Merge pull request #10285 from nextcloud/anonymous-options-13
[13] Add sabre plugin to allow anonymous options requests to the dav root
This commit is contained in:
commit
389b981aa5
|
@ -74,6 +74,7 @@ return array(
|
|||
'OCA\\DAV\\Comments\\RootCollection' => $baseDir . '/../lib/Comments/RootCollection.php',
|
||||
'OCA\\DAV\\Connector\\LegacyDAVACL' => $baseDir . '/../lib/Connector/LegacyDAVACL.php',
|
||||
'OCA\\DAV\\Connector\\PublicAuth' => $baseDir . '/../lib/Connector/PublicAuth.php',
|
||||
'OCA\\DAV\\Connector\\Sabre\\AnonymousOptionsPlugin' => $baseDir . '/../lib/Connector/Sabre/AnonymousOptionsPlugin.php',
|
||||
'OCA\\DAV\\Connector\\Sabre\\AppEnabledPlugin' => $baseDir . '/../lib/Connector/Sabre/AppEnabledPlugin.php',
|
||||
'OCA\\DAV\\Connector\\Sabre\\Auth' => $baseDir . '/../lib/Connector/Sabre/Auth.php',
|
||||
'OCA\\DAV\\Connector\\Sabre\\BearerAuth' => $baseDir . '/../lib/Connector/Sabre/BearerAuth.php',
|
||||
|
@ -122,6 +123,7 @@ return array(
|
|||
'OCA\\DAV\\Files\\BrowserErrorPagePlugin' => $baseDir . '/../lib/Files/BrowserErrorPagePlugin.php',
|
||||
'OCA\\DAV\\Files\\FileSearchBackend' => $baseDir . '/../lib/Files/FileSearchBackend.php',
|
||||
'OCA\\DAV\\Files\\FilesHome' => $baseDir . '/../lib/Files/FilesHome.php',
|
||||
'OCA\\DAV\\Files\\LazySearchBackend' => $baseDir . '/../lib/Files/LazySearchBackend.php',
|
||||
'OCA\\DAV\\Files\\RootCollection' => $baseDir . '/../lib/Files/RootCollection.php',
|
||||
'OCA\\DAV\\Files\\Sharing\\FilesDropPlugin' => $baseDir . '/../lib/Files/Sharing/FilesDropPlugin.php',
|
||||
'OCA\\DAV\\Files\\Sharing\\PublicLinkCheckPlugin' => $baseDir . '/../lib/Files/Sharing/PublicLinkCheckPlugin.php',
|
||||
|
|
|
@ -89,6 +89,7 @@ class ComposerStaticInitDAV
|
|||
'OCA\\DAV\\Comments\\RootCollection' => __DIR__ . '/..' . '/../lib/Comments/RootCollection.php',
|
||||
'OCA\\DAV\\Connector\\LegacyDAVACL' => __DIR__ . '/..' . '/../lib/Connector/LegacyDAVACL.php',
|
||||
'OCA\\DAV\\Connector\\PublicAuth' => __DIR__ . '/..' . '/../lib/Connector/PublicAuth.php',
|
||||
'OCA\\DAV\\Connector\\Sabre\\AnonymousOptionsPlugin' => __DIR__ . '/..' . '/../lib/Connector/Sabre/AnonymousOptionsPlugin.php',
|
||||
'OCA\\DAV\\Connector\\Sabre\\AppEnabledPlugin' => __DIR__ . '/..' . '/../lib/Connector/Sabre/AppEnabledPlugin.php',
|
||||
'OCA\\DAV\\Connector\\Sabre\\Auth' => __DIR__ . '/..' . '/../lib/Connector/Sabre/Auth.php',
|
||||
'OCA\\DAV\\Connector\\Sabre\\BearerAuth' => __DIR__ . '/..' . '/../lib/Connector/Sabre/BearerAuth.php',
|
||||
|
@ -137,6 +138,7 @@ class ComposerStaticInitDAV
|
|||
'OCA\\DAV\\Files\\BrowserErrorPagePlugin' => __DIR__ . '/..' . '/../lib/Files/BrowserErrorPagePlugin.php',
|
||||
'OCA\\DAV\\Files\\FileSearchBackend' => __DIR__ . '/..' . '/../lib/Files/FileSearchBackend.php',
|
||||
'OCA\\DAV\\Files\\FilesHome' => __DIR__ . '/..' . '/../lib/Files/FilesHome.php',
|
||||
'OCA\\DAV\\Files\\LazySearchBackend' => __DIR__ . '/..' . '/../lib/Files/LazySearchBackend.php',
|
||||
'OCA\\DAV\\Files\\RootCollection' => __DIR__ . '/..' . '/../lib/Files/RootCollection.php',
|
||||
'OCA\\DAV\\Files\\Sharing\\FilesDropPlugin' => __DIR__ . '/..' . '/../lib/Files/Sharing/FilesDropPlugin.php',
|
||||
'OCA\\DAV\\Files\\Sharing\\PublicLinkCheckPlugin' => __DIR__ . '/..' . '/../lib/Files/Sharing/PublicLinkCheckPlugin.php',
|
||||
|
|
|
@ -0,0 +1,66 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (c) 2018 Robin Appelman <robin@icewind.nl>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\DAV\Connector\Sabre;
|
||||
|
||||
use Sabre\DAV\CorePlugin;
|
||||
use Sabre\DAV\FS\Directory;
|
||||
use Sabre\DAV\ServerPlugin;
|
||||
use Sabre\DAV\Tree;
|
||||
use Sabre\HTTP\RequestInterface;
|
||||
use Sabre\HTTP\ResponseInterface;
|
||||
|
||||
class AnonymousOptionsPlugin extends ServerPlugin {
|
||||
|
||||
/**
|
||||
* @var \Sabre\DAV\Server
|
||||
*/
|
||||
private $server;
|
||||
|
||||
/**
|
||||
* @param \Sabre\DAV\Server $server
|
||||
* @return void
|
||||
*/
|
||||
public function initialize(\Sabre\DAV\Server $server) {
|
||||
$this->server = $server;
|
||||
// before auth
|
||||
$this->server->on('beforeMethod', [$this, 'handleAnonymousOptions'], 9);
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws \Sabre\DAV\Exception\Forbidden
|
||||
* @return bool
|
||||
*/
|
||||
public function handleAnonymousOptions(RequestInterface $request, ResponseInterface $response) {
|
||||
if ($request->getMethod() === 'OPTIONS' && $request->getPath() === '') {
|
||||
/** @var CorePlugin $corePlugin */
|
||||
$corePlugin = $this->server->getPlugin('core');
|
||||
// setup a fake tree for anonymous access
|
||||
$this->server->tree = new Tree(new Directory(''));
|
||||
$corePlugin->httpOptions($request, $response);
|
||||
$this->server->emit('afterMethod', [$request, $response]);
|
||||
$this->server->emit('afterMethod:OPTIONS', [$request, $response]);
|
||||
|
||||
$this->server->sapi->sendResponse($response);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
|
@ -111,6 +111,7 @@ class ServerFactory {
|
|||
// Load plugins
|
||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin($this->config));
|
||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\BlockLegacyClientPlugin($this->config));
|
||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\AnonymousOptionsPlugin());
|
||||
$server->addPlugin($authPlugin);
|
||||
// FIXME: The following line is a workaround for legacy components relying on being able to send a GET to /
|
||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\DummyGetResponsePlugin());
|
||||
|
|
|
@ -0,0 +1,72 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (c) 2018 Robin Appelman <robin@icewind.nl>
|
||||
*
|
||||
* @author Robin Appelman <robin@icewind.nl>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\DAV\Files;
|
||||
|
||||
use SearchDAV\Backend\ISearchBackend;
|
||||
use SearchDAV\XML\BasicSearch;
|
||||
|
||||
class LazySearchBackend implements ISearchBackend {
|
||||
/**
|
||||
* @var ISearchBackend $backend
|
||||
*/
|
||||
private $backend = null;
|
||||
|
||||
public function setBackend(ISearchBackend $backend) {
|
||||
$this->backend = $backend;
|
||||
}
|
||||
|
||||
public function getArbiterPath() {
|
||||
if ($this->backend) {
|
||||
return $this->backend->getArbiterPath();
|
||||
} else {
|
||||
return '';
|
||||
}
|
||||
}
|
||||
|
||||
public function isValidScope($href, $depth, $path) {
|
||||
if ($this->backend) {
|
||||
return $this->backend->getArbiterPath();
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public function getPropertyDefinitionsForScope($href, $path) {
|
||||
if ($this->backend) {
|
||||
return $this->backend->getPropertyDefinitionsForScope($href, $path);
|
||||
} else {
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
public function search(BasicSearch $query) {
|
||||
if ($this->backend) {
|
||||
return $this->backend->search($query);
|
||||
} else {
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -54,6 +54,8 @@ use OCA\DAV\DAV\PublicAuth;
|
|||
use OCA\DAV\DAV\CustomPropertiesBackend;
|
||||
use OCA\DAV\Connector\Sabre\QuotaPlugin;
|
||||
use OCA\DAV\Files\BrowserErrorPagePlugin;
|
||||
use OCA\DAV\Connector\Sabre\AnonymousOptionsPlugin;
|
||||
use OCA\DAV\Files\LazySearchBackend;
|
||||
use OCA\DAV\SystemTag\SystemTagPlugin;
|
||||
use OCA\DAV\Upload\ChunkingPlugin;
|
||||
use OCP\IRequest;
|
||||
|
@ -101,6 +103,7 @@ class Server {
|
|||
$this->server->setBaseUri($this->baseUri);
|
||||
|
||||
$this->server->addPlugin(new BlockLegacyClientPlugin(\OC::$server->getConfig()));
|
||||
$this->server->addPlugin(new AnonymousOptionsPlugin());
|
||||
$authPlugin = new Plugin();
|
||||
$authPlugin->addBackend(new PublicAuth());
|
||||
$this->server->addPlugin($authPlugin);
|
||||
|
@ -195,8 +198,11 @@ class Server {
|
|||
$this->server->addPlugin(new BrowserErrorPagePlugin());
|
||||
}
|
||||
|
||||
$lazySearchBackend = new LazySearchBackend();
|
||||
$this->server->addPlugin(new SearchPlugin($lazySearchBackend));
|
||||
|
||||
// wait with registering these until auth is handled and the filesystem is setup
|
||||
$this->server->on('beforeMethod', function () use ($root) {
|
||||
$this->server->on('beforeMethod', function () use ($root, $lazySearchBackend) {
|
||||
// custom properties plugin must be the last one
|
||||
$userSession = \OC::$server->getUserSession();
|
||||
$user = $userSession->getUser();
|
||||
|
@ -255,13 +261,13 @@ class Server {
|
|||
\OC::$server->getGroupManager(),
|
||||
$userFolder
|
||||
));
|
||||
$this->server->addPlugin(new SearchPlugin(new \OCA\DAV\Files\FileSearchBackend(
|
||||
$lazySearchBackend->setBackend(new \OCA\DAV\Files\FileSearchBackend(
|
||||
$this->server->tree,
|
||||
$user,
|
||||
\OC::$server->getRootFolder(),
|
||||
\OC::$server->getShareManager(),
|
||||
$view
|
||||
)));
|
||||
));
|
||||
}
|
||||
$this->server->addPlugin(new \OCA\DAV\CalDAV\BirthdayCalendar\EnablePlugin(
|
||||
\OC::$server->getConfig(),
|
||||
|
|
|
@ -0,0 +1,71 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (c) 2018 Robin Appelman <robin@icewind.nl>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\DAV\tests\unit\DAV;
|
||||
|
||||
use OCA\DAV\Connector\Sabre\AnonymousOptionsPlugin;
|
||||
use Sabre\DAV\Auth\Backend\BasicCallBack;
|
||||
use Sabre\DAV\Auth\Plugin;
|
||||
use Sabre\DAV\Server;
|
||||
use Sabre\HTTP\ResponseInterface;
|
||||
use Sabre\HTTP\Sapi;
|
||||
use Test\TestCase;
|
||||
|
||||
class AnonymousOptionsTest extends TestCase {
|
||||
private function sendRequest($method, $path) {
|
||||
$server = new Server();
|
||||
$server->addPlugin(new AnonymousOptionsPlugin());
|
||||
$server->addPlugin(new Plugin(new BasicCallBack(function() {
|
||||
return false;
|
||||
})));
|
||||
|
||||
$server->httpRequest->setMethod($method);
|
||||
$server->httpRequest->setUrl($path);
|
||||
|
||||
$server->sapi = new SapiMock();
|
||||
$server->exec();
|
||||
return $server->httpResponse;
|
||||
}
|
||||
|
||||
public function testAnonymousOptionsRoot() {
|
||||
$response = $this->sendRequest('OPTIONS', '');
|
||||
|
||||
$this->assertEquals(200, $response->getStatus());
|
||||
}
|
||||
|
||||
public function testAnonymousOptionsNonRoot() {
|
||||
$response = $this->sendRequest('OPTIONS', 'foo');
|
||||
|
||||
$this->assertEquals(401, $response->getStatus());
|
||||
}
|
||||
}
|
||||
|
||||
class SapiMock extends Sapi {
|
||||
/**
|
||||
* Overriding this so nothing is ever echo'd.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
static function sendResponse(ResponseInterface $response) {
|
||||
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue