[Feature] Add per user home directories (#143)

tchapi · Mar 29, 2024 · 76ffce2 · 76ffce2
1 parent 7b50e1b
commit 76ffce2
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 5 deletions.
diff --git a/.env b/.env
@@ -72,7 +72,11 @@ [email protected]
 # Make sure that these directories exist, with write permissions for your server.
 # USE ABSOLUTE PATHS for better predictability
 WEBDAV_TMP_DIR='/tmp'
-WEBDAV_PUBLIC_DIR='/webdav'
+WEBDAV_PUBLIC_DIR='/webdav/public'
+# By default, home directories are disabled totally (env var set to an empty string).
+# If needed, it is recommended to use a folder that is NOT a child of the public dir,
+# such as /webdav/homes for instance, so that users cannot access other users' homes.
+WEBDAV_HOMES_DIR=
 
 # Logging path
 # By default, it will log in the standard Symfony directory: var/log/prod.log (for production)

diff --git a/README.md b/README.md
@@ -118,9 +118,14 @@ f. The paths for the WebDAV installation
 
 ```
 WEBDAV_TMP_DIR='/tmp'
-WEBDAV_PUBLIC_DIR='/webdav'
+WEBDAV_PUBLIC_DIR='/webdav/public'
+WEBDAV_HOMES_DIR=
 ```
 
+> [!NOTE]
+>
+> By default, home directories are disabled totally (the env var is set to an empty string). If needed, it is recommended to use a folder that is **NOT** a child of the public dir, such as `/webdav/homes` for instance, so that users cannot access other users' homes.
+
 g. The log file path
 
 You can use an absolute file path here, and you can use Symfony's `%kernel.logs_dir%` and `%kernel.environment%` placeholders if needed (as in the default value). Setting it to `/dev/null` will disable logging altogether.

diff --git a/config/services.yaml b/config/services.yaml
@@ -51,8 +51,9 @@ services:
             $inviteAddress: "%env(INVITE_FROM_ADDRESS)%"
             $authMethod: "%env(AUTH_METHOD)%"
             $authRealm: "%env(AUTH_REALM)%"
-            $webdavPublicDir: "%env(WEBDAV_PUBLIC_DIR)%"
-            $webdavTmpDir: "%env(WEBDAV_TMP_DIR)%"
+            $webdavPublicDir: "%env(resolve:WEBDAV_PUBLIC_DIR)%"
+            $webdavHomesDir: "%env(resolve:WEBDAV_HOMES_DIR)%"
+            $webdavTmpDir: "%env(resolve:WEBDAV_TMP_DIR)%"
 
     App\Security\LoginFormAuthenticator:
         arguments:

diff --git a/src/Controller/DAVController.php b/src/Controller/DAVController.php
@@ -69,6 +69,13 @@ class DAVController extends AbstractController
      */
     protected $webdavPublicDir;
 
+    /**
+     * WebDAV User Homes directory.
+     *
+     * @var string | null
+     */
+    protected $webdavHomesDir;
+
     /**
      * WebDAV Temporary directory.
      *
@@ -128,7 +135,7 @@ class DAVController extends AbstractController
      */
     protected $server;
 
-    public function __construct(MailerInterface $mailer, BasicAuth $basicAuthBackend, IMAPAuth $IMAPAuthBackend, LDAPAuth $LDAPAuthBackend, UrlGeneratorInterface $router, EntityManagerInterface $entityManager, LoggerInterface $logger, string $publicDir, bool $calDAVEnabled = true, bool $cardDAVEnabled = true, bool $webDAVEnabled = false, string $inviteAddress = null, string $authMethod = null, string $authRealm = null, string $webdavPublicDir = null, string $webdavTmpDir = null)
+    public function __construct(MailerInterface $mailer, BasicAuth $basicAuthBackend, IMAPAuth $IMAPAuthBackend, LDAPAuth $LDAPAuthBackend, UrlGeneratorInterface $router, EntityManagerInterface $entityManager, LoggerInterface $logger, string $publicDir, bool $calDAVEnabled = true, bool $cardDAVEnabled = true, bool $webDAVEnabled = false, string $inviteAddress = null, string $authMethod = null, string $authRealm = null, string $webdavPublicDir = null, string $webdavHomesDir = null, string $webdavTmpDir = null)
     {
         $this->publicDir = $publicDir;
 
@@ -138,6 +145,7 @@ public function __construct(MailerInterface $mailer, BasicAuth $basicAuthBackend
         $this->inviteAddress = $inviteAddress ?? null;
 
         $this->webdavPublicDir = $webdavPublicDir;
+        $this->webdavHomesDir = $webdavHomesDir;
         $this->webdavTmpDir = $webdavTmpDir;
 
         $this->em = $entityManager;
@@ -209,6 +217,10 @@ private function initServer(string $authMethod, string $authRealm = User::DEFAUL
             new \Sabre\CalDAV\Principal\Collection($principalBackend),
         ];
 
+        if ($this->webdavHomesDir) {
+            $nodes[] = new \Sabre\DAVACL\FS\HomeCollection($principalBackend, $this->webdavHomesDir);
+        }
+
         if ($this->calDAVEnabled) {
             $calendarBackend = new \Sabre\CalDAV\Backend\PDO($pdo);
             $nodes[] = new \Sabre\CalDAV\CalendarRoot($principalBackend, $calendarBackend);