Merge branch 'develop' into bugfix/render-optimization

build/build.static.bat

@@ -12,9 +12,6 @@ call yarn build
 REM call yarn wipe
 call yarn deploy
 
-REM copy public files to deploy folder
-xcopy public\*.* build\deploy\public\ /E /R /Y
-
 REM copy nginx configurations to deploy folder
 xcopy config\nginx\onlyoffice.conf build\deploy\nginx\ /E /R /Y
 powershell -Command "(gc build\deploy\nginx\onlyoffice.conf) -replace '#', '' | Out-File -encoding ASCII build\deploy\nginx\onlyoffice.conf"

common/ASC.Api.Core/Auth/ConfirmAuthHandler.cs

@@ -99,7 +99,7 @@ protected override Task<AuthenticateResult> HandleAuthenticateAsync()
                     userId = SecurityContext.CurrentAccount.ID;
                 }
 
-                SecurityContext.AuthenticateMe(userId, claims);
+                SecurityContext.AuthenticateMeWithoutCookie(userId, claims);
             }
 
             var result = checkKeyResult switch

common/ASC.Api.Core/Core/ApiContext.cs

@@ -225,7 +225,7 @@ public void AuthByClaim()
             var id = HttpContextAccessor.HttpContext.User.Claims.FirstOrDefault(r => r.Type == ClaimTypes.Sid);
             if (Guid.TryParse(id?.Value, out var userId))
             {
-                SecurityContext.AuthenticateMe(userId);
+                SecurityContext.AuthenticateMeWithoutCookie(userId);
             }
         }
     }

common/ASC.Core.Common/Context/SecurityContext.cs

@@ -165,7 +165,7 @@ public bool AuthenticateMe(string cookie)
                             return false;
                         }
 
-                        AuthenticateMe(new UserAccount(new UserInfo { ID = userid }, tenant, UserFormatter));
+                        AuthenticateMeWithoutCookie(new UserAccount(new UserInfo { ID = userid }, tenant, UserFormatter));
 
                         return true;
                     }
@@ -199,12 +199,24 @@ public bool AuthenticateMe(string cookie)
         }
 
         public string AuthenticateMe(IAccount account, List<Claim> additionalClaims = null)
+        {
+            AuthenticateMeWithoutCookie(account, additionalClaims);
+
+            string cookie = null;
+
+            if (account is IUserAccount)
+            {
+                cookie = CookieStorage.EncryptCookie(TenantManager.GetCurrentTenant().TenantId, account.ID);
+            }
+
+            return cookie;
+        }
+
+        public void AuthenticateMeWithoutCookie(IAccount account, List<Claim> additionalClaims = null)
         {
             if (account == null || account.Equals(Configuration.Constants.Guest)) throw new InvalidCredentialException("account");
 
             var roles = new List<string> { Role.Everyone };
-            string cookie = null;
-
 
             if (account is ISystemAccount && account.ID == Configuration.Constants.CoreSystem.ID)
             {
@@ -241,7 +253,6 @@ public string AuthenticateMe(IAccount account, List<Claim> additionalClaims = nu
                 roles.Add(Role.Users);
 
                 account = new UserAccount(u, TenantManager.GetCurrentTenant().TenantId, UserFormatter);
-                cookie = CookieStorage.EncryptCookie(TenantManager.GetCurrentTenant().TenantId, account.ID);
             }
 
             var claims = new List<Claim>
@@ -256,8 +267,6 @@ public string AuthenticateMe(IAccount account, List<Claim> additionalClaims = nu
                 claims.AddRange(additionalClaims);
             }
             AuthContext.Principal = new CustomClaimsPrincipal(new ClaimsIdentity(account, claims), account);
-
-            return cookie;
         }
 
         public string AuthenticateMe(Guid userId, List<Claim> additionalClaims = null)
@@ -266,6 +275,12 @@ public string AuthenticateMe(Guid userId, List<Claim> additionalClaims = null)
             return AuthenticateMe(account, additionalClaims);
         }
 
+        public void AuthenticateMeWithoutCookie(Guid userId, List<Claim> additionalClaims = null)
+        {
+            var account = Authentication.GetAccountByID(TenantManager.GetCurrentTenant().TenantId, userId);
+            AuthenticateMeWithoutCookie(account, additionalClaims);
+        }
+
         public void Logout()
         {
             AuthContext.Logout();

common/ASC.Data.Reassigns/ReassignProgressItem.cs

@@ -109,7 +109,7 @@ protected override void DoJob()
                 Percentage = 0;
                 Status = DistributedTaskStatus.Running;
 
-                securityContext.AuthenticateMe(_currentUserId);
+                securityContext.AuthenticateMeWithoutCookie(_currentUserId);
 
                 logger.InfoFormat("reassignment of data from {0} to {1}", FromUser, ToUser);
 

common/ASC.Data.Reassigns/RemoveProgressItem.cs

@@ -106,7 +106,7 @@ protected override void DoJob()
                 Percentage = 0;
                 Status = DistributedTaskStatus.Running;
 
-                securityContext.AuthenticateMe(_currentUserId);
+                securityContext.AuthenticateMeWithoutCookie(_currentUserId);
 
                 long crmSpace;
                 GetUsageSpace(webItemManagerSecurity, out var docsSpace, out var mailSpace, out var talkSpace);

common/ASC.Data.Storage/StaticUploader.cs

@@ -209,7 +209,7 @@ public string DoJob()
                 var (tenantManager, _, securityContext, settingsManager, storageSettingsHelper) = scopeClass;
                 var tenant = tenantManager.GetTenant(tenantId);
                 tenantManager.SetCurrentTenant(tenant);
-                securityContext.AuthenticateMe(tenant.OwnerId);
+                securityContext.AuthenticateMeWithoutCookie(tenant.OwnerId);
 
                 var dataStore = storageSettingsHelper.DataStore(settingsManager.Load<CdnStorageSettings>());
 

common/ASC.Data.Storage/StorageUploader.cs

@@ -159,7 +159,7 @@ protected override void DoJob()
                 var tenant = tenantManager.GetTenant(tenantId);
                 tenantManager.SetCurrentTenant(tenant);
 
-                securityContext.AuthenticateMe(tenant.OwnerId);
+                securityContext.AuthenticateMeWithoutCookie(tenant.OwnerId);
 
                 foreach (var module in Modules)
                 {

common/ASC.VoipService/Twilio/TwilioResponseHelper.cs

@@ -162,7 +162,7 @@ public VoiceResponse Redirect(string to)
 
             if (Guid.TryParse(to, out var newCallerId))
             {
-                SecurityContext.AuthenticateMe(newCallerId);
+                SecurityContext.AuthenticateMeWithoutCookie(newCallerId);
             }
 
             return new VoiceResponse().Enqueue(settings.Queue.Name, GetEcho("enqueue"), "POST",

common/services/ASC.Data.Backup/Storage/DocumentsBackupStorage.cs

@@ -75,12 +75,12 @@ public string Upload(string folderId, string localPath, Guid userId)
             TenantManager.SetCurrentTenant(TenantId);
             if (!userId.Equals(Guid.Empty))
             {
-                SecurityContext.AuthenticateMe(userId);
+                SecurityContext.AuthenticateMeWithoutCookie(userId);
             }
             else
             {
                 var tenant = TenantManager.GetTenant(TenantId);
-                SecurityContext.AuthenticateMe(tenant.OwnerId);
+                SecurityContext.AuthenticateMeWithoutCookie(tenant.OwnerId);
             }
 
             if (int.TryParse(folderId, out var fId))

common/services/ASC.Feed.Aggregator/Service/FeedAggregatorService.cs

@@ -273,7 +273,7 @@ private static bool TryAuthenticate(SecurityContext securityContext, AuthManager
         {
             try
             {
-                securityContext.AuthenticateMe(authManager.GetAccountByID(tenantId, userid));
+                securityContext.AuthenticateMeWithoutCookie(authManager.GetAccountByID(tenantId, userid));
                 return true;
             }
             catch

products/ASC.CRM/Server/Classes/VoipEngine.cs

@@ -268,7 +268,7 @@ private void SaveAdditionalInfoAction(QueueItem queueItem)
                     voipEngine.SaveOrUpdateCall(call);
                 }
 
-                _securityContext.AuthenticateMe(call.AnsweredBy);
+                _securityContext.AuthenticateMeWithoutCookie(call.AnsweredBy);
                 AddHistoryToCallContact(call, _daoFactory);
 
             }

products/ASC.CRM/Server/Middlewares/WebToLeadFromHandlerMiddleware.cs

@@ -128,7 +128,7 @@ public async System.Threading.Tasks.Task Invoke(HttpContext context,
 
                 _context = context;
 
-                SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem);
+                SecurityContext.AuthenticateMeWithoutCookie(ASC.Core.Configuration.Constants.CoreSystem);
 
                 if (!CheckPermission())
                 {

products/ASC.CRM/Server/Services/NotifyService/NotifyClient.cs

@@ -323,13 +323,13 @@ public void SendAutoReminderAboutTask(DateTime scheduleDate)
                 try
                 {
                     tenantManager.SetCurrentTenant(tenant);
-                    securityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem);
+                    securityContext.AuthenticateMeWithoutCookie(ASC.Core.Configuration.Constants.CoreSystem);
 
                     var user = userManager.GetUsers(responsibleID);
 
                     if (!(!Constants.LostUser.Equals(user) && user.Status == EmployeeStatus.Active)) continue;
 
-                    securityContext.AuthenticateMe(user.ID);
+                    securityContext.AuthenticateMeWithoutCookie(user.ID);
 
                     Thread.CurrentThread.CurrentCulture = user.GetCulture();
                     Thread.CurrentThread.CurrentUICulture = user.GetCulture();

products/ASC.CRM/Server/Utils/ExportToCSV.cs

@@ -209,7 +209,7 @@ protected override void DoJob()
             try
             {
                 _tenantManager.SetCurrentTenant(_tenantId);
-                _securityContext.AuthenticateMe(_author);
+                _securityContext.AuthenticateMeWithoutCookie(_author);
 
                 var userCulture = _userManager.GetUsers(_securityContext.CurrentAccount.ID).GetCulture();
 
@@ -413,7 +413,7 @@ private void ExportPartData(DaoFactory daoFactory)
 
         private String ExportContactsToCsv(IReadOnlyCollection<Contact> contacts, StringDictionary contactInfos, DaoFactory daoFactory)
         {
-            var key = (string)Id;
+            var key = Id;
             var listItemDao = daoFactory.GetListItemDao();
             var tagDao = daoFactory.GetTagDao();
             var customFieldDao = daoFactory.GetCustomFieldDao();
@@ -649,7 +649,7 @@ private String ExportContactsToCsv(IReadOnlyCollection<Contact> contacts, String
 
         private String ExportDealsToCsv(IEnumerable<Deal> deals, DaoFactory daoFactory)
         {
-            var key = (string)Id;
+            var key = Id;
             var tagDao = daoFactory.GetTagDao();
             var customFieldDao = daoFactory.GetCustomFieldDao();
             var dealMilestoneDao = daoFactory.GetDealMilestoneDao();
@@ -823,7 +823,7 @@ private String ExportDealsToCsv(IEnumerable<Deal> deals, DaoFactory daoFactory)
 
         private String ExportCasesToCsv(IEnumerable<ASC.CRM.Core.Entities.Cases> cases, DaoFactory daoFactory)
         {
-            var key = (string)Id;
+            var key = Id;
             var tagDao = daoFactory.GetTagDao();
             var customFieldDao = daoFactory.GetCustomFieldDao();
 
@@ -886,7 +886,7 @@ private String ExportCasesToCsv(IEnumerable<ASC.CRM.Core.Entities.Cases> cases,
 
         private String ExportHistoryToCsv(IEnumerable<RelationshipEvent> events, DaoFactory daoFactory)
         {
-            var key = (string)Id;
+            var key = Id;
             var listItemDao = daoFactory.GetListItemDao();
             var dealDao = daoFactory.GetDealDao();
             var casesDao = daoFactory.GetCasesDao();
@@ -998,7 +998,7 @@ private String ExportHistoryToCsv(IEnumerable<RelationshipEvent> events, DaoFact
 
         private String ExportTasksToCsv(IEnumerable<Task> tasks, DaoFactory daoFactory)
         {
-            var key = (string)Id;
+            var key = Id;
             var listItemDao = daoFactory.GetListItemDao();
             var dealDao = daoFactory.GetDealDao();
             var casesDao = daoFactory.GetCasesDao();
@@ -1113,7 +1113,7 @@ private String ExportTasksToCsv(IEnumerable<Task> tasks, DaoFactory daoFactory)
 
         private String ExportInvoiceItemsToCsv(IEnumerable<InvoiceItem> invoiceItems, DaoFactory daoFactory)
         {
-            var key = (string)Id;
+            var key = Id;
             var taxes = daoFactory.GetInvoiceTaxDao().GetAll();
             var dataTable = new DataTable();
 

products/ASC.CRM/Server/Utils/Import/CSV/ImportDataOperation.cs

@@ -172,7 +172,7 @@ protected override void DoJob()
                     throw new Exception("Is not configure. Please, call configure method.");
 
                 _tenantManager.SetCurrentTenant(_tenantID);
-                _securityContext.AuthenticateMe(_author);
+                _securityContext.AuthenticateMeWithoutCookie(_author);
 
                 var userCulture = _userManager.GetUsers(_securityContext.CurrentAccount.ID).GetCulture();
 

products/ASC.CRM/Server/Utils/MailSender.cs

@@ -195,7 +195,7 @@ protected override void DoJob()
             try
             {
                 _tenantManager.SetCurrentTenant(_tenantID);
-                _securityContext.AuthenticateMe(_authManager.GetAccountByID(_tenantID, _currUser));
+                _securityContext.AuthenticateMeWithoutCookie(_authManager.GetAccountByID(_tenantID, _currUser));
 
                 smtpClient = GetSmtpClient();
 

products/ASC.CRM/Server/Utils/PdfQueueWorker.cs

@@ -154,7 +154,7 @@ protected override void DoJob()
 
                 _tenantManager.SetCurrentTenant(_tenantId);
 
-                _securityContext.AuthenticateMe(_userId);
+                _securityContext.AuthenticateMeWithoutCookie(_userId);
 
                 //if (HttpContext.Current == null && !WorkContext.IsMono)
                 //{

products/ASC.Calendar/Server/Controllers/CalendarController.cs

@@ -842,7 +842,7 @@ public void UpdateCaldavEvent(CaldavEventModel caldavEventModel)
                     {
                         foreach (var responsibleSid in responsibles)
                         {
-                            SecurityContext.AuthenticateMe(Guid.Parse(responsibleSid));
+                            SecurityContext.AuthenticateMeWithoutCookie(Guid.Parse(responsibleSid));
 
                             var calendarIcs = GetCalendariCalString(calendarId, true);
                             var parseCalendar = DDayICalParser.DeserializeCalendar(calendarIcs);
@@ -900,7 +900,7 @@ public void UpdateCaldavEvent(CaldavEventModel caldavEventModel)
                         SecurityContext.Logout();
                         if (currentUserId != Guid.Empty)
                         {
-                            SecurityContext.AuthenticateMe(currentUserId);
+                            SecurityContext.AuthenticateMeWithoutCookie(currentUserId);
                         }
                     }         
                 }
@@ -1174,7 +1174,7 @@ public IActionResult GetCalendariCalStream(string calendarId, string signature)
                 }
                 try
                 {
-                    SecurityContext.AuthenticateMe(userId);
+                    SecurityContext.AuthenticateMeWithoutCookie(userId);
                     var icalFormat = GetCalendariCalString(calendarId);
                     if (icalFormat != null)
                     {
@@ -1187,7 +1187,7 @@ public IActionResult GetCalendariCalStream(string calendarId, string signature)
                     AuthContext.Logout();
                     if (currentUserId != Guid.Empty)
                     {
-                        SecurityContext.AuthenticateMe(currentUserId);
+                        SecurityContext.AuthenticateMeWithoutCookie(currentUserId);
                     }
                 }
             }
@@ -4168,7 +4168,7 @@ private void UpdateCalDavEvent(string change, Uri calDavUrl)
                                 var evt = DataProvider.GetEventById(Convert.ToInt32(currentEventId));
                                 calendarId = Convert.ToInt32(evt.CalendarId);
                                 ownerId = Guid.Parse(evt.OwnerId.ToString());
-                                SecurityContext.AuthenticateMe(ownerId);
+                                SecurityContext.AuthenticateMeWithoutCookie(ownerId);
                             }
                             else
                             {
@@ -4200,7 +4200,7 @@ private void UpdateCalDavEvent(string change, Uri calDavUrl)
                 }
                 try
                 {
-                    SecurityContext.AuthenticateMe(ownerId);
+                    SecurityContext.AuthenticateMeWithoutCookie(ownerId);
 
                     var webRequest = (HttpWebRequest)WebRequest.Create(eventURl);
                     webRequest.Method = "GET";
@@ -4384,7 +4384,7 @@ private void UpdateCalDavEvent(string change, Uri calDavUrl)
                     SecurityContext.Logout();
                     if (currentUserId != Guid.Empty)
                     {
-                        SecurityContext.AuthenticateMe(currentUserId);
+                        SecurityContext.AuthenticateMeWithoutCookie(currentUserId);
                     }
                 }
             }
@@ -4424,7 +4424,7 @@ private void DeleteCalDavEvent(string eventInfo, Uri myUri)
 
 
                 TenantManager.SetCurrentTenant(Convert.ToInt32(calendar[0][2]));
-                SecurityContext.AuthenticateMe(ownerId);
+                SecurityContext.AuthenticateMeWithoutCookie(ownerId);
 
                 var existEvent = DataProvider.GetEventIdByUid(eventGuid + "%", calendarId);
                 if (existEvent != null)
@@ -4457,7 +4457,7 @@ private void DeleteCalDavEvent(string eventInfo, Uri myUri)
                 if (existEvent != null)
                 {
                     TenantManager.SetCurrentTenant(existEvent.TenantId);
-                    SecurityContext.AuthenticateMe(existEvent.OwnerId);
+                    SecurityContext.AuthenticateMeWithoutCookie(existEvent.OwnerId);
                     var eventDeleteModel = new EventDeleteModel
                     {
                         Date = null,

products/ASC.Files/Core/HttpHandlers/ChunkedUploaderHandler.cs

@@ -200,7 +200,7 @@ private bool TryAuthorize<T>(ChunkedRequestHelper<T> request)
             if (request.Type(InstanceCrypto) == ChunkedRequestType.Initiate)
             {
                 TenantManager.SetCurrentTenant(request.TenantId);
-                SecurityContext.AuthenticateMe(AuthManager.GetAccountByID(TenantManager.GetCurrentTenant().TenantId, request.AuthKey(InstanceCrypto)));
+                SecurityContext.AuthenticateMeWithoutCookie(AuthManager.GetAccountByID(TenantManager.GetCurrentTenant().TenantId, request.AuthKey(InstanceCrypto)));
                 var cultureInfo = request.CultureInfo(SetupInfo);
                 if (cultureInfo != null)
                     Thread.CurrentThread.CurrentUICulture = cultureInfo;
@@ -213,7 +213,7 @@ private bool TryAuthorize<T>(ChunkedRequestHelper<T> request)
                 if (uploadSession != null)
                 {
                     TenantManager.SetCurrentTenant(uploadSession.TenantId);
-                    SecurityContext.AuthenticateMe(AuthManager.GetAccountByID(TenantManager.GetCurrentTenant().TenantId, uploadSession.UserId));
+                    SecurityContext.AuthenticateMeWithoutCookie(AuthManager.GetAccountByID(TenantManager.GetCurrentTenant().TenantId, uploadSession.UserId));
                     var culture = SetupInfo.EnabledCulturesPersonal.Find(c => string.Equals(c.Name, uploadSession.CultureName, StringComparison.InvariantCultureIgnoreCase));
                     if (culture != null)
                         Thread.CurrentThread.CurrentUICulture = culture;

products/ASC.Files/Core/HttpHandlers/docusignhandler.ashx.cs

@@ -242,7 +242,7 @@ private void Auth(string userIdString)
                 throw new Exception("DocuSign incorrect User ID: " + userIdString);
             }
 
-            SecurityContext.AuthenticateMe(userId);
+            SecurityContext.AuthenticateMeWithoutCookie(userId);
         }
 
         private static XmlNode GetSingleNode(XmlNode node, string xpath, XmlNamespaceManager mgr, bool canMiss = false)