Public upload feature

author: Roman Geber <rgeber@owncloudapps.com> 2013-06-25 12:24:14 +0200
committer: Roman Geber <rgeber@owncloudapps.com> 2013-06-25 12:24:14 +0200
commit: ddb0ff346d3d8063f88fdba8749e098a81b92d54 (patch)
tree: 69004e69ed8ca2537d1029d9729d112feb6b5c20 /apps/files
parent: c3b8f2bf64ef7b6cbdabb382b1c0a721bddb4041 (diff)
download: nextcloud-server-ddb0ff346d3d8063f88fdba8749e098a81b92d54.tar.gz
nextcloud-server-ddb0ff346d3d8063f88fdba8749e098a81b92d54.zip
5 files changed, 66 insertions, 160 deletions
diff --git a/apps/files/ajax/upload.php b/apps/files/ajax/upload.php
index e1263744e1b..12db682c1e2 100644
--- a/apps/files/ajax/upload.php
+++ b/apps/files/ajax/upload.php
@@ -1,17 +1,53 @@
 <?php
 
-// Init owncloud
-
-
 // Firefox and Konqueror tries to download application/json for me.  --Arthur
 OCP\JSON::setContentTypeHeader('text/plain');
 
-OCP\JSON::checkLoggedIn();
-OCP\JSON::callCheck();
+// If a directory token is sent along check if public upload is permitted.
+// If not, check the login.
+// If no token is sent along, rely on login only
+
 $l = OC_L10N::get('files');
+if (!$_POST['dirToken']) {
+  // The standard case, files are uploaded through logged in users :)
+  OCP\JSON::checkLoggedIn();
+  $dir = isset($_POST['dir']) ? $_POST['dir'] : "";
+  if (!$dir || empty($dir) || $dir === false) {
+    OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
+    die();
+  }
+} else {
+  $linkItem = OCP\Share::getShareByToken($_POST['dirToken']);
+
+  if ($linkItem === false) {
+    OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Invalid Token')))));
+    die();
+  }
+
+  if (!($linkItem['permissions'] & OCP\PERMISSION_CREATE)) {
+    OCP\JSON::checkLoggedIn();
+  } else {
+
+    // The token defines the target directory (security reasons)
+    $dir = sprintf(
+      "/%s/%s",
+      $linkItem['file_target'],
+      isset($_POST['subdir']) ? $_POST['subdir'] : ''
+    );
+
+    if (!$dir || empty($dir) || $dir === false) {
+      OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
+      die();
+    }
+    // Setup FS with owner
+    OC_Util::setupFS($linkItem['uid_owner']);
+  }
+}
+
+
+OCP\JSON::callCheck();
 
 
-$dir = $_POST['dir'];
 // get array with current storage stats (e.g. max file size)
 $storageStats = \OCA\files\lib\Helper::buildFileStorageStatistics($dir);
 
diff --git a/apps/files/index.php b/apps/files/index.php
index 20fbf7f93be..640c28c0075 100644
--- a/apps/files/index.php
+++ b/apps/files/index.php
@@ -26,6 +26,7 @@ OCP\User::checkLoggedIn();
 
 // Load the files we need
 OCP\Util::addStyle('files', 'files');
+OCP\Util::addscript('files', 'file-upload');
 OCP\Util::addscript('files', 'jquery.iframe-transport');
 OCP\Util::addscript('files', 'jquery.fileupload');
 OCP\Util::addscript('files', 'jquery-visibility');
@@ -137,4 +138,4 @@ if ($needUpgrade) {
 	$tmpl->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true)));
 	$tmpl->assign('usedSpacePercent', (int)$storageInfo['relative']);
 	$tmpl->printPage();
-}
-\ No newline at end of file
+}
diff --git a/apps/files/js/filelist.js b/apps/files/js/filelist.js
index e19a35bbc5b..f4ca098eed1 100644
--- a/apps/files/js/filelist.js
+++ b/apps/files/js/filelist.js
@@ -71,8 +71,20 @@ var FileList={
 		tr.append(td);
 		return tr;
 	},
-	addFile:function(name,size,lastModified,loading,hidden){
+	addFile:function(name,size,lastModified,loading,hidden,param){
 		var imgurl;
+
+		if (!param) {
+			param = {};
+		}
+
+		var download_url = null;
+		if (!param.download_url) {
+			download_url = OC.Router.generate('download', { file: $('#dir').val()+'/'+name });
+		} else {
+			download_url = param.download_url;
+		}
+
 		if (loading) {
 			imgurl = OC.imagePath('core', 'loading.gif');
 		} else {
@@ -82,7 +94,7 @@ var FileList={
 			'file',
 			name,
 			imgurl,
-			OC.Router.generate('download', { file: $('#dir').val()+'/'+name }),
+			download_url,
 			size,
 			lastModified,
 			$('#permissions').val()
@@ -197,7 +209,7 @@ var FileList={
 			len = input.val().length;
 		}
 		input.selectRange(0,len);
-		
+
 		form.submit(function(event){
 			event.stopPropagation();
 			event.preventDefault();
@@ -423,8 +435,12 @@ $(document).ready(function(){
 					size=data.files[0].size;
 				}
 				var date=new Date();
+				var param = {};
+				if ($('#publicUploadRequestToken')) {
+					param.download_url = document.location.href + '&download&path=/' + $('#dir').val() + '/' + uniqueName;
+				}
 				// create new file context
-				data.context = FileList.addFile(uniqueName,size,date,true,false);
+				data.context = FileList.addFile(uniqueName,size,date,true,false,param);
 
 			}
 		}
diff --git a/apps/files/js/files.js b/apps/files/js/files.js
index 3438c1c30a1..51b3f31fb96 100644
--- a/apps/files/js/files.js
+++ b/apps/files/js/files.js
@@ -251,153 +251,6 @@ $(document).ready(function() {
 			e.preventDefault(); // prevent browser from doing anything, if file isn't dropped in dropZone
 	});
 
-	if ( document.getElementById('data-upload-form') ) {
-		$(function() {
-			$('#file_upload_start').fileupload({
-				dropZone: $('#content'), // restrict dropZone to content div
-				//singleFileUploads is on by default, so the data.files array will always have length 1
-				add: function(e, data) {
-
-					if(data.files[0].type === '' && data.files[0].size == 4096)
-					{
-						data.textStatus = 'dirorzero';
-						data.errorThrown = t('files','Unable to upload your file as it is a directory or has 0 bytes');
-						var fu = $(this).data('blueimp-fileupload') || $(this).data('fileupload');
-						fu._trigger('fail', e, data);
-						return true; //don't upload this file but go on with next in queue
-					}
-
-					var totalSize=0;
-					$.each(data.originalFiles, function(i,file){
-						totalSize+=file.size;
-					});
-
-					if(totalSize>$('#max_upload').val()){
-						data.textStatus = 'notenoughspace';
-						data.errorThrown = t('files','Not enough space available');
-						var fu = $(this).data('blueimp-fileupload') || $(this).data('fileupload');
-						fu._trigger('fail', e, data);
-						return false; //don't upload anything
-					}
-
-					// start the actual file upload
-					var jqXHR = data.submit();
-
-					// remember jqXHR to show warning to user when he navigates away but an upload is still in progress
-					if (typeof data.context !== 'undefined' && data.context.data('type') === 'dir') {
-						var dirName = data.context.data('file');
-						if(typeof uploadingFiles[dirName] === 'undefined') {
-							uploadingFiles[dirName] = {};
-						}
-						uploadingFiles[dirName][data.files[0].name] = jqXHR;
-					} else {
-						uploadingFiles[data.files[0].name] = jqXHR;
-					}
-
-					//show cancel button
-					if($('html.lte9').length === 0 && data.dataType !== 'iframe') {
-						$('#uploadprogresswrapper input.stop').show();
-					}
-				},
-				/**
-				 * called after the first add, does NOT have the data param
-				 * @param e
-				 */
-				start: function(e) {
-					//IE < 10 does not fire the necessary events for the progress bar.
-					if($('html.lte9').length > 0) {
-						return;
-					}
-					$('#uploadprogressbar').progressbar({value:0});
-					$('#uploadprogressbar').fadeIn();
-				},
-				fail: function(e, data) {
-					if (typeof data.textStatus !== 'undefined' && data.textStatus !== 'success' ) {
-						if (data.textStatus === 'abort') {
-							$('#notification').text(t('files', 'Upload cancelled.'));
-						} else {
-							// HTTP connection problem
-							$('#notification').text(data.errorThrown);
-						}
-						$('#notification').fadeIn();
-						//hide notification after 5 sec
-						setTimeout(function() {
-							$('#notification').fadeOut();
-						}, 5000);
-					}
-					delete uploadingFiles[data.files[0].name];
-				},
-				progress: function(e, data) {
-					// TODO: show nice progress bar in file row
-				},
-				progressall: function(e, data) {
-					//IE < 10 does not fire the necessary events for the progress bar.
-					if($('html.lte9').length > 0) {
-						return;
-					}
-					var progress = (data.loaded/data.total)*100;
-					$('#uploadprogressbar').progressbar('value',progress);
-				},
-				/**
-				 * called for every successful upload
-				 * @param e
-				 * @param data
-				 */
-				done:function(e, data) {
-					// handle different responses (json or body from iframe for ie)
-					var response;
-					if (typeof data.result === 'string') {
-						response = data.result;
-					} else {
-						//fetch response from iframe
-						response = data.result[0].body.innerText;
-					}
-					var result=$.parseJSON(response);
-
-					if(typeof result[0] !== 'undefined' && result[0].status === 'success') {
-						var file = result[0];
-					} else {
-						data.textStatus = 'servererror';
-						data.errorThrown = t('files', result.data.message);
-						var fu = $(this).data('blueimp-fileupload') || $(this).data('fileupload');
-						fu._trigger('fail', e, data);
-					}
-
-					var filename = result[0].originalname;
-
-					// delete jqXHR reference
-					if (typeof data.context !== 'undefined' && data.context.data('type') === 'dir') {
-						var dirName = data.context.data('file');
-						delete uploadingFiles[dirName][filename];
-						if ($.assocArraySize(uploadingFiles[dirName]) == 0) {
-							delete uploadingFiles[dirName];
-						}
-					} else {
-						delete uploadingFiles[filename];
-					}
-
-				},
-				/**
-				 * called after last upload
-				 * @param e
-				 * @param data
-				 */
-				stop: function(e, data) {
-					if(data.dataType !== 'iframe') {
-						$('#uploadprogresswrapper input.stop').hide();
-					}
-
-					//IE < 10 does not fire the necessary events for the progress bar.
-					if($('html.lte9').length > 0) {
-						return;
-					}
-
-					$('#uploadprogressbar').progressbar('value',100);
-					$('#uploadprogressbar').fadeOut();
-				}
-			})
-		});
-	}
 	$.assocArraySize = function(obj) {
 		// http://stackoverflow.com/a/6700/11236
 		var size = 0, key;
@@ -804,7 +657,7 @@ var dragOptions={
 // sane browsers support using the distance option
 if ( $('html.ie').length === 0) {
 	dragOptions['distance'] = 20;
-} 
+}
 
 var folderDropOptions={
 	drop: function( event, ui ) {
diff --git a/apps/files/templates/index.php b/apps/files/templates/index.php
index b576253f4f0..b9119f2cb62 100644
--- a/apps/files/templates/index.php
+++ b/apps/files/templates/index.php
@@ -50,7 +50,7 @@
 			</div>
 		</div>
 		<div id="file_action_panel"></div>
-	<?php else:?>
+	<?php elseif( !$_['isPublic'] ):?>
 		<div class="actions"><input type="button" disabled value="<?php p($l->t('You don’t have write permissions here.'))?>"></div>
 		<input type="hidden" name="dir" value="<?php p($_['dir']) ?>" id="dir">
 	<?php endif;?>
author	Roman Geber <rgeber@owncloudapps.com>	2013-06-25 12:24:14 +0200
committer	Roman Geber <rgeber@owncloudapps.com>	2013-06-25 12:24:14 +0200
commit	ddb0ff346d3d8063f88fdba8749e098a81b92d54 (patch)
tree	69004e69ed8ca2537d1029d9729d112feb6b5c20 /apps/files
parent	c3b8f2bf64ef7b6cbdabb382b1c0a721bddb4041 (diff)
download	nextcloud-server-ddb0ff346d3d8063f88fdba8749e098a81b92d54.tar.gz nextcloud-server-ddb0ff346d3d8063f88fdba8749e098a81b92d54.zip