readd fallback code for pre token links

This commit is contained in:
Jörn Friedrich Dreyer 2012-11-23 15:51:57 +01:00
parent d8a171df26
commit 995b5c0739
3 changed files with 219 additions and 151 deletions

View File

@ -19,6 +19,24 @@ if (isset($_GET['token'])) {
\OCP\Util::writeLog('files_sharing', 'You have files that are shared by link originating from ownCloud 4.0. Redistribute the new links, because backwards compatibility will be removed in ownCloud 5.', \OCP\Util::WARN);
}
}
function getID($path) {
// use the share table from the db to find the item source if the file was reshared because shared files
//are not stored in the file cache.
if (substr(OC_Filesystem::getMountPoint($path), -7, 6) == "Shared") {
$path_parts = explode('/', $path, 5);
$user = $path_parts[1];
$intPath = '/'.$path_parts[4];
$query = \OC_DB::prepare('SELECT `item_source` FROM `*PREFIX*share` WHERE `uid_owner` = ? AND `file_target` = ? ');
$result = $query->execute(array($user, $intPath));
$row = $result->fetchRow();
$fileSource = $row['item_source'];
} else {
$fileSource = OC_Filecache::getId($path, '');
}
return $fileSource;
}
// Enf of backward compatibility
/**
@ -34,6 +52,7 @@ function getPathAndUser($id) {
return $row;
}
if (isset($_GET['t'])) {
$token = $_GET['t'];
$linkItem = OCP\Share::getShareByToken($token);
@ -59,166 +78,201 @@ if (isset($_GET['t'])) {
//mount filesystem of file owner
OC_Util::setupFS($fileOwner);
if (!isset($linkItem['item_type'])) {
OCP\Util::writeLog('share', 'No item type set for share id: '.$linkItem['id'], \OCP\Util::ERROR);
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');
$tmpl->printPage();
exit();
}
if (isset($linkItem['share_with'])) {
// Authenticate share_with
$url = OCP\Util::linkToPublic('files').'&t='.$token;
if (isset($_GET['file'])) {
$url .= '&file='.urlencode($_GET['file']);
} else if (isset($_GET['dir'])) {
$url .= '&dir='.urlencode($_GET['dir']);
}
if (isset($_POST['password'])) {
$password = $_POST['password'];
if ($linkItem['share_type'] == OCP\Share::SHARE_TYPE_LINK) {
// Check Password
$forcePortable = (CRYPT_BLOWFISH != 1);
$hasher = new PasswordHash(8, $forcePortable);
if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''), $linkItem['share_with']))) {
$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
$tmpl->assign('URL', $url);
$tmpl->assign('error', true);
$tmpl->printPage();
exit();
} else {
// Save item id in session for future requests
$_SESSION['public_link_authenticated'] = $linkItem['id'];
}
} else {
OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type'].' for share id '.$linkItem['id'], \OCP\Util::ERROR);
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');
$tmpl->printPage();
exit();
}
// Check if item id is set in session
} else if (!isset($_SESSION['public_link_authenticated']) || $_SESSION['public_link_authenticated'] !== $linkItem['id']) {
// Prompt for password
}
}
} else if (isset($_GET['file']) || isset($_GET['dir'])) {
OCP\Util::writeLog('share', 'Missing token, trying fallback file/dir links', \OCP\Util::DEBUG);
if (isset($_GET['dir'])) {
$type = 'folder';
$path = $_GET['dir'];
if(strlen($path)>1 and substr($path, -1, 1)==='/') {
$path=substr($path, 0, -1);
}
$baseDir = $path;
$dir = $baseDir;
} else {
$type = 'file';
$path = $_GET['file'];
if(strlen($path)>1 and substr($path, -1, 1)==='/') {
$path=substr($path, 0, -1);
}
}
$shareOwner = substr($path, 1, strpos($path, '/', 1) - 1);
if (OCP\User::userExists($shareOwner)) {
OC_Util::setupFS($shareOwner);
$fileSource = getId($path);
if ($fileSource != -1 ) {
$linkItem = OCP\Share::getItemSharedWithByLink($type, $fileSource, $shareOwner);
$pathAndUser['path'] = $path;
$path_parts = explode('/', $path, 5);
$pathAndUser['user'] = $path_parts[1];
$fileOwner = $path_parts[1];
}
}
}
if ($linkItem) {
if (!isset($linkItem['item_type'])) {
OCP\Util::writeLog('share', 'No item type set for share id: '.$linkItem['id'], \OCP\Util::ERROR);
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');
$tmpl->printPage();
exit();
}
if (isset($linkItem['share_with'])) {
// Authenticate share_with
$url = OCP\Util::linkToPublic('files').'&t='.$token;
if (isset($_GET['file'])) {
$url .= '&file='.urlencode($_GET['file']);
} else if (isset($_GET['dir'])) {
$url .= '&dir='.urlencode($_GET['dir']);
}
if (isset($_POST['password'])) {
$password = $_POST['password'];
if ($linkItem['share_type'] == OCP\Share::SHARE_TYPE_LINK) {
// Check Password
$forcePortable = (CRYPT_BLOWFISH != 1);
$hasher = new PasswordHash(8, $forcePortable);
if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''), $linkItem['share_with']))) {
$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
$tmpl->assign('URL', $url);
$tmpl->assign('error', true);
$tmpl->printPage();
exit();
} else {
// Save item id in session for future requests
$_SESSION['public_link_authenticated'] = $linkItem['id'];
}
}
$basePath = substr($pathAndUser['path'] , strlen('/'.$fileOwner.'/files'));
$path = $basePath;
if (isset($_GET['path'])) {
$path .= $_GET['path'];
}
if (!$path || !OC_Filesystem::isValidPath($path) || !OC_Filesystem::file_exists($path)) {
OCP\Util::writeLog('share', 'Invalid path '.$path.' for share id '.$linkItem['id'], \OCP\Util::ERROR);
} else {
OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type'].' for share id '.$linkItem['id'], \OCP\Util::ERROR);
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');
$tmpl->printPage();
exit();
}
$dir = dirname($path);
$file = basename($path);
// Download the file
if (isset($_GET['download'])) {
if (isset($_GET['path']) && $_GET['path'] !== '' ) {
if ( isset($_GET['files']) ) { // download selected files
OC_Files::get($path, $_GET['files'], $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false);
} else if (isset($_GET['path']) && $_GET['path'] != '' ) { // download a file from a shared directory
OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false);
} else { // download the whole shared directory
OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false);
}
} else { // download a single shared file
OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false);
}
} else {
OCP\Util::addStyle('files_sharing', 'public');
OCP\Util::addScript('files_sharing', 'public');
OCP\Util::addScript('files', 'fileactions');
$tmpl = new OCP\Template('files_sharing', 'public', 'base');
$tmpl->assign('uidOwner', $shareOwner);
$tmpl->assign('dir', $dir);
$tmpl->assign('filename', $file);
$tmpl->assign('mimetype', OC_Filesystem::getMimeType($path));
if (isset($_GET['path'])) {
$getPath = $_GET['path'];
} else {
$getPath = '';
}
// Show file list
if (OC_Filesystem::is_dir($path)) {
OCP\Util::addStyle('files', 'files');
OCP\Util::addScript('files', 'files');
OCP\Util::addScript('files', 'filelist');
$files = array();
$rootLength = strlen($basePath) + 1;
foreach (OC_Files::getDirectoryContent($path) as $i) {
$i['date'] = OCP\Util::formatDate($i['mtime']);
if ($i['type'] == 'file') {
$fileinfo = pathinfo($i['name']);
$i['basename'] = $fileinfo['filename'];
$i['extension'] = isset($fileinfo['extension']) ? ('.'.$fileinfo['extension']) : '';
}
$i['directory'] = '/'.substr($i['directory'], $rootLength);
if ($i['directory'] == '/') {
$i['directory'] = '';
}
$i['permissions'] = OCP\PERMISSION_READ;
$files[] = $i;
}
// Make breadcrumb
$breadcrumb = array();
$pathtohere = '';
//add base breadcrumb
$breadcrumb[] = array('dir' => '/', 'name' => basename($basePath));
//add subdir breadcrumbs
foreach (explode('/', urldecode($_GET['path'])) as $i) {
if ($i != '') {
$pathtohere .= '/'.$i;
$breadcrumb[] = array('dir' => $pathtohere, 'name' => $i);
}
}
$list = new OCP\Template('files', 'part.list', '');
$list->assign('files', $files, false);
$list->assign('publicListView', true);
$list->assign('baseURL', OCP\Util::linkToPublic('files').'&t='.$token.'&path=', false);
$list->assign('downloadURL', OCP\Util::linkToPublic('files').'&t='.$token.'&download&path=', false);
$breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', '' );
$breadcrumbNav->assign('breadcrumb', $breadcrumb, false);
$breadcrumbNav->assign('baseURL', OCP\Util::linkToPublic('files').'&t='.$token.'&path=', false);
$folder = new OCP\Template('files', 'index', '');
$folder->assign('fileList', $list->fetchPage(), false);
$folder->assign('breadcrumb', $breadcrumbNav->fetchPage(), false);
$folder->assign('isCreatable', false);
$folder->assign('permissions', 0);
$folder->assign('files', $files);
$folder->assign('uploadMaxFilesize', 0);
$folder->assign('uploadMaxHumanFilesize', 0);
$folder->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true)));
$tmpl->assign('folder', $folder->fetchPage(), false);
$tmpl->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true)));
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&t='.$token.'&download&path='.urlencode($getPath));
} else {
// Show file preview if viewer is available
if ($type == 'file') {
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&t='.$token.'&download');
} else {
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&t='.$token.'&download&path='.urlencode($getPath));
}
}
$tmpl->printPage();
}
// Check if item id is set in session
} else if (!isset($_SESSION['public_link_authenticated']) || $_SESSION['public_link_authenticated'] !== $linkItem['id']) {
// Prompt for password
$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
$tmpl->assign('URL', $url);
$tmpl->printPage();
exit();
}
}
$basePath = substr($pathAndUser['path'] , strlen('/'.$fileOwner.'/files'));
$path = $basePath;
if (isset($_GET['path'])) {
$path .= $_GET['path'];
}
if (!$path || !OC_Filesystem::isValidPath($path) || !OC_Filesystem::file_exists($path)) {
OCP\Util::writeLog('share', 'Invalid path '.$path.' for share id '.$linkItem['id'], \OCP\Util::ERROR);
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');
$tmpl->printPage();
exit();
}
$dir = dirname($path);
$file = basename($path);
// Download the file
if (isset($_GET['download'])) {
if (isset($_GET['path']) && $_GET['path'] !== '' ) {
if ( isset($_GET['files']) ) { // download selected files
OC_Files::get($path, $_GET['files'], $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false);
} else if (isset($_GET['path']) && $_GET['path'] != '' ) { // download a file from a shared directory
OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false);
} else { // download the whole shared directory
OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false);
}
} else { // download a single shared file
OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false);
}
} else {
OCP\Util::addStyle('files_sharing', 'public');
OCP\Util::addScript('files_sharing', 'public');
OCP\Util::addScript('files', 'fileactions');
$tmpl = new OCP\Template('files_sharing', 'public', 'base');
$tmpl->assign('uidOwner', $shareOwner);
$tmpl->assign('dir', $dir);
$tmpl->assign('filename', $file);
$tmpl->assign('mimetype', OC_Filesystem::getMimeType($path));
if (isset($_GET['path'])) {
$getPath = $_GET['path'];
} else {
$getPath = '';
}
//
$urlLinkIdentifiers= (isset($token)?'&t='.$token:'').(isset($_GET['dir'])?'&dir='.$_GET['dir']:'').(isset($_GET['file'])?'&file='.$_GET['file']:'');
// Show file list
if (OC_Filesystem::is_dir($path)) {
OCP\Util::addStyle('files', 'files');
OCP\Util::addScript('files', 'files');
OCP\Util::addScript('files', 'filelist');
$files = array();
$rootLength = strlen($basePath) + 1;
foreach (OC_Files::getDirectoryContent($path) as $i) {
$i['date'] = OCP\Util::formatDate($i['mtime']);
if ($i['type'] == 'file') {
$fileinfo = pathinfo($i['name']);
$i['basename'] = $fileinfo['filename'];
$i['extension'] = isset($fileinfo['extension']) ? ('.'.$fileinfo['extension']) : '';
}
$i['directory'] = '/'.substr($i['directory'], $rootLength);
if ($i['directory'] == '/') {
$i['directory'] = '';
}
$i['permissions'] = OCP\PERMISSION_READ;
$files[] = $i;
}
// Make breadcrumb
$breadcrumb = array();
$pathtohere = '';
//add base breadcrumb
$breadcrumb[] = array('dir' => '/', 'name' => basename($basePath));
//add subdir breadcrumbs
foreach (explode('/', urldecode($_GET['path'])) as $i) {
if ($i != '') {
$pathtohere .= '/'.$i;
$breadcrumb[] = array('dir' => $pathtohere, 'name' => $i);
}
}
$list = new OCP\Template('files', 'part.list', '');
$list->assign('files', $files, false);
$list->assign('publicListView', true);
$list->assign('baseURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&path=', false);
$list->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download&path=', false);
$breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', '' );
$breadcrumbNav->assign('breadcrumb', $breadcrumb, false);
$breadcrumbNav->assign('baseURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&path=', false);
$folder = new OCP\Template('files', 'index', '');
$folder->assign('fileList', $list->fetchPage(), false);
$folder->assign('breadcrumb', $breadcrumbNav->fetchPage(), false);
$folder->assign('isCreatable', false);
$folder->assign('permissions', 0);
$folder->assign('files', $files);
$folder->assign('uploadMaxFilesize', 0);
$folder->assign('uploadMaxHumanFilesize', 0);
$folder->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true)));
$tmpl->assign('folder', $folder->fetchPage(), false);
$tmpl->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true)));
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download&path='.urlencode($getPath));
} else {
// Show file preview if viewer is available
if ($type == 'file') {
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download');
} else {
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download&path='.urlencode($getPath));
}
}
$tmpl->printPage();
}
exit();
} else {
OCP\Util::writeLog('share', 'Missing token', \OCP\Util::DEBUG);
OCP\Util::writeLog('share', 'could not resolve linkItem', \OCP\Util::DEBUG);
}
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');

View File

@ -179,7 +179,7 @@ OC.Share={
if (data.shares) {
$.each(data.shares, function(index, share) {
if (share.share_type == OC.Share.SHARE_TYPE_LINK) {
OC.Share.showLink(share.token, share.share_with);
OC.Share.showLink(share.token, share.share_with, itemSource);
} else {
if (share.collection) {
OC.Share.addShareWith(share.share_type, share.share_with, share.permissions, possiblePermissions, share.collection);
@ -323,10 +323,24 @@ OC.Share={
$('#expiration').show();
}
},
showLink:function(token, password) {
showLink:function(token, password, itemSource) {
OC.Share.itemShares[OC.Share.SHARE_TYPE_LINK] = true;
$('#linkCheckbox').attr('checked', true);
var link = parent.location.protocol+'//'+location.host+OC.linkTo('', 'public.php')+'?service=files&t='+token;
if (! token) {
//fallback to pre token link
var filename = $('tr').filterAttr('data-id', String(itemSource)).data('file');
var type = $('tr').filterAttr('data-id', String(itemSource)).data('type');
if ($('#dir').val() == '/') {
var file = $('#dir').val() + filename;
} else {
var file = $('#dir').val() + '/' + filename;
}
file = '/'+OC.currentUser+'/files'+file;
var link = parent.location.protocol+'//'+location.host+OC.linkTo('', 'public.php')+'?service=files&'+type+'='+encodeURIComponent(file);
} else {
//TODO add path param when showing a link to file in a subfolder of a public link share
var link = parent.location.protocol+'//'+location.host+OC.linkTo('', 'public.php')+'?service=files&t='+token;
}
$('#linkText').val(link);
$('#linkText').show('blind');
$('#showPassword').show();
@ -473,7 +487,7 @@ $(document).ready(function() {
if (this.checked) {
// Create a link
OC.Share.share(itemType, itemSource, OC.Share.SHARE_TYPE_LINK, '', OC.PERMISSION_READ, function(data) {
OC.Share.showLink(data.token);
OC.Share.showLink(data.token, null, itemSource);
OC.Share.updateIcon(itemType, itemSource);
});
} else {

View File

@ -689,7 +689,7 @@ class Share {
if (($itemType == 'file' || $itemType == 'folder') && $format == \OC_Share_Backend_File::FORMAT_FILE_APP || $format == \OC_Share_Backend_File::FORMAT_FILE_APP_ROOT) {
$select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `uid_owner`, `share_type`, `share_with`, `file_source`, `path`, `file_target`, `permissions`, `expiration`, `name`, `ctime`, `mtime`, `mimetype`, `size`, `encrypted`, `versioned`, `writable`';
} else {
$select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`, `file_source`, `path`, `file_target`, `permissions`, `stime`, `expiration`';
$select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`, `file_source`, `path`, `file_target`, `permissions`, `stime`, `expiration`, `token`';
}
} else {
$select = '*';