Merge pull request #109 from ONLYOFFICE/develop

Release/1.1.5

CHANGELOG.md

@@ -1,5 +1,13 @@
 # Change Log
 
+## 1.1.5
+## Added
+- the ability to change the header key
+
+## Changed
+- fix opening file from external storage
+- fix opening federated shared file
+
 ## 1.1.4
 ## Added
 - extended list of languages for new files

appinfo/info.xml

@@ -5,15 +5,17 @@
     <name>Onlyoffice</name>
     <summary>ownCloud ONLYOFFICE integration app</summary>
     <description>ONLYOFFICE integration app enables users to edit Office documents within ONLYOFFICE from OwnCloud. This will create a new Open in ONLYOFFICE action within the document library for Office documents. This allows multiple users to collaborate in real time and to save back those changes to OwnCloud.</description>
-    <licence>AGPL</licence>
+    <licence>agpl</licence>
     <author>Ascensio System SIA</author>
-    <version>1.1.4</version>
+    <version>1.1.5</version>
     <namespace>Onlyoffice</namespace>
     <types>
         <filesystem/>
     </types>
     <documentation>
         <admin>https://api.onlyoffice.com/editors/owncloud</admin>
+        <developer>https://api.onlyoffice.com/editors/owncloud</developer>
+        <user>https://api.onlyoffice.com/editors/owncloud</user>
     </documentation>
     <category>files</category>
     <category>integration</category>

controller/callbackcontroller.php

@@ -172,7 +172,7 @@ public function download($doc) {
         $this->logger->debug("Download: " . $fileId, array("app" => $this->appName));
 
         if (!empty($this->config->GetDocumentServerSecret())) {
-            $header = \OC::$server->getRequest()->getHeader("Authorization");
+            $header = \OC::$server->getRequest()->getHeader($this->config->JwtHeader());
             if (empty($header)) {
                 $this->logger->info("Download without jwt", array("app" => $this->appName));
                 return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
@@ -188,9 +188,9 @@ public function download($doc) {
             }
         }
 
-        $ownerId = $hashData->ownerId;
+        $userId = $hashData->userId;
 
-        $files = $this->root->getUserFolder($ownerId)->getById($fileId);
+        $files = $this->root->getUserFolder($userId)->getById($fileId);
         if (empty($files)) {
             $this->logger->info("Files for download not found: " . $fileId, array("app" => $this->appName));
             return new JSONResponse(["message" => $this->trans->t("Files not found")], Http::STATUS_NOT_FOUND);
@@ -237,7 +237,7 @@ public function emptyfile($doc) {
         }
 
         if (!empty($this->config->GetDocumentServerSecret())) {
-            $header = \OC::$server->getRequest()->getHeader("Authorization");
+            $header = \OC::$server->getRequest()->getHeader($this->config->JwtHeader());
             if (empty($header)) {
                 $this->logger->info("Download empty without jwt", array("app" => $this->appName));
                 return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
@@ -301,7 +301,7 @@ public function track($doc, $users, $key, $status, $url) {
         $this->logger->debug("Track: " . $fileId . " status " . $status, array("app" => $this->appName));
 
         if (!empty($this->config->GetDocumentServerSecret())) {
-            $header = \OC::$server->getRequest()->getHeader("Authorization");
+            $header = \OC::$server->getRequest()->getHeader($this->config->JwtHeader());
             if (empty($header)) {
                 $this->logger->info("Track without jwt", array("app" => $this->appName));
                 return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
@@ -335,12 +335,12 @@ public function track($doc, $users, $key, $status, $url) {
                     return new JSONResponse(["message" => $this->trans->t("Url not found")], Http::STATUS_BAD_REQUEST);
                 }
 
-                $ownerId = $hashData->ownerId;
+                $userId = $hashData->userId;
 
                 \OC_Util::tearDownFS();
-                \OC_Util::setupFS($ownerId);
+                \OC_Util::setupFS($userId);
 
-                $files = $this->root->getUserFolder($ownerId)->getById($fileId);
+                $files = $this->root->getUserFolder($userId)->getById($fileId);
                 if (empty($files)) {
                     $this->logger->info("Files for track not found: " . $fileId, array("app" => $this->appName));
                     return new JSONResponse(["message" => $this->trans->t("Files not found")], Http::STATUS_NOT_FOUND);
@@ -384,10 +384,14 @@ public function track($doc, $users, $key, $status, $url) {
                     }
                 }
 
-                if (($newData = $documentService->Request($url))) {
+                $this->userSession->setUser($this->userManager->get($users[0]));
 
-                    $this->userSession->setUser($this->userManager->get($users[0]));
+                if (!$file->isUpdateable()) {
+                    $this->logger->error("Save error. File is not updateable: " . $fileId, array("app" => $this->appName));
+                    return new JSONResponse(["message" => $this->trans->t("Access denied")], Http::STATUS_FORBIDDEN);
+                }
 
+                if (($newData = $documentService->Request($url))) {
                     $file->putContent($newData);
                     $error = 0;
                 }

controller/editorcontroller.php

@@ -357,17 +357,15 @@ public function config($fileId) {
         }
 
         $userId = $this->userSession->getUser()->getUID();
-        $ownerId = $file->getOwner()->getUID();
-        $folderPath = NULL;
-        try {
-            $userFolder = $this->root->getUserFolder($ownerId);
-            $folderPath = $userFolder->getRelativePath($file->getParent()->getPath());
-        } catch (NoUserException $e) {
-            $ownerId = $userId;
-        }
+        $userFolder = $this->root->getUserFolder($userId);
+        $folderPath = $userFolder->getRelativePath($file->getParent()->getPath());
+        $folderLink = $this->urlGenerator->linkToRouteAbsolute("files.view.index", [
+                "dir" => $folderPath,
+                "scrollto" => $file->getName()
+            ]);
 
         $fileId = $file->getId();
-        $hashCallback = $this->crypt->GetHash(["fileId" => $fileId, "ownerId" => $ownerId, "action" => "track"]);
+        $hashCallback = $this->crypt->GetHash(["fileId" => $fileId, "userId" => $userId, "action" => "track"]);
         $fileUrl = $this->getUrl($file);
         $key = $this->getKey($file);
 
@@ -388,6 +386,11 @@ public function config($fileId) {
             "documentType" => $format["type"],
             "editorConfig" => [
                 "callbackUrl" => $callback,
+                "customization" => [
+                    "goback" => [
+                        "url" => $folderLink
+                    ]
+                ],
                 "lang" => str_replace("_", "-", \OC::$server->getL10NFactory("")->get("")->getLanguageCode()),
                 "mode" => (empty($callback) ? "view" : "edit"),
                 "user" => [
@@ -397,24 +400,13 @@ public function config($fileId) {
             ]
         ];
 
-        if (!empty($folderPath)) {
-            $args = [
-                "dir" => $folderPath,
-                "scrollto" => $file->getName()
-            ];
-
-            $params["editorConfig"]["customization"] = [
-                    "goback" => [
-                        "url" =>  $this->urlGenerator->linkToRouteAbsolute("files.view.index", $args)
-                    ]
-                ];
-        }
-
         if (!empty($this->config->GetDocumentServerSecret())) {
             $token = \Firebase\JWT\JWT::encode($params, $this->config->GetDocumentServerSecret());
             $params["token"] = $token;
         }
 
+        $this->logger->debug("Config is generated for: " . $fileId . " with key " . $key, array("app" => $this->appName));
+
         return $params;
     }
 
@@ -452,15 +444,15 @@ private function getFile($fileId) {
     private function getKey($file) {
         $fileId = $file->getId();
 
+        $key = $fileId . "_" . $file->getMtime();
+
         $ownerId = $file->getOwner()->getUID();
         try {
             $this->root->getUserFolder($ownerId);
         } catch (NoUserException $e) {
             $ownerId = $this->userSession->getUser()->getUID();
         }
 
-        $key = $fileId . $file->getMtime();
-
         $ownerView = new View("/" . $ownerId . "/files");
         $filePath = $ownerView->getPath($fileId);
         $versions = [];
@@ -470,8 +462,9 @@ private function getKey($file) {
 
         $countVersions = count($versions);
         if ($countVersions > 0) {
-            $key = $key . $countVersions;
+            $key = $key . "_" . $countVersions;
         }
+
         return $key;
     }
 
@@ -485,14 +478,9 @@ private function getKey($file) {
     private function getUrl($file) {
         $fileId = $file->getId();
 
-        $ownerId = $file->getOwner()->getUID();
-        try {
-            $this->root->getUserFolder($ownerId);
-        } catch (NoUserException $e) {
-            $ownerId = $userId;
-        }
+        $userId = $this->userSession->getUser()->getUID();
 
-        $hashUrl = $this->crypt->GetHash(["fileId" => $fileId, "ownerId" => $ownerId, "action" => "download"]);
+        $hashUrl = $this->crypt->GetHash(["fileId" => $fileId, "userId" => $userId, "action" => "download"]);
 
         $fileUrl = $this->urlGenerator->linkToRouteAbsolute($this->appName . ".callback.download", ["doc" => $hashUrl]);
 

lib/appconfig.php

@@ -78,13 +78,6 @@ class AppConfig {
      */
     private $_storageUrl = "StorageUrl";
 
-    /**
-     * The config key for the secret key in jwt
-     *
-     * @var string
-     */
-    private $_secret = "DocumentServerSecret";
-
     /**
      * The config key for the secret key
      *
@@ -113,6 +106,20 @@ class AppConfig {
      */
     private $_verification = "verify_peer_off";
 
+    /**
+     * The config key for the secret key in jwt
+     *
+     * @var string
+     */
+    private $_jwtSecret = "jwt_secret";
+
+    /**
+     * The config key for the jwt header
+     *
+     * @var string
+     */
+    private $_jwtHeader = "jwt_header";
+
     /**
      * @param string $AppName - application name
      */
@@ -247,7 +254,7 @@ public function SetDocumentServerSecret($secret) {
             $this->logger->info("Set secret key", array("app" => $this->appName));
         }
 
-        $this->config->setAppValue($this->appName, $this->_secret, $secret);
+        $this->config->setAppValue($this->appName, $this->_jwtSecret, $secret);
     }
 
     /**
@@ -256,11 +263,11 @@ public function SetDocumentServerSecret($secret) {
      * @return string
      */
     public function GetDocumentServerSecret() {
-        $secret = $this->config->getAppValue($this->appName, $this->_secret, "");
+        $secret = $this->config->getAppValue($this->appName, $this->_jwtSecret, "");
         if (empty($secret)
             && !empty($this->config->getSystemValue($this->appName))
-            && array_key_exists($this->_secret, $this->config->getSystemValue($this->appName))) {
-            $secret = $this->config->getSystemValue($this->appName)[$this->_secret];
+            && array_key_exists($this->_jwtSecret, $this->config->getSystemValue($this->appName))) {
+            $secret = $this->config->getSystemValue($this->appName)[$this->_jwtSecret];
         }
         return $secret;
     }
@@ -331,19 +338,33 @@ public function GetSameTab() {
         return $this->config->getAppValue($this->appName, $this->_sameTab, "false") === "true";
     }
 
-        /**
-         * Get the turn off verification setting
-         *
-         * @return boolean
-         */
-        public function TurnOffVerification() {
-            $turnOff = FALSE;
-            if (!empty($this->config->getSystemValue($this->appName))
-                && array_key_exists($this->_verification, $this->config->getSystemValue($this->appName))) {
-                $turnOff = $this->config->getSystemValue($this->appName)[$this->_verification];
-            }
-            return $turnOff === TRUE;
+    /**
+     * Get the turn off verification setting
+     *
+     * @return boolean
+     */
+    public function TurnOffVerification() {
+        $turnOff = FALSE;
+        if (!empty($this->config->getSystemValue($this->appName))
+            && array_key_exists($this->_verification, $this->config->getSystemValue($this->appName))) {
+            $turnOff = $this->config->getSystemValue($this->appName)[$this->_verification];
         }
+        return $turnOff === TRUE;
+    }
+
+    /**
+     * Get the jwt header setting
+     *
+     * @return boolean
+     */
+    public function JwtHeader() {
+        $header = "Authorization";
+        if (!empty($this->config->getSystemValue($this->appName))
+            && array_key_exists($this->_jwtHeader, $this->config->getSystemValue($this->appName))) {
+            $header = $this->config->getSystemValue($this->appName)[$this->_jwtHeader];
+        }
+        return $header;
+    }
 
 
     /**

lib/documentservice.php

@@ -166,7 +166,7 @@ function SendRequestToConvertService($document_uri, $from_extension, $to_extensi
                 "payload" => $data
             ];
             $token = \Firebase\JWT\JWT::encode($params, $this->config->GetDocumentServerSecret());
-            $opts["http"]["header"] = $opts["http"]["header"] . "Authorization: Bearer " . $token . "\r\n";
+            $opts["http"]["header"] = $opts["http"]["header"] . $this->config->JwtHeader() . ": Bearer " . $token . "\r\n";
         }
 
         $ServiceConverterMaxTry = 3;
@@ -281,7 +281,7 @@ function CommandRequest($method) {
                 "payload" => $data
             ];
             $token = \Firebase\JWT\JWT::encode($params, $this->config->GetDocumentServerSecret());
-            $opts["http"]["header"] = $opts["http"]["header"] . "Authorization: Bearer " . $token . "\r\n";
+            $opts["http"]["header"] = $opts["http"]["header"] . $this->config->JwtHeader() . ": Bearer " . $token . "\r\n";
         }
 
         if (($response = $this->Request($urlCommand, $opts)) === FALSE) {