initial commit of file from CVS for smeserver-mod_dav on Sat Sep 7 20:41:25 AEST 2024

root/usr/lib/tmpfiles.d/mod_dav.conf

@@ -0,0 +1 @@
+d    /var/run/davLocks 0755 www www

root/usr/share/perl5/vendor_perl/esmith/DAV.pm

@@ -0,0 +1,118 @@
+
+package esmith::DAV;
+
+use strict;
+use warnings;
+use esmith::AccountsDB;
+my $adb = esmith::AccountsDB->open_ro();
+
+use vars qw( $AUTOLOAD @ISA );
+
+  sub getRequireUser {
+    my ($mode, $key) = @_;
+    my $ibay = $adb->get($key) or return "Require user admin"; 
+    my %properties = $ibay->props or return "Require user admin";
+    my $iBayGroup = $properties{'Group'} || 'admin';
+    my $accessMode = $properties{'UserAccess'} || 'wr-admin-rd-group';
+    my $access = $properties{'PublicAccess'} || 'none';
+    my $ispassibay = $access =~ /-pw/;
+    my $Anonymous  =  $properties{'ModDavAnonymousRead'} || "disabled";
+    my $MEMBERS = getMembers( $key, $iBayGroup);
+    my $REQUIRE = "";
+    if ($mode eq "read") 
+    {
+        if ($accessMode eq "wr-group-rd-everyone")
+        {
+	    if ( $Anonymous eq "enabled" )
+            {
+                $REQUIRE = "# Allowing unauthenticated read access";
+            }
+            else
+	    {
+	        my $EVERYONE = join(' ' , ( (map { $_->key } $adb->users) , qw (admin) )); #shared user members
+	        #$REQUIRE = "#wr-group-rd-everyone : members of shared\n";
+                $REQUIRE .= "Require user " . $EVERYONE;
+	    }
+        }
+        else
+        {
+            $REQUIRE = "Require user " . $MEMBERS;
+            if ($accessMode eq "wr-admin-rd-group")
+            {
+                # add "admin" to the read group to avoid read/write auth conflicts
+                $REQUIRE .= " admin";
+            }
+        }
+	if ($ispassibay)
+	{
+	    #we have local-pw or global-pw or global-pw-remote
+	    $REQUIRE = ( $REQUIRE =~ /Require user / ) ? "$REQUIRE $key" : "Require user $key";
+	    $REQUIRE .= " $MEMBERS" if ( $access =~ /remote/ );
+	}
+    }
+    else
+    {
+        if ($accessMode eq "wr-admin-rd-group")
+        {
+            $REQUIRE = "Require user admin";
+        }
+        else
+        {
+            $REQUIRE = "Require user " . $MEMBERS;
+        }
+     }
+    return $REQUIRE;
+  }
+  
+  sub getAllow {
+    my ($mode, $key, $localAccess ) = @_;
+    $localAccess = (defined $localAccess ) ? $localAccess : "127.0.0.1";
+    my $ibay = $adb->get($key) or return "Require ip 127.0.0.1";
+    my %properties = $ibay->props or return "Require ip 127.0.0.1";
+    my $Public = $properties{'PublicAccess'} || 'none'; 
+
+    my $allow = "Require ip 127.0.0.1";
+    if ($Public eq 'none')
+    {
+        $allow = "# allow from set to NONE";
+    }
+    elsif ($Public =~ /(local|remote)/  )
+    {
+        $allow   = "Require ip " . $localAccess;
+    }
+    elsif ($Public =~ /global/)
+    {
+        $allow   = "Require all granted";
+    }
+    return $allow;
+  }
+
+  sub getMembers {
+    my ($key, $iBayGroup) = @_;
+    my $MEMBERS = $key; 
+   foreach my $group ( ($adb->groups, $adb->get('admin'), $adb->get('shared') ) )
+    {
+        my %groupprops = $group->props;
+        my $grpkey = $group->key;
+        if ($grpkey eq $iBayGroup)
+        {
+            # we have the group that owns the DAV iBay
+            # If there are members of the group validate on them,
+            # otherwise on the ibayname
+            my $GroupMembers = $groupprops{'Members'} || undef;
+            $GroupMembers = "admin" if ( $grpkey eq "admin"  );
+            $GroupMembers = join(' ' , ( (map { $_->key } $adb->users) , qw (admin) )) if ( $grpkey eq "shared"  ) ;
+
+            if ($GroupMembers)
+            {
+                # need to break user list on commas then output each one...
+                my @values = split(',',$GroupMembers);
+                $MEMBERS = "" unless (!@values) ;
+                foreach my $val (@values) {
+                    $MEMBERS .= $val . " ";
+                    }
+            }
+        }
+    }
+    return $MEMBERS;
+  }