Merge branch 'homedir'

root/etc/e-smith/events/actions/ajaxplorer-user-rights

@@ -21,9 +21,11 @@
 
 use strict;
 use esmith::templates;
+use esmith::ConfigDB;
 use esmith::AccountsDB;
 use File::Path qw(mkpath rmtree);
 
+my $c = esmith::ConfigDB->open_ro;
 my $a = esmith::AccountsDB->open_ro;
 
 # Remove all the permissions
@@ -48,3 +50,55 @@ foreach my $user (($a->users),$a->get('admin')){
         });
 }
 
+my $ajxp = $c->get('ajaxplorer') || die "Couldn't find ajaxplorer entry in ConfigDB\n";
+my $homedir = $ajxp->prop('HomeDir') || 'none';
+
+if ($homedir eq 'enabled'){
+    foreach ($a->users){
+        my $name = $_->key;
+        set_user_acl($name);
+    }
+}
+elsif ($homedir eq 'users'){
+    foreach ($a->users){
+        my $name = $_->key;
+        if (($_->prop('AjxpHomeDir') || 'disabled') eq 'enabled'){
+            set_user_acl($name);
+        }
+        else{
+            remove_user_acl($name);
+        }
+    }
+}
+else{
+    foreach ($a->users){
+        my $name = $_->key;
+        remove_user_acl($name);
+    }
+}
+
+sub set_user_acl{
+    my $user = shift;
+    system('/usr/bin/setfacl',
+           '-m',
+           'u:www:x',
+           "/home/e-smith/files/users/$user");
+    system('/usr/bin/setfacl',
+           '-R',
+           '-m',
+           'u:www:rX,d:u:www:rX',
+           "/home/e-smith/files/users/$user/home");
+}
+
+sub remove_user_acl{
+    my $user = shift;
+    system('/usr/bin/setfacl',
+           '-R',
+           '-x',
+           'u:www,d:u:www',
+           "/home/e-smith/files/users/$user/home");
+    system('/usr/bin/setfacl',
+           '-x',
+           'u:www',
+           "/home/e-smith/files/users/$user");
+}

root/etc/e-smith/templates/etc/ajaxplorer/bootstrap_repositories.php/050repo

@@ -9,6 +9,33 @@ use esmith::AccountsDB;
 
 my $a = esmith::AccountsDB->open_ro();
 
+my $homedir = $ajaxplorer{'HomeDir'} || 'none';
+
+if (($homedir eq 'enabled') || ($homedir eq 'users')){
+    $OUT .=<<"EOF";
+
+\$REPOSITORIES["home"] = array(
+        "DISPLAY" => "Perso",
+        "AJXP_SLUG" => "home",
+        "DRIVER" => "fs",
+        "DRIVER_OPTIONS" => array(
+                "PATH" => "/home/e-smith/files/users/AJXP_USER/home",
+                "CREATE" => false,
+                "RECYCLE_BIN" => '',
+                "CHMOD_VALUE" => '0660',
+                "DEFAULT_RIGHTS" => "",
+                "PAGINATION_THRESHOLD" => 500,
+                "PAGINATION_NUMBER" => 200,
+                "META_SOURCES" => array(
+                )
+        ),
+);
+
+EOF
+
+}
+
+
 foreach my $share ($a->get_all_by_prop(type=>'share')){
   my $name = $share->key;
   my $access = $share->prop('Ajaxplorer') || 'disabled';

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98Ajaxplorer

@@ -10,6 +10,8 @@ if (($ajaxplorer{'status'} || 'disabled') eq 'enabled'){
                     "    AuthExternal pwauth\n" .
                     "    Require valid-user\n" : '';
     my $maxsize = $ajaxplorer{'MaxUploadSize'} || '200M';
+    my $homedir = $ajaxplorer{'HomeDir'} || 'none';
+    $homedir = (($homedir eq 'enabled') || ($homedir eq 'users')) ? ":/home/e-smith/files/users":"";
 
     my $shares = '';
 
@@ -20,7 +22,7 @@ Alias /ajxppub /var/lib/ajaxplorer/public
 <Directory /var/lib/ajaxplorer/public>
     Options None
     AddType application/x-httpd-php .php
-    php_admin_value open_basedir /usr/share/ajaxplorer:/var/lib/ajaxplorer:/var/log/ajaxplorer:/etc/ajaxplorer:/var/cache/ajaxplorer:/usr/share/pear/:/home/e-smith/files/shares
+    php_admin_value open_basedir /usr/share/ajaxplorer:/var/lib/ajaxplorer:/var/log/ajaxplorer:/etc/ajaxplorer:/var/cache/ajaxplorer:/usr/share/pear/:/home/e-smith/files/shares$homedir
     Order deny,allow
     Allow from all
     <Files ".ajxp_*">
@@ -36,7 +38,7 @@ $alias
 
 <Directory /usr/share/ajaxplorer>
     AddType application/x-httpd-php .php
-    php_admin_value open_basedir /usr/share/ajaxplorer:/var/lib/ajaxplorer:/var/log/ajaxplorer:/etc/ajaxplorer:/var/cache/ajaxplorer:/usr/share/pear/:/home/e-smith/files/shares
+    php_admin_value open_basedir /usr/share/ajaxplorer:/var/lib/ajaxplorer:/var/log/ajaxplorer:/etc/ajaxplorer:/var/cache/ajaxplorer:/usr/share/pear/:/home/e-smith/files/shares$homedir
     php_admin_value memory_limit 100M
     php_admin_value upload_max_filesize $maxsize
     php_admin_value post_max_size $maxsize

root/etc/e-smith/templates/var/lib/ajaxplorer/plugins/auth.serial/__user__/rights.ser/10All

@@ -36,6 +36,17 @@ foreach my $share (@s){
 $data->{'ajxp_shared'} = 'rw'
     if (($ajaxplorer{'PublicShares'} || 'disabled') eq 'enabled');
 
+my $homedir = $ajaxplorer{'HomeDir'} || 'none';
+
+if ($homedir eq 'enabled'){
+    $data->{'home'} = 'r';
+}
+elsif ($homedir eq 'users'){
+    my $acc = $a->get($id);
+    my $ajxphomedir = $acc->prop('AjxpHomeDir') || 'disabled';
+    $data->{'home'} = 'r' if ($ajxphomedir eq 'enabled');
+}
+
 # Hugly hack to convert int -> bool
 my $string = serialize($data);
 $string =~ s/i:/b:/;

smeserver-ajaxplorer.spec

@@ -2,7 +2,7 @@
 # Name: Daniel Berteaud
 
 %define name smeserver-ajaxplorer
-%define version 0.1.1
+%define version 0.1.2
 %define release 1
 Summary: sme server integration of ajaxplorer
 Name: %{name}
@@ -29,6 +29,10 @@ Ajaxplorer is a rich-client browser for managing files on a web server
 This contrib works with the smeserver-shared-folders addon
 
 %changelog
+* Tue Apr 17 2012 Daniel Berteaud <daniel@firewall-services.com> 0.1.2-1
+- Posibility to access home dir (Read Only)
+- Fix ACL for rw users
+
 * Fri Apr 06 2012 Daniel Berteaud <daniel@firewall-services.com> 0.1.1-1
 - Migrate to GIT
 - make all shares accessible with open_basedir