Make public link share page work with Webdav and add operations
The public page now uses the public.php/webdav endpoint. Also enabled more file operations like rename, move, delete and create folder from the public page, which are now all possible thanks to the public.php/webdav endpoint.
This commit is contained in:
parent
fa2be0750c
commit
f20232d4bd
|
@ -41,7 +41,6 @@ OCP\JSON::setContentTypeHeader('text/plain');
|
||||||
// If not, check the login.
|
// If not, check the login.
|
||||||
// If no token is sent along, rely on login only
|
// If no token is sent along, rely on login only
|
||||||
|
|
||||||
$allowedPermissions = \OCP\Constants::PERMISSION_ALL;
|
|
||||||
$errorCode = null;
|
$errorCode = null;
|
||||||
|
|
||||||
$l = \OC::$server->getL10N('files');
|
$l = \OC::$server->getL10N('files');
|
||||||
|
@ -60,8 +59,6 @@ if (empty($_POST['dirToken'])) {
|
||||||
|
|
||||||
\OC_User::setIncognitoMode(true);
|
\OC_User::setIncognitoMode(true);
|
||||||
|
|
||||||
// return only read permissions for public upload
|
|
||||||
$allowedPermissions = \OCP\Constants::PERMISSION_READ;
|
|
||||||
$publicDirectory = !empty($_POST['subdir']) ? (string)$_POST['subdir'] : '/';
|
$publicDirectory = !empty($_POST['subdir']) ? (string)$_POST['subdir'] : '/';
|
||||||
|
|
||||||
$linkItem = OCP\Share::getShareByToken((string)$_POST['dirToken']);
|
$linkItem = OCP\Share::getShareByToken((string)$_POST['dirToken']);
|
||||||
|
@ -207,7 +204,7 @@ if (\OC\Files\Filesystem::isValidPath($dir) === true) {
|
||||||
$data['originalname'] = $files['name'][$i];
|
$data['originalname'] = $files['name'][$i];
|
||||||
$data['uploadMaxFilesize'] = $maxUploadFileSize;
|
$data['uploadMaxFilesize'] = $maxUploadFileSize;
|
||||||
$data['maxHumanFilesize'] = $maxHumanFileSize;
|
$data['maxHumanFilesize'] = $maxHumanFileSize;
|
||||||
$data['permissions'] = $meta['permissions'] & $allowedPermissions;
|
$data['permissions'] = $meta['permissions'];
|
||||||
$data['directory'] = $returnedDir;
|
$data['directory'] = $returnedDir;
|
||||||
$result[] = $data;
|
$result[] = $data;
|
||||||
}
|
}
|
||||||
|
@ -234,7 +231,7 @@ if (\OC\Files\Filesystem::isValidPath($dir) === true) {
|
||||||
$data['originalname'] = $files['name'][$i];
|
$data['originalname'] = $files['name'][$i];
|
||||||
$data['uploadMaxFilesize'] = $maxUploadFileSize;
|
$data['uploadMaxFilesize'] = $maxUploadFileSize;
|
||||||
$data['maxHumanFilesize'] = $maxHumanFileSize;
|
$data['maxHumanFilesize'] = $maxHumanFileSize;
|
||||||
$data['permissions'] = $meta['permissions'] & $allowedPermissions;
|
$data['permissions'] = $meta['permissions'];
|
||||||
$data['directory'] = $returnedDir;
|
$data['directory'] = $returnedDir;
|
||||||
$result[] = $data;
|
$result[] = $data;
|
||||||
}
|
}
|
||||||
|
|
|
@ -207,7 +207,7 @@
|
||||||
*/
|
*/
|
||||||
lazyLoadPreview : function(path, mime, ready, width, height, etag) {
|
lazyLoadPreview : function(path, mime, ready, width, height, etag) {
|
||||||
console.warn('DEPRECATED: please use lazyLoadPreview() from an OCA.Files.FileList instance');
|
console.warn('DEPRECATED: please use lazyLoadPreview() from an OCA.Files.FileList instance');
|
||||||
return OCA.Files.App.fileList.lazyLoadPreview({
|
return FileList.lazyLoadPreview({
|
||||||
path: path,
|
path: path,
|
||||||
mime: mime,
|
mime: mime,
|
||||||
callback: ready,
|
callback: ready,
|
||||||
|
|
|
@ -1,16 +1,5 @@
|
||||||
<div id="controls">
|
<div id="controls">
|
||||||
<div class="actions creatable hidden">
|
<div class="actions creatable hidden">
|
||||||
<?php /*
|
|
||||||
Only show upload button for public page
|
|
||||||
*/ ?>
|
|
||||||
<?php if(isset($_['dirToken'])):?>
|
|
||||||
<div id="upload" class="button upload"
|
|
||||||
title="<?php isset($_['uploadMaxHumanFilesize']) ? p($l->t('Upload (max. %s)', array($_['uploadMaxHumanFilesize']))) : '' ?>">
|
|
||||||
<label for="file_upload_start" class="svg icon-upload">
|
|
||||||
<span class="hidden-visually"><?php p($l->t('Upload'))?></span>
|
|
||||||
</label>
|
|
||||||
</div>
|
|
||||||
<?php endif; ?>
|
|
||||||
<div id="uploadprogresswrapper">
|
<div id="uploadprogresswrapper">
|
||||||
<div id="uploadprogressbar"></div>
|
<div id="uploadprogressbar"></div>
|
||||||
<button class="stop icon-close" style="display:none">
|
<button class="stop icon-close" style="display:none">
|
||||||
|
|
|
@ -1,96 +0,0 @@
|
||||||
<?php
|
|
||||||
/**
|
|
||||||
* @author Joas Schilling <nickvergessen@owncloud.com>
|
|
||||||
* @author Lukas Reschke <lukas@owncloud.com>
|
|
||||||
* @author Morris Jobke <hey@morrisjobke.de>
|
|
||||||
* @author Roeland Jago Douma <rullzer@owncloud.com>
|
|
||||||
* @author Thomas Müller <thomas.mueller@tmit.eu>
|
|
||||||
* @author Vincent Petry <pvince81@owncloud.com>
|
|
||||||
*
|
|
||||||
* @copyright Copyright (c) 2015, ownCloud, Inc.
|
|
||||||
* @license AGPL-3.0
|
|
||||||
*
|
|
||||||
* This code is free software: you can redistribute it and/or modify
|
|
||||||
* it under the terms of the GNU Affero General Public License, version 3,
|
|
||||||
* as published by the Free Software Foundation.
|
|
||||||
*
|
|
||||||
* This program is distributed in the hope that it will be useful,
|
|
||||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
* GNU Affero General Public License for more details.
|
|
||||||
*
|
|
||||||
* You should have received a copy of the GNU Affero General Public License, version 3,
|
|
||||||
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
OCP\JSON::checkAppEnabled('files_sharing');
|
|
||||||
|
|
||||||
if(!isset($_GET['t'])){
|
|
||||||
\OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST);
|
|
||||||
\OCP\Util::writeLog('core-preview', 'No token parameter was passed', \OCP\Util::DEBUG);
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
$token = $_GET['t'];
|
|
||||||
|
|
||||||
$password = null;
|
|
||||||
if (isset($_POST['password'])) {
|
|
||||||
$password = $_POST['password'];
|
|
||||||
}
|
|
||||||
|
|
||||||
$relativePath = null;
|
|
||||||
if (isset($_GET['dir'])) {
|
|
||||||
$relativePath = $_GET['dir'];
|
|
||||||
}
|
|
||||||
|
|
||||||
$sortAttribute = isset( $_GET['sort'] ) ? $_GET['sort'] : 'name';
|
|
||||||
$sortDirection = isset( $_GET['sortdirection'] ) ? ($_GET['sortdirection'] === 'desc') : false;
|
|
||||||
|
|
||||||
$data = \OCA\Files_Sharing\Helper::setupFromToken($token, $relativePath, $password);
|
|
||||||
|
|
||||||
$linkItem = $data['linkItem'];
|
|
||||||
// Load the files
|
|
||||||
$dir = $data['realPath'];
|
|
||||||
|
|
||||||
$dir = \OC\Files\Filesystem::normalizePath($dir);
|
|
||||||
if (!\OC\Files\Filesystem::is_dir($dir . '/')) {
|
|
||||||
\OC_Response::setStatus(\OC_Response::STATUS_NOT_FOUND);
|
|
||||||
\OCP\JSON::error(array('success' => false));
|
|
||||||
exit();
|
|
||||||
}
|
|
||||||
|
|
||||||
$data = array();
|
|
||||||
|
|
||||||
// make filelist
|
|
||||||
$files = \OCA\Files\Helper::getFiles($dir, $sortAttribute, $sortDirection);
|
|
||||||
|
|
||||||
$formattedFiles = array();
|
|
||||||
foreach ($files as $file) {
|
|
||||||
$entry = \OCA\Files\Helper::formatFileInfo($file);
|
|
||||||
// for now
|
|
||||||
unset($entry['directory']);
|
|
||||||
// do not disclose share owner
|
|
||||||
unset($entry['shareOwner']);
|
|
||||||
// do not disclose if something is a remote shares
|
|
||||||
unset($entry['mountType']);
|
|
||||||
unset($entry['icon']);
|
|
||||||
$entry['permissions'] = \OCP\Constants::PERMISSION_READ;
|
|
||||||
$formattedFiles[] = $entry;
|
|
||||||
}
|
|
||||||
|
|
||||||
$data['directory'] = $relativePath;
|
|
||||||
$data['files'] = $formattedFiles;
|
|
||||||
$data['dirToken'] = $linkItem['token'];
|
|
||||||
|
|
||||||
$permissions = $linkItem['permissions'];
|
|
||||||
|
|
||||||
// if globally disabled
|
|
||||||
if (\OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes') === 'no') {
|
|
||||||
// only allow reading
|
|
||||||
$permissions = \OCP\Constants::PERMISSION_READ;
|
|
||||||
}
|
|
||||||
|
|
||||||
$data['permissions'] = $permissions;
|
|
||||||
|
|
||||||
OCP\JSON::success(array('data' => $data));
|
|
|
@ -48,8 +48,20 @@ OCA.Sharing.PublicApp = {
|
||||||
this._initialized = true;
|
this._initialized = true;
|
||||||
this.initialDir = $('#dir').val();
|
this.initialDir = $('#dir').val();
|
||||||
|
|
||||||
|
var token = $('#sharingToken').val();
|
||||||
|
|
||||||
// file list mode ?
|
// file list mode ?
|
||||||
if ($el.find('#filestable').length) {
|
if ($el.find('#filestable').length) {
|
||||||
|
var filesClient = new OC.Files.Client({
|
||||||
|
host: OC.getHost(),
|
||||||
|
port: OC.getPort(),
|
||||||
|
userName: token,
|
||||||
|
// note: password not be required, the endpoint
|
||||||
|
// will recognize previous validation from the session
|
||||||
|
root: OC.getRootPath() + '/public.php/webdav',
|
||||||
|
useHTTPS: OC.getProtocol() === 'https'
|
||||||
|
});
|
||||||
|
|
||||||
this.fileList = new OCA.Files.FileList(
|
this.fileList = new OCA.Files.FileList(
|
||||||
$el,
|
$el,
|
||||||
{
|
{
|
||||||
|
@ -58,7 +70,8 @@ OCA.Sharing.PublicApp = {
|
||||||
dragOptions: dragOptions,
|
dragOptions: dragOptions,
|
||||||
folderDropOptions: folderDropOptions,
|
folderDropOptions: folderDropOptions,
|
||||||
fileActions: fileActions,
|
fileActions: fileActions,
|
||||||
detailsViewEnabled: false
|
detailsViewEnabled: false,
|
||||||
|
filesClient: filesClient
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
this.files = OCA.Files.Files;
|
this.files = OCA.Files.Files;
|
||||||
|
@ -88,7 +101,6 @@ OCA.Sharing.PublicApp = {
|
||||||
|
|
||||||
|
|
||||||
// dynamically load image previews
|
// dynamically load image previews
|
||||||
var token = $('#sharingToken').val();
|
|
||||||
var bottomMargin = 350;
|
var bottomMargin = 350;
|
||||||
var previewWidth = Math.ceil($(window).width() * window.devicePixelRatio);
|
var previewWidth = Math.ceil($(window).width() * window.devicePixelRatio);
|
||||||
var previewHeight = Math.ceil(($(window).height() - bottomMargin) * window.devicePixelRatio);
|
var previewHeight = Math.ceil(($(window).height() - bottomMargin) * window.devicePixelRatio);
|
||||||
|
|
|
@ -21,11 +21,14 @@
|
||||||
|
|
||||||
describe('OCA.Sharing.PublicApp tests', function() {
|
describe('OCA.Sharing.PublicApp tests', function() {
|
||||||
var App = OCA.Sharing.PublicApp;
|
var App = OCA.Sharing.PublicApp;
|
||||||
|
var hostStub, portStub, protocolStub, webrootStub;
|
||||||
var $preview;
|
var $preview;
|
||||||
var fileListIn;
|
|
||||||
var fileListOut;
|
|
||||||
|
|
||||||
beforeEach(function() {
|
beforeEach(function() {
|
||||||
|
protocolStub = sinon.stub(OC, 'getProtocol').returns('https');
|
||||||
|
hostStub = sinon.stub(OC, 'getHost').returns('example.com');
|
||||||
|
portStub = sinon.stub(OC, 'getPort').returns(8080);
|
||||||
|
webrootStub = sinon.stub(OC, 'getRootPath').returns('/owncloud');
|
||||||
$preview = $('<div id="preview"></div>');
|
$preview = $('<div id="preview"></div>');
|
||||||
$('#testArea').append($preview);
|
$('#testArea').append($preview);
|
||||||
$preview.append(
|
$preview.append(
|
||||||
|
@ -35,6 +38,13 @@ describe('OCA.Sharing.PublicApp tests', function() {
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
afterEach(function() {
|
||||||
|
protocolStub.restore();
|
||||||
|
hostStub.restore();
|
||||||
|
portStub.restore();
|
||||||
|
webrootStub.restore();
|
||||||
|
});
|
||||||
|
|
||||||
describe('File list', function() {
|
describe('File list', function() {
|
||||||
// TODO: this should be moved to a separate file once the PublicFileList is extracted from public.js
|
// TODO: this should be moved to a separate file once the PublicFileList is extracted from public.js
|
||||||
beforeEach(function() {
|
beforeEach(function() {
|
||||||
|
@ -78,6 +88,12 @@ describe('OCA.Sharing.PublicApp tests', function() {
|
||||||
App._initialized = false;
|
App._initialized = false;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('Uses public webdav endpoint', function() {
|
||||||
|
expect(fakeServer.requests.length).toEqual(1);
|
||||||
|
expect(fakeServer.requests[0].method).toEqual('PROPFIND');
|
||||||
|
expect(fakeServer.requests[0].url).toEqual('https://sh4tok@example.com:8080/owncloud/public.php/webdav/subdir');
|
||||||
|
});
|
||||||
|
|
||||||
describe('Download Url', function() {
|
describe('Download Url', function() {
|
||||||
var fileList;
|
var fileList;
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue