2012-05-06 00:54:14 +04:00
|
|
|
<?php
|
2015-03-26 13:44:34 +03:00
|
|
|
/**
|
2016-07-21 18:07:57 +03:00
|
|
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
|
|
|
*
|
2015-03-26 13:44:34 +03:00
|
|
|
* @author Brice Maron <brice@bmaron.net>
|
|
|
|
* @author Christopher Schäpers <kondou@ts.unde.re>
|
2020-03-31 11:49:10 +03:00
|
|
|
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
|
|
|
* @author Georg Ehrke <oc.list@georgehrke.com>
|
2016-07-21 18:07:57 +03:00
|
|
|
* @author Joas Schilling <coding@schilljs.com>
|
2015-03-26 13:44:34 +03:00
|
|
|
* @author Jörn Friedrich Dreyer <jfd@butonic.de>
|
2016-05-26 20:56:05 +03:00
|
|
|
* @author Lukas Reschke <lukas@statuscode.ch>
|
2019-12-03 21:57:53 +03:00
|
|
|
* @author Morris Jobke <hey@morrisjobke.de>
|
2016-07-21 19:13:36 +03:00
|
|
|
* @author Robin Appelman <robin@icewind.nl>
|
2016-01-12 17:02:16 +03:00
|
|
|
* @author Robin McCorkell <robin@mccorkell.me.uk>
|
2019-12-03 21:57:53 +03:00
|
|
|
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
2015-03-26 13:44:34 +03:00
|
|
|
* @author Thomas Müller <thomas.mueller@tmit.eu>
|
|
|
|
* @author Vincent Petry <pvince81@owncloud.com>
|
|
|
|
*
|
|
|
|
* @license AGPL-3.0
|
|
|
|
*
|
|
|
|
* This code is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
|
|
* as published by the Free Software Foundation.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
2019-12-03 21:57:53 +03:00
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
2015-03-26 13:44:34 +03:00
|
|
|
*
|
|
|
|
*/
|
2015-06-29 16:47:05 +03:00
|
|
|
|
2017-10-13 22:30:29 +03:00
|
|
|
require_once __DIR__ . '/lib/versioncheck.php';
|
|
|
|
|
2015-08-30 20:13:01 +03:00
|
|
|
use OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin;
|
2015-06-29 16:47:05 +03:00
|
|
|
use Sabre\DAV\Exception\ServiceUnavailable;
|
|
|
|
use Sabre\DAV\Server;
|
|
|
|
|
2015-06-29 23:08:34 +03:00
|
|
|
/**
|
|
|
|
* Class RemoteException
|
|
|
|
* Dummy exception class to be use locally to identify certain conditions
|
2015-08-18 16:02:30 +03:00
|
|
|
* Will not be logged to avoid DoS
|
2015-06-29 23:08:34 +03:00
|
|
|
*/
|
|
|
|
class RemoteException extends Exception {
|
|
|
|
}
|
|
|
|
|
2015-06-29 16:47:05 +03:00
|
|
|
/**
|
2017-07-19 16:50:59 +03:00
|
|
|
* @param Exception|Error $e
|
2015-06-29 16:47:05 +03:00
|
|
|
*/
|
2016-04-20 19:01:47 +03:00
|
|
|
function handleException($e) {
|
2015-06-29 16:47:05 +03:00
|
|
|
$request = \OC::$server->getRequest();
|
|
|
|
// in case the request content type is text/xml - we assume it's a WebDAV request
|
2015-06-29 23:08:34 +03:00
|
|
|
$isXmlContentType = strpos($request->getHeader('Content-Type'), 'text/xml');
|
|
|
|
if ($isXmlContentType === 0) {
|
2015-06-29 16:47:05 +03:00
|
|
|
// fire up a simple server to properly process the exception
|
|
|
|
$server = new Server();
|
2015-08-18 16:02:30 +03:00
|
|
|
if (!($e instanceof RemoteException)) {
|
|
|
|
// we shall not log on RemoteException
|
|
|
|
$server->addPlugin(new ExceptionLoggerPlugin('webdav', \OC::$server->getLogger()));
|
|
|
|
}
|
2020-03-09 18:32:04 +03:00
|
|
|
$server->on('beforeMethod:*', function () use ($e) {
|
2015-06-29 23:08:34 +03:00
|
|
|
if ($e instanceof RemoteException) {
|
|
|
|
switch ($e->getCode()) {
|
2018-06-26 13:15:09 +03:00
|
|
|
case 503:
|
2015-06-29 23:08:34 +03:00
|
|
|
throw new ServiceUnavailable($e->getMessage());
|
2018-06-26 13:15:09 +03:00
|
|
|
case 404:
|
2015-06-29 23:08:34 +03:00
|
|
|
throw new \Sabre\DAV\Exception\NotFound($e->getMessage());
|
|
|
|
}
|
|
|
|
}
|
2015-06-29 16:47:05 +03:00
|
|
|
$class = get_class($e);
|
|
|
|
$msg = $e->getMessage();
|
|
|
|
throw new ServiceUnavailable("$class: $msg");
|
|
|
|
});
|
|
|
|
$server->exec();
|
|
|
|
} else {
|
2018-06-26 13:15:09 +03:00
|
|
|
$statusCode = 500;
|
2020-04-09 17:07:47 +03:00
|
|
|
if ($e instanceof \OC\ServiceUnavailableException) {
|
2018-06-26 13:15:09 +03:00
|
|
|
$statusCode = 503;
|
2015-06-29 16:47:05 +03:00
|
|
|
}
|
2015-06-29 23:08:34 +03:00
|
|
|
if ($e instanceof RemoteException) {
|
2015-08-18 16:02:30 +03:00
|
|
|
// we shall not log on RemoteException
|
2018-06-26 10:17:37 +03:00
|
|
|
OC_Template::printErrorPage($e->getMessage(), '', $e->getCode());
|
2015-06-29 23:08:34 +03:00
|
|
|
} else {
|
2016-04-20 19:01:47 +03:00
|
|
|
\OC::$server->getLogger()->logException($e, ['app' => 'remote']);
|
2018-06-26 11:27:43 +03:00
|
|
|
OC_Template::printExceptionErrorPage($e, $statusCode);
|
2015-06-29 23:08:34 +03:00
|
|
|
}
|
2015-06-29 16:47:05 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-04-05 10:59:43 +03:00
|
|
|
/**
|
|
|
|
* @param $service
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
function resolveService($service) {
|
|
|
|
$services = [
|
|
|
|
'webdav' => 'dav/appinfo/v1/webdav.php',
|
|
|
|
'dav' => 'dav/appinfo/v2/remote.php',
|
|
|
|
'caldav' => 'dav/appinfo/v1/caldav.php',
|
|
|
|
'calendar' => 'dav/appinfo/v1/caldav.php',
|
|
|
|
'carddav' => 'dav/appinfo/v1/carddav.php',
|
|
|
|
'contacts' => 'dav/appinfo/v1/carddav.php',
|
|
|
|
'files' => 'dav/appinfo/v1/webdav.php',
|
2018-04-13 15:04:41 +03:00
|
|
|
'direct' => 'dav/appinfo/v2/direct.php',
|
2016-04-05 10:59:43 +03:00
|
|
|
];
|
|
|
|
if (isset($services[$service])) {
|
|
|
|
return $services[$service];
|
|
|
|
}
|
|
|
|
|
|
|
|
return \OC::$server->getConfig()->getAppValue('core', 'remote_' . $service);
|
|
|
|
}
|
|
|
|
|
2013-06-10 15:45:19 +04:00
|
|
|
try {
|
2016-10-06 13:13:02 +03:00
|
|
|
require_once __DIR__ . '/lib/base.php';
|
2014-06-25 20:17:17 +04:00
|
|
|
|
2016-04-12 14:30:37 +03:00
|
|
|
// All resources served via the DAV endpoint should have the strictest possible
|
|
|
|
// policy. Exempted from this is the SabreDAV browser plugin which overwrites
|
|
|
|
// this policy with a softer one if debug mode is enabled.
|
|
|
|
header("Content-Security-Policy: default-src 'none';");
|
|
|
|
|
2014-06-25 20:17:17 +04:00
|
|
|
if (\OCP\Util::needUpgrade()) {
|
|
|
|
// since the behavior of apps or remotes are unpredictable during
|
|
|
|
// an upgrade, return a 503 directly
|
2018-06-26 13:15:09 +03:00
|
|
|
throw new RemoteException('Service unavailable', 503);
|
2014-06-25 20:17:17 +04:00
|
|
|
}
|
|
|
|
|
2015-02-10 15:02:48 +03:00
|
|
|
$request = \OC::$server->getRequest();
|
|
|
|
$pathInfo = $request->getPathInfo();
|
|
|
|
if ($pathInfo === false || $pathInfo === '') {
|
2018-06-26 13:15:09 +03:00
|
|
|
throw new RemoteException('Path not found', 404);
|
2013-06-10 15:45:19 +04:00
|
|
|
}
|
2015-02-10 15:02:48 +03:00
|
|
|
if (!$pos = strpos($pathInfo, '/', 1)) {
|
|
|
|
$pos = strlen($pathInfo);
|
2013-06-10 15:45:19 +04:00
|
|
|
}
|
2015-02-10 15:02:48 +03:00
|
|
|
$service=substr($pathInfo, 1, $pos-1);
|
2012-06-24 12:06:42 +04:00
|
|
|
|
2016-04-05 10:59:43 +03:00
|
|
|
$file = resolveService($service);
|
2012-07-14 02:10:17 +04:00
|
|
|
|
2020-04-10 15:19:56 +03:00
|
|
|
if (is_null($file)) {
|
2018-06-26 13:15:09 +03:00
|
|
|
throw new RemoteException('Path not found', 404);
|
2013-06-10 15:45:19 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
$file=ltrim($file, '/');
|
|
|
|
|
|
|
|
$parts=explode('/', $file, 2);
|
|
|
|
$app=$parts[0];
|
2014-05-10 16:00:22 +04:00
|
|
|
|
|
|
|
// Load all required applications
|
|
|
|
\OC::$REQUESTEDAPP = $app;
|
2020-03-26 11:30:18 +03:00
|
|
|
OC_App::loadApps(['authentication']);
|
|
|
|
OC_App::loadApps(['filesystem', 'logging']);
|
2014-05-10 16:00:22 +04:00
|
|
|
|
2013-06-10 15:45:19 +04:00
|
|
|
switch ($app) {
|
|
|
|
case 'core':
|
|
|
|
$file = OC::$SERVERROOT .'/'. $file;
|
|
|
|
break;
|
|
|
|
default:
|
2014-09-04 17:23:55 +04:00
|
|
|
if (!\OC::$server->getAppManager()->isInstalled($app)) {
|
2015-08-18 16:02:30 +03:00
|
|
|
throw new RemoteException('App not installed: ' . $app);
|
2014-09-04 17:23:55 +04:00
|
|
|
}
|
2013-06-10 15:45:19 +04:00
|
|
|
OC_App::loadApp($app);
|
2014-02-20 17:51:23 +04:00
|
|
|
$file = OC_App::getAppPath($app) .'/'. $parts[1];
|
2013-06-10 15:45:19 +04:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
$baseuri = OC::$WEBROOT . '/remote.php/'.$service.'/';
|
|
|
|
require_once $file;
|
|
|
|
} catch (Exception $ex) {
|
2015-06-29 16:47:05 +03:00
|
|
|
handleException($ex);
|
2016-04-20 19:01:47 +03:00
|
|
|
} catch (Error $e) {
|
2016-05-02 14:10:03 +03:00
|
|
|
handleException($e);
|
2013-08-18 13:02:08 +04:00
|
|
|
}
|