Permalink
Browse files

Remove switchRootDir() method

  • Loading branch information...
1 parent 7821c62 commit 7f13fce13220550b092d7e8b33a77980eecb8819 @cdujeu cdujeu committed Jun 9, 2016
@@ -0,0 +1,46 @@
+<?php
+/*
+ * Copyright 2007-2016 Abstrium <contact (at) pydio.com>
+ * This file is part of Pydio.
+ *
+ * Pydio is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Pydio is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with Pydio. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * The latest code can be found at <https://pydio.com/>.
+ */
+namespace Pydio\Core\Exception;
+
+defined('AJXP_EXEC') or die('Access not allowed');
+
+
+class LoginException extends PydioException
+{
+ private $loginError;
+
+ /**
+ * LoginException constructor.
+ * @param integer $errorCode
+ */
+ public function __construct($errorCode)
+ {
+ $this->loginError = $errorCode;
+ parent::__construct("Error while trying to log user", null, $errorCode);
+ }
+
+ /**
+ * @return int
+ */
+ public function getLoginError(){
+ return $this->loginError;
+ }
+}
@@ -0,0 +1,32 @@
+<?php
+/*
+ * Copyright 2007-2016 Abstrium <contact (at) pydio.com>
+ * This file is part of Pydio.
+ *
+ * Pydio is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Pydio is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with Pydio. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * The latest code can be found at <https://pydio.com/>.
+ */
+namespace Pydio\Core\Exception;
+
+defined('AJXP_EXEC') or die('Access not allowed');
+
+
+class WorkspaceForbiddenException extends PydioException
+{
+ public function __construct($wsId)
+ {
+ parent::__construct("Cannot access to workspace with id/alias ".$wsId, null);
+ }
+}
@@ -34,6 +34,7 @@
use Pydio\Core\Services\RepositoryService;
use Pydio\Core\Services\RolesService;
use Pydio\Core\Services\UsersService;
+use Pydio\Core\Utils\TextEncoder;
use Pydio\Core\Utils\Utils;
use Pydio\Log\Core\AJXP_Logger;
use Zend\Diactoros\Response;
@@ -165,8 +166,8 @@ public static function handleRequest(ServerRequestInterface $requestInterface, R
$responseInterface->getBody()->write("\n--- Impersonating user ".$impersonateUser);
try{
$loggedUser = AuthService::logUser($impersonateUser, "empty", true, false, "");
- ConfService::switchRootDir($optRepoId, true);
- Controller::registryReset();
+ //ConfService::switchRootDir($optRepoId, true);
+ //Controller::registryReset();
$subResponse = new Response();
$ctx = new Context();
$ctx->setUserObject($loggedUser);
@@ -193,13 +194,14 @@ public static function handleRequest(ServerRequestInterface $requestInterface, R
}else{
- ConfService::switchRootDir($optRepoId, true);
+ $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $optRepoId);
$ctx = new Context();
$ctx->setUserObject($loggedUser);
- $ctx->setRepositoryId($optRepoId);
+ $ctx->setRepositoryObject($repoObject);
$requestInterface = $requestInterface->withAttribute("ctx", $ctx);
AJXP_Logger::updateContext($ctx);
+ TextEncoder::updateContext($ctx);
return Server::callNextMiddleWare($requestInterface, $responseInterface, $next);
@@ -23,12 +23,16 @@
use Pydio\Auth\Core\AJXP_Safe;
use Pydio\Core\Exception\LoginException;
+use Pydio\Core\Exception\RepositoryLoadException;
+use Pydio\Core\Exception\WorkspaceForbiddenException;
+use Pydio\Core\Exception\WorkspaceNotFoundException;
use Pydio\Core\Model\ContextInterface;
use Pydio\Core\Model\UserInterface;
use Pydio\Core\Services\AuthService;
use Pydio\Core\Services\ConfService;
use Pydio\Core\Services\RepositoryService;
use Pydio\Core\Services\UsersService;
+use Pydio\Core\Utils\TextEncoder;
use Pydio\Log\Core\AJXP_Logger;
use \Sabre;
@@ -116,16 +120,26 @@ public function authenticate(Sabre\DAV\Server $server, $realm)
if (ConfService::getCoreConf("SESSION_SET_CREDENTIALS", "auth")) {
AJXP_Safe::storeCredentials($this->currentUser, $userpass[1]);
}
- $repoId = $this->context->getRepositoryId();
- if(isSet($repoId) && RepositoryService::getRepositoryById($repoId)->getContextOption($this->context, "AJXP_WEBDAV_DISABLED") === true){
- throw new Sabre\DAV\Exception\NotAuthenticated('You are not allowed to access this workspace');
+ if($this->context->hasRepository()){
+ $repoId = $this->context->getRepositoryId();
+ try{
+ $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $repoId);
+ }catch (WorkspaceForbiddenException $e){
+ throw new Sabre\DAV\Exception\NotAuthenticated('You are not allowed to access this workspace');
+ }catch (WorkspaceNotFoundException $e){
+ throw new Sabre\DAV\Exception\NotAuthenticated('Could not find workspace!');
+ }catch (RepositoryLoadException $e){
+ throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace');
+ }catch (\Exception $e){
+ throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace');
+ }
+ $this->context->setRepositoryObject($repoObject);
}
- $repoObject = ConfService::switchRootDir($repoId);
// NOW UPDATE CONTEXT
$this->context->setUserId($this->currentUser);
- $this->context->setRepositoryObject($repoObject);
AJXP_Logger::updateContext($this->context);
+ TextEncoder::updateContext($this->context);
// the method used here will invalidate the cached password every minute on the minute
if (!$cachedPasswordValid) {
@@ -21,7 +21,12 @@
namespace Pydio\Core\Http\Dav;
use Pydio\Core\Exception\LoginException;
+use Pydio\Core\Exception\RepositoryLoadException;
+use Pydio\Core\Exception\WorkspaceForbiddenException;
+use Pydio\Core\Exception\WorkspaceNotFoundException;
+use Pydio\Core\Services\RepositoryService;
use Pydio\Core\Services\UsersService;
+use Pydio\Core\Utils\TextEncoder;
use \Sabre;
use Pydio\Auth\Core\AJXP_Safe;
use Pydio\Core\Model\ContextInterface;
@@ -107,13 +112,28 @@ public function authenticate(Sabre\DAV\Server $server, $realm)
}
throw new Sabre\DAV\Exception\NotAuthenticated($errmsg);
}
- $repoObject = ConfService::switchRootDir($this->repositoryId);
+
+ if($this->context->hasRepository()){
+ $repoId = $this->context->getRepositoryId();
+ try{
+ $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $repoId);
+ }catch (WorkspaceForbiddenException $e){
+ throw new Sabre\DAV\Exception\NotAuthenticated('You are not allowed to access this workspace');
+ }catch (WorkspaceNotFoundException $e){
+ throw new Sabre\DAV\Exception\NotAuthenticated('Could not find workspace!');
+ }catch (RepositoryLoadException $e){
+ throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace');
+ }catch (\Exception $e){
+ throw new Sabre\DAV\Exception\NotAuthenticated('Error while loading workspace');
+ }
+ $this->context->setRepositoryObject($repoObject);
+ }
// NOW UPDATE CONTEXT
- $this->context->setUserId($this->currentUser);
- $this->context->setRepositoryObject($repoObject);
+ $this->context->setUserObject($loggedUser);
AJXP_Logger::updateContext($this->context);
-
+ TextEncoder::updateContext($this->context);
+
return true;
}
@@ -126,18 +126,18 @@ protected static function bootSessionServer(ServerRequestInterface &$request){
if($restRepositoryId !== null){
- $repoObject = ConfService::switchRootDir($restRepositoryId);
+ $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $restRepositoryId);
}else{
$repoId = SessionService::getSessionRepositoryId();
if($repoId !== null){
try{
- $repoObject = ConfService::switchRootDir($repoId);
+ $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $repoId);
}catch (\Exception $e){
$previous = SessionService::getPreviousRepositoryId();
if($previous !== null){
- $repoObject = ConfService::switchRootDir($previous);
+ $repoObject = UsersService::getRepositoryWithPermission($loggedUser, $previous);
}
}
}else{
@@ -24,6 +24,7 @@
use Pydio\Authfront\Core\FrontendsLoader;
use Pydio\Core\Exception\NoActiveWorkspaceException;
use Pydio\Core\Exception\PydioException;
+use Pydio\Core\Exception\WorkspaceForbiddenException;
use Pydio\Core\Exception\WorkspaceNotFoundException;
use Pydio\Core\Model\Context;
use Pydio\Core\Model\ContextInterface;
@@ -74,16 +75,13 @@ public static function handleRequest(\Psr\Http\Message\ServerRequestInterface &$
}
$repo = array_shift($userRepositories);
}else{
- $repo = RepositoryService::findRepositoryByIdOrAlias($repoID);
- if ($repo == null) {
- throw new WorkspaceNotFoundException($repoID);
- }
- if(!$ctx->getUser()->canAccessRepository($repo)){
+ try{
+ $repo = UsersService::getRepositoryWithPermission($ctx->getUser(), $repoID);
+ }catch (WorkspaceForbiddenException $w){
$responseInterface = $responseInterface->withStatus(401);
$responseInterface->getBody()->write('You are not authorized to access this API.');
return $responseInterface;
}
- ConfService::switchRootDir($repo->getId());
}
$ctx->setRepositoryObject($repo);
@@ -128,31 +128,6 @@ public static function getErrors()
return self::getInstance()->errors;
}
- public static function getContextCharset(){
- if(self::$useSession) {
- if(isSet($_SESSION["AJXP_CHARSET"])) return $_SESSION["AJXP_CHARSET"];
- else return null;
- }else {
- return self::getInstance()->contextCharset;
- }
- }
-
- public static function setContextCharset($value){
- if(self::$useSession){
- $_SESSION["AJXP_CHARSET"] = $value;
- }else{
- self::getInstance()->contextCharset = $value;
- }
- }
-
- public static function clearContextCharset(){
- if(self::$useSession && isSet($_SESSION["AJXP_CHARSET"])){
- unset($_SESSION["AJXP_CHARSET"]);
- }else{
- self::getInstance()->contextCharset = null;
- }
- }
-
public static function clearAllCaches(){
PluginsService::clearPluginsCache();
LocaleService::clearMessagesCache();
@@ -305,71 +280,6 @@ public static function getCacheDriverImpl()
}
-
- /**
- * See instance method
- * @static
- * @param $rootDirIndex
- * @param bool $temporary
- * @return RepositoryInterface
- */
- public static function switchRootDir($rootDirIndex, $temporary = false)
- {
- return self::getInstance()->switchRootDirInst($rootDirIndex, $temporary);
- }
-
- /**
- * Switch the current repository
- * @param int $rootDirIndex
- * @param bool $temporary
- * @throws PydioException
- * @return RepositoryInterface
- */
- public function switchRootDirInst($rootDirIndex=-1, $temporary=false)
- {
- // TMP
- $loggedUser = AuthService::getLoggedUser();
-
- $object = RepositoryService::getRepositoryById($rootDirIndex);
- if($temporary && ($object == null || !RepositoryService::repositoryIsAccessible($object, $loggedUser))) {
- throw new PydioException("Trying to switch to an unauthorized repository");
- }
-
- if (isSet($this->configs["REPOSITORIES"]) && isSet($this->configs["REPOSITORIES"][$rootDirIndex])) {
- $this->configs["REPOSITORY"] = $this->configs["REPOSITORIES"][$rootDirIndex];
- } else {
- $this->configs["REPOSITORY"] = RepositoryService::getRepositoryById($rootDirIndex);
- }
- if(self::$useSession){
- //$_SESSION['REPO_ID'] = $rootDirIndex;
- }else{
- $this->contextRepositoryId = $rootDirIndex;
- }
- if(isSet($this->configs["ACCESS_DRIVER"])) unset($this->configs["ACCESS_DRIVER"]);
-
- if (isSet($this->configs["REPOSITORY"]) && $this->configs["REPOSITORY"]->getSafeOption("CHARSET")!="") {
- self::setContextCharset($this->configs["REPOSITORY"]->getSafeOption("CHARSET"));
- } else {
- self::clearContextCharset();
- }
-
-
- if ($rootDirIndex!=-1 && UsersService::usersEnabled() && AuthService::getLoggedUser()!=null) {
- $loggedUser = AuthService::getLoggedUser();
- $loggedUser->setArrayPref("history", "last_repository", $rootDirIndex);
- }
-
- return $this->configs["REPOSITORY"];
-
- }
-
-
-
- public function getContextRepositoryId(){
- return self::$useSession ? $_SESSION["REPO_ID"] : $this->contextRepositoryId;
- }
-
-
public function invalidateLoadedRepositories()
{
UsersService::invalidateCache();
@@ -146,5 +146,18 @@ public static function invalidateLoadedRepositories()
unset($_SESSION["REPOSITORIES"]);
}
}
+
+ public static function getContextCharset($repositoryId)
+ {
+ if (isSet($_SESSION["AJXP_CHARSET"])) return $_SESSION["AJXP_CHARSET"];
+ return null;
+ }
+
+ public static function setContextCharset($repositoryId, $value)
+ {
+ if (ConfService::$useSession) {
+ $_SESSION["AJXP_CHARSET"] = $value;
+ }
+ }
}
Oops, something went wrong.

0 comments on commit 7f13fce

Please sign in to comment.