diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Controller/DocumentController.php | 8 | ||||
-rw-r--r-- | lib/Controller/OCSController.php | 47 | ||||
-rw-r--r-- | lib/Controller/WopiController.php | 2 | ||||
-rw-r--r-- | lib/Db/Wopi.php | 2 | ||||
-rw-r--r-- | lib/Helper.php | 2 | ||||
-rw-r--r-- | lib/TokenManager.php | 48 |
6 files changed, 75 insertions, 34 deletions
diff --git a/lib/Controller/DocumentController.php b/lib/Controller/DocumentController.php index 664d17a3..bca32ffa 100644 --- a/lib/Controller/DocumentController.php +++ b/lib/Controller/DocumentController.php @@ -360,11 +360,9 @@ class DocumentController extends Controller { 'userId' => $this->uid, ]; - if ($this->uid !== null || ($share->getPermissions() & \OCP\Constants::PERMISSION_UPDATE) === 0 || $this->helper->getGuestName() !== null) { - list($urlSrc, $token) = $this->tokenManager->getToken($item->getId(), $shareToken, $this->uid); - $params['token'] = $token; - $params['urlsrc'] = $urlSrc; - } + list($urlSrc, $token) = $this->tokenManager->getToken($item->getId(), $shareToken, $this->uid); + $params['token'] = $token; + $params['urlsrc'] = $urlSrc; $response = new TemplateResponse('richdocuments', 'documents', $params, 'base'); $this->setupPolicy($response); diff --git a/lib/Controller/OCSController.php b/lib/Controller/OCSController.php index d1eb7181..52bcaa88 100644 --- a/lib/Controller/OCSController.php +++ b/lib/Controller/OCSController.php @@ -24,9 +24,12 @@ namespace OCA\Richdocuments\Controller; use OCA\Richdocuments\Db\DirectMapper; +use OCA\Richdocuments\Db\Wopi; +use OCA\Richdocuments\Helper; use OCA\Richdocuments\Service\FederationService; use OCA\Richdocuments\TemplateManager; use OCA\Richdocuments\TokenManager; +use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSBadRequestException; @@ -150,16 +153,22 @@ class OCSController extends \OCP\AppFramework\OCSController { $wopi = $this->tokenManager->newInitiatorToken($host, null, $shareToken, true, $this->userId); $client = \OC::$server->getHTTPClientService()->newClient(); - $response = $client->post(rtrim($host, '/') . '/ocs/v2.php/apps/richdocuments/api/v1/direct/share/initiator?format=json', [ - 'body' => [ - 'initiatorServer' => \OC::$server->getURLGenerator()->getAbsoluteURL(''), - 'initiatorToken' => $wopi->getToken(), - 'shareToken' => $shareToken, - 'path' => $path, - 'password' => $password - ], - 'timeout' => 30 - ]); + try { + $response = $client->post(rtrim($host, '/') . '/ocs/v2.php/apps/richdocuments/api/v1/direct/share/initiator?format=json', [ + 'body' => [ + 'initiatorServer' => \OC::$server->getURLGenerator()->getAbsoluteURL(''), + 'initiatorToken' => $wopi->getToken(), + 'shareToken' => $shareToken, + 'path' => $path, + 'password' => $password + ], + 'timeout' => 30 + ]); + } catch (\Exception $e) { + $response = new DataResponse([], HTTP::STATUS_FORBIDDEN); + $response->throttle(); + return $response; + } $url = \json_decode($response->getBody(), true)['ocs']['data']['url']; return new DataResponse([ @@ -246,6 +255,24 @@ class OCSController extends \OCP\AppFramework\OCSController { } /** + * Generate a direct editing link for a file in a public share to open with the current user + * + * @NoAdminRequired + * @BruteForceProtection(action=richdocumentsCreatePublic) + * @PublicPage + */ + public function updateGuestName(string $access_token, string $guestName): DataResponse { + try { + $this->tokenManager->updateGuestName($access_token, $guestName); + return new DataResponse([], Http::STATUS_OK); + } catch (DoesNotExistException $e) { + $response = new DataResponse([], Http::STATUS_FORBIDDEN); + $response->throttle(); + return $response; + } + } + + /** * @NoAdminRequired * * @param string $type The template type diff --git a/lib/Controller/WopiController.php b/lib/Controller/WopiController.php index 20cec6d9..d01db98f 100644 --- a/lib/Controller/WopiController.php +++ b/lib/Controller/WopiController.php @@ -271,7 +271,7 @@ class WopiController extends Controller { return $response; } - $response['UserFriendlyName'] = $initiator->getGuestDisplayname() . ' (Guest)'; + $response['UserFriendlyName'] = $this->tokenManager->prepareGuestName($initiator->getGuestDisplayname()); if ($initiator->hasTemplateId()) { $templateUrl = $wopi->getRemoteServer() . '/index.php/apps/richdocuments/wopi/template/' . $initiator->getTemplateId() . '?access_token=' . $initiator->getToken(); $response['TemplateSource'] = $templateUrl; diff --git a/lib/Db/Wopi.php b/lib/Db/Wopi.php index 11d7d4ed..31250603 100644 --- a/lib/Db/Wopi.php +++ b/lib/Db/Wopi.php @@ -51,7 +51,7 @@ use OCP\AppFramework\Db\Entity; * @method string getRemoteServerToken() * @method void setExpiry(int $expiry) * @method int getExpiry() - * @method void setGuestDisplayname(string $token) + * @method void setGuestDisplayname(string $guestDisplayName) * @method string getGuestDisplayname() * @method void setTemplateDestination(int $fileId) * @method int getTemplateDestination() diff --git a/lib/Helper.php b/lib/Helper.php index aa48dc35..6b96d3a7 100644 --- a/lib/Helper.php +++ b/lib/Helper.php @@ -82,7 +82,7 @@ class Helper { return $filename; } - public function getGuestName() { + public function getGuestNameFromCookie() { if ($this->userId !== null || !isset($_COOKIE['guestUser']) || $_COOKIE['guestUser'] === '') { return null; } diff --git a/lib/TokenManager.php b/lib/TokenManager.php index 8c563f73..1ad20db8 100644 --- a/lib/TokenManager.php +++ b/lib/TokenManager.php @@ -21,11 +21,14 @@ namespace OCA\Richdocuments; +use InvalidArgumentException; use OCA\Richdocuments\Db\Direct; use OCA\Richdocuments\Db\WopiMapper; use OCA\Richdocuments\Db\Wopi; use OCA\Richdocuments\Service\CapabilitiesService; use OCA\Richdocuments\WOPI\Parser; +use OCP\AppFramework\Db\DoesNotExistException; +use OCP\AppFramework\Http\DataResponse; use OCP\Constants; use OCP\Files\File; use OCP\Files\ForbiddenException; @@ -192,22 +195,7 @@ class TokenManager { fclose($fp); $serverHost = $this->urlGenerator->getAbsoluteURL('/'); - - $guestName = null; - if ($this->userId === null) { - if ($guestName = $this->helper->getGuestName()) { - $guestName = $this->trans->t('%s (Guest)', Util::sanitizeHTML($guestName)); - $cut = 56; - while (mb_strlen($guestName) >= 64) { - $guestName = $this->trans->t('%s (Guest)', Util::sanitizeHTML( - mb_substr($guestName, 0, $cut) - )); - $cut -= 5; - } - } else { - $guestName = $this->trans->t('Anonymous guest'); - } - } + $guestName = $this->userId === null ? $this->prepareGuestName($this->helper->getGuestNameFromCookie()) : null; $wopi = $this->wopiMapper->generateFileToken($fileId, $owneruid, $editoruid, $version, $updatable, $serverHost, $guestName, 0, $hideDownload, $direct, 0, $shareToken); return [ @@ -314,4 +302,32 @@ class TokenManager { return $wopi; } + public function prepareGuestName(string $guestName = null) { + if (empty($guestName)) { + return $this->trans->t('Anonymous guest'); + } + + $guestName = $this->trans->t('%s (Guest)', Util::sanitizeHTML($guestName)); + $cut = 56; + while (mb_strlen($guestName) >= 64) { + $guestName = $this->trans->t('%s (Guest)', Util::sanitizeHTML( + mb_substr($guestName, 0, $cut) + )); + $cut -= 5; + } + + return $guestName; + } + + /** + * @param string $accessToken + * @param string $guestName + * @throws DoesNotExistException + */ + public function updateGuestName(string $accessToken, string $guestName) { + $wopi = $this->wopiMapper->getWopiForToken($accessToken); + $wopi->setGuestDisplayname($this->prepareGuestName($guestName)); + $this->wopiMapper->update($wopi); + } + } |