From 76ffce296981a8ce8afcdb85d90db5a808c7b9b3 Mon Sep 17 00:00:00 2001 From: Cyril Chapellier Date: Fri, 29 Mar 2024 22:49:02 +0100 Subject: [PATCH] [Feature] Add per user home directories (#143) --- .env | 6 +++++- README.md | 7 ++++++- config/services.yaml | 5 +++-- src/Controller/DAVController.php | 14 +++++++++++++- 4 files changed, 27 insertions(+), 5 deletions(-) diff --git a/.env b/.env index f9d1845..da6290e 100644 --- a/.env +++ b/.env @@ -72,7 +72,11 @@ INVITE_FROM_ADDRESS=no-reply@example.org # Make sure that these directories exist, with write permissions for your server. # USE ABSOLUTE PATHS for better predictability WEBDAV_TMP_DIR='/tmp' -WEBDAV_PUBLIC_DIR='/webdav' +WEBDAV_PUBLIC_DIR='/webdav/public' +# By default, home directories are disabled totally (env var set to an empty string). +# If needed, it is recommended to use a folder that is NOT a child of the public dir, +# such as /webdav/homes for instance, so that users cannot access other users' homes. +WEBDAV_HOMES_DIR= # Logging path # By default, it will log in the standard Symfony directory: var/log/prod.log (for production) diff --git a/README.md b/README.md index 516eb1c..8439f5c 100644 --- a/README.md +++ b/README.md @@ -118,9 +118,14 @@ f. The paths for the WebDAV installation ``` WEBDAV_TMP_DIR='/tmp' -WEBDAV_PUBLIC_DIR='/webdav' +WEBDAV_PUBLIC_DIR='/webdav/public' +WEBDAV_HOMES_DIR= ``` +> [!NOTE] +> +> By default, home directories are disabled totally (the env var is set to an empty string). If needed, it is recommended to use a folder that is **NOT** a child of the public dir, such as `/webdav/homes` for instance, so that users cannot access other users' homes. + g. The log file path You can use an absolute file path here, and you can use Symfony's `%kernel.logs_dir%` and `%kernel.environment%` placeholders if needed (as in the default value). Setting it to `/dev/null` will disable logging altogether. diff --git a/config/services.yaml b/config/services.yaml index 5f0d79f..03fa3a4 100644 --- a/config/services.yaml +++ b/config/services.yaml @@ -51,8 +51,9 @@ services: $inviteAddress: "%env(INVITE_FROM_ADDRESS)%" $authMethod: "%env(AUTH_METHOD)%" $authRealm: "%env(AUTH_REALM)%" - $webdavPublicDir: "%env(WEBDAV_PUBLIC_DIR)%" - $webdavTmpDir: "%env(WEBDAV_TMP_DIR)%" + $webdavPublicDir: "%env(resolve:WEBDAV_PUBLIC_DIR)%" + $webdavHomesDir: "%env(resolve:WEBDAV_HOMES_DIR)%" + $webdavTmpDir: "%env(resolve:WEBDAV_TMP_DIR)%" App\Security\LoginFormAuthenticator: arguments: diff --git a/src/Controller/DAVController.php b/src/Controller/DAVController.php index 26415eb..b5113a5 100644 --- a/src/Controller/DAVController.php +++ b/src/Controller/DAVController.php @@ -69,6 +69,13 @@ class DAVController extends AbstractController */ protected $webdavPublicDir; + /** + * WebDAV User Homes directory. + * + * @var string | null + */ + protected $webdavHomesDir; + /** * WebDAV Temporary directory. * @@ -128,7 +135,7 @@ class DAVController extends AbstractController */ protected $server; - public function __construct(MailerInterface $mailer, BasicAuth $basicAuthBackend, IMAPAuth $IMAPAuthBackend, LDAPAuth $LDAPAuthBackend, UrlGeneratorInterface $router, EntityManagerInterface $entityManager, LoggerInterface $logger, string $publicDir, bool $calDAVEnabled = true, bool $cardDAVEnabled = true, bool $webDAVEnabled = false, string $inviteAddress = null, string $authMethod = null, string $authRealm = null, string $webdavPublicDir = null, string $webdavTmpDir = null) + public function __construct(MailerInterface $mailer, BasicAuth $basicAuthBackend, IMAPAuth $IMAPAuthBackend, LDAPAuth $LDAPAuthBackend, UrlGeneratorInterface $router, EntityManagerInterface $entityManager, LoggerInterface $logger, string $publicDir, bool $calDAVEnabled = true, bool $cardDAVEnabled = true, bool $webDAVEnabled = false, string $inviteAddress = null, string $authMethod = null, string $authRealm = null, string $webdavPublicDir = null, string $webdavHomesDir = null, string $webdavTmpDir = null) { $this->publicDir = $publicDir; @@ -138,6 +145,7 @@ public function __construct(MailerInterface $mailer, BasicAuth $basicAuthBackend $this->inviteAddress = $inviteAddress ?? null; $this->webdavPublicDir = $webdavPublicDir; + $this->webdavHomesDir = $webdavHomesDir; $this->webdavTmpDir = $webdavTmpDir; $this->em = $entityManager; @@ -209,6 +217,10 @@ private function initServer(string $authMethod, string $authRealm = User::DEFAUL new \Sabre\CalDAV\Principal\Collection($principalBackend), ]; + if ($this->webdavHomesDir) { + $nodes[] = new \Sabre\DAVACL\FS\HomeCollection($principalBackend, $this->webdavHomesDir); + } + if ($this->calDAVEnabled) { $calendarBackend = new \Sabre\CalDAV\Backend\PDO($pdo); $nodes[] = new \Sabre\CalDAV\CalendarRoot($principalBackend, $calendarBackend);