From 7f13fce13220550b092d7e8b33a77980eecb8819 Mon Sep 17 00:00:00 2001 From: cdujeu Date: Thu, 9 Jun 2016 11:42:31 +0200 Subject: [PATCH] Remove switchRootDir() method --- .../pydio/Core/Exception/LoginException.php | 46 ++++++++++ .../Exception/WorkspaceForbiddenException.php | 32 +++++++ .../pydio/Core/Http/Cli/AuthCliMiddleware.php | 10 ++- .../pydio/Core/Http/Dav/AuthBackendBasic.php | 24 +++-- .../pydio/Core/Http/Dav/AuthBackendDigest.php | 28 +++++- .../Core/Http/Middleware/AuthMiddleware.php | 6 +- .../Core/Http/Rest/RestAuthMiddleware.php | 10 +-- .../src/pydio/Core/Services/ConfService.php | 90 ------------------- .../pydio/Core/Services/SessionService.php | 13 +++ .../src/pydio/Core/Services/UsersService.php | 21 +++++ .../core/src/pydio/Core/Utils/TextEncoder.php | 44 ++++++--- core/src/core/src/pydio/Core/Utils/Utils.php | 2 +- .../access.ftp/class.ftpAccessWrapper.php | 5 +- .../src/View/MinisiteRenderer.php | 7 +- core/src/worker.php | 14 +-- 15 files changed, 218 insertions(+), 134 deletions(-) create mode 100644 core/src/core/src/pydio/Core/Exception/LoginException.php create mode 100644 core/src/core/src/pydio/Core/Exception/WorkspaceForbiddenException.php diff --git a/core/src/core/src/pydio/Core/Exception/LoginException.php b/core/src/core/src/pydio/Core/Exception/LoginException.php new file mode 100644 index 0000000000..f75a81be16 --- /dev/null +++ b/core/src/core/src/pydio/Core/Exception/LoginException.php @@ -0,0 +1,46 @@ + + * This file is part of Pydio. + * + * Pydio is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Pydio is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with Pydio. If not, see . + * + * The latest code can be found at . + */ +namespace Pydio\Core\Exception; + +defined('AJXP_EXEC') or die('Access not allowed'); + + +class LoginException extends PydioException +{ + private $loginError; + + /** + * LoginException constructor. + * @param integer $errorCode + */ + public function __construct($errorCode) + { + $this->loginError = $errorCode; + parent::__construct("Error while trying to log user", null, $errorCode); + } + + /** + * @return int + */ + public function getLoginError(){ + return $this->loginError; + } +} \ No newline at end of file diff --git a/core/src/core/src/pydio/Core/Exception/WorkspaceForbiddenException.php b/core/src/core/src/pydio/Core/Exception/WorkspaceForbiddenException.php new file mode 100644 index 0000000000..a2484df5e8 --- /dev/null +++ b/core/src/core/src/pydio/Core/Exception/WorkspaceForbiddenException.php @@ -0,0 +1,32 @@ + + * This file is part of Pydio. + * + * Pydio is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Pydio is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with Pydio. If not, see . + * + * The latest code can be found at . + */ +namespace Pydio\Core\Exception; + +defined('AJXP_EXEC') or die('Access not allowed'); + + +class WorkspaceForbiddenException extends PydioException +{ + public function __construct($wsId) + { + parent::__construct("Cannot access to workspace with id/alias ".$wsId, null); + } +} \ No newline at end of file diff --git a/core/src/core/src/pydio/Core/Http/Cli/AuthCliMiddleware.php b/core/src/core/src/pydio/Core/Http/Cli/AuthCliMiddleware.php index df0382ef4f..05a0cd2c59 100644 --- a/core/src/core/src/pydio/Core/Http/Cli/AuthCliMiddleware.php +++ b/core/src/core/src/pydio/Core/Http/Cli/AuthCliMiddleware.php @@ -34,6 +34,7 @@ use Pydio\Core\Services\RepositoryService; use Pydio\Core\Services\RolesService; use Pydio\Core\Services\UsersService; +use Pydio\Core\Utils\TextEncoder; use Pydio\Core\Utils\Utils; use Pydio\Log\Core\AJXP_Logger; use Zend\Diactoros\Response; @@ -165,8 +166,8 @@ public static function handleRequest(ServerRequestInterface $requestInterface, R $responseInterface->getBody()->write("\n--- Impersonating user ".$impersonateUser); try{ $loggedUser = AuthService::logUser($impersonateUser, "empty", true, false, ""); - ConfService::switchRootDir($optRepoId, true); - Controller::registryReset(); + //ConfService::switchRootDir($optRepoId, true); + //Controller::registryReset(); $subResponse = new Response(); $ctx = new Context(); $ctx->setUserObject($loggedUser); @@ -193,13 +194,14 @@ public static function handleRequest(ServerRequestInterface $requestInterface, R }else{ - ConfService::switchRootDir($optRepoId, true); + $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $optRepoId); $ctx = new Context(); $ctx->setUserObject($loggedUser); - $ctx->setRepositoryId($optRepoId); + $ctx->setRepositoryObject($repoObject); $requestInterface = $requestInterface->withAttribute("ctx", $ctx); AJXP_Logger::updateContext($ctx); + TextEncoder::updateContext($ctx); return Server::callNextMiddleWare($requestInterface, $responseInterface, $next); diff --git a/core/src/core/src/pydio/Core/Http/Dav/AuthBackendBasic.php b/core/src/core/src/pydio/Core/Http/Dav/AuthBackendBasic.php index 561f998161..ca4fd14513 100644 --- a/core/src/core/src/pydio/Core/Http/Dav/AuthBackendBasic.php +++ b/core/src/core/src/pydio/Core/Http/Dav/AuthBackendBasic.php @@ -23,12 +23,16 @@ use Pydio\Auth\Core\AJXP_Safe; use Pydio\Core\Exception\LoginException; +use Pydio\Core\Exception\RepositoryLoadException; +use Pydio\Core\Exception\WorkspaceForbiddenException; +use Pydio\Core\Exception\WorkspaceNotFoundException; use Pydio\Core\Model\ContextInterface; use Pydio\Core\Model\UserInterface; use Pydio\Core\Services\AuthService; use Pydio\Core\Services\ConfService; use Pydio\Core\Services\RepositoryService; use Pydio\Core\Services\UsersService; +use Pydio\Core\Utils\TextEncoder; use Pydio\Log\Core\AJXP_Logger; use \Sabre; @@ -116,16 +120,26 @@ public function authenticate(Sabre\DAV\Server $server, $realm) if (ConfService::getCoreConf("SESSION_SET_CREDENTIALS", "auth")) { AJXP_Safe::storeCredentials($this->currentUser, $userpass[1]); } - $repoId = $this->context->getRepositoryId(); - if(isSet($repoId) && RepositoryService::getRepositoryById($repoId)->getContextOption($this->context, "AJXP_WEBDAV_DISABLED") === true){ - throw new Sabre\DAV\Exception\NotAuthenticated('You are not allowed to access this workspace'); + if($this->context->hasRepository()){ + $repoId = $this->context->getRepositoryId(); + try{ + $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $repoId); + }catch (WorkspaceForbiddenException $e){ + throw new Sabre\DAV\Exception\NotAuthenticated('You are not allowed to access this workspace'); + }catch (WorkspaceNotFoundException $e){ + throw new Sabre\DAV\Exception\NotAuthenticated('Could not find workspace!'); + }catch (RepositoryLoadException $e){ + throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace'); + }catch (\Exception $e){ + throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace'); + } + $this->context->setRepositoryObject($repoObject); } - $repoObject = ConfService::switchRootDir($repoId); // NOW UPDATE CONTEXT $this->context->setUserId($this->currentUser); - $this->context->setRepositoryObject($repoObject); AJXP_Logger::updateContext($this->context); + TextEncoder::updateContext($this->context); // the method used here will invalidate the cached password every minute on the minute if (!$cachedPasswordValid) { diff --git a/core/src/core/src/pydio/Core/Http/Dav/AuthBackendDigest.php b/core/src/core/src/pydio/Core/Http/Dav/AuthBackendDigest.php index 37b700ca3c..fd95d63387 100644 --- a/core/src/core/src/pydio/Core/Http/Dav/AuthBackendDigest.php +++ b/core/src/core/src/pydio/Core/Http/Dav/AuthBackendDigest.php @@ -21,7 +21,12 @@ namespace Pydio\Core\Http\Dav; use Pydio\Core\Exception\LoginException; +use Pydio\Core\Exception\RepositoryLoadException; +use Pydio\Core\Exception\WorkspaceForbiddenException; +use Pydio\Core\Exception\WorkspaceNotFoundException; +use Pydio\Core\Services\RepositoryService; use Pydio\Core\Services\UsersService; +use Pydio\Core\Utils\TextEncoder; use \Sabre; use Pydio\Auth\Core\AJXP_Safe; use Pydio\Core\Model\ContextInterface; @@ -107,13 +112,28 @@ public function authenticate(Sabre\DAV\Server $server, $realm) } throw new Sabre\DAV\Exception\NotAuthenticated($errmsg); } - $repoObject = ConfService::switchRootDir($this->repositoryId); + + if($this->context->hasRepository()){ + $repoId = $this->context->getRepositoryId(); + try{ + $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $repoId); + }catch (WorkspaceForbiddenException $e){ + throw new Sabre\DAV\Exception\NotAuthenticated('You are not allowed to access this workspace'); + }catch (WorkspaceNotFoundException $e){ + throw new Sabre\DAV\Exception\NotAuthenticated('Could not find workspace!'); + }catch (RepositoryLoadException $e){ + throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace'); + }catch (\Exception $e){ + throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace'); + } + $this->context->setRepositoryObject($repoObject); + } // NOW UPDATE CONTEXT - $this->context->setUserId($this->currentUser); - $this->context->setRepositoryObject($repoObject); + $this->context->setUserObject($loggedUser); AJXP_Logger::updateContext($this->context); - + TextEncoder::updateContext($this->context); + return true; } diff --git a/core/src/core/src/pydio/Core/Http/Middleware/AuthMiddleware.php b/core/src/core/src/pydio/Core/Http/Middleware/AuthMiddleware.php index 2f4b459b23..458715d327 100644 --- a/core/src/core/src/pydio/Core/Http/Middleware/AuthMiddleware.php +++ b/core/src/core/src/pydio/Core/Http/Middleware/AuthMiddleware.php @@ -126,18 +126,18 @@ protected static function bootSessionServer(ServerRequestInterface &$request){ if($restRepositoryId !== null){ - $repoObject = ConfService::switchRootDir($restRepositoryId); + $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $restRepositoryId); }else{ $repoId = SessionService::getSessionRepositoryId(); if($repoId !== null){ try{ - $repoObject = ConfService::switchRootDir($repoId); + $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $repoId); }catch (\Exception $e){ $previous = SessionService::getPreviousRepositoryId(); if($previous !== null){ - $repoObject = ConfService::switchRootDir($previous); + $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $previous); } } }else{ diff --git a/core/src/core/src/pydio/Core/Http/Rest/RestAuthMiddleware.php b/core/src/core/src/pydio/Core/Http/Rest/RestAuthMiddleware.php index e68e988439..418df460de 100644 --- a/core/src/core/src/pydio/Core/Http/Rest/RestAuthMiddleware.php +++ b/core/src/core/src/pydio/Core/Http/Rest/RestAuthMiddleware.php @@ -24,6 +24,7 @@ use Pydio\Authfront\Core\FrontendsLoader; use Pydio\Core\Exception\NoActiveWorkspaceException; use Pydio\Core\Exception\PydioException; +use Pydio\Core\Exception\WorkspaceForbiddenException; use Pydio\Core\Exception\WorkspaceNotFoundException; use Pydio\Core\Model\Context; use Pydio\Core\Model\ContextInterface; @@ -74,16 +75,13 @@ public static function handleRequest(\Psr\Http\Message\ServerRequestInterface &$ } $repo = array_shift($userRepositories); }else{ - $repo = RepositoryService::findRepositoryByIdOrAlias($repoID); - if ($repo == null) { - throw new WorkspaceNotFoundException($repoID); - } - if(!$ctx->getUser()->canAccessRepository($repo)){ + try{ + $repo = UsersService::getRepositoryWithPermission($ctx->getUser(), $repoID); + }catch (WorkspaceForbiddenException $w){ $responseInterface = $responseInterface->withStatus(401); $responseInterface->getBody()->write('You are not authorized to access this API.'); return $responseInterface; } - ConfService::switchRootDir($repo->getId()); } $ctx->setRepositoryObject($repo); diff --git a/core/src/core/src/pydio/Core/Services/ConfService.php b/core/src/core/src/pydio/Core/Services/ConfService.php index 5bacdcfef9..1fffdb2650 100644 --- a/core/src/core/src/pydio/Core/Services/ConfService.php +++ b/core/src/core/src/pydio/Core/Services/ConfService.php @@ -128,31 +128,6 @@ public static function getErrors() return self::getInstance()->errors; } - public static function getContextCharset(){ - if(self::$useSession) { - if(isSet($_SESSION["AJXP_CHARSET"])) return $_SESSION["AJXP_CHARSET"]; - else return null; - }else { - return self::getInstance()->contextCharset; - } - } - - public static function setContextCharset($value){ - if(self::$useSession){ - $_SESSION["AJXP_CHARSET"] = $value; - }else{ - self::getInstance()->contextCharset = $value; - } - } - - public static function clearContextCharset(){ - if(self::$useSession && isSet($_SESSION["AJXP_CHARSET"])){ - unset($_SESSION["AJXP_CHARSET"]); - }else{ - self::getInstance()->contextCharset = null; - } - } - public static function clearAllCaches(){ PluginsService::clearPluginsCache(); LocaleService::clearMessagesCache(); @@ -305,71 +280,6 @@ public static function getCacheDriverImpl() } - - /** - * See instance method - * @static - * @param $rootDirIndex - * @param bool $temporary - * @return RepositoryInterface - */ - public static function switchRootDir($rootDirIndex, $temporary = false) - { - return self::getInstance()->switchRootDirInst($rootDirIndex, $temporary); - } - - /** - * Switch the current repository - * @param int $rootDirIndex - * @param bool $temporary - * @throws PydioException - * @return RepositoryInterface - */ - public function switchRootDirInst($rootDirIndex=-1, $temporary=false) - { - // TMP - $loggedUser = AuthService::getLoggedUser(); - - $object = RepositoryService::getRepositoryById($rootDirIndex); - if($temporary && ($object == null || !RepositoryService::repositoryIsAccessible($object, $loggedUser))) { - throw new PydioException("Trying to switch to an unauthorized repository"); - } - - if (isSet($this->configs["REPOSITORIES"]) && isSet($this->configs["REPOSITORIES"][$rootDirIndex])) { - $this->configs["REPOSITORY"] = $this->configs["REPOSITORIES"][$rootDirIndex]; - } else { - $this->configs["REPOSITORY"] = RepositoryService::getRepositoryById($rootDirIndex); - } - if(self::$useSession){ - //$_SESSION['REPO_ID'] = $rootDirIndex; - }else{ - $this->contextRepositoryId = $rootDirIndex; - } - if(isSet($this->configs["ACCESS_DRIVER"])) unset($this->configs["ACCESS_DRIVER"]); - - if (isSet($this->configs["REPOSITORY"]) && $this->configs["REPOSITORY"]->getSafeOption("CHARSET")!="") { - self::setContextCharset($this->configs["REPOSITORY"]->getSafeOption("CHARSET")); - } else { - self::clearContextCharset(); - } - - - if ($rootDirIndex!=-1 && UsersService::usersEnabled() && AuthService::getLoggedUser()!=null) { - $loggedUser = AuthService::getLoggedUser(); - $loggedUser->setArrayPref("history", "last_repository", $rootDirIndex); - } - - return $this->configs["REPOSITORY"]; - - } - - - - public function getContextRepositoryId(){ - return self::$useSession ? $_SESSION["REPO_ID"] : $this->contextRepositoryId; - } - - public function invalidateLoadedRepositories() { UsersService::invalidateCache(); diff --git a/core/src/core/src/pydio/Core/Services/SessionService.php b/core/src/core/src/pydio/Core/Services/SessionService.php index 7b60c3f674..35d1adcde6 100644 --- a/core/src/core/src/pydio/Core/Services/SessionService.php +++ b/core/src/core/src/pydio/Core/Services/SessionService.php @@ -146,5 +146,18 @@ public static function invalidateLoadedRepositories() unset($_SESSION["REPOSITORIES"]); } } + + public static function getContextCharset($repositoryId) + { + if (isSet($_SESSION["AJXP_CHARSET"])) return $_SESSION["AJXP_CHARSET"]; + return null; + } + + public static function setContextCharset($repositoryId, $value) + { + if (ConfService::$useSession) { + $_SESSION["AJXP_CHARSET"] = $value; + } + } } \ No newline at end of file diff --git a/core/src/core/src/pydio/Core/Services/UsersService.php b/core/src/core/src/pydio/Core/Services/UsersService.php index e43e08354d..519baf62fb 100644 --- a/core/src/core/src/pydio/Core/Services/UsersService.php +++ b/core/src/core/src/pydio/Core/Services/UsersService.php @@ -22,6 +22,9 @@ use Pydio\Conf\Core\AbstractAjxpUser; use Pydio\Core\Controller\Controller; +use Pydio\Core\Exception\RepositoryLoadException; +use Pydio\Core\Exception\WorkspaceForbiddenException; +use Pydio\Core\Exception\WorkspaceNotFoundException; use Pydio\Core\Model\ContextInterface; use Pydio\Core\Model\FilteredRepositoriesList; use Pydio\Core\Model\RepositoryInterface; @@ -40,6 +43,24 @@ public static function instance(){ return self::$_instance; } + /** + * @param UserInterface $user + * @param string $repositoryId + * @return null|RepositoryInterface + * @throws WorkspaceNotFoundException + * @throws WorkspaceForbiddenException + */ + public static function getRepositoryWithPermission($user, $repositoryId){ + $repo = RepositoryService::findRepositoryByIdOrAlias($repositoryId); + if($repo == null){ + throw new WorkspaceNotFoundException($repositoryId); + } + if(!RepositoryService::repositoryIsAccessible($repo, $user)){ + return new WorkspaceForbiddenException($repositoryId); + } + return $repo; + } + /** * @param UserInterface $user * @param bool $includeShared diff --git a/core/src/core/src/pydio/Core/Utils/TextEncoder.php b/core/src/core/src/pydio/Core/Utils/TextEncoder.php index 8c53a91a93..c895efa4b0 100644 --- a/core/src/core/src/pydio/Core/Utils/TextEncoder.php +++ b/core/src/core/src/pydio/Core/Utils/TextEncoder.php @@ -20,7 +20,9 @@ */ namespace Pydio\Core\Utils; +use Pydio\Core\Model\ContextInterface; use Pydio\Core\Services\ConfService; +use Pydio\Core\Services\SessionService; defined('AJXP_EXEC') or die( 'Access not allowed'); /** @@ -30,6 +32,16 @@ */ class TextEncoder { + /** @var ContextInterface */ + private static $context; + + /** + * @param ContextInterface $ctx + */ + public static function updateContext($ctx){ + self::$context = $ctx; + } + /** * Change the charset of a string from input to output * @static @@ -81,17 +93,27 @@ public static function parseCharset($locale) */ public static function getEncoding() { - if (self::$currentCharsetValue == null) { - $charset = ConfService::getContextCharset(); - if (!empty($charset)) { - // Check if the session get an assigned charset encoding (it's the case for remote SSH for example) - self::$currentCharsetValue = $charset; - } else { - // Get the current locale (expecting the filesystem is in the same locale, as the standard says) - self::$currentCharsetValue = self::parseCharset(setlocale(LC_CTYPE, 0)); - } - } - return self::$currentCharsetValue; + if (self::$currentCharsetValue == null) { + $charset = null; + if (!empty(self::$context) && self::$context->hasRepository()) { + $charset = self::$context->getRepository()->getSafeOption("CHARSET"); + if(empty($charset) && SessionService::getContextCharset(self::$context->getRepositoryId()) !== null){ + $charset = SessionService::getContextCharset(self::$context->getRepositoryId()); + } + } + if (!empty($charset)) { + // Check if the session get an assigned charset encoding (it's the case for remote SSH for example) + self::$currentCharsetValue = $charset; + } else { + // Get the current locale (expecting the filesystem is in the same locale, as the standard says) + self::$currentCharsetValue = self::parseCharset(setlocale(LC_CTYPE, 0)); + if(!empty(self::$context) && self::$context->hasRepository()){ + self::$context->getRepository()->addOption("CHARSET", $charset); + SessionService::setContextCharset(self::$context->getRepositoryId(), $charset); + } + } + } + return self::$currentCharsetValue; } /** * Decode a string from UTF8 to current Charset diff --git a/core/src/core/src/pydio/Core/Utils/Utils.php b/core/src/core/src/pydio/Core/Utils/Utils.php index 6fdf8a284a..a9c9777f18 100644 --- a/core/src/core/src/pydio/Core/Utils/Utils.php +++ b/core/src/core/src/pydio/Core/Utils/Utils.php @@ -429,7 +429,7 @@ public static function parseApplicationGetParameters(ContextInterface $ctx, $par $session["PENDING_FOLDER"] = TextEncoder::toUTF8(Utils::decodeSecureMagic($parameters["folder"])); } } else { - ConfService::switchRootDir($parameters["repository_id"]); + //ConfService::switchRootDir($parameters["repository_id"]); $output["EXT_REP"] = TextEncoder::toUTF8(urldecode($parameters["folder"])); } } diff --git a/core/src/plugins/access.ftp/class.ftpAccessWrapper.php b/core/src/plugins/access.ftp/class.ftpAccessWrapper.php index e7faf5adca..874d3d74f5 100644 --- a/core/src/plugins/access.ftp/class.ftpAccessWrapper.php +++ b/core/src/plugins/access.ftp/class.ftpAccessWrapper.php @@ -29,6 +29,7 @@ use Pydio\Core\Model\RepositoryInterface; use Pydio\Core\Services\ConfService; use Pydio\Core\Exception\PydioException; +use Pydio\Core\Services\SessionService; use Pydio\Core\Utils\Utils; use Pydio\Core\Controller\XMLWriter; use Pydio\Log\Core\AJXP_Logger; @@ -479,9 +480,9 @@ protected function parseUrl($url, $forceLogin = false) $cacheKey = $repository->getId()."_ftpCharset"; if (!isset($_SESSION[$cacheKey]) || !strlen($_SESSION[$cacheKey]) || $forceLogin) { $features = $this->getServerFeatures($node->getContext()); - $ctxCharset = ConfService::getContextCharset(); + $ctxCharset = SessionService::getContextCharset($node->getRepositoryId()); if(empty($ctxCharset)) { - ConfService::setContextCharset($features["charset"]); + SessionService::setContextCharset($node->getRepositoryId(), $features["charset"]); $_SESSION[$cacheKey] = $features["charset"]; }else{ $_SESSION[$cacheKey] = $ctxCharset; diff --git a/core/src/plugins/action.share/src/View/MinisiteRenderer.php b/core/src/plugins/action.share/src/View/MinisiteRenderer.php index e3db474ffc..63070abe39 100644 --- a/core/src/plugins/action.share/src/View/MinisiteRenderer.php +++ b/core/src/plugins/action.share/src/View/MinisiteRenderer.php @@ -28,6 +28,7 @@ use Pydio\Core\Controller\Controller; use Pydio\Core\Services\LocaleService; use Pydio\Core\Services\RepositoryService; +use Pydio\Core\Services\UsersService; use Pydio\Core\Utils\Utils; use Pydio\Core\Controller\XMLWriter; use Pydio\Core\Controller\HTMLWriter; @@ -111,9 +112,9 @@ public static function loadMinisite($data, $hash = '', $error = null) session_start(); AuthService::disconnect(); } - + $loggedUser = null; if (!empty($data["PRELOG_USER"])) { - AuthService::logUser($data["PRELOG_USER"], "", true); + $loggedUser = AuthService::logUser($data["PRELOG_USER"], "", true); $html = str_replace("AJXP_PRELOGED_USER", "ajxp_preloged_user", $html); } else if(isSet($data["PRESET_LOGIN"])) { $_SESSION["PENDING_REPOSITORY_ID"] = $repository; @@ -127,7 +128,7 @@ public static function loadMinisite($data, $hash = '', $error = null) } if(isSet($_GET["dl"]) && isSet($_GET["file"]) && (!isSet($data["DOWNLOAD_DISABLED"]) || $data["DOWNLOAD_DISABLED"] === false)){ - ConfService::switchRootDir($repository); + $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $repository); PluginsService::getInstance(Context::emptyContext()); $errMessage = null; try { diff --git a/core/src/worker.php b/core/src/worker.php index f7b7dfef61..82db0366b4 100644 --- a/core/src/worker.php +++ b/core/src/worker.php @@ -24,6 +24,7 @@ use Pydio\Core\Controller\Controller; use Pydio\Core\Controller\ShutdownScheduler; use Pydio\Core\PluginFramework\PluginsService; +use Pydio\Core\Services\RepositoryService; use Pydio\Tasks\Schedule; use Pydio\Tasks\Task; @@ -59,19 +60,22 @@ function applyTask($task, $logger){ print($userId." - ".$repoId." - ".$actionName." - \n"); $logger->debug("Log User"); - AuthService::logUser($userId, "", true); + $user = AuthService::logUser($userId, "", true); $logger->debug("Find Repo"); if($repoId == 'pydio'){ - ConfService::switchRootDir(); - $repo = ConfService::getRepository(); + $userRepositories = \Pydio\Core\Services\UsersService::getRepositoriesForUser($user); + if(empty($userRepositories)){ + throw new \Pydio\Core\Exception\NoActiveWorkspaceException(); + } + $repo = array_shift($userRepositories); }else{ - $repo = ConfService::findRepositoryByIdOrAlias($repoId); + $repo = RepositoryService::findRepositoryByIdOrAlias($repoId); if ($repo == null) { \Pydio\Tasks\TaskService::getInstance()->updateTaskStatus($task->getId(), Task::STATUS_FAILED, "Cannot find repository"); $logger->error("Cannot find repository with ID ".$repoId); return; } - ConfService::switchRootDir($repo->getId()); + //ConfService::switchRootDir($repo->getId()); } $logger->debug("Init plugins"); $newCtx = \Pydio\Core\Model\Context::contextWithObjects(AuthService::getLoggedUser(), $repo);