diff options
| author | Julius Härtl <jus@bitgrid.net> | 2019-07-04 17:48:35 +0300 |
|---|---|---|
| committer | Julius Härtl <jus@bitgrid.net> | 2019-08-27 19:39:52 +0300 |
| commit | 9b3fb584fb1c9fb7ce506a0797f061be07320833 (patch) | |
| tree | 50de5d9d004486cf9027fc50db36f0ae0bb4f389 /appinfo | |
| parent | 8ea1b34a2f5ed910fce4ebd68749f49ae1f3243d (diff) | |
PoC: Federated document editing
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Diffstat (limited to 'appinfo')
| -rw-r--r-- | appinfo/app.php | 35 | ||||
| -rw-r--r-- | appinfo/database.xml | 19 | ||||
| -rw-r--r-- | appinfo/routes.php | 10 |
3 files changed, 62 insertions, 2 deletions
diff --git a/appinfo/app.php b/appinfo/app.php index 5fc9bf4f..0e630bf8 100644 --- a/appinfo/app.php +++ b/appinfo/app.php @@ -23,7 +23,9 @@ namespace OCA\Richdocuments\AppInfo; use OC\Security\CSP\ContentSecurityPolicy; +use OCA\Federation\TrustedServers; use OCA\Richdocuments\PermissionManager; +use OCA\Richdocuments\Service\FederationService; $currentUser = \OC::$server->getUserSession()->getUser(); if($currentUser !== null) { @@ -72,8 +74,41 @@ if ($publicWopiUrl !== '') { if (method_exists($policy, 'addAllowedFormActionDomain')) { $policy->addAllowedFormActionDomain($publicWopiUrl); } + // TODO: remove this once figured out how to allow redirects with a frame-src nonce + $policy->addAllowedFrameDomain('https://nextcloud2.local.dev.bitgrid.net'); $manager->addDefaultPolicy($policy); } +$path = ''; +try { + $path = \OC::$server->getRequest()->getPathInfo(); +} catch (\Exception $e) {} +if ($path === '/apps/files/') { + /** @var FederationService $federationService */ + $federationService = \OC::$server->query(FederationService::class); + $remoteAccess = \OC::$server->getRequest()->getParam('richdocuments_remote_access'); + /** @var TrustedServers $trustedServers */ + $trustedServers = \OC::$server->query(TrustedServers::class); + + /* + * if ($remoteAccess && $trustedServers->isTrustedServer($remoteAccess)) { + $remoteCollabora = $federationService->getRemoteCollaboraURL($remoteAccess); + $policy->addAllowedFrameDomain($remoteAccess); + $policy->addAllowedFrameDomain($remoteCollabora); + } + + // TODO remove as this doesn't scale + // better try to reload with csp set + foreach ($trustedServers->getServers() as $server) { + $remoteCollabora = $federationService->getRemoteCollaboraURL($server['url']); + if ($remoteCollabora !== '') { + $policy->addAllowedFrameDomain($server['url']); + $policy->addAllowedFrameDomain($remoteCollabora); + } + } + $manager->addDefaultPolicy($policy); + */ +} + $app = new Application(); $app->registerProvider(); diff --git a/appinfo/database.xml b/appinfo/database.xml index 96bd2527..8db665fa 100644 --- a/appinfo/database.xml +++ b/appinfo/database.xml @@ -87,6 +87,25 @@ <default>false</default> <notnull>true</notnull> </field> + <field> + <name>is_remote_token</name> + <type>boolean</type> + <default>false</default> + <notnull>true</notnull> + </field> + <field> + <name>remote_server</name> + <type>text</type> + <default></default> + <notnull>true</notnull> + </field> + <field> + <name>remote_server_token</name> + <type>text</type> + <default></default> + <notnull>true</notnull> + <length>32</length> + </field> <index> <name>rd_wopi_token_idx</name> diff --git a/appinfo/routes.php b/appinfo/routes.php index 428ac1ec..9dbf65af 100644 --- a/appinfo/routes.php +++ b/appinfo/routes.php @@ -29,6 +29,7 @@ return [ 'routes' => [ //documents ['name' => 'document#index', 'url' => 'index', 'verb' => 'GET'], + ['name' => 'document#remote', 'url' => 'remote', 'verb' => 'GET'], ['name' => 'document#template', 'url' => 'indexTemplate', 'verb' => 'GET'], ['name' => 'document#publicPage', 'url' => '/public', 'verb' => 'GET'], ['name' => 'document#create', 'url' => 'ajax/documents/create', 'verb' => 'POST'], @@ -54,7 +55,7 @@ return [ //assets ['name' => 'assets#create', 'url' => 'assets', 'verb' => 'POST'], ['name' => 'assets#get', 'url' => 'assets/{token}', 'verb' => 'GET'], - + // templates ['name' => 'templates#getPreview', 'url' => '/template/preview/{fileId}', 'verb' => 'GET'], ['name' => 'templates#add', 'url' => '/template', 'verb' => 'POST'], @@ -63,6 +64,11 @@ return [ 'ocs' => [ ['name' => 'OCS#create', 'url' => '/api/v1/document', 'verb' => 'POST'], ['name' => 'OCS#getTemplates', 'url' => '/api/v1/templates/{type}', 'verb' => 'GET'], - ['name' => 'OCS#createFromTemplate', 'url' => '/api/v1/templates/new', 'verb' => 'POST'] + ['name' => 'OCS#createFromTemplate', 'url' => '/api/v1/templates/new', 'verb' => 'POST'], + + ['name' => 'Federation#index', 'url' => '/api/v1/federation', 'verb' => 'GET'], + ['name' => 'Federation#remoteWopiToken', 'url' => '/api/v1/federation', 'verb' => 'POST'], + ['name' => 'Federation#remoteDirectToken', 'url' => '/api/v1/federation/direct', 'verb' => 'POST'], + ], ]; |