diff options
author | Sergey Linnik <sergey.linnik@onlyoffice.com> | 2017-10-13 12:16:19 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-10-13 12:16:19 +0300 |
commit | 050234ccd85c9822107f49ca77e236fd8c85bc54 (patch) | |
tree | 90b0f5fbf36be99a2c7ec3e4e0683cf1664de3ec | |
parent | 262ce12dcb2d6c2f2cd8b7e990551e57d4695e7f (diff) | |
parent | 0e4d87317ce7e801c75aa40df3c2a3b022bdce26 (diff) |
Merge pull request #109 from ONLYOFFICE/developv1.1.5
Release/1.1.5
-rw-r--r-- | CHANGELOG.md | 8 | ||||
-rw-r--r-- | appinfo/info.xml | 6 | ||||
-rw-r--r-- | controller/callbackcontroller.php | 24 | ||||
-rw-r--r-- | controller/editorcontroller.php | 52 | ||||
-rw-r--r-- | lib/appconfig.php | 67 | ||||
-rw-r--r-- | lib/documentservice.php | 4 |
6 files changed, 92 insertions, 69 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 4227201..a78191a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # Change Log +## 1.1.5 +## Added +- the ability to change the header key + +## Changed +- fix opening file from external storage +- fix opening federated shared file + ## 1.1.4 ## Added - extended list of languages for new files diff --git a/appinfo/info.xml b/appinfo/info.xml index 25e8621..13847e0 100644 --- a/appinfo/info.xml +++ b/appinfo/info.xml @@ -5,15 +5,17 @@ <name>Onlyoffice</name> <summary>ownCloud ONLYOFFICE integration app</summary> <description>ONLYOFFICE integration app enables users to edit Office documents within ONLYOFFICE from OwnCloud. This will create a new Open in ONLYOFFICE action within the document library for Office documents. This allows multiple users to collaborate in real time and to save back those changes to OwnCloud.</description> - <licence>AGPL</licence> + <licence>agpl</licence> <author>Ascensio System SIA</author> - <version>1.1.4</version> + <version>1.1.5</version> <namespace>Onlyoffice</namespace> <types> <filesystem/> </types> <documentation> <admin>https://api.onlyoffice.com/editors/owncloud</admin> + <developer>https://api.onlyoffice.com/editors/owncloud</developer> + <user>https://api.onlyoffice.com/editors/owncloud</user> </documentation> <category>files</category> <category>integration</category> diff --git a/controller/callbackcontroller.php b/controller/callbackcontroller.php index 07b5a70..08b80c2 100644 --- a/controller/callbackcontroller.php +++ b/controller/callbackcontroller.php @@ -172,7 +172,7 @@ class CallbackController extends Controller { $this->logger->debug("Download: " . $fileId, array("app" => $this->appName)); if (!empty($this->config->GetDocumentServerSecret())) { - $header = \OC::$server->getRequest()->getHeader("Authorization"); + $header = \OC::$server->getRequest()->getHeader($this->config->JwtHeader()); if (empty($header)) { $this->logger->info("Download without jwt", array("app" => $this->appName)); return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN); @@ -188,9 +188,9 @@ class CallbackController extends Controller { } } - $ownerId = $hashData->ownerId; + $userId = $hashData->userId; - $files = $this->root->getUserFolder($ownerId)->getById($fileId); + $files = $this->root->getUserFolder($userId)->getById($fileId); if (empty($files)) { $this->logger->info("Files for download not found: " . $fileId, array("app" => $this->appName)); return new JSONResponse(["message" => $this->trans->t("Files not found")], Http::STATUS_NOT_FOUND); @@ -237,7 +237,7 @@ class CallbackController extends Controller { } if (!empty($this->config->GetDocumentServerSecret())) { - $header = \OC::$server->getRequest()->getHeader("Authorization"); + $header = \OC::$server->getRequest()->getHeader($this->config->JwtHeader()); if (empty($header)) { $this->logger->info("Download empty without jwt", array("app" => $this->appName)); return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN); @@ -301,7 +301,7 @@ class CallbackController extends Controller { $this->logger->debug("Track: " . $fileId . " status " . $status, array("app" => $this->appName)); if (!empty($this->config->GetDocumentServerSecret())) { - $header = \OC::$server->getRequest()->getHeader("Authorization"); + $header = \OC::$server->getRequest()->getHeader($this->config->JwtHeader()); if (empty($header)) { $this->logger->info("Track without jwt", array("app" => $this->appName)); return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN); @@ -335,12 +335,12 @@ class CallbackController extends Controller { return new JSONResponse(["message" => $this->trans->t("Url not found")], Http::STATUS_BAD_REQUEST); } - $ownerId = $hashData->ownerId; + $userId = $hashData->userId; \OC_Util::tearDownFS(); - \OC_Util::setupFS($ownerId); + \OC_Util::setupFS($userId); - $files = $this->root->getUserFolder($ownerId)->getById($fileId); + $files = $this->root->getUserFolder($userId)->getById($fileId); if (empty($files)) { $this->logger->info("Files for track not found: " . $fileId, array("app" => $this->appName)); return new JSONResponse(["message" => $this->trans->t("Files not found")], Http::STATUS_NOT_FOUND); @@ -384,10 +384,14 @@ class CallbackController extends Controller { } } - if (($newData = $documentService->Request($url))) { + $this->userSession->setUser($this->userManager->get($users[0])); - $this->userSession->setUser($this->userManager->get($users[0])); + if (!$file->isUpdateable()) { + $this->logger->error("Save error. File is not updateable: " . $fileId, array("app" => $this->appName)); + return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN); + } + if (($newData = $documentService->Request($url))) { $file->putContent($newData); $error = 0; } diff --git a/controller/editorcontroller.php b/controller/editorcontroller.php index 54435dd..6d1c05c 100644 --- a/controller/editorcontroller.php +++ b/controller/editorcontroller.php @@ -357,17 +357,15 @@ class EditorController extends Controller { } $userId = $this->userSession->getUser()->getUID(); - $ownerId = $file->getOwner()->getUID(); - $folderPath = NULL; - try { - $userFolder = $this->root->getUserFolder($ownerId); - $folderPath = $userFolder->getRelativePath($file->getParent()->getPath()); - } catch (NoUserException $e) { - $ownerId = $userId; - } + $userFolder = $this->root->getUserFolder($userId); + $folderPath = $userFolder->getRelativePath($file->getParent()->getPath()); + $folderLink = $this->urlGenerator->linkToRouteAbsolute("files.view.index", [ + "dir" => $folderPath, + "scrollto" => $file->getName() + ]); $fileId = $file->getId(); - $hashCallback = $this->crypt->GetHash(["fileId" => $fileId, "ownerId" => $ownerId, "action" => "track"]); + $hashCallback = $this->crypt->GetHash(["fileId" => $fileId, "userId" => $userId, "action" => "track"]); $fileUrl = $this->getUrl($file); $key = $this->getKey($file); @@ -388,6 +386,11 @@ class EditorController extends Controller { "documentType" => $format["type"], "editorConfig" => [ "callbackUrl" => $callback, + "customization" => [ + "goback" => [ + "url" => $folderLink + ] + ], "lang" => str_replace("_", "-", \OC::$server->getL10NFactory("")->get("")->getLanguageCode()), "mode" => (empty($callback) ? "view" : "edit"), "user" => [ @@ -397,24 +400,13 @@ class EditorController extends Controller { ] ]; - if (!empty($folderPath)) { - $args = [ - "dir" => $folderPath, - "scrollto" => $file->getName() - ]; - - $params["editorConfig"]["customization"] = [ - "goback" => [ - "url" => $this->urlGenerator->linkToRouteAbsolute("files.view.index", $args) - ] - ]; - } - if (!empty($this->config->GetDocumentServerSecret())) { $token = \Firebase\JWT\JWT::encode($params, $this->config->GetDocumentServerSecret()); $params["token"] = $token; } + $this->logger->debug("Config is generated for: " . $fileId . " with key " . $key, array("app" => $this->appName)); + return $params; } @@ -452,6 +444,8 @@ class EditorController extends Controller { private function getKey($file) { $fileId = $file->getId(); + $key = $fileId . "_" . $file->getMtime(); + $ownerId = $file->getOwner()->getUID(); try { $this->root->getUserFolder($ownerId); @@ -459,8 +453,6 @@ class EditorController extends Controller { $ownerId = $this->userSession->getUser()->getUID(); } - $key = $fileId . $file->getMtime(); - $ownerView = new View("/" . $ownerId . "/files"); $filePath = $ownerView->getPath($fileId); $versions = []; @@ -470,8 +462,9 @@ class EditorController extends Controller { $countVersions = count($versions); if ($countVersions > 0) { - $key = $key . $countVersions; + $key = $key . "_" . $countVersions; } + return $key; } @@ -485,14 +478,9 @@ class EditorController extends Controller { private function getUrl($file) { $fileId = $file->getId(); - $ownerId = $file->getOwner()->getUID(); - try { - $this->root->getUserFolder($ownerId); - } catch (NoUserException $e) { - $ownerId = $userId; - } + $userId = $this->userSession->getUser()->getUID(); - $hashUrl = $this->crypt->GetHash(["fileId" => $fileId, "ownerId" => $ownerId, "action" => "download"]); + $hashUrl = $this->crypt->GetHash(["fileId" => $fileId, "userId" => $userId, "action" => "download"]); $fileUrl = $this->urlGenerator->linkToRouteAbsolute($this->appName . ".callback.download", ["doc" => $hashUrl]); diff --git a/lib/appconfig.php b/lib/appconfig.php index 081afc3..2be5943 100644 --- a/lib/appconfig.php +++ b/lib/appconfig.php @@ -79,13 +79,6 @@ class AppConfig { private $_storageUrl = "StorageUrl"; /** - * The config key for the secret key in jwt - * - * @var string - */ - private $_secret = "DocumentServerSecret"; - - /** * The config key for the secret key * * @var string @@ -114,6 +107,20 @@ class AppConfig { private $_verification = "verify_peer_off"; /** + * The config key for the secret key in jwt + * + * @var string + */ + private $_jwtSecret = "jwt_secret"; + + /** + * The config key for the jwt header + * + * @var string + */ + private $_jwtHeader = "jwt_header"; + + /** * @param string $AppName - application name */ public function __construct($AppName) { @@ -247,7 +254,7 @@ class AppConfig { $this->logger->info("Set secret key", array("app" => $this->appName)); } - $this->config->setAppValue($this->appName, $this->_secret, $secret); + $this->config->setAppValue($this->appName, $this->_jwtSecret, $secret); } /** @@ -256,11 +263,11 @@ class AppConfig { * @return string */ public function GetDocumentServerSecret() { - $secret = $this->config->getAppValue($this->appName, $this->_secret, ""); + $secret = $this->config->getAppValue($this->appName, $this->_jwtSecret, ""); if (empty($secret) && !empty($this->config->getSystemValue($this->appName)) - && array_key_exists($this->_secret, $this->config->getSystemValue($this->appName))) { - $secret = $this->config->getSystemValue($this->appName)[$this->_secret]; + && array_key_exists($this->_jwtSecret, $this->config->getSystemValue($this->appName))) { + $secret = $this->config->getSystemValue($this->appName)[$this->_jwtSecret]; } return $secret; } @@ -331,19 +338,33 @@ class AppConfig { return $this->config->getAppValue($this->appName, $this->_sameTab, "false") === "true"; } - /** - * Get the turn off verification setting - * - * @return boolean - */ - public function TurnOffVerification() { - $turnOff = FALSE; - if (!empty($this->config->getSystemValue($this->appName)) - && array_key_exists($this->_verification, $this->config->getSystemValue($this->appName))) { - $turnOff = $this->config->getSystemValue($this->appName)[$this->_verification]; - } - return $turnOff === TRUE; + /** + * Get the turn off verification setting + * + * @return boolean + */ + public function TurnOffVerification() { + $turnOff = FALSE; + if (!empty($this->config->getSystemValue($this->appName)) + && array_key_exists($this->_verification, $this->config->getSystemValue($this->appName))) { + $turnOff = $this->config->getSystemValue($this->appName)[$this->_verification]; } + return $turnOff === TRUE; + } + + /** + * Get the jwt header setting + * + * @return boolean + */ + public function JwtHeader() { + $header = "Authorization"; + if (!empty($this->config->getSystemValue($this->appName)) + && array_key_exists($this->_jwtHeader, $this->config->getSystemValue($this->appName))) { + $header = $this->config->getSystemValue($this->appName)[$this->_jwtHeader]; + } + return $header; + } /** diff --git a/lib/documentservice.php b/lib/documentservice.php index b88ec7d..3f16e9b 100644 --- a/lib/documentservice.php +++ b/lib/documentservice.php @@ -166,7 +166,7 @@ class DocumentService { "payload" => $data ]; $token = \Firebase\JWT\JWT::encode($params, $this->config->GetDocumentServerSecret()); - $opts["http"]["header"] = $opts["http"]["header"] . "Authorization: Bearer " . $token . "\r\n"; + $opts["http"]["header"] = $opts["http"]["header"] . $this->config->JwtHeader() . ": Bearer " . $token . "\r\n"; } $ServiceConverterMaxTry = 3; @@ -281,7 +281,7 @@ class DocumentService { "payload" => $data ]; $token = \Firebase\JWT\JWT::encode($params, $this->config->GetDocumentServerSecret()); - $opts["http"]["header"] = $opts["http"]["header"] . "Authorization: Bearer " . $token . "\r\n"; + $opts["http"]["header"] = $opts["http"]["header"] . $this->config->JwtHeader() . ": Bearer " . $token . "\r\n"; } if (($response = $this->Request($urlCommand, $opts)) === FALSE) { |