initial commit of file from CVS for smeserver-shared-folders on Sat Sep 7 21:04:36 AEST 2024

2024-09-07 21:04:36 +10:00
parent eb9f5d0a97
commit 80a1e6f928
119 changed files with 15333 additions and 2 deletions
--- a/root/etc/e-smith/events/actions/group-share-modify
+++ b/root/etc/e-smith/events/actions/group-share-modify
@@ -0,0 +1,61 @@
+#!/usr/bin/perl -w
+
+use strict;
+use esmith::AccountsDB;
+use esmith::event;
+
+my $accounts = esmith::AccountsDB->open() or 
+    die "Unable to open accounts db: $!";
+
+my ($event, $name) = @ARGV;
+
+my $type = 'Groups';
+
+if ($event eq 'user-delete'){
+    $type = 'Users';
+}
+
+# Find all "shared folder" entries in the e-smith accounts database and
+# if the group or a user matches one listed in ACL, remove it.
+
+my @modified_shares;
+foreach my $share ( $accounts->get_all_by_prop(type => 'share' ) ) {
+    my $modified = 0;
+    my @OldRead = split (/[,;]/,$share->prop('Read'.$type));
+    my @NewRead = ();
+    foreach (@OldRead){
+        if ( $_ eq $name ) {
+            $modified = 1;
+        }
+        else{
+            push @NewRead, $_;
+        }
+     }
+     $share->set_prop('Read'.$type, join("," , @NewRead));
+
+    my @OldWrite = split (/[,;]/,$share->prop('Write'.$type));
+    my @NewWrite = ();
+    foreach (@OldWrite){
+        if ( $_ eq $name ) {
+            $modified = 1;
+        }
+        else{
+            push @NewWrite, $_;
+        }
+     }
+     $share->set_prop('Write'.$type, join("," , @NewWrite));
+
+     # If a group or a user has been removed, either from Read or Write, re-apply the ACLs
+     if ($modified){
+        push @modified_shares, $share->key;
+        event_signal("share-modify-files", $share->key) or
+            die ("Error occurred while updating shared folder.\n");
+     }
+}
+
+my $count = @modified_shares;
+if ( $count > 0 ) {
+    event_signal("share-modify-servers" ) or
+        die ("Error occurred after updating shared folder.\n");
+}
+
--- a/root/etc/e-smith/events/actions/share-delete
+++ b/root/etc/e-smith/events/actions/share-delete
@@ -0,0 +1,34 @@
+#!/bin/sh
+
+#----------------------------------------------------------------------
+# copyright (C) 1999-2005 Mitel Networks Corporation
+#		
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#		
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	See the
+# GNU General Public License for more details.
+#		
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+#----------------------------------------------------------------------
+
+#------------------------------------------------------------
+# Delete files for the share.
+#------------------------------------------------------------
+
+event=$1
+share=$2
+if [ -z "$share" ]
+then
+    echo shareName argument missing
+    exit 1
+fi
+
+/bin/rm -rf /home/e-smith/files/shares/$share
--- a/root/etc/e-smith/events/actions/share-dump-attributes
+++ b/root/etc/e-smith/events/actions/share-dump-attributes
@@ -0,0 +1,16 @@
+#!/usr/bin/perl
+
+use strict;
+use esmith::AccountsDB;
+
+my $a = esmith::AccountsDB->open_ro ||
+  die "Couldn't open AccountsDB\n";
+
+foreach my $share ( $a->get_all_by_prop( type => 'share' ) ){
+    my $key = $share->key;
+    my $perm = $share->prop('ManualPermissions') || 'disabled';
+    next unless ( $perm eq 'yes' || $perm eq 'enabled' || $perm eq 'ntacl' );
+    # Dump posix ACL
+    system("/usr/bin/getfacl -R --physical --absolute-names -- /home/e-smith/files/shares/$key/ > /home/e-smith/db/shares/$key.acl");
+    system("/usr/bin/getfattr -R -d -m '.*' -e hex -P --absolute-names -- /home/e-smith/files/shares/$key/ > /home/e-smith/db/shares/$key.xattr");
+}
--- a/root/etc/e-smith/events/actions/share-modify
+++ b/root/etc/e-smith/events/actions/share-modify
@@ -0,0 +1,175 @@
+#!/usr/bin/perl -w
+
+#----------------------------------------------------------------------
+# copyright (C) 1999-2005 Mitel Networks Corporation
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+#----------------------------------------------------------------------
+package esmith;
+
+use strict;
+use Errno;
+use File::Find;
+use esmith::util;
+use esmith::templates;
+use esmith::AccountsDB;
+
+
+$ENV{'PATH'} = "/bin";
+my $setfacl = "/usr/bin/setfacl";
+
+my $event = $ARGV [0];
+my $shareName = $ARGV [1];
+
+die "shareName argument missing" unless defined ($shareName);
+
+my $accountdb = esmith::AccountsDB->open_ro();
+my $share = $accountdb->get($shareName) or 
+	die "Couldn't find $shareName record in accounts db\n";
+
+my $perm = $share->prop('ManualPermissions') || 'no';
+
+die "Account $shareName is not an share account; modify share event failed.\n"
+    unless ($share->prop('type') eq 'share');
+
+if ($event eq 'share-create')
+{
+    #------------------------------------------------------------
+    # Create the share files and set the password.
+    #------------------------------------------------------------
+
+    system("/bin/mkdir", "-p",
+	"/home/e-smith/files/shares/$shareName/files") == 0
+	    or die "Error copying share skeletal files";
+
+}
+
+#------------------------------------------------------------
+# Create the recylce bin directory if needed
+#------------------------------------------------------------
+if (($share->prop('RecycleBin') || 'disabled' eq 'enabled') ||
+   ($share->prop('RecycleBin') || 'disabled' eq 'keep-versions')){
+    my $recycle = $share->prop('RecycleBinDir') || "Recycle Bin";
+    system("/bin/mkdir", "-p",
+        "/home/e-smith/files/shares/$shareName/files/$recycle") == 0
+            or die "Error creating recycle bin directory";
+}
+
+#------------------------------------------------------------
+# Fix permissions on share files.
+#------------------------------------------------------------
+
+#--------------------------------------------------
+# main directory is writeable only by root
+#--------------------------------------------------
+
+chdir "/home/e-smith/files/shares/$shareName"
+   or die "Could not chdir to /home/e-smith/files/shares/$shareName";
+
+my $http = $share->prop('httpAccess') || 'none';
+my $groupowner = ($http eq 'none') ? 'root' : 'www';
+
+esmith::util::chownFile("root", "$groupowner", ".");
+chmod 0750, ".";
+
+#--------------------------------------------------
+# fix ownership of subdirectories
+#--------------------------------------------------
+
+my %properties = $share->props;
+my @writegroups = split(/[;,]/,($properties {'WriteGroups'} || ''));
+my @readgroups = split(/[;,]/,($properties {'ReadGroups'} || ''));
+my @writeusers = split(/[;,]/,($properties {'WriteUsers'} || ''));
+my @readusers = split(/[;,]/,($properties {'ReadUsers'} || ''));
+my $rsync = $properties{'rsyncAccess'} || 'none';
+my $pydio = $properties{'Pydio'} || 'disabled';
+
+# Don't reset permissions if ManualPermissions is set to 'yes'
+
+unless ( $perm eq 'yes' || $perm eq 'enabled' || $perm eq 'ntacl' ){
+    # Remove existing ACLs
+    system($setfacl,
+        '-R',
+        '--remove-all',
+        '--remove-default',
+        '--physical',
+        '.');
+
+    # make admin the group owner of everything
+    system('/bin/chgrp',
+           '-R',
+           'admin',
+           '.');
+
+    my $acl = 'u::rwX,g::rwX,o:---,';
+    foreach my $group (@writegroups){
+        $acl .= 'g:'.$group.':rwX,';
+    }
+    foreach my $group (@readgroups){
+        $acl .= 'g:'.$group.':rX,';
+    }
+    foreach my $user (@writeusers){
+        $acl .= 'u:'.$user.':rwX,';
+    }
+    foreach my $user (@readusers){
+        $acl .= 'u:'.$user.':rX,';
+    }
+    $acl .= 'u:rsync:rX,' if ($rsync =~ /^local|global$/);
+    $acl .= 'u:www:rwX,' unless (($http eq 'none') && ($pydio ne 'enabled'));
+    $acl .= 'g:admin:rwX';
+
+    # Set the effective ACLs
+    system($setfacl,
+           '-R',
+           '--physical',
+           '-m',
+           $acl,
+           '--',
+           '.');
+
+    # Set the default ACL
+    system($setfacl,
+           '-R',
+           '--physical',
+           '-d',
+           '--set',
+           $acl,
+           '--',
+           '.');
+
+    # Now set the permission on the root of the share (no write access here)
+    $acl = '';
+    system($setfacl,
+           '--remove-all',
+           '--remove-default',
+           '.');
+
+    foreach my $group (@writegroups,@readgroups){
+        $acl .= 'g:'.$group.':rX,';
+    }
+    foreach my $user (@writeusers,@readusers){
+        $acl .= 'u:'.$user.':rX,';
+    }
+    $acl .= 'u:rsync:rX,' if ($rsync =~ /^local|global$/);
+    $acl .= 'u:www:rX,' unless (($http eq 'none') && ($pydio ne 'enabled'));
+    $acl .= 'g:admin:rX';
+
+    system($setfacl,
+           '-m',
+           $acl,
+           '--',
+           '.');
+}