summaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
Diffstat (limited to 'apps')
-rw-r--r--apps/files/ajax/upload.php7
-rw-r--r--apps/files/js/files.js2
-rw-r--r--apps/files/templates/list.php11
-rw-r--r--apps/files_sharing/ajax/list.php96
-rw-r--r--apps/files_sharing/js/public.js16
-rw-r--r--apps/files_sharing/tests/js/publicAppSpec.js20
6 files changed, 35 insertions, 117 deletions
diff --git a/apps/files/ajax/upload.php b/apps/files/ajax/upload.php
index a784642728f..18e9cfe6117 100644
--- a/apps/files/ajax/upload.php
+++ b/apps/files/ajax/upload.php
@@ -41,7 +41,6 @@ OCP\JSON::setContentTypeHeader('text/plain');
// If not, check the login.
// If no token is sent along, rely on login only
-$allowedPermissions = \OCP\Constants::PERMISSION_ALL;
$errorCode = null;
$l = \OC::$server->getL10N('files');
@@ -60,8 +59,6 @@ if (empty($_POST['dirToken'])) {
\OC_User::setIncognitoMode(true);
- // return only read permissions for public upload
- $allowedPermissions = \OCP\Constants::PERMISSION_READ;
$publicDirectory = !empty($_POST['subdir']) ? (string)$_POST['subdir'] : '/';
$linkItem = OCP\Share::getShareByToken((string)$_POST['dirToken']);
@@ -207,7 +204,7 @@ if (\OC\Files\Filesystem::isValidPath($dir) === true) {
$data['originalname'] = $files['name'][$i];
$data['uploadMaxFilesize'] = $maxUploadFileSize;
$data['maxHumanFilesize'] = $maxHumanFileSize;
- $data['permissions'] = $meta['permissions'] & $allowedPermissions;
+ $data['permissions'] = $meta['permissions'];
$data['directory'] = $returnedDir;
$result[] = $data;
}
@@ -234,7 +231,7 @@ if (\OC\Files\Filesystem::isValidPath($dir) === true) {
$data['originalname'] = $files['name'][$i];
$data['uploadMaxFilesize'] = $maxUploadFileSize;
$data['maxHumanFilesize'] = $maxHumanFileSize;
- $data['permissions'] = $meta['permissions'] & $allowedPermissions;
+ $data['permissions'] = $meta['permissions'];
$data['directory'] = $returnedDir;
$result[] = $data;
}
diff --git a/apps/files/js/files.js b/apps/files/js/files.js
index 6bdd14ac65d..e33b8354437 100644
--- a/apps/files/js/files.js
+++ b/apps/files/js/files.js
@@ -207,7 +207,7 @@
*/
lazyLoadPreview : function(path, mime, ready, width, height, etag) {
console.warn('DEPRECATED: please use lazyLoadPreview() from an OCA.Files.FileList instance');
- return OCA.Files.App.fileList.lazyLoadPreview({
+ return FileList.lazyLoadPreview({
path: path,
mime: mime,
callback: ready,
diff --git a/apps/files/templates/list.php b/apps/files/templates/list.php
index 7ebf80ee8b2..04550f945b6 100644
--- a/apps/files/templates/list.php
+++ b/apps/files/templates/list.php
@@ -1,16 +1,5 @@
<div id="controls">
<div class="actions creatable hidden">
- <?php /*
- Only show upload button for public page
- */ ?>
- <?php if(isset($_['dirToken'])):?>
- <div id="upload" class="button upload"
- title="<?php isset($_['uploadMaxHumanFilesize']) ? p($l->t('Upload (max. %s)', array($_['uploadMaxHumanFilesize']))) : '' ?>">
- <label for="file_upload_start" class="svg icon-upload">
- <span class="hidden-visually"><?php p($l->t('Upload'))?></span>
- </label>
- </div>
- <?php endif; ?>
<div id="uploadprogresswrapper">
<div id="uploadprogressbar"></div>
<button class="stop icon-close" style="display:none">
diff --git a/apps/files_sharing/ajax/list.php b/apps/files_sharing/ajax/list.php
deleted file mode 100644
index c7f0bde5d4a..00000000000
--- a/apps/files_sharing/ajax/list.php
+++ /dev/null
@@ -1,96 +0,0 @@
-<?php
-/**
- * @author Joas Schilling <nickvergessen@owncloud.com>
- * @author Lukas Reschke <lukas@owncloud.com>
- * @author Morris Jobke <hey@morrisjobke.de>
- * @author Roeland Jago Douma <rullzer@owncloud.com>
- * @author Thomas Müller <thomas.mueller@tmit.eu>
- * @author Vincent Petry <pvince81@owncloud.com>
- *
- * @copyright Copyright (c) 2015, ownCloud, Inc.
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
-
-OCP\JSON::checkAppEnabled('files_sharing');
-
-if(!isset($_GET['t'])){
- \OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST);
- \OCP\Util::writeLog('core-preview', 'No token parameter was passed', \OCP\Util::DEBUG);
- exit;
-}
-
-$token = $_GET['t'];
-
-$password = null;
-if (isset($_POST['password'])) {
- $password = $_POST['password'];
-}
-
-$relativePath = null;
-if (isset($_GET['dir'])) {
- $relativePath = $_GET['dir'];
-}
-
-$sortAttribute = isset( $_GET['sort'] ) ? $_GET['sort'] : 'name';
-$sortDirection = isset( $_GET['sortdirection'] ) ? ($_GET['sortdirection'] === 'desc') : false;
-
-$data = \OCA\Files_Sharing\Helper::setupFromToken($token, $relativePath, $password);
-
-$linkItem = $data['linkItem'];
-// Load the files
-$dir = $data['realPath'];
-
-$dir = \OC\Files\Filesystem::normalizePath($dir);
-if (!\OC\Files\Filesystem::is_dir($dir . '/')) {
- \OC_Response::setStatus(\OC_Response::STATUS_NOT_FOUND);
- \OCP\JSON::error(array('success' => false));
- exit();
-}
-
-$data = array();
-
-// make filelist
-$files = \OCA\Files\Helper::getFiles($dir, $sortAttribute, $sortDirection);
-
-$formattedFiles = array();
-foreach ($files as $file) {
- $entry = \OCA\Files\Helper::formatFileInfo($file);
- // for now
- unset($entry['directory']);
- // do not disclose share owner
- unset($entry['shareOwner']);
- // do not disclose if something is a remote shares
- unset($entry['mountType']);
- unset($entry['icon']);
- $entry['permissions'] = \OCP\Constants::PERMISSION_READ;
- $formattedFiles[] = $entry;
-}
-
-$data['directory'] = $relativePath;
-$data['files'] = $formattedFiles;
-$data['dirToken'] = $linkItem['token'];
-
-$permissions = $linkItem['permissions'];
-
-// if globally disabled
-if (\OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_public_upload', 'yes') === 'no') {
- // only allow reading
- $permissions = \OCP\Constants::PERMISSION_READ;
-}
-
-$data['permissions'] = $permissions;
-
-OCP\JSON::success(array('data' => $data));
diff --git a/apps/files_sharing/js/public.js b/apps/files_sharing/js/public.js
index 246b639f652..82691129926 100644
--- a/apps/files_sharing/js/public.js
+++ b/apps/files_sharing/js/public.js
@@ -48,8 +48,20 @@ OCA.Sharing.PublicApp = {
this._initialized = true;
this.initialDir = $('#dir').val();
+ var token = $('#sharingToken').val();
+
// file list mode ?
if ($el.find('#filestable').length) {
+ var filesClient = new OC.Files.Client({
+ host: OC.getHost(),
+ port: OC.getPort(),
+ userName: token,
+ // note: password not be required, the endpoint
+ // will recognize previous validation from the session
+ root: OC.getRootPath() + '/public.php/webdav',
+ useHTTPS: OC.getProtocol() === 'https'
+ });
+
this.fileList = new OCA.Files.FileList(
$el,
{
@@ -58,7 +70,8 @@ OCA.Sharing.PublicApp = {
dragOptions: dragOptions,
folderDropOptions: folderDropOptions,
fileActions: fileActions,
- detailsViewEnabled: false
+ detailsViewEnabled: false,
+ filesClient: filesClient
}
);
this.files = OCA.Files.Files;
@@ -88,7 +101,6 @@ OCA.Sharing.PublicApp = {
// dynamically load image previews
- var token = $('#sharingToken').val();
var bottomMargin = 350;
var previewWidth = Math.ceil($(window).width() * window.devicePixelRatio);
var previewHeight = Math.ceil(($(window).height() - bottomMargin) * window.devicePixelRatio);
diff --git a/apps/files_sharing/tests/js/publicAppSpec.js b/apps/files_sharing/tests/js/publicAppSpec.js
index d496b78acfa..8a644232e6c 100644
--- a/apps/files_sharing/tests/js/publicAppSpec.js
+++ b/apps/files_sharing/tests/js/publicAppSpec.js
@@ -21,11 +21,14 @@
describe('OCA.Sharing.PublicApp tests', function() {
var App = OCA.Sharing.PublicApp;
+ var hostStub, portStub, protocolStub, webrootStub;
var $preview;
- var fileListIn;
- var fileListOut;
beforeEach(function() {
+ protocolStub = sinon.stub(OC, 'getProtocol').returns('https');
+ hostStub = sinon.stub(OC, 'getHost').returns('example.com');
+ portStub = sinon.stub(OC, 'getPort').returns(8080);
+ webrootStub = sinon.stub(OC, 'getRootPath').returns('/owncloud');
$preview = $('<div id="preview"></div>');
$('#testArea').append($preview);
$preview.append(
@@ -35,6 +38,13 @@ describe('OCA.Sharing.PublicApp tests', function() {
);
});
+ afterEach(function() {
+ protocolStub.restore();
+ hostStub.restore();
+ portStub.restore();
+ webrootStub.restore();
+ });
+
describe('File list', function() {
// TODO: this should be moved to a separate file once the PublicFileList is extracted from public.js
beforeEach(function() {
@@ -78,6 +88,12 @@ describe('OCA.Sharing.PublicApp tests', function() {
App._initialized = false;
});
+ it('Uses public webdav endpoint', function() {
+ expect(fakeServer.requests.length).toEqual(1);
+ expect(fakeServer.requests[0].method).toEqual('PROPFIND');
+ expect(fakeServer.requests[0].url).toEqual('https://sh4tok@example.com:8080/owncloud/public.php/webdav/subdir');
+ });
+
describe('Download Url', function() {
var fileList;