Skip to content
Fetching contributors…
Cannot retrieve contributors at this time
285 lines (229 sloc) 6.83 KB
<% /**
* Copyright (C) 2008 10gen Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ %>
<%
var log = log.webdav;
log.level = log.LEVEL.ERROR;
core.user.auth();
core.content.xml();
var method = request.getMethod();
log.debug( "-----" );
log.debug( "entering webdav" );
log.info( request.getRawHeader() );
if ( method == "OPTIONS" ){
// OPTIONS bypases security b/c some clients need it
response.setHeader( "Allow" , "OPTIONS,GET,PROPFIND,PUT,PROPPATCH,LOCK,UNLOCK" );
response.setHeader( "Dav" , "1,2" );
response.setHeader( "MS-Author-Via" , "DAV" );
log.debug( response );
return;
}
var user = Auth.getUser( request );
if ( ! user ) {
log.debug( "no user" );
return Auth.reject( request , response );
}
if ( ! user.isAdmin() ){
log.debug( "not admin" );
return Auth.reject( request , response );
}
request.applyServletParams( /(.(?:_|~~.)webdav)(.*)/ , [ "root" , "file" ] );
var root = request.root;
if ( request.file == null){
request.applyServletParams( /(.*)/ , [ "file" ] );
root = "";
}
log.debug( "file:" + request.file );
var theFile = openFile( request.file || "/");
if(isRestricted(theFile)) {
response.setResponseCode( 403 );
return;
}
if ( method == "PROPFIND" ){
if ( theFile.exists() ){
response.setResponseCode( 207 );
response.setHeader( "Content-Type" , "text/xml; charset=iso-8859-1" );
xmlHeader();
var ms = davMultiStatus();
propfind( ms , request.file , theFile, request.getIntHeader( "Depth" , 1 ) );
var xmlToPrint = "";
function nonbreakingPrinter(str) {
xmlToPrint += str;
}
xml.to(nonbreakingPrinter, null, ms, 0, false);
print(xmlToPrint);
//xml.to( print , null , ms );
}
else {
response.setResponseCode( 404 );
}
}
else if ( method == "PROPPATCH" ){
// TODO
}
else if ( method == "PROPFIND" ){
// TODO
}
else if ( method == "GET" ){
if ( theFile.exists() ){
if ( theFile.isDirectory() ){
}
else {
log.debug( "sending " + theFile + " length::" + theFile.length );
response.sendFile( theFile );
}
}
else
response.setResponseCode( 404 );
}
else if ( method == "DELETE" ){
if ( theFile.exists() ){
if ( ! theFile.remove( true ) ){
throw "couldn't delete : " + theFile;
}
}
else {
response.setResponseCode( 404 );
}
}
else if ( method == "MKCOL" ){
if ( theFile.exists() ){
response.setResponseCode( 405 );
}
else {
if ( ! theFile.mkdirs() ){
throw "can't make directory : " + theFile;
}
}
}
else if ( method == "PUT" || method == "POST" ){
var pd = request.getPostData();
log.debug( "PUT : pd=" + ( ! ( ! pd ) ) );
if ( ! pd ){
theFile.touch();
}
else {
try {
log.debug( "writing to " + theFile );
pd.writeTo( theFile );
}
catch ( e ){
throw "couldn't do PUT of [" + theFile + "] b/c : " + e;
}
response.setResponseCode( 201 );
}
}
else if ( method == "MOVE" ){
var to = request.getHeader( "Destination" );
if ( ! to )
throw ( "no to" );
log.debug( "a:" + to );
to = to.replace( /^https?:..[^\/]+/ , "" );
log.debug( "b:" + to );
to = to.replace( /\/~~.webdav/ , "" );
log.debug( "c:" + to );
var toFile = openFile( to );
if(isRestricted(toFile)) {
response.setResponseCode( 403 );
return;
}
theFile.renameTo( toFile );
}
else if ( method == "LOCK" ){
xmlHeader();
var myLock = lock( theFile );
xml.to( print , null , myLock.obj );
response.setHeader( "Lock-Token" , "<" + myLock.token + ">" );
}
else if ( method == "UNLOCK" ) {
}
else {
throw "can't handle : " + method;
}
function xmlHeader(){
response.getJxpWriter().reset();
print( "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" );
}
function davMultiStatus(){
var o = Array();
o._name = "D:multistatus";
o._props = {};
o._props["xmlns:D"] = "DAV:";
return o;
}
function davResponse(){
var o = Array();
o._name = "D:response";
o._props = {};
o._props["xmlns:lp1"] = "DAV:";
o._props["xmlns:lp2"] = "http://apache.org/dav/props/";
return o;
}
function propfind( msg , uri , f , depth ){
if ( ! depth )
depth = 0;
if ( ! f || ! f.exists() )
return;
var r = davResponse();
msg.push( r );
r["D:href"] = root + uri;
var ps = Object();
r["D:propstat"] = ps;
var prop = {
"lp1:getlastmodified" : f.lastModified().webFormat() ,
"lp1:getetag" : f.lastModified().getTime()
};
ps["D:prop"] = prop;
if ( f.isDirectory() ){
prop["lp1:resourcetype"] = { "D:collection" : null };
prop["D:getcontenttype"] = "httpd/unix-directory";
if ( depth > 0 ){
var children = f.listFiles();
for ( var i=0; i<children.length; i++ ){
if(isRestricted(children[i]))
continue;
var nextURI = uri;
if ( ! nextURI.endsWith( "/" ) )
nextURI += "/";
nextURI += children[i].getName();
propfind( msg , nextURI , children[i] , depth - 1 );
}
}
}
else {
prop["lp1:resourcetype"] = null;
prop["D:getcontenttype"] = "text/plain";
prop["lp1:getcontentlength"] = f.length;
}
prop["D:supportedlock"] = null;
prop["D:lockdiscovery"] = null;
ps["D:status"] = "HTTP/1.1 200 OK";
}
function lock( file ){
var prop = { _name : "D:prop" , _props : { "xmlns:D" : "DAV:" } };
var myLock = {};
prop["D:lockdiscovery"] = { "D:activelock" : myLock };
myLock["D:locktype"] = { "D:write" : null };
myLock["D:lockscope"] = { "D:exclusive" : null };
myLock["D:depth"] = { "infinity" : null };
var token = "opaquelocktoken:" + Math.random();
myLock["D:locktoken"] = { "D:href" : token };
//<ns0:owner xmlns:ns0="DAV:"><ns0:href>erh-x61s\erh</ns0:href></ns0:owner><D:timeout>Second-3600</D:timeout>
return { obj : prop , token : token };
}
function isRestricted(f) {
return ".git" == f.getName();
}
%>
Jump to Line
Something went wrong with that request. Please try again.