diff --git a/.env b/.env index f9d1845..da6290e 100644 --- a/.env +++ b/.env @@ -72,7 +72,11 @@ INVITE_FROM_ADDRESS=no-reply@example.org # Make sure that these directories exist, with write permissions for your server. # USE ABSOLUTE PATHS for better predictability WEBDAV_TMP_DIR='/tmp' -WEBDAV_PUBLIC_DIR='/webdav' +WEBDAV_PUBLIC_DIR='/webdav/public' +# By default, home directories are disabled totally (env var set to an empty string). +# If needed, it is recommended to use a folder that is NOT a child of the public dir, +# such as /webdav/homes for instance, so that users cannot access other users' homes. +WEBDAV_HOMES_DIR= # Logging path # By default, it will log in the standard Symfony directory: var/log/prod.log (for production) diff --git a/config/services.yaml b/config/services.yaml index bd218f9..03fa3a4 100644 --- a/config/services.yaml +++ b/config/services.yaml @@ -52,6 +52,7 @@ services: $authMethod: "%env(AUTH_METHOD)%" $authRealm: "%env(AUTH_REALM)%" $webdavPublicDir: "%env(resolve:WEBDAV_PUBLIC_DIR)%" + $webdavHomesDir: "%env(resolve:WEBDAV_HOMES_DIR)%" $webdavTmpDir: "%env(resolve:WEBDAV_TMP_DIR)%" App\Security\LoginFormAuthenticator: diff --git a/src/Controller/DAVController.php b/src/Controller/DAVController.php index a42a8d1..b5113a5 100644 --- a/src/Controller/DAVController.php +++ b/src/Controller/DAVController.php @@ -69,6 +69,13 @@ class DAVController extends AbstractController */ protected $webdavPublicDir; + /** + * WebDAV User Homes directory. + * + * @var string | null + */ + protected $webdavHomesDir; + /** * WebDAV Temporary directory. * @@ -128,7 +135,7 @@ class DAVController extends AbstractController */ protected $server; - public function __construct(MailerInterface $mailer, BasicAuth $basicAuthBackend, IMAPAuth $IMAPAuthBackend, LDAPAuth $LDAPAuthBackend, UrlGeneratorInterface $router, EntityManagerInterface $entityManager, LoggerInterface $logger, string $publicDir, bool $calDAVEnabled = true, bool $cardDAVEnabled = true, bool $webDAVEnabled = false, string $inviteAddress = null, string $authMethod = null, string $authRealm = null, string $webdavPublicDir = null, string $webdavTmpDir = null) + public function __construct(MailerInterface $mailer, BasicAuth $basicAuthBackend, IMAPAuth $IMAPAuthBackend, LDAPAuth $LDAPAuthBackend, UrlGeneratorInterface $router, EntityManagerInterface $entityManager, LoggerInterface $logger, string $publicDir, bool $calDAVEnabled = true, bool $cardDAVEnabled = true, bool $webDAVEnabled = false, string $inviteAddress = null, string $authMethod = null, string $authRealm = null, string $webdavPublicDir = null, string $webdavHomesDir = null, string $webdavTmpDir = null) { $this->publicDir = $publicDir; @@ -138,6 +145,7 @@ public function __construct(MailerInterface $mailer, BasicAuth $basicAuthBackend $this->inviteAddress = $inviteAddress ?? null; $this->webdavPublicDir = $webdavPublicDir; + $this->webdavHomesDir = $webdavHomesDir; $this->webdavTmpDir = $webdavTmpDir; $this->em = $entityManager; @@ -207,9 +215,12 @@ private function initServer(string $authMethod, string $authRealm = User::DEFAUL $nodes = [ // /principals new \Sabre\CalDAV\Principal\Collection($principalBackend), - new \Sabre\DAVACL\FS\HomeCollection($principalBackend, $this->webdavPublicDir), ]; + if ($this->webdavHomesDir) { + $nodes[] = new \Sabre\DAVACL\FS\HomeCollection($principalBackend, $this->webdavHomesDir); + } + if ($this->calDAVEnabled) { $calendarBackend = new \Sabre\CalDAV\Backend\PDO($pdo); $nodes[] = new \Sabre\CalDAV\CalendarRoot($principalBackend, $calendarBackend);