Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/richdocuments.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/Controller/WopiController.php
diff options
context:
space:
mode:
authorLukas Reschke <lukas@statuscode.ch>2016-12-07 02:57:01 +0300
committerLukas Reschke <lukas@statuscode.ch>2016-12-07 02:57:01 +0300
commit7ef24654cf0963bc9e27e2846fabea706b1a1cc5 (patch)
tree5f8619bd75127b3d1ffc2368211acbf583afdd75 /lib/Controller/WopiController.php
parent4464726d8076d71a09c8b67e28ae0aad0e168f6c (diff)
Public editing
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Diffstat (limited to 'lib/Controller/WopiController.php')
-rw-r--r--lib/Controller/WopiController.php72
1 files changed, 10 insertions, 62 deletions
diff --git a/lib/Controller/WopiController.php b/lib/Controller/WopiController.php
index 676fb0e9..8f9050f2 100644
--- a/lib/Controller/WopiController.php
+++ b/lib/Controller/WopiController.php
@@ -64,60 +64,6 @@ class WopiController extends Controller {
}
/**
- * Generates and returns an access token for a given fileId
- *
- * @NoAdminRequired
- *
- * @param string $fileId
- * @return JSONResponse
- */
- public function getToken($fileId) {
- $arr = explode('_', $fileId, 2);
- $version = '0';
- if (count($arr) === 2) {
- list($fileId, $version) = $arr;
- }
-
- try {
- /** @var File $file */
- $file = $this->rootFolder->getUserFolder($this->userId)->getById($fileId)[0];
- $updatable = $file->isUpdateable();
- } catch (\Exception $e) {
- return new JSONResponse([], Http::STATUS_FORBIDDEN);
- }
-
- // If token is for some versioned file
- if ($version !== '0') {
- $updatable = false;
- }
-
- $row = new Wopi();
- $serverHost = $this->request->getServerProtocol() . '://' . $this->request->getServerHost();
- $token = $row->generateFileToken($fileId, $version, $updatable, $serverHost);
-
- try {
- $userFolder = $this->rootFolder->getUserFolder($this->userId);
- /** @var File $file */
- $file = $userFolder->getById($fileId)[0];
- $sessionData['title'] = basename($file->getPath());
- $sessionData['permissions'] = $file->getPermissions();
- $sessionData['file_id'] = $file->getId();
-
- $sessionData['documents'] = [
- 0 => [
- 'urlsrc' => $this->wopiParser->getUrlSrc($file->getMimeType())['urlsrc'],
- 'path' => $file->getPath(),
- 'token' => $token,
- ],
- ];
-
- return new JSONResponse($sessionData);
- } catch (\Exception $e){
- return new JSONResponse([], Http::STATUS_FORBIDDEN);
- }
- }
-
- /**
* Returns general info about a file.
*
* @NoAdminRequired
@@ -141,25 +87,29 @@ class WopiController extends Controller {
$res = $row->getPathForToken($fileId, $version, $token);
if ($res === false) {
- return new JSONResponse();
+ return new JSONResponse([], Http::STATUS_FORBIDDEN);
}
// Login the user to see his mount locations
try {
/** @var File $file */
- $userFolder = $this->rootFolder->getUserFolder($res['editor']);
+ $userFolder = $this->rootFolder->getUserFolder($res['owner']);
$file = $userFolder->getById($fileId)[0];
} catch (\Exception $e) {
return new JSONResponse([], Http::STATUS_FORBIDDEN);
}
+ if(!($file instanceof File)) {
+ return new JSONResponse([], Http::STATUS_FORBIDDEN);
+ }
+
return new JSONResponse(
[
'BaseFileName' => $file->getName(),
'Size' => $file->getSize(),
'Version' => $version,
- 'UserId' => $res['editor'],
- 'UserFriendlyName' => $this->userManager->get($res['editor'])->getDisplayName(),
+ 'UserId' => $res['editor'] !== '' ? $res['editor'] : 'Guest user',
+ 'UserFriendlyName' => $res['editor'] !== '' ? $res['editor'] : 'Guest user',
'UserCanWrite' => $res['canwrite'] ? true : false,
'PostMessageOrigin' => $res['server_host'],
]
@@ -192,7 +142,7 @@ class WopiController extends Controller {
try {
/** @var File $file */
- $userFolder = $this->rootFolder->getUserFolder($res['editor']);
+ $userFolder = $this->rootFolder->getUserFolder($res['owner']);
$file = $userFolder->getById($fileId)[0];
$response = new StreamResponse($file->fopen('rb'));
$response->addHeader('Content-Disposition', 'attachment');
@@ -203,8 +153,6 @@ class WopiController extends Controller {
}
}
-
-
/**
* Given an access token and a fileId, replaces the files with the request body.
* Expects a valid token in access_token parameter.
@@ -233,7 +181,7 @@ class WopiController extends Controller {
try {
/** @var File $file */
- $userFolder = $this->rootFolder->getUserFolder($res['editor']);
+ $userFolder = $this->rootFolder->getUserFolder($res['owner']);
$file = $userFolder->getById($fileId)[0];
$content = fopen('php://input', 'rb');
$file->putContent($content);
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-03 01:05:20 +0300