smeserver-shared-folders/contribs7/smeserver-shared-folders-0.1-webdav_access_when_no_auth_required.patch

diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
--- smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares   2012-03-11 18:05:05.000000000 +0100
+++ smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares       2012-03-11 19:18:21.000000000 +0100
@@ -13,6 +13,8 @@
        my $allow;
         my $pass;
         my $satisfy;
+        my $davreaders;
+        my $davwallow = '';
         my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0;
 
         # Find which users have read or write access
@@ -65,35 +67,38 @@
                 $allow   = "$localAccess $externalSSLAccess";
                 $pass    = 0;
                 $satisfy = 'all';
-                $webdav = 0;
+                $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'local-pw') {
                 $allow   = "$localAccess $externalSSLAccess";
                 $pass    = 1;
                 $satisfy = 'all';
+                $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global') {
                 $allow   = 'all';
                 $pass    = 0;
                 $satisfy = 'all';
-                $webdav = 0;
+                $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'global-pw') {
                 $allow   = 'all';
                 $pass    = 1;
                 $satisfy = 'all';
+                $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
                 $allow   = "$localAccess $externalSSLAccess";
+                $davwallow = 'all';
                 $pass    = 1;
                 $satisfy = 'any';
-                $webdav = 0;
+                $davreaders = "Require user $readers";
             }
             else {
                 next;
             }
         }
-
+        $davwallow = $allow if ($davwallow eq '');
         my $allowOverride = $properties{'AllowOverride'} || "None";
         my $followSymLinks = $properties{'FollowSymLinks'} || "disabled";
         my $indexes = $properties{'Indexes'} || "enabled";
@@ -140,26 +145,40 @@
         }
 
         $OUT .= "    AllowOverride $allowOverride\n";
-        $OUT .= "    order deny,allow\n";
-        $OUT .= "    deny from all\n";
-        $OUT .= "    allow from $allow\n";
-        if ($pass) {
+        unless ($webdav){
+            $OUT .=<<"HERE";
+    order deny,allow
+    deny from all
+    allow from $allow
+HERE
+        }
+        if ($pass || $webdav) {
             $OUT .= "    AuthName \"$properties{'Name'}\"\n";
             $OUT .= "    AuthType Basic\n";
             $OUT .= "    AuthExternal pwauth\n";
             $OUT .= "    require user $readers\n" unless ($webdav);
-            $OUT .= "    Satisfy $satisfy\n";
+            $OUT .= "    Satisfy $satisfy\n" unless ($webdav);
         }
         # WebDav is enabled only when auth is required
         if ($webdav) {
             $OUT .=<<"HERE";
 
     Dav on
-    <Limit GET PROPFIND OPTIONS LOCK UNLOCK>
-        Require user $readers
+    # Read only access
+    <Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
+        order deny,allow
+        deny from all
+        allow from $allow
+        $davreaders
+        Satisfy $satisfy
     </Limit>
-    <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK>
+    # Write access through webdav always requires authentication
+    <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
+        order deny,allow
+        deny from all
+        allow from $davwallow
         Require user $writers
+        Satisfy all
     </LimitExcept>
 
 HERE
1	diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
2	--- smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-03-11 18:05:05.000000000 +0100
3	+++ smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-03-11 19:18:21.000000000 +0100
4	@@ -13,6 +13,8 @@
5	my $allow;
6	my $pass;
7	my $satisfy;
8	+ my $davreaders;
9	+ my $davwallow = '';
10	my $webdav = (($properties{'WebDav'} \|\| 'disabled') =~ m/^(enabled\|on\|yes)$/i) ? 1 : 0;
11
12	# Find which users have read or write access
13	@@ -65,35 +67,38 @@
14	$allow = "$localAccess $externalSSLAccess";
15	$pass = 0;
16	$satisfy = 'all';
17	- $webdav = 0;
18	+ $davreaders = '';
19	}
20	elsif ($properties{'httpAccess'} eq 'local-pw') {
21	$allow = "$localAccess $externalSSLAccess";
22	$pass = 1;
23	$satisfy = 'all';
24	+ $davreaders = "Require user $readers";
25	}
26	elsif ($properties{'httpAccess'} eq 'global') {
27	$allow = 'all';
28	$pass = 0;
29	$satisfy = 'all';
30	- $webdav = 0;
31	+ $davreaders = '';
32	}
33	elsif ($properties{'httpAccess'} eq 'global-pw') {
34	$allow = 'all';
35	$pass = 1;
36	$satisfy = 'all';
37	+ $davreaders = "Require user $readers";
38	}
39	elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
40	$allow = "$localAccess $externalSSLAccess";
41	+ $davwallow = 'all';
42	$pass = 1;
43	$satisfy = 'any';
44	- $webdav = 0;
45	+ $davreaders = "Require user $readers";
46	}
47	else {
48	next;
49	}
50	}
51	-
52	+ $davwallow = $allow if ($davwallow eq '');
53	my $allowOverride = $properties{'AllowOverride'} \|\| "None";
54	my $followSymLinks = $properties{'FollowSymLinks'} \|\| "disabled";
55	my $indexes = $properties{'Indexes'} \|\| "enabled";
56	@@ -140,26 +145,40 @@
57	}
58
59	$OUT .= " AllowOverride $allowOverride\n";
60	- $OUT .= " order deny,allow\n";
61	- $OUT .= " deny from all\n";
62	- $OUT .= " allow from $allow\n";
63	- if ($pass) {
64	+ unless ($webdav){
65	+ $OUT .=<<"HERE";
66	+ order deny,allow
67	+ deny from all
68	+ allow from $allow
69	+HERE
70	+ }
71	+ if ($pass \|\| $webdav) {
72	$OUT .= " AuthName \"$properties{'Name'}\"\n";
73	$OUT .= " AuthType Basic\n";
74	$OUT .= " AuthExternal pwauth\n";
75	$OUT .= " require user $readers\n" unless ($webdav);
76	- $OUT .= " Satisfy $satisfy\n";
77	+ $OUT .= " Satisfy $satisfy\n" unless ($webdav);
78	}
79	# WebDav is enabled only when auth is required
80	if ($webdav) {
81	$OUT .=<<"HERE";
82
83	Dav on
84	- <Limit GET PROPFIND OPTIONS LOCK UNLOCK>
85	- Require user $readers
86	+ # Read only access
87	+ <Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
88	+ order deny,allow
89	+ deny from all
90	+ allow from $allow
91	+ $davreaders
92	+ Satisfy $satisfy
93	</Limit>
94	- <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK>
95	+ # Write access through webdav always requires authentication
96	+ <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
97	+ order deny,allow
98	+ deny from all
99	+ allow from $davwallow
100	Require user $writers
101	+ Satisfy all
102	</LimitExcept>
103
104	HERE