Admin" attributeName="isAdmin" sortType="String"/></columns>';
if (!ENABLE_USERS) {
return;
}
$users = AuthService::listUsers();
$loggedUser = AuthService::getLoggedUser();
$userArray = array();
foreach ($users as $userObject) {
$userArray[Utils::xmlEntities($userObject->getId())] = $userObject;
}
ksort($userArray);
foreach ($userArray as $userObject) {
$isAdmin = $userObject->isAdmin();
$userId = Utils::xmlEntities($userObject->getId());
$icon = "user" . ($userId == "guest" ? "_guest" : ($isAdmin ? "_admin" : ""));
print '<tree
text="' . $userId . '"
isAdmin="' . ($isAdmin ? "True" : "False") . '"
icon="' . $icon . '.png"
openicon="' . $icon . '.png"
filename="/users/' . $userId . '"
parentname="/users"
is_file="1"
ajxp_mime="user' . ($userId != "guest" && $userId != $loggedUser->getId() ? "_editable" : "") . '"
/>';
}
}
/**
* Function for deleting a user
*
* @param String $userId
* @param Array $deletedSubUsers
*/
public function deleteUser($userId, &$deletedSubUsers)
{
$user = $this->createUserObject($userId);
$files = glob($user->getStoragePath() . "/*.ser");
if (is_array($files) && count($files)) {
foreach ($files as $file) {
unlink($file);
}
}
if (is_dir($user->getStoragePath())) {
rmdir($user->getStoragePath());
}
// DELETE CHILDREN USING POINTER IF POSSIBLE
$users = $this->getUserChildren($userId);
// $authDriver->listUsers();
foreach (array_keys($users) as $id) {
$object = $this->createUserObject($id);
if ($object->hasParent() && $object->getParent() == $userId) {
$this->deleteUser($id, $deletedSubUsers);
$deletedSubUsers[] = $id;
}
}
// CLEAR PARENT POINTER IF NECESSARY
if ($user->hasParent()) {
$parentObject = $this->createUserObject($user->getParent());
$pointer = $parentObject->getChildrenPointer();
if ($pointer !== null) {
unset($pointer[$userId]);
$parentObject->setChildrenPointer($pointer);
$parentObject->save("superuser");
if (AuthService::getLoggedUser() != null && AuthService::getLoggedUser()->getId() == $parentObject->getId()) {
AuthService::updateUser($parentObject);
}
}
}
$groups = AJXP_Utils::loadSerialFile(AJXP_VarsFilter::filter($user->storage->getOption("USERS_DIRPATH")) . "/groups.ser");
if (isset($groups[$userId])) {
unset($groups[$userId]);
AJXP_Utils::saveSerialFile(AJXP_VarsFilter::filter($user->storage->getOption("USERS_DIRPATH")) . "/groups.ser", $groups);
}
}
public function commitChanges($actionName, $httpVars, $filesVars)
{
if (is_array($httpVars)) {
$init = $this->initDirAndSelection($httpVars);
$args = $init["DIR"];
} else {
$args = $httpVars;
}
$status = ExecSvnCmd('svn status', $args);
if (trim(implode("", $status[IDX_STDOUT])) == "") {
return;
}
$command = "svn commit";
$user = AuthService::getLoggedUser()->getId();
$switches = "-m \"Pydio||{$user}||{$actionName}" . (isset($this->commitMessageParams) ? "||" . $this->commitMessageParams : "") . "\"";
$res = ExecSvnCmd($command, $args, $switches);
if (is_file($args)) {
$res2 = ExecSvnCmd('svn update', dirname($args), '');
} else {
if (is_dir($args)) {
$res2 = ExecSvnCmd('svn update', $args, '');
}
}
}
public function preLogUser($remoteSessionId)
{
if ($this->masterSlaveMode) {
$this->drivers[$this->slaveName]->preLogUser($remoteSessionId);
if (AuthService::getLoggedUser() == null) {
return $this->drivers[$this->masterName]->preLogUser($remoteSessionId);
}
return;
}
if ($this->getCurrentDriver()) {
return $this->getCurrentDriver()->preLogUser($remoteSessionId);
} else {
throw new Exception("No driver instanciated in multi driver!");
}
}
public function switchAction($actionName, $httpVars, $fileVars)
{
$this->baseURL = rtrim($this->getFilteredOption("ETHERPAD_SERVER"), "/");
$this->apiKey = $this->getFilteredOption("ETHERPAD_APIKEY");
$userSelection = new UserSelection(ConfService::getRepository(), $httpVars);
if ($userSelection->isEmpty()) {
throw new Exception("Empty selection");
}
$repository = ConfService::getRepository();
if (!$repository->detectStreamWrapper(false)) {
return false;
}
$selectedNode = $userSelection->getUniqueNode();
$selectedNode->loadNodeInfo();
if (!$selectedNode->isLeaf()) {
throw new Exception("Cannot handle folders, please select a file!");
}
$nodeExtension = strtolower(pathinfo($selectedNode->getPath(), PATHINFO_EXTENSION));
// Determine pad ID
if ($nodeExtension == "pad") {
$padID = file_get_contents($selectedNode->getUrl());
} else {
// TRY TO LOAD PAD ID FROM NODE SHARED METADATA
$metadata = $selectedNode->retrieveMetadata("etherpad", AJXP_METADATA_ALLUSERS, AJXP_METADATA_SCOPE_GLOBAL, false);
if (isset($metadata["pad_id"])) {
$padID = $metadata["pad_id"];
} else {
$padID = AJXP_Utils::generateRandomString();
$selectedNode->setMetadata("etherpad", array("pad_id" => $padID), AJXP_METADATA_ALLUSERS, AJXP_METADATA_SCOPE_GLOBAL, false);
}
}
require_once "etherpad-client/etherpad-lite-client.php";
$client = new EtherpadLiteClient($this->apiKey, $this->baseURL . "/api");
$loggedUser = AuthService::getLoggedUser();
$userName = $loggedUser->getId();
$userLabel = $loggedUser->mergedRole->filterParameterValue("core.conf", "USER_DISPLAY_NAME", AJXP_REPO_SCOPE_ALL, $userName);
$res = $client->createAuthorIfNotExistsFor($userName, $userLabel);
$authorID = $res->authorID;
$res2 = $client->createGroupIfNotExistsFor($loggedUser->getGroupPath());
$groupID = $res2->groupID;
$fullId = $groupID . "\$" . $padID;
if ($actionName == "etherpad_create") {
$resP = $client->listPads($groupID);
$currentContent = file_get_contents($selectedNode->getUrl());
if ($nodeExtension == "html" && strpos($currentContent, "<html>") === false) {
$currentContent = "<html><head></head><body>{$currentContent}</body></html>";
}
if (!in_array($fullId, $resP->padIDs)) {
$client->createGroupPad($groupID, $padID, null);
if ($nodeExtension == "html" && !empty($currentContent)) {
$client->setHTML($fullId, $currentContent);
} else {
if ($nodeExtension != "pad") {
$client->setText($fullId, $currentContent);
}
}
} else {
if ($nodeExtension != "pad") {
// If someone is already connected, do not override.
$existingAuthors = $client->listAuthorsOfPad($fullId);
if (!count($existingAuthors->authorIDs)) {
if ($nodeExtension == "html" && !empty($currentContent)) {
$client->setHTML($fullId, $currentContent);
} else {
$client->setText($fullId, $currentContent);
}
}
}
}
$res4 = $client->createSession($groupID, $authorID, time() + 14400);
$sessionID = $res4->sessionID;
setcookie('sessionID', $sessionID, null, "/");
$padID = $groupID . '$' . $padID;
$data = array("url" => $this->baseURL . "/p/" . $padID, "padID" => $padID, "sessionID" => $sessionID);
HTMLWriter::charsetHeader('application/json');
echo json_encode($data);
} else {
if ($actionName == "etherpad_save") {
$padID = $httpVars["pad_id"];
if ($nodeExtension == "html" || $nodeExtension == "pad") {
$res = $client->getHTML($padID);
$content = $res->html;
} else {
$res = $client->getText($padID);
$content = $res->text;
}
if ($nodeExtension == "pad") {
// Create a new file and save the content in it.
$origUrl = $selectedNode->getUrl();
$mess = ConfService::getMessages();
$dateStamp = date(" Y-m-d H:i", time());
$startUrl = preg_replace('"\\.pad$"', $dateStamp . '.html', $origUrl);
$newNode = new AJXP_Node($startUrl);
AJXP_Controller::applyHook("node.before_create", array($newNode, strlen($content)));
file_put_contents($newNode->getUrl(), $content);
AJXP_Controller::applyHook("node.change", array(null, $newNode));
} else {
AJXP_Controller::applyHook("node.before_change", array($selectedNode, strlen($content)));
file_put_contents($selectedNode->getUrl(), $content);
clearstatcache(true, $selectedNode->getUrl());
$selectedNode->loadNodeInfo(true);
AJXP_Controller::applyHook("node.change", array($selectedNode, $selectedNode));
}
} else {
if ($actionName == "etherpad_close") {
// WE SHOULD DETECT IF THERE IS NOBODY CONNECTED ANYMORE, AND DELETE THE PAD.
// BUT SEEMS LIKE THERE'S NO WAY TO PROPERLY REMOVE AN AUTHOR VIA API
$sessionID = $httpVars["session_id"];
$client->deleteSession($sessionID);
} else {
if ($actionName == "etherpad_proxy_api") {
if ($httpVars["api_action"] == "list_pads") {
$res = $client->listPads($groupID);
} else {
if ($httpVars["api_action"] == "list_authors_for_pad") {
$res = $client->listAuthorsOfPad($httpVars["pad_id"]);
}
}
HTMLWriter::charsetHeader("application/json");
echo json_encode($res);
} else {
if ($actionName == "etherpad_get_content") {
HTMLWriter::charsetHeader("text/plain");
echo $client->getText($httpVars["pad_id"])->text;
}
}
}
}
}
return null;
}
/**
* @param Repository $repository
* @param null $resolveUserId
* @return String
*/
protected function computeIdentifier($repository, $resolveUserId = null)
{
$parts = array($repository->getId());
if ($repository->securityScope() == 'USER') {
if ($resolveUserId != null) {
$parts[] = $resolveUserId;
} else {
$parts[] = AuthService::getLoggedUser()->getId();
}
} else {
if ($repository->securityScope() == 'GROUP') {
if ($resolveUserId != null) {
$userObject = ConfService::getConfStorageImpl()->createUserObject($resolveUserId);
if ($userObject != null) {
$parts[] = $userObject->getGroupPath();
}
} else {
$parts[] = AuthService::getLoggedUser()->getGroupPath();
}
}
}
return implode("-", $parts);
}
/**
* @param string $repoId
* @param Repository $repoObject
* @param array $exposed
* @param array $streams
* @param AbstractAjxpUser $loggedUser
* @param string $accessStatus
* @return string
* @throws Exception
*/
public static function repositoryToXML($repoId, $repoObject, $exposed, $streams, $loggedUser, $accessStatus = "")
{
$statusString = " repository_type=\"" . $repoObject->getRepositoryType() . "\"";
if (empty($accessStatus)) {
$accessStatus = $repoObject->getAccessStatus();
}
if (!empty($accessStatus)) {
$statusString .= " access_status=\"{$accessStatus}\" ";
} else {
if ($loggedUser != null) {
$lastConnected = $loggedUser->getArrayPref("repository_last_connected", $repoId);
if (!empty($lastConnected)) {
$statusString .= " last_connection=\"{$lastConnected}\" ";
}
}
}
$streamString = "";
if (in_array($repoObject->accessType, $streams)) {
$streamString = "allowCrossRepositoryCopy=\"true\"";
}
if ($repoObject->getUniqueUser()) {
$streamString .= " user_editable_repository=\"true\" ";
}
if ($repoObject->hasContentFilter()) {
$streamString .= " hasContentFilter=\"true\"";
}
$slugString = "";
$slug = $repoObject->getSlug();
if (!empty($slug)) {
$slugString = "repositorySlug=\"{$slug}\"";
}
$isSharedString = "";
$currentUserIsOwner = false;
$ownerLabel = null;
if ($repoObject->hasOwner()) {
$uId = $repoObject->getOwner();
if (AuthService::usersEnabled() && AuthService::getLoggedUser()->getId() == $uId) {
$currentUserIsOwner = true;
}
$label = ConfService::getUserPersonalParameter("USER_DISPLAY_NAME", $uId, "core.conf", $uId);
$ownerLabel = $label;
$isSharedString = 'owner="' . AJXP_Utils::xmlEntities($label) . '"';
}
if ($repoObject->securityScope() == "USER" || $currentUserIsOwner) {
$streamString .= " userScope=\"true\"";
}
$descTag = "";
$public = false;
if (!empty($_SESSION["CURRENT_MINISITE"])) {
$public = true;
}
$description = $repoObject->getDescription($public, $ownerLabel);
if (!empty($description)) {
$descTag = '<description>' . AJXP_Utils::xmlEntities($description, true) . '</description>';
}
$roleString = "";
if ($loggedUser != null) {
$merged = $loggedUser->mergedRole;
$params = array();
foreach ($exposed as $exposed_prop) {
$metaOptions = $repoObject->getOption("META_SOURCES");
if (!isset($metaOptions[$exposed_prop["PLUGIN_ID"]])) {
continue;
}
$value = $exposed_prop["DEFAULT"];
if (isset($metaOptions[$exposed_prop["PLUGIN_ID"]][$exposed_prop["NAME"]])) {
$value = $metaOptions[$exposed_prop["PLUGIN_ID"]][$exposed_prop["NAME"]];
}
$value = $merged->filterParameterValue($exposed_prop["PLUGIN_ID"], $exposed_prop["NAME"], $repoId, $value);
if ($value !== null) {
if ($value === true || $value === false) {
$value = $value === true ? "true" : "false";
}
$params[] = '<repository_plugin_param plugin_id="' . $exposed_prop["PLUGIN_ID"] . '" name="' . $exposed_prop["NAME"] . '" value="' . AJXP_Utils::xmlEntities($value) . '"/>';
$roleString .= str_replace(".", "_", $exposed_prop["PLUGIN_ID"]) . "_" . $exposed_prop["NAME"] . '="' . AJXP_Utils::xmlEntities($value) . '" ';
}
}
$roleString .= 'acl="' . $merged->getAcl($repoId) . '"';
if ($merged->hasMask($repoId)) {
$roleString .= ' hasMask="true" ';
}
}
return "<repo access_type=\"" . $repoObject->accessType . "\" id=\"" . $repoId . "\"{$statusString} {$streamString} {$slugString} {$isSharedString} {$roleString}><label>" . SystemTextEncoding::toUTF8(AJXP_Utils::xmlEntities($repoObject->getDisplay())) . "</label>" . $descTag . $repoObject->getClientSettings() . "</repo>";
}
protected function parseUrl($url)
{
// URL MAY BE ajxp.ftp://username:password@host/path
$urlParts = parse_url($url);
$this->repositoryId = $urlParts["host"];
$repository = ConfService::getRepositoryById($this->repositoryId);
// Get USER/PASS
// 1. Try from URL
if (isset($urlParts["user"]) && isset($urlParts["pass"])) {
$this->user = $urlParts["user"];
$this->password = $urlParts["pass"];
}
// 2. Try from user wallet
if (!isset($this->user) || $this->user == "") {
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser != null) {
$wallet = $loggedUser->getPref("AJXP_WALLET");
if (is_array($wallet) && isset($wallet[$this->repositoryId]["FTP_USER"])) {
$this->user = $wallet[$this->repositoryId]["FTP_USER"];
$this->password = $loggedUser->decodeUserPassword($wallet[$this->repositoryId]["FTP_PASS"]);
}
}
}
// 3. Try from repository config
if (!isset($this->user) || $this->user == "") {
$this->user = $repository->getOption("FTP_USER");
$this->password = $repository->getOption("FTP_PASS");
}
// 4. Try from session
if ((!isset($this->user) || $this->user == "") && isset($_SESSION["AJXP_SESSION_REMOTE_USER"])) {
$this->user = $_SESSION["AJXP_SESSION_REMOTE_USER"];
$this->password = $_SESSION["AJXP_SESSION_REMOTE_PASS"];
}
if (!isset($this->user) || $this->user == "") {
throw new AJXP_Exception("Cannot find user/pass for FTP access!");
}
if ($repository->getOption("DYNAMIC_FTP") == "TRUE" && isset($_SESSION["AJXP_DYNAMIC_FTP_DATA"])) {
$data = $_SESSION["AJXP_DYNAMIC_FTP_DATA"];
$this->host = $data["FTP_HOST"];
$this->path = $data["PATH"];
$this->secure = $data["FTP_SECURE"] == "TRUE" ? true : false;
$this->port = $data["FTP_PORT"] != "" ? intval($data["FTP_PORT"]) : ($this->secure ? 22 : 21);
$this->ftpActive = $data["FTP_DIRECT"] == "TRUE" ? true : false;
$this->repoCharset = $data["CHARSET"];
} else {
$this->host = $repository->getOption("FTP_HOST");
$this->path = $repository->getOption("PATH");
$this->secure = $repository->getOption("FTP_SECURE") == "TRUE" ? true : false;
$this->port = $repository->getOption("FTP_PORT") != "" ? intval($repository->getOption("FTP_PORT")) : ($this->secure ? 22 : 21);
$this->ftpActive = $repository->getOption("FTP_DIRECT") == "TRUE" ? true : false;
$this->repoCharset = $repository->getOption("CHARSET");
}
// Test Connexion and server features
global $_SESSION;
$cacheKey = $repository->getId() . "_ftpCharset";
if (!isset($_SESSION[$cacheKey]) || !strlen($_SESSION[$cacheKey])) {
$features = $this->getServerFeatures();
if (!isset($_SESSION["AJXP_CHARSET"]) || $_SESSION["AJXP_CHARSET"] == "") {
$_SESSION["AJXP_CHARSET"] = $features["charset"];
}
$_SESSION[$cacheKey] = $_SESSION["AJXP_CHARSET"];
}
return $urlParts;
}
public function hasFilesToCopy()
{
$user = AuthService::getLoggedUser();
$files = $user->getTemporaryData("tmp_upload");
return count($files) ? true : false;
}
private function commitChanges($path = null)
{
$git = new VersionControl_Git($this->repoBase);
$command = $git->getCommand("add");
$command->addArgument(".");
try {
$cmd = $command->createCommandString();
$this->logDebug("Git command " . $cmd);
$res = $command->execute();
} catch (Exception $e) {
$this->logDebug("Error " . $e->getMessage());
}
$this->logDebug("GIT RESULT ADD : " . $res);
$command = $git->getCommand("commit");
$command->setOption("a", true);
$userId = "no user";
$mail = "*****@*****.**";
if (AuthService::getLoggedUser() != null) {
$userId = AuthService::getLoggedUser()->getId();
$mail = AuthService::getLoggedUser()->personalRole->filterParameterValue("core.conf", "email", AJXP_REPO_SCOPE_ALL, "*****@*****.**");
}
$command->setOption("m", $userId);
$command->setOption("author", "{$userId} <{$mail}>");
//$command->addArgument($path);
try {
$cmd = $command->createCommandString();
$this->logDebug("Git command " . $cmd);
$res = $command->execute();
} catch (Exception $e) {
$this->logDebug("Error " . $e->getMessage());
}
$this->logDebug("GIT RESULT COMMIT : " . $res);
}
/**
* @param AJXP_Node $node
*/
public function enrichNode($node)
{
if (AuthService::getLoggedUser() == null) {
return;
}
$meta = $this->metaStore->retrieveMetadata($node, self::$META_WATCH_NAMESPACE, false, AJXP_METADATA_SCOPE_REPOSITORY);
if (is_array($meta) && array_key_exists(AuthService::getLoggedUser()->getId(), $meta)) {
$node->mergeMetadata(array("meta_watched" => $meta[AuthService::getLoggedUser()->getId()], "overlay_icon" => "meta.watch/ICON_SIZE/watch.png", "overlay_class" => "icon-eye-open"), true);
}
}
private function saveUserData($data)
{
$logged = AuthService::getLoggedUser();
$logged->setPref("meta.quota", $data);
$logged->save("user");
AuthService::updateUser($logged);
}
/**
* formats the error message in representable manner
*
* @param $message String this is the message to be formatted
* @param $severity Severity level of the message: one of LOG_LEVEL_* (DEBUG,INFO,NOTICE,WARNING,ERROR)
* @return String the formatted message.
*/
function formatMessage($message, $severity)
{
$msg = date("m-d-y") . " " . date("G:i:s") . "\t";
$msg .= $_SERVER['REMOTE_ADDR'];
$msg .= "\t" . strtoupper($severity) . "\t";
// Get the user if it exists
$user = "******";
if (AuthService::usersEnabled()) {
$logged = AuthService::getLoggedUser();
if ($logged != null) {
$user = $logged->getId();
} else {
$user = "******";
}
}
$msg .= "{$user}\t";
//$msg .= $severity;
$msg .= "" . $message . "\n";
return $msg;
}
