1 |
vip-ire |
1.1 |
diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares |
2 |
|
|
--- smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-03-11 18:05:05.000000000 +0100 |
3 |
|
|
+++ smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-03-11 19:18:21.000000000 +0100 |
4 |
|
|
@@ -13,6 +13,8 @@ |
5 |
|
|
my $allow; |
6 |
|
|
my $pass; |
7 |
|
|
my $satisfy; |
8 |
|
|
+ my $davreaders; |
9 |
|
|
+ my $davwallow = ''; |
10 |
|
|
my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0; |
11 |
|
|
|
12 |
|
|
# Find which users have read or write access |
13 |
|
|
@@ -65,35 +67,38 @@ |
14 |
|
|
$allow = "$localAccess $externalSSLAccess"; |
15 |
|
|
$pass = 0; |
16 |
|
|
$satisfy = 'all'; |
17 |
|
|
- $webdav = 0; |
18 |
|
|
+ $davreaders = ''; |
19 |
|
|
} |
20 |
|
|
elsif ($properties{'httpAccess'} eq 'local-pw') { |
21 |
|
|
$allow = "$localAccess $externalSSLAccess"; |
22 |
|
|
$pass = 1; |
23 |
|
|
$satisfy = 'all'; |
24 |
|
|
+ $davreaders = "Require user $readers"; |
25 |
|
|
} |
26 |
|
|
elsif ($properties{'httpAccess'} eq 'global') { |
27 |
|
|
$allow = 'all'; |
28 |
|
|
$pass = 0; |
29 |
|
|
$satisfy = 'all'; |
30 |
|
|
- $webdav = 0; |
31 |
|
|
+ $davreaders = ''; |
32 |
|
|
} |
33 |
|
|
elsif ($properties{'httpAccess'} eq 'global-pw') { |
34 |
|
|
$allow = 'all'; |
35 |
|
|
$pass = 1; |
36 |
|
|
$satisfy = 'all'; |
37 |
|
|
+ $davreaders = "Require user $readers"; |
38 |
|
|
} |
39 |
|
|
elsif ($properties{'httpAccess'} eq 'global-pw-remote') { |
40 |
|
|
$allow = "$localAccess $externalSSLAccess"; |
41 |
|
|
+ $davwallow = 'all'; |
42 |
|
|
$pass = 1; |
43 |
|
|
$satisfy = 'any'; |
44 |
|
|
- $webdav = 0; |
45 |
|
|
+ $davreaders = "Require user $readers"; |
46 |
|
|
} |
47 |
|
|
else { |
48 |
|
|
next; |
49 |
|
|
} |
50 |
|
|
} |
51 |
|
|
- |
52 |
|
|
+ $davwallow = $allow if ($davwallow eq ''); |
53 |
|
|
my $allowOverride = $properties{'AllowOverride'} || "None"; |
54 |
|
|
my $followSymLinks = $properties{'FollowSymLinks'} || "disabled"; |
55 |
|
|
my $indexes = $properties{'Indexes'} || "enabled"; |
56 |
|
|
@@ -140,26 +145,40 @@ |
57 |
|
|
} |
58 |
|
|
|
59 |
|
|
$OUT .= " AllowOverride $allowOverride\n"; |
60 |
|
|
- $OUT .= " order deny,allow\n"; |
61 |
|
|
- $OUT .= " deny from all\n"; |
62 |
|
|
- $OUT .= " allow from $allow\n"; |
63 |
|
|
- if ($pass) { |
64 |
|
|
+ unless ($webdav){ |
65 |
|
|
+ $OUT .=<<"HERE"; |
66 |
|
|
+ order deny,allow |
67 |
|
|
+ deny from all |
68 |
|
|
+ allow from $allow |
69 |
|
|
+HERE |
70 |
|
|
+ } |
71 |
|
|
+ if ($pass || $webdav) { |
72 |
|
|
$OUT .= " AuthName \"$properties{'Name'}\"\n"; |
73 |
|
|
$OUT .= " AuthType Basic\n"; |
74 |
|
|
$OUT .= " AuthExternal pwauth\n"; |
75 |
|
|
$OUT .= " require user $readers\n" unless ($webdav); |
76 |
|
|
- $OUT .= " Satisfy $satisfy\n"; |
77 |
|
|
+ $OUT .= " Satisfy $satisfy\n" unless ($webdav); |
78 |
|
|
} |
79 |
|
|
# WebDav is enabled only when auth is required |
80 |
|
|
if ($webdav) { |
81 |
|
|
$OUT .=<<"HERE"; |
82 |
|
|
|
83 |
|
|
Dav on |
84 |
|
|
- <Limit GET PROPFIND OPTIONS LOCK UNLOCK> |
85 |
|
|
- Require user $readers |
86 |
|
|
+ # Read only access |
87 |
|
|
+ <Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT> |
88 |
|
|
+ order deny,allow |
89 |
|
|
+ deny from all |
90 |
|
|
+ allow from $allow |
91 |
|
|
+ $davreaders |
92 |
|
|
+ Satisfy $satisfy |
93 |
|
|
</Limit> |
94 |
|
|
- <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK> |
95 |
|
|
+ # Write access through webdav always requires authentication |
96 |
|
|
+ <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT> |
97 |
|
|
+ order deny,allow |
98 |
|
|
+ deny from all |
99 |
|
|
+ allow from $davwallow |
100 |
|
|
Require user $writers |
101 |
|
|
+ Satisfy all |
102 |
|
|
</LimitExcept> |
103 |
|
|
|
104 |
|
|
HERE |