protected function getUserId() { if (AuthService::usersEnabled()) { return AuthService::getLoggedUser()->getId(); } return "shared"; }
/** * Filter the very basic keywords from the XML : AJXP_USER, AJXP_INSTALL_PATH, AJXP_DATA_PATH * Calls the vars.filter hooks. * @static * @param $value * @return mixed|string */ public static function filter($value) { if (is_string($value) && strpos($value, "AJXP_USER") !== false) { if (AuthService::usersEnabled()) { $loggedUser = AuthService::getLoggedUser(); if ($loggedUser != null) { $loggedUser = $loggedUser->getId(); $value = str_replace("AJXP_USER", $loggedUser, $value); } else { return ""; } } else { $value = str_replace("AJXP_USER", "shared", $value); } } if (is_string($value) && strpos($value, "AJXP_INSTALL_PATH") !== false) { $value = str_replace("AJXP_INSTALL_PATH", AJXP_INSTALL_PATH, $value); } if (is_string($value) && strpos($value, "AJXP_DATA_PATH") !== false) { $value = str_replace("AJXP_DATA_PATH", AJXP_DATA_PATH, $value); } $tab = array(&$value); AJXP_Controller::applyIncludeHook("vars.filter", $tab); return $value; }
public function preProcess($action, $httpVars, $fileVars) { if (!is_array($this->pluginConf) || !isset($this->pluginConf["TO"])) { throw new Exception("Cannot find configuration for plugin notify.phpmail-lite! Make sur the .inc file was dropped inside the /server/conf/ folder!"); } require "lib/class.phpmailer-lite.php"; $mail = new PHPMailerLite(true); $mail->Mailer = $this->pluginConf["MAILER"]; $mail->SetFrom($this->pluginConf["FROM"]["address"], $this->pluginConf["FROM"]["name"]); foreach ($this->pluginConf["TO"] as $address) { $mail->AddAddress($address["address"], $address["name"]); } $mail->WordWrap = 50; // set word wrap to 50 characters $mail->IsHTML(true); // set email format to HTML $mail->Subject = $this->pluginConf["SUBJECT"]; $mail->Body = str_replace("%user", AuthService::getLoggedUser()->getId(), $this->pluginConf["BODY"]); $mail->AltBody = strip_tags($mail->Body); if (!$mail->Send()) { $message = "Message could not be sent. <p>"; $message .= "Mailer Error: " . $mail->ErrorInfo; throw new Exception($message); } }
public function doTest() { $this->testedParams["Users enabled"] = AuthService::usersEnabled(); $this->testedParams["Guest enabled"] = ConfService::getCoreConf("ALLOW_GUEST_BROWSING", "auth"); $this->failedLevel = "info"; return FALSE; }
function load() { $serialDir = $this->storage->getOption("USERS_DIRPATH"); $this->rights = AJXP_Utils::loadSerialFile($serialDir . "/" . $this->getId() . "/rights.ser"); $this->prefs = AJXP_Utils::loadSerialFile($serialDir . "/" . $this->getId() . "/prefs.ser"); $this->bookmarks = AJXP_Utils::loadSerialFile($serialDir . "/" . $this->getId() . "/bookmarks.ser"); if (isset($this->rights["ajxp.admin"]) && $this->rights["ajxp.admin"] === true) { $this->setAdmin(true); } if (isset($this->rights["ajxp.parent_user"])) { $this->setParent($this->rights["ajxp.parent_user"]); } // Load roles if (isset($this->rights["ajxp.roles"])) { //$allRoles = $this->storage->listRoles(); $allRoles = AuthService::getRolesList(); // Maintained as instance variable foreach (array_keys($this->rights["ajxp.roles"]) as $roleId) { if (isset($allRoles[$roleId])) { $this->roles[$roleId] = $allRoles[$roleId]; } else { unset($this->rights["ajxp.roles"][$roleId]); } } } }
public function authenticate(Sabre\DAV\Server $server, $realm) { //AJXP_Logger::debug("Try authentication on $realm", $server); try { $success = parent::authenticate($server, $realm); } catch (Exception $e) { $success = 0; $errmsg = $e->getMessage(); if ($errmsg != "No digest authentication headers were found") { $success = false; } } if ($success) { $res = AuthService::logUser($this->currentUser, null, true); if ($res < 1) { throw new Sabre\DAV\Exception\NotAuthenticated(); } $this->updateCurrentUserRights(AuthService::getLoggedUser()); if (ConfService::getCoreConf("SESSION_SET_CREDENTIALS", "auth")) { $webdavData = AuthService::getLoggedUser()->getPref("AJXP_WEBDAV_DATA"); AJXP_Safe::storeCredentials($this->currentUser, $this->_decodePassword($webdavData["PASS"], $this->currentUser)); } } else { if ($success === false) { AJXP_Logger::warning(__CLASS__, "Login failed", array("user" => $this->currentUser, "error" => "Invalid WebDAV user or password")); } throw new Sabre\DAV\Exception\NotAuthenticated($errmsg); } ConfService::switchRootDir($this->repositoryId); return true; }
/** * Filter the very basic keywords from the XML : AJXP_USER, AJXP_INSTALL_PATH, AJXP_DATA_PATH * Calls the vars.filter hooks. * @static * @param $value * @param AbstractAjxpUser|String $resolveUser * @return mixed|string */ public static function filter($value, $resolveUser = null) { if (is_string($value) && strpos($value, "AJXP_USER") !== false) { if (AuthService::usersEnabled()) { if ($resolveUser != null) { if (is_string($resolveUser)) { $resolveUserId = $resolveUser; } else { $resolveUserId = $resolveUser->getId(); } $value = str_replace("AJXP_USER", $resolveUserId, $value); } else { $loggedUser = AuthService::getLoggedUser(); if ($loggedUser != null) { if ($loggedUser->hasParent() && $loggedUser->getResolveAsParent()) { $loggedUserId = $loggedUser->getParent(); } else { $loggedUserId = $loggedUser->getId(); } $value = str_replace("AJXP_USER", $loggedUserId, $value); } else { return ""; } } } else { $value = str_replace("AJXP_USER", "shared", $value); } } if (is_string($value) && strpos($value, "AJXP_GROUP_PATH") !== false) { if (AuthService::usersEnabled()) { if ($resolveUser != null) { if (is_string($resolveUser) && AuthService::userExists($resolveUser)) { $loggedUser = ConfService::getConfStorageImpl()->createUserObject($resolveUser); } else { $loggedUser = $resolveUser; } } else { $loggedUser = AuthService::getLoggedUser(); } if ($loggedUser != null) { $gPath = $loggedUser->getGroupPath(); $value = str_replace("AJXP_GROUP_PATH_FLAT", str_replace("/", "_", trim($gPath, "/")), $value); $value = str_replace("AJXP_GROUP_PATH", $gPath, $value); } else { return ""; } } else { $value = str_replace(array("AJXP_GROUP_PATH", "AJXP_GROUP_PATH_FLAT"), "shared", $value); } } if (is_string($value) && strpos($value, "AJXP_INSTALL_PATH") !== false) { $value = str_replace("AJXP_INSTALL_PATH", AJXP_INSTALL_PATH, $value); } if (is_string($value) && strpos($value, "AJXP_DATA_PATH") !== false) { $value = str_replace("AJXP_DATA_PATH", AJXP_DATA_PATH, $value); } $tab = array(&$value); AJXP_Controller::applyIncludeHook("vars.filter", $tab); return $value; }
public function toggleDisclaimer($actionName, $httpVars, $fileVars) { $u = AuthService::getLoggedUser(); $u->personalRole->setParameterValue("action.disclaimer", "DISCLAIMER_ACCEPTED", $httpVars["validate"] == "true" ? "yes" : "no", AJXP_REPO_SCOPE_ALL); if ($httpVars["validate"] == "true") { $u->removeLock(); $u->save("superuser"); AuthService::updateUser($u); ConfService::switchUserToActiveRepository($u); $force = $u->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1); $passId = -1; if ($force != "" && $u->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) { $passId = $force; } $res = ConfService::switchUserToActiveRepository($u, $passId); if (!$res) { AuthService::disconnect(); AJXP_XMLWriter::header(); AJXP_XMLWriter::requireAuth(true); AJXP_XMLWriter::close(); } ConfService::getInstance()->invalidateLoadedRepositories(); } else { $u->setLock("validate_disclaimer"); $u->save("superuser"); AuthService::disconnect(); AJXP_XMLWriter::header(); AJXP_XMLWriter::requireAuth(true); AJXP_XMLWriter::close(); } }
public function validateRequest(sfWebRequest $request) { $server = $this->getOAuthServer(); $oauthRequest = $this->getOAuthRequest(); $oauthResponse = $this->getOAuthResponse(); if (!$server->verifyResourceRequest($oauthRequest, $oauthResponse)) { $server->getResponse()->send(); throw new sfStopException(); } $tokenData = $server->getAccessTokenData($oauthRequest, $oauthResponse); $userId = $tokenData['user_id']; $userService = new SystemUserService(); $user = $userService->getSystemUser($userId); $authService = new AuthService(); $authService->setLoggedInUser($user); $this->getAuthenticationService()->setCredentialsForUser($user, array()); }
function repositoryDataAsJS() { if (AuthService::usersEnabled()) { return ""; } require_once INSTALL_PATH . "/server/classes/class.SystemTextEncoding.php"; require_once INSTALL_PATH . "/server/classes/class.AJXP_XMLWriter.php"; return str_replace("'", "\\'", AJXP_XMLWriter::writeRepositoriesData(null)); }
/** * Write repository data directly as javascript string * @static * @return mixed|string */ public static function repositoryDataAsJS() { if (AuthService::usersEnabled()) { return ""; } require_once AJXP_BIN_FOLDER . "/class.SystemTextEncoding.php"; require_once AJXP_BIN_FOLDER . "/class.AJXP_XMLWriter.php"; return str_replace("'", "\\'", AJXP_XMLWriter::writeRepositoriesData(null)); }
/** * Validates a username and password * * This method should return true or false depending on if login * succeeded. * * @param string $username * @param string $password * @return bool */ protected function validateUserPass($username, $password) { if (isset($this->shareData["PRESET_LOGIN"])) { $res = \AuthService::logUser($this->shareData["PRESET_LOGIN"], $password, false, false, -1); } else { $res = \AuthService::logUser($this->shareData["PRELOG_USER"], "", true); } return $res === 1; }
public function switchAction($action, $httpVars, $postProcessData) { if (!isset($this->actions[$action])) { return false; } $repository = ConfService::getRepository(); if (!$repository->detectStreamWrapper(false)) { return false; } $plugin = AJXP_PluginsService::findPlugin("access", $repository->getAccessType()); $streamData = $plugin->detectStreamWrapper(true); $destStreamURL = $streamData["protocol"] . "://" . $repository->getId() . "/"; if ($action == "audio_proxy") { $file = AJXP_Utils::decodeSecureMagic(base64_decode($httpVars["file"])); $cType = "audio/" . array_pop(explode(".", $file)); $localName = basename($file); header("Content-Type: " . $cType . "; name=\"" . $localName . "\""); header("Content-Length: " . filesize($destStreamURL . $file)); $stream = fopen("php://output", "a"); call_user_func(array($streamData["classname"], "copyFileInStream"), $destStreamURL . $file, $stream); fflush($stream); fclose($stream); $node = new AJXP_Node($destStreamURL . $file); AJXP_Controller::applyHook("node.read", array($node)); //exit(1); } else { if ($action == "ls") { if (!isset($httpVars["playlist"])) { // This should not happen anyway, because of the applyCondition. AJXP_Controller::passProcessDataThrough($postProcessData); return; } // We transform the XML into XSPF $xmlString = $postProcessData["ob_output"]; $xmlDoc = new DOMDocument(); $xmlDoc->loadXML($xmlString); $xElement = $xmlDoc->documentElement; header("Content-Type:application/xspf+xml;charset=UTF-8"); print '<?xml version="1.0" encoding="UTF-8"?>'; print '<playlist version="1" xmlns="http://xspf.org/ns/0/">'; print "<trackList>"; foreach ($xElement->childNodes as $child) { $isFile = $child->getAttribute("is_file") == "true"; $label = $child->getAttribute("text"); $ar = explode(".", $label); $ext = strtolower(end($ar)); if (!$isFile || $ext != "mp3") { continue; } print "<track><location>" . AJXP_SERVER_ACCESS . "?secure_token=" . AuthService::getSecureToken() . "&get_action=audio_proxy&file=" . base64_encode($child->getAttribute("filename")) . "</location><title>" . $label . "</title></track>"; } print "</trackList>"; AJXP_XMLWriter::close("playlist"); } } }
function upgradeRootRoleForWelcome() { $rootRole = AuthService::getRole("ROOT_ROLE"); if (!empty($rootRole)) { echo '<br>Upgrading Root Role to let users access the new welcome page<br>'; $rootRole->setAcl("ajxp_home", "rw"); $rootRole->setParameterValue("core.conf", "DEFAULT_START_REPOSITORY", "ajxp_home"); AuthService::updateRole($rootRole); } }
protected function getUserId($private) { if (!$private) { return AJXP_METADATA_SHAREDUSER; } if (AuthService::usersEnabled()) { return AuthService::getLoggedUser()->getId(); } return "shared"; }
public function logoutCallback($actionName, $httpVars, $fileVars) { AJXP_Safe::clearCredentials(); $adminUser = $this->options["AJXP_ADMIN_LOGIN"]; AuthService::disconnect(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
public function testRolesStorage() { $r = new \AJXP_Role("phpunit_temporary_role"); $r->setAcl(0, "rw"); \AuthService::updateRole($r); $r1 = \AuthService::getRole("phpunit_temporary_role"); $this->assertTrue(is_a($r1, "AJXP_Role")); $this->assertEquals("rw", $r1->getAcl(0)); \AuthService::deleteRole("phpunit_temporary_role"); $r2 = \AuthService::getRole("phpunit_temporary_role"); $this->assertFalse($r2); }
private function getTreeName() { $base = AJXP_SHARED_CACHE_DIR . "/trees/tree-" . ConfService::getRepository()->getId(); $secuScope = ConfService::getRepository()->securityScope(); if ($secuScope == "USER") { $base .= "-" . AuthService::getLoggedUser()->getId(); } else { if ($secuScope == "GROUP") { $base .= "-" . str_replace("/", "_", AuthService::getLoggedUser()->getGroupPath()); } } return $base . "-full.xml"; }
public function logoutCallback($actionName, $httpVars, $fileVars) { AJXP_Safe::clearCredentials(); $adminUser = $this->options["ADMIN_USER"]; $subUsers = array(); unset($_SESSION["COUNT"]); unset($_SESSION["disk"]); AuthService::disconnect(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
/** * Updates the data * * The data argument is a readable stream resource. * * After a succesful put operation, you may choose to return an ETag. The * etag must always be surrounded by double-quotes. These quotes must * appear in the actual string you're returning. * * Clients may use the ETag from a PUT request to later on make sure that * when they update the file, the contents haven't changed in the mean * time. * * If you don't plan to store the file byte-by-byte, and you return a * different object on a subsequent GET you are strongly recommended to not * return an ETag, and just return null. * * @param resource $data * @return string|null */ public function put($data) { // Warning, passed by ref $p = $this->path; if (!AuthService::getLoggedUser()->canWrite($this->repository->getId())) { throw new \Sabre\DAV\Exception\Forbidden(); } $this->getAccessDriver()->nodeWillChange($p, intval($_SERVER["CONTENT_LENGTH"])); $stream = fopen($this->getUrl(), "w"); stream_copy_to_stream($data, $stream); fclose($stream); $toto = null; $this->getAccessDriver()->nodeChanged($toto, $p); return $this->getETag(); }
public function preLogUser($sessionId) { if ($_GET['get_action'] == "logout") { phpCAS::logout(); return; } phpCAS::forceAuthentication(); $cas_user = phpCAS::getUser(); if (!$this->userExists($cas_user) && $this->autoCreateUser()) { $this->createUser($cas_user, openssl_random_pseudo_bytes(20)); } if ($this->userExists($cas_user)) { AuthService::logUser($cas_user, "", true); } }
function tryToLogUser(&$httpVars, $isLast = false) { $localHttpLogin = $_SERVER["REMOTE_USER"]; $localHttpPassw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : ""; if (!isset($localHttpLogin)) { return false; } if (!AuthService::userExists($localHttpLogin) && $this->pluginConf["CREATE_USER"] === true) { AuthService::createUser($localHttpLogin, $localHttpPassw, isset($this->pluginConf["AJXP_ADMIN"]) && $this->pluginConf["AJXP_ADMIN"] == $localHttpLogin); } $res = AuthService::logUser($localHttpLogin, $localHttpPassw, true); if ($res > 0) { return true; } return false; }
public function logoutCallback($actionName, $httpVars, $fileVars) { AJXP_Safe::clearCredentials(); $adminUser = $this->options["ADMIN_USER"]; $subUsers = array(); foreach ($_SESSION as $key => $val) { if (substr($key, -4) === "disk" && substr($key, 0, 4) == "smb_") { unset($_SESSION[$key]); } } AuthService::disconnect(); session_write_close(); AJXP_XMLWriter::header(); AJXP_XMLWriter::loggingResult(2); AJXP_XMLWriter::close(); }
/** * formats the error message in representable manner * * For the SQL driver we will normalise the information into our table row format. * * @param $message String this is the message to be formatted * @param $severity Severity level of the message: one of LOG_LEVEL_* (DEBUG,INFO,NOTICE,WARNING,ERROR) * @return String the formatted message. */ function formatMessage($message, $severity) { // Get the user if it exists $user = "******"; if (AuthService::usersEnabled()) { $logged = AuthService::getLoggedUser(); if ($logged != null) { $user = $logged->getId(); } else { $user = "******"; } } $message_parts = explode("\t", $message); $severity = strtoupper((string) $severity); $log_row = array('logdate' => $this->toMysqlDateTime(strtotime('NOW')), 'remote_ip' => $this->inet_ptod($_SERVER['REMOTE_ADDR']), 'severity' => $severity, 'user' => $user, 'message' => $message_parts[0], 'params' => $message_parts[1]); return $log_row; }
public function getRegistryContributions() { $logged = AuthService::getLoggedUser(); if (AuthService::usersEnabled()) { if ($logged == null) { return $this->registryContributions; } else { $xmlString = AJXP_XMLWriter::getUserXml($logged, false); } } else { $xmlString = AJXP_XMLWriter::getUserXml(null, false); } $dom = new DOMDocument(); $dom->loadXML($xmlString); $this->registryContributions[] = $dom->documentElement; return $this->registryContributions; }
public function getChildren() { $this->children = array(); $u = AuthService::getLoggedUser(); if ($u != null) { $repos = ConfService::getAccessibleRepositories($u); // Refilter to make sure the driver is an AjxpWebdavProvider foreach ($repos as $repository) { $accessType = $repository->getAccessType(); $driver = AJXP_PluginsService::getInstance()->getPluginByTypeName("access", $accessType); if (is_a($driver, "AjxpWrapperProvider") && $repository->getOption("AJXP_WEBDAV_DISABLED") !== true) { $this->children[$repository->getSlug()] = new Sabre\DAV\SimpleCollection($repository->getSlug()); } } } return $this->children; }
public function receiveAction($action, $httpVars, $filesVars) { $provider = $this->getFilteredOption("AVATAR_PROVIDER"); $type = $this->getFilteredOption("GRAVATAR_TYPE"); if ($action == "get_avatar_url") { $url = ""; $suffix = ""; switch ($provider) { case "gravatar": default: if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') { $url = "https://secure.gravatar.com"; } else { $url = "http://www.gravatar.com"; } $url .= "/avatar/"; $suffix .= "?s=80&r=g&d=" . $type; break; case "libravatar": $url = ""; // Federated Servers are not supported here without libravatar.org. Should query DNS server first. if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') { $url = "https://seccdn.libravatar.org"; } else { $url = "http://cdn.libravatar.org"; } $url .= "/avatar/"; $suffix = "?s=80&d=" . $type; break; } if (isset($httpVars["userid"])) { $userid = $httpVars["userid"]; if (AuthService::usersEnabled() && AuthService::userExists($userid)) { $confDriver = ConfService::getConfStorageImpl(); $user = $confDriver->createUserObject($userid); $userEmail = $user->personalRole->filterParameterValue("core.conf", "email", AJXP_REPO_SCOPE_ALL, ""); if (!empty($userEmail)) { $url .= md5(strtolower(trim($userEmail))); } } } $url .= $suffix; print $url; } }
public function preLogUser($sessionId) { global $user; $username = $user->data['username_clean']; $password = md5($user->data['user_password']); if (!$user->data['is_registered']) { return false; } if (!$this->userExists($username)) { if ($this->autoCreateUser()) { $this->createUser($username, $password); } else { return false; } } AuthService::logUser($username, '', true); return true; }
/** * @param AJXP_Node $node * @param string $cacheType * @param string $details * @return string */ public static function computeIdForNode($node, $cacheType, $details = '') { $repo = $node->getRepository(); if ($repo == null) { return "failed-id"; } $scope = $repo->securityScope(); $additional = ""; if ($scope === "USER") { $additional = AuthService::getLoggedUser()->getId() . "@"; } else { if ($scope == "GROUP") { $additional = ltrim(str_replace("/", "__", AuthService::getLoggedUser()->getGroupPath()), "__") . "@"; } } $scheme = parse_url($node->getUrl(), PHP_URL_SCHEME); return str_replace($scheme . "://", $cacheType . "://" . $additional, $node->getUrl()) . ($details ? "##" . $details : ""); }
function filterUsersPref($action, $httpVars, $fileVars) { if ($action != "save_user_pref") { return; } $loggedUser = AuthService::getLoggedUser()->getId(); if ($loggedUser != "demo") { return; } $i = 0; while (isset($_GET["pref_name_" . $i]) && isset($_GET["pref_value_" . $i])) { $prefName = $_GET["pref_name_" . $i]; $prefValue = stripslashes($_GET["pref_value_" . $i]); if ($prefName == "password") { throw new Exception("You are not allowed to change the password"); } $i++; } }