summaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
Diffstat (limited to 'apps')
-rw-r--r--apps/files/ajax/upload.php23
-rw-r--r--apps/files_sharing/css/public.css51
-rw-r--r--apps/files_sharing/js/files_drop.js25
-rw-r--r--apps/files_sharing/js/public.js10
-rw-r--r--apps/files_sharing/templates/public.php14
5 files changed, 90 insertions, 33 deletions
diff --git a/apps/files/ajax/upload.php b/apps/files/ajax/upload.php
index 9cc9c279700..98066845734 100644
--- a/apps/files/ajax/upload.php
+++ b/apps/files/ajax/upload.php
@@ -161,6 +161,15 @@ if (\OC\Files\Filesystem::isValidPath($dir) === true) {
$resolution = null;
}
+ if(isset($_POST['dirToken'])) {
+ // If it is a read only share the resolution will always be autorename
+ $shareManager = \OC::$server->getShareManager();
+ $share = $shareManager->getShareByToken((string)$_POST['dirToken']);
+ if (!($share->getPermissions() & \OCP\Constants::PERMISSION_READ)) {
+ $resolution = 'autorename';
+ }
+ }
+
// target directory for when uploading folders
$relativePath = '';
if(!empty($_POST['file_directory'])) {
@@ -247,6 +256,20 @@ if (\OC\Files\Filesystem::isValidPath($dir) === true) {
}
if ($error === false) {
+ // Do not leak file information if it is a read-only share
+ if(isset($_POST['dirToken'])) {
+ $shareManager = \OC::$server->getShareManager();
+ $share = $shareManager->getShareByToken((string)$_POST['dirToken']);
+ if (!($share->getPermissions() & \OCP\Constants::PERMISSION_READ)) {
+ $newResults = [];
+ foreach($result as $singleResult) {
+ $fileName = $singleResult['originalname'];
+ $newResults['filename'] = $fileName;
+ $newResults['mimetype'] = \OC::$server->getMimeTypeDetector()->detectPath($fileName);
+ }
+ $result = $newResults;
+ }
+ }
OCP\JSON::encodedPrint($result);
} else {
OCP\JSON::error(array(array('data' => array_merge(array('message' => $error, 'code' => $errorCode), $storageStats))));
diff --git a/apps/files_sharing/css/public.css b/apps/files_sharing/css/public.css
index 18c8781a469..a644b850556 100644
--- a/apps/files_sharing/css/public.css
+++ b/apps/files_sharing/css/public.css
@@ -159,36 +159,63 @@ thead {
cursor: pointer;
}
-#body-public #emptycontent h2 {
+
+
+#public-upload .avatardiv {
+ margin: 0 auto;
+}
+
+#public-upload #emptycontent h2 {
margin: 10px 0 5px 0;
}
-#body-public #emptycontent h2+p {
+#public-upload #emptycontent h2+p {
margin-bottom: 30px;
}
-#body-public #emptycontent .icon-folder {
+#public-upload #emptycontent .icon-folder {
height: 16px;
width: 16px;
background-size: 16px;
display: inline-block;
vertical-align: text-top;
margin-bottom: 0;
+ margin-right: 5px;
opacity: 1;
}
-#body-public #emptycontent .button {
- background-size: 32px;
- height: 32px;
- width: 32px;
- background-position: 16px;
+#public-upload #emptycontent .button {
+ background-size: 16px;
+ height: 16px;
+ width: 16px;
+ background-position: 16px;
opacity: .7;
font-size: 20px;
margin: 20px;
padding: 10px 20px;
- padding-left: 64px;
+ padding-left: 42px;
+ font-weight: normal;
}
-#body-public .avatardiv {
- margin: 0 auto;
-} \ No newline at end of file
+#public-upload #emptycontent ul {
+ width: 160px;
+ margin: 25px auto;
+ text-align: left;
+}
+
+#public-upload #emptycontent li {
+ overflow: hidden;
+ text-overflow: ellipsis;
+ white-space: nowrap;
+ padding: 7px 0;
+}
+
+#public-upload #emptycontent li img {
+ vertical-align: text-bottom;
+ margin-right: 5px;
+}
+
+#public-upload li span.icon-loading-small {
+ padding-left: 18px;
+ margin-right: 7px;
+}
diff --git a/apps/files_sharing/js/files_drop.js b/apps/files_sharing/js/files_drop.js
index ced26fda220..3c1ccd63da5 100644
--- a/apps/files_sharing/js/files_drop.js
+++ b/apps/files_sharing/js/files_drop.js
@@ -15,24 +15,33 @@
// Prevent the default browser drop action:
e.preventDefault();
});
- $('#publicUploadDiv').fileupload({
+ $('#public-upload').fileupload({
url: OC.linkTo('files', 'ajax/upload.php'),
dataType: 'json',
- //maxFileSize: fileUploadContainer.data('maxupload'),
- messages: {
- maxFileSize: t('files_sharing', 'File is bigger than allowed.')
- },
- dropZone: $('#publicUploadDiv'),
+ dropZone: $('#public-upload'),
formData: {
dirToken: $('#sharingToken').val()
+ },
+ add: function(e, data) {
+ _.each(data['files'], function(file) {
+ $('#public-upload ul').append('<li data-name="'+escapeHTML(file.name)+'"><span class="icon-loading-small"></span> '+escapeHTML(file.name)+'</li>');
+ });
+ data.submit();
+ },
+ success: function (response) {
+ var mimeTypeUrl = OC.MimeType.getIconUrl(response['mimetype']);
+ $('#public-upload ul li[data-name="'+escapeHTML(response['filename'])+'"]').html('<img src="'+escapeHTML(mimeTypeUrl)+'"/> '+escapeHTML(response['filename']));
}
});
-
+ $('#public-upload .button.icon-upload').click(function(e) {
+ e.preventDefault();
+ $('#public-upload #emptycontent input').focus().trigger('click');
+ });
}
};
$(document).ready(function() {
- if($('#uploadOnlyInterface').val() === "1") {
+ if($('#upload-only-interface').val() === "1") {
$('.avatardiv').avatar($('#sharingUserId').val(), 128, true);
}
diff --git a/apps/files_sharing/js/public.js b/apps/files_sharing/js/public.js
index 7f780fd09e7..bf06b2cd55b 100644
--- a/apps/files_sharing/js/public.js
+++ b/apps/files_sharing/js/public.js
@@ -238,11 +238,6 @@ OCA.Sharing.PublicApp = {
$(this).select();
});
- $(document).on('click', '.content-wrapper-upload', function (e) {
- //e.preventDefault();
- $('#file_upload_start').focus().trigger('click');
- });
-
$('.save-form').submit(function (event) {
event.preventDefault();
@@ -307,9 +302,7 @@ OCA.Sharing.PublicApp = {
$('#save-button-confirm')
.removeClass("icon-loading-small")
.addClass("icon-confirm");
-
- }
- else {
+ } else {
$('#save-button-confirm')
.removeClass("icon-confirm")
.addClass("icon-loading-small");
@@ -319,7 +312,6 @@ OCA.Sharing.PublicApp = {
toggleLoading();
var location = window.location.protocol + '//' + window.location.host + OC.webroot;
-
if(remote.substr(-1) !== '/') {
remote += '/'
};
diff --git a/apps/files_sharing/templates/public.php b/apps/files_sharing/templates/public.php
index 0989b35f3b1..f4c954c76d5 100644
--- a/apps/files_sharing/templates/public.php
+++ b/apps/files_sharing/templates/public.php
@@ -41,7 +41,9 @@ OCP\Util::addscript('files', 'keyboardshortcuts');
<input type="hidden" name="mimetype" value="<?php p($_['mimetype']) ?>" id="mimetype">
<input type="hidden" name="previewSupported" value="<?php p($_['previewSupported'] ? 'true' : 'false'); ?>" id="previewSupported">
<input type="hidden" name="mimetypeIcon" value="<?php p(\OC::$server->getMimeTypeDetector()->mimeTypeIcon($_['mimetype'])); ?>" id="mimetypeIcon">
-<input type="hidden" name="filesize" value="<?php p($_['nonHumanFileSize']); ?>" id="filesize">
+<?php if (!isset($_['hideFileList']) || (isset($_['hideFileList']) && $_['hideFileList'] === false)): ?>
+ <input type="hidden" name="filesize" value="<?php p($_['nonHumanFileSize']); ?>" id="filesize">
+<?php endif; ?>
<input type="hidden" name="maxSizeAnimateGif" value="<?php p($_['maxSizeAnimateGif']); ?>" id="maxSizeAnimateGif">
@@ -89,7 +91,7 @@ OCP\Util::addscript('files', 'keyboardshortcuts');
</div>
</div></header>
<div id="content-wrapper" <?php if(isset($_['hideFileList']) && $_['hideFileList'] === true){ print_unescaped(" class=\"content-wrapper-upload\"");} ?>>
- <?php if (!isset($_['hideFileList']) || (isset($_['hideFileList']) && $_['hideFileList'] === false)) { ?>
+ <?php if (!isset($_['hideFileList']) || (isset($_['hideFileList']) && $_['hideFileList'] === false)) { ?>
<div id="preview">
<?php if (isset($_['folder'])): ?>
<?php print_unescaped($_['folder']); ?>
@@ -117,13 +119,17 @@ OCP\Util::addscript('files', 'keyboardshortcuts');
<?php endif; ?>
</div>
<?php } else { ?>
- <input type="hidden" id="uploadOnlyInterface" value="1"/>
- <div id="publicUploadDiv">
+ <input type="hidden" id="upload-only-interface" value="1"/>
+ <div id="public-upload">
<div id="emptycontent" class="">
<div id="displayavatar"><div class="avatardiv"></div></div>
<h2><?php p($l->t('Upload files to %s', [$_['shareOwner']])) ?></h2>
<p><span class="icon-folder"></span> <?php p($_['filename']) ?></p>
+ <input type="file" name="files[]" class="hidden" multiple>
+
<a href="#" class="button icon-upload"><?php p($l->t('Select')) ?></a>
+ <ul>
+ </ul>
</div>
</div>
<?php } ?>