You've already forked onlyoffice-owncloud
mirror of
https://github.com/ONLYOFFICE/onlyoffice-owncloud.git
synced 2025-07-30 10:43:07 +03:00
1669 lines
46 KiB
PHP
1669 lines
46 KiB
PHP
<?php
|
|
/**
|
|
* @author Ascensio System SIA <integration@onlyoffice.com>
|
|
*
|
|
* (c) Copyright Ascensio System SIA 2025
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*
|
|
*/
|
|
|
|
namespace OCA\Onlyoffice\Controller;
|
|
|
|
use OCP\AppFramework\Controller;
|
|
use OCP\AppFramework\Http\ContentSecurityPolicy;
|
|
use OCP\AppFramework\Http\DataDownloadResponse;
|
|
use OCP\AppFramework\Http\RedirectResponse;
|
|
use OCP\AppFramework\Http\TemplateResponse;
|
|
use OCP\Constants;
|
|
use OCP\Files\File;
|
|
use OCP\Files\ForbiddenException;
|
|
use OCP\Files\IRootFolder;
|
|
use OCP\Files\NotPermittedException;
|
|
use OCP\IL10N;
|
|
use OCP\ILogger;
|
|
use OCP\IRequest;
|
|
use OCP\ISession;
|
|
use OCP\IURLGenerator;
|
|
use OCP\IUser;
|
|
use OCP\IUserSession;
|
|
use OCP\IUserManager;
|
|
use OCP\IGroupManager;
|
|
use OCP\Mail\IMailer;
|
|
use OCP\Share\IManager;
|
|
use OCP\Share;
|
|
|
|
use OCA\Files\Helper;
|
|
|
|
use OCA\Onlyoffice\AppConfig;
|
|
use OCA\Onlyoffice\Crypt;
|
|
use OCA\Onlyoffice\DocumentService;
|
|
use OCA\Onlyoffice\EmailManager;
|
|
use OCA\Onlyoffice\FileUtility;
|
|
use OCA\Onlyoffice\VersionManager;
|
|
use OCA\Onlyoffice\FileVersions;
|
|
use OCA\Onlyoffice\TemplateManager;
|
|
|
|
/**
|
|
* Controller with the main functions
|
|
*/
|
|
class EditorController extends Controller {
|
|
/**
|
|
* Current user session
|
|
*
|
|
* @var IUserSession
|
|
*/
|
|
private $userSession;
|
|
|
|
/**
|
|
* Current user manager
|
|
*
|
|
* @var IUserManager
|
|
*/
|
|
private $userManager;
|
|
|
|
/**
|
|
* Root folder
|
|
*
|
|
* @var IRootFolder
|
|
*/
|
|
private $root;
|
|
|
|
/**
|
|
* Url generator service
|
|
*
|
|
* @var IURLGenerator
|
|
*/
|
|
private $urlGenerator;
|
|
|
|
/**
|
|
* l10n service
|
|
*
|
|
* @var IL10N
|
|
*/
|
|
private $trans;
|
|
|
|
/**
|
|
* Logger
|
|
*
|
|
* @var ILogger
|
|
*/
|
|
private $logger;
|
|
|
|
/**
|
|
* Application configuration
|
|
*
|
|
* @var AppConfig
|
|
*/
|
|
private $config;
|
|
|
|
/**
|
|
* Hash generator
|
|
*
|
|
* @var Crypt
|
|
*/
|
|
private $crypt;
|
|
|
|
/**
|
|
* File utility
|
|
*
|
|
* @var FileUtility
|
|
*/
|
|
private $fileUtility;
|
|
|
|
/**
|
|
* File version manager
|
|
*
|
|
* @var VersionManager
|
|
*/
|
|
private $versionManager;
|
|
|
|
/**
|
|
* Share manager
|
|
*
|
|
* @var IManager
|
|
*/
|
|
private $shareManager;
|
|
|
|
/**
|
|
* Group manager
|
|
*
|
|
* @var IGroupManager
|
|
*/
|
|
private $groupManager;
|
|
|
|
/**
|
|
* Avatar manager
|
|
*
|
|
* @var IAvatarManager
|
|
*/
|
|
private $avatarManager;
|
|
|
|
/**
|
|
* Mailer
|
|
*
|
|
* @var IMailer
|
|
*/
|
|
private $mailer;
|
|
|
|
/**
|
|
* Email manager
|
|
*
|
|
* @var EmailManager
|
|
*/
|
|
private $emailManager;
|
|
|
|
/**
|
|
* @param string $AppName - application name
|
|
* @param IRequest $request - request object
|
|
* @param IRootFolder $root - root folder
|
|
* @param IUserSession $userSession - current user session
|
|
* @param IUserManager $userManager - current user manager
|
|
* @param IURLGenerator $urlGenerator - url generator service
|
|
* @param IL10N $trans - l10n service
|
|
* @param ILogger $logger - logger
|
|
* @param AppConfig $config - application configuration
|
|
* @param Crypt $crypt - hash generator
|
|
* @param IManager $shareManager - Share manager
|
|
* @param ISession $session - Session
|
|
* @param IGroupManager $groupManager - Group manager
|
|
* @param IMailer $mailer - Mailer
|
|
*/
|
|
public function __construct(
|
|
$AppName,
|
|
IRequest $request,
|
|
IRootFolder $root,
|
|
IUserSession $userSession,
|
|
IUserManager $userManager,
|
|
IURLGenerator $urlGenerator,
|
|
IL10N $trans,
|
|
ILogger $logger,
|
|
AppConfig $config,
|
|
Crypt $crypt,
|
|
IManager $shareManager,
|
|
ISession $session,
|
|
IGroupManager $groupManager,
|
|
IMailer $mailer
|
|
) {
|
|
parent::__construct($AppName, $request);
|
|
|
|
$this->userSession = $userSession;
|
|
$this->userManager = $userManager;
|
|
$this->root = $root;
|
|
$this->urlGenerator = $urlGenerator;
|
|
$this->trans = $trans;
|
|
$this->logger = $logger;
|
|
$this->config = $config;
|
|
$this->crypt = $crypt;
|
|
$this->shareManager = $shareManager;
|
|
$this->groupManager = $groupManager;
|
|
|
|
$this->versionManager = new VersionManager($AppName, $root);
|
|
|
|
$this->fileUtility = new FileUtility($AppName, $trans, $logger, $config, $shareManager, $session);
|
|
$this->avatarManager = \OC::$server->getAvatarManager();
|
|
$this->emailManager = new EmailManager($AppName, $trans, $logger, $mailer, $userManager, $urlGenerator);
|
|
}
|
|
|
|
/**
|
|
* Create new file in folder
|
|
*
|
|
* @param string $name - file name
|
|
* @param string $dir - folder path
|
|
* @param string $templateId - file identifier
|
|
* @param string $targetPath - file path for using as template for create
|
|
* @param string $shareToken - access token
|
|
*
|
|
* @return array
|
|
*
|
|
* @NoAdminRequired
|
|
* @PublicPage
|
|
*/
|
|
public function create($name, $dir, $templateId = null, $targetPath = null, $shareToken = null) {
|
|
$this->logger->debug("Create: $name", ["app" => $this->appName]);
|
|
|
|
if (empty($shareToken) && !$this->config->isUserAllowedToUse()) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
if (empty($name)) {
|
|
$this->logger->error("File name for creation was not found: $name", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Template not found")];
|
|
}
|
|
|
|
$user = null;
|
|
if (empty($shareToken)) {
|
|
$user = $this->userSession->getUser();
|
|
$userId = $user->getUID();
|
|
$userFolder = $this->root->getUserFolder($userId);
|
|
} else {
|
|
list($userFolder, $error, $share) = $this->fileUtility->getNodeByToken($shareToken);
|
|
|
|
if (isset($error)) {
|
|
$this->logger->error("Create: $error", ["app" => $this->appName]);
|
|
return ["error" => $error];
|
|
}
|
|
|
|
if ($userFolder instanceof File) {
|
|
return ["error" => $this->trans->t("You don't have enough permission to create")];
|
|
}
|
|
|
|
if (!empty($shareToken) && ($share->getPermissions() & Constants::PERMISSION_CREATE) === 0) {
|
|
$this->logger->error("Create in public folder without access", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("You do not have enough permissions to view the file")];
|
|
}
|
|
}
|
|
|
|
$folder = $userFolder->get($dir);
|
|
|
|
if ($folder === null) {
|
|
$this->logger->error("Folder for file creation was not found: $dir", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("The required folder was not found")];
|
|
}
|
|
if (!($folder->isCreatable() && $folder->isUpdateable())) {
|
|
$this->logger->error("Folder for file creation without permission: $dir", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("You don't have enough permission to create")];
|
|
}
|
|
|
|
if (!empty($templateId)) {
|
|
$templateFile = TemplateManager::getTemplate($templateId);
|
|
if ($templateFile) {
|
|
$template = $templateFile->getContent();
|
|
}
|
|
} elseif (!empty($targetPath)) {
|
|
$targetFile = $userFolder->get($targetPath);
|
|
|
|
$canDownload = $this->fileUtility->hasPermissionAttribute($targetFile);
|
|
if (!$canDownload) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
$targetId = $targetFile->getId();
|
|
$targetName = $targetFile->getName();
|
|
$targetExt = strtolower(pathinfo($targetName, PATHINFO_EXTENSION));
|
|
$targetKey = $this->fileUtility->getKey($targetFile);
|
|
|
|
$fileUrl = $this->getUrl($targetFile, $user, $shareToken);
|
|
|
|
$ext = strtolower(pathinfo($name, PATHINFO_EXTENSION));
|
|
$documentService = new DocumentService($this->trans, $this->config);
|
|
try {
|
|
$newFileUri = $documentService->getConvertedUri($fileUrl, $targetExt, $ext, $targetKey, $ext === "pdf");
|
|
} catch (\Exception $e) {
|
|
$this->logger->logException($e, ["message" => "getConvertedUri: " . $targetFile->getId(), "app" => $this->appName]);
|
|
return ["error" => $e->getMessage()];
|
|
}
|
|
$template = $documentService->request($newFileUri);
|
|
} else {
|
|
$template = TemplateManager::getEmptyTemplate($name);
|
|
}
|
|
|
|
if (!$template) {
|
|
$this->logger->error("Template for file creation not found: $name ($templateId)", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Template not found")];
|
|
}
|
|
|
|
$name = $folder->getNonExistingName($name);
|
|
|
|
try {
|
|
$file = $folder->newFile($name);
|
|
|
|
$file->putContent($template);
|
|
} catch (NotPermittedException $e) {
|
|
$this->logger->logException($e, ["message" => "Can't create file: $name", "app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Can't create file")];
|
|
} catch (ForbiddenException $e) {
|
|
$this->logger->logException($e, ["message" => "Can't put file: $name", "app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Can't create file")];
|
|
}
|
|
|
|
$fileInfo = $file->getFileInfo();
|
|
|
|
$result = Helper::formatFileInfo($fileInfo);
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Create new file in folder from editor
|
|
*
|
|
* @param string $name - file name
|
|
* @param string $dir - folder path
|
|
* @param string $templateId - file identifier
|
|
*
|
|
* @return TemplateResponse|RedirectResponse
|
|
*
|
|
* @NoAdminRequired
|
|
* @NoCSRFRequired
|
|
*/
|
|
public function createNew($name, $dir, $templateId = null) {
|
|
$this->logger->debug("Create from editor: $name in $dir", ["app" => $this->appName]);
|
|
|
|
$result = $this->create($name, $dir, $templateId);
|
|
if (isset($result["error"])) {
|
|
return $this->renderError($result["error"]);
|
|
}
|
|
|
|
$openEditor = $this->urlGenerator->linkToRouteAbsolute($this->appName . ".editor.index", ["fileId" => $result["id"]]);
|
|
return new RedirectResponse($openEditor);
|
|
}
|
|
|
|
/**
|
|
* Get users
|
|
*
|
|
* @param $fileId - file identifier
|
|
* @param $operationType - type of operation
|
|
*
|
|
* @return array
|
|
*
|
|
* @NoAdminRequired
|
|
* @NoCSRFRequired
|
|
*/
|
|
public function users($fileId, $operationType = null) {
|
|
$this->logger->debug("Search users", ["app" => $this->appName]);
|
|
$result = [];
|
|
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return $result;
|
|
}
|
|
|
|
if (!$this->allowEnumeration()) {
|
|
return $result;
|
|
}
|
|
|
|
$autocompleteMemberGroup = false;
|
|
if ($this->limitEnumerationToGroups()) {
|
|
$autocompleteMemberGroup = true;
|
|
}
|
|
|
|
$currentUser = $this->userSession->getUser();
|
|
$currentUserId = $currentUser->getUID();
|
|
|
|
list($file, $error, $share) = $this->getFile($currentUserId, $fileId);
|
|
if (isset($error)) {
|
|
$this->logger->error("Users: $fileId $error", ["app" => $this->appName]);
|
|
return $result;
|
|
}
|
|
|
|
$canShare = (($file->getPermissions() & Constants::PERMISSION_SHARE) === Constants::PERMISSION_SHARE);
|
|
|
|
$shareMemberGroups = $this->shareManager->shareWithGroupMembersOnly();
|
|
|
|
$all = false;
|
|
$users = [];
|
|
if ($canShare && $operationType !== "protect") {
|
|
if ($shareMemberGroups || $autocompleteMemberGroup) {
|
|
$currentUserGroups = $this->groupManager->getUserGroupIds($currentUser);
|
|
foreach ($currentUserGroups as $currentUserGroup) {
|
|
$group = $this->groupManager->get($currentUserGroup);
|
|
foreach ($group->getUsers() as $user) {
|
|
if (!\in_array($user, $users)) {
|
|
array_push($users, $user);
|
|
}
|
|
}
|
|
}
|
|
} else {
|
|
$users = $this->userManager->search("");
|
|
$all = true;
|
|
}
|
|
}
|
|
|
|
if (!$all) {
|
|
$accessList = $this->getAccessList($file);
|
|
foreach ($accessList as $accessUser) {
|
|
if (!\in_array($accessUser, $users)) {
|
|
array_push($users, $accessUser);
|
|
}
|
|
}
|
|
}
|
|
|
|
foreach ($users as $user) {
|
|
$email = $user->getEMailAddress();
|
|
if ($user->getUID() != $currentUserId && (!empty($email) || $operationType === "protect")) {
|
|
$userElement = [
|
|
"name" => $user->getDisplayName(),
|
|
"id" => $operationType === "protect" ? $this->buildUserId($user->getUID()) : $user->getUID()
|
|
];
|
|
if (!empty($email)) {
|
|
$userElement["email"] = $email;
|
|
}
|
|
array_push($result, $userElement);
|
|
}
|
|
}
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Get user for Info
|
|
*
|
|
* @param string $userIds - users identifiers
|
|
*
|
|
* @return array
|
|
*
|
|
* @NoAdminRequired
|
|
* @NoCSRFRequired
|
|
*/
|
|
public function userInfo($userIds) {
|
|
$result = [];
|
|
$userIds = json_decode($userIds, true);
|
|
|
|
if ($userIds !== null && is_array($userIds)) {
|
|
foreach ($userIds as $userId) {
|
|
$userData = [];
|
|
$user = $this->userManager->get($this->getUserId($userId));
|
|
if (!empty($user)) {
|
|
$userData = [
|
|
"name" => $user->getDisplayName(),
|
|
"id" => $userId
|
|
];
|
|
$avatar = $this->avatarManager->getAvatar($user->getUID());
|
|
if ($avatar->exists()) {
|
|
$userData["image"] = "data:image/png;base64," . $avatar->get()->__toString();
|
|
}
|
|
array_push($result, $userData);
|
|
}
|
|
}
|
|
}
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Send notify about mention
|
|
*
|
|
* @param int $fileId - file identifier
|
|
* @param string $anchor - the anchor on target content
|
|
* @param string $comment - comment
|
|
* @param array $emails - emails array to whom to send notify
|
|
*
|
|
* @return array
|
|
*
|
|
* @NoAdminRequired
|
|
* @NoCSRFRequired
|
|
*/
|
|
public function mention($fileId, $anchor, $comment, $emails) {
|
|
$this->logger->debug("mention: from $fileId to " . json_encode($emails), ["app" => $this->appName]);
|
|
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
if (empty($emails)) {
|
|
return ["error" => $this->trans->t("Failed to send notification")];
|
|
}
|
|
|
|
$recipientIds = [];
|
|
foreach ($emails as $email) {
|
|
$recipients = $this->userManager->getByEmail($email);
|
|
foreach ($recipients as $recipient) {
|
|
$recipientId = $recipient->getUID();
|
|
if (!\in_array($recipientId, $recipientIds)) {
|
|
array_push($recipientIds, $recipientId);
|
|
}
|
|
}
|
|
}
|
|
|
|
$user = $this->userSession->getUser();
|
|
$userId = null;
|
|
if (!empty($user)) {
|
|
$userId = $user->getUID();
|
|
}
|
|
|
|
list($file, $error, $share) = $this->getFile($userId, $fileId);
|
|
if (isset($error)) {
|
|
$this->logger->error("Mention: $fileId $error", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Failed to send notification")];
|
|
}
|
|
|
|
foreach ($emails as $email) {
|
|
$substrToDelete = "+" . $email . " ";
|
|
$comment = str_replace($substrToDelete, "", $comment);
|
|
}
|
|
|
|
//Length from ownCloud:
|
|
//https://github.com/owncloud/core/blob/master/lib/private/Notification/Notification.php#L181
|
|
$maxLen = 64;
|
|
if (\strlen($comment) > $maxLen) {
|
|
$ending = "...";
|
|
$comment = substr($comment, 0, ($maxLen - \strlen($ending))) . $ending;
|
|
}
|
|
|
|
$notificationManager = \OC::$server->getNotificationManager();
|
|
$notification = $notificationManager->createNotification();
|
|
$notification->setApp($this->appName)
|
|
->setDateTime(new \DateTime())
|
|
->setObject("mention", $comment)
|
|
->setSubject(
|
|
"mention_info",
|
|
[
|
|
"notifierId" => $userId,
|
|
"fileId" => $file->getId(),
|
|
"fileName" => $file->getName(),
|
|
"anchor" => $anchor
|
|
]
|
|
);
|
|
|
|
$shareMemberGroups = $this->shareManager->shareWithGroupMembersOnly();
|
|
$canShare = ($file->getPermissions() & Constants::PERMISSION_SHARE) === Constants::PERMISSION_SHARE;
|
|
|
|
$currentUserGroups = [];
|
|
if ($shareMemberGroups) {
|
|
$currentUserGroups = $this->groupManager->getUserGroupIds($user);
|
|
}
|
|
|
|
$accessList = $this->getAccessList($file);
|
|
|
|
foreach ($recipientIds as $recipientId) {
|
|
$recipient = $this->userManager->get($recipientId);
|
|
$isAvailable = \in_array($recipient, $accessList);
|
|
|
|
if (!$isAvailable
|
|
&& $file->getFileInfo()->getMountPoint() instanceof \OCA\Files_External\Config\ExternalMountPoint
|
|
) {
|
|
$recipientFolder = $this->root->getUserFolder($recipientId);
|
|
$recipientFile = $recipientFolder->getById($file->getId());
|
|
|
|
$isAvailable = !empty($recipientFile);
|
|
}
|
|
|
|
if (!$isAvailable) {
|
|
if (!$canShare) {
|
|
continue;
|
|
}
|
|
if ($shareMemberGroups) {
|
|
$recipientGroups = $this->groupManager->getUserGroupIds($recipient);
|
|
if (empty(array_intersect($currentUserGroups, $recipientGroups))) {
|
|
continue;
|
|
}
|
|
}
|
|
|
|
$share = $this->shareManager->newShare();
|
|
$share->setNode($file)
|
|
->setShareType(Share::SHARE_TYPE_USER)
|
|
->setSharedBy($userId)
|
|
->setSharedWith($recipientId)
|
|
->setShareOwner($userId)
|
|
->setPermissions(Constants::PERMISSION_READ);
|
|
|
|
$this->shareManager->createShare($share);
|
|
|
|
$this->logger->debug("mention: share $fileId to $recipientId", ["app" => $this->appName]);
|
|
}
|
|
|
|
$notification->setUser($recipientId);
|
|
|
|
$notificationManager->notify($notification);
|
|
if ($this->config->getEmailNotifications()) {
|
|
$this->emailManager->notifyMentionEmail($userId, $recipientId, $file->getId(), $file->getName(), $anchor, $notification->getObjectId());
|
|
}
|
|
}
|
|
|
|
return ["message" => $this->trans->t("Notification sent successfully")];
|
|
}
|
|
|
|
/**
|
|
* Reference data
|
|
*
|
|
* @param array $referenceData - reference data
|
|
* @param string $path - file path
|
|
* @param string $link - file link
|
|
*
|
|
* @return array
|
|
*
|
|
* @NoAdminRequired
|
|
* @PublicPage
|
|
*/
|
|
public function reference($referenceData, $path = null, $link = null) {
|
|
$this->logger->debug("reference: " . json_encode($referenceData) . " $path", ["app" => $this->appName]);
|
|
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
$user = $this->userSession->getUser();
|
|
if (empty($user)) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
$userId = $user->getUID();
|
|
|
|
$file = null;
|
|
$fileId = (integer)($referenceData["fileKey"] ?? 0);
|
|
if (!empty($fileId)
|
|
&& $referenceData["instanceId"] === $this->config->getSystemValue("instanceid", true)
|
|
) {
|
|
list($file, $error, $share) = $this->getFile($userId, $fileId);
|
|
}
|
|
|
|
$userFolder = $this->root->getUserFolder($userId);
|
|
if ($file === null
|
|
&& $path !== null
|
|
&& $userFolder->nodeExists($path)
|
|
) {
|
|
$node = $userFolder->get($path);
|
|
if ($node instanceof File
|
|
&& $node->isReadable()
|
|
) {
|
|
$file = $node;
|
|
}
|
|
}
|
|
|
|
if ($file === null
|
|
&& !empty($link)
|
|
) {
|
|
[$fileId, $redirect] = $this->getFileIdByLink($link);
|
|
if (!empty($fileId)) {
|
|
list($file, $error, $share) = $this->getFile($userId, $fileId);
|
|
} elseif ($redirect) {
|
|
$response = [
|
|
"url" => $link,
|
|
];
|
|
|
|
return $response;
|
|
}
|
|
}
|
|
|
|
if ($file === null) {
|
|
$this->logger->error("Reference not found: $fileId $path", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("File not found")];
|
|
}
|
|
|
|
$fileName = $file->getName();
|
|
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
|
|
$key = $this->fileUtility->getKey($file);
|
|
$key = DocumentService::generateRevisionId($key);
|
|
|
|
$response = [
|
|
"fileType" => $ext,
|
|
"path" => $userFolder->getRelativePath($file->getPath()),
|
|
"key" => $key,
|
|
"referenceData" => [
|
|
"fileKey" => (string)$file->getId(),
|
|
"instanceId" => $this->config->getSystemValue("instanceid", true),
|
|
],
|
|
"url" => $this->getUrl($file, $user),
|
|
];
|
|
|
|
if (!empty($this->config->getDocumentServerSecret())) {
|
|
$now = time();
|
|
$iat = $now;
|
|
$exp = $now + $this->config->getJwtExpiration() * 60;
|
|
$params["iat"] = $iat;
|
|
$params["exp"] = $exp;
|
|
$token = \Firebase\JWT\JWT::encode($response, $this->config->getDocumentServerSecret(), "HS256");
|
|
$response["token"] = $token;
|
|
}
|
|
|
|
return $response;
|
|
}
|
|
|
|
/**
|
|
* Conversion file to Office Open XML format
|
|
*
|
|
* @param integer $fileId - file identifier
|
|
* @param string $shareToken - access token
|
|
*
|
|
* @return array
|
|
*
|
|
* @NoAdminRequired
|
|
* @PublicPage
|
|
*/
|
|
public function convert($fileId, $shareToken = null) {
|
|
$this->logger->debug("Convert: $fileId", ["app" => $this->appName]);
|
|
|
|
if (empty($shareToken) && !$this->config->isUserAllowedToUse()) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
$user = $this->userSession->getUser();
|
|
$userId = null;
|
|
if (!empty($user)) {
|
|
$userId = $user->getUID();
|
|
}
|
|
|
|
list($file, $error, $share) = empty($shareToken) ? $this->getFile($userId, $fileId) : $this->fileUtility->getFileByToken($fileId, $shareToken);
|
|
|
|
if (isset($error)) {
|
|
$this->logger->error("Convertion: $fileId $error", ["app" => $this->appName]);
|
|
return ["error" => $error];
|
|
}
|
|
|
|
if (!empty($shareToken) && ($share->getPermissions() & Constants::PERMISSION_CREATE) === 0) {
|
|
$this->logger->error("Convertion in public folder without access: $fileId", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("You do not have enough permissions to view the file")];
|
|
}
|
|
|
|
$canDownload = $this->fileUtility->hasPermissionAttribute($file);
|
|
if (!$canDownload) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
$fileName = $file->getName();
|
|
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
|
|
$format = $this->config->formatsSetting()[$ext];
|
|
if (!isset($format)) {
|
|
$this->logger->info("Format for convertion not supported: $fileName", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Format is not supported")];
|
|
}
|
|
|
|
if (!isset($format["conv"]) || $format["conv"] !== true) {
|
|
$this->logger->info("Conversion is not required: $fileName", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Conversion is not required")];
|
|
}
|
|
|
|
$internalExtension = "docx";
|
|
switch ($format["type"]) {
|
|
case "cell":
|
|
$internalExtension = "xlsx";
|
|
break;
|
|
case "slide":
|
|
$internalExtension = "pptx";
|
|
break;
|
|
}
|
|
|
|
$newFileUri = null;
|
|
$documentService = new DocumentService($this->trans, $this->config);
|
|
$key = $this->fileUtility->getKey($file);
|
|
$fileUrl = $this->getUrl($file, $user, $shareToken);
|
|
try {
|
|
$newFileUri = $documentService->getConvertedUri($fileUrl, $ext, $internalExtension, $key);
|
|
} catch (\Exception $e) {
|
|
$this->logger->logException($e, ["message" => "getConvertedUri: " . $file->getId(), "app" => $this->appName]);
|
|
return ["error" => $e->getMessage()];
|
|
}
|
|
|
|
$folder = $file->getParent();
|
|
if (!($folder->isCreatable() && $folder->isUpdateable())) {
|
|
$folder = $this->root->getUserFolder($userId);
|
|
}
|
|
|
|
try {
|
|
$newData = $documentService->request($newFileUri);
|
|
} catch (\Exception $e) {
|
|
$this->logger->logException($e, ["message" => "Failed to download converted file", "app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Failed to download converted file")];
|
|
}
|
|
|
|
$fileNameWithoutExt = substr($fileName, 0, \strlen($fileName) - \strlen($ext) - 1);
|
|
$newFileName = $folder->getNonExistingName($fileNameWithoutExt . "." . $internalExtension);
|
|
|
|
try {
|
|
$file = $folder->newFile($newFileName);
|
|
|
|
$file->putContent($newData);
|
|
} catch (NotPermittedException $e) {
|
|
$this->logger->logException($e, ["message" => "Can't create file: $newFileName", "app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Can't create file")];
|
|
} catch (ForbiddenException $e) {
|
|
$this->logger->logException($e, ["message" => "Can't put file: $newFileName", "app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Can't create file")];
|
|
}
|
|
|
|
$fileInfo = $file->getFileInfo();
|
|
|
|
$result = Helper::formatFileInfo($fileInfo);
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Save file to folder
|
|
*
|
|
* @param string $name - file name
|
|
* @param string $dir - folder path
|
|
* @param string $url - file url
|
|
*
|
|
* @return array
|
|
*
|
|
* @NoAdminRequired
|
|
* @PublicPage
|
|
*/
|
|
public function save($name, $dir, $url) {
|
|
$this->logger->debug("Save: $name", ["app" => $this->appName]);
|
|
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
$userId = $this->userSession->getUser()->getUID();
|
|
$userFolder = $this->root->getUserFolder($userId);
|
|
|
|
$folder = $userFolder->get($dir);
|
|
|
|
if ($folder === null) {
|
|
$this->logger->error("Folder for saving file was not found: $dir", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("The required folder was not found")];
|
|
}
|
|
if (!($folder->isCreatable() && $folder->isUpdateable())) {
|
|
$this->logger->error("Folder for saving file without permission: $dir", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("You don't have enough permission to create")];
|
|
}
|
|
|
|
$documentServerUrl = $this->config->getDocumentServerUrl();
|
|
|
|
if (empty($documentServerUrl)) {
|
|
$this->logger->error("documentServerUrl is empty", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("ONLYOFFICE app is not configured. Please contact admin")];
|
|
}
|
|
|
|
if (parse_url($url, PHP_URL_HOST) !== parse_url($documentServerUrl, PHP_URL_HOST)) {
|
|
$this->logger->error("Incorrect domain in file url", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("The domain in the file url does not match the domain of the Document server")];
|
|
}
|
|
|
|
$url = $this->config->replaceDocumentServerUrlToInternal($url);
|
|
|
|
try {
|
|
$documentService = new DocumentService($this->trans, $this->config);
|
|
$newData = $documentService->request($url);
|
|
} catch (\Exception $e) {
|
|
$this->logger->logException($e, ["message" => "Failed to download file for saving", "app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Download failed")];
|
|
}
|
|
|
|
$name = $folder->getNonExistingName($name);
|
|
|
|
try {
|
|
$file = $folder->newFile($name);
|
|
|
|
$file->putContent($newData);
|
|
} catch (NotPermittedException $e) {
|
|
$this->logger->logException($e, ["message" => "Can't save file: $name", "app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Can't create file")];
|
|
} catch (ForbiddenException $e) {
|
|
$this->logger->logException($e, ["message" => "Can't put file: $name", "app" => $this->appName]);
|
|
return ["error" => $this->trans->t("Can't create file")];
|
|
}
|
|
|
|
$fileInfo = $file->getFileInfo();
|
|
|
|
$result = Helper::formatFileInfo($fileInfo);
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Get versions history for file
|
|
*
|
|
* @param integer $fileId - file identifier
|
|
*
|
|
* @return array
|
|
*
|
|
* @NoAdminRequired
|
|
*/
|
|
public function history($fileId) {
|
|
$this->logger->debug("request history for: $fileId", ["app" => $this->appName]);
|
|
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
$history = [];
|
|
|
|
$user = $this->userSession->getUser();
|
|
$userId = null;
|
|
if (!empty($user)) {
|
|
$userId = $user->getUID();
|
|
}
|
|
|
|
list($file, $error, $share) = $this->getFile($userId, $fileId);
|
|
|
|
if (isset($error)) {
|
|
$this->logger->error("History: $fileId $error", ["app" => $this->appName]);
|
|
return ["error" => $error];
|
|
}
|
|
|
|
if ($fileId === 0) {
|
|
$fileId = $file->getId();
|
|
}
|
|
|
|
$ownerId = null;
|
|
$owner = $file->getFileInfo()->getOwner();
|
|
if ($owner !== null) {
|
|
$ownerId = $owner->getUID();
|
|
}
|
|
|
|
$versions = [];
|
|
if ($this->versionManager->available
|
|
&& $owner !== null
|
|
) {
|
|
$versions = array_reverse($this->versionManager->getVersionsForFile($owner, $file->getFileInfo()));
|
|
}
|
|
|
|
$prevVersion = "";
|
|
$versionNum = 0;
|
|
foreach ($versions as $version) {
|
|
$versionNum = $versionNum + 1;
|
|
|
|
$key = $this->fileUtility->getVersionKey($version);
|
|
$key = DocumentService::generateRevisionId($key);
|
|
|
|
$historyItem = [
|
|
"created" => $version->getTimestamp(),
|
|
"key" => $key,
|
|
"version" => $versionNum
|
|
];
|
|
|
|
$versionId = $version->getRevisionId();
|
|
|
|
$author = FileVersions::getAuthor($ownerId, $fileId, $versionId);
|
|
if ($author !== null) {
|
|
$historyItem["user"] = [
|
|
"id" => $this->buildUserId($author["id"]),
|
|
"name" => $author["name"],
|
|
];
|
|
} else {
|
|
if (!empty($this->config->getUnknownAuthor()) && $versionNum !== 1) {
|
|
$authorName = $this->config->getUnknownAuthor();
|
|
$historyItem["user"] = [
|
|
"name" => $authorName,
|
|
];
|
|
} else {
|
|
$authorName = $owner->getDisplayName();
|
|
$authorId = $owner->getUID();
|
|
$historyItem["user"] = [
|
|
"id" => $this->buildUserId($authorId),
|
|
"name" => $authorName,
|
|
];
|
|
}
|
|
}
|
|
|
|
$historyData = FileVersions::getHistoryData($ownerId, $fileId, $versionId, $prevVersion);
|
|
if ($historyData !== null) {
|
|
$historyItem["changes"] = $historyData["changes"];
|
|
$historyItem["serverVersion"] = $historyData["serverVersion"];
|
|
}
|
|
|
|
$prevVersion = $versionId;
|
|
|
|
array_push($history, $historyItem);
|
|
}
|
|
|
|
$key = $this->fileUtility->getKey($file, true);
|
|
$key = DocumentService::generateRevisionId($key);
|
|
|
|
$historyItem = [
|
|
"created" => $file->getMTime(),
|
|
"key" => $key,
|
|
"version" => $versionNum + 1
|
|
];
|
|
|
|
$versionId = $file->getFileInfo()->getMtime();
|
|
|
|
$author = FileVersions::getAuthor($ownerId, $fileId, $versionId);
|
|
if ($author !== null) {
|
|
$historyItem["user"] = [
|
|
"id" => $this->buildUserId($author["id"]),
|
|
"name" => $author["name"]
|
|
];
|
|
} elseif (!empty($this->config->getUnknownAuthor()) && $versionNum !== 0) {
|
|
$historyItem["user"] = [
|
|
"name" => $this->config->getUnknownAuthor()
|
|
];
|
|
} elseif ($owner !== null) {
|
|
$historyItem["user"] = [
|
|
"id" => $this->buildUserId($ownerId),
|
|
"name" => $owner->getDisplayName()
|
|
];
|
|
}
|
|
|
|
$historyData = FileVersions::getHistoryData($ownerId, $fileId, $versionId, $prevVersion);
|
|
if ($historyData !== null) {
|
|
$historyItem["changes"] = $historyData["changes"];
|
|
$historyItem["serverVersion"] = $historyData["serverVersion"];
|
|
}
|
|
|
|
array_push($history, $historyItem);
|
|
|
|
return $history;
|
|
}
|
|
|
|
/**
|
|
* Get file attributes of specific version
|
|
*
|
|
* @param integer $fileId - file identifier
|
|
* @param integer $version - file version
|
|
*
|
|
* @return array
|
|
*
|
|
* @NoAdminRequired
|
|
*/
|
|
public function version($fileId, $version) {
|
|
$this->logger->debug("request version for: $fileId ($version)", ["app" => $this->appName]);
|
|
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
$version = empty($version) ? null : $version;
|
|
|
|
$user = $this->userSession->getUser();
|
|
$userId = null;
|
|
if (!empty($user)) {
|
|
$userId = $user->getUID();
|
|
}
|
|
|
|
list($file, $error, $share) = $this->getFile($userId, $fileId);
|
|
|
|
if (isset($error)) {
|
|
$this->logger->error("History: $fileId $error", ["app" => $this->appName]);
|
|
return ["error" => $error];
|
|
}
|
|
|
|
if ($fileId === 0) {
|
|
$fileId = $file->getId();
|
|
}
|
|
|
|
$owner = null;
|
|
$ownerId = null;
|
|
$versions = [];
|
|
if ($this->versionManager->available) {
|
|
$owner = $file->getFileInfo()->getOwner();
|
|
if ($owner !== null) {
|
|
$ownerId = $owner->getUID();
|
|
$versions = array_reverse($this->versionManager->getVersionsForFile($owner, $file->getFileInfo()));
|
|
}
|
|
}
|
|
|
|
$key = null;
|
|
$fileUrl = null;
|
|
$versionId = null;
|
|
if ($version > \count($versions)) {
|
|
$key = $this->fileUtility->getKey($file, true);
|
|
$versionId = $file->getFileInfo()->getMtime();
|
|
|
|
$fileUrl = $this->getUrl($file, $user);
|
|
} else {
|
|
$fileVersion = array_values($versions)[$version - 1];
|
|
|
|
$key = $this->fileUtility->getVersionKey($fileVersion);
|
|
$versionId = $fileVersion->getRevisionId();
|
|
|
|
$fileUrl = $this->getUrl($file, $user, null, $version);
|
|
}
|
|
$key = DocumentService::generateRevisionId($key);
|
|
$fileName = $file->getName();
|
|
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
|
|
|
|
$result = [
|
|
"fileType" => $ext,
|
|
"url" => $fileUrl,
|
|
"version" => $version,
|
|
"key" => $key
|
|
];
|
|
|
|
if ($version > 1
|
|
&& \count($versions) >= $version - 1
|
|
&& FileVersions::hasChanges($ownerId, $fileId, $versionId)
|
|
) {
|
|
$changesUrl = $this->getUrl($file, $user, null, $version, true);
|
|
$result["changesUrl"] = $changesUrl;
|
|
|
|
$prevVersion = array_values($versions)[$version - 2];
|
|
$prevVersionKey = $this->fileUtility->getVersionKey($prevVersion);
|
|
$prevVersionKey = DocumentService::generateRevisionId($prevVersionKey);
|
|
|
|
$prevVersionUrl = $this->getUrl($file, $user, null, $version - 1);
|
|
|
|
$result["previous"] = [
|
|
"fileType" => $ext,
|
|
"key" => $prevVersionKey,
|
|
"url" => $prevVersionUrl
|
|
];
|
|
}
|
|
|
|
if (!empty($this->config->getDocumentServerSecret())) {
|
|
$now = time();
|
|
$iat = $now;
|
|
$exp = $now + $this->config->getJwtExpiration() * 60;
|
|
$params["iat"] = $iat;
|
|
$params["exp"] = $exp;
|
|
$token = \Firebase\JWT\JWT::encode($result, $this->config->getDocumentServerSecret(), "HS256");
|
|
$result["token"] = $token;
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Restore file version
|
|
*
|
|
* @param integer $fileId - file identifier
|
|
* @param integer $version - file version
|
|
*
|
|
* @return array
|
|
*
|
|
* @NoAdminRequired
|
|
* @PublicPage
|
|
*/
|
|
public function restore($fileId, $version) {
|
|
$this->logger->debug("request restore version for: $fileId ($version)", ["app" => $this->appName]);
|
|
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
$version = empty($version) ? null : $version;
|
|
|
|
$user = $this->userSession->getUser();
|
|
$userId = null;
|
|
if (!empty($user)) {
|
|
$userId = $user->getUID();
|
|
}
|
|
|
|
list($file, $error, $share) = $this->getFile($userId, $fileId);
|
|
|
|
if (isset($error)) {
|
|
$this->logger->error("Restore: $fileId $error", ["app" => $this->appName]);
|
|
return ["error" => $error];
|
|
}
|
|
|
|
if ($fileId === 0) {
|
|
$fileId = $file->getId();
|
|
}
|
|
|
|
$owner = null;
|
|
$versions = [];
|
|
if ($this->versionManager->available) {
|
|
$owner = $file->getFileInfo()->getOwner();
|
|
if ($owner !== null) {
|
|
$versions = array_reverse($this->versionManager->getVersionsForFile($owner, $file->getFileInfo()));
|
|
}
|
|
|
|
if (\count($versions) >= $version) {
|
|
$fileVersion = array_values($versions)[$version - 1];
|
|
$this->versionManager->rollback($fileVersion);
|
|
}
|
|
}
|
|
|
|
return $this->history($fileId);
|
|
}
|
|
|
|
/**
|
|
* Get presigned url to file
|
|
*
|
|
* @param string $filePath - file path
|
|
*
|
|
* @return array
|
|
*
|
|
* @NoAdminRequired
|
|
*/
|
|
public function url($filePath) {
|
|
$this->logger->debug("request url for: $filePath", ["app" => $this->appName]);
|
|
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return ["error" => $this->trans->t("Not permitted")];
|
|
}
|
|
|
|
$user = $this->userSession->getUser();
|
|
$userId = $user->getUID();
|
|
$userFolder = $this->root->getUserFolder($userId);
|
|
|
|
$file = $userFolder->get($filePath);
|
|
|
|
if ($file === null) {
|
|
$this->logger->error("File for generate presigned url was not found: $dir", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("File not found")];
|
|
}
|
|
|
|
$canDownload = true;
|
|
|
|
$fileStorage = $file->getStorage();
|
|
if ($fileStorage->instanceOfStorage("\OCA\Files_Sharing\SharedStorage")) {
|
|
$share = $fileStorage->getShare();
|
|
$canDownload = FileUtility::canShareDownload($share);
|
|
}
|
|
|
|
if (!$file->isReadable() || !$canDownload) {
|
|
$this->logger->error("File without permission: $dir", ["app" => $this->appName]);
|
|
return ["error" => $this->trans->t("You do not have enough permissions to view the file")];
|
|
}
|
|
|
|
$fileName = $file->getName();
|
|
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
|
|
$fileUrl = $this->getUrl($file, $user);
|
|
|
|
$result = [
|
|
"fileType" => $ext,
|
|
"url" => $fileUrl
|
|
];
|
|
|
|
if (!empty($this->config->getDocumentServerSecret())) {
|
|
$now = time();
|
|
$iat = $now;
|
|
$exp = $now + $this->config->getJwtExpiration() * 60;
|
|
$params["iat"] = $iat;
|
|
$params["exp"] = $exp;
|
|
$token = \Firebase\JWT\JWT::encode($result, $this->config->getDocumentServerSecret(), "HS256");
|
|
$result["token"] = $token;
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Download method
|
|
*
|
|
* @param int $fileId - file identifier
|
|
* @param string $toExtension - file extension to download
|
|
* @param bool $template - file is template
|
|
*
|
|
* @return DataDownloadResponse|TemplateResponse
|
|
*
|
|
* @NoAdminRequired
|
|
* @NoCSRFRequired
|
|
*/
|
|
public function download($fileId, $toExtension = null, $template = false) {
|
|
$this->logger->debug("Download: $fileId $toExtension", ["app" => $this->appName]);
|
|
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return $this->renderError($this->trans->t("Not permitted"));
|
|
}
|
|
|
|
if ($template) {
|
|
$templateFile = TemplateManager::getTemplate($fileId);
|
|
|
|
if (empty($templateFile)) {
|
|
$this->logger->info("Download: template not found: $fileId", ["app" => $this->appName]);
|
|
return $this->renderError($this->trans->t("File not found"));
|
|
}
|
|
|
|
$file = $templateFile;
|
|
} else {
|
|
$user = $this->userSession->getUser();
|
|
$userId = null;
|
|
if (!empty($user)) {
|
|
$userId = $user->getUID();
|
|
}
|
|
|
|
list($file, $error, $share) = $this->getFile($userId, $fileId);
|
|
|
|
if (isset($error)) {
|
|
$this->logger->error("Download: $fileId $error", ["app" => $this->appName]);
|
|
return $this->renderError($error);
|
|
}
|
|
}
|
|
|
|
$canDownload = $this->fileUtility->hasPermissionAttribute($file);
|
|
if (!$canDownload) {
|
|
return $this->renderError($this->trans->t("Not permitted"));
|
|
}
|
|
|
|
$fileStorage = $file->getStorage();
|
|
if ($fileStorage->instanceOfStorage("\OCA\Files_Sharing\SharedStorage")) {
|
|
$share = empty($share) ? $fileStorage->getShare() : $share;
|
|
if (!FileUtility::canShareDownload($share)) {
|
|
return $this->renderError($this->trans->t("Not permitted"));
|
|
}
|
|
}
|
|
|
|
$fileName = $file->getName();
|
|
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
|
|
$toExtension = strtolower($toExtension);
|
|
|
|
if ($toExtension === null
|
|
|| $ext === $toExtension
|
|
|| $template
|
|
) {
|
|
return new DataDownloadResponse($file->getContent(), $fileName, $file->getMimeType());
|
|
}
|
|
|
|
$newFileUri = null;
|
|
$documentService = new DocumentService($this->trans, $this->config);
|
|
$key = $this->fileUtility->getKey($file);
|
|
$fileUrl = $this->getUrl($file, $user);
|
|
try {
|
|
$newFileUri = $documentService->getConvertedUri($fileUrl, $ext, $toExtension, $key);
|
|
} catch (\Exception $e) {
|
|
$this->logger->logException($e, ["message" => "getConvertedUri: " . $file->getId(), "app" => $this->appName]);
|
|
return $this->renderError($e->getMessage());
|
|
}
|
|
|
|
try {
|
|
$newData = $documentService->request($newFileUri);
|
|
} catch (\Exception $e) {
|
|
$this->logger->logException($e, ["message" => "Failed to download converted file", "app" => $this->appName]);
|
|
return $this->renderError($this->trans->t("Failed to download converted file"));
|
|
}
|
|
|
|
$fileNameWithoutExt = substr($fileName, 0, \strlen($fileName) - \strlen($ext) - 1);
|
|
$newFileName = $fileNameWithoutExt . "." . $toExtension;
|
|
|
|
$mimeType = $this->config->getMimeType($toExtension);
|
|
|
|
return new DataDownloadResponse($newData, $newFileName, $mimeType);
|
|
}
|
|
|
|
/**
|
|
* Print editor section
|
|
*
|
|
* @param integer $fileId - file identifier
|
|
* @param string $filePath - file path
|
|
* @param string $shareToken - access token
|
|
* @param integer $version - file version
|
|
* @param bool $inframe - open in frame
|
|
* @param bool $template - file is template
|
|
* @param string $anchor - anchor for file content
|
|
*
|
|
* @return TemplateResponse|RedirectResponse
|
|
*
|
|
* @NoAdminRequired
|
|
* @NoCSRFRequired
|
|
*/
|
|
public function index($fileId, $filePath = null, $shareToken = null, $version = 0, $inframe = false, $template = false, $anchor = null) {
|
|
$this->logger->debug("Open: $fileId ($version) $filePath", ["app" => $this->appName]);
|
|
|
|
if (empty($shareToken) && !$this->userSession->isLoggedIn()) {
|
|
$redirectUrl = $this->urlGenerator->linkToRoute(
|
|
"core.login.showLoginForm",
|
|
[
|
|
"redirect_url" => $this->request->getRequestUri()
|
|
]
|
|
);
|
|
return new RedirectResponse($redirectUrl);
|
|
}
|
|
|
|
$shareBy = null;
|
|
if (!empty($shareToken) && !$this->userSession->isLoggedIn()) {
|
|
list($share, $error) = $this->fileUtility->getShare($shareToken);
|
|
if (!empty($share)) {
|
|
$shareBy = $share->getSharedBy();
|
|
}
|
|
}
|
|
|
|
if (!$this->config->isUserAllowedToUse($shareBy)) {
|
|
return $this->renderError($this->trans->t("Not permitted"));
|
|
}
|
|
|
|
$documentServerUrl = $this->config->getDocumentServerUrl();
|
|
|
|
if (empty($documentServerUrl)) {
|
|
$this->logger->error("documentServerUrl is empty", ["app" => $this->appName]);
|
|
return $this->renderError($this->trans->t("ONLYOFFICE app is not configured. Please contact admin"));
|
|
}
|
|
|
|
$params = [
|
|
"fileId" => $fileId,
|
|
"filePath" => $filePath,
|
|
"shareToken" => $shareToken,
|
|
"version" => $version,
|
|
"template" => $template,
|
|
"inframe" => false,
|
|
"anchor" => $anchor
|
|
];
|
|
|
|
if ($inframe === true) {
|
|
$params["inframe"] = true;
|
|
$response = new TemplateResponse($this->appName, "editor", $params, "plain");
|
|
} else {
|
|
$response = new TemplateResponse($this->appName, "editor", $params);
|
|
}
|
|
|
|
$csp = new ContentSecurityPolicy();
|
|
$csp->allowInlineScript(true);
|
|
|
|
if (preg_match("/^https?:\/\//i", $documentServerUrl)) {
|
|
$csp->addAllowedScriptDomain($documentServerUrl);
|
|
$csp->addAllowedFrameDomain($documentServerUrl);
|
|
} else {
|
|
$csp->addAllowedFrameDomain("'self'");
|
|
}
|
|
$response->setContentSecurityPolicy($csp);
|
|
|
|
return $response;
|
|
}
|
|
|
|
/**
|
|
* Print public editor section
|
|
*
|
|
* @param integer $fileId - file identifier
|
|
* @param string $shareToken - access token
|
|
* @param integer $version - file version
|
|
* @param bool $inframe - open in frame
|
|
*
|
|
* @return TemplateResponse
|
|
*
|
|
* @NoAdminRequired
|
|
* @NoCSRFRequired
|
|
* @PublicPage
|
|
*/
|
|
public function publicPage($fileId, $shareToken, $version = 0, $inframe = false) {
|
|
return $this->index($fileId, null, $shareToken, $version, $inframe);
|
|
}
|
|
|
|
/**
|
|
* Getting file by identifier
|
|
*
|
|
* @param string $userId - user identifier
|
|
* @param integer $fileId - file identifier
|
|
* @param string $filePath - file path
|
|
* @param bool $template - file is template
|
|
*
|
|
* @return array
|
|
*/
|
|
private function getFile($userId, $fileId, $filePath = null, $template = false) {
|
|
if (empty($fileId)) {
|
|
return [null, $this->trans->t("FileId is empty"), null];
|
|
}
|
|
|
|
try {
|
|
$folder = !$template ? $this->root->getUserFolder($userId) : TemplateManager::getGlobalTemplateDir();
|
|
$files = $folder->getById($fileId);
|
|
} catch (\Exception $e) {
|
|
$this->logger->logException($e, ["message" => "getFile: $fileId", "app" => $this->appName]);
|
|
return [null, $this->trans->t("Invalid request"), null];
|
|
}
|
|
|
|
if (empty($files)) {
|
|
$this->logger->info("Files not found: $fileId", ["app" => $this->appName]);
|
|
return [null, $this->trans->t("File not found"), null];
|
|
}
|
|
|
|
$file = $files[0];
|
|
|
|
if (\count($files) > 1 && !empty($filePath)) {
|
|
$filePath = "/" . $userId . "/files" . $filePath;
|
|
foreach ($files as $curFile) {
|
|
if ($curFile->getPath() === $filePath) {
|
|
$file = $curFile;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!$file->isReadable()) {
|
|
return [null, $this->trans->t("You do not have enough permissions to view the file"), null];
|
|
}
|
|
|
|
return [$file, null, null];
|
|
}
|
|
|
|
/**
|
|
* Generate secure link to download document
|
|
*
|
|
* @param File $file - file
|
|
* @param IUser $user - user with access
|
|
* @param string $shareToken - access token
|
|
* @param integer $version - file version
|
|
* @param bool $changes - is required url to file changes
|
|
* @param bool $template - file is template
|
|
*
|
|
* @return string
|
|
*/
|
|
private function getUrl($file, $user = null, $shareToken = null, $version = 0, $changes = false, $template = false) {
|
|
$data = [
|
|
"action" => "download",
|
|
"fileId" => $file->getId()
|
|
];
|
|
|
|
$userId = null;
|
|
if (!empty($user)) {
|
|
$userId = $user->getUID();
|
|
$data["userId"] = $userId;
|
|
}
|
|
if (!empty($shareToken)) {
|
|
$data["shareToken"] = $shareToken;
|
|
}
|
|
if ($version > 0) {
|
|
$data["version"] = $version;
|
|
}
|
|
if ($changes) {
|
|
$data["changes"] = true;
|
|
}
|
|
if ($template) {
|
|
$data["template"] = true;
|
|
}
|
|
|
|
$hashUrl = $this->crypt->getHash($data);
|
|
|
|
$fileUrl = $this->urlGenerator->linkToRouteAbsolute($this->appName . ".callback.download", ["doc" => $hashUrl]);
|
|
|
|
if (!$this->config->useDemo() && !empty($this->config->getStorageUrl())) {
|
|
$fileUrl = str_replace($this->urlGenerator->getAbsoluteURL("/"), $this->config->getStorageUrl(), $fileUrl);
|
|
}
|
|
|
|
return $fileUrl;
|
|
}
|
|
|
|
/**
|
|
* Generate unique user identifier
|
|
*
|
|
* @param string $userId - current user identifier
|
|
*
|
|
* @return string
|
|
*/
|
|
private function buildUserId($userId) {
|
|
$instanceId = $this->config->getSystemValue("instanceid", true);
|
|
$userId = $instanceId . "_" . $userId;
|
|
return $userId;
|
|
}
|
|
|
|
/**
|
|
* Return list users who has access to file
|
|
*
|
|
* @param File $file - file
|
|
*
|
|
* @return array
|
|
*/
|
|
private function getAccessList($file) {
|
|
$result = [];
|
|
|
|
foreach ($this->shareManager->getSharesByPath($file) as $share) {
|
|
$accessList = [];
|
|
$shareWith = $share->getSharedWith();
|
|
if ($share->getShareType() === Share::SHARE_TYPE_GROUP) {
|
|
$group = $this->groupManager->get($shareWith);
|
|
$accessList = $group->getUsers();
|
|
} elseif ($share->getShareType() === Share::SHARE_TYPE_USER) {
|
|
array_push($accessList, $this->userManager->get($shareWith));
|
|
}
|
|
|
|
foreach ($accessList as $accessUser) {
|
|
if (!\in_array($accessUser, $result)) {
|
|
array_push($result, $accessUser);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!\in_array($file->getOwner(), $result)) {
|
|
array_push($result, $file->getOwner());
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Return allow autocomplete usernames
|
|
*
|
|
* @return bool
|
|
*/
|
|
private function allowEnumeration() {
|
|
return \OC::$server->getConfig()->getAppValue("core", "shareapi_allow_share_dialog_user_enumeration", "yes") === "yes";
|
|
}
|
|
|
|
/**
|
|
* Return allow autocomplete usernames group member only
|
|
*
|
|
* @return bool
|
|
*/
|
|
private function limitEnumerationToGroups() {
|
|
if ($this->allowEnumeration()) {
|
|
return \OC::$server->getConfig()->getAppValue("core", "shareapi_share_dialog_user_enumeration_group_members", "no") === "yes";
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Get Nextcloud userId from unique user identifier
|
|
*
|
|
* @param string $userId - current user identifier
|
|
*
|
|
* @return string
|
|
*/
|
|
private function getUserId($userId) {
|
|
if (str_contains($userId, "_")) {
|
|
$userIdExp = explode("_", $userId);
|
|
$userId = end($userIdExp);
|
|
}
|
|
return $userId;
|
|
}
|
|
|
|
/**
|
|
* Get File id from by link
|
|
*
|
|
* @param string $link - link to the file
|
|
*
|
|
* @return array
|
|
*/
|
|
private function getFileIdByLink(string $link) {
|
|
$path = parse_url($link, PHP_URL_PATH);
|
|
$encodedPath = array_map("urlencode", explode("/", $path));
|
|
$parsedLink = str_replace($path, implode("/", $encodedPath), $link);
|
|
if (filter_var($parsedLink, FILTER_VALIDATE_URL) === false) {
|
|
return [null, true];
|
|
}
|
|
|
|
$storageUrl = $this->urlGenerator->getAbsoluteURL("/");
|
|
if (parse_url($parsedLink, PHP_URL_HOST) !== parse_url($storageUrl, PHP_URL_HOST)) {
|
|
return [null, true];
|
|
}
|
|
|
|
if (preg_match('/\/onlyoffice\/(\d+)/', $parsedLink, $matches)) {
|
|
return [$matches[1], false];
|
|
}
|
|
|
|
return [null, false];
|
|
}
|
|
|
|
/**
|
|
* Print error page
|
|
*
|
|
* @param string $error - error message
|
|
* @param string $hint - error hint
|
|
*
|
|
* @return TemplateResponse
|
|
*/
|
|
private function renderError($error, $hint = "") {
|
|
return new TemplateResponse(
|
|
"",
|
|
"error",
|
|
[
|
|
"errors" => [
|
|
[
|
|
"error" => $error,
|
|
"hint" => $hint
|
|
]
|
|
]
|
|
],
|
|
"error"
|
|
);
|
|
}
|
|
}
|