diff --git a/apps/files_sharing/public.php b/apps/files_sharing/public.php index d680a87fa7..ac24736873 100644 --- a/apps/files_sharing/public.php +++ b/apps/files_sharing/public.php @@ -19,6 +19,24 @@ if (isset($_GET['token'])) { \OCP\Util::writeLog('files_sharing', 'You have files that are shared by link originating from ownCloud 4.0. Redistribute the new links, because backwards compatibility will be removed in ownCloud 5.', \OCP\Util::WARN); } } + +function getID($path) { + // use the share table from the db to find the item source if the file was reshared because shared files + //are not stored in the file cache. + if (substr(OC_Filesystem::getMountPoint($path), -7, 6) == "Shared") { + $path_parts = explode('/', $path, 5); + $user = $path_parts[1]; + $intPath = '/'.$path_parts[4]; + $query = \OC_DB::prepare('SELECT `item_source` FROM `*PREFIX*share` WHERE `uid_owner` = ? AND `file_target` = ? '); + $result = $query->execute(array($user, $intPath)); + $row = $result->fetchRow(); + $fileSource = $row['item_source']; + } else { + $fileSource = OC_Filecache::getId($path, ''); + } + + return $fileSource; +} // Enf of backward compatibility /** @@ -34,6 +52,7 @@ function getPathAndUser($id) { return $row; } + if (isset($_GET['t'])) { $token = $_GET['t']; $linkItem = OCP\Share::getShareByToken($token); @@ -59,166 +78,201 @@ if (isset($_GET['t'])) { //mount filesystem of file owner OC_Util::setupFS($fileOwner); - if (!isset($linkItem['item_type'])) { - OCP\Util::writeLog('share', 'No item type set for share id: '.$linkItem['id'], \OCP\Util::ERROR); - header('HTTP/1.0 404 Not Found'); - $tmpl = new OCP\Template('', '404', 'guest'); - $tmpl->printPage(); - exit(); - } - if (isset($linkItem['share_with'])) { - // Authenticate share_with - $url = OCP\Util::linkToPublic('files').'&t='.$token; - if (isset($_GET['file'])) { - $url .= '&file='.urlencode($_GET['file']); - } else if (isset($_GET['dir'])) { - $url .= '&dir='.urlencode($_GET['dir']); - } - if (isset($_POST['password'])) { - $password = $_POST['password']; - if ($linkItem['share_type'] == OCP\Share::SHARE_TYPE_LINK) { - // Check Password - $forcePortable = (CRYPT_BLOWFISH != 1); - $hasher = new PasswordHash(8, $forcePortable); - if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''), $linkItem['share_with']))) { - $tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest'); - $tmpl->assign('URL', $url); - $tmpl->assign('error', true); - $tmpl->printPage(); - exit(); - } else { - // Save item id in session for future requests - $_SESSION['public_link_authenticated'] = $linkItem['id']; - } - } else { - OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type'].' for share id '.$linkItem['id'], \OCP\Util::ERROR); - header('HTTP/1.0 404 Not Found'); - $tmpl = new OCP\Template('', '404', 'guest'); - $tmpl->printPage(); - exit(); - } - // Check if item id is set in session - } else if (!isset($_SESSION['public_link_authenticated']) || $_SESSION['public_link_authenticated'] !== $linkItem['id']) { - // Prompt for password + } + } +} else if (isset($_GET['file']) || isset($_GET['dir'])) { + OCP\Util::writeLog('share', 'Missing token, trying fallback file/dir links', \OCP\Util::DEBUG); + if (isset($_GET['dir'])) { + $type = 'folder'; + $path = $_GET['dir']; + if(strlen($path)>1 and substr($path, -1, 1)==='/') { + $path=substr($path, 0, -1); + } + $baseDir = $path; + $dir = $baseDir; + } else { + $type = 'file'; + $path = $_GET['file']; + if(strlen($path)>1 and substr($path, -1, 1)==='/') { + $path=substr($path, 0, -1); + } + } + $shareOwner = substr($path, 1, strpos($path, '/', 1) - 1); + + if (OCP\User::userExists($shareOwner)) { + OC_Util::setupFS($shareOwner); + $fileSource = getId($path); + if ($fileSource != -1 ) { + $linkItem = OCP\Share::getItemSharedWithByLink($type, $fileSource, $shareOwner); + $pathAndUser['path'] = $path; + $path_parts = explode('/', $path, 5); + $pathAndUser['user'] = $path_parts[1]; + $fileOwner = $path_parts[1]; + } + } +} + +if ($linkItem) { + if (!isset($linkItem['item_type'])) { + OCP\Util::writeLog('share', 'No item type set for share id: '.$linkItem['id'], \OCP\Util::ERROR); + header('HTTP/1.0 404 Not Found'); + $tmpl = new OCP\Template('', '404', 'guest'); + $tmpl->printPage(); + exit(); + } + if (isset($linkItem['share_with'])) { + // Authenticate share_with + $url = OCP\Util::linkToPublic('files').'&t='.$token; + if (isset($_GET['file'])) { + $url .= '&file='.urlencode($_GET['file']); + } else if (isset($_GET['dir'])) { + $url .= '&dir='.urlencode($_GET['dir']); + } + if (isset($_POST['password'])) { + $password = $_POST['password']; + if ($linkItem['share_type'] == OCP\Share::SHARE_TYPE_LINK) { + // Check Password + $forcePortable = (CRYPT_BLOWFISH != 1); + $hasher = new PasswordHash(8, $forcePortable); + if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''), $linkItem['share_with']))) { $tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest'); $tmpl->assign('URL', $url); + $tmpl->assign('error', true); $tmpl->printPage(); exit(); + } else { + // Save item id in session for future requests + $_SESSION['public_link_authenticated'] = $linkItem['id']; } - } - $basePath = substr($pathAndUser['path'] , strlen('/'.$fileOwner.'/files')); - $path = $basePath; - if (isset($_GET['path'])) { - $path .= $_GET['path']; - } - if (!$path || !OC_Filesystem::isValidPath($path) || !OC_Filesystem::file_exists($path)) { - OCP\Util::writeLog('share', 'Invalid path '.$path.' for share id '.$linkItem['id'], \OCP\Util::ERROR); + } else { + OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type'].' for share id '.$linkItem['id'], \OCP\Util::ERROR); header('HTTP/1.0 404 Not Found'); $tmpl = new OCP\Template('', '404', 'guest'); $tmpl->printPage(); exit(); } - $dir = dirname($path); - $file = basename($path); - // Download the file - if (isset($_GET['download'])) { - if (isset($_GET['path']) && $_GET['path'] !== '' ) { - if ( isset($_GET['files']) ) { // download selected files - OC_Files::get($path, $_GET['files'], $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); - } else if (isset($_GET['path']) && $_GET['path'] != '' ) { // download a file from a shared directory - OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); - } else { // download the whole shared directory - OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); - } - } else { // download a single shared file - OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); - } - - } else { - OCP\Util::addStyle('files_sharing', 'public'); - OCP\Util::addScript('files_sharing', 'public'); - OCP\Util::addScript('files', 'fileactions'); - $tmpl = new OCP\Template('files_sharing', 'public', 'base'); - $tmpl->assign('uidOwner', $shareOwner); - $tmpl->assign('dir', $dir); - $tmpl->assign('filename', $file); - $tmpl->assign('mimetype', OC_Filesystem::getMimeType($path)); - if (isset($_GET['path'])) { - $getPath = $_GET['path']; - } else { - $getPath = ''; - } - // Show file list - if (OC_Filesystem::is_dir($path)) { - OCP\Util::addStyle('files', 'files'); - OCP\Util::addScript('files', 'files'); - OCP\Util::addScript('files', 'filelist'); - $files = array(); - $rootLength = strlen($basePath) + 1; - foreach (OC_Files::getDirectoryContent($path) as $i) { - $i['date'] = OCP\Util::formatDate($i['mtime']); - if ($i['type'] == 'file') { - $fileinfo = pathinfo($i['name']); - $i['basename'] = $fileinfo['filename']; - $i['extension'] = isset($fileinfo['extension']) ? ('.'.$fileinfo['extension']) : ''; - } - $i['directory'] = '/'.substr($i['directory'], $rootLength); - if ($i['directory'] == '/') { - $i['directory'] = ''; - } - $i['permissions'] = OCP\PERMISSION_READ; - $files[] = $i; - } - // Make breadcrumb - $breadcrumb = array(); - $pathtohere = ''; - - //add base breadcrumb - $breadcrumb[] = array('dir' => '/', 'name' => basename($basePath)); - - //add subdir breadcrumbs - foreach (explode('/', urldecode($_GET['path'])) as $i) { - if ($i != '') { - $pathtohere .= '/'.$i; - $breadcrumb[] = array('dir' => $pathtohere, 'name' => $i); - } - } - - $list = new OCP\Template('files', 'part.list', ''); - $list->assign('files', $files, false); - $list->assign('publicListView', true); - $list->assign('baseURL', OCP\Util::linkToPublic('files').'&t='.$token.'&path=', false); - $list->assign('downloadURL', OCP\Util::linkToPublic('files').'&t='.$token.'&download&path=', false); - $breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', '' ); - $breadcrumbNav->assign('breadcrumb', $breadcrumb, false); - $breadcrumbNav->assign('baseURL', OCP\Util::linkToPublic('files').'&t='.$token.'&path=', false); - $folder = new OCP\Template('files', 'index', ''); - $folder->assign('fileList', $list->fetchPage(), false); - $folder->assign('breadcrumb', $breadcrumbNav->fetchPage(), false); - $folder->assign('isCreatable', false); - $folder->assign('permissions', 0); - $folder->assign('files', $files); - $folder->assign('uploadMaxFilesize', 0); - $folder->assign('uploadMaxHumanFilesize', 0); - $folder->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true))); - $tmpl->assign('folder', $folder->fetchPage(), false); - $tmpl->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true))); - $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&t='.$token.'&download&path='.urlencode($getPath)); - } else { - // Show file preview if viewer is available - if ($type == 'file') { - $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&t='.$token.'&download'); - } else { - $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&t='.$token.'&download&path='.urlencode($getPath)); - } - } - $tmpl->printPage(); - } + // Check if item id is set in session + } else if (!isset($_SESSION['public_link_authenticated']) || $_SESSION['public_link_authenticated'] !== $linkItem['id']) { + // Prompt for password + $tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest'); + $tmpl->assign('URL', $url); + $tmpl->printPage(); exit(); } } + $basePath = substr($pathAndUser['path'] , strlen('/'.$fileOwner.'/files')); + $path = $basePath; + if (isset($_GET['path'])) { + $path .= $_GET['path']; + } + if (!$path || !OC_Filesystem::isValidPath($path) || !OC_Filesystem::file_exists($path)) { + OCP\Util::writeLog('share', 'Invalid path '.$path.' for share id '.$linkItem['id'], \OCP\Util::ERROR); + header('HTTP/1.0 404 Not Found'); + $tmpl = new OCP\Template('', '404', 'guest'); + $tmpl->printPage(); + exit(); + } + $dir = dirname($path); + $file = basename($path); + // Download the file + if (isset($_GET['download'])) { + if (isset($_GET['path']) && $_GET['path'] !== '' ) { + if ( isset($_GET['files']) ) { // download selected files + OC_Files::get($path, $_GET['files'], $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); + } else if (isset($_GET['path']) && $_GET['path'] != '' ) { // download a file from a shared directory + OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); + } else { // download the whole shared directory + OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); + } + } else { // download a single shared file + OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD' ? true : false); + } + + } else { + OCP\Util::addStyle('files_sharing', 'public'); + OCP\Util::addScript('files_sharing', 'public'); + OCP\Util::addScript('files', 'fileactions'); + $tmpl = new OCP\Template('files_sharing', 'public', 'base'); + $tmpl->assign('uidOwner', $shareOwner); + $tmpl->assign('dir', $dir); + $tmpl->assign('filename', $file); + $tmpl->assign('mimetype', OC_Filesystem::getMimeType($path)); + if (isset($_GET['path'])) { + $getPath = $_GET['path']; + } else { + $getPath = ''; + } + // + $urlLinkIdentifiers= (isset($token)?'&t='.$token:'').(isset($_GET['dir'])?'&dir='.$_GET['dir']:'').(isset($_GET['file'])?'&file='.$_GET['file']:''); + // Show file list + if (OC_Filesystem::is_dir($path)) { + OCP\Util::addStyle('files', 'files'); + OCP\Util::addScript('files', 'files'); + OCP\Util::addScript('files', 'filelist'); + $files = array(); + $rootLength = strlen($basePath) + 1; + foreach (OC_Files::getDirectoryContent($path) as $i) { + $i['date'] = OCP\Util::formatDate($i['mtime']); + if ($i['type'] == 'file') { + $fileinfo = pathinfo($i['name']); + $i['basename'] = $fileinfo['filename']; + $i['extension'] = isset($fileinfo['extension']) ? ('.'.$fileinfo['extension']) : ''; + } + $i['directory'] = '/'.substr($i['directory'], $rootLength); + if ($i['directory'] == '/') { + $i['directory'] = ''; + } + $i['permissions'] = OCP\PERMISSION_READ; + $files[] = $i; + } + // Make breadcrumb + $breadcrumb = array(); + $pathtohere = ''; + + //add base breadcrumb + $breadcrumb[] = array('dir' => '/', 'name' => basename($basePath)); + + //add subdir breadcrumbs + foreach (explode('/', urldecode($_GET['path'])) as $i) { + if ($i != '') { + $pathtohere .= '/'.$i; + $breadcrumb[] = array('dir' => $pathtohere, 'name' => $i); + } + } + + $list = new OCP\Template('files', 'part.list', ''); + $list->assign('files', $files, false); + $list->assign('publicListView', true); + $list->assign('baseURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&path=', false); + $list->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download&path=', false); + $breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', '' ); + $breadcrumbNav->assign('breadcrumb', $breadcrumb, false); + $breadcrumbNav->assign('baseURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&path=', false); + $folder = new OCP\Template('files', 'index', ''); + $folder->assign('fileList', $list->fetchPage(), false); + $folder->assign('breadcrumb', $breadcrumbNav->fetchPage(), false); + $folder->assign('isCreatable', false); + $folder->assign('permissions', 0); + $folder->assign('files', $files); + $folder->assign('uploadMaxFilesize', 0); + $folder->assign('uploadMaxHumanFilesize', 0); + $folder->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true))); + $tmpl->assign('folder', $folder->fetchPage(), false); + $tmpl->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true))); + $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download&path='.urlencode($getPath)); + } else { + // Show file preview if viewer is available + if ($type == 'file') { + $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download'); + } else { + $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download&path='.urlencode($getPath)); + } + } + $tmpl->printPage(); + } + exit(); } else { - OCP\Util::writeLog('share', 'Missing token', \OCP\Util::DEBUG); + OCP\Util::writeLog('share', 'could not resolve linkItem', \OCP\Util::DEBUG); } header('HTTP/1.0 404 Not Found'); $tmpl = new OCP\Template('', '404', 'guest'); diff --git a/core/js/share.js b/core/js/share.js index 879befd95b..0f71ae2241 100644 --- a/core/js/share.js +++ b/core/js/share.js @@ -179,7 +179,7 @@ OC.Share={ if (data.shares) { $.each(data.shares, function(index, share) { if (share.share_type == OC.Share.SHARE_TYPE_LINK) { - OC.Share.showLink(share.token, share.share_with); + OC.Share.showLink(share.token, share.share_with, itemSource); } else { if (share.collection) { OC.Share.addShareWith(share.share_type, share.share_with, share.permissions, possiblePermissions, share.collection); @@ -323,10 +323,24 @@ OC.Share={ $('#expiration').show(); } }, - showLink:function(token, password) { + showLink:function(token, password, itemSource) { OC.Share.itemShares[OC.Share.SHARE_TYPE_LINK] = true; $('#linkCheckbox').attr('checked', true); - var link = parent.location.protocol+'//'+location.host+OC.linkTo('', 'public.php')+'?service=files&t='+token; + if (! token) { + //fallback to pre token link + var filename = $('tr').filterAttr('data-id', String(itemSource)).data('file'); + var type = $('tr').filterAttr('data-id', String(itemSource)).data('type'); + if ($('#dir').val() == '/') { + var file = $('#dir').val() + filename; + } else { + var file = $('#dir').val() + '/' + filename; + } + file = '/'+OC.currentUser+'/files'+file; + var link = parent.location.protocol+'//'+location.host+OC.linkTo('', 'public.php')+'?service=files&'+type+'='+encodeURIComponent(file); + } else { + //TODO add path param when showing a link to file in a subfolder of a public link share + var link = parent.location.protocol+'//'+location.host+OC.linkTo('', 'public.php')+'?service=files&t='+token; + } $('#linkText').val(link); $('#linkText').show('blind'); $('#showPassword').show(); @@ -473,7 +487,7 @@ $(document).ready(function() { if (this.checked) { // Create a link OC.Share.share(itemType, itemSource, OC.Share.SHARE_TYPE_LINK, '', OC.PERMISSION_READ, function(data) { - OC.Share.showLink(data.token); + OC.Share.showLink(data.token, null, itemSource); OC.Share.updateIcon(itemType, itemSource); }); } else { diff --git a/lib/public/share.php b/lib/public/share.php index 2ded31a42e..653ea64fa6 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -689,7 +689,7 @@ class Share { if (($itemType == 'file' || $itemType == 'folder') && $format == \OC_Share_Backend_File::FORMAT_FILE_APP || $format == \OC_Share_Backend_File::FORMAT_FILE_APP_ROOT) { $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `uid_owner`, `share_type`, `share_with`, `file_source`, `path`, `file_target`, `permissions`, `expiration`, `name`, `ctime`, `mtime`, `mimetype`, `size`, `encrypted`, `versioned`, `writable`'; } else { - $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`, `file_source`, `path`, `file_target`, `permissions`, `stime`, `expiration`'; + $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`, `file_source`, `path`, `file_target`, `permissions`, `stime`, `expiration`, `token`'; } } else { $select = '*';