smeserver-shared-folders/contribs8/smeserver-shared-folders-0.1-webdav_access_when_no_auth_required.patch

diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
--- smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares   2012-03-11 18:05:05.000000000 +0100
+++ smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares       2012-03-11 19:18:21.000000000 +0100
@@ -13,6 +13,8 @@
        my $allow;
         my $pass;
         my $satisfy;
+        my $davreaders;
+        my $davwallow = '';
         my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0;
 
         # Find which users have read or write access
@@ -65,35 +67,38 @@
                 $allow   = "$localAccess $externalSSLAccess";
                 $pass    = 0;
                 $satisfy = 'all';
-                $webdav = 0;
+                $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'local-pw') {
                 $allow   = "$localAccess $externalSSLAccess";
                 $pass    = 1;
                 $satisfy = 'all';
+                $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global') {
                 $allow   = 'all';
                 $pass    = 0;
                 $satisfy = 'all';
-                $webdav = 0;
+                $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'global-pw') {
                 $allow   = 'all';
                 $pass    = 1;
                 $satisfy = 'all';
+                $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
                 $allow   = "$localAccess $externalSSLAccess";
+                $davwallow = 'all';
                 $pass    = 1;
                 $satisfy = 'any';
-                $webdav = 0;
+                $davreaders = "Require user $readers";
             }
             else {
                 next;
             }
         }
-
+        $davwallow = $allow if ($davwallow eq '');
         my $allowOverride = $properties{'AllowOverride'} || "None";
         my $followSymLinks = $properties{'FollowSymLinks'} || "disabled";
         my $indexes = $properties{'Indexes'} || "enabled";
@@ -140,26 +145,40 @@
         }
 
         $OUT .= "    AllowOverride $allowOverride\n";
-        $OUT .= "    order deny,allow\n";
-        $OUT .= "    deny from all\n";
-        $OUT .= "    allow from $allow\n";
-        if ($pass) {
+        unless ($webdav){
+            $OUT .=<<"HERE";
+    order deny,allow
+    deny from all
+    allow from $allow
+HERE
+        }
+        if ($pass || $webdav) {
             $OUT .= "    AuthName \"$properties{'Name'}\"\n";
             $OUT .= "    AuthType Basic\n";
             $OUT .= "    AuthExternal pwauth\n";
             $OUT .= "    require user $readers\n" unless ($webdav);
-            $OUT .= "    Satisfy $satisfy\n";
+            $OUT .= "    Satisfy $satisfy\n" unless ($webdav);
         }
         # WebDav is enabled only when auth is required
         if ($webdav) {
             $OUT .=<<"HERE";
 
     Dav on
-    <Limit GET PROPFIND OPTIONS LOCK UNLOCK>
-        Require user $readers
+    # Read only access
+    <Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
+        order deny,allow
+        deny from all
+        allow from $allow
+        $davreaders
+        Satisfy $satisfy
     </Limit>
-    <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK>
+    # Write access through webdav always requires authentication
+    <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
+        order deny,allow
+        deny from all
+        allow from $davwallow
         Require user $writers
+        Satisfy all
     </LimitExcept>
 
 HERE
1	unnilennium	1.1	diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
2			--- smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-03-11 18:05:05.000000000 +0100
3			+++ smeserver-shared-folders-0.1_mod/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-03-11 19:18:21.000000000 +0100
4			@@ -13,6 +13,8 @@
5			my $allow;
6			my $pass;
7			my $satisfy;
8			+ my $davreaders;
9			+ my $davwallow = '';
10			my $webdav = (($properties{'WebDav'} \|\| 'disabled') =~ m/^(enabled\|on\|yes)$/i) ? 1 : 0;
11
12			# Find which users have read or write access
13			@@ -65,35 +67,38 @@
14			$allow = "$localAccess $externalSSLAccess";
15			$pass = 0;
16			$satisfy = 'all';
17			- $webdav = 0;
18			+ $davreaders = '';
19			}
20			elsif ($properties{'httpAccess'} eq 'local-pw') {
21			$allow = "$localAccess $externalSSLAccess";
22			$pass = 1;
23			$satisfy = 'all';
24			+ $davreaders = "Require user $readers";
25			}
26			elsif ($properties{'httpAccess'} eq 'global') {
27			$allow = 'all';
28			$pass = 0;
29			$satisfy = 'all';
30			- $webdav = 0;
31			+ $davreaders = '';
32			}
33			elsif ($properties{'httpAccess'} eq 'global-pw') {
34			$allow = 'all';
35			$pass = 1;
36			$satisfy = 'all';
37			+ $davreaders = "Require user $readers";
38			}
39			elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
40			$allow = "$localAccess $externalSSLAccess";
41			+ $davwallow = 'all';
42			$pass = 1;
43			$satisfy = 'any';
44			- $webdav = 0;
45			+ $davreaders = "Require user $readers";
46			}
47			else {
48			next;
49			}
50			}
51			-
52			+ $davwallow = $allow if ($davwallow eq '');
53			my $allowOverride = $properties{'AllowOverride'} \|\| "None";
54			my $followSymLinks = $properties{'FollowSymLinks'} \|\| "disabled";
55			my $indexes = $properties{'Indexes'} \|\| "enabled";
56			@@ -140,26 +145,40 @@
57			}
58
59			$OUT .= " AllowOverride $allowOverride\n";
60			- $OUT .= " order deny,allow\n";
61			- $OUT .= " deny from all\n";
62			- $OUT .= " allow from $allow\n";
63			- if ($pass) {
64			+ unless ($webdav){
65			+ $OUT .=<<"HERE";
66			+ order deny,allow
67			+ deny from all
68			+ allow from $allow
69			+HERE
70			+ }
71			+ if ($pass \|\| $webdav) {
72			$OUT .= " AuthName \"$properties{'Name'}\"\n";
73			$OUT .= " AuthType Basic\n";
74			$OUT .= " AuthExternal pwauth\n";
75			$OUT .= " require user $readers\n" unless ($webdav);
76			- $OUT .= " Satisfy $satisfy\n";
77			+ $OUT .= " Satisfy $satisfy\n" unless ($webdav);
78			}
79			# WebDav is enabled only when auth is required
80			if ($webdav) {
81			$OUT .=<<"HERE";
82
83			Dav on
84			- <Limit GET PROPFIND OPTIONS LOCK UNLOCK>
85			- Require user $readers
86			+ # Read only access
87			+ <Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
88			+ order deny,allow
89			+ deny from all
90			+ allow from $allow
91			+ $davreaders
92			+ Satisfy $satisfy
93			</Limit>
94			- <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK>
95			+ # Write access through webdav always requires authentication
96			+ <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
97			+ order deny,allow
98			+ deny from all
99			+ allow from $davwallow
100			Require user $writers
101			+ Satisfy all
102			</LimitExcept>
103
104			HERE