kondou
9 년 전
+ 4
- 0
apps/files_sharing/public.php
파일 보기
| @@ -13,8 +13,12 @@ if ($appConfig->getValue('core', 'shareapi_allow_links', 'yes') !== 'yes') { | |||
| exit(); | |||
| } | |||
| // Legacy sharing links via public.php have the token in $GET['t'] | |||
| if (isset($_GET['t'])) { | |||
| $token = $_GET['t']; | |||
| } | |||
| if (isset($token)) { | |||
| $linkItem = OCP\Share::getShareByToken($token, false); | |||
| if (is_array($linkItem) && isset($linkItem['uid_owner'])) { | |||
| // seems to be a valid share | |||
+ 12
- 0
config/config.sample.php
파일 보기
| @@ -201,6 +201,18 @@ $CONFIG = array( | |||
| /* Whether ownCloud should log the last successfull cron exec */ | |||
| "cron_log" => true, | |||
| /* | |||
| * Length of sharing tokens and the resulting links. | |||
| * This value defines how many possible sharing links there are, choosing a low value like 1 will make it easy to guess | |||
| * sharing links and will also limit the maximum number of shares. Behaviour after all tokens are used is undefined and | |||
| * may result in breakage. | |||
| * 1: Length of 4. Maximum of 65536 tokens. Links may look like this: example.com/s/1ekf | |||
| * 2: Length of 8. Maximum of 2^32 tokens. Links may look like this: example.com/s/1z141z3 | |||
| * 3: (Default) Length of 16. Maximum of 2^64 tokens. Links may look like this: example.com/s/3w5e11264sgsf | |||
| * 4: (Old default, but base36) Length of 32. Maximum of 2^128 tokens. Links may look like this: example.com/s/f5lxx1zz5pnorynqglhzmsp33 | |||
| */ | |||
| "sharing_token_length" => 3, | |||
| /* | |||
| * Configure the size in bytes log rotation should happen, 0 or false disables the rotation. | |||
| * This rotates the current owncloud logfile to a new name, this way the total log usage | |||
+ 0
- 2
core/ajax/share.php
파일 보기
| @@ -46,8 +46,6 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo | |||
| (!empty($_POST['expirationDate']) ? new \DateTime($_POST['expirationDate']) : null) | |||
| ); | |||
| $token = base_convert($token, 16, 36); | |||
| if (is_string($token)) { | |||
| OC_JSON::success(array('data' => array('token' => $token))); | |||
| } else { | |||
+ 1
- 0
core/js/js.js
파일 보기
| @@ -246,6 +246,7 @@ var OC={ | |||
| url = '/' + url; | |||
| } | |||
| // TODO save somewhere whether the webserver is able to skip the index.php to have shorter links (e.g. for sharing) | |||
| return OC.webroot + '/index.php' + _build(url, params); | |||
| }, | |||
+ 1
- 3
core/js/share.js
파일 보기
| @@ -663,8 +663,6 @@ OC.Share={ | |||
| // TODO: use oc webroot ? | |||
| var link = parent.location.protocol+'//'+location.host+OC.linkTo('', 'public.php')+'?service=files&'+type+'='+encodeURIComponent(file); | |||
| } else { | |||
| // convert the token to base36 | |||
| //token = parseInt(token, 16).toString(36); | |||
| //TODO add path param when showing a link to file in a subfolder of a public link share | |||
| var service=''; | |||
| if(linkSharetype === 'folder' || linkSharetype === 'file'){ | |||
| @@ -677,7 +675,7 @@ OC.Share={ | |||
| if (service !== 'files') { | |||
| var link = parent.location.protocol+'//'+location.host+OC.linkTo('', 'public.php')+'?service='+service+'&t='+token; | |||
| } else { | |||
| var link = parent.location.protocol+'//'+location.host+OC.linkTo('', 's.php')+'?t='+token; | |||
| var link = parent.location.protocol+'//'+location.host+OC.generateUrl('/s/')+token; | |||
| } | |||
| } | |||
| $('#linkText').val(link); | |||
+ 3
- 3
core/js/tests/specs/shareSpec.js
파일 보기
| @@ -151,7 +151,7 @@ describe('OC.Share tests', function() { | |||
| expect($('#dropdown #linkCheckbox').prop('checked')).toEqual(true); | |||
| // this is how the OC.Share class does it... | |||
| var link = parent.location.protocol + '//' + location.host + | |||
| OC.linkTo('', 'public.php')+'?service=files&t=tehtoken'; | |||
| OC.generateUrl('/s/') + 'tehtoken'; | |||
| expect($('#dropdown #linkText').val()).toEqual(link); | |||
| }); | |||
| it('does not show populated link share when a link share exists for a different file', function() { | |||
| @@ -243,7 +243,7 @@ describe('OC.Share tests', function() { | |||
| expect($('#dropdown #linkCheckbox').prop('checked')).toEqual(true); | |||
| // this is how the OC.Share class does it... | |||
| var link = parent.location.protocol + '//' + location.host + | |||
| OC.linkTo('', 'public.php')+'?service=files&t=tehtoken'; | |||
| OC.generateUrl('/s/') + 'tehtoken'; | |||
| expect($('#dropdown #linkText').val()).toEqual(link); | |||
| // nested one | |||
| @@ -258,7 +258,7 @@ describe('OC.Share tests', function() { | |||
| expect($('#dropdown #linkCheckbox').prop('checked')).toEqual(true); | |||
| // this is how the OC.Share class does it... | |||
| link = parent.location.protocol + '//' + location.host + | |||
| OC.linkTo('', 'public.php')+'?service=files&t=anothertoken'; | |||
| OC.generateUrl('/s/') + 'anothertoken'; | |||
| expect($('#dropdown #linkText').val()).toEqual(link); | |||
| }); | |||
| describe('expiration date', function() { | |||
+ 5
- 0
core/routes.php
파일 보기
| @@ -100,6 +100,11 @@ $this->create('core_avatar_post_cropped', '/avatar/cropped') | |||
| ->post() | |||
| ->action('OC\Core\Avatar\Controller', 'postCroppedAvatar'); | |||
| // Sharing routes | |||
| $this->create('core_share_show_share', '/s/{token}') | |||
| ->get() | |||
| ->action('OC\Core\Share\Controller', 'showShare'); | |||
| // used for heartbeat | |||
| $this->create('heartbeat', '/heartbeat')->action(function(){ | |||
| // do nothing | |||
+ 23
- 0
core/share/controller.php
파일 보기
| @@ -0,0 +1,23 @@ | |||
| <?php | |||
| /** | |||
| * Copyright (c) 2014 Christopher Schäpers <christopher@schaepers.it> | |||
| * This file is licensed under the Affero General Public License version 3 or | |||
| * later. | |||
| * See the COPYING-README file. | |||
| */ | |||
| namespace OC\Core\Share; | |||
| class Controller { | |||
| public static function showShare($args) { | |||
| \OC_Util::checkAppEnabled('files_sharing'); | |||
| $token = $args['token']; | |||
| \OC_App::loadApp('files_sharing'); | |||
| \OC_User::setIncognitoMode(true); | |||
| require_once \OC_App::getAppPath('files_sharing') .'/public.php'; | |||
| } | |||
| } | |||
| ?> | |||
+ 0
- 2
lib/private/share/constants.php
파일 보기
| @@ -34,8 +34,6 @@ class Constants { | |||
| const FORMAT_STATUSES = -2; | |||
| const FORMAT_SOURCES = -3; // ToDo Check if it is still in use otherwise remove it | |||
| const TOKEN_LENGTH = 16; // old length is 32, thus 32 in db_structure.xml | |||
| protected static $shareTypeUserAndGroups = -1; | |||
| protected static $shareTypeGroupUserUnique = 2; | |||
| protected static $backends = array(); | |||
+ 20
- 1
lib/private/share/share.php
파일 보기
| @@ -640,7 +640,26 @@ class Share extends \OC\Share\Constants { | |||
| if (isset($oldToken)) { | |||
| $token = $oldToken; | |||
| } else { | |||
| $token = \OC_Util::generateRandomBytes(self::TOKEN_LENGTH); | |||
| // Determine how long the token should be | |||
| switch (\OC_Config::getValue("sharing_token_length", 3)) { | |||
| case 1: | |||
| $tokenLength = 4; | |||
| break; | |||
| case 2: | |||
| $tokenLength = 8; | |||
| break; | |||
| // Default is 3, so skip the 3 block | |||
| case 4: | |||
| $tokenLength = 32; | |||
| break; | |||
| // Anything other than 1-4 should be default 3 | |||
| default: | |||
| $tokenLength = 16; | |||
| break; | |||
| } | |||
| $token = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate($tokenLength, | |||
| \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS | |||
| ); | |||
| } | |||
| $result = self::put($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions, | |||
| null, $token, $itemSourceName, $expirationDate); | |||
+ 0
- 2
public.php
파일 보기
| @@ -36,8 +36,6 @@ try { | |||
| \OC::$REQUESTEDAPP = $app; | |||
| OC_App::loadApps(array('authentication')); | |||
| OC_App::loadApps(array('filesystem', 'logging')); | |||
| print_r($_GET); | |||
| print_r($parts); | |||
| OC_Util::checkAppEnabled($app); | |||
| OC_App::loadApp($app); | |||
+ 0
- 41
s.php
파일 보기
| @@ -1,41 +0,0 @@ | |||
| <?php | |||
| try { | |||
| require_once 'lib/base.php'; | |||
| OC::checkMaintenanceMode(); | |||
| OC::checkSingleUserMode(); | |||
| $file = OCP\CONFIG::getAppValue('core', 'public_files'); | |||
| if(is_null($file)) { | |||
| header('HTTP/1.0 404 Not Found'); | |||
| exit; | |||
| } | |||
| // convert the token to hex, if it's base36 | |||
| if (strlen((string)$_GET['t']) != 16 && strlen((string)$_GET['t']) != 32) { | |||
| $_GET['t'] = base_convert($_GET['t'], 36, 16); | |||
| // the token should have leading zeroes and needs to be padded | |||
| if (strlen((string)$_GET['t']) != 16) { | |||
| $padding = ''; | |||
| for ($i = 0; $i < (16 - strlen((string)$_GET['t'])); $i++) { | |||
| $padding .= '0'; | |||
| } | |||
| $_GET['t'] = $padding . $_GET['t']; | |||
| } | |||
| } | |||
| print($_GET['t']); | |||
| OC_Util::checkAppEnabled('files_sharing'); | |||
| OC_App::loadApp('files_sharing'); | |||
| OC_User::setIncognitoMode(true); | |||
| require_once OC_App::getAppPath('files_sharing') .'/public.php'; | |||
| } catch (Exception $ex) { | |||
| //show the user a detailed error page | |||
| OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR); | |||
| \OCP\Util::writeLog('remote', $ex->getMessage(), \OCP\Util::FATAL); | |||
| OC_Template::printExceptionErrorPage($ex); | |||
| } | |||
Loading…