diff options
author | Lukas Reschke <lukas@statuscode.ch> | 2016-12-07 02:57:01 +0300 |
---|---|---|
committer | Lukas Reschke <lukas@statuscode.ch> | 2016-12-07 02:57:01 +0300 |
commit | 7ef24654cf0963bc9e27e2846fabea706b1a1cc5 (patch) | |
tree | 5f8619bd75127b3d1ffc2368211acbf583afdd75 /lib/Controller/WopiController.php | |
parent | 4464726d8076d71a09c8b67e28ae0aad0e168f6c (diff) |
Public editing
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Diffstat (limited to 'lib/Controller/WopiController.php')
-rw-r--r-- | lib/Controller/WopiController.php | 72 |
1 files changed, 10 insertions, 62 deletions
diff --git a/lib/Controller/WopiController.php b/lib/Controller/WopiController.php index 676fb0e9..8f9050f2 100644 --- a/lib/Controller/WopiController.php +++ b/lib/Controller/WopiController.php @@ -64,60 +64,6 @@ class WopiController extends Controller { } /** - * Generates and returns an access token for a given fileId - * - * @NoAdminRequired - * - * @param string $fileId - * @return JSONResponse - */ - public function getToken($fileId) { - $arr = explode('_', $fileId, 2); - $version = '0'; - if (count($arr) === 2) { - list($fileId, $version) = $arr; - } - - try { - /** @var File $file */ - $file = $this->rootFolder->getUserFolder($this->userId)->getById($fileId)[0]; - $updatable = $file->isUpdateable(); - } catch (\Exception $e) { - return new JSONResponse([], Http::STATUS_FORBIDDEN); - } - - // If token is for some versioned file - if ($version !== '0') { - $updatable = false; - } - - $row = new Wopi(); - $serverHost = $this->request->getServerProtocol() . '://' . $this->request->getServerHost(); - $token = $row->generateFileToken($fileId, $version, $updatable, $serverHost); - - try { - $userFolder = $this->rootFolder->getUserFolder($this->userId); - /** @var File $file */ - $file = $userFolder->getById($fileId)[0]; - $sessionData['title'] = basename($file->getPath()); - $sessionData['permissions'] = $file->getPermissions(); - $sessionData['file_id'] = $file->getId(); - - $sessionData['documents'] = [ - 0 => [ - 'urlsrc' => $this->wopiParser->getUrlSrc($file->getMimeType())['urlsrc'], - 'path' => $file->getPath(), - 'token' => $token, - ], - ]; - - return new JSONResponse($sessionData); - } catch (\Exception $e){ - return new JSONResponse([], Http::STATUS_FORBIDDEN); - } - } - - /** * Returns general info about a file. * * @NoAdminRequired @@ -141,25 +87,29 @@ class WopiController extends Controller { $res = $row->getPathForToken($fileId, $version, $token); if ($res === false) { - return new JSONResponse(); + return new JSONResponse([], Http::STATUS_FORBIDDEN); } // Login the user to see his mount locations try { /** @var File $file */ - $userFolder = $this->rootFolder->getUserFolder($res['editor']); + $userFolder = $this->rootFolder->getUserFolder($res['owner']); $file = $userFolder->getById($fileId)[0]; } catch (\Exception $e) { return new JSONResponse([], Http::STATUS_FORBIDDEN); } + if(!($file instanceof File)) { + return new JSONResponse([], Http::STATUS_FORBIDDEN); + } + return new JSONResponse( [ 'BaseFileName' => $file->getName(), 'Size' => $file->getSize(), 'Version' => $version, - 'UserId' => $res['editor'], - 'UserFriendlyName' => $this->userManager->get($res['editor'])->getDisplayName(), + 'UserId' => $res['editor'] !== '' ? $res['editor'] : 'Guest user', + 'UserFriendlyName' => $res['editor'] !== '' ? $res['editor'] : 'Guest user', 'UserCanWrite' => $res['canwrite'] ? true : false, 'PostMessageOrigin' => $res['server_host'], ] @@ -192,7 +142,7 @@ class WopiController extends Controller { try { /** @var File $file */ - $userFolder = $this->rootFolder->getUserFolder($res['editor']); + $userFolder = $this->rootFolder->getUserFolder($res['owner']); $file = $userFolder->getById($fileId)[0]; $response = new StreamResponse($file->fopen('rb')); $response->addHeader('Content-Disposition', 'attachment'); @@ -203,8 +153,6 @@ class WopiController extends Controller { } } - - /** * Given an access token and a fileId, replaces the files with the request body. * Expects a valid token in access_token parameter. @@ -233,7 +181,7 @@ class WopiController extends Controller { try { /** @var File $file */ - $userFolder = $this->rootFolder->getUserFolder($res['editor']); + $userFolder = $this->rootFolder->getUserFolder($res['owner']); $file = $userFolder->getById($fileId)[0]; $content = fopen('php://input', 'rb'); $file->putContent($content); |