From 54dc1d118478344fc32457e440302cd8fc04738e Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Thu, 16 Jan 2020 17:55:00 +0300 Subject: [PATCH 01/14] copyright 2020 --- appinfo/app.php | 2 +- appinfo/application.php | 2 +- appinfo/routes.php | 2 +- controller/callbackcontroller.php | 2 +- controller/editorcontroller.php | 2 +- controller/federationcontroller.php | 2 +- controller/settingscontroller.php | 2 +- css/editor.css | 2 +- css/main.css | 2 +- css/settings.css | 2 +- js/desktop.js | 2 +- js/directeditor.js | 2 +- js/editor.js | 2 +- js/main.js | 2 +- js/settings.js | 2 +- lib/adminsection.php | 2 +- lib/adminsettings.php | 2 +- lib/appconfig.php | 2 +- lib/crypt.php | 2 +- lib/directeditor.php | 2 +- lib/documentservice.php | 2 +- lib/filecreator.php | 2 +- lib/fileutility.php | 2 +- lib/templatemanager.php | 2 +- templates/editor.php | 2 +- templates/settings.php | 2 +- 26 files changed, 26 insertions(+), 26 deletions(-) diff --git a/appinfo/app.php b/appinfo/app.php index 17ad0f54..caef6e5f 100644 --- a/appinfo/app.php +++ b/appinfo/app.php @@ -1,7 +1,7 @@ Date: Fri, 17 Jan 2020 11:15:35 +0300 Subject: [PATCH 02/14] Fixed #214 goback (1ed0923bd422e2881f9b62eccfbb5ada6d496cf2) --- js/editor.js | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/js/editor.js b/js/editor.js index 44b0b9c0..edf40b00 100644 --- a/js/editor.js +++ b/js/editor.js @@ -72,17 +72,19 @@ params.push("directToken=" + encodeURIComponent(directToken)); } - var dsVersion = DocsAPI.DocEditor.version(); - var versionArray = dsVersion.split("."); - if (versionArray[0] < 5 || versionArray[1] < 5) { - if (OCA.Onlyoffice.inframe) { - window.parent.postMessage({ - method: "editorShowHeaderButton" - }); + if (OCA.Onlyoffice.inframe || directToken) { + var dsVersion = DocsAPI.DocEditor.version(); + var versionArray = dsVersion.split("."); + if (versionArray[0] < 5 || versionArray[1] < 5) { + if (OCA.Onlyoffice.inframe) { + window.parent.postMessage({ + method: "editorShowHeaderButton" + }); + } + params.push("inframe=2"); + } else { + params.push("inframe=1"); } - params.push("inframe=2"); - } else if (OCA.Onlyoffice.inframe) { - params.push("inframe=1"); } if (OCA.Onlyoffice.Desktop) { From 8192bd0bb35f40f46e94248e33e6ccc155e045e1 Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Fri, 17 Jan 2020 12:34:19 +0300 Subject: [PATCH 03/14] fix check ds version --- js/editor.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/editor.js b/js/editor.js index edf40b00..6af0680d 100644 --- a/js/editor.js +++ b/js/editor.js @@ -75,7 +75,7 @@ if (OCA.Onlyoffice.inframe || directToken) { var dsVersion = DocsAPI.DocEditor.version(); var versionArray = dsVersion.split("."); - if (versionArray[0] < 5 || versionArray[1] < 5) { + if (versionArray[0] < 5 || versionArray[0] == 5 && versionArray[1] < 5) { if (OCA.Onlyoffice.inframe) { window.parent.postMessage({ method: "editorShowHeaderButton" From 9a9c4342f0947266793fba56b8b896b0fd9ae72d Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Tue, 21 Jan 2020 13:10:08 +0300 Subject: [PATCH 04/14] fix php warning (#218) --- controller/settingscontroller.php | 1 + 1 file changed, 1 insertion(+) diff --git a/controller/settingscontroller.php b/controller/settingscontroller.php index 55e678af..7292ce6d 100644 --- a/controller/settingscontroller.php +++ b/controller/settingscontroller.php @@ -152,6 +152,7 @@ public function SaveAddress($documentserver, $secret, $demo ) { + $error = null; if (!$this->config->SelectDemo($demo === true)) { $error = $this->trans->t("The 30-day test period is over, you can no longer connect to demo ONLYOFFICE Document Server."); } From 2e6e675f8e8f4a78f70719b3a2eb4bf2891f5e95 Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Wed, 22 Jan 2020 17:08:44 +0300 Subject: [PATCH 05/14] use filePath if callbackUrl is yours --- controller/callbackcontroller.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/controller/callbackcontroller.php b/controller/callbackcontroller.php index 20d5844d..6cfd234f 100644 --- a/controller/callbackcontroller.php +++ b/controller/callbackcontroller.php @@ -393,6 +393,10 @@ public function track($doc, $users, $key, $status, $url, $token) { $user = $this->userManager->get($userId); if (!empty($user)) { \OC_Util::setupFS($userId); + + if ($userId === $hashData->userId) { + $filePath = $hashData->filePath; + } } else { if (empty($shareToken)) { // author of the callback link From d8cffcdbd4db524710c41682bf158e8a1a8b65d1 Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Wed, 22 Jan 2020 17:44:16 +0300 Subject: [PATCH 06/14] direct editing for logged in user (Fixed #215) --- controller/editorcontroller.php | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/controller/editorcontroller.php b/controller/editorcontroller.php index ab8f1a58..11765bb0 100644 --- a/controller/editorcontroller.php +++ b/controller/editorcontroller.php @@ -554,25 +554,25 @@ public function PublicPage($fileId, $shareToken, $inframe = false) { */ public function config($fileId, $filePath = NULL, $shareToken = NULL, $directToken = null, $inframe = 0, $desktop = false) { - if (empty($shareToken) && !$this->config->isUserAllowedToUse()) { - if (empty($directToken)) { + if (!empty($directToken)) { + list ($directData, $error) = $this->crypt->ReadHash($directToken); + if ($directData === NULL) { + $this->logger->error("Config for directEditor with empty or not correct hash: $error", array("app" => $this->appName)); return ["error" => $this->trans->t("Not permitted")]; - } else { - list ($directData, $error) = $this->crypt->ReadHash($directToken); - if ($directData === NULL) { - $this->logger->error("Config for directEditor with empty or not correct hash: $error", array("app" => $this->appName)); - return ["error" => $this->trans->t("Not permitted")]; - } - if ($directData->action !== "direct") { - $this->logger->error("Config for directEditor with other data", array("app" => $this->appName)); - return ["error" => $this->trans->t("Invalid request")]; - } - - $fileId = $directData->fileId; - $userId = $directData->userId; - $user = $this->userManager->get($userId); } + if ($directData->action !== "direct") { + $this->logger->error("Config for directEditor with other data", array("app" => $this->appName)); + return ["error" => $this->trans->t("Invalid request")]; + } + + $fileId = $directData->fileId; + $userId = $directData->userId; + $user = $this->userManager->get($userId); } else { + if (empty($shareToken) && !$this->config->isUserAllowedToUse()) { + return ["error" => $this->trans->t("Not permitted")]; + } + $user = $this->userSession->getUser(); $userId = NULL; if (!empty($user)) { From b63e3696ba7a13dedc5afd543cec0636c90bf4e2 Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Thu, 23 Jan 2020 09:31:17 +0300 Subject: [PATCH 07/14] direct editing only for selected groups --- appinfo/application.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/appinfo/application.php b/appinfo/application.php index cfc0873b..8e7375e1 100644 --- a/appinfo/application.php +++ b/appinfo/application.php @@ -80,7 +80,8 @@ function() { $eventDispatcher->addListener("OCA\Files_Sharing::loadAdditionalScripts", function() { - if (!empty($this->appConfig->GetDocumentServerUrl()) && $this->appConfig->SettingsAreSuccessful()) { + if (!empty($this->appConfig->GetDocumentServerUrl()) + && $this->appConfig->SettingsAreSuccessful()) { Util::addScript("onlyoffice", "main"); Util::addStyle("onlyoffice", "main"); } @@ -131,7 +132,9 @@ function() { $eventDispatcher->addListener(RegisterDirectEditorEvent::class, function (RegisterDirectEditorEvent $event) use ($container) { - if (!empty($this->appConfig->GetDocumentServerUrl()) && $this->appConfig->SettingsAreSuccessful()) { + if (!empty($this->appConfig->GetDocumentServerUrl()) + && $this->appConfig->SettingsAreSuccessful() + && $this->appConfig->isUserAllowedToUse()) { $editor = $container->query("DirectEditor"); $event->register($editor); } From 95630ec2d8b16a5ae8538f06a4928ce335afa931 Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Thu, 23 Jan 2020 09:59:31 +0300 Subject: [PATCH 08/14] redirect if logged in on direct editing --- controller/editorcontroller.php | 12 +++++++++++- js/editor.js | 5 +++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/controller/editorcontroller.php b/controller/editorcontroller.php index 11765bb0..a7694ea1 100644 --- a/controller/editorcontroller.php +++ b/controller/editorcontroller.php @@ -567,7 +567,17 @@ public function config($fileId, $filePath = NULL, $shareToken = NULL, $directTok $fileId = $directData->fileId; $userId = $directData->userId; - $user = $this->userManager->get($userId); + if ($this->userSession->isLoggedIn() + && $userId === $this->userSession->getUser()->getUID()) { + $redirectUrl = $this->urlGenerator->linkToRouteAbsolute($this->appName . ".editor.index", + [ + "fileId" => $fileId, + "filePath" => $filePath + ]); + return ["redirectUrl" => $redirectUrl]; + } + + $user = $this->userManager->get($userId); } else { if (empty($shareToken) && !$this->config->isUserAllowedToUse()) { return ["error" => $this->trans->t("Not permitted")]; diff --git a/js/editor.js b/js/editor.js index 6af0680d..b08cbe1c 100644 --- a/js/editor.js +++ b/js/editor.js @@ -103,6 +103,11 @@ return; } + if (config.redirectUrl) { + location.href = config.redirectUrl; + return; + } + if (config.editorConfig.tenant) { displayError(t(OCA.Onlyoffice.AppName, "You are using public demo ONLYOFFICE Document Server. Please do not store private sensitive data.")); } From 58c7748edb8bc7d96b42482f446d9dee8bd7353e Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Thu, 23 Jan 2020 10:11:51 +0300 Subject: [PATCH 09/14] fix php warning --- lib/directeditor.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/directeditor.php b/lib/directeditor.php index e5dedfac..006dee8d 100644 --- a/lib/directeditor.php +++ b/lib/directeditor.php @@ -231,7 +231,8 @@ public function open(IToken $token): Response { "fileId" => null, "filePath" => $filePath, "shareToken" => null, - "directToken" => $directToken + "directToken" => $directToken, + "inframe" => false ]; $response = new TemplateResponse($this->appName, "editor", $params, "base"); From 3f465245dc05bc130b1d37da8b4c31931fd52b6c Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Thu, 23 Jan 2020 11:12:01 +0300 Subject: [PATCH 10/14] fix path for direct editing --- lib/directeditor.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/directeditor.php b/lib/directeditor.php index 006dee8d..601e71aa 100644 --- a/lib/directeditor.php +++ b/lib/directeditor.php @@ -225,7 +225,8 @@ public function open(IToken $token): Response { ]); $filePath = $file->getPath(); - $filePath = preg_replace("/^" . $userId . "/", "", $filePath); + $filePath = preg_replace("/^\/" . $userId . "\/files/", "", $filePath); + $params = [ "documentServerUrl" => $documentServerUrl, "fileId" => null, From 33475989c72ed4953fb2e80270fd60da20d60aa7 Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Thu, 23 Jan 2020 11:36:22 +0300 Subject: [PATCH 11/14] fix watermark on federated share --- controller/editorcontroller.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/controller/editorcontroller.php b/controller/editorcontroller.php index a7694ea1..adbca486 100644 --- a/controller/editorcontroller.php +++ b/controller/editorcontroller.php @@ -972,7 +972,8 @@ private function getWatermarkText($isPublic, $userId, $file, $canEdit, $canDownl } } } else { - if ($watermarkSettings["shareAll"] && $file->getOwner()->getUID() !== $userId) { + if ($watermarkSettings["shareAll"] + && ($file->getOwner() === null || $file->getOwner()->getUID() !== $userId)) { return $watermarkText; } if ($watermarkSettings["shareRead"] && !$canEdit) { From 06163173e1f4f52ff7d6ed73332c3a45c74571b2 Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Thu, 23 Jan 2020 11:44:07 +0300 Subject: [PATCH 12/14] hide file selector for public --- js/editor.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/js/editor.js b/js/editor.js index b08cbe1c..b4d3d499 100644 --- a/js/editor.js +++ b/js/editor.js @@ -137,7 +137,8 @@ "onDocumentStateChange": setPageTitle, }; - if (OCA.Onlyoffice.inframe || OC.currentUser) { + if (OCA.Onlyoffice.inframe && !shareToken + || OC.currentUser) { config.events.onRequestSaveAs = OCA.Onlyoffice.onRequestSaveAs; config.events.onRequestInsertImage = OCA.Onlyoffice.onRequestInsertImage; config.events.onRequestMailMergeRecipients = OCA.Onlyoffice.onRequestMailMergeRecipients; From 17691dde7808091652fb1a35d3cc866c0bfd6ef8 Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Thu, 23 Jan 2020 14:35:27 +0300 Subject: [PATCH 13/14] postMessage in safari (Fixed #213) --- js/editor.js | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/js/editor.js b/js/editor.js index b4d3d499..5cb0c46d 100644 --- a/js/editor.js +++ b/js/editor.js @@ -79,7 +79,8 @@ if (OCA.Onlyoffice.inframe) { window.parent.postMessage({ method: "editorShowHeaderButton" - }); + }, + "*"); } params.push("inframe=2"); } else { @@ -178,7 +179,8 @@ window.parent.postMessage({ method: "editorRequestSaveAs", param: saveData - }); + }, + "*"); } else { OC.dialogs.filepicker(t(OCA.Onlyoffice.AppName, "Save as"), function (fileDir) { @@ -220,7 +222,8 @@ window.parent.postMessage({ method: "editorRequestInsertImage", param: imageMimes - }); + }, + "*"); } else { OC.dialogs.filepicker(t(OCA.Onlyoffice.AppName, "Insert image"), OCA.Onlyoffice.editorInsertImage, false, imageMimes); } @@ -253,7 +256,8 @@ window.parent.postMessage({ method: "editorRequestMailMergeRecipients", param: recipientMimes - }); + }, + "*"); } else { OC.dialogs.filepicker(t(OCA.Onlyoffice.AppName, "Select recipients"), OCA.Onlyoffice.editorSetRecipient, false, recipientMimes); } @@ -285,13 +289,15 @@ window.parent.postMessage({ method: "editorRequestClose" - }); + }, + "*"); }; OCA.Onlyoffice.onRequestSharingSettings = function() { window.parent.postMessage({ method: "editorRequestSharingSettings" - }); + }, + "*"); }; OCA.Onlyoffice.onRequestCompareFile = function() { @@ -303,7 +309,8 @@ window.parent.postMessage({ method: "editorRequestCompareFile", param: revisedMimes - }); + }, + "*"); } else { OC.dialogs.filepicker(t(OCA.Onlyoffice.AppName, "Select file to compare"), OCA.Onlyoffice.editorSetRevised, false, revisedMimes); } From 8a85f3298fc826bbbf67b67fccd1514dca8a83c5 Mon Sep 17 00:00:00 2001 From: Sergey Linnik Date: Fri, 24 Jan 2020 13:56:50 +0300 Subject: [PATCH 14/14] 4.1.2 --- CHANGELOG.md | 6 ++++++ appinfo/info.xml | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7e8d4b01..06e7cf99 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Change Log +## 4.1.2 +## Changed +- fix file opening with a sidebar +- fix file opening in Nextcloud Android mobile application +- fix file opening the federated file when watermark is enabled + ## 4.1.1 ## Changed - compatible with Nextcloud 16-17 diff --git a/appinfo/info.xml b/appinfo/info.xml index c455b88e..811ae8a8 100644 --- a/appinfo/info.xml +++ b/appinfo/info.xml @@ -6,7 +6,7 @@ ONLYOFFICE connector enables you to edit Office documents within ONLYOFFICE from the familiar web interface. This will create a new Open in ONLYOFFICE action within the document library for Office documents. This allows multiple users to collaborate in real time and to save back those changes to your file storage. agpl Ascensio System SIA - 4.1.1 + 4.1.2 Onlyoffice