aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--apps/files/js/fileactions.js24
-rw-r--r--apps/files/js/filelist.js9
-rw-r--r--lib/private/AppFramework/Middleware/Security/CORSMiddleware.php4
-rw-r--r--lib/public/AppFramework/OCSController.php2
4 files changed, 38 insertions, 1 deletions
diff --git a/apps/files/js/fileactions.js b/apps/files/js/fileactions.js
index f342f21a4fb..4525da876e3 100644
--- a/apps/files/js/fileactions.js
+++ b/apps/files/js/fileactions.js
@@ -711,6 +711,30 @@
});
this.registerAction({
+ name: 'EditLocally',
+ displayName: function(context) {
+ var locked = context.$file.data('locked');
+ if (!locked) {
+ return t('files', 'Edit locally');
+ }
+ },
+ mime: 'all',
+ order: -23,
+ iconClass: function(filename, context) {
+ var locked = context.$file.data('locked');
+ if (!locked) {
+ return 'icon-rename';
+ }
+ },
+ permissions: OC.PERMISSION_UPDATE,
+ actionHandler: function (filename, context) {
+ var dir = context.dir || context.fileList.getCurrentDirectory();
+ var path = dir === '/' ? dir + filename : dir + '/' + filename;
+ context.fileList.openLocalClient(path);
+ },
+ });
+
+ this.registerAction({
name: 'Open',
mime: 'dir',
permissions: OC.PERMISSION_READ,
diff --git a/apps/files/js/filelist.js b/apps/files/js/filelist.js
index ee596dd417e..fff704b9283 100644
--- a/apps/files/js/filelist.js
+++ b/apps/files/js/filelist.js
@@ -2807,6 +2807,15 @@
});
},
+ openLocalClient: function(path) {
+ var scheme = 'nc://';
+ var command = 'open';
+ var uid = OC.getCurrentUser().uid;
+ var url = scheme + command + '/' + uid + '@' + window.location.host + (window.location.port ? `:${window.location.port}` : '') + OC.encodePath(path);
+
+ window.location.href = url;
+ },
+
/**
* Updates the given row with the given file info
*
diff --git a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php
index 1490b69f534..dd964915006 100644
--- a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php
+++ b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php
@@ -87,6 +87,10 @@ class CORSMiddleware extends Middleware {
$user = array_key_exists('PHP_AUTH_USER', $this->request->server) ? $this->request->server['PHP_AUTH_USER'] : null;
$pass = array_key_exists('PHP_AUTH_PW', $this->request->server) ? $this->request->server['PHP_AUTH_PW'] : null;
+ // Allow to use the current session if a CSRF token is provided
+ if ($this->request->passesCSRFCheck()) {
+ return;
+ }
$this->session->logout();
try {
if ($user === null || $pass === null || !$this->session->logClientIn($user, $pass, $this->request, $this->throttler)) {
diff --git a/lib/public/AppFramework/OCSController.php b/lib/public/AppFramework/OCSController.php
index 09c28667dcd..11bac9effd5 100644
--- a/lib/public/AppFramework/OCSController.php
+++ b/lib/public/AppFramework/OCSController.php
@@ -61,7 +61,7 @@ abstract class OCSController extends ApiController {
public function __construct($appName,
IRequest $request,
$corsMethods = 'PUT, POST, GET, DELETE, PATCH',
- $corsAllowedHeaders = 'Authorization, Content-Type, Accept',
+ $corsAllowedHeaders = 'Authorization, Content-Type, Accept, OCS-APIRequest',
$corsMaxAge = 1728000) {
parent::__construct($appName, $request, $corsMethods,
$corsAllowedHeaders, $corsMaxAge);
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-19 19:24:01 +0000