apps/dav/lib/Server.php
<?php
/**
* @author Christoph Wurst <christoph@owncloud.com>
* @author Georg Ehrke <georg@owncloud.com>
* @author Lukas Reschke <lukas@statuscode.ch>
* @author Roeland Jago Douma <rullzer@owncloud.com>
* @author Thomas Citharel <tcit@tcit.fr>
* @author Thomas Müller <thomas.mueller@tmit.eu>
* @author Vincent Petry <pvince81@owncloud.com>
*
* @copyright Copyright (c) 2018, ownCloud GmbH
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\DAV;
use OC;
use OC\Files\Filesystem;
use OCA\DAV\AppInfo\PluginManager;
use OCA\DAV\CalDAV\Publishing\PublishPlugin;
use OCA\DAV\CalDAV\Schedule\IMipPlugin;
use OCA\DAV\CardDAV\ImageExportPlugin;
use OCA\DAV\Connector\Sabre\Auth;
use OCA\DAV\Connector\Sabre\BlockLegacyClientPlugin;
use OCA\DAV\Connector\Sabre\CommentPropertiesPlugin;
use OCA\DAV\Connector\Sabre\CopyEtagHeaderPlugin;
use OCA\DAV\Connector\Sabre\CorsPlugin;
use OCA\DAV\Connector\Sabre\DavAclPlugin;
use OCA\DAV\Connector\Sabre\DummyGetResponsePlugin;
use OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin;
use OCA\DAV\Connector\Sabre\FilesPlugin;
use OCA\DAV\Connector\Sabre\FilesReportPlugin;
use OCA\DAV\Connector\Sabre\FilesSearchReportPlugin;
use OCA\DAV\Connector\Sabre\LockPlugin;
use OCA\DAV\Connector\Sabre\MaintenancePlugin;
use OCA\DAV\Connector\Sabre\QuotaPlugin;
use OCA\DAV\Connector\Sabre\SharesPlugin;
use OCA\DAV\Connector\Sabre\TagsPlugin;
use OCA\DAV\Connector\Sabre\ValidateRequestPlugin;
use OCA\DAV\DAV\FileCustomPropertiesBackend;
use OCA\DAV\DAV\FileCustomPropertiesPlugin;
use OCA\DAV\DAV\LazyOpsPlugin;
use OCA\DAV\DAV\MiscCustomPropertiesBackend;
use OCA\DAV\DAV\PublicAuth;
use OCA\DAV\DAV\ViewOnlyPlugin;
use OCA\DAV\Files\BrowserErrorPagePlugin;
use OCA\DAV\Files\FileLocksBackend;
use OCA\DAV\Files\PreviewPlugin;
use OCA\DAV\Files\PublicFiles\PublicFilesPlugin;
use OCA\DAV\Files\Sharing\PublicLinkEventsPlugin;
use OCA\DAV\JobStatus\Entity\JobStatusMapper;
use OCA\DAV\Meta\MetaPlugin;
use OCA\DAV\Files\PublicFiles\PublicSharingAuth;
use OCA\DAV\SystemTag\SystemTagPlugin;
use OCA\DAV\TrashBin\TrashBinPlugin;
use OCA\DAV\Upload\ChunkingPlugin;
use OCP\AppFramework\QueryException;
use OCP\IRequest;
use OCP\SabrePluginEvent;
use Sabre\CalDAV\ICSExportPlugin;
use Sabre\CardDAV\VCFExportPlugin;
use Sabre\DAV\Auth\Plugin;
use Sabre\DAV\Exception;
use Sabre\HTTP\Request;
class Server {
/** @var Connector\Sabre\Server */
public $server;
/** @var string */
private $baseUri;
/** @var IRequest */
private $request;
/**
* Server constructor.
*
* @param IRequest $request
* @param string $baseUri
* @throws QueryException
* @throws Exception
*/
public function __construct(IRequest $request, $baseUri) {
$this->request = $request;
$this->baseUri = $baseUri;
$logger = OC::$server->getLogger();
$dispatcher = OC::$server->getEventDispatcher();
$root = new RootCollection();
$tree = new Tree($root);
$this->server = new Connector\Sabre\Server($tree);
$config = OC::$server->getConfig();
if ($config->getSystemValue('dav.enable.async', false)) {
$this->server->addPlugin(new LazyOpsPlugin(
OC::$server->getUserSession(),
OC::$server->getURLGenerator(),
OC::$server->getShutdownHandler(),
OC::$server->query(JobStatusMapper::class),
OC::$server->getLogger()
));
}
// Backends
$authBackend = new Auth(
OC::$server->getSession(),
OC::$server->getUserSession(),
OC::$server->getRequest(),
OC::$server->getTwoFactorAuthManager(),
OC::$server->getAccountModuleManager(),
\OC::$server->getConfig()
);
// Set URL explicitly due to reverse-proxy situations
$this->server->httpRequest->setUrl($this->request->getRequestUri());
$this->server->setBaseUri($this->baseUri);
$this->server->addPlugin(new MaintenancePlugin($config));
$this->server->addPlugin(new ValidateRequestPlugin('dav'));
$this->server->addPlugin(new BlockLegacyClientPlugin($config));
$this->server->addPlugin(new CorsPlugin(OC::$server->getUserSession()));
$authPlugin = new Plugin();
$isPublicAccess = false;
if ($this->isRequestForSubtree(['public-files'])
) {
$this->server->addPlugin(new PublicFilesPlugin());
$authPlugin->addBackend(new PublicSharingAuth($this->server, OC::$server->getShareManager()));
$this->server->addPlugin(new PublicLinkEventsPlugin(\OC::$server->getEventDispatcher()));
$isPublicAccess = true;
}
$authPlugin->addBackend(new PublicAuth());
$this->server->addPlugin($authPlugin);
// allow setup of additional auth backends
$event = new SabrePluginEvent($this->server);
$dispatcher->dispatch($event, 'OCA\DAV\Connector\Sabre::authInit');
// because we are throwing exceptions this plugin has to be the last one
$authPlugin->addBackend($authBackend);
// debugging
if (OC::$server->getConfig()->getSystemValue('debug', false)) {
$this->server->addPlugin(new \Sabre\DAV\Browser\Plugin());
} else {
$this->server->addPlugin(new DummyGetResponsePlugin());
}
$this->server->addPlugin(new ExceptionLoggerPlugin('webdav', $logger));
$this->server->addPlugin(new \Sabre\DAV\Sync\Plugin());
$this->server->addPlugin(new LockPlugin(\OC::$server->getConfig(), \OC::$server->getGroupManager()));
$fileLocksBackend = new FileLocksBackend($this->server->tree, false, OC::$server->getTimeFactory(), $isPublicAccess);
$this->server->addPlugin(new \OCA\DAV\Connector\Sabre\PublicDavLocksPlugin($fileLocksBackend, function ($uri) {
if (\strpos($uri, "public-files/") === 0) {
return true;
}
return false;
}));
// ACL plugin not used in files subtree, also it causes issues
// with performance and locking issues because it will query
// every parent node which might trigger an implicit rescan in the
// case of external storages with update detection
if (!$this->isRequestForSubtree(['files'])) {
// acl
$acl = new DavAclPlugin();
$acl->principalCollectionSet = [
'principals/users', 'principals/groups'
];
$acl->defaultUsernamePath = 'principals/users';
$this->server->addPlugin($acl);
}
// calendar plugins
if ($this->isRequestForSubtree(['calendars', 'public-calendars', 'principals'])) {
$mailer = OC::$server->getMailer();
$this->server->addPlugin(new CalDAV\Plugin());
$this->server->addPlugin(new ICSExportPlugin());
$this->server->addPlugin(new CalDAV\Schedule\Plugin());
$this->server->addPlugin(new IMipPlugin($mailer, $logger, $request));
$this->server->addPlugin(new \Sabre\CalDAV\Subscriptions\Plugin());
$this->server->addPlugin(new \Sabre\CalDAV\Notifications\Plugin());
$this->server->addPlugin(new DAV\Sharing\Plugin($authBackend, OC::$server->getRequest()));
$this->server->addPlugin(new PublishPlugin(
OC::$server->getConfig(),
OC::$server->getURLGenerator()
));
}
// addressbook plugins
if ($this->isRequestForSubtree(['addressbooks', 'principals'])) {
$this->server->addPlugin(new DAV\Sharing\Plugin($authBackend, OC::$server->getRequest()));
$this->server->addPlugin(new CardDAV\Plugin());
$this->server->addPlugin(new VCFExportPlugin());
$this->server->addPlugin(new ImageExportPlugin(OC::$server->getLogger()));
}
// system tags plugins
$this->server->addPlugin(new SystemTagPlugin(
OC::$server->getSystemTagManager(),
OC::$server->getGroupManager(),
OC::$server->getUserSession()
));
$this->server->addPlugin(new CopyEtagHeaderPlugin());
$this->server->addPlugin(new ChunkingPlugin());
$this->server->addPlugin(new TrashBinPlugin());
$this->server->addPlugin(new MetaPlugin(
OC::$server->getUserSession(),
OC::$server->getLazyRootFolder()
));
// enable streaming only for the files subtree
if ($this->isRequestForSubtree(['files'])) {
\Sabre\DAV\Server::$streamMultiStatus = true;
}
if ($this->isRequestForSubtree(['files', 'meta', 'trash-bin', 'public-files'])) {
$this->server->addPlugin(new ViewOnlyPlugin(
OC::$server->getLogger()
));
}
if (BrowserErrorPagePlugin::isBrowserRequest($request)) {
$this->server->addPlugin(new BrowserErrorPagePlugin());
}
$this->server->addPlugin(new PreviewPlugin(OC::$server->getTimeFactory(), OC::$server->getPreviewManager()));
$this->server->on('beforeMethod:PROPFIND', function (Request $request) use ($config) {
$depthHeader = strtolower($request->getHeader('depth'));
if ($depthHeader === 'infinity' && !$config->getSystemValue('dav.propfind.depth_infinity', false)) {
throw new Exception\PreconditionFailed('Depth infinity not supported');
}
}, 0);
// wait with registering these until auth is handled and the filesystem is setup
$this->server->on('beforeMethod:*', function () use ($root) {
// custom properties plugin must be the last one
$userSession = OC::$server->getUserSession();
$user = $userSession->getUser();
if ($user !== null) {
$view = Filesystem::getView();
$this->server->addPlugin(
new FilesPlugin(
$this->server->tree,
OC::$server->getConfig(),
$this->request,
false,
!OC::$server->getConfig()->getSystemValue('debug', false)
)
);
if ($this->isRequestForSubtree(['files', 'uploads', 'trash-bin', 'public-files'])) {
//For files only
$filePropertiesPlugin = new FileCustomPropertiesPlugin(
new FileCustomPropertiesBackend(
$this->server->tree,
OC::$server->getDatabaseConnection(),
OC::$server->getUserSession()->getUser(),
OC::$server->getRootFolder()
)
);
$this->server->addPlugin($filePropertiesPlugin);
} else {
$miscPropertiesPlugin = new \Sabre\DAV\PropertyStorage\Plugin(
new MiscCustomPropertiesBackend(
$this->server->tree,
OC::$server->getDatabaseConnection(),
OC::$server->getUserSession()->getUser(),
OC::$server->getRootFolder()
)
);
$this->server->addPlugin($miscPropertiesPlugin);
}
if ($view !== null) {
$this->server->addPlugin(
new QuotaPlugin($view)
);
}
$this->server->addPlugin(
new TagsPlugin(
$this->server->tree,
OC::$server->getTagManager()
)
);
// TODO: switch to LazyUserFolder
$userFolder = OC::$server->getUserFolder();
$this->server->addPlugin(new SharesPlugin(
$this->server->tree,
$userSession,
OC::$server->getShareManager()
));
$this->server->addPlugin(new CommentPropertiesPlugin(
OC::$server->getCommentsManager(),
$userSession
));
if ($view !== null) {
$this->server->addPlugin(new FilesReportPlugin(
$this->server->tree,
$view,
OC::$server->getSystemTagManager(),
OC::$server->getSystemTagObjectMapper(),
OC::$server->getTagManager(),
$userSession,
OC::$server->getGroupManager(),
$userFolder
));
}
$this->server->addPlugin(
new FilesSearchReportPlugin(
OC::$server->getSearch()
)
);
}
// register plugins from apps
$pluginManager = new PluginManager(
OC::$server,
OC::$server->getAppManager()
);
foreach ($pluginManager->getAppPlugins() as $appPlugin) {
$this->server->addPlugin($appPlugin);
}
foreach ($pluginManager->getAppCollections() as $appCollection) {
$root->addChild($appCollection);
}
});
}
public function exec() {
$this->server->start();
}
/**
* @param string[] $subTrees
* @return bool
*/
private function isRequestForSubtree(array $subTrees) {
foreach ($subTrees as $subTree) {
$subTree = \trim($subTree, ' /');
if (\strpos($this->server->getRequestUri(), "$subTree/") === 0) {
return true;
}
}
return false;
}
}