Merge pull request #236 from ONLYOFFICE/develop

Release/2.1.1

CHANGELOG.md

@@ -1,5 +1,15 @@
 # Change Log
 
+## 2.1.1
+## Added
+- Swedish translation
+- support token in the body
+- desktop mode
+
+## Changed
+- fix opening shared file by registered user
+- fix translations
+
 ## 2.0.3
 ## Added
 - opening for editing not OOXML

appinfo/application.php

@@ -69,6 +69,7 @@ public function __construct(array $urlParams = []) {
         $eventDispatcher->addListener("OCA\Files::loadAdditionalScripts",
             function() {
                 if (!empty($this->appConfig->GetDocumentServerUrl()) && $this->appConfig->SettingsAreSuccessful()) {
+                    Util::addScript("onlyoffice", "desktop");
                     Util::addScript("onlyoffice", "main");
                     Util::addStyle("onlyoffice", "main");
                 }

appinfo/info.xml

@@ -7,7 +7,7 @@
     <description>ONLYOFFICE connector enables you to edit Office documents within ONLYOFFICE from the familiar web interface. This will create a new Open in ONLYOFFICE action within the document library for Office documents. This allows multiple users to collaborate in real time and to save back those changes to your file storage.</description>
     <licence>agpl</licence>
     <author>Ascensio System SIA</author>
-    <version>2.0.3</version>
+    <version>2.1.1</version>
     <namespace>Onlyoffice</namespace>
     <types>
         <filesystem/>

controller/callbackcontroller.php

@@ -190,24 +190,30 @@ public function download($doc) {
         $fileId = $hashData->fileId;
         $this->logger->debug("Download: " . $fileId, array("app" => $this->appName));
 
-        if (!empty($this->config->GetDocumentServerSecret())) {
-            $header = \OC::$server->getRequest()->getHeader($this->config->JwtHeader());
-            if (empty($header)) {
-                $this->logger->error("Download without jwt", array("app" => $this->appName));
-                return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
-            }
+        if (!$this->userSession->isLoggedIn()) {
+            if (!empty($this->config->GetDocumentServerSecret())) {
+                $header = \OC::$server->getRequest()->getHeader($this->config->JwtHeader());
+                if (empty($header)) {
+                    $this->logger->error("Download without jwt", array("app" => $this->appName));
+                    return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
+                }
 
-            $header = substr($header, strlen("Bearer "));
+                $header = substr($header, strlen("Bearer "));
 
-            try {
-                $decodedHeader = \Firebase\JWT\JWT::decode($header, $this->config->GetDocumentServerSecret(), array("HS256"));
-            } catch (\UnexpectedValueException $e) {
-                $this->logger->error("Download with invalid jwt: " . $e->getMessage(), array("app" => $this->appName));
-                return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
+                try {
+                    $decodedHeader = \Firebase\JWT\JWT::decode($header, $this->config->GetDocumentServerSecret(), array("HS256"));
+                } catch (\UnexpectedValueException $e) {
+                    $this->logger->error("Download with invalid jwt: " . $e->getMessage(), array("app" => $this->appName));
+                    return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
+                }
             }
         }
 
-        $userId = $hashData->userId;
+        if ($this->userSession->isLoggedIn()) {
+            $userId = $this->userSession->getUser()->getUID();
+        } else {
+            $userId = $hashData->userId;
+        }
 
         $token = isset($hashData->token) ? $hashData->token : NULL;
         list ($file, $error) = empty($token) ? $this->getFile($userId, $fileId) : $this->getFileByToken($fileId, $token);
@@ -216,6 +222,11 @@ public function download($doc) {
             return $error;
         }
 
+        if ($this->userSession->isLoggedIn() && !$file->isReadable()) {
+            $this->logger->error("Download without access right", array("app" => $this->appName));
+            return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
+        }
+
         try {
             return new DataDownloadResponse($file->getContent(), $file->getName(), $file->getMimeType());
         } catch (NotPermittedException  $e) {
@@ -299,7 +310,7 @@ public function emptyfile($doc) {
      * @PublicPage
      * @CORS
      */
-    public function track($doc, $users, $key, $status, $url) {
+    public function track($doc, $users, $key, $status, $url, $token) {
 
         list ($hashData, $error) = $this->crypt->ReadHash($doc);
         if ($hashData === NULL) {
@@ -315,27 +326,37 @@ public function track($doc, $users, $key, $status, $url) {
         $this->logger->debug("Track: " . $fileId . " status " . $status, array("app" => $this->appName));
 
         if (!empty($this->config->GetDocumentServerSecret())) {
-            $header = \OC::$server->getRequest()->getHeader($this->config->JwtHeader());
-            if (empty($header)) {
-                $this->logger->error("Track without jwt", array("app" => $this->appName));
-                return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
-            }
+            if (!empty($token)) {
+                try {
+                    $payload = \Firebase\JWT\JWT::decode($token, $this->config->GetDocumentServerSecret(), array("HS256"));
+                } catch (\UnexpectedValueException $e) {
+                    $this->logger->error("Track with invalid jwt in body: " . $e->getMessage(), array("app" => $this->appName));
+                    return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
+                }
+            } else {
+                $header = \OC::$server->getRequest()->getHeader($this->config->JwtHeader());
+                if (empty($header)) {
+                    $this->logger->error("Track without jwt", array("app" => $this->appName));
+                    return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
+                }
 
-            $header = substr($header, strlen("Bearer "));
+                $header = substr($header, strlen("Bearer "));
 
-            try {
-                $decodedHeader = \Firebase\JWT\JWT::decode($header, $this->config->GetDocumentServerSecret(), array("HS256"));
-                $this->logger->debug("Track HEADER : " . json_encode($decodedHeader), array("app" => $this->appName));
+                try {
+                    $decodedHeader = \Firebase\JWT\JWT::decode($header, $this->config->GetDocumentServerSecret(), array("HS256"));
+                    $this->logger->debug("Track HEADER : " . json_encode($decodedHeader), array("app" => $this->appName));
 
-                $payload = $decodedHeader->payload;
-                $users = isset($payload->users) ? $payload->users : NULL;
-                $key = $payload->key;
-                $status = $payload->status;
-                $url = isset($payload->url) ? $payload->url : NULL;
-            } catch (\UnexpectedValueException $e) {
-                $this->logger->error("Track with invalid jwt: " . $e->getMessage(), array("app" => $this->appName));
-                return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
+                    $payload = $decodedHeader->payload;
+                } catch (\UnexpectedValueException $e) {
+                    $this->logger->error("Track with invalid jwt: " . $e->getMessage(), array("app" => $this->appName));
+                    return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
+                }
             }
+
+            $users = isset($payload->users) ? $payload->users : NULL;
+            $key = $payload->key;
+            $status = $payload->status;
+            $url = isset($payload->url) ? $payload->url : NULL;
         }
 
         $trackerStatus = $this->_trackerStatus[$status];
@@ -435,19 +456,19 @@ public function track($doc, $users, $key, $status, $url) {
      */
     private function getFile($userId, $fileId) {
         if (empty($fileId)) {
-            return [NULL, $this->trans->t("FileId is empty")];
+            return [NULL, new JSONResponse(["message" => $this->trans->t("FileId is empty")], Http::STATUS_BAD_REQUEST)];
         }
 
         $files = $this->root->getUserFolder($userId)->getById($fileId);
         if (empty($files)) {
             $this->logger->error("Files not found: " . $fileId, array("app" => $this->appName));
-            return new JSONResponse(["message" => $this->trans->t("Files not found")], Http::STATUS_NOT_FOUND);
+            return [NULL, new JSONResponse(["message" => $this->trans->t("Files not found")], Http::STATUS_NOT_FOUND)];
         }
         $file = $files[0];
 
-        if (! $file instanceof File) {
+        if (!($file instanceof File)) {
             $this->logger->error("File not found: " . $fileId, array("app" => $this->appName));
-            return new JSONResponse(["message" => $this->trans->t("File not found")], Http::STATUS_NOT_FOUND);
+            return [NULL, new JSONResponse(["message" => $this->trans->t("File not found")], Http::STATUS_NOT_FOUND)];
         }
 
         return [$file, NULL];
@@ -472,7 +493,7 @@ private function getFileByToken($fileId, $token) {
             $node = $share->getNode();
         } catch (NotFoundException $e) {
             $this->logger->error("getFileByToken error: " . $e->getMessage(), array("app" => $this->appName));
-            return [NULL, $this->trans->t("File not found")];
+            return [NULL, new JSONResponse(["message" => $this->trans->t("File not found")], Http::STATUS_NOT_FOUND)];
         }
 
         if ($node instanceof Folder) {
@@ -493,7 +514,7 @@ private function getFileByToken($fileId, $token) {
      */
     private function getShare($token) {
         if (empty($token)) {
-            return [NULL, $this->trans->t("FileId is empty")];
+            return [NULL, new JSONResponse(["message" => $this->trans->t("FileId is empty")], Http::STATUS_BAD_REQUEST)];
         }
 
         $share;
@@ -505,7 +526,7 @@ private function getShare($token) {
         }
 
         if ($share === NULL || $share === false) {
-            return [NULL, $this->trans->t("You do not have enough permissions to view the file")];
+            return [NULL, new JSONResponse(["message" => $this->trans->t("You do not have enough permissions to view the file")], Http::STATUS_FORBIDDEN)];
         }
 
         return [$share, NULL];

controller/editorcontroller.php

@@ -397,7 +397,7 @@ public function PublicPage($fileId, $token) {
      * @NoAdminRequired
      * @PublicPage
      */
-    public function config($fileId, $token = NULL) {
+    public function config($fileId, $token = NULL, $desktop = false) {
 
         $user = $this->userSession->getUser();
         $userId = NULL;
@@ -477,14 +477,17 @@ public function config($fileId, $token = NULL) {
                     "dir" => $folderPath,
                     "scrollto" => $file->getName()
                 ];
+                $folderLink = $this->urlGenerator->linkToRouteAbsolute("files.view.index", $linkAttr);
+
+                $params["editorConfig"]["customization"]["goback"] = [
+                    "url"  => $folderLink
+                ];
             }
-            $folderLink = $this->urlGenerator->linkToRouteAbsolute("files.view.index", $linkAttr);
 
-            $params["editorConfig"]["customization"]["goback"] = [
-                "url"  => $folderLink
-            ];
-            if ($this->config->GetSameTab()) {
-                $params["editorConfig"]["customization"]["goback"]["blank"] = false;
+            if (!$desktop) {
+                if ($this->config->GetSameTab()) {
+                    $params["editorConfig"]["customization"]["goback"]["blank"] = false;
+                }
             }
         }
 

css/editor.css

@@ -30,7 +30,14 @@
     position: absolute;
     vertical-align: top;
 }
-
 #iframeEditor.error {
     color: red;
-}
+}
+
+.AscDesktopEditor #header {
+    display: none;
+}
+.AscDesktopEditor #content-wrapper {
+    padding-top: 0;
+}
+

css/main.css

@@ -34,4 +34,21 @@
 }
 .icon-onlyoffice-new-pptx {
     background-image: url("../img/new-pptx.svg");
-}
+}
+
+.AscDesktopEditor #header {
+    display: none;
+}
+.AscDesktopEditor #content-wrapper {
+    padding-top: 0;
+}
+.AscDesktopEditor #controls,
+.AscDesktopEditor #app-sidebar {
+    top: 0;
+}
+.AscDesktopEditor #body-user table.multiselect thead {
+    top: 44px;
+}
+.AscDesktopEditor #body-user #gallery-button {
+    display: none;
+}

js/desktop.js

@@ -0,0 +1,51 @@
+/**
+ *
+ * (c) Copyright Ascensio System Limited 2010-2018
+ *
+ * This program is a free software product.
+ * You can redistribute it and/or modify it under the terms of the GNU Affero General Public License
+ * (AGPL) version 3 as published by the Free Software Foundation.
+ * In accordance with Section 7(a) of the GNU AGPL its Section 15 shall be amended to the effect
+ * that Ascensio System SIA expressly excludes the warranty of non-infringement of any third-party rights.
+ *
+ * This program is distributed WITHOUT ANY WARRANTY;
+ * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * For details, see the GNU AGPL at: http://www.gnu.org/licenses/agpl-3.0.html
+ *
+ * You can contact Ascensio System SIA at 17-2 Elijas street, Riga, Latvia, EU, LV-1021.
+ *
+ * The interactive user interfaces in modified source and object code versions of the Program
+ * must display Appropriate Legal Notices, as required under Section 5 of the GNU AGPL version 3.
+ *
+ * Pursuant to Section 7(b) of the License you must retain the original Product logo when distributing the program.
+ * Pursuant to Section 7(e) we decline to grant you any rights under trademark law for use of our trademarks.
+ *
+ * All the Product's GUI elements, including illustrations and icon sets, as well as technical
+ * writing content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0 International.
+ * See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode
+ *
+ */
+
+(function (OCA) {
+
+    OCA.Onlyoffice = _.extend({}, OCA.Onlyoffice);
+
+    if (!window["AscDesktopEditor"]) {
+        return;
+    }
+
+    OCA.Onlyoffice.Desktop = true;
+    $("html").addClass("AscDesktopEditor");
+
+    var domain = location.href.split(OC.generateUrl(""))[0];
+
+    var data = {
+        displayName: oc_user.displayName,
+        domain: domain,
+        email: oc_user.email,
+        provider: "ownCloud",
+    };
+
+    window.AscDesktopEditor.execCommand("portal:login", JSON.stringify(data));
+
+})(OCA);

js/editor.js

@@ -28,12 +28,9 @@
 
 (function ($, OCA) {
 
-    OCA.Onlyoffice = _.extend({}, OCA.Onlyoffice);
-    if (!OCA.Onlyoffice.AppName) {
-        OCA.Onlyoffice = {
+    OCA.Onlyoffice = _.extend({
             AppName: "onlyoffice"
-        };
-    }
+        }, OCA.Onlyoffice);
 
     OCA.Onlyoffice.InitEditor = function () {
         var displayError = function (error) {
@@ -52,8 +49,21 @@
             return;
         }
 
+        var configUrl = OC.generateUrl("apps/onlyoffice/ajax/config/" + (fileId || 0));
+
+        var params = [];
+        if (fileToken) {
+            params.push("token=" + encodeURIComponent(fileToken));
+        }
+        if (OCA.Onlyoffice.Desktop) {
+            params.push("desktop=true");
+        }
+        if (params.length) {
+            configUrl += "?" + params.join("&");
+        }
+
         $.ajax({
-            url: OC.generateUrl("apps/onlyoffice/ajax/config/" + (fileId || 0) + (fileToken ? "?token=" + encodeURIComponent(fileToken) : "")),
+            url: configUrl,
             success: function onSuccess(config) {
                 if (config) {
                     if (config.error != null) {
@@ -94,4 +104,4 @@
 
     $(document).ready(OCA.Onlyoffice.InitEditor);
 
-})(jQuery, OCA);
+})(jQuery, OCA);