* * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE * License as published by the Free Software Foundation; either * version 3 of the License, or any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Affero General Public * License along with this library. If not, see . */ set_include_path( get_include_path() . PATH_SEPARATOR . \OC_App::getAppPath('files_external') . '/3rdparty/phpseclib/phpseclib' ); include('Crypt/AES.php'); /** * Class to configure the config/mount.php and data/$user/mount.php files */ // TODO: make this class non-static class OC_Mount_Config { const MOUNT_TYPE_GLOBAL = 'global'; const MOUNT_TYPE_GROUP = 'group'; const MOUNT_TYPE_USER = 'user'; // whether to skip backend test (for unit tests, as this static class is not mockable) public static $skipTest = false; // password encryption cipher private static $cipher; /** * Get details on each of the external storage backends, used for the mount config UI * If a custom UI is needed, add the key 'custom' and a javascript file with that name will be loaded * If the configuration parameter should be secret, add a '*' to the beginning of the value * If the configuration parameter is a boolean, add a '!' to the beginning of the value * If the configuration parameter is optional, add a '&' to the beginning of the value * If the configuration parameter is hidden, add a '#' to the beginning of the value * @return string */ public static function getBackends() { $backends['\OC\Files\Storage\Local']=array( 'backend' => 'Local', 'configuration' => array( 'datadir' => 'Location')); $backends['\OC\Files\Storage\AmazonS3']=array( 'backend' => 'Amazon S3 and compliant', 'configuration' => array( 'key' => 'Access Key', 'secret' => '*Secret Key', 'bucket' => 'Bucket', 'hostname' => '&Hostname (optional)', 'port' => '&Port (optional)', 'region' => '&Region (optional)', 'use_ssl' => '!Enable SSL', 'use_path_style' => '!Enable Path Style')); $backends['\OC\Files\Storage\Dropbox']=array( 'backend' => 'Dropbox', 'configuration' => array( 'configured' => '#configured', 'app_key' => 'App key', 'app_secret' => '*App secret', 'token' => '#token', 'token_secret' => '#token_secret'), 'custom' => 'dropbox'); if(OC_Mount_Config::checkphpftp()) $backends['\OC\Files\Storage\FTP']=array( 'backend' => 'FTP', 'configuration' => array( 'host' => 'Hostname', 'user' => 'Username', 'password' => '*Password', 'root' => '&Root', 'secure' => '!Secure ftps://')); if(OC_Mount_Config::checkcurl()) $backends['\OC\Files\Storage\Google']=array( 'backend' => 'Google Drive', 'configuration' => array( 'configured' => '#configured', 'client_id' => 'Client ID', 'client_secret' => '*Client secret', 'token' => '#token'), 'custom' => 'google'); if(OC_Mount_Config::checkcurl()) { $backends['\OC\Files\Storage\Swift'] = array( 'backend' => 'OpenStack Object Storage', 'configuration' => array( 'user' => 'Username (required)', 'bucket' => 'Bucket (required)', 'region' => '&Region (optional for OpenStack Object Storage)', 'key' => '*API Key (required for Rackspace Cloud Files)', 'tenant' => '&Tenantname (required for OpenStack Object Storage)', 'password' => '*Password (required for OpenStack Object Storage)', 'service_name' => '&Service Name (required for OpenStack Object Storage)', 'url' => '&URL of identity endpoint (required for OpenStack Object Storage)', 'timeout' => '&Timeout of HTTP requests in seconds (optional)', ) ); } if (!OC_Util::runningOnWindows()) { if (OC_Mount_Config::checksmbclient()) { $backends['\OC\Files\Storage\SMB'] = array( 'backend' => 'SMB / CIFS', 'configuration' => array( 'host' => 'URL', 'user' => 'Username', 'password' => '*Password', 'share' => 'Share', 'root' => '&Root')); } } if(OC_Mount_Config::checkcurl()){ $backends['\OC\Files\Storage\DAV']=array( 'backend' => 'WebDAV', 'configuration' => array( 'host' => 'URL', 'user' => 'Username', 'password' => '*Password', 'root' => '&Root', 'secure' => '!Secure https://')); $backends['\OC\Files\Storage\OwnCloud']=array( 'backend' => 'ownCloud', 'configuration' => array( 'host' => 'URL', 'user' => 'Username', 'password' => '*Password', 'root' => '&Remote subfolder', 'secure' => '!Secure https://')); } $backends['\OC\Files\Storage\SFTP']=array( 'backend' => 'SFTP', 'configuration' => array( 'host' => 'URL', 'user' => 'Username', 'password' => '*Password', 'root' => '&Root')); $backends['\OC\Files\Storage\iRODS']=array( 'backend' => 'iRODS', 'configuration' => array( 'host' => 'Host', 'port' => 'Port', 'use_logon_credentials' => '!Use ownCloud login', 'user' => 'Username', 'password' => '*Password', 'auth_mode' => 'Authentication Mode', 'zone' => 'Zone')); return($backends); } /** * Get details on each of the external storage backends, used for the mount config UI * Some backends are not available as a personal backend, f.e. Local and such that have * been disabled by the admin. * * If a custom UI is needed, add the key 'custom' and a javascript file with that name will be loaded * If the configuration parameter should be secret, add a '*' to the beginning of the value * If the configuration parameter is a boolean, add a '!' to the beginning of the value * If the configuration parameter is optional, add a '&' to the beginning of the value * If the configuration parameter is hidden, add a '#' to the beginning of the value * @return array */ public static function getPersonalBackends() { $backends = self::getBackends(); // Remove local storage and other disabled storages unset($backends['\OC\Files\Storage\Local']); $allowed_backends = explode(',', OCP\Config::getAppValue('files_external', 'user_mounting_backends', '')); foreach ($backends as $backend => $null) { if (!in_array($backend, $allowed_backends)) { unset($backends[$backend]); } } return $backends; } /** * Get the system mount points * The returned array is not in the same format as getUserMountPoints() * @return array */ public static function getSystemMountPoints() { $mountPoints = self::readData(false); $backends = self::getBackends(); $system = array(); if (isset($mountPoints[self::MOUNT_TYPE_GROUP])) { foreach ($mountPoints[self::MOUNT_TYPE_GROUP] as $group => $mounts) { foreach ($mounts as $mountPoint => $mount) { // Update old classes to new namespace if (strpos($mount['class'], 'OC_Filestorage_') !== false) { $mount['class'] = '\OC\Files\Storage\\'.substr($mount['class'], 15); } $mount['options'] = self::decryptPasswords($mount['options']); // Remove '/$user/files/' from mount point $mountPoint = substr($mountPoint, 13); // Merge the mount point into the current mount points if (isset($system[$mountPoint]) && $system[$mountPoint]['configuration'] == $mount['options']) { $system[$mountPoint]['applicable']['groups'] = array_merge($system[$mountPoint]['applicable']['groups'], array($group)); } else { $system[$mountPoint] = array( 'class' => $mount['class'], 'backend' => $backends[$mount['class']]['backend'], 'configuration' => $mount['options'], 'applicable' => array('groups' => array($group), 'users' => array()), 'status' => self::getBackendStatus($mount['class'], $mount['options']) ); } } } } if (isset($mountPoints[self::MOUNT_TYPE_USER])) { foreach ($mountPoints[self::MOUNT_TYPE_USER] as $user => $mounts) { foreach ($mounts as $mountPoint => $mount) { // Update old classes to new namespace if (strpos($mount['class'], 'OC_Filestorage_') !== false) { $mount['class'] = '\OC\Files\Storage\\'.substr($mount['class'], 15); } $mount['options'] = self::decryptPasswords($mount['options']); // Remove '/$user/files/' from mount point $mountPoint = substr($mountPoint, 13); // Merge the mount point into the current mount points if (isset($system[$mountPoint]) && $system[$mountPoint]['configuration'] == $mount['options']) { $system[$mountPoint]['applicable']['users'] = array_merge($system[$mountPoint]['applicable']['users'], array($user)); } else { $system[$mountPoint] = array( 'class' => $mount['class'], 'backend' => $backends[$mount['class']]['backend'], 'configuration' => $mount['options'], 'applicable' => array('groups' => array(), 'users' => array($user)), 'status' => self::getBackendStatus($mount['class'], $mount['options']) ); } } } } return $system; } /** * Get the personal mount points of the current user * The returned array is not in the same format as getUserMountPoints() * @return array */ public static function getPersonalMountPoints() { $mountPoints = self::readData(true); $backends = self::getBackends(); $uid = OCP\User::getUser(); $personal = array(); if (isset($mountPoints[self::MOUNT_TYPE_USER][$uid])) { foreach ($mountPoints[self::MOUNT_TYPE_USER][$uid] as $mountPoint => $mount) { // Update old classes to new namespace if (strpos($mount['class'], 'OC_Filestorage_') !== false) { $mount['class'] = '\OC\Files\Storage\\'.substr($mount['class'], 15); } $mount['options'] = self::decryptPasswords($mount['options']); // Remove '/uid/files/' from mount point $personal[substr($mountPoint, strlen($uid) + 8)] = array( 'class' => $mount['class'], 'backend' => $backends[$mount['class']]['backend'], 'configuration' => $mount['options'], 'status' => self::getBackendStatus($mount['class'], $mount['options']) ); } } return $personal; } private static function getBackendStatus($class, $options) { if (self::$skipTest) { return true; } foreach ($options as &$option) { $option = str_replace('$user', OCP\User::getUser(), $option); } if (class_exists($class)) { try { $storage = new $class($options); return $storage->test(); } catch (Exception $exception) { \OCP\Util::logException('files_external', $exception); return false; } } return false; } /** * Add a mount point to the filesystem * @param string $mountPoint Mount point * @param string $class Backend class * @param array Backend parameters for the class * @param string $mountType MOUNT_TYPE_GROUP | MOUNT_TYPE_USER * @param string $applicable User or group to apply mount to * @param bool Personal or system mount point i.e. is this being called from the personal or admin page * @return boolean */ public static function addMountPoint($mountPoint, $class, $classOptions, $mountType, $applicable, $isPersonal = false) { $backends = self::getBackends(); $mountPoint = OC\Files\Filesystem::normalizePath($mountPoint); if ($mountPoint === '' || $mountPoint === '/' || $mountPoint == '/Shared') { // can't mount at root or "Shared" folder return false; } if (!isset($backends[$class])) { // invalid backend return false; } if ($isPersonal) { // Verify that the mount point applies for the current user // Prevent non-admin users from mounting local storage and other disabled backends $allowed_backends = self::getPersonalBackends(); if ($applicable != OCP\User::getUser() || !isset($allowed_backends[$class])) { return false; } $mountPoint = '/'.$applicable.'/files/'.ltrim($mountPoint, '/'); } else { $mountPoint = '/$user/files/'.ltrim($mountPoint, '/'); } $mount = array($applicable => array( $mountPoint => array( 'class' => $class, 'options' => self::encryptPasswords($classOptions)) ) ); $mountPoints = self::readData($isPersonal); // Merge the new mount point into the current mount points if (isset($mountPoints[$mountType])) { if (isset($mountPoints[$mountType][$applicable])) { $mountPoints[$mountType][$applicable] = array_merge($mountPoints[$mountType][$applicable], $mount[$applicable]); } else { $mountPoints[$mountType] = array_merge($mountPoints[$mountType], $mount); } } else { $mountPoints[$mountType] = $mount; } self::writeData($isPersonal, $mountPoints); return self::getBackendStatus($class, $classOptions); } /** * * @param string Mount point * @param string MOUNT_TYPE_GROUP | MOUNT_TYPE_USER * @param string User or group to remove mount from * @param bool Personal or system mount point * @return bool */ public static function removeMountPoint($mountPoint, $mountType, $applicable, $isPersonal = false) { // Verify that the mount point applies for the current user if ($isPersonal) { if ($applicable != OCP\User::getUser()) { return false; } $mountPoint = '/'.$applicable.'/files/'.ltrim($mountPoint, '/'); } else { $mountPoint = '/$user/files/'.ltrim($mountPoint, '/'); } $mountPoints = self::readData($isPersonal); // Remove mount point unset($mountPoints[$mountType][$applicable][$mountPoint]); // Unset parent arrays if empty if (empty($mountPoints[$mountType][$applicable])) { unset($mountPoints[$mountType][$applicable]); if (empty($mountPoints[$mountType])) { unset($mountPoints[$mountType]); } } self::writeData($isPersonal, $mountPoints); return true; } /** * Read the mount points in the config file into an array * @param boolean $isPersonal Personal or system config file * @return array */ private static function readData($isPersonal) { $parser = new \OC\ArrayParser(); if ($isPersonal) { $phpFile = OC_User::getHome(OCP\User::getUser()).'/mount.php'; $jsonFile = OC_User::getHome(OCP\User::getUser()).'/mount.json'; } else { $phpFile = OC::$SERVERROOT.'/config/mount.php'; $datadir = \OC_Config::getValue('datadirectory', \OC::$SERVERROOT . '/data/'); $jsonFile = \OC_Config::getValue('mount_file', $datadir . '/mount.json'); } if (is_file($jsonFile)) { $mountPoints = json_decode(file_get_contents($jsonFile), true); if (is_array($mountPoints)) { return $mountPoints; } } elseif (is_file($phpFile)) { $mountPoints = $parser->parsePHP(file_get_contents($phpFile)); if (is_array($mountPoints)) { return $mountPoints; } } return array(); } /** * Write the mount points to the config file * @param bool Personal or system config file * @param array Mount points * @param boolean $isPersonal */ private static function writeData($isPersonal, $data) { if ($isPersonal) { $file = OC_User::getHome(OCP\User::getUser()).'/mount.json'; } else { $datadir = \OC_Config::getValue('datadirectory', \OC::$SERVERROOT . '/data/'); $file = \OC_Config::getValue('mount_file', $datadir . '/mount.json'); } $content = json_encode($data); @file_put_contents($file, $content); @chmod($file, 0640); } /** * Returns all user uploaded ssl root certificates * @return array */ public static function getCertificates() { $path=OC_User::getHome(OC_User::getUser()) . '/files_external/uploads/'; \OCP\Util::writeLog('files_external', 'checking path '.$path, \OCP\Util::INFO); if ( ! is_dir($path)) { //path might not exist (e.g. non-standard OC_User::getHome() value) //in this case create full path using 3rd (recursive=true) parameter. mkdir($path, 0777, true); } $result = array(); $handle = opendir($path); if(!is_resource($handle)) { return array(); } while (false !== ($file = readdir($handle))) { if ($file != '.' && $file != '..') $result[] = $file; } return $result; } /** * creates certificate bundle */ public static function createCertificateBundle() { $path=OC_User::getHome(OC_User::getUser()) . '/files_external'; $certs = OC_Mount_Config::getCertificates(); $fh_certs = fopen($path."/rootcerts.crt", 'w'); foreach ($certs as $cert) { $file=$path.'/uploads/'.$cert; $fh = fopen($file, "r"); $data = fread($fh, filesize($file)); fclose($fh); if (strpos($data, 'BEGIN CERTIFICATE')) { fwrite($fh_certs, $data); fwrite($fh_certs, "\r\n"); } } fclose($fh_certs); return true; } /** * check if smbclient is installed */ public static function checksmbclient() { if(function_exists('shell_exec')) { $output=shell_exec('command -v smbclient 2> /dev/null'); return !empty($output); }else{ return false; } } /** * check if php-ftp is installed */ public static function checkphpftp() { if(function_exists('ftp_login')) { return true; }else{ return false; } } /** * check if curl is installed */ public static function checkcurl() { return function_exists('curl_init'); } /** * check dependencies */ public static function checkDependencies() { $l= new OC_L10N('files_external'); $txt=''; if (!OC_Util::runningOnWindows()) { if(!OC_Mount_Config::checksmbclient()) { $txt.=$l->t('Warning: "smbclient" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it.').'
'; } } if(!OC_Mount_Config::checkphpftp()) { $txt.=$l->t('Warning: The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it.').'
'; } if(!OC_Mount_Config::checkcurl()) { $txt.=$l->t('Warning: The Curl support in PHP is not enabled or installed. Mounting of ownCloud / WebDAV or GoogleDrive is not possible. Please ask your system administrator to install it.').'
'; } return $txt; } /** * Encrypt passwords in the given config options * @param array $options mount options * @return array updated options */ private static function encryptPasswords($options) { if (isset($options['password'])) { $options['password_encrypted'] = base64_encode(self::getCipher()->encrypt($options['password'])); unset($options['password']); } return $options; } /** * Decrypt passwords in the given config options * @param array $options mount options * @return array updated options */ private static function decryptPasswords($options) { // note: legacy options might still have the unencrypted password in the "password" field if (isset($options['password_encrypted'])) { $options['password'] = self::getCipher()->decrypt(base64_decode($options['password_encrypted'])); unset($options['password_encrypted']); } return $options; } /** * Returns the encryption cipher */ private static function getCipher() { if (!isset(self::$cipher)) { self::$cipher = new Crypt_AES(CRYPT_AES_MODE_CBC); self::$cipher->setKey(\OCP\Config::getSystemValue('passwordsalt')); } return self::$cipher; } }