You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
284 lines
8.2 KiB
284 lines
8.2 KiB
<?php
|
|
/**
|
|
*
|
|
* (c) Copyright Ascensio System SIA 2025
|
|
*
|
|
* This program is a free software product.
|
|
* You can redistribute it and/or modify it under the terms of the GNU Affero General Public License
|
|
* (AGPL) version 3 as published by the Free Software Foundation.
|
|
* In accordance with Section 7(a) of the GNU AGPL its Section 15 shall be amended to the effect
|
|
* that Ascensio System SIA expressly excludes the warranty of non-infringement of any third-party rights.
|
|
*
|
|
* This program is distributed WITHOUT ANY WARRANTY;
|
|
* without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
|
* For details, see the GNU AGPL at: http://www.gnu.org/licenses/agpl-3.0.html
|
|
*
|
|
* You can contact Ascensio System SIA at 20A-12 Ernesta Birznieka-Upisha street, Riga, Latvia, EU, LV-1050.
|
|
*
|
|
* The interactive user interfaces in modified source and object code versions of the Program
|
|
* must display Appropriate Legal Notices, as required under Section 5 of the GNU AGPL version 3.
|
|
*
|
|
* Pursuant to Section 7(b) of the License you must retain the original Product logo when distributing the program.
|
|
* Pursuant to Section 7(e) we decline to grant you any rights under trademark law for use of our trademarks.
|
|
*
|
|
* All the Product's GUI elements, including illustrations and icon sets, as well as technical
|
|
* writing content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0 International.
|
|
* See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode
|
|
*
|
|
*/
|
|
|
|
namespace OCA\Onlyoffice;
|
|
|
|
use OCP\AppFramework\Http\ContentSecurityPolicy;
|
|
use OCP\AppFramework\Http\Response;
|
|
use OCP\AppFramework\Http\TemplateResponse;
|
|
use OCP\DirectEditing\IEditor;
|
|
use OCP\DirectEditing\IToken;
|
|
use OCP\IL10N;
|
|
use OCP\IURLGenerator;
|
|
use Psr\Log\LoggerInterface;
|
|
|
|
/**
|
|
* Direct Editor
|
|
*
|
|
* @package OCA\Onlyoffice
|
|
*/
|
|
class DirectEditor implements IEditor {
|
|
|
|
/**
|
|
* Application name
|
|
*
|
|
* @var string
|
|
*/
|
|
private $appName;
|
|
|
|
/**
|
|
* Url generator service
|
|
*
|
|
* @var IURLGenerator
|
|
*/
|
|
private $urlGenerator;
|
|
|
|
/**
|
|
* l10n service
|
|
*
|
|
* @var IL10N
|
|
*/
|
|
private $trans;
|
|
|
|
/**
|
|
* Logger
|
|
*
|
|
* @var LoggerInterface
|
|
*/
|
|
private $logger;
|
|
|
|
/**
|
|
* Application configuration
|
|
*
|
|
* @var AppConfig
|
|
*/
|
|
private $config;
|
|
|
|
/**
|
|
* Hash generator
|
|
*
|
|
* @var Crypt
|
|
*/
|
|
private $crypt;
|
|
|
|
/**
|
|
* @param string $AppName - application name
|
|
* @param IURLGenerator $urlGenerator - url generator service
|
|
* @param IL10N $trans - l10n service
|
|
* @param LoggerInterface $logger - logger
|
|
* @param AppConfig $config - application configuration
|
|
* @param Crypt $crypt - hash generator
|
|
*/
|
|
public function __construct(
|
|
$AppName,
|
|
IURLGenerator $urlGenerator,
|
|
IL10N $trans,
|
|
LoggerInterface $logger,
|
|
AppConfig $config,
|
|
Crypt $crypt
|
|
) {
|
|
$this->appName = $AppName;
|
|
$this->urlGenerator = $urlGenerator;
|
|
$this->trans = $trans;
|
|
$this->logger = $logger;
|
|
$this->config = $config;
|
|
$this->crypt = $crypt;
|
|
}
|
|
|
|
/**
|
|
* Return a unique identifier for the editor
|
|
*
|
|
* @return string
|
|
*/
|
|
public function getId(): string {
|
|
return $this->appName;
|
|
}
|
|
|
|
/**
|
|
* Return a readable name for the editor
|
|
*
|
|
* @return string
|
|
*/
|
|
public function getName(): string {
|
|
return "ONLYOFFICE";
|
|
}
|
|
|
|
/**
|
|
* A list of mimetypes that should open the editor by default
|
|
*
|
|
* @return array
|
|
*/
|
|
public function getMimetypes(): array {
|
|
$mimes = array();
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return $mimes;
|
|
}
|
|
|
|
$formats = $this->config->formatsSetting();
|
|
foreach ($formats as $format => $setting) {
|
|
if (array_key_exists("def", $setting) && $setting["def"]) {
|
|
array_push($mimes, $setting["mime"][0]);
|
|
}
|
|
}
|
|
|
|
return $mimes;
|
|
}
|
|
|
|
/**
|
|
* A list of mimetypes that can be opened in the editor optionally
|
|
*
|
|
* @return array
|
|
*/
|
|
public function getMimetypesOptional(): array {
|
|
$mimes = array();
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return $mimes;
|
|
}
|
|
|
|
$formats = $this->config->formatsSetting();
|
|
foreach ($formats as $format => $setting) {
|
|
if (!array_key_exists("def", $setting) || !$setting["def"]) {
|
|
array_push($mimes, $setting["mime"][0]);
|
|
}
|
|
}
|
|
|
|
return $mimes;
|
|
}
|
|
|
|
/**
|
|
* Return a list of file creation options to be presented to the user
|
|
*
|
|
* @return array of ACreateFromTemplate|ACreateEmpty
|
|
*/
|
|
public function getCreators(): array {
|
|
if (!$this->config->isUserAllowedToUse()) {
|
|
return array();
|
|
}
|
|
|
|
return [
|
|
new FileCreator($this->appName, $this->trans, $this->logger, "docx"),
|
|
new FileCreator($this->appName, $this->trans, $this->logger, "xlsx"),
|
|
new FileCreator($this->appName, $this->trans, $this->logger, "pptx")
|
|
];
|
|
}
|
|
|
|
/**
|
|
* Return if the view is able to securely view a file without downloading it to the browser
|
|
*
|
|
* @return bool
|
|
*/
|
|
public function isSecure(): bool {
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Return a template response for displaying the editor
|
|
*
|
|
* open can only be called once when the client requests the editor with a one-time-use token
|
|
* For handling editing and later requests, editors need to implement their own token handling
|
|
* and take care of invalidation
|
|
*
|
|
* @param IToken $token - one time token
|
|
*
|
|
* @return Response
|
|
*/
|
|
public function open(IToken $token): Response {
|
|
try {
|
|
$token->useTokenScope();
|
|
$file = $token->getFile();
|
|
$fileId = $file->getId();
|
|
$userId = $token->getUser();
|
|
|
|
$this->logger->debug("DirectEditor open: $fileId");
|
|
|
|
if (!$this->config->isUserAllowedToUse($userId)) {
|
|
return $this->renderError($this->trans->t("Not permitted"));
|
|
}
|
|
|
|
$documentServerUrl = $this->config->getDocumentServerUrl();
|
|
|
|
if (empty($documentServerUrl)) {
|
|
$this->logger->error("documentServerUrl is empty");
|
|
return $this->renderError($this->trans->t("ONLYOFFICE app is not configured. Please contact admin"));
|
|
}
|
|
|
|
$directToken = $this->crypt->getHash([
|
|
"userId" => $userId,
|
|
"fileId" => $fileId,
|
|
"action" => "direct",
|
|
"iat" => time(),
|
|
"exp" => time() + 30
|
|
]);
|
|
|
|
$filePath = $file->getPath();
|
|
$filePath = preg_replace("/^\/" . $userId . "\/files/", "", $filePath);
|
|
|
|
$params = [
|
|
"fileId" => null,
|
|
"filePath" => $filePath,
|
|
"shareToken" => null,
|
|
"directToken" => $directToken,
|
|
"isTemplate" => false,
|
|
"inframe" => false,
|
|
"inviewer" => false,
|
|
"anchor" => null
|
|
];
|
|
|
|
$response = new TemplateResponse($this->appName, "editor", $params, "base");
|
|
|
|
$csp = new ContentSecurityPolicy();
|
|
|
|
if (preg_match("/^https?:\/\//i", $documentServerUrl)) {
|
|
$csp->addAllowedScriptDomain($documentServerUrl);
|
|
$csp->addAllowedFrameDomain($documentServerUrl);
|
|
} else {
|
|
$csp->addAllowedFrameDomain("'self'");
|
|
}
|
|
$response->setContentSecurityPolicy($csp);
|
|
|
|
return $response;
|
|
} catch (\Exception $e) {
|
|
$this->logger->error($e->getMessage(), ["exception" => $e]);
|
|
return $this->renderError($e->getMessage());
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Print error page
|
|
*
|
|
* @param string $error - error message
|
|
*
|
|
* @return TemplateResponse
|
|
*/
|
|
private function renderError($error) {
|
|
return new TemplateResponse($this->appName, "directeditorerror", [
|
|
"error" => $error
|
|
], TemplateResponse::RENDER_AS_ERROR);
|
|
}
|
|
}
|
|
|