Skip to content
This repository has been archived by the owner on Nov 25, 2020. It is now read-only.

Commit

Permalink
Remove switchRootDir() method
Browse files Browse the repository at this point in the history
  • Loading branch information
@cdujeu
cdujeu committed Jun 9, 2016
1 parent 7821c62 commit 7f13fce
Show file tree
Hide file tree
Showing 15 changed files with 218 additions and 134 deletions.
46 changes: 46 additions & 0 deletions core/src/core/src/pydio/Core/Exception/LoginException.php
View file
@@ -0,0 +1,46 @@
<?php
/*
* Copyright 2007-2016 Abstrium <contact (at) pydio.com>
* This file is part of Pydio.
*
* Pydio is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Pydio is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with Pydio. If not, see <http://www.gnu.org/licenses/>.
*
* The latest code can be found at <https://pydio.com/>.
*/
namespace Pydio\Core\Exception;

defined('AJXP_EXEC') or die('Access not allowed');


class LoginException extends PydioException
{
private $loginError;

/**
* LoginException constructor.
* @param integer $errorCode
*/
public function __construct($errorCode)
{
$this->loginError = $errorCode;
parent::__construct("Error while trying to log user", null, $errorCode);
}

/**
* @return int
*/
public function getLoginError(){
return $this->loginError;
}
}
32 changes: 32 additions & 0 deletions core/src/core/src/pydio/Core/Exception/WorkspaceForbiddenException.php
View file
@@ -0,0 +1,32 @@
<?php
/*
* Copyright 2007-2016 Abstrium <contact (at) pydio.com>
* This file is part of Pydio.
*
* Pydio is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Pydio is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with Pydio. If not, see <http://www.gnu.org/licenses/>.
*
* The latest code can be found at <https://pydio.com/>.
*/
namespace Pydio\Core\Exception;

defined('AJXP_EXEC') or die('Access not allowed');


class WorkspaceForbiddenException extends PydioException
{
public function __construct($wsId)
{
parent::__construct("Cannot access to workspace with id/alias ".$wsId, null);
}
}
10 changes: 6 additions & 4 deletions core/src/core/src/pydio/Core/Http/Cli/AuthCliMiddleware.php
View file
Expand Up @@ -34,6 +34,7 @@
use Pydio\Core\Services\RepositoryService;
use Pydio\Core\Services\RolesService;
use Pydio\Core\Services\UsersService;
use Pydio\Core\Utils\TextEncoder;
use Pydio\Core\Utils\Utils;
use Pydio\Log\Core\AJXP_Logger;
use Zend\Diactoros\Response;
Expand Down Expand Up @@ -165,8 +166,8 @@ public static function handleRequest(ServerRequestInterface $requestInterface, R
$responseInterface->getBody()->write("\n--- Impersonating user ".$impersonateUser);
try{
$loggedUser = AuthService::logUser($impersonateUser, "empty", true, false, "");
ConfService::switchRootDir($optRepoId, true);
Controller::registryReset();
//ConfService::switchRootDir($optRepoId, true);
//Controller::registryReset();
$subResponse = new Response();
$ctx = new Context();
$ctx->setUserObject($loggedUser);
Expand All @@ -193,13 +194,14 @@ public static function handleRequest(ServerRequestInterface $requestInterface, R

}else{

ConfService::switchRootDir($optRepoId, true);
$repoObject = UsersService::getRepositoryWithPermission($loggedUser, $optRepoId);

$ctx = new Context();
$ctx->setUserObject($loggedUser);
$ctx->setRepositoryId($optRepoId);
$ctx->setRepositoryObject($repoObject);
$requestInterface = $requestInterface->withAttribute("ctx", $ctx);
AJXP_Logger::updateContext($ctx);
TextEncoder::updateContext($ctx);

return Server::callNextMiddleWare($requestInterface, $responseInterface, $next);

Expand Down
24 changes: 19 additions & 5 deletions core/src/core/src/pydio/Core/Http/Dav/AuthBackendBasic.php
View file
Expand Up @@ -23,12 +23,16 @@

use Pydio\Auth\Core\AJXP_Safe;
use Pydio\Core\Exception\LoginException;
use Pydio\Core\Exception\RepositoryLoadException;
use Pydio\Core\Exception\WorkspaceForbiddenException;
use Pydio\Core\Exception\WorkspaceNotFoundException;
use Pydio\Core\Model\ContextInterface;
use Pydio\Core\Model\UserInterface;
use Pydio\Core\Services\AuthService;
use Pydio\Core\Services\ConfService;
use Pydio\Core\Services\RepositoryService;
use Pydio\Core\Services\UsersService;
use Pydio\Core\Utils\TextEncoder;
use Pydio\Log\Core\AJXP_Logger;
use \Sabre;

Expand Down Expand Up @@ -116,16 +120,26 @@ public function authenticate(Sabre\DAV\Server $server, $realm)
if (ConfService::getCoreConf("SESSION_SET_CREDENTIALS", "auth")) {
AJXP_Safe::storeCredentials($this->currentUser, $userpass[1]);
}
$repoId = $this->context->getRepositoryId();
if(isSet($repoId) && RepositoryService::getRepositoryById($repoId)->getContextOption($this->context, "AJXP_WEBDAV_DISABLED") === true){
throw new Sabre\DAV\Exception\NotAuthenticated('You are not allowed to access this workspace');
if($this->context->hasRepository()){
$repoId = $this->context->getRepositoryId();
try{
$repoObject = UsersService::getRepositoryWithPermission($loggedUser, $repoId);
}catch (WorkspaceForbiddenException $e){
throw new Sabre\DAV\Exception\NotAuthenticated('You are not allowed to access this workspace');
}catch (WorkspaceNotFoundException $e){
throw new Sabre\DAV\Exception\NotAuthenticated('Could not find workspace!');
}catch (RepositoryLoadException $e){
throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace');
}catch (\Exception $e){
throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace');
}
$this->context->setRepositoryObject($repoObject);
}
$repoObject = ConfService::switchRootDir($repoId);

// NOW UPDATE CONTEXT
$this->context->setUserId($this->currentUser);
$this->context->setRepositoryObject($repoObject);
AJXP_Logger::updateContext($this->context);
TextEncoder::updateContext($this->context);

// the method used here will invalidate the cached password every minute on the minute
if (!$cachedPasswordValid) {
Expand Down
28 changes: 24 additions & 4 deletions core/src/core/src/pydio/Core/Http/Dav/AuthBackendDigest.php
View file
Expand Up @@ -21,7 +21,12 @@
namespace Pydio\Core\Http\Dav;

use Pydio\Core\Exception\LoginException;
use Pydio\Core\Exception\RepositoryLoadException;
use Pydio\Core\Exception\WorkspaceForbiddenException;
use Pydio\Core\Exception\WorkspaceNotFoundException;
use Pydio\Core\Services\RepositoryService;
use Pydio\Core\Services\UsersService;
use Pydio\Core\Utils\TextEncoder;
use \Sabre;
use Pydio\Auth\Core\AJXP_Safe;
use Pydio\Core\Model\ContextInterface;
Expand Down Expand Up @@ -107,13 +112,28 @@ public function authenticate(Sabre\DAV\Server $server, $realm)
}
throw new Sabre\DAV\Exception\NotAuthenticated($errmsg);
}
$repoObject = ConfService::switchRootDir($this->repositoryId);

if($this->context->hasRepository()){
$repoId = $this->context->getRepositoryId();
try{
$repoObject = UsersService::getRepositoryWithPermission($loggedUser, $repoId);
}catch (WorkspaceForbiddenException $e){
throw new Sabre\DAV\Exception\NotAuthenticated('You are not allowed to access this workspace');
}catch (WorkspaceNotFoundException $e){
throw new Sabre\DAV\Exception\NotAuthenticated('Could not find workspace!');
}catch (RepositoryLoadException $e){
throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace');
}catch (\Exception $e){
throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace');
}
$this->context->setRepositoryObject($repoObject);
}

// NOW UPDATE CONTEXT
$this->context->setUserId($this->currentUser);
$this->context->setRepositoryObject($repoObject);
$this->context->setUserObject($loggedUser);
AJXP_Logger::updateContext($this->context);

TextEncoder::updateContext($this->context);

return true;
}

Expand Down
6 changes: 3 additions & 3 deletions core/src/core/src/pydio/Core/Http/Middleware/AuthMiddleware.php
View file
Expand Up @@ -126,18 +126,18 @@ protected static function bootSessionServer(ServerRequestInterface &$request){

if($restRepositoryId !== null){

$repoObject = ConfService::switchRootDir($restRepositoryId);
$repoObject = UsersService::getRepositoryWithPermission($loggedUser, $restRepositoryId);

}else{

$repoId = SessionService::getSessionRepositoryId();
if($repoId !== null){
try{
$repoObject = ConfService::switchRootDir($repoId);
$repoObject = UsersService::getRepositoryWithPermission($loggedUser, $repoId);
}catch (\Exception $e){
$previous = SessionService::getPreviousRepositoryId();
if($previous !== null){
$repoObject = ConfService::switchRootDir($previous);
$repoObject = UsersService::getRepositoryWithPermission($loggedUser, $previous);
}
}
}else{
Expand Down
10 changes: 4 additions & 6 deletions core/src/core/src/pydio/Core/Http/Rest/RestAuthMiddleware.php
View file
Expand Up @@ -24,6 +24,7 @@
use Pydio\Authfront\Core\FrontendsLoader;
use Pydio\Core\Exception\NoActiveWorkspaceException;
use Pydio\Core\Exception\PydioException;
use Pydio\Core\Exception\WorkspaceForbiddenException;
use Pydio\Core\Exception\WorkspaceNotFoundException;
use Pydio\Core\Model\Context;
use Pydio\Core\Model\ContextInterface;
Expand Down Expand Up @@ -74,16 +75,13 @@ public static function handleRequest(\Psr\Http\Message\ServerRequestInterface &$
}
$repo = array_shift($userRepositories);
}else{
$repo = RepositoryService::findRepositoryByIdOrAlias($repoID);
if ($repo == null) {
throw new WorkspaceNotFoundException($repoID);
}
if(!$ctx->getUser()->canAccessRepository($repo)){
try{
$repo = UsersService::getRepositoryWithPermission($ctx->getUser(), $repoID);
}catch (WorkspaceForbiddenException $w){
$responseInterface = $responseInterface->withStatus(401);
$responseInterface->getBody()->write('You are not authorized to access this API.');
return $responseInterface;
}
ConfService::switchRootDir($repo->getId());
}

$ctx->setRepositoryObject($repo);
Expand Down
90 changes: 0 additions & 90 deletions core/src/core/src/pydio/Core/Services/ConfService.php
View file
Expand Up @@ -128,31 +128,6 @@ public static function getErrors()
return self::getInstance()->errors;
}

public static function getContextCharset(){
if(self::$useSession) {
if(isSet($_SESSION["AJXP_CHARSET"])) return $_SESSION["AJXP_CHARSET"];
else return null;
}else {
return self::getInstance()->contextCharset;
}
}

public static function setContextCharset($value){
if(self::$useSession){
$_SESSION["AJXP_CHARSET"] = $value;
}else{
self::getInstance()->contextCharset = $value;
}
}

public static function clearContextCharset(){
if(self::$useSession && isSet($_SESSION["AJXP_CHARSET"])){
unset($_SESSION["AJXP_CHARSET"]);
}else{
self::getInstance()->contextCharset = null;
}
}

public static function clearAllCaches(){
PluginsService::clearPluginsCache();
LocaleService::clearMessagesCache();
Expand Down Expand Up @@ -305,71 +280,6 @@ public static function getCacheDriverImpl()
}



/**
* See instance method
* @static
* @param $rootDirIndex
* @param bool $temporary
* @return RepositoryInterface
*/
public static function switchRootDir($rootDirIndex, $temporary = false)
{
return self::getInstance()->switchRootDirInst($rootDirIndex, $temporary);
}

/**
* Switch the current repository
* @param int $rootDirIndex
* @param bool $temporary
* @throws PydioException
* @return RepositoryInterface
*/
public function switchRootDirInst($rootDirIndex=-1, $temporary=false)
{
// TMP
$loggedUser = AuthService::getLoggedUser();

$object = RepositoryService::getRepositoryById($rootDirIndex);
if($temporary && ($object == null || !RepositoryService::repositoryIsAccessible($object, $loggedUser))) {
throw new PydioException("Trying to switch to an unauthorized repository");
}

if (isSet($this->configs["REPOSITORIES"]) && isSet($this->configs["REPOSITORIES"][$rootDirIndex])) {
$this->configs["REPOSITORY"] = $this->configs["REPOSITORIES"][$rootDirIndex];
} else {
$this->configs["REPOSITORY"] = RepositoryService::getRepositoryById($rootDirIndex);
}
if(self::$useSession){
//$_SESSION['REPO_ID'] = $rootDirIndex;
}else{
$this->contextRepositoryId = $rootDirIndex;
}
if(isSet($this->configs["ACCESS_DRIVER"])) unset($this->configs["ACCESS_DRIVER"]);

if (isSet($this->configs["REPOSITORY"]) && $this->configs["REPOSITORY"]->getSafeOption("CHARSET")!="") {
self::setContextCharset($this->configs["REPOSITORY"]->getSafeOption("CHARSET"));
} else {
self::clearContextCharset();
}


if ($rootDirIndex!=-1 && UsersService::usersEnabled() && AuthService::getLoggedUser()!=null) {
$loggedUser = AuthService::getLoggedUser();
$loggedUser->setArrayPref("history", "last_repository", $rootDirIndex);
}

return $this->configs["REPOSITORY"];

}



public function getContextRepositoryId(){
return self::$useSession ? $_SESSION["REPO_ID"] : $this->contextRepositoryId;
}


public function invalidateLoadedRepositories()
{
UsersService::invalidateCache();
Expand Down
13 changes: 13 additions & 0 deletions core/src/core/src/pydio/Core/Services/SessionService.php
View file
Expand Up @@ -146,5 +146,18 @@ public static function invalidateLoadedRepositories()
unset($_SESSION["REPOSITORIES"]);
}
}

public static function getContextCharset($repositoryId)
{
if (isSet($_SESSION["AJXP_CHARSET"])) return $_SESSION["AJXP_CHARSET"];
return null;
}

public static function setContextCharset($repositoryId, $value)
{
if (ConfService::$useSession) {
$_SESSION["AJXP_CHARSET"] = $value;
}
}

}

0 comments on commit 7f13fce

Please sign in to comment.