public function authenticate(Sabre\DAV\Server $server, $realm)
 {
     //AJXP_Logger::debug("Try authentication on $realm", $server);
     try {
         $success = parent::authenticate($server, $realm);
     } catch (Exception $e) {
         $success = 0;
         $errmsg = $e->getMessage();
         if ($errmsg != "No digest authentication headers were found") {
             $success = false;
         }
     }
     if ($success) {
         $res = AuthService::logUser($this->currentUser, null, true);
         if ($res < 1) {
             throw new Sabre\DAV\Exception\NotAuthenticated();
         }
         $this->updateCurrentUserRights(AuthService::getLoggedUser());
         if (ConfService::getCoreConf("SESSION_SET_CREDENTIALS", "auth")) {
             $webdavData = AuthService::getLoggedUser()->getPref("AJXP_WEBDAV_DATA");
             AJXP_Safe::storeCredentials($this->currentUser, $this->_decodePassword($webdavData["PASS"], $this->currentUser));
         }
     } else {
         if ($success === false) {
             AJXP_Logger::warning(__CLASS__, "Login failed", array("user" => $this->currentUser, "error" => "Invalid WebDAV user or password"));
         }
         throw new Sabre\DAV\Exception\NotAuthenticated($errmsg);
     }
     ConfService::switchRootDir($this->repositoryId);
     return true;
 }
 public function toggleDisclaimer($actionName, $httpVars, $fileVars)
 {
     $u = AuthService::getLoggedUser();
     $u->personalRole->setParameterValue("action.disclaimer", "DISCLAIMER_ACCEPTED", $httpVars["validate"] == "true" ? "yes" : "no", AJXP_REPO_SCOPE_ALL);
     if ($httpVars["validate"] == "true") {
         $u->removeLock();
         $u->save("superuser");
         AuthService::updateUser($u);
         ConfService::switchUserToActiveRepository($u);
         $force = $u->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
         $passId = -1;
         if ($force != "" && $u->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
             $passId = $force;
         }
         $res = ConfService::switchUserToActiveRepository($u, $passId);
         if (!$res) {
             AuthService::disconnect();
             AJXP_XMLWriter::header();
             AJXP_XMLWriter::requireAuth(true);
             AJXP_XMLWriter::close();
         }
         ConfService::getInstance()->invalidateLoadedRepositories();
     } else {
         $u->setLock("validate_disclaimer");
         $u->save("superuser");
         AuthService::disconnect();
         AJXP_XMLWriter::header();
         AJXP_XMLWriter::requireAuth(true);
         AJXP_XMLWriter::close();
     }
 }
 protected function getUserId()
 {
     if (AuthService::usersEnabled()) {
         return AuthService::getLoggedUser()->getId();
     }
     return "shared";
 }
 /**
  * Filter the very basic keywords from the XML  : AJXP_USER, AJXP_INSTALL_PATH, AJXP_DATA_PATH
  * Calls the vars.filter hooks.
  * @static
  * @param $value
  * @return mixed|string
  */
 public static function filter($value)
 {
     if (is_string($value) && strpos($value, "AJXP_USER") !== false) {
         if (AuthService::usersEnabled()) {
             $loggedUser = AuthService::getLoggedUser();
             if ($loggedUser != null) {
                 $loggedUser = $loggedUser->getId();
                 $value = str_replace("AJXP_USER", $loggedUser, $value);
             } else {
                 return "";
             }
         } else {
             $value = str_replace("AJXP_USER", "shared", $value);
         }
     }
     if (is_string($value) && strpos($value, "AJXP_INSTALL_PATH") !== false) {
         $value = str_replace("AJXP_INSTALL_PATH", AJXP_INSTALL_PATH, $value);
     }
     if (is_string($value) && strpos($value, "AJXP_DATA_PATH") !== false) {
         $value = str_replace("AJXP_DATA_PATH", AJXP_DATA_PATH, $value);
     }
     $tab = array(&$value);
     AJXP_Controller::applyIncludeHook("vars.filter", $tab);
     return $value;
 }
 /**
  * Filter the very basic keywords from the XML  : AJXP_USER, AJXP_INSTALL_PATH, AJXP_DATA_PATH
  * Calls the vars.filter hooks.
  * @static
  * @param $value
  * @param AbstractAjxpUser|String $resolveUser
  * @return mixed|string
  */
 public static function filter($value, $resolveUser = null)
 {
     if (is_string($value) && strpos($value, "AJXP_USER") !== false) {
         if (AuthService::usersEnabled()) {
             if ($resolveUser != null) {
                 if (is_string($resolveUser)) {
                     $resolveUserId = $resolveUser;
                 } else {
                     $resolveUserId = $resolveUser->getId();
                 }
                 $value = str_replace("AJXP_USER", $resolveUserId, $value);
             } else {
                 $loggedUser = AuthService::getLoggedUser();
                 if ($loggedUser != null) {
                     if ($loggedUser->hasParent() && $loggedUser->getResolveAsParent()) {
                         $loggedUserId = $loggedUser->getParent();
                     } else {
                         $loggedUserId = $loggedUser->getId();
                     }
                     $value = str_replace("AJXP_USER", $loggedUserId, $value);
                 } else {
                     return "";
                 }
             }
         } else {
             $value = str_replace("AJXP_USER", "shared", $value);
         }
     }
     if (is_string($value) && strpos($value, "AJXP_GROUP_PATH") !== false) {
         if (AuthService::usersEnabled()) {
             if ($resolveUser != null) {
                 if (is_string($resolveUser) && AuthService::userExists($resolveUser)) {
                     $loggedUser = ConfService::getConfStorageImpl()->createUserObject($resolveUser);
                 } else {
                     $loggedUser = $resolveUser;
                 }
             } else {
                 $loggedUser = AuthService::getLoggedUser();
             }
             if ($loggedUser != null) {
                 $gPath = $loggedUser->getGroupPath();
                 $value = str_replace("AJXP_GROUP_PATH_FLAT", str_replace("/", "_", trim($gPath, "/")), $value);
                 $value = str_replace("AJXP_GROUP_PATH", $gPath, $value);
             } else {
                 return "";
             }
         } else {
             $value = str_replace(array("AJXP_GROUP_PATH", "AJXP_GROUP_PATH_FLAT"), "shared", $value);
         }
     }
     if (is_string($value) && strpos($value, "AJXP_INSTALL_PATH") !== false) {
         $value = str_replace("AJXP_INSTALL_PATH", AJXP_INSTALL_PATH, $value);
     }
     if (is_string($value) && strpos($value, "AJXP_DATA_PATH") !== false) {
         $value = str_replace("AJXP_DATA_PATH", AJXP_DATA_PATH, $value);
     }
     $tab = array(&$value);
     AJXP_Controller::applyIncludeHook("vars.filter", $tab);
     return $value;
 }
 public function preProcess($action, $httpVars, $fileVars)
 {
     if (!is_array($this->pluginConf) || !isset($this->pluginConf["TO"])) {
         throw new Exception("Cannot find configuration for plugin notify.phpmail-lite! Make sur the .inc file was dropped inside the /server/conf/ folder!");
     }
     require "lib/class.phpmailer-lite.php";
     $mail = new PHPMailerLite(true);
     $mail->Mailer = $this->pluginConf["MAILER"];
     $mail->SetFrom($this->pluginConf["FROM"]["address"], $this->pluginConf["FROM"]["name"]);
     foreach ($this->pluginConf["TO"] as $address) {
         $mail->AddAddress($address["address"], $address["name"]);
     }
     $mail->WordWrap = 50;
     // set word wrap to 50 characters
     $mail->IsHTML(true);
     // set email format to HTML
     $mail->Subject = $this->pluginConf["SUBJECT"];
     $mail->Body = str_replace("%user", AuthService::getLoggedUser()->getId(), $this->pluginConf["BODY"]);
     $mail->AltBody = strip_tags($mail->Body);
     if (!$mail->Send()) {
         $message = "Message could not be sent. <p>";
         $message .= "Mailer Error: " . $mail->ErrorInfo;
         throw new Exception($message);
     }
 }
 function tryToLogUser(&$httpVars, $isLast = false)
 {
     if (!isset($httpVars["get_action"]) || $httpVars["get_action"] != "login") {
         return false;
     }
     $rememberLogin = "";
     $rememberPass = "";
     $secureToken = "";
     $loggedUser = null;
     include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php";
     if (AuthService::suspectBruteForceLogin() && (!isset($httpVars["captcha_code"]) || !CaptchaProvider::checkCaptchaResult($httpVars["captcha_code"]))) {
         $loggingResult = -4;
     } else {
         $userId = isset($httpVars["userid"]) ? AJXP_Utils::sanitize($httpVars["userid"], AJXP_SANITIZE_EMAILCHARS) : null;
         $userPass = isset($httpVars["password"]) ? trim($httpVars["password"]) : null;
         $rememberMe = isset($httpVars["remember_me"]) && $httpVars["remember_me"] == "true" ? true : false;
         $cookieLogin = isset($httpVars["cookie_login"]) ? true : false;
         $loggingResult = AuthService::logUser($userId, $userPass, false, $cookieLogin, $httpVars["login_seed"]);
         if ($rememberMe && $loggingResult == 1) {
             $rememberLogin = "******";
             $rememberPass = "******";
         }
         if ($loggingResult == 1) {
             session_regenerate_id(true);
             $secureToken = AuthService::generateSecureToken();
         }
         if ($loggingResult < 1 && AuthService::suspectBruteForceLogin()) {
             $loggingResult = -4;
             // Force captcha reload
         }
     }
     $loggedUser = AuthService::getLoggedUser();
     if ($loggedUser != null) {
         $force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
         $passId = -1;
         if (isset($httpVars["tmp_repository_id"])) {
             $passId = $httpVars["tmp_repository_id"];
         } else {
             if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
                 $passId = $force;
             }
         }
         $res = ConfService::switchUserToActiveRepository($loggedUser, $passId);
         if (!$res) {
             AuthService::disconnect();
             $loggingResult = -3;
         }
     }
     if ($loggedUser != null && (AuthService::hasRememberCookie() || isset($rememberMe) && $rememberMe == true)) {
         AuthService::refreshRememberCookie($loggedUser);
     }
     AJXP_XMLWriter::header();
     AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass, $secureToken);
     AJXP_XMLWriter::close();
     if ($loggingResult > 0 || $isLast) {
         exit;
     }
 }
示例#8
0
 protected function getUserId($private)
 {
     if (!$private) {
         return AJXP_METADATA_SHAREDUSER;
     }
     if (AuthService::usersEnabled()) {
         return AuthService::getLoggedUser()->getId();
     }
     return "shared";
 }
示例#9
0
 private function getTreeName()
 {
     $base = AJXP_SHARED_CACHE_DIR . "/trees/tree-" . ConfService::getRepository()->getId();
     $secuScope = ConfService::getRepository()->securityScope();
     if ($secuScope == "USER") {
         $base .= "-" . AuthService::getLoggedUser()->getId();
     } else {
         if ($secuScope == "GROUP") {
             $base .= "-" . str_replace("/", "_", AuthService::getLoggedUser()->getGroupPath());
         }
     }
     return $base . "-full.xml";
 }
 /**
  * Updates the data
  *
  * The data argument is a readable stream resource.
  *
  * After a succesful put operation, you may choose to return an ETag. The
  * etag must always be surrounded by double-quotes. These quotes must
  * appear in the actual string you're returning.
  *
  * Clients may use the ETag from a PUT request to later on make sure that
  * when they update the file, the contents haven't changed in the mean
  * time.
  *
  * If you don't plan to store the file byte-by-byte, and you return a
  * different object on a subsequent GET you are strongly recommended to not
  * return an ETag, and just return null.
  *
  * @param resource $data
  * @return string|null
  */
 public function put($data)
 {
     // Warning, passed by ref
     $p = $this->path;
     if (!AuthService::getLoggedUser()->canWrite($this->repository->getId())) {
         throw new \Sabre\DAV\Exception\Forbidden();
     }
     $this->getAccessDriver()->nodeWillChange($p, intval($_SERVER["CONTENT_LENGTH"]));
     $stream = fopen($this->getUrl(), "w");
     stream_copy_to_stream($data, $stream);
     fclose($stream);
     $toto = null;
     $this->getAccessDriver()->nodeChanged($toto, $p);
     return $this->getETag();
 }
 public function getRegistryContributions()
 {
     $logged = AuthService::getLoggedUser();
     if (AuthService::usersEnabled()) {
         if ($logged == null) {
             return $this->registryContributions;
         } else {
             $xmlString = AJXP_XMLWriter::getUserXml($logged, false);
         }
     } else {
         $xmlString = AJXP_XMLWriter::getUserXml(null, false);
     }
     $dom = new DOMDocument();
     $dom->loadXML($xmlString);
     $this->registryContributions[] = $dom->documentElement;
     return $this->registryContributions;
 }
 public function getChildren()
 {
     $this->children = array();
     $u = AuthService::getLoggedUser();
     if ($u != null) {
         $repos = ConfService::getAccessibleRepositories($u);
         // Refilter to make sure the driver is an AjxpWebdavProvider
         foreach ($repos as $repository) {
             $accessType = $repository->getAccessType();
             $driver = AJXP_PluginsService::getInstance()->getPluginByTypeName("access", $accessType);
             if (is_a($driver, "AjxpWrapperProvider") && $repository->getOption("AJXP_WEBDAV_DISABLED") !== true) {
                 $this->children[$repository->getSlug()] = new Sabre\DAV\SimpleCollection($repository->getSlug());
             }
         }
     }
     return $this->children;
 }
 /**
  * formats the error message in representable manner
  *
  * For the SQL driver we will normalise the information into our table row format.
  *
  * @param $message String this is the message to be formatted
  * @param $severity Severity level of the message: one of LOG_LEVEL_* (DEBUG,INFO,NOTICE,WARNING,ERROR)
  * @return String the formatted message.
  */
 function formatMessage($message, $severity)
 {
     // Get the user if it exists
     $user = "******";
     if (AuthService::usersEnabled()) {
         $logged = AuthService::getLoggedUser();
         if ($logged != null) {
             $user = $logged->getId();
         } else {
             $user = "******";
         }
     }
     $message_parts = explode("\t", $message);
     $severity = strtoupper((string) $severity);
     $log_row = array('logdate' => $this->toMysqlDateTime(strtotime('NOW')), 'remote_ip' => $this->inet_ptod($_SERVER['REMOTE_ADDR']), 'severity' => $severity, 'user' => $user, 'message' => $message_parts[0], 'params' => $message_parts[1]);
     return $log_row;
 }
 /**
  * @param AJXP_Node $node
  * @param string $cacheType
  * @param string $details
  * @return string
  */
 public static function computeIdForNode($node, $cacheType, $details = '')
 {
     $repo = $node->getRepository();
     if ($repo == null) {
         return "failed-id";
     }
     $scope = $repo->securityScope();
     $additional = "";
     if ($scope === "USER") {
         $additional = AuthService::getLoggedUser()->getId() . "@";
     } else {
         if ($scope == "GROUP") {
             $additional = ltrim(str_replace("/", "__", AuthService::getLoggedUser()->getGroupPath()), "__") . "@";
         }
     }
     $scheme = parse_url($node->getUrl(), PHP_URL_SCHEME);
     return str_replace($scheme . "://", $cacheType . "://" . $additional, $node->getUrl()) . ($details ? "##" . $details : "");
 }
示例#15
0
 function filterUsersPref($action, $httpVars, $fileVars)
 {
     if ($action != "save_user_pref") {
         return;
     }
     $loggedUser = AuthService::getLoggedUser()->getId();
     if ($loggedUser != "demo") {
         return;
     }
     $i = 0;
     while (isset($_GET["pref_name_" . $i]) && isset($_GET["pref_value_" . $i])) {
         $prefName = $_GET["pref_name_" . $i];
         $prefValue = stripslashes($_GET["pref_value_" . $i]);
         if ($prefName == "password") {
             throw new Exception("You are not allowed to change the password");
         }
         $i++;
     }
 }
 public function authenticate(Sabre\DAV\Server $server, $realm)
 {
     //AJXP_Logger::debug("Try authentication on $realm", $server);
     $success = parent::authenticate($server, $realm);
     if ($success) {
         $res = AuthService::logUser($this->currentUser, null, true);
         if ($res < 1) {
             throw new Sabre\DAV\Exception\NotAuthenticated();
         }
         $this->updateCurrentUserRights(AuthService::getLoggedUser());
         if (ConfService::getCoreConf("SESSION_SET_CREDENTIALS", "auth")) {
             $webdavData = AuthService::getLoggedUser()->getPref("AJXP_WEBDAV_DATA");
             AJXP_Safe::storeCredentials($this->currentUser, $this->_decodePassword($webdavData["PASS"], $this->currentUser));
         }
     }
     if ($success === false) {
         throw new Sabre\DAV\Exception\NotAuthenticated();
     }
     ConfService::switchRootDir($this->repositoryId);
     return true;
 }
 /**
  * @param $channelName
  * @param $clientId
  * @throws Exception
  * @return mixed
  */
 public function suscribeToChannel($channelName, $clientId)
 {
     $this->loadChannel($channelName, true);
     if (AuthService::usersEnabled()) {
         $user = AuthService::getLoggedUser();
         if ($user == null) {
             throw new Exception("You must be logged in");
         }
         $GROUP_PATH = $user->getGroupPath();
         $USER_ID = $user->getId();
     } else {
         $GROUP_PATH = '/';
         $USER_ID = 'shared';
     }
     if ($GROUP_PATH == null) {
         $GROUP_PATH = false;
     }
     $this->channels[$channelName]["CLIENTS"][$clientId] = array("ALIVE" => time(), "USER_ID" => $USER_ID, "GROUP_PATH" => $GROUP_PATH);
     foreach ($this->channels[$channelName]["MESSAGES"] as &$object) {
         $object->messageRC[$clientId] = $clientId;
     }
 }
    function listUsers()
    {
        print '<columns switchGridMode="filelist"><column messageString="User Name" attributeName="ajxp_label" sortType="String"/><column messageString="Is Admin" attributeName="isAdmin" sortType="String"/></columns>';
        if (!ENABLE_USERS) {
            return;
        }
        $users = AuthService::listUsers();
        $loggedUser = AuthService::getLoggedUser();
        $userArray = array();
        foreach ($users as $userObject) {
            $userArray[Utils::xmlEntities($userObject->getId())] = $userObject;
        }
        ksort($userArray);
        foreach ($userArray as $userObject) {
            $isAdmin = $userObject->isAdmin();
            $userId = Utils::xmlEntities($userObject->getId());
            $icon = "user" . ($userId == "guest" ? "_guest" : ($isAdmin ? "_admin" : ""));
            print '<tree 
				text="' . $userId . '"
				isAdmin="' . ($isAdmin ? "True" : "False") . '" 
				icon="' . $icon . '.png" 
				openicon="' . $icon . '.png" 
				filename="/users/' . $userId . '" 
				parentname="/users" 
				is_file="1" 
				ajxp_mime="user' . ($userId != "guest" && $userId != $loggedUser->getId() ? "_editable" : "") . '"
				/>';
        }
    }
示例#19
0
 /**
  * Function for deleting a user
  *
  * @param String $userId
  * @param Array $deletedSubUsers
  */
 public function deleteUser($userId, &$deletedSubUsers)
 {
     $user = $this->createUserObject($userId);
     $files = glob($user->getStoragePath() . "/*.ser");
     if (is_array($files) && count($files)) {
         foreach ($files as $file) {
             unlink($file);
         }
     }
     if (is_dir($user->getStoragePath())) {
         rmdir($user->getStoragePath());
     }
     // DELETE CHILDREN USING POINTER IF POSSIBLE
     $users = $this->getUserChildren($userId);
     // $authDriver->listUsers();
     foreach (array_keys($users) as $id) {
         $object = $this->createUserObject($id);
         if ($object->hasParent() && $object->getParent() == $userId) {
             $this->deleteUser($id, $deletedSubUsers);
             $deletedSubUsers[] = $id;
         }
     }
     // CLEAR PARENT POINTER IF NECESSARY
     if ($user->hasParent()) {
         $parentObject = $this->createUserObject($user->getParent());
         $pointer = $parentObject->getChildrenPointer();
         if ($pointer !== null) {
             unset($pointer[$userId]);
             $parentObject->setChildrenPointer($pointer);
             $parentObject->save("superuser");
             if (AuthService::getLoggedUser() != null && AuthService::getLoggedUser()->getId() == $parentObject->getId()) {
                 AuthService::updateUser($parentObject);
             }
         }
     }
     $groups = AJXP_Utils::loadSerialFile(AJXP_VarsFilter::filter($user->storage->getOption("USERS_DIRPATH")) . "/groups.ser");
     if (isset($groups[$userId])) {
         unset($groups[$userId]);
         AJXP_Utils::saveSerialFile(AJXP_VarsFilter::filter($user->storage->getOption("USERS_DIRPATH")) . "/groups.ser", $groups);
     }
 }
示例#20
0
 public function commitChanges($actionName, $httpVars, $filesVars)
 {
     if (is_array($httpVars)) {
         $init = $this->initDirAndSelection($httpVars);
         $args = $init["DIR"];
     } else {
         $args = $httpVars;
     }
     $status = ExecSvnCmd('svn status', $args);
     if (trim(implode("", $status[IDX_STDOUT])) == "") {
         return;
     }
     $command = "svn commit";
     $user = AuthService::getLoggedUser()->getId();
     $switches = "-m \"Pydio||{$user}||{$actionName}" . (isset($this->commitMessageParams) ? "||" . $this->commitMessageParams : "") . "\"";
     $res = ExecSvnCmd($command, $args, $switches);
     if (is_file($args)) {
         $res2 = ExecSvnCmd('svn update', dirname($args), '');
     } else {
         if (is_dir($args)) {
             $res2 = ExecSvnCmd('svn update', $args, '');
         }
     }
 }
 public function preLogUser($remoteSessionId)
 {
     if ($this->masterSlaveMode) {
         $this->drivers[$this->slaveName]->preLogUser($remoteSessionId);
         if (AuthService::getLoggedUser() == null) {
             return $this->drivers[$this->masterName]->preLogUser($remoteSessionId);
         }
         return;
     }
     if ($this->getCurrentDriver()) {
         return $this->getCurrentDriver()->preLogUser($remoteSessionId);
     } else {
         throw new Exception("No driver instanciated in multi driver!");
     }
 }
 public function switchAction($actionName, $httpVars, $fileVars)
 {
     $this->baseURL = rtrim($this->getFilteredOption("ETHERPAD_SERVER"), "/");
     $this->apiKey = $this->getFilteredOption("ETHERPAD_APIKEY");
     $userSelection = new UserSelection(ConfService::getRepository(), $httpVars);
     if ($userSelection->isEmpty()) {
         throw new Exception("Empty selection");
     }
     $repository = ConfService::getRepository();
     if (!$repository->detectStreamWrapper(false)) {
         return false;
     }
     $selectedNode = $userSelection->getUniqueNode();
     $selectedNode->loadNodeInfo();
     if (!$selectedNode->isLeaf()) {
         throw new Exception("Cannot handle folders, please select a file!");
     }
     $nodeExtension = strtolower(pathinfo($selectedNode->getPath(), PATHINFO_EXTENSION));
     // Determine pad ID
     if ($nodeExtension == "pad") {
         $padID = file_get_contents($selectedNode->getUrl());
     } else {
         // TRY TO LOAD PAD ID FROM NODE SHARED METADATA
         $metadata = $selectedNode->retrieveMetadata("etherpad", AJXP_METADATA_ALLUSERS, AJXP_METADATA_SCOPE_GLOBAL, false);
         if (isset($metadata["pad_id"])) {
             $padID = $metadata["pad_id"];
         } else {
             $padID = AJXP_Utils::generateRandomString();
             $selectedNode->setMetadata("etherpad", array("pad_id" => $padID), AJXP_METADATA_ALLUSERS, AJXP_METADATA_SCOPE_GLOBAL, false);
         }
     }
     require_once "etherpad-client/etherpad-lite-client.php";
     $client = new EtherpadLiteClient($this->apiKey, $this->baseURL . "/api");
     $loggedUser = AuthService::getLoggedUser();
     $userName = $loggedUser->getId();
     $userLabel = $loggedUser->mergedRole->filterParameterValue("core.conf", "USER_DISPLAY_NAME", AJXP_REPO_SCOPE_ALL, $userName);
     $res = $client->createAuthorIfNotExistsFor($userName, $userLabel);
     $authorID = $res->authorID;
     $res2 = $client->createGroupIfNotExistsFor($loggedUser->getGroupPath());
     $groupID = $res2->groupID;
     $fullId = $groupID . "\$" . $padID;
     if ($actionName == "etherpad_create") {
         $resP = $client->listPads($groupID);
         $currentContent = file_get_contents($selectedNode->getUrl());
         if ($nodeExtension == "html" && strpos($currentContent, "<html>") === false) {
             $currentContent = "<html><head></head><body>{$currentContent}</body></html>";
         }
         if (!in_array($fullId, $resP->padIDs)) {
             $client->createGroupPad($groupID, $padID, null);
             if ($nodeExtension == "html" && !empty($currentContent)) {
                 $client->setHTML($fullId, $currentContent);
             } else {
                 if ($nodeExtension != "pad") {
                     $client->setText($fullId, $currentContent);
                 }
             }
         } else {
             if ($nodeExtension != "pad") {
                 // If someone is already connected, do not override.
                 $existingAuthors = $client->listAuthorsOfPad($fullId);
                 if (!count($existingAuthors->authorIDs)) {
                     if ($nodeExtension == "html" && !empty($currentContent)) {
                         $client->setHTML($fullId, $currentContent);
                     } else {
                         $client->setText($fullId, $currentContent);
                     }
                 }
             }
         }
         $res4 = $client->createSession($groupID, $authorID, time() + 14400);
         $sessionID = $res4->sessionID;
         setcookie('sessionID', $sessionID, null, "/");
         $padID = $groupID . '$' . $padID;
         $data = array("url" => $this->baseURL . "/p/" . $padID, "padID" => $padID, "sessionID" => $sessionID);
         HTMLWriter::charsetHeader('application/json');
         echo json_encode($data);
     } else {
         if ($actionName == "etherpad_save") {
             $padID = $httpVars["pad_id"];
             if ($nodeExtension == "html" || $nodeExtension == "pad") {
                 $res = $client->getHTML($padID);
                 $content = $res->html;
             } else {
                 $res = $client->getText($padID);
                 $content = $res->text;
             }
             if ($nodeExtension == "pad") {
                 // Create a new file and save the content in it.
                 $origUrl = $selectedNode->getUrl();
                 $mess = ConfService::getMessages();
                 $dateStamp = date(" Y-m-d H:i", time());
                 $startUrl = preg_replace('"\\.pad$"', $dateStamp . '.html', $origUrl);
                 $newNode = new AJXP_Node($startUrl);
                 AJXP_Controller::applyHook("node.before_create", array($newNode, strlen($content)));
                 file_put_contents($newNode->getUrl(), $content);
                 AJXP_Controller::applyHook("node.change", array(null, $newNode));
             } else {
                 AJXP_Controller::applyHook("node.before_change", array($selectedNode, strlen($content)));
                 file_put_contents($selectedNode->getUrl(), $content);
                 clearstatcache(true, $selectedNode->getUrl());
                 $selectedNode->loadNodeInfo(true);
                 AJXP_Controller::applyHook("node.change", array($selectedNode, $selectedNode));
             }
         } else {
             if ($actionName == "etherpad_close") {
                 // WE SHOULD DETECT IF THERE IS NOBODY CONNECTED ANYMORE, AND DELETE THE PAD.
                 // BUT SEEMS LIKE THERE'S NO WAY TO PROPERLY REMOVE AN AUTHOR VIA API
                 $sessionID = $httpVars["session_id"];
                 $client->deleteSession($sessionID);
             } else {
                 if ($actionName == "etherpad_proxy_api") {
                     if ($httpVars["api_action"] == "list_pads") {
                         $res = $client->listPads($groupID);
                     } else {
                         if ($httpVars["api_action"] == "list_authors_for_pad") {
                             $res = $client->listAuthorsOfPad($httpVars["pad_id"]);
                         }
                     }
                     HTMLWriter::charsetHeader("application/json");
                     echo json_encode($res);
                 } else {
                     if ($actionName == "etherpad_get_content") {
                         HTMLWriter::charsetHeader("text/plain");
                         echo $client->getText($httpVars["pad_id"])->text;
                     }
                 }
             }
         }
     }
     return null;
 }
 /**
  * @param Repository $repository
  * @param null $resolveUserId
  * @return String
  */
 protected function computeIdentifier($repository, $resolveUserId = null)
 {
     $parts = array($repository->getId());
     if ($repository->securityScope() == 'USER') {
         if ($resolveUserId != null) {
             $parts[] = $resolveUserId;
         } else {
             $parts[] = AuthService::getLoggedUser()->getId();
         }
     } else {
         if ($repository->securityScope() == 'GROUP') {
             if ($resolveUserId != null) {
                 $userObject = ConfService::getConfStorageImpl()->createUserObject($resolveUserId);
                 if ($userObject != null) {
                     $parts[] = $userObject->getGroupPath();
                 }
             } else {
                 $parts[] = AuthService::getLoggedUser()->getGroupPath();
             }
         }
     }
     return implode("-", $parts);
 }
 /**
  * @param string $repoId
  * @param Repository $repoObject
  * @param array $exposed
  * @param array $streams
  * @param AbstractAjxpUser $loggedUser
  * @param string $accessStatus
  * @return string
  * @throws Exception
  */
 public static function repositoryToXML($repoId, $repoObject, $exposed, $streams, $loggedUser, $accessStatus = "")
 {
     $statusString = " repository_type=\"" . $repoObject->getRepositoryType() . "\"";
     if (empty($accessStatus)) {
         $accessStatus = $repoObject->getAccessStatus();
     }
     if (!empty($accessStatus)) {
         $statusString .= " access_status=\"{$accessStatus}\" ";
     } else {
         if ($loggedUser != null) {
             $lastConnected = $loggedUser->getArrayPref("repository_last_connected", $repoId);
             if (!empty($lastConnected)) {
                 $statusString .= " last_connection=\"{$lastConnected}\" ";
             }
         }
     }
     $streamString = "";
     if (in_array($repoObject->accessType, $streams)) {
         $streamString = "allowCrossRepositoryCopy=\"true\"";
     }
     if ($repoObject->getUniqueUser()) {
         $streamString .= " user_editable_repository=\"true\" ";
     }
     if ($repoObject->hasContentFilter()) {
         $streamString .= " hasContentFilter=\"true\"";
     }
     $slugString = "";
     $slug = $repoObject->getSlug();
     if (!empty($slug)) {
         $slugString = "repositorySlug=\"{$slug}\"";
     }
     $isSharedString = "";
     $currentUserIsOwner = false;
     $ownerLabel = null;
     if ($repoObject->hasOwner()) {
         $uId = $repoObject->getOwner();
         if (AuthService::usersEnabled() && AuthService::getLoggedUser()->getId() == $uId) {
             $currentUserIsOwner = true;
         }
         $label = ConfService::getUserPersonalParameter("USER_DISPLAY_NAME", $uId, "core.conf", $uId);
         $ownerLabel = $label;
         $isSharedString = 'owner="' . AJXP_Utils::xmlEntities($label) . '"';
     }
     if ($repoObject->securityScope() == "USER" || $currentUserIsOwner) {
         $streamString .= " userScope=\"true\"";
     }
     $descTag = "";
     $public = false;
     if (!empty($_SESSION["CURRENT_MINISITE"])) {
         $public = true;
     }
     $description = $repoObject->getDescription($public, $ownerLabel);
     if (!empty($description)) {
         $descTag = '<description>' . AJXP_Utils::xmlEntities($description, true) . '</description>';
     }
     $roleString = "";
     if ($loggedUser != null) {
         $merged = $loggedUser->mergedRole;
         $params = array();
         foreach ($exposed as $exposed_prop) {
             $metaOptions = $repoObject->getOption("META_SOURCES");
             if (!isset($metaOptions[$exposed_prop["PLUGIN_ID"]])) {
                 continue;
             }
             $value = $exposed_prop["DEFAULT"];
             if (isset($metaOptions[$exposed_prop["PLUGIN_ID"]][$exposed_prop["NAME"]])) {
                 $value = $metaOptions[$exposed_prop["PLUGIN_ID"]][$exposed_prop["NAME"]];
             }
             $value = $merged->filterParameterValue($exposed_prop["PLUGIN_ID"], $exposed_prop["NAME"], $repoId, $value);
             if ($value !== null) {
                 if ($value === true || $value === false) {
                     $value = $value === true ? "true" : "false";
                 }
                 $params[] = '<repository_plugin_param plugin_id="' . $exposed_prop["PLUGIN_ID"] . '" name="' . $exposed_prop["NAME"] . '" value="' . AJXP_Utils::xmlEntities($value) . '"/>';
                 $roleString .= str_replace(".", "_", $exposed_prop["PLUGIN_ID"]) . "_" . $exposed_prop["NAME"] . '="' . AJXP_Utils::xmlEntities($value) . '" ';
             }
         }
         $roleString .= 'acl="' . $merged->getAcl($repoId) . '"';
         if ($merged->hasMask($repoId)) {
             $roleString .= ' hasMask="true" ';
         }
     }
     return "<repo access_type=\"" . $repoObject->accessType . "\" id=\"" . $repoId . "\"{$statusString} {$streamString} {$slugString} {$isSharedString} {$roleString}><label>" . SystemTextEncoding::toUTF8(AJXP_Utils::xmlEntities($repoObject->getDisplay())) . "</label>" . $descTag . $repoObject->getClientSettings() . "</repo>";
 }
 protected function parseUrl($url)
 {
     // URL MAY BE ajxp.ftp://username:password@host/path
     $urlParts = parse_url($url);
     $this->repositoryId = $urlParts["host"];
     $repository = ConfService::getRepositoryById($this->repositoryId);
     // Get USER/PASS
     // 1. Try from URL
     if (isset($urlParts["user"]) && isset($urlParts["pass"])) {
         $this->user = $urlParts["user"];
         $this->password = $urlParts["pass"];
     }
     // 2. Try from user wallet
     if (!isset($this->user) || $this->user == "") {
         $loggedUser = AuthService::getLoggedUser();
         if ($loggedUser != null) {
             $wallet = $loggedUser->getPref("AJXP_WALLET");
             if (is_array($wallet) && isset($wallet[$this->repositoryId]["FTP_USER"])) {
                 $this->user = $wallet[$this->repositoryId]["FTP_USER"];
                 $this->password = $loggedUser->decodeUserPassword($wallet[$this->repositoryId]["FTP_PASS"]);
             }
         }
     }
     // 3. Try from repository config
     if (!isset($this->user) || $this->user == "") {
         $this->user = $repository->getOption("FTP_USER");
         $this->password = $repository->getOption("FTP_PASS");
     }
     // 4. Try from session
     if ((!isset($this->user) || $this->user == "") && isset($_SESSION["AJXP_SESSION_REMOTE_USER"])) {
         $this->user = $_SESSION["AJXP_SESSION_REMOTE_USER"];
         $this->password = $_SESSION["AJXP_SESSION_REMOTE_PASS"];
     }
     if (!isset($this->user) || $this->user == "") {
         throw new AJXP_Exception("Cannot find user/pass for FTP access!");
     }
     if ($repository->getOption("DYNAMIC_FTP") == "TRUE" && isset($_SESSION["AJXP_DYNAMIC_FTP_DATA"])) {
         $data = $_SESSION["AJXP_DYNAMIC_FTP_DATA"];
         $this->host = $data["FTP_HOST"];
         $this->path = $data["PATH"];
         $this->secure = $data["FTP_SECURE"] == "TRUE" ? true : false;
         $this->port = $data["FTP_PORT"] != "" ? intval($data["FTP_PORT"]) : ($this->secure ? 22 : 21);
         $this->ftpActive = $data["FTP_DIRECT"] == "TRUE" ? true : false;
         $this->repoCharset = $data["CHARSET"];
     } else {
         $this->host = $repository->getOption("FTP_HOST");
         $this->path = $repository->getOption("PATH");
         $this->secure = $repository->getOption("FTP_SECURE") == "TRUE" ? true : false;
         $this->port = $repository->getOption("FTP_PORT") != "" ? intval($repository->getOption("FTP_PORT")) : ($this->secure ? 22 : 21);
         $this->ftpActive = $repository->getOption("FTP_DIRECT") == "TRUE" ? true : false;
         $this->repoCharset = $repository->getOption("CHARSET");
     }
     // Test Connexion and server features
     global $_SESSION;
     $cacheKey = $repository->getId() . "_ftpCharset";
     if (!isset($_SESSION[$cacheKey]) || !strlen($_SESSION[$cacheKey])) {
         $features = $this->getServerFeatures();
         if (!isset($_SESSION["AJXP_CHARSET"]) || $_SESSION["AJXP_CHARSET"] == "") {
             $_SESSION["AJXP_CHARSET"] = $features["charset"];
         }
         $_SESSION[$cacheKey] = $_SESSION["AJXP_CHARSET"];
     }
     return $urlParts;
 }
 public function hasFilesToCopy()
 {
     $user = AuthService::getLoggedUser();
     $files = $user->getTemporaryData("tmp_upload");
     return count($files) ? true : false;
 }
 private function commitChanges($path = null)
 {
     $git = new VersionControl_Git($this->repoBase);
     $command = $git->getCommand("add");
     $command->addArgument(".");
     try {
         $cmd = $command->createCommandString();
         $this->logDebug("Git command " . $cmd);
         $res = $command->execute();
     } catch (Exception $e) {
         $this->logDebug("Error " . $e->getMessage());
     }
     $this->logDebug("GIT RESULT ADD : " . $res);
     $command = $git->getCommand("commit");
     $command->setOption("a", true);
     $userId = "no user";
     $mail = "*****@*****.**";
     if (AuthService::getLoggedUser() != null) {
         $userId = AuthService::getLoggedUser()->getId();
         $mail = AuthService::getLoggedUser()->personalRole->filterParameterValue("core.conf", "email", AJXP_REPO_SCOPE_ALL, "*****@*****.**");
     }
     $command->setOption("m", $userId);
     $command->setOption("author", "{$userId} <{$mail}>");
     //$command->addArgument($path);
     try {
         $cmd = $command->createCommandString();
         $this->logDebug("Git command " . $cmd);
         $res = $command->execute();
     } catch (Exception $e) {
         $this->logDebug("Error " . $e->getMessage());
     }
     $this->logDebug("GIT RESULT COMMIT : " . $res);
 }
 /**
  * @param AJXP_Node $node
  */
 public function enrichNode($node)
 {
     if (AuthService::getLoggedUser() == null) {
         return;
     }
     $meta = $this->metaStore->retrieveMetadata($node, self::$META_WATCH_NAMESPACE, false, AJXP_METADATA_SCOPE_REPOSITORY);
     if (is_array($meta) && array_key_exists(AuthService::getLoggedUser()->getId(), $meta)) {
         $node->mergeMetadata(array("meta_watched" => $meta[AuthService::getLoggedUser()->getId()], "overlay_icon" => "meta.watch/ICON_SIZE/watch.png", "overlay_class" => "icon-eye-open"), true);
     }
 }
 private function saveUserData($data)
 {
     $logged = AuthService::getLoggedUser();
     $logged->setPref("meta.quota", $data);
     $logged->save("user");
     AuthService::updateUser($logged);
 }
 /**
  * formats the error message in representable manner
  *
  * @param $message String this is the message to be formatted
  * @param $severity Severity level of the message: one of LOG_LEVEL_* (DEBUG,INFO,NOTICE,WARNING,ERROR)
  * @return String the formatted message.
  */
 function formatMessage($message, $severity)
 {
     $msg = date("m-d-y") . " " . date("G:i:s") . "\t";
     $msg .= $_SERVER['REMOTE_ADDR'];
     $msg .= "\t" . strtoupper($severity) . "\t";
     // Get the user if it exists
     $user = "******";
     if (AuthService::usersEnabled()) {
         $logged = AuthService::getLoggedUser();
         if ($logged != null) {
             $user = $logged->getId();
         } else {
             $user = "******";
         }
     }
     $msg .= "{$user}\t";
     //$msg .= $severity;
     $msg .= "" . $message . "\n";
     return $msg;
 }