Permalink
Browse files

Manage shares via TopLevel router

  • Loading branch information...
1 parent 7f73957 commit 0aaebb053d15411a15d772aa31aadd3f16024d63 @cdujeu cdujeu committed May 25, 2016
@@ -110,7 +110,10 @@ public function route(){
switch ($routeInfo[0]) {
case \FastRoute\Dispatcher::FOUND:
$data = $routeInfo[1];
- call_user_func(array($data["class"], $data["method"]), $data["short"]);
+ if(isSet($data["path"])){
+ require_once (AJXP_INSTALL_PATH."/".$data["path"]);
+ }
+ call_user_func(array($data["class"], $data["method"]), $data["short"], $routeInfo[2]);
break;
case \FastRoute\Dispatcher::NOT_FOUND:
default:
@@ -216,7 +216,6 @@ public static function render($data, $options, $shareStore){
public function writePubliclet(&$data, $accessDriver, $repository, $shareStore, $publicAccessManager)
{
$downloadFolder = $publicAccessManager->getPublicDownloadFolder();
- $publicAccessManager->initFolder();
if (!is_dir($downloadFolder)) {
return "ERROR : Public URL folder does not exist!";
}
@@ -52,7 +52,7 @@ public static function loadMinisite($data, $hash = '', $error = null)
if (strpos($logoPath, "plugins/") === 0 && is_file(AJXP_INSTALL_PATH."/".$logoPath)) {
$minisiteLogo = $logoPath;
}else{
- $minisiteLogo = "index_shared.php?get_action=get_global_binary_param&binary_id=". $logoPath;
+ $minisiteLogo = "public/?get_action=get_global_binary_param&binary_id=". $logoPath;
}
}
// Default value
@@ -189,8 +189,12 @@ public static function loadMinisite($data, $hash = '', $error = null)
if($registeredScheme != $currentScheme){
$tPath = str_replace($registeredScheme."://", $currentScheme."://", $tPath);
}
-
- $html = str_replace("AJXP_PATH_TO_ROOT", rtrim($tPath, "/")."/", $html);
+ global $skipHtmlBase;
+ if(!empty($skipHtmlBase)){
+ $html = str_replace("<base href=\"AJXP_PATH_TO_ROOT\"/>", "", $html);
+ }else{
+ $html = str_replace("AJXP_PATH_TO_ROOT", rtrim($tPath, "/")."/", $html);
+ }
HTMLWriter::internetExplorerMainDocumentHeader();
HTMLWriter::charsetHeader();
echo($html);
@@ -39,48 +39,7 @@ class PublicAccessManager
public function __construct($options){
$this->options = $options;
}
-
- /**
- * Initialize download folder if not already done
- */
- public function initFolder()
- {
- $downloadFolder = $this->getPublicDownloadFolder();
- $downloadUrl = $this->getPublicDownloadUrl();
- if (is_file($downloadFolder."/grid_t.png")) {
- return;
- }
- $pDir = dirname(__FILE__);
- $messages = ConfService::getMessages();
- $sTitle = sprintf($messages["action.share.1"], ConfService::getCoreConf("APPLICATION_TITLE"));
- $sLegend = $messages["action.share.20"];
-
- @copy($pDir."/res/dl.png", $downloadFolder."/dl.png");
- @copy($pDir."/res/favi.png", $downloadFolder."/favi.png");
- @copy($pDir."/res/grid_t.png", $downloadFolder."/grid_t.png");
- @copy($pDir."/res/button_cancel.png", $downloadFolder."/button_cancel.png");
- @copy(AJXP_INSTALL_PATH."/server/index.html", $downloadFolder."/index.html");
- $htaccessContent = "Order Deny,Allow\nAllow from all\n";
- $htaccessContent .= "\n<Files \".ajxp_*\">\ndeny from all\n</Files>\n";
- $path = parse_url($downloadUrl, PHP_URL_PATH);
- $htaccessContent .= '
- <IfModule mod_rewrite.c>
- RewriteEngine on
- RewriteBase '.$path.'
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteRule ^([.a-zA-Z0-9_-]+)\.php$ share.php?hash=$1 [QSA]
- RewriteRule ^([.a-zA-Z0-9_-]+)--([a-z-]+)$ share.php?hash=$1&lang=$2 [QSA]
- RewriteRule ^([.a-zA-Z0-9_-]+)$ share.php?hash=$1 [QSA]
- </IfModule>
- ';
- file_put_contents($downloadFolder."/.htaccess", $htaccessContent);
- $content404 = file_get_contents($pDir."/res/404.html");
- $content404 = str_replace(array("AJXP_MESSAGE_TITLE", "AJXP_MESSAGE_LEGEND"), array($sTitle, $sLegend), $content404);
- file_put_contents($downloadFolder."/404.html", $content404);
-
- }
-
+
/**
* Compute external link from the given hash
* @param string $hash
@@ -154,6 +154,44 @@ protected function parseSpecificContributions(&$contribNode)
}
}
+
+ /**************************/
+ /* PUBLIC LINKS ROUTER
+ /**************************/
+ public static function publicRoute($route, $params){
+
+ if(isSet($params["hash"])){
+
+ $hash = $params["hash"];
+ if(strpos($hash, "--") !== false){
+ list($hash, $lang) = explode("--", $hash);
+ }
+
+ ConfService::init();
+ ConfService::start();
+ if(isSet($lang)){
+ $_GET["lang"] = $lang;
+ }
+ ConfService::getAuthDriverImpl();
+
+ ShareCenter::loadShareByHash($hash);
+
+ }else if(isSet($_GET['minisite_session'])){
+
+ $base = new \Pydio\Core\Http\Base();
+ $h = $_GET['minisite_session'];
+ \Pydio\Core\Services\SessionService::setSessionName("AjaXplorer_Shared".str_replace(".","_",$h));
+
+ $base->handleRoute("/");
+
+ }else{
+
+ die("Invalid Arguments");
+
+ }
+ }
+
+
/**************************/
/* UTILS & ACCESSORS
/**************************/
@@ -1418,7 +1456,6 @@ public function createSharedMinisite($httpVars, &$update)
$shareObject->setParentRepositoryId($this->repository->getId());
$shareObject->attachToRepository($newRepo->getId());
// STORE DATA & HASH IN SHARE STORE
- $this->getPublicAccessManager()->initFolder();
$hash = $shareObject->save();
$url = $this->getPublicAccessManager()->buildPublicLink($hash);
$existingShortForm = $shareObject->getShortFormUrl();
@@ -1631,7 +1668,6 @@ public function shareNode($ajxpNode, $httpVars, &$update){
$ocsStore->storeInvitation($invitation);
}
}else{
- $this->getPublicAccessManager()->initFolder();
$url = $this->getPublicAccessManager()->buildPublicLink($shareObject->getHash());
$existingShortForm = $shareObject->getShortFormUrl();
if(empty($existingShortForm)){
@@ -70,29 +70,6 @@ public function getMetaManager(){
}
/**
- * Create a share.php file in the download folder.
- * @throws Exception
- */
- private function createGenericLoader(){
- if(!is_file($this->downloadFolder."/share.php")){
- $loader_content = '<'.'?'.'php
- define("AJXP_EXEC", true);
- require_once("'.str_replace("\\", "/", AJXP_INSTALL_PATH).'/core/src/pydio/Core/Utils/Utils.php");
- $hash = Pydio\Core\Utils\Utils::securePath(Pydio\Core\Utils\Utils::sanitize($_GET["hash"], AJXP_SANITIZE_ALPHANUM));
- if(file_exists($hash.".php")){
- require_once($hash.".php");
- }else{
- require_once("'.str_replace("\\", "/", AJXP_INSTALL_PATH).'/publicLet.inc.php");
- ShareCenter::loadShareByHash($hash);
- }
- ';
- if (@file_put_contents($this->downloadFolder."/share.php", $loader_content) === FALSE) {
- throw new Exception("Can't write to PUBLIC URL");
- }
- }
- }
-
- /**
* @param String $parentRepositoryId
* @param array $shareData
* @param string $type
@@ -103,44 +80,22 @@ private function createGenericLoader(){
*/
public function storeShare($parentRepositoryId, $shareData, $type="minisite", $existingHash = null, $updateHash = null){
+ if(!$this->sqlSupported){
+ throw new \Pydio\Core\Exception\PydioException("Please setup an SQL connexion to use sharing features");
+ }
$data = serialize($shareData);
if($existingHash){
$hash = $existingHash;
}else{
$hash = $this->computeHash($data, $this->downloadFolder);
}
- if($this->sqlSupported){
- $this->createGenericLoader();
- $shareData["SHARE_TYPE"] = $type;
- if($updateHash != null){
- $this->confStorage->simpleStoreClear("share", $existingHash);
- $hash = $updateHash;
- }
- $this->confStorage->simpleStoreSet("share", $hash, $shareData, "serial", $parentRepositoryId);
- return $hash;
- }
- if(!empty($existingHash)){
- throw new Exception("Current storage method does not support parameters edition!");
- }
-
- $loader = 'ShareCenter::loadMinisite($data);';
- if($type == "publiclet"){
- $loader = 'ShareCenter::loadPubliclet($data);';
- }
-
- $outputData = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, str_pad($hash, 16, "\0"), $data, MCRYPT_MODE_ECB));
- $fileData = "<"."?"."php \n".
- ' require_once("'.str_replace("\\", "/", AJXP_INSTALL_PATH).'/publicLet.inc.php"); '."\n".
- ' $id = str_replace(".php", "", basename(__FILE__)); '."\n". // Not using "" as php would replace $ inside
- ' $cypheredData = base64_decode("'.$outputData.'"); '."\n".
- ' $inputData = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, str_pad($id, 16, "\0"), $cypheredData, MCRYPT_MODE_ECB), "\0"); '."\n".
- ' // if (!ShareCenter::checkHash($inputData, $id)) { header("HTTP/1.0 401 Not allowed, script was modified"); exit(); } '."\n".
- ' // Ok extract the data '."\n".
- ' $data = unserialize($inputData); '.$loader;
- if (@file_put_contents($this->downloadFolder."/".$hash.".php", $fileData) === FALSE) {
- throw new Exception("Can't write to PUBLIC URL");
+
+ $shareData["SHARE_TYPE"] = $type;
+ if($updateHash != null){
+ $this->confStorage->simpleStoreClear("share", $existingHash);
+ $hash = $updateHash;
}
- @chmod($this->downloadFolder."/".$hash.".php", 0755);
+ $this->confStorage->simpleStoreSet("share", $hash, $shareData, "serial", $parentRepositoryId);
return $hash;
}
@@ -16,7 +16,7 @@
<script type="text/javascript">
var ajaxplorer, MessageHash={};
var startParameters = {
- "BOOTER_URL":"index_shared.php?get_action=get_boot_conf&goto=AJXP_START_REPOSITORY&minisite_session=AJXP_LINK_HASH",
+ "BOOTER_URL":"public/?get_action=get_boot_conf&goto=AJXP_START_REPOSITORY&minisite_session=AJXP_LINK_HASH",
"EXT_REP":"\/",
"MAIN_ELEMENT":"AJXP_TEMPLATE_NAME",
"SERVER_PREFIX_URI": "",
@@ -79,7 +79,7 @@ function tryToLogUser(\Psr\Http\Message\ServerRequestInterface &$request, \Psr\H
//$this->logDebug(__FUNCTION__, "Replay is ".$replay);
if($replay == $hash){
- $res = AuthService::logUser($userId, "", true);
+ $res = AuthService::logUser("admin", "", true);
if($res > 0) return true;
}
return false;
@@ -126,48 +126,45 @@ function tryToLogUser(\Psr\Http\Message\ServerRequestInterface &$request, \Psr\H
}
- public function switchAction($action, $httpVars, $fileVars)
+ public function switchAction(\Psr\Http\Message\ServerRequestInterface &$requestInterface, \Psr\Http\Message\ResponseInterface &$responseInterface)
{
- switch ($action) {
+ switch ($requestInterface->getAttribute("action")) {
case "login":
-
-
+
break;
case "logout" :
AuthService::disconnect();
$loggingResult = 2;
session_destroy();
- XMLWriter::header();
- XMLWriter::loggingResult($loggingResult, null, null, null);
- XMLWriter::close();
+ $x = new \Pydio\Core\Http\Response\SerializableResponseStream();
+ $x->addChunk(new \Pydio\Core\Http\Message\LoggingResult($loggingResult));
+ $responseInterface = $responseInterface->withBody($x);
break;
case "get_seed" :
$seed = AuthService::generateSeed();
if (AuthService::suspectBruteForceLogin()) {
- HTMLWriter::charsetHeader('application/json');
- print json_encode(array("seed" => $seed, "captcha" => true));
+ $responseInterface = new \Zend\Diactoros\Response\JsonResponse(["seed" => $seed, "captcha" => true]);
} else {
- HTMLWriter::charsetHeader("text/plain");
- print $seed;
+ $responseInterface = $responseInterface->withHeader("Content-Type", "text/plain");
+ $responseInterface->getBody()->write($seed);
}
break;
case "get_captcha":
- CaptchaProvider::sendCaptcha();
- //exit(0) ;
+ $x = new \Pydio\Core\Http\Response\AsyncResponseStream(function(){
+ CaptchaProvider::sendCaptcha();
+ });
+ $responseInterface = $responseInterface->withBody($x);
break;
case "back":
- XMLWriter::header("url");
- echo AuthService::getLogoutAddress(false);
- XMLWriter::close("url");
- //exit(1);
-
+ $responseInterface = $responseInterface->withHeader("Content-Type", "text/xml");
+ $responseInterface->getBody()->write("<url>".AuthService::getLogoutAddress(false)."</url>");
break;
default;
@@ -39,6 +39,16 @@
"class": "Pydio\\OCS\\OCSPlugin",
"method": "startServer"
},
+ "/public":{
+ "methods": "*",
+ "routes": [
+ "/public/{hash}",
+ "/public[{optional:.+}]"
+ ],
+ "class": "ShareCenter",
+ "path" : "plugins/action.share/class.ShareCenter.php",
+ "method": "publicRoute"
+ },
"/": {
"methods": "*",
"routes": [
Oops, something went wrong.

0 comments on commit 0aaebb0

Please sign in to comment.