Plugin: OnlyOffice: Bump to 1.4 & add support for document viewer in learning path

plugin/onlyoffice/.php-cs-fixer.dist.php

@@ -0,0 +1,37 @@
+<?php
+
+$rules = [
+    '@Symfony' => true,
+    'array_syntax' => [
+        'syntax' => 'short',
+    ],
+    'blank_line_after_opening_tag' => false,
+    'no_extra_blank_lines' => true,
+    'multiline_comment_opening_closing' => true,
+    'yoda_style' => false,
+    'phpdoc_to_comment' => false,
+    'phpdoc_no_package' => false,
+    'phpdoc_annotation_without_dot' => false,
+    'increment_style' => ['style' => 'post'],
+    'no_useless_else' => false,
+    'single_quote' => false,
+    'no_useless_return' => true,
+    'ordered_class_elements' => true,
+    'ordered_imports' => true,
+    'phpdoc_order' => true,
+    'no_break_comment' => true,
+];
+
+$finder = PhpCsFixer\Finder::create()
+    ->exclude('3rdparty')
+    ->exclude('assets')
+    ->exclude('layout')
+    ->exclude('resources')
+    ->in(__DIR__)
+;
+
+$config = new PhpCsFixer\Config();
+return $config->setRules(
+        $rules
+    )
+    ->setFinder($finder);

plugin/onlyoffice/.php-cs-fixer.php

@@ -0,0 +1,3 @@
+<?php
+
+return require_once __DIR__.'/.php-cs-fixer.dist.php';

plugin/onlyoffice/3rd-Party.txt

@@ -1,5 +0,0 @@
-Chamilo ONLYOFFICE integration plugin uses code from the following 3rd party projects:
-
-JWT           - JSON Web Token implementation (https://github.com/firebase/php-jwt/blob/master/LICENSE)
-License:        BSD
-License File:   3rdparty/jwt/LICENSE

plugin/onlyoffice/3rdparty/jwt/BeforeValidException.php

@@ -1,7 +0,0 @@
-<?php
-namespace Firebase\JWT;
-
-class BeforeValidException extends \UnexpectedValueException
-{
-
-}

plugin/onlyoffice/3rdparty/jwt/ExpiredException.php

@@ -1,7 +0,0 @@
-<?php
-namespace Firebase\JWT;
-
-class ExpiredException extends \UnexpectedValueException
-{
-
-}

plugin/onlyoffice/3rdparty/jwt/JWT.php

@@ -1,370 +0,0 @@
-<?php
-
-namespace Firebase\JWT;
-use \DomainException;
-use \InvalidArgumentException;
-use \UnexpectedValueException;
-use \DateTime;
-
-/**
- * JSON Web Token implementation, based on this spec:
- * http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06
- *
- * PHP version 5
- *
- * @category Authentication
- * @package  Authentication_JWT
- * @author   Neuman Vong <neuman@twilio.com>
- * @author   Anant Narayanan <anant@php.net>
- * @license  http://opensource.org/licenses/BSD-3-Clause 3-clause BSD
- * @link     https://github.com/firebase/php-jwt
- */
-class JWT
-{
-
-    /**
-     * When checking nbf, iat or expiration times,
-     * we want to provide some extra leeway time to
-     * account for clock skew.
-     */
-    public static $leeway = 0;
-
-    /**
-     * Allow the current timestamp to be specified.
-     * Useful for fixing a value within unit testing.
-     *
-     * Will default to PHP time() value if null.
-     */
-    public static $timestamp = null;
-
-    public static $supported_algs = array(
-        'HS256' => array('hash_hmac', 'SHA256'),
-        'HS512' => array('hash_hmac', 'SHA512'),
-        'HS384' => array('hash_hmac', 'SHA384'),
-        'RS256' => array('openssl', 'SHA256'),
-    );
-
-    /**
-     * Decodes a JWT string into a PHP object.
-     *
-     * @param string        $jwt            The JWT
-     * @param string|array  $key            The key, or map of keys.
-     *                                      If the algorithm used is asymmetric, this is the public key
-     * @param array         $allowed_algs   List of supported verification algorithms
-     *                                      Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
-     *
-     * @return object The JWT's payload as a PHP object
-     *
-     * @throws UnexpectedValueException     Provided JWT was invalid
-     * @throws SignatureInvalidException    Provided JWT was invalid because the signature verification failed
-     * @throws BeforeValidException         Provided JWT is trying to be used before it's eligible as defined by 'nbf'
-     * @throws BeforeValidException         Provided JWT is trying to be used before it's been created as defined by 'iat'
-     * @throws ExpiredException             Provided JWT has since expired, as defined by the 'exp' claim
-     *
-     * @uses jsonDecode
-     * @uses urlsafeB64Decode
-     */
-    public static function decode($jwt, $key, $allowed_algs = array())
-    {
-        $timestamp = is_null(static::$timestamp) ? time() : static::$timestamp;
-
-        if (empty($key)) {
-            throw new InvalidArgumentException('Key may not be empty');
-        }
-        if (!is_array($allowed_algs)) {
-            throw new InvalidArgumentException('Algorithm not allowed');
-        }
-        $tks = explode('.', $jwt);
-        if (count($tks) != 3) {
-            throw new UnexpectedValueException('Wrong number of segments');
-        }
-        list($headb64, $bodyb64, $cryptob64) = $tks;
-        if (null === ($header = static::jsonDecode(static::urlsafeB64Decode($headb64)))) {
-            throw new UnexpectedValueException('Invalid header encoding');
-        }
-        if (null === $payload = static::jsonDecode(static::urlsafeB64Decode($bodyb64))) {
-            throw new UnexpectedValueException('Invalid claims encoding');
-        }
-        $sig = static::urlsafeB64Decode($cryptob64);
-        
-        if (empty($header->alg)) {
-            throw new UnexpectedValueException('Empty algorithm');
-        }
-        if (empty(static::$supported_algs[$header->alg])) {
-            throw new UnexpectedValueException('Algorithm not supported');
-        }
-        if (!in_array($header->alg, $allowed_algs)) {
-            throw new UnexpectedValueException('Algorithm not allowed');
-        }
-        if (is_array($key) || $key instanceof \ArrayAccess) {
-            if (isset($header->kid)) {
-                $key = $key[$header->kid];
-            } else {
-                throw new UnexpectedValueException('"kid" empty, unable to lookup correct key');
-            }
-        }
-
-        // Check the signature
-        if (!static::verify("$headb64.$bodyb64", $sig, $key, $header->alg)) {
-            throw new SignatureInvalidException('Signature verification failed');
-        }
-
-        // Check if the nbf if it is defined. This is the time that the
-        // token can actually be used. If it's not yet that time, abort.
-        if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) {
-            throw new BeforeValidException(
-                'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->nbf)
-            );
-        }
-
-        // Check that this token has been created before 'now'. This prevents
-        // using tokens that have been created for later use (and haven't
-        // correctly used the nbf claim).
-        if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) {
-            throw new BeforeValidException(
-                'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->iat)
-            );
-        }
-
-        // Check if this token has expired.
-        if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) {
-            throw new ExpiredException('Expired token');
-        }
-
-        return $payload;
-    }
-
-    /**
-     * Converts and signs a PHP object or array into a JWT string.
-     *
-     * @param object|array  $payload    PHP object or array
-     * @param string        $key        The secret key.
-     *                                  If the algorithm used is asymmetric, this is the private key
-     * @param string        $alg        The signing algorithm.
-     *                                  Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
-     * @param mixed         $keyId
-     * @param array         $head       An array with header elements to attach
-     *
-     * @return string A signed JWT
-     *
-     * @uses jsonEncode
-     * @uses urlsafeB64Encode
-     */
-    public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $head = null)
-    {
-        $header = array('typ' => 'JWT', 'alg' => $alg);
-        if ($keyId !== null) {
-            $header['kid'] = $keyId;
-        }
-        if ( isset($head) && is_array($head) ) {
-            $header = array_merge($head, $header);
-        }
-        $segments = array();
-        $segments[] = static::urlsafeB64Encode(static::jsonEncode($header));
-        $segments[] = static::urlsafeB64Encode(static::jsonEncode($payload));
-        $signing_input = implode('.', $segments);
-
-        $signature = static::sign($signing_input, $key, $alg);
-        $segments[] = static::urlsafeB64Encode($signature);
-
-        return implode('.', $segments);
-    }
-
-    /**
-     * Sign a string with a given key and algorithm.
-     *
-     * @param string            $msg    The message to sign
-     * @param string|resource   $key    The secret key
-     * @param string            $alg    The signing algorithm.
-     *                                  Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
-     *
-     * @return string An encrypted message
-     *
-     * @throws DomainException Unsupported algorithm was specified
-     */
-    public static function sign($msg, $key, $alg = 'HS256')
-    {
-        if (empty(static::$supported_algs[$alg])) {
-            throw new DomainException('Algorithm not supported');
-        }
-        list($function, $algorithm) = static::$supported_algs[$alg];
-        switch($function) {
-            case 'hash_hmac':
-                return hash_hmac($algorithm, $msg, $key, true);
-            case 'openssl':
-                $signature = '';
-                $success = openssl_sign($msg, $signature, $key, $algorithm);
-                if (!$success) {
-                    throw new DomainException("OpenSSL unable to sign data");
-                } else {
-                    return $signature;
-                }
-        }
-    }
-
-    /**
-     * Verify a signature with the message, key and method. Not all methods
-     * are symmetric, so we must have a separate verify and sign method.
-     *
-     * @param string            $msg        The original message (header and body)
-     * @param string            $signature  The original signature
-     * @param string|resource   $key        For HS*, a string key works. for RS*, must be a resource of an openssl public key
-     * @param string            $alg        The algorithm
-     *
-     * @return bool
-     *
-     * @throws DomainException Invalid Algorithm or OpenSSL failure
-     */
-    private static function verify($msg, $signature, $key, $alg)
-    {
-        if (empty(static::$supported_algs[$alg])) {
-            throw new DomainException('Algorithm not supported');
-        }
-
-        list($function, $algorithm) = static::$supported_algs[$alg];
-        switch($function) {
-            case 'openssl':
-                $success = openssl_verify($msg, $signature, $key, $algorithm);
-                if (!$success) {
-                    throw new DomainException("OpenSSL unable to verify data: " . openssl_error_string());
-                } else {
-                    return $signature;
-                }
-            case 'hash_hmac':
-            default:
-                $hash = hash_hmac($algorithm, $msg, $key, true);
-                if (function_exists('hash_equals')) {
-                    return hash_equals($signature, $hash);
-                }
-                $len = min(static::safeStrlen($signature), static::safeStrlen($hash));
-
-                $status = 0;
-                for ($i = 0; $i < $len; $i++) {
-                    $status |= (ord($signature[$i]) ^ ord($hash[$i]));
-                }
-                $status |= (static::safeStrlen($signature) ^ static::safeStrlen($hash));
-
-                return ($status === 0);
-        }
-    }
-
-    /**
-     * Decode a JSON string into a PHP object.
-     *
-     * @param string $input JSON string
-     *
-     * @return object Object representation of JSON string
-     *
-     * @throws DomainException Provided string was invalid JSON
-     */
-    public static function jsonDecode($input)
-    {
-        if (version_compare(PHP_VERSION, '5.4.0', '>=') && !(defined('JSON_C_VERSION') && PHP_INT_SIZE > 4)) {
-            /** In PHP >=5.4.0, json_decode() accepts an options parameter, that allows you
-             * to specify that large ints (like Steam Transaction IDs) should be treated as
-             * strings, rather than the PHP default behaviour of converting them to floats.
-             */
-            $obj = json_decode($input, false, 512, JSON_BIGINT_AS_STRING);
-        } else {
-            /** Not all servers will support that, however, so for older versions we must
-             * manually detect large ints in the JSON string and quote them (thus converting
-             *them to strings) before decoding, hence the preg_replace() call.
-             */
-            $max_int_length = strlen((string) PHP_INT_MAX) - 1;
-            $json_without_bigints = preg_replace('/:\s*(-?\d{'.$max_int_length.',})/', ': "$1"', $input);
-            $obj = json_decode($json_without_bigints);
-        }
-
-        if (function_exists('json_last_error') && $errno = json_last_error()) {
-            static::handleJsonError($errno);
-        } elseif ($obj === null && $input !== 'null') {
-            throw new DomainException('Null result with non-null input');
-        }
-        return $obj;
-    }
-
-    /**
-     * Encode a PHP object into a JSON string.
-     *
-     * @param object|array $input A PHP object or array
-     *
-     * @return string JSON representation of the PHP object or array
-     *
-     * @throws DomainException Provided object could not be encoded to valid JSON
-     */
-    public static function jsonEncode($input)
-    {
-        $json = json_encode($input);
-        if (function_exists('json_last_error') && $errno = json_last_error()) {
-            static::handleJsonError($errno);
-        } elseif ($json === 'null' && $input !== null) {
-            throw new DomainException('Null result with non-null input');
-        }
-        return $json;
-    }
-
-    /**
-     * Decode a string with URL-safe Base64.
-     *
-     * @param string $input A Base64 encoded string
-     *
-     * @return string A decoded string
-     */
-    public static function urlsafeB64Decode($input)
-    {
-        $remainder = strlen($input) % 4;
-        if ($remainder) {
-            $padlen = 4 - $remainder;
-            $input .= str_repeat('=', $padlen);
-        }
-        return base64_decode(strtr($input, '-_', '+/'));
-    }
-
-    /**
-     * Encode a string with URL-safe Base64.
-     *
-     * @param string $input The string you want encoded
-     *
-     * @return string The base64 encode of what you passed in
-     */
-    public static function urlsafeB64Encode($input)
-    {
-        return str_replace('=', '', strtr(base64_encode($input), '+/', '-_'));
-    }
-
-    /**
-     * Helper method to create a JSON error.
-     *
-     * @param int $errno An error number from json_last_error()
-     *
-     * @return void
-     */
-    private static function handleJsonError($errno)
-    {
-        $messages = array(
-            JSON_ERROR_DEPTH => 'Maximum stack depth exceeded',
-            JSON_ERROR_CTRL_CHAR => 'Unexpected control character found',
-            JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON'
-        );
-        throw new DomainException(
-            isset($messages[$errno])
-            ? $messages[$errno]
-            : 'Unknown JSON error: ' . $errno
-        );
-    }
-
-    /**
-     * Get the number of bytes in cryptographic strings.
-     *
-     * @param string
-     *
-     * @return int
-     */
-    private static function safeStrlen($str)
-    {
-        if (function_exists('mb_strlen')) {
-            return mb_strlen($str, '8bit');
-        }
-        return strlen($str);
-    }
-}

plugin/onlyoffice/3rdparty/jwt/LICENSE.txt

@@ -1,30 +0,0 @@
-Copyright (c) 2011, Neuman Vong
-
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-    * Redistributions of source code must retain the above copyright
-      notice, this list of conditions and the following disclaimer.
-
-    * Redistributions in binary form must reproduce the above
-      copyright notice, this list of conditions and the following
-      disclaimer in the documentation and/or other materials provided
-      with the distribution.
-
-    * Neither the name of Neuman Vong nor the names of other
-      contributors may be used to endorse or promote products derived
-      from this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

plugin/onlyoffice/3rdparty/jwt/SignatureInvalidException.php

@@ -1,7 +0,0 @@
-<?php
-namespace Firebase\JWT;
-
-class SignatureInvalidException extends \UnexpectedValueException
-{
-
-}

plugin/onlyoffice/CHANGELOG.md

@@ -2,6 +2,16 @@
 
 This plugin is developed and maintained at https://github.com/ONLYOFFICE/onlyoffice-chamilo.
 
+## 1.4.1
+## Changed
+- minor fixes
+
+## 1.4.0
+## Added
+- using onlyoffice/docs-integration-sdk
+- default empty file templates
+- Arabic, Serbian, Finnish, Hebrew, Norwegian, Slovenian empty file templates
+
 ## 1.3.0
 ## Added
 - Chinese (Taiwan), Basque (Spain), Malay (Malaysia), and Galician empty file templates

plugin/onlyoffice/README.md

@@ -175,18 +175,18 @@ The table below will help you to make the right choice.
 | Font and paragraph formatting   | + | + |
 | Object insertion                | + | + |
 | Transitions                     | + | + |
+| Animations                      | + | + |
 | Presenter mode                  | + | + |
 | Notes                           | + | + |
 | **Form creator features** | **Community Edition** | **Enterprise Edition** |
 | Adding form fields           | + | + |
 | Form preview                    | + | + |
 | Saving as PDF                   | + | + |
+| **Working with PDF**      | **Community Edition** | **Enterprise Edition** |
+| Text annotations (highlight, underline, cross out) | + | + |
+| Comments                        | + | + |
+| Freehand drawings               | + | + |
+| Form filling                    | + | + |
 | | [Get it now](https://www.onlyoffice.com/download-docs.aspx?utm_source=github&utm_medium=cpc&utm_campaign=GitHubChamilo#docs-community)  | [Start Free Trial](https://www.onlyoffice.com/download-docs.aspx?utm_source=github&utm_medium=cpc&utm_campaign=GitHubChamilo#docs-enterprise)  |
 
-\* If supported by DMS.
-
-## Note on SSL
-
-As for all SSL to non-SSL communication, this plugin will not work fully if your
-Chamilo portal works in HTTP and your OnlyOffice Document server works in HTTPS, or vice-versa.
-You will need to ensure the same protocol on both sides. 
+\* If supported by DMS.

plugin/onlyoffice/ajax/saveas.php

@@ -1,7 +1,6 @@
 <?php
 /**
- *
- * (c) Copyright Ascensio System SIA 2023
+ * (c) Copyright Ascensio System SIA 2024.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -14,7 +13,6 @@
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
- *
  */
 
 require_once __DIR__.'/../../../main/inc/global.inc.php';
@@ -25,16 +23,16 @@ $userId = api_get_user_id();
 
 $body = json_decode(file_get_contents('php://input'), true);
 
-$title = $body["title"];
-$url = $body["url"];
+$title = $body['title'];
+$url = $body['url'];
 
-$folderId = !empty($body["folderId"]) ? $body["folderId"] : 0;
-$sessionId = !empty($body["sessionId"]) ? $body["sessionId"] : 0;
-$courseId = !empty($body["courseId"]) ? $body["courseId"] : 0;
-$groupId = !empty($body["groupId"]) ? $body["groupId"] : 0;
+$folderId = !empty($body['folderId']) ? $body['folderId'] : 0;
+$sessionId = !empty($body['sessionId']) ? $body['sessionId'] : 0;
+$courseId = !empty($body['courseId']) ? $body['courseId'] : 0;
+$groupId = !empty($body['groupId']) ? $body['groupId'] : 0;
 
 $courseInfo = api_get_course_info_by_id($courseId);
-$courseCode = $courseInfo["code"];
+$courseCode = $courseInfo['code'];
 
 $isMyDir = false;
 if (!empty($folderId)) {
@@ -46,21 +44,22 @@ if (!empty($folderId)) {
     );
     $isMyDir = DocumentManager::is_my_shared_folder(
         $userId,
-        $folderInfo["absolute_path"],
+        $folderInfo['absolute_path'],
         $sessionId
     );
 }
-$groupRights = Session::read("group_member_with_upload_rights");
+$groupRights = Session::read('group_member_with_upload_rights');
 $isAllowToEdit = api_is_allowed_to_edit(true, true);
 if (!($isAllowToEdit || $isMyDir || $groupRights)) {
-    echo json_encode(["error" => "Not permitted"]);
+    echo json_encode(['error' => 'Not permitted']);
+
     return;
 }
 
 $fileExt = strtolower(pathinfo($title, PATHINFO_EXTENSION));
 $baseName = strtolower(pathinfo($title, PATHINFO_FILENAME));
 
-$result = FileUtility::createFile(
+$result = OnlyofficeDocumentManager::createFile(
     $baseName,
     $fileExt,
     $folderId,
@@ -71,16 +70,17 @@ $result = FileUtility::createFile(
     $url
 );
 
-if (isset($result["error"])) {
-    if ($result["error"] === "fileIsExist") {
-        $result["error"] = "File is exist";
+if (isset($result['error'])) {
+    if ('fileIsExist' === $result['error']) {
+        $result['error'] = 'File already exists';
     }
-    if ($result["error"] === "impossibleCreateFile") {
-        $result["error"] = "Impossible to create file";
+    if ('impossibleCreateFile' === $result['error']) {
+        $result['error'] = 'Impossible to create file';
     }
 
     echo json_encode($result);
+
     return;
 }
 
-echo json_encode(["success" => "File is created"]);
+echo json_encode(['success' => 'File is created']);

plugin/onlyoffice/assets/README.md

@@ -3,3 +3,4 @@
 Template files used to create new documents and documents with sample content in: 
 
 * [Chamilo ONLYOFFICE integration plugin](https://github.com/onlyoffice/onlyoffice-chamilo)
+