Skip to content

Public share middleware & controller #9518

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rullzer merged 15 commits into from
Jun 21, 2018
Merged

Public share middleware & controller #9518

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
f36ef8c
Add the new PublicShareController and PublicShareMiddleware
rullzer May 18, 2018
53a1b9a
Quick hack to make the files sharing app work with this properly
rullzer May 18, 2018
366981f
Move public preview endpoint over
rullzer May 23, 2018
31392c2
Move public auth page over
rullzer Jun 11, 2018
20e5146
Don't allow public share pages if link sharing is disabled
rullzer Jun 11, 2018
ff3f63f
Fix PublicPreviewControllerTests
rullzer Jun 14, 2018
9f658fe
Fix ShareControllerTest
rullzer Jun 14, 2018
58376db
Update SharingCheckMiddlewareTest
rullzer Jun 14, 2018
e733817
Add PublicShareMiddlewareTest
rullzer Jun 14, 2018
61e445d
Add PublicShareControllerTests
rullzer Jun 14, 2018
1bb8bc8
Add AuthPublicShareControllerTest
rullzer Jun 14, 2018
6de656e
Update token on regeneration for public login
rullzer Jun 19, 2018
5455045
Fix direct access to authen page
rullzer Jun 19, 2018
5805159
Fix acceptance test
rullzer Jun 19, 2018
a596b06
Fix index.php links
rullzer Jun 20, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 1 addition & 7 deletions apps/files_sharing/appinfo/routes.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,13 +34,7 @@
],
[
'name' => 'PublicPreview#getPreview',
'url' => '/publicpreview',
'verb' => 'GET',
],

[
'name' => 'PublicPreview#getPreview',
'url' => '/ajax/publicpreview.php',
'url' => '/publicpreview/{token}',
'verb' => 'GET',
],

Expand Down
11 changes: 5 additions & 6 deletions apps/files_sharing/js/public.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,6 @@ OCA.Sharing.PublicApp = {
y: Math.ceil(previewHeight * window.devicePixelRatio),
a: 'true',
file: encodeURIComponent(this.initialDir + $('#filename').val()),
t: token,
scalingup: 0
};

Expand Down Expand Up @@ -150,15 +149,15 @@ OCA.Sharing.PublicApp = {
} else if ((previewSupported === 'true' && mimetype.substr(0, mimetype.indexOf('/')) !== 'video') ||
mimetype.substr(0, mimetype.indexOf('/')) === 'image' &&
mimetype !== 'image/svg+xml') {
img.attr('src', OC.filePath('files_sharing', 'ajax', 'publicpreview.php') + '?' + OC.buildQueryString(params));
img.attr('src', OC.linkTo('files_sharing', '/publicpreview/'+token) + '?' + OC.buildQueryString(params));
imgcontainer.appendTo('#imgframe');
} else if (mimetype.substr(0, mimetype.indexOf('/')) !== 'video') {
img.attr('src', OC.Util.replaceSVGIcon(mimetypeIcon));
img.attr('width', 128);
imgcontainer.appendTo('#imgframe');
}
else if (previewSupported === 'true') {
$('#imgframe > video').attr('poster', OC.filePath('files_sharing', 'ajax', 'publicpreview.php') + '?' + OC.buildQueryString(params));
$('#imgframe > video').attr('poster', OC.generateUrl(OC.linkTo('files_sharing', '/publicpreview/'+token)) + '?' + OC.buildQueryString(params));
}

if (this.fileList) {
Expand Down Expand Up @@ -223,8 +222,8 @@ OCA.Sharing.PublicApp = {
urlSpec.y *= window.devicePixelRatio;
urlSpec.x = Math.ceil(urlSpec.x);
urlSpec.y = Math.ceil(urlSpec.y);
urlSpec.t = $('#dirToken').val();
return OC.generateUrl('/apps/files_sharing/ajax/publicpreview.php?') + $.param(urlSpec);
var token = $('#dirToken').val();
return OC.generateUrl(OC.linkTo('files_sharing', '/publicpreview/'+token) + '?' + OC.buildQueryString(urlSpec));
};

this.fileList.updateEmptyContent = function() {
Expand Down Expand Up @@ -427,4 +426,4 @@ $(document).ready(function () {
};
}

});
});
44 changes: 34 additions & 10 deletions apps/files_sharing/lib/Controller/PublicPreviewController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,57 +27,81 @@
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\Http\FileDisplayResponse;
use OCP\AppFramework\PublicShareController;
use OCP\Constants;
use OCP\Files\Folder;
use OCP\Files\NotFoundException;
use OCP\IPreview;
use OCP\IRequest;
use OCP\ISession;
use OCP\Share\Exceptions\ShareNotFound;
use OCP\Share\IManager as ShareManager;
use OCP\Share\IShare;

class PublicPreviewController extends Controller {
class PublicPreviewController extends PublicShareController {

/** @var ShareManager */
private $shareManager;

/** @var IPreview */
private $previewManager;

public function __construct($appName,
/** @var IShare */
private $share;

public function __construct(string $appName,
IRequest $request,
ShareManager $shareManger,
ISession $session,
IPreview $previewManager) {
parent::__construct($appName, $request);
parent::__construct($appName, $request, $session);

$this->shareManager = $shareManger;
$this->previewManager = $previewManager;
}

protected function getPasswordHash(): string {
return $this->share->getPassword();
}

public function isValidToken(): bool {
try {
$this->share = $this->shareManager->getShareByToken($this->getToken());
return true;
} catch (ShareNotFound $e) {
return false;
}
}

protected function isPasswordProtected(): bool {
return $this->share->getPassword() !== null;
}


/**
* @PublicPage
* @NoCSRFRequired
*
* @param string $file
* @param int $x
* @param int $y
* @param string $t
* @param bool $a
* @return DataResponse|FileDisplayResponse
*/
public function getPreview(
$file = '',
$x = 32,
$y = 32,
$t = '',
string $token,
string $file = '',
int $x = 32,
int $y = 32,
$a = false
) {

if ($t === '' || $x === 0 || $y === 0) {
if ($token === '' || $x === 0 || $y === 0) {
return new DataResponse([], Http::STATUS_BAD_REQUEST);
}

try {
$share = $this->shareManager->getShareByToken($t);
$share = $this->shareManager->getShareByToken($token);
} catch (ShareNotFound $e) {
return new DataResponse([], Http::STATUS_NOT_FOUND);
}
Expand Down
Loading