Difference between revisions of "Extension talk:SimpleUploads.php"

From Organic Design wiki
(New page: ==Notes for implementation== *Apache c...)
 
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
==Todo==
 +
*double hashing using username as salt does not appear to give the same value as that stored in user_password in user table
 +
<pre>
 +
print md5("Username-".md5("password"));
 +
</pre>
 +
 
==Notes for implementation==
 
==Notes for implementation==
 
*Apache config is required to enable webdav for a  directory
 
*Apache config is required to enable webdav for a  directory
Line 11: Line 17:
 
*Special page to show results of recent operations and link to created pages
 
*Special page to show results of recent operations and link to created pages
 
*Uploaded files added to category "$username's recently uploaded files"
 
*Uploaded files added to category "$username's recently uploaded files"
 +
 +
Code fragments
 +
<pre>
 +
su
 +
 +
# install and enable mysql auth
 +
apt-get install libapache2-mod-auth-mysql
 +
a2enmod auth_mysql
 +
 +
# enable dav module
 +
a2enmod dav
 +
a2enmod dav_fs
 +
 +
apache2ctl restart
 +
 +
#mkdir -p /var/www/wikis/$wikiname/uploads
 +
 +
cat > /etc/apache2/conf.d/simple_upload
 +
 +
# webdav options
 +
DAV On
 +
DAVMinTimeout 600
 +
 +
# mysql auth options
 +
Auth_MySQL_Info cs-db.cs.auckland.ac.nz wiki-db-user wiki-db-pass
 +
 +
# uploads directory options
 +
<Directory "/var/www/mysqlauth">
 +
Options +Indexes FollowSymLinks MultiViews
 +
AllowOverride AuthConfig Options FileInfo Limit
 +
Order allow,deny
 +
Allow from all
 +
</Directory>
 +
 +
ctrl+D
 +
 +
apache2ctl restart
 +
 +
 +
For each user
 +
 +
cat > /var/www/wikis/od/uploads/$username/.htaccess
 +
 +
AuthMYSQL on
 +
AuthMySQL_Authoritative on
 +
AuthMySQL_DB $wiki_db
 +
AuthMySQL_Password_Table $wiki_user_table
 +
 +
AuthMySQL_Group_Table '(select distinct user_name, "msdn_agreed" as group_name from agree) as user_groups'
 +
AuthMySQL_Username_Field upi
 +
AuthMySQL_Group_Field group_name
 +
require group msdn_agreed
 +
 +
#AuthMySQL_Group_Table $wiki_group_table
 +
AuthMySQL_Empty_Passwords off
 +
AuthMySQL_Encryption_Types Plaintext Crypt_DES
 +
 +
AuthName "Uploads for $username"
 +
AuthType Basic
 +
 +
<Limit GET POST>
 +
require user $username
 +
</Limit>
 +
 +
ctrl+D
 +
 +
 +
 +
<Location "/research/groups/ict-test">
 +
 +
 +
  AuthType Basic
 +
  AuthName "ICT test web pages"
 +
 +
  Order allow,deny
 +
  Allow from all
 +
  <LimitExcept GET OPTIONS>
 +
  require ldap-group cn=users.csi,ou=ec_group,dc=ec,dc=auckland,dc=ac,dc=nz
 +
  </LimitExcept>
 +
 +
  BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
 +
  BrowserMatch "MS FrontPage" redirect-carefully
 +
  BrowserMatch "^WebDrive" redirect-carefully
 +
  BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
 +
  BrowserMatch "^gnome-vfs/1.0" redirect-carefully
 +
  BrowserMatch "^XML Spy" redirect-carefully
 +
  BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
 +
 +
</Location>
 +
</pre>

Latest revision as of 22:02, 29 September 2007

Todo

  • double hashing using username as salt does not appear to give the same value as that stored in user_password in user table
print md5("Username-".md5("password"));

Notes for implementation

  • Apache config is required to enable webdav for a directory
  • Permissions need to be set for the directory: chown www-data:www-data /foo/bar
  • Separate dir for each user
    • eg /var/www/wikis/od/uploads/$username
  • Script required to stat directory every few seconds
    • Launched by init.d stays alive in an infinite loop with a 1 sec sleep in it
  • Script must link in with MW objects and be able to query and create pages
    • Refer to mediawiki-1.11.0/maintenance scripts that are designed to run standalone
    • Perhaps jobs api
  • Special page to show results of recent operations and link to created pages
  • Uploaded files added to category "$username's recently uploaded files"

Code fragments 

su

# install and enable mysql auth
apt-get install libapache2-mod-auth-mysql
a2enmod auth_mysql

# enable dav module
a2enmod dav
a2enmod dav_fs

apache2ctl restart

#mkdir -p /var/www/wikis/$wikiname/uploads

cat > /etc/apache2/conf.d/simple_upload

# webdav options
DAV On
DAVMinTimeout 600

# mysql auth options
Auth_MySQL_Info cs-db.cs.auckland.ac.nz wiki-db-user wiki-db-pass

# uploads directory options
<Directory "/var/www/mysqlauth">
Options +Indexes FollowSymLinks MultiViews
AllowOverride AuthConfig Options FileInfo Limit
Order allow,deny
Allow from all
</Directory>

ctrl+D

apache2ctl restart


For each user

cat > /var/www/wikis/od/uploads/$username/.htaccess

AuthMYSQL on
AuthMySQL_Authoritative on
AuthMySQL_DB $wiki_db
AuthMySQL_Password_Table $wiki_user_table

AuthMySQL_Group_Table '(select distinct user_name, "msdn_agreed" as group_name from agree) as user_groups'
AuthMySQL_Username_Field upi
AuthMySQL_Group_Field group_name
require group msdn_agreed

#AuthMySQL_Group_Table $wiki_group_table
AuthMySQL_Empty_Passwords off
AuthMySQL_Encryption_Types Plaintext Crypt_DES

AuthName "Uploads for $username"
AuthType Basic

<Limit GET POST>
require user $username
</Limit>

ctrl+D



<Location "/research/groups/ict-test">


   AuthType Basic
   AuthName "ICT test web pages"

   Order allow,deny
   Allow from all
   <LimitExcept GET OPTIONS>
   require ldap-group cn=users.csi,ou=ec_group,dc=ec,dc=auckland,dc=ac,dc=nz
   </LimitExcept>

   BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
   BrowserMatch "MS FrontPage" redirect-carefully
   BrowserMatch "^WebDrive" redirect-carefully
   BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
   BrowserMatch "^gnome-vfs/1.0" redirect-carefully
   BrowserMatch "^XML Spy" redirect-carefully
   BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully

</Location>
Retrieved from "https://organicdesign.nz/wiki/index.php?title=Extension_talk:SimpleUploads.php&oldid=77507"