You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
223 lines
7.3 KiB
223 lines
7.3 KiB
<?php
|
|
/*
|
|
* Copyright (C) Ascensio System SIA, 2009-2026
|
|
*
|
|
* This program is a free software product. You can redistribute it and/or
|
|
* modify it under the terms of the GNU Affero General Public License (AGPL)
|
|
* version 3 as published by the Free Software Foundation, together with the
|
|
* additional terms provided in the LICENSE file.
|
|
*
|
|
* This program is distributed WITHOUT ANY WARRANTY; without even the implied
|
|
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. For
|
|
* details, see the GNU AGPL at: https://www.gnu.org/licenses/agpl-3.0.html
|
|
*
|
|
* You can contact Ascensio System SIA by email at info@onlyoffice.com
|
|
* or by postal mail at 20A-6 Ernesta Birznieka-Upisha Street, Riga,
|
|
* LV-1050, Latvia, European Union.
|
|
*
|
|
* The interactive user interfaces in modified versions of the Program
|
|
* are required to display Appropriate Legal Notices in accordance with
|
|
* Section 5 of the GNU AGPL version 3.
|
|
*
|
|
* No trademark rights are granted under this License.
|
|
*
|
|
* All non-code elements of the Product, including illustrations,
|
|
* icon sets, and technical writing content, are licensed under the
|
|
* Creative Commons Attribution-ShareAlike 4.0 International License:
|
|
* https://creativecommons.org/licenses/by-sa/4.0/legalcode
|
|
*
|
|
* This license applies only to such non-code elements and does not
|
|
* modify or replace the licensing terms applicable to the Program's
|
|
* source code, which remains licensed under the GNU Affero General
|
|
* Public License v3.
|
|
*
|
|
* SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
|
|
namespace OCA\Onlyoffice;
|
|
|
|
use OCP\AppFramework\Http\ContentSecurityPolicy;
|
|
use OCP\AppFramework\Http\Response;
|
|
use OCP\AppFramework\Http\TemplateResponse;
|
|
use OCP\DirectEditing\IEditor;
|
|
use OCP\DirectEditing\IToken;
|
|
use OCP\IL10N;
|
|
use Psr\Log\LoggerInterface;
|
|
|
|
/**
|
|
* Direct Editor
|
|
*
|
|
* @package OCA\Onlyoffice
|
|
*/
|
|
class DirectEditor implements IEditor {
|
|
|
|
public function __construct(
|
|
private readonly string $appName,
|
|
private readonly IL10N $trans,
|
|
private readonly LoggerInterface $logger,
|
|
private readonly AppConfig $appConfig,
|
|
private readonly Crypt $crypt
|
|
) {}
|
|
|
|
/**
|
|
* Return a unique identifier for the editor
|
|
*/
|
|
public function getId(): string {
|
|
return $this->appName;
|
|
}
|
|
|
|
/**
|
|
* Return a readable name for the editor
|
|
*/
|
|
public function getName(): string {
|
|
return "ONLYOFFICE";
|
|
}
|
|
|
|
/**
|
|
* A list of mimetypes that should open the editor by default
|
|
*/
|
|
public function getMimetypes(): array {
|
|
$mimes = [];
|
|
if (!$this->appConfig->isUserAllowedToUse()) {
|
|
return $mimes;
|
|
}
|
|
|
|
$formats = $this->appConfig->formatsSetting();
|
|
foreach ($formats as $setting) {
|
|
if (array_key_exists("def", $setting) && $setting["def"]) {
|
|
$mimes[] = $setting["mime"][0];
|
|
}
|
|
}
|
|
|
|
return $mimes;
|
|
}
|
|
|
|
/**
|
|
* A list of mimetypes that can be opened in the editor optionally
|
|
*/
|
|
public function getMimetypesOptional(): array {
|
|
$mimes = [];
|
|
if (!$this->appConfig->isUserAllowedToUse()) {
|
|
return $mimes;
|
|
}
|
|
|
|
$formats = $this->appConfig->formatsSetting();
|
|
foreach ($formats as $setting) {
|
|
if (!array_key_exists("def", $setting) || !$setting["def"]) {
|
|
$mimes[] = $setting["mime"][0];
|
|
}
|
|
}
|
|
|
|
return $mimes;
|
|
}
|
|
|
|
/**
|
|
* Return a list of file creation options to be presented to the user
|
|
*
|
|
* @return array of ACreateFromTemplate|ACreateEmpty
|
|
*/
|
|
public function getCreators(): array {
|
|
if (!$this->appConfig->isUserAllowedToUse()) {
|
|
return [];
|
|
}
|
|
|
|
return [
|
|
new FileCreator($this->appName, $this->trans, $this->logger, "docx"),
|
|
new FileCreator($this->appName, $this->trans, $this->logger, "xlsx"),
|
|
new FileCreator($this->appName, $this->trans, $this->logger, "pptx")
|
|
];
|
|
}
|
|
|
|
/**
|
|
* Return if the view is able to securely view a file without downloading it to the browser
|
|
*/
|
|
public function isSecure(): bool {
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Return a template response for displaying the editor
|
|
*
|
|
* open can only be called once when the client requests the editor with a one-time-use token
|
|
* For handling editing and later requests, editors need to implement their own token handling
|
|
* and take care of invalidation
|
|
*
|
|
* @param IToken $token - one time token
|
|
*/
|
|
public function open(IToken $token): Response {
|
|
try {
|
|
$token->useTokenScope();
|
|
$file = $token->getFile();
|
|
$fileId = $file->getId();
|
|
$userId = $token->getUser();
|
|
|
|
$this->logger->debug("DirectEditor open: $fileId");
|
|
|
|
if (!$this->appConfig->isUserAllowedToUse($userId)) {
|
|
return $this->renderError($this->trans->t("Not permitted"));
|
|
}
|
|
|
|
if ($this->appConfig->getRestrictExternalStorage()
|
|
&& $file->getMountPoint() instanceof \OCA\Files_External\Config\ExternalMountPoint) {
|
|
return $this->renderError($this->trans->t("Opening files with ONLYOFFICE from external storages is restricted. Please contact the admin."));
|
|
}
|
|
|
|
$documentServerUrl = $this->appConfig->getDocumentServerUrl();
|
|
|
|
if (empty($documentServerUrl)) {
|
|
$this->logger->error("documentServerUrl is empty");
|
|
return $this->renderError($this->trans->t("ONLYOFFICE app is not configured. Please contact admin"));
|
|
}
|
|
|
|
$directToken = $this->crypt->getHash([
|
|
"userId" => $userId,
|
|
"fileId" => $fileId,
|
|
"action" => "direct",
|
|
"iat" => time(),
|
|
"exp" => time() + 30
|
|
]);
|
|
|
|
$filePath = $file->getPath();
|
|
$filePath = preg_replace("/^\/" . $userId . "\/files/", "", (string) $filePath);
|
|
|
|
$params = [
|
|
"fileId" => null,
|
|
"filePath" => $filePath,
|
|
"shareToken" => null,
|
|
"directToken" => $directToken,
|
|
"isTemplate" => false,
|
|
"inframe" => false,
|
|
"inviewer" => false,
|
|
"anchor" => null
|
|
];
|
|
|
|
$response = new TemplateResponse($this->appName, "editor", $params, "base");
|
|
|
|
$csp = new ContentSecurityPolicy();
|
|
|
|
if (preg_match("/^https?:\/\//i", $documentServerUrl)) {
|
|
$csp->addAllowedScriptDomain($documentServerUrl);
|
|
$csp->addAllowedFrameDomain($documentServerUrl);
|
|
} else {
|
|
$csp->addAllowedFrameDomain("'self'");
|
|
}
|
|
$response->setContentSecurityPolicy($csp);
|
|
|
|
return $response;
|
|
} catch (\Exception $e) {
|
|
$this->logger->error($e->getMessage(), ["exception" => $e]);
|
|
return $this->renderError($e->getMessage());
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Print error page
|
|
*
|
|
* @param string $error - error message
|
|
*/
|
|
private function renderError(string $error): TemplateResponse {
|
|
return new TemplateResponse($this->appName, "directeditorerror", [
|
|
"error" => $error
|
|
], TemplateResponse::RENDER_AS_ERROR);
|
|
}
|
|
}
|
|
|