diff options
Diffstat (limited to 'lib/Controller/DocumentController.php')
-rw-r--r-- | lib/Controller/DocumentController.php | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/lib/Controller/DocumentController.php b/lib/Controller/DocumentController.php index ccbc46ee..ba316498 100644 --- a/lib/Controller/DocumentController.php +++ b/lib/Controller/DocumentController.php @@ -93,6 +93,66 @@ class DocumentController extends Controller { } /** + * @PublicPage + * @NoCSRFRequired + * + * Returns the access_token and urlsrc for WOPI access for given $fileId + * Requests is accepted only when a secret_token is provided set by admin in + * settings page + * + * @param string $fileId + * @return access_token, urlsrc + */ + public function extAppGetData($fileId) { + $secretToken = $this->request->getParam('secret_token'); + $apps = array_filter(explode(',', $this->appConfig->getAppValue('external_apps'))); + foreach($apps as $app) { + if ($app !== '') { + if ($secretToken === $app) { + $appName = explode(':', $app); + \OC::$server->getLogger()->debug('External app "{extApp}" authenticated; issuing access token for fileId {fileId}', [ + 'app' => $this->appName, + 'extApp' => $appName[0], + 'fileId' => $fileId + ]); + try { + $folder = $this->rootFolder->getUserFolder($this->uid); + $item = $folder->getById($fileId)[0]; + if(!($item instanceof Node)) { + throw new \Exception(); + } + list($urlSrc, $token) = $this->tokenManager->getToken($item->getId()); + return array( + 'status' => 'success', + 'urlsrc' => $urlSrc, + 'token' => $token + ); + } catch (\Exception $e) { + $this->logger->logException($e, ['app'=>'richdocuments']); + $params = [ + 'remoteAddr' => $this->request->getRemoteAddress(), + 'requestID' => $this->request->getId(), + 'debugMode' => $this->settings->getSystemValue('debug'), + 'errorClass' => get_class($e), + 'errorCode' => $e->getCode(), + 'errorMsg' => $e->getMessage(), + 'file' => $e->getFile(), + 'line' => $e->getLine(), + 'trace' => $e->getTraceAsString() + ]; + return new TemplateResponse('core', 'exception', $params, 'guest'); + } + } + } + + return array( + 'status' => 'error', + 'message' => 'Permission denied' + ); + } + } + + /** * @NoAdminRequired * * @param string $fileId |