Welcome to mirror list, hosted at ThFree Co, Russian Federation.

PageController.php « Controller « lib - github.com/CarnetApp/CarnetNextcloud.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/Controller/PageController.php
blob: e3f758af4e90837f2edfc4a6622f4abe5acac693 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140

<?php
namespace OCA\Carnet\Controller;

use OCP\App;
use OCP\IRequest;
use OCP\AppFramework\Http\ContentSecurityPolicy;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\Controller;

class PageController extends Controller {
	private $userId;
	private $config;
	public function __construct($AppName, IRequest $request, $UserId, $Config){
		parent::__construct($AppName, $request);
		$this->userId = $UserId;
		$this->config = $Config;
	}

	/**
	 * CAUTION: the @Stuff turns off security checks; for this page no admin is
	 *          required and no CSRF check. If you don't know what CSRF is, read
	 *          it up in the docs or you might create a security hole. This is
	 *          basically the only required method to add this exemption, don't
	 *          add it to any other method if you don't exactly know what it does
	 *
	 * @NoAdminRequired
	 * @NoCSRFRequired
	 */
	public function browser() {
		$parameters = [
			'nc_version' => \OCP\Util::getVersion()[0],
			'carnet_display_fullscreen' => $this->config->getAppValue('carnet', 'carnetDisplayFullscreen', 'no'),
			'app_version' => App::getAppInfo($this->appName)['version'],
		];
		$response = new TemplateResponse($this->appName,"browser",$parameters);
		$response->renderAs("blank");
		$policy = new ContentSecurityPolicy();
		$policy->addAllowedFrameDomain('\'self\'');
		$policy->addAllowedFrameDomain('data:');
		
		$response->setContentSecurityPolicy($policy); // allow iframe
		return $response;
	}

	/**
	 * CAUTION: the @Stuff turns off security checks; for this page no admin is
	 *          required and no CSRF check. If you don't know what CSRF is, read
	 *          it up in the docs or you might create a security hole. This is
	 *          basically the only required method to add this exemption, don't
	 *          add it to any other method if you don't exactly know what it does
	 *
	 * @NoAdminRequired
	 * @NoCSRFRequired
	 */
	public function index() {
		$parameters = [
			'nc_version' => \OCP\Util::getVersion()[0],
			'carnet_display_fullscreen' => $this->config->getAppValue('carnet', 'carnetDisplayFullscreen', 'no'),
			'app_version' => App::getAppInfo($this->appName)['version'],
		];
		$response = new TemplateResponse($this->appName,"index",$parameters);
		$policy = new ContentSecurityPolicy();
		$policy->addAllowedFrameDomain('\'self\'');
		$policy->addAllowedFrameDomain('data:');
		
		$response->setContentSecurityPolicy($policy); // allow iframe
		return $response;
	}

		/**
	 * @NoAdminRequired
	 * @NoCSRFRequired
	 */
	public function writer() {
		$parameters = [
			'app_version' => App::getAppInfo($this->appName)['version'],
		];
		$response = new TemplateResponse($this->appName,"writer",$parameters);
		$policy = new ContentSecurityPolicy();
		$policy->addAllowedMediaDomain('blob:');
		$policy->addAllowedFrameDomain('\'self\'');
		$policy->addAllowedFrameDomain('data:');
		//needed by record encoder
		$policy->addAllowedScriptDomain('*');
		if (method_exists($policy, "addAllowedWorkerSrcDomain")){
			$policy->addAllowedWorkerSrcDomain('\'self\'');

		}
		$response->setContentSecurityPolicy($policy);
		$response->renderAs("blank");
		return $response;
	}
	/**
	* @NoAdminRequired
	* @NoCSRFRequired
	*/
   public function settings() {
		$parameters = [
			'carnet_display_fullscreen' => $this->config->getAppValue('carnet', 'carnetDisplayFullscreen', 'no'),
			'app_version' => App::getAppInfo($this->appName)['version'],
		];
		$response =  new TemplateResponse($this->appName,"settings", $parameters);
		if($this->config->getAppValue('carnet', 'carnetDisplayFullscreen', 'no') === "yes")
			$response->renderAs("blank");
		$policy = new ContentSecurityPolicy();
        $policy->addAllowedFrameDomain('\'self\'');
		$response->setContentSecurityPolicy($policy); // allow iframe
		return $response;
   }

   	/**
	* @NoAdminRequired
	* @NoCSRFRequired
	*/
	public function importer() {
		$parameters = [
			'app_version' => App::getAppInfo($this->appName)['version'],
		];
		$response =  new TemplateResponse($this->appName,"importer", $parameters);
		$response->renderAs("blank");
		
		return $response;
   }

   /**
	* @NoAdminRequired
	* @NoCSRFRequired
	*/
	public function exporter() {
		$parameters = [
			'app_version' => App::getAppInfo($this->appName)['version'],
		];
		$response =  new TemplateResponse($this->appName,"exporter", $parameters);
		$response->renderAs("blank");
		
		return $response;
   }

}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 05:01:21 +0300