diff options
author | Morris Jobke <hey@morrisjobke.de> | 2017-09-27 23:27:54 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-09-27 23:27:54 +0200 |
commit | 5f25dd7095fadccb7458dbe09c048fbf6645552d (patch) | |
tree | 914341bb1e74a13e0ebaa113192982e4bbe162d9 /apps/files_sharing | |
parent | 72889e57ca64f058f7cf206ac95cf6c0907ed771 (diff) | |
parent | 4077f684e137774f48cb1f575bc8a7bfd862c78b (diff) | |
download | nextcloud-server-5f25dd7095fadccb7458dbe09c048fbf6645552d.tar.gz nextcloud-server-5f25dd7095fadccb7458dbe09c048fbf6645552d.zip |
Merge pull request #6599 from nextcloud/fix_2523
Add direct preview link
Diffstat (limited to 'apps/files_sharing')
4 files changed, 55 insertions, 2 deletions
diff --git a/apps/files_sharing/lib/Controller/PublicPreviewController.php b/apps/files_sharing/lib/Controller/PublicPreviewController.php index 49e48993f5c..56d8d94534f 100644 --- a/apps/files_sharing/lib/Controller/PublicPreviewController.php +++ b/apps/files_sharing/lib/Controller/PublicPreviewController.php @@ -101,4 +101,51 @@ class PublicPreviewController extends Controller { return new DataResponse([], Http::STATUS_BAD_REQUEST); } } + + /** + * @PublicPage + * @NoCSRFRequired + * @NoSameSiteCookieRequired + * + * @param $token + * @return DataResponse|FileDisplayResponse + */ + public function directLink($token) { + // No token no image + if ($token === '') { + return new DataResponse([], Http::STATUS_BAD_REQUEST); + } + + // No share no image + try { + $share = $this->shareManager->getShareByToken($token); + } catch (ShareNotFound $e) { + return new DataResponse([], Http::STATUS_NOT_FOUND); + } + + // No permissions no image + if (($share->getPermissions() & Constants::PERMISSION_READ) === 0) { + return new DataResponse([], Http::STATUS_FORBIDDEN); + } + + // Password protected shares have no direct link! + if ($share->getPassword() !== null) { + return new DataResponse([], Http::STATUS_FORBIDDEN); + } + + try { + $node = $share->getNode(); + if ($node instanceof Folder) { + // Direct link only works for single files + return new DataResponse([], Http::STATUS_BAD_REQUEST); + } + + $f = $this->previewManager->getPreview($node, -1, -1, false); + return new FileDisplayResponse($f, Http::STATUS_OK, ['Content-Type' => $f->getMimeType()]); + } catch (NotFoundException $e) { + return new DataResponse([], Http::STATUS_NOT_FOUND); + } catch (\InvalidArgumentException $e) { + return new DataResponse([], Http::STATUS_BAD_REQUEST); + } + } } diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php index 14fc8d63381..a7cf1a78971 100644 --- a/apps/files_sharing/lib/Controller/ShareController.php +++ b/apps/files_sharing/lib/Controller/ShareController.php @@ -372,9 +372,14 @@ class ShareController extends Controller { $shareTmpl['previewMaxX'] = $this->config->getSystemValue('preview_max_x', 1024); $shareTmpl['previewMaxY'] = $this->config->getSystemValue('preview_max_y', 1024); $shareTmpl['disclaimer'] = $this->config->getAppValue('core', 'shareapi_public_link_disclaimertext', null); + $shareTmpl['previewURL'] = $shareTmpl['downloadURL']; if ($shareTmpl['previewSupported']) { $shareTmpl['previewImage'] = $this->urlGenerator->linkToRouteAbsolute( 'files_sharing.PublicPreview.getPreview', ['x' => 200, 'y' => 200, 'file' => $shareTmpl['directory_path'], 't' => $shareTmpl['dirToken']]); + // We just have direct previews for image files + if ($share->getNode()->getMimePart() === 'image') { + $shareTmpl['previewURL'] = $this->urlGenerator->linkToRouteAbsolute('files_sharing.publicpreview.directLink', ['token' => $token]); + } } else { $shareTmpl['previewImage'] = $this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'favicon-fb.png')); } diff --git a/apps/files_sharing/templates/public.php b/apps/files_sharing/templates/public.php index a593e596dfb..8bbb53fa4e0 100644 --- a/apps/files_sharing/templates/public.php +++ b/apps/files_sharing/templates/public.php @@ -92,7 +92,7 @@ $maxUploadFilesize = min($upload_max_filesize, $post_max_size); </div> <div class="directLink"> <label for="directLink"><?php p($l->t('Direct link')) ?></label> - <input id="directLink" type="text" readonly value="<?php p($_['downloadURL']); ?>"> + <input id="directLink" type="text" readonly value="<?php p($_['previewURL']); ?>"> </div> <?php endif; ?> </div> diff --git a/apps/files_sharing/tests/Controller/ShareControllerTest.php b/apps/files_sharing/tests/Controller/ShareControllerTest.php index 62adca53f4c..7a017b5e3b7 100644 --- a/apps/files_sharing/tests/Controller/ShareControllerTest.php +++ b/apps/files_sharing/tests/Controller/ShareControllerTest.php @@ -396,7 +396,8 @@ class ShareControllerTest extends \Test\TestCase { 'shareOwner' => 'ownerDisplay', 'disclaimer' => 'My disclaimer text', 'shareUrl' => null, - 'previewImage' => null + 'previewImage' => null, + 'previewURL' => null, ); $csp = new \OCP\AppFramework\Http\ContentSecurityPolicy(); |