示例#1
0
 /**
  * Plugin that adds a 'Content-Disposition: attachment' header to all files
  * delivered by SabreDAV.
  * @param RequestInterface $request
  * @param ResponseInterface $response
  */
 function httpGet(RequestInterface $request, ResponseInterface $response)
 {
     // Only handle valid files
     $node = $this->tree->getNodeForPath($request->getPath());
     if (!$node instanceof IFile) {
         return;
     }
     $response->addHeader('Content-Disposition', 'attachment');
 }
示例#2
0
文件: auth.php 项目: mnefedov/core
 /**
  * @param RequestInterface $request
  * @param ResponseInterface $response
  * @return array
  */
 private function auth(RequestInterface $request, ResponseInterface $response)
 {
     if (\OC_User::handleApacheAuth() || $this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED)) || $this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null) {
         $user = $this->userSession->getUser()->getUID();
         \OC_Util::setupFS($user);
         $this->currentUser = $user;
         $this->session->close();
         return [true, $this->principalPrefix . $user];
     }
     if (!$this->userSession->isLoggedIn() && in_array('XMLHttpRequest', explode(',', $request->getHeader('X-Requested-With')))) {
         // do not re-authenticate over ajax, use dummy auth name to prevent browser popup
         $response->addHeader('WWW-Authenticate', 'DummyBasic realm="' . $this->realm . '"');
         $response->setStatus(401);
         throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
     }
     return parent::check($request, $response);
 }
示例#3
0
 /**
  * @param RequestInterface $request
  * @param ResponseInterface $response
  * @return array
  * @throws NotAuthenticated
  */
 private function auth(RequestInterface $request, ResponseInterface $response)
 {
     $forcedLogout = false;
     if (!$this->request->passesCSRFCheck() && $this->requiresCSRFCheck()) {
         // In case of a fail with POST we need to recheck the credentials
         if ($this->request->getMethod() === 'POST') {
             $forcedLogout = true;
         } else {
             $response->setStatus(401);
             throw new \Sabre\DAV\Exception\NotAuthenticated('CSRF check not passed.');
         }
     }
     if ($forcedLogout) {
         $this->userSession->logout();
     } else {
         if ($this->twoFactorManager->needsSecondFactor()) {
             throw new \Sabre\DAV\Exception\NotAuthenticated('2FA challenge not passed.');
         }
         if (\OC_User::handleApacheAuth() || $this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED)) || $this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null) {
             $user = $this->userSession->getUser()->getUID();
             \OC_Util::setupFS($user);
             $this->currentUser = $user;
             $this->session->close();
             return [true, $this->principalPrefix . $user];
         }
     }
     if (!$this->userSession->isLoggedIn() && in_array('XMLHttpRequest', explode(',', $request->getHeader('X-Requested-With')))) {
         // do not re-authenticate over ajax, use dummy auth name to prevent browser popup
         $response->addHeader('WWW-Authenticate', 'DummyBasic realm="' . $this->realm . '"');
         $response->setStatus(401);
         throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
     }
     $data = parent::check($request, $response);
     if ($data[0] === true) {
         $startPos = strrpos($data[1], '/') + 1;
         $user = $this->userSession->getUser()->getUID();
         $data[1] = substr_replace($data[1], $user, $startPos);
     }
     return $data;
 }
示例#4
0
 /**
  * Add headers to file download
  *
  * @param RequestInterface $request
  * @param ResponseInterface $response
  */
 function httpGet(RequestInterface $request, ResponseInterface $response)
 {
     // Only handle valid files
     $node = $this->tree->getNodeForPath($request->getPath());
     if (!$node instanceof IFile) {
         return;
     }
     // adds a 'Content-Disposition: attachment' header
     if ($this->downloadAttachment) {
         $filename = $node->getName();
         if ($this->request->isUserAgent([\OC\AppFramework\Http\Request::USER_AGENT_IE, \OC\AppFramework\Http\Request::USER_AGENT_ANDROID_MOBILE_CHROME, \OC\AppFramework\Http\Request::USER_AGENT_FREEBOX])) {
             $response->addHeader('Content-Disposition', 'attachment; filename="' . rawurlencode($filename) . '"');
         } else {
             $response->addHeader('Content-Disposition', 'attachment; filename*=UTF-8\'\'' . rawurlencode($filename) . '; filename="' . rawurlencode($filename) . '"');
         }
     }
     if ($node instanceof \OCA\DAV\Connector\Sabre\File) {
         //Add OC-Checksum header
         /** @var $node File */
         $checksum = $node->getChecksum();
         if ($checksum !== null && $checksum !== '') {
             $response->addHeader('OC-Checksum', $checksum);
         }
     }
 }
示例#5
0
 /**
  * Add headers to file download
  *
  * @param RequestInterface $request
  * @param ResponseInterface $response
  */
 function httpGet(RequestInterface $request, ResponseInterface $response)
 {
     // Only handle valid files
     $node = $this->tree->getNodeForPath($request->getPath());
     if (!$node instanceof IFile) {
         return;
     }
     // adds a 'Content-Disposition: attachment' header
     $response->addHeader('Content-Disposition', 'attachment');
     //Add OC-Checksum header
     /** @var $node File */
     $checksum = $node->getChecksum();
     if ($checksum !== null) {
         $response->addHeader('OC-Checksum', $checksum);
     }
 }