From 71205b8b07be83c0a1ced3ce5dfe92629c7a5cc3 Mon Sep 17 00:00:00 2001 From: "Michiel@unhosted" Date: Fri, 2 Sep 2011 14:56:40 +0200 Subject: [PATCH 1/2] adding core_unhosted app --- apps/core_unhosted/admin.php | 50 +++++++++ apps/core_unhosted/ajax/deletetoken.php | 12 +++ apps/core_unhosted/ajax/link.php | 49 +++++++++ apps/core_unhosted/appinfo/database.xml | 59 +++++++++++ apps/core_unhosted/appinfo/info.xml | 10 ++ apps/core_unhosted/compat.php | 110 ++++++++++++++++++++ apps/core_unhosted/css/admin.css | 2 + apps/core_unhosted/img/island.png | Bin 0 -> 3674 bytes apps/core_unhosted/js/admin.js | 16 +++ apps/core_unhosted/lib_unhosted.php | 86 +++++++++++++++ apps/core_unhosted/oauth_ro_auth.php | 73 +++++++++++++ apps/core_unhosted/templates/admin.php | 19 ++++ apps/core_unhosted/templates/breadcrumb.php | 4 + apps/core_unhosted/templates/files.php | 9 ++ 14 files changed, 499 insertions(+) create mode 100644 apps/core_unhosted/admin.php create mode 100644 apps/core_unhosted/ajax/deletetoken.php create mode 100644 apps/core_unhosted/ajax/link.php create mode 100644 apps/core_unhosted/appinfo/database.xml create mode 100644 apps/core_unhosted/appinfo/info.xml create mode 100644 apps/core_unhosted/compat.php create mode 100644 apps/core_unhosted/css/admin.css create mode 100644 apps/core_unhosted/img/island.png create mode 100644 apps/core_unhosted/js/admin.js create mode 100644 apps/core_unhosted/lib_unhosted.php create mode 100644 apps/core_unhosted/oauth_ro_auth.php create mode 100644 apps/core_unhosted/templates/admin.php create mode 100644 apps/core_unhosted/templates/breadcrumb.php create mode 100644 apps/core_unhosted/templates/files.php diff --git a/apps/core_unhosted/admin.php b/apps/core_unhosted/admin.php new file mode 100644 index 0000000000..8a4f9f9a2e --- /dev/null +++ b/apps/core_unhosted/admin.php @@ -0,0 +1,50 @@ +. +* +*/ + + +// Init owncloud +require_once('../../lib/base.php'); +require_once( 'lib_unhosted.php' ); +require( 'template.php' ); + +// Check if we are a user +if( !OC_USER::isLoggedIn()){ +//var_export($_COOKIE); +//var_export($_SESSION); +//die('get a cookie!'); + header( "Location: ".OC_HELPER::linkTo( "index.php" )); + exit(); +} + +OC_APP::setActiveNavigationEntry( "unhosted_web_administration" ); + +OC_UTIL::addStyle( 'unhosted_web', 'admin' ); +OC_UTIL::addScript( 'unhosted_web', 'admin' ); + +// return template +$tmpl = new OC_TEMPLATE( "unhosted_web", "admin", "admin" ); +$tmpl->assign( 'tokens', OC_UnhostedWeb::getAllTokens()); +$tmpl->printPage(); + +?> diff --git a/apps/core_unhosted/ajax/deletetoken.php b/apps/core_unhosted/ajax/deletetoken.php new file mode 100644 index 0000000000..3e3668188b --- /dev/null +++ b/apps/core_unhosted/ajax/deletetoken.php @@ -0,0 +1,12 @@ + diff --git a/apps/core_unhosted/ajax/link.php b/apps/core_unhosted/ajax/link.php new file mode 100644 index 0000000000..9f479cbd51 --- /dev/null +++ b/apps/core_unhosted/ajax/link.php @@ -0,0 +1,49 @@ + 'https://myfavouritesandwich.org:444/', + 'usr' => $_POST['userAddress'],//this is not necessarily the case, you could also use one owncloud user and many user addresses on it + 'pwd' => OC_User::generatePassword(), + ); + $storage = array( + 'dataScope' => $_POST['dataScope'], + 'storageType' => 'http://unhosted.org/spec/dav/0.1', + 'davUrl' => 'https://myfavouritesandwich.org:444/apps/unhosted_web/compat.php/'.$ownCloudDetails['usr'].'/unhosted/', + 'userAddress' => $_POST['userAddress'],//here, it refers to the user sent to DAV in the basic auth + ); + if(OC_User::userExists($ownCloudDetails['usr'])){ + $message = 'account reopened'; + $result = OC_User::setPassword($ownCloudDetails['usr'], $ownCloudDetails['pwd']); + } else { + $message = 'account created'; + $result = OC_User::createUser($ownCloudDetails['usr'], $ownCloudDetails['pwd']); + } + if($result) { + $storage['davToken'] = OC_UnhostedWeb::createDataScope( + 'https://myfavouritesandwich.org/', + $ownCloudDetails['usr'], $storage['dataScope']); + echo json_encode(array('ownCloudDetails' => $ownCloudDetails, 'storage' => $storage)); + exit(); + } else { + echo json_encode( array( "status" => "error", "data" => "couldn't ", "ownCloudDetails" => $ownCloudDetails)); + exit(); + } + } else { + echo json_encode( array( "status" => "error", "data" => "post not ok")); + } +} catch(Exception $e) { + echo json_encode( array( "status" => "error", "data" => $e)); +} +echo json_encode( array( "status" => "error", "data" => array( "message" => "Computer says 'no'" ))); +?> diff --git a/apps/core_unhosted/appinfo/database.xml b/apps/core_unhosted/appinfo/database.xml new file mode 100644 index 0000000000..db25657085 --- /dev/null +++ b/apps/core_unhosted/appinfo/database.xml @@ -0,0 +1,59 @@ + + + *dbname* + true + false + latin1 + + *dbprefix*authtoken + + + token + text + + true + 40 + + + appUrl + text + + true + 128 + + + user + text + + true + 64 + + + dataScope + text + + true + 64 + + + userAddress + text + + true + 64 + + + a_app_unhostedweb_user + true + + user + ascending + + + token + ascending + + + +
+
diff --git a/apps/core_unhosted/appinfo/info.xml b/apps/core_unhosted/appinfo/info.xml new file mode 100644 index 0000000000..dccbd3b824 --- /dev/null +++ b/apps/core_unhosted/appinfo/info.xml @@ -0,0 +1,10 @@ + + + core_unhosted + Unhosted Web + On websites that allow unhosted accounts, use your owncloud as the storage for your user data + 0.1 + AGPL + Michiel de Jong + 2 + diff --git a/apps/core_unhosted/compat.php b/apps/core_unhosted/compat.php new file mode 100644 index 0000000000..88dac5e7b5 --- /dev/null +++ b/apps/core_unhosted/compat.php @@ -0,0 +1,110 @@ +. +* +*/ + + +// Do not load FS ... +$RUNTIME_NOSETUPFS = true; + +require_once('../../lib/base.php'); +require_once('Sabre/autoload.php'); +require_once('lib_unhosted.php'); +require_once('oauth_ro_auth.php'); + +ini_set('default_charset', 'UTF-8'); +#ini_set('error_reporting', ''); +@ob_clean(); + +//allow use as unhosted storage for other websites +if(isset($_SERVER['HTTP_ORIGIN'])) { + header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']); + header('Access-Control-Max-Age: 3600'); + header('Access-Control-Allow-Methods: OPTIONS, GET, PUT, DELETE, PROPFIND'); + header('Access-Control-Allow-Headers: Authorization'); +} else { + header('Access-Control-Allow-Origin: *'); +} + +$path = substr($_SERVER["REQUEST_URI"], strlen($_SERVER["SCRIPT_NAME"])); +$pathParts = explode('/', $path); +// for webdav: +// 0/ 1 / 2 / 3 / 4 / 5 / 6 / 7 +// /$ownCloudUser/unhosted/webdav/$userHost/$userName/$dataScope/$key +// for oauth: +// 0/ 1 / 2 / 3 / 4 +// /$ownCloudUser/unhosted/oauth/auth + +if(count($pathParts) >= 8 && $pathParts[0] == '' && $pathParts[2] == 'unhosted' && $pathParts[3] == 'webdav') { + list($dummy0, $ownCloudUser, $dummy2, $dummy3, $userHost, $userName, $dataScope) = $pathParts; + + OC_Util::setupFS($ownCloudUser); + + // Create ownCloud Dir + $publicDir = new OC_Connector_Sabre_Directory(''); + $server = new Sabre_DAV_Server($publicDir); + + // Path to our script + $server->setBaseUri("$WEBROOT/apps/core_unhosted/compat.php/$ownCloudUser"); + + // Auth backend + $authBackend = new OC_Connector_Sabre_Auth_ro_oauth(OC_UnhostedWeb::getValidTokens($ownCloudUser, $userName.'@'.$userHost, $dataScope)); + + $authPlugin = new Sabre_DAV_Auth_Plugin($authBackend,'ownCloud');//should use $validTokens here + $server->addPlugin($authPlugin); + + // Also make sure there is a 'data' directory, writable by the server. This directory is used to store information about locks + $lockBackend = new OC_Connector_Sabre_Locks(); + $lockPlugin = new Sabre_DAV_Locks_Plugin($lockBackend); + $server->addPlugin($lockPlugin); + + // And off we go! + $server->exec(); +} else if(count($pathParts) >= 4 && $pathParts[0] == '' && $pathParts[2] == 'unhosted' && $pathParts[3] == 'oauth2' && $pathParts[4] = 'auth') { + if(isset($_POST['allow'])) { + //TODO: input checking. these explodes may fail to produces the desired arrays: + $ownCloudUser = $pathParts[1]; + foreach($_GET as $k => $v) { + if($k=='user_address'){ + $userAddress=$v; + } else if($k=='redirect_uri'){ + $appUrl=$v; + } else if($k=='scope'){ + $dataScope=$v; + } + } + if(OC_User::getUser() == $ownCloudUser) { + //TODO: check if this can be faked by editing the cookie in firebug! + $token=OC_UnhostedWeb::createDataScope($appUrl, $userAddress, $dataScope); + header('Location: '.$_GET['redirect_uri'].'#access_token='.$token.'&token_type=unhosted'); + } else { + die('not logged in: '.var_export($pathParts, true)); + } + } else { + echo '
'; + } +} else { + die('not webdav and not oauth. dont know what to do '.var_export($pathParts, true)); +} diff --git a/apps/core_unhosted/css/admin.css b/apps/core_unhosted/css/admin.css new file mode 100644 index 0000000000..f21b289f04 --- /dev/null +++ b/apps/core_unhosted/css/admin.css @@ -0,0 +1,2 @@ +td.path{min-width:200px} +td.expire{width:120px} \ No newline at end of file diff --git a/apps/core_unhosted/img/island.png b/apps/core_unhosted/img/island.png new file mode 100644 index 0000000000000000000000000000000000000000..8536e508e34ee62aad11321fdf245645afc2811b GIT binary patch literal 3674 zcmZ`+c{tQx)c<1C(5N95Ma>Kq*#;$sY)zP{$XK%P2E`z2*0I%$EJKJG{jw%|vadyr zeQc2?CPk8c$u{Jj-v8b|-sicW`+1)8oOAEF_qpesd&qb6b@_Nt^8x_ChtWgh*o^!K zFeiKdY)2Si6OX5kjt`rK*#LmQ>oZg~@p$Q({}bx{FLb)@tN#=Fduh3_*`5s~z@v7T zo4u?u2CZdm)*fSyc`8El3tM&`9ld5rZ}CD3L8Y`PAWhB-pa>!;R$M$uX=Y%FB7zSj z-}!ua{#&k`I%`_vTZQO@Xc-lEQK&siB10A61Zld1ke|U2JW{dwZh*&5NM}jDi)Qh~ zAXIU~rS;j*@y>RKbSNa(PWk_o4?lx<_}$zP*l4u*%5{mF z9U=cA?-*1_6JalRZX}9}Bk9W~;ym~lUU?9uc2?XeX?3A9tDmoCtF{xwb zQe0Hasmf_PZ=#CE_#y<{oAv(V1~1ylPLrI`hqROzJqb$X+CTUfB8i?(sWcX}xbj@s zLs~|TtjA5`w0bPY6*2e2A(67uV>0r?G5w6d0L6)D_Xxsoj&M$yCfG)&aig zt<`d$S6cwW!peS)R+wm#=Fj8tWjq`_JUsk{*r|s8@%2-TmV>DxgYU{M{-N)ZPe!&} zXWmNrd+~B@W0|FF>Mquq{)f~V$d_@20&9+swe8HwJhOT~KpX_XJ1nX{Vq@%mm-fz& zd8?yB33Up2DGqoz=_=|Z7yo(eL`$%zN9h;7_vF>V@eDUwO|Asz<<~z)m{1O3^8=SO z?kVCdDkuoS8%4?B@vdk+pay9Cl6q!6wrW*4c#m6ao3W*?_Fx-UP&MBw4F^kx?a$ZJ zt?STwv8jR&>J)sxr#fcN;@gqh3i{j-Qb|%oCF1#r775o)m$hy7choxH^|O9Fl)ePl zBI8~#tzJR+bPSD)Adl?Lgil*p*o<#ZtHI6FKJ;QG0aA_`SX*3tg+cAPTYdyV_epgC zY^*HQ{eBLYTK>F#^a?e)bJshL25=!O0@n|RM*|6t2Xs%S#?Gea=ffn!&l1!7 zjRAz?XhV^)c|J+!($PBKnf19M48qFFg15cS_yMEE(=rVz82u88j*QNWh)`$Ln3@)s z)+Cb7mrt{(T&yiZc4jK>OU>;_fm9g2@&aEMNq{IyYY7Nn{W0vq>UQR1u7ADxtlWdy zFf;IOHU|31BJ`fa-soZ@Rlj!7wF47LtX-b8tP8!E@bn_Szy=jkVd@!}J+Hjkeb3K( z^%2zJz$X}czTDJP&CCk5`g_dZgK1Gbc8V}zf{lmV#k&*;`iRiztZ# zEI-VUmp_#g{-Ig!Y#WEk+Sm5SN3&FdTPEhjF%QDM=XRRuO{{lCU90kl2O^aX4gSkd z4ljoW?#>nZH=ni@A9-(R7#9-P_xH z!1_z`$;8{JRg^CVfXUUf99XSa#tK(e9T}#FZdeAeMjxUf?XGnS#=@r?LjLTg?c6S# zNBTe?;lTJMxo4_Wg5ZrAoFq7Mu891Dc2vW{oSG%X)rRY$W<1~fH8QR^D+{y@mbcWs z-Rtxg8LOO~Ra%^^mVt=Dqsdp}+F)df*zXy0Ma^{e{lB^{hYs&@{5R;XUhA^ezi3%) z%>UA&IJitK&#ca`5GQOAQnygQq#16@K6pza2`ec%)7@>+JQzZt8z~MOX;Yv%R)6>4A-@Uz!k!YaJpCaUr#mmfYkTc4E_blWYmS$bz^s|sYTd`? zq-=6XI_Hl6KJ>CLjXCEZHFK}jrVyVye(710L~N=90z^c{-mA8Nf=G~FZ;^xF8U~|h z`d%E&yiixs*!mFl*vRO(So;an?yXSq%l-;HCnL-S5C~+|;%8>i;`VfhGS|7!2Ug*> zDv;|v$-S_AbTkb7JHEifd?Rz2;u;)LdkfJBo6)+rhZFqE(bri{l>WiKLLIl zm9UX@D}05_{LfOx)l*Bp4HK$cON|M`e4KDJ6l5rPjPEGW_S@ph&9}Y1kf^BZy;j9z z#>vVFeZBUA@rm(-Acx(qo!gE6?$vquZ+OY$PUiSS6gMgfa%b%;J5=EvonHB8K$i?_ zWIQM8S(~1dG7qz%#*Y0x@Q#@oU5Ir4tz_}?SJ2{5Cjg3eBn2a&SS9#&&2?s}Sx$ZX z*9LR%5BM{6-1cnf97&lB0!YwI9Ji5YNQU)$#KVFarP0l+nEh*je z#se`GG-(jNw_ko1m40HSU`6lAIqUzNs=*mJJs1xHjX;{2NrgjR}qI(O)ZGLOR+|sniZ{kr<3fk+^=cnfLpW6f6M5z~GeVgw6@VGpN5i zW36|I+Olk!HZowCi=A;by~1V9=R_k)3TmST5V1L3tCg*R^R(m&!*ZIp5RG5zLwAZV zwn!WUKr!i@I4I9MAc~8N8S-b|bAOtZ{&VB4|K&Y_nF`9Cy_Ldn&XK56uWEQADM$IN za9LfMb@5fy#2xTUlPokp0PY!jbnCt5dS(ZY;?`EGt-AmA=cMcGJOFziawNSB)a<8r z!Z=kR_x{94!mbkhhTsR*mO5*_b$5L*Y0AG*jFf^+S4qfGhD6je2#Q=BBlr0%W3TEr zg-j1bOc*R`5|uF$irSTr^vPW*$sb_uKtqNm$^r%t1(sG9lC3yR<}%^>oR4WJ0qO%6wPa&CDL~xeppm#v!S_H+$rx9 z7k8}v9osR!$o=50xJ15#Mdp69gO|t=q0@b%gJQNj?N@D7*XLYHMvCRmnP6iKjb)#G zSH6(b)YsNoK!2G?ymGcw2fdoB5%%N_bpYjnL%Zo|qM?zIFd@;i*;J~!&yqv&Vr}R_ zOelSCfga|dngFW|U(QCxeODe$O6zUP2#u5HrIShcfJZ>!T61ERQdF3c{_P;8Glh-1 z`E{-3A**Yj4En9Jo(pMg1hYICu|Lq@Byn=KO#G0Wy8#22RZy-LmBE2j%nms)mX%$2 z7s)Llnf~=gDz0q)GrMq45Gdk2JeLT~es82D3$&srVdpLuV2~6u9bI095FH3ld`x z0{XL>zp<$LSJ{7tv>uz%(G^uuIJ#)M+QI`ZBJ#_#ngML@l7CRd=X8+mAKF}%$T0>U zM)e$goWebVB>B}R6tg0Hu_$P&&oZE}@MGgd+nec;>Atj5CJB`3jed)|Sv0LP*7*s=s31WIl-ECT4ce+H1#FBf;hW+x$PKs`LL93AJ1XV zbzr1p?v$_|yQAXTdL@K1%p;D*w?X~`D63Q>m&$KO+scd*X!*zhNGS^orpoJ?WM&z}&LID^9t5)`QY|Z*bi!d5&UL4wSMVPIc=h zLk`3W3E5%(&M&Jmdn3b}a?|PBcY4FV+X29b5=-6sopcUOR84jE^xNE4_=~)2BYv$< z1V?Fp3-0c&vkIIhpDEtY4f8y@_O^(=X-zVWAA1ymdi%=k$zbmsS|{%?8XpF9+X8Jk z=m}XVrS|F$_+rT!r)%HFDtCo$yQ~xJq+~ea-c%6YA{ucckyR8GUt77nE5){ z`#Pf>A2_oKP(aEfW!OVO#aR9_3aNrZDoP=dC?xWcfab;jW8mTGY-h3! zPW{`#i{OHCaPyUMa`y6dl?iy@=IiTB0KkPE(rauL;eRSdo_OB?`v=Z|3&GRFS;mL$ ak2Ar?)zf#GtMy+C2w-mLqsz4IBL4>+(aLcE literal 0 HcmV?d00001 diff --git a/apps/core_unhosted/js/admin.js b/apps/core_unhosted/js/admin.js new file mode 100644 index 0000000000..bf578c0b54 --- /dev/null +++ b/apps/core_unhosted/js/admin.js @@ -0,0 +1,16 @@ +$(document).ready(function() { + $("button.revoke").live('click', function( event ) { + event.preventDefault(); + var token=$(this).attr('data-token'); + var data="token="+token; + $.ajax({ + type: 'GET', + url: 'ajax/deletetoken.php', + cache: false, + data: data, + success: function(){ + $('#'+token).remove(); + } + }); + }); +}); diff --git a/apps/core_unhosted/lib_unhosted.php b/apps/core_unhosted/lib_unhosted.php new file mode 100644 index 0000000000..304759c521 --- /dev/null +++ b/apps/core_unhosted/lib_unhosted.php @@ -0,0 +1,86 @@ +execute(array($user,$userAddress,$dataScope)); + if( PEAR::isError($result)) { + $entry = 'DB Error: "'.$result->getMessage().'"
'; + $entry .= 'Offending command was: '.$result->getDebugInfo().'
'; + error_log( $entry ); + die( $entry ); + } + $ret = array(); + while($row=$result->fetchRow()){ + $ret[$row['token']]=$userAddress; + } + return $ret; + } + + public static function getAllTokens() { + $user=OC_User::getUser(); + $query=OC_DB::prepare("SELECT token,appUrl,userAddress,dataScope FROM *PREFIX*authtoken WHERE user=? LIMIT 100"); + $result=$query->execute(array($user)); + if( PEAR::isError($result)) { + $entry = 'DB Error: "'.$result->getMessage().'"
'; + $entry .= 'Offending command was: '.$result->getDebugInfo().'
'; + error_log( $entry ); + die( $entry ); + } + $ret = array(); + while($row=$result->fetchRow()){ + $ret[$row['token']] = array( + 'appUrl' => $row['appurl'], + 'userAddress' => $row['useraddress'], + 'dataScope' => $row['datascope'], + ); + } + return $ret; + } + + public static function deleteToken($token) { + $user=OC_User::getUser(); + $token=OC_DB::escape($token); + $query=OC_DB::prepare("DELETE FROM *PREFIX*authtoken WHERE token=? AND user=?"); + $result=$query->execute(array($token,$user)); + if( PEAR::isError($result)) { + $entry = 'DB Error: "'.$result->getMessage().'"
'; + $entry .= 'Offending command was: '.$result->getDebugInfo().'
'; + error_log( $entry ); + die( $entry ); + } + } + private static function addToken($token, $appUrl, $userAddress, $dataScope){ + $user=OC_User::getUser(); + $token=OC_DB::escape($token); + $appUrl=OC_DB::escape($appUrl); + $userAddress=OC_DB::escape($userAddress); + $dataScope=OC_DB::escape($dataScope); + $query=OC_DB::prepare("INSERT INTO *PREFIX*authtoken (`token`,`appUrl`,`user`,`userAddress`,`dataScope`) VALUES(?,?,?,?,?)"); + $result=$query->execute(array($token,$appUrl,$user,$userAddress,$dataScope)); + if( PEAR::isError($result)) { + $entry = 'DB Error: "'.$result->getMessage().'"
'; + $entry .= 'Offending command was: '.$result->getDebugInfo().'
'; + error_log( $entry ); + die( $entry ); + } + } + public static function createDataScope($appUrl, $userAddress, $dataScope){ + $token=uniqid(); + self::addToken($token, $appUrl, $userAddress, $dataScope); + //TODO: input checking on $userAddress and $dataScope + list($userName, $userHost) = explode('@', $userAddress); + OC_Util::setupFS(OC_User::getUser()); + $scopePathParts = array('unhosted', 'webdav', $userHost, $userName, $dataScope); + for($i=0;$i<=count($scopePathParts);$i++){ + $thisPath = '/'.implode('/', array_slice($scopePathParts, 0, $i)); + if(!OC_Filesystem::file_exists($thisPath)) { + OC_Filesystem::mkdir($thisPath); + } + } + return $token; + } +} diff --git a/apps/core_unhosted/oauth_ro_auth.php b/apps/core_unhosted/oauth_ro_auth.php new file mode 100644 index 0000000000..b785d85fea --- /dev/null +++ b/apps/core_unhosted/oauth_ro_auth.php @@ -0,0 +1,73 @@ +validTokens = $validTokensArg; + } + + /** + * Validates a username and password + * + * This method should return true or false depending on if login + * succeeded. + * + * @return bool + */ + protected function validateUserPass($username, $password){ + //always give read-only: + if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) { + OC_Util::setUpFS(); + return true; + } else if(isset($this->validTokens[$password]) && $this->validTokens[$password] == $username) { + OC_Util::setUpFS(); + return true; + } else { +var_export($_SERVER); +var_export($this->validTokens); +die('not getting in with "'.$username.'"/"'.$password.'"!'); + return false; + } + } + + //overwriting this to make it not automatically fail if no auth header is found: + public function authenticate(Sabre_DAV_Server $server,$realm) { + $auth = new Sabre_HTTP_BasicAuth(); + $auth->setHTTPRequest($server->httpRequest); + $auth->setHTTPResponse($server->httpResponse); + $auth->setRealm($realm); + $userpass = $auth->getUserPass(); + if (!$userpass) { + if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) { + $userpass = array('', ''); + } else { + $auth->requireLogin(); + throw new Sabre_DAV_Exception_NotAuthenticated('No basic authentication headers were found'); + } + } + + // Authenticates the user + if (!$this->validateUserPass($userpass[0],$userpass[1])) { + $auth->requireLogin(); + throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match'); + } + $this->currentUser = $userpass[0]; + return true; + } + +} + diff --git a/apps/core_unhosted/templates/admin.php b/apps/core_unhosted/templates/admin.php new file mode 100644 index 0000000000..5ad76cc17c --- /dev/null +++ b/apps/core_unhosted/templates/admin.php @@ -0,0 +1,19 @@ + + + + + + + + + + $details):?> + + + + + + + + +
t( 'App-Url' ); ?>t( 'User-Address' ); ?>t( 'Token' ); ?>
diff --git a/apps/core_unhosted/templates/breadcrumb.php b/apps/core_unhosted/templates/breadcrumb.php new file mode 100644 index 0000000000..733531d9e1 --- /dev/null +++ b/apps/core_unhosted/templates/breadcrumb.php @@ -0,0 +1,4 @@ + " alt="Root" /> + + "> + \ No newline at end of file diff --git a/apps/core_unhosted/templates/files.php b/apps/core_unhosted/templates/files.php new file mode 100644 index 0000000000..b4ae17656c --- /dev/null +++ b/apps/core_unhosted/templates/files.php @@ -0,0 +1,9 @@ + + + + )" href="" title=""> + + + + + + \ No newline at end of file From e798c32375dd01ec578ccd6fd9420c72a22e4fc4 Mon Sep 17 00:00:00 2001 From: "Michiel@unhosted" Date: Fri, 2 Sep 2011 15:25:04 +0200 Subject: [PATCH 2/2] renaming core_unhosted app to just unhosted, and cleaning up unused files in it --- apps/core_unhosted/admin.php | 50 ------------------ apps/core_unhosted/ajax/deletetoken.php | 12 ----- apps/core_unhosted/ajax/link.php | 49 ----------------- apps/core_unhosted/css/admin.css | 2 - apps/core_unhosted/img/island.png | Bin 3674 -> 0 bytes apps/core_unhosted/js/admin.js | 16 ------ apps/core_unhosted/templates/admin.php | 19 ------- apps/core_unhosted/templates/breadcrumb.php | 4 -- apps/core_unhosted/templates/files.php | 9 ---- apps/unhosted/appinfo/app.php | 5 ++ .../appinfo/database.xml | 0 .../appinfo/info.xml | 2 +- apps/{core_unhosted => unhosted}/compat.php | 0 .../lib_unhosted.php | 0 .../oauth_ro_auth.php | 0 15 files changed, 6 insertions(+), 162 deletions(-) delete mode 100644 apps/core_unhosted/admin.php delete mode 100644 apps/core_unhosted/ajax/deletetoken.php delete mode 100644 apps/core_unhosted/ajax/link.php delete mode 100644 apps/core_unhosted/css/admin.css delete mode 100644 apps/core_unhosted/img/island.png delete mode 100644 apps/core_unhosted/js/admin.js delete mode 100644 apps/core_unhosted/templates/admin.php delete mode 100644 apps/core_unhosted/templates/breadcrumb.php delete mode 100644 apps/core_unhosted/templates/files.php create mode 100644 apps/unhosted/appinfo/app.php rename apps/{core_unhosted => unhosted}/appinfo/database.xml (100%) rename apps/{core_unhosted => unhosted}/appinfo/info.xml (92%) rename apps/{core_unhosted => unhosted}/compat.php (100%) rename apps/{core_unhosted => unhosted}/lib_unhosted.php (100%) rename apps/{core_unhosted => unhosted}/oauth_ro_auth.php (100%) diff --git a/apps/core_unhosted/admin.php b/apps/core_unhosted/admin.php deleted file mode 100644 index 8a4f9f9a2e..0000000000 --- a/apps/core_unhosted/admin.php +++ /dev/null @@ -1,50 +0,0 @@ -. -* -*/ - - -// Init owncloud -require_once('../../lib/base.php'); -require_once( 'lib_unhosted.php' ); -require( 'template.php' ); - -// Check if we are a user -if( !OC_USER::isLoggedIn()){ -//var_export($_COOKIE); -//var_export($_SESSION); -//die('get a cookie!'); - header( "Location: ".OC_HELPER::linkTo( "index.php" )); - exit(); -} - -OC_APP::setActiveNavigationEntry( "unhosted_web_administration" ); - -OC_UTIL::addStyle( 'unhosted_web', 'admin' ); -OC_UTIL::addScript( 'unhosted_web', 'admin' ); - -// return template -$tmpl = new OC_TEMPLATE( "unhosted_web", "admin", "admin" ); -$tmpl->assign( 'tokens', OC_UnhostedWeb::getAllTokens()); -$tmpl->printPage(); - -?> diff --git a/apps/core_unhosted/ajax/deletetoken.php b/apps/core_unhosted/ajax/deletetoken.php deleted file mode 100644 index 3e3668188b..0000000000 --- a/apps/core_unhosted/ajax/deletetoken.php +++ /dev/null @@ -1,12 +0,0 @@ - diff --git a/apps/core_unhosted/ajax/link.php b/apps/core_unhosted/ajax/link.php deleted file mode 100644 index 9f479cbd51..0000000000 --- a/apps/core_unhosted/ajax/link.php +++ /dev/null @@ -1,49 +0,0 @@ - 'https://myfavouritesandwich.org:444/', - 'usr' => $_POST['userAddress'],//this is not necessarily the case, you could also use one owncloud user and many user addresses on it - 'pwd' => OC_User::generatePassword(), - ); - $storage = array( - 'dataScope' => $_POST['dataScope'], - 'storageType' => 'http://unhosted.org/spec/dav/0.1', - 'davUrl' => 'https://myfavouritesandwich.org:444/apps/unhosted_web/compat.php/'.$ownCloudDetails['usr'].'/unhosted/', - 'userAddress' => $_POST['userAddress'],//here, it refers to the user sent to DAV in the basic auth - ); - if(OC_User::userExists($ownCloudDetails['usr'])){ - $message = 'account reopened'; - $result = OC_User::setPassword($ownCloudDetails['usr'], $ownCloudDetails['pwd']); - } else { - $message = 'account created'; - $result = OC_User::createUser($ownCloudDetails['usr'], $ownCloudDetails['pwd']); - } - if($result) { - $storage['davToken'] = OC_UnhostedWeb::createDataScope( - 'https://myfavouritesandwich.org/', - $ownCloudDetails['usr'], $storage['dataScope']); - echo json_encode(array('ownCloudDetails' => $ownCloudDetails, 'storage' => $storage)); - exit(); - } else { - echo json_encode( array( "status" => "error", "data" => "couldn't ", "ownCloudDetails" => $ownCloudDetails)); - exit(); - } - } else { - echo json_encode( array( "status" => "error", "data" => "post not ok")); - } -} catch(Exception $e) { - echo json_encode( array( "status" => "error", "data" => $e)); -} -echo json_encode( array( "status" => "error", "data" => array( "message" => "Computer says 'no'" ))); -?> diff --git a/apps/core_unhosted/css/admin.css b/apps/core_unhosted/css/admin.css deleted file mode 100644 index f21b289f04..0000000000 --- a/apps/core_unhosted/css/admin.css +++ /dev/null @@ -1,2 +0,0 @@ -td.path{min-width:200px} -td.expire{width:120px} \ No newline at end of file diff --git a/apps/core_unhosted/img/island.png b/apps/core_unhosted/img/island.png deleted file mode 100644 index 8536e508e34ee62aad11321fdf245645afc2811b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3674 zcmZ`+c{tQx)c<1C(5N95Ma>Kq*#;$sY)zP{$XK%P2E`z2*0I%$EJKJG{jw%|vadyr zeQc2?CPk8c$u{Jj-v8b|-sicW`+1)8oOAEF_qpesd&qb6b@_Nt^8x_ChtWgh*o^!K zFeiKdY)2Si6OX5kjt`rK*#LmQ>oZg~@p$Q({}bx{FLb)@tN#=Fduh3_*`5s~z@v7T zo4u?u2CZdm)*fSyc`8El3tM&`9ld5rZ}CD3L8Y`PAWhB-pa>!;R$M$uX=Y%FB7zSj z-}!ua{#&k`I%`_vTZQO@Xc-lEQK&siB10A61Zld1ke|U2JW{dwZh*&5NM}jDi)Qh~ zAXIU~rS;j*@y>RKbSNa(PWk_o4?lx<_}$zP*l4u*%5{mF z9U=cA?-*1_6JalRZX}9}Bk9W~;ym~lUU?9uc2?XeX?3A9tDmoCtF{xwb zQe0Hasmf_PZ=#CE_#y<{oAv(V1~1ylPLrI`hqROzJqb$X+CTUfB8i?(sWcX}xbj@s zLs~|TtjA5`w0bPY6*2e2A(67uV>0r?G5w6d0L6)D_Xxsoj&M$yCfG)&aig zt<`d$S6cwW!peS)R+wm#=Fj8tWjq`_JUsk{*r|s8@%2-TmV>DxgYU{M{-N)ZPe!&} zXWmNrd+~B@W0|FF>Mquq{)f~V$d_@20&9+swe8HwJhOT~KpX_XJ1nX{Vq@%mm-fz& zd8?yB33Up2DGqoz=_=|Z7yo(eL`$%zN9h;7_vF>V@eDUwO|Asz<<~z)m{1O3^8=SO z?kVCdDkuoS8%4?B@vdk+pay9Cl6q!6wrW*4c#m6ao3W*?_Fx-UP&MBw4F^kx?a$ZJ zt?STwv8jR&>J)sxr#fcN;@gqh3i{j-Qb|%oCF1#r775o)m$hy7choxH^|O9Fl)ePl zBI8~#tzJR+bPSD)Adl?Lgil*p*o<#ZtHI6FKJ;QG0aA_`SX*3tg+cAPTYdyV_epgC zY^*HQ{eBLYTK>F#^a?e)bJshL25=!O0@n|RM*|6t2Xs%S#?Gea=ffn!&l1!7 zjRAz?XhV^)c|J+!($PBKnf19M48qFFg15cS_yMEE(=rVz82u88j*QNWh)`$Ln3@)s z)+Cb7mrt{(T&yiZc4jK>OU>;_fm9g2@&aEMNq{IyYY7Nn{W0vq>UQR1u7ADxtlWdy zFf;IOHU|31BJ`fa-soZ@Rlj!7wF47LtX-b8tP8!E@bn_Szy=jkVd@!}J+Hjkeb3K( z^%2zJz$X}czTDJP&CCk5`g_dZgK1Gbc8V}zf{lmV#k&*;`iRiztZ# zEI-VUmp_#g{-Ig!Y#WEk+Sm5SN3&FdTPEhjF%QDM=XRRuO{{lCU90kl2O^aX4gSkd z4ljoW?#>nZH=ni@A9-(R7#9-P_xH z!1_z`$;8{JRg^CVfXUUf99XSa#tK(e9T}#FZdeAeMjxUf?XGnS#=@r?LjLTg?c6S# zNBTe?;lTJMxo4_Wg5ZrAoFq7Mu891Dc2vW{oSG%X)rRY$W<1~fH8QR^D+{y@mbcWs z-Rtxg8LOO~Ra%^^mVt=Dqsdp}+F)df*zXy0Ma^{e{lB^{hYs&@{5R;XUhA^ezi3%) z%>UA&IJitK&#ca`5GQOAQnygQq#16@K6pza2`ec%)7@>+JQzZt8z~MOX;Yv%R)6>4A-@Uz!k!YaJpCaUr#mmfYkTc4E_blWYmS$bz^s|sYTd`? zq-=6XI_Hl6KJ>CLjXCEZHFK}jrVyVye(710L~N=90z^c{-mA8Nf=G~FZ;^xF8U~|h z`d%E&yiixs*!mFl*vRO(So;an?yXSq%l-;HCnL-S5C~+|;%8>i;`VfhGS|7!2Ug*> zDv;|v$-S_AbTkb7JHEifd?Rz2;u;)LdkfJBo6)+rhZFqE(bri{l>WiKLLIl zm9UX@D}05_{LfOx)l*Bp4HK$cON|M`e4KDJ6l5rPjPEGW_S@ph&9}Y1kf^BZy;j9z z#>vVFeZBUA@rm(-Acx(qo!gE6?$vquZ+OY$PUiSS6gMgfa%b%;J5=EvonHB8K$i?_ zWIQM8S(~1dG7qz%#*Y0x@Q#@oU5Ir4tz_}?SJ2{5Cjg3eBn2a&SS9#&&2?s}Sx$ZX z*9LR%5BM{6-1cnf97&lB0!YwI9Ji5YNQU)$#KVFarP0l+nEh*je z#se`GG-(jNw_ko1m40HSU`6lAIqUzNs=*mJJs1xHjX;{2NrgjR}qI(O)ZGLOR+|sniZ{kr<3fk+^=cnfLpW6f6M5z~GeVgw6@VGpN5i zW36|I+Olk!HZowCi=A;by~1V9=R_k)3TmST5V1L3tCg*R^R(m&!*ZIp5RG5zLwAZV zwn!WUKr!i@I4I9MAc~8N8S-b|bAOtZ{&VB4|K&Y_nF`9Cy_Ldn&XK56uWEQADM$IN za9LfMb@5fy#2xTUlPokp0PY!jbnCt5dS(ZY;?`EGt-AmA=cMcGJOFziawNSB)a<8r z!Z=kR_x{94!mbkhhTsR*mO5*_b$5L*Y0AG*jFf^+S4qfGhD6je2#Q=BBlr0%W3TEr zg-j1bOc*R`5|uF$irSTr^vPW*$sb_uKtqNm$^r%t1(sG9lC3yR<}%^>oR4WJ0qO%6wPa&CDL~xeppm#v!S_H+$rx9 z7k8}v9osR!$o=50xJ15#Mdp69gO|t=q0@b%gJQNj?N@D7*XLYHMvCRmnP6iKjb)#G zSH6(b)YsNoK!2G?ymGcw2fdoB5%%N_bpYjnL%Zo|qM?zIFd@;i*;J~!&yqv&Vr}R_ zOelSCfga|dngFW|U(QCxeODe$O6zUP2#u5HrIShcfJZ>!T61ERQdF3c{_P;8Glh-1 z`E{-3A**Yj4En9Jo(pMg1hYICu|Lq@Byn=KO#G0Wy8#22RZy-LmBE2j%nms)mX%$2 z7s)Llnf~=gDz0q)GrMq45Gdk2JeLT~es82D3$&srVdpLuV2~6u9bI095FH3ld`x z0{XL>zp<$LSJ{7tv>uz%(G^uuIJ#)M+QI`ZBJ#_#ngML@l7CRd=X8+mAKF}%$T0>U zM)e$goWebVB>B}R6tg0Hu_$P&&oZE}@MGgd+nec;>Atj5CJB`3jed)|Sv0LP*7*s=s31WIl-ECT4ce+H1#FBf;hW+x$PKs`LL93AJ1XV zbzr1p?v$_|yQAXTdL@K1%p;D*w?X~`D63Q>m&$KO+scd*X!*zhNGS^orpoJ?WM&z}&LID^9t5)`QY|Z*bi!d5&UL4wSMVPIc=h zLk`3W3E5%(&M&Jmdn3b}a?|PBcY4FV+X29b5=-6sopcUOR84jE^xNE4_=~)2BYv$< z1V?Fp3-0c&vkIIhpDEtY4f8y@_O^(=X-zVWAA1ymdi%=k$zbmsS|{%?8XpF9+X8Jk z=m}XVrS|F$_+rT!r)%HFDtCo$yQ~xJq+~ea-c%6YA{ucckyR8GUt77nE5){ z`#Pf>A2_oKP(aEfW!OVO#aR9_3aNrZDoP=dC?xWcfab;jW8mTGY-h3! zPW{`#i{OHCaPyUMa`y6dl?iy@=IiTB0KkPE(rauL;eRSdo_OB?`v=Z|3&GRFS;mL$ ak2Ar?)zf#GtMy+C2w-mLqsz4IBL4>+(aLcE diff --git a/apps/core_unhosted/js/admin.js b/apps/core_unhosted/js/admin.js deleted file mode 100644 index bf578c0b54..0000000000 --- a/apps/core_unhosted/js/admin.js +++ /dev/null @@ -1,16 +0,0 @@ -$(document).ready(function() { - $("button.revoke").live('click', function( event ) { - event.preventDefault(); - var token=$(this).attr('data-token'); - var data="token="+token; - $.ajax({ - type: 'GET', - url: 'ajax/deletetoken.php', - cache: false, - data: data, - success: function(){ - $('#'+token).remove(); - } - }); - }); -}); diff --git a/apps/core_unhosted/templates/admin.php b/apps/core_unhosted/templates/admin.php deleted file mode 100644 index 5ad76cc17c..0000000000 --- a/apps/core_unhosted/templates/admin.php +++ /dev/null @@ -1,19 +0,0 @@ - - - - - - - - - - $details):?> - - - - - - - - -
t( 'App-Url' ); ?>t( 'User-Address' ); ?>t( 'Token' ); ?>
diff --git a/apps/core_unhosted/templates/breadcrumb.php b/apps/core_unhosted/templates/breadcrumb.php deleted file mode 100644 index 733531d9e1..0000000000 --- a/apps/core_unhosted/templates/breadcrumb.php +++ /dev/null @@ -1,4 +0,0 @@ - " alt="Root" /> - - "> - \ No newline at end of file diff --git a/apps/core_unhosted/templates/files.php b/apps/core_unhosted/templates/files.php deleted file mode 100644 index b4ae17656c..0000000000 --- a/apps/core_unhosted/templates/files.php +++ /dev/null @@ -1,9 +0,0 @@ - - - - )" href="" title=""> - - - + - - \ No newline at end of file diff --git a/apps/unhosted/appinfo/app.php b/apps/unhosted/appinfo/app.php new file mode 100644 index 0000000000..84e0730453 --- /dev/null +++ b/apps/unhosted/appinfo/app.php @@ -0,0 +1,5 @@ + 10, + 'id' => 'unhosted', + 'name' => 'Unhosted Web' )); diff --git a/apps/core_unhosted/appinfo/database.xml b/apps/unhosted/appinfo/database.xml similarity index 100% rename from apps/core_unhosted/appinfo/database.xml rename to apps/unhosted/appinfo/database.xml diff --git a/apps/core_unhosted/appinfo/info.xml b/apps/unhosted/appinfo/info.xml similarity index 92% rename from apps/core_unhosted/appinfo/info.xml rename to apps/unhosted/appinfo/info.xml index dccbd3b824..359620f457 100644 --- a/apps/core_unhosted/appinfo/info.xml +++ b/apps/unhosted/appinfo/info.xml @@ -1,6 +1,6 @@ - core_unhosted + unhosted Unhosted Web On websites that allow unhosted accounts, use your owncloud as the storage for your user data 0.1 diff --git a/apps/core_unhosted/compat.php b/apps/unhosted/compat.php similarity index 100% rename from apps/core_unhosted/compat.php rename to apps/unhosted/compat.php diff --git a/apps/core_unhosted/lib_unhosted.php b/apps/unhosted/lib_unhosted.php similarity index 100% rename from apps/core_unhosted/lib_unhosted.php rename to apps/unhosted/lib_unhosted.php diff --git a/apps/core_unhosted/oauth_ro_auth.php b/apps/unhosted/oauth_ro_auth.php similarity index 100% rename from apps/core_unhosted/oauth_ro_auth.php rename to apps/unhosted/oauth_ro_auth.php