summaryrefslogtreecommitdiffstats
path: root/core/ajax
diff options
context:
space:
mode:
Diffstat (limited to 'core/ajax')
-rw-r--r--core/ajax/appconfig.php27
-rw-r--r--core/ajax/preview.php31
-rw-r--r--core/ajax/share.php131
-rw-r--r--core/ajax/update.php9
4 files changed, 71 insertions, 127 deletions
diff --git a/core/ajax/appconfig.php b/core/ajax/appconfig.php
index 4f26dedc797..05b7572c6d7 100644
--- a/core/ajax/appconfig.php
+++ b/core/ajax/appconfig.php
@@ -9,28 +9,43 @@ OC_Util::checkAdminUser();
OCP\JSON::callCheck();
$action=isset($_POST['action'])?$_POST['action']:$_GET['action'];
+
+if(isset($_POST['app']) || isset($_GET['app'])) {
+ $app=OC_App::cleanAppId(isset($_POST['app'])?$_POST['app']:$_GET['app']);
+}
+
+// An admin should not be able to add remote and public services
+// on its own. This should only be possible programmatically.
+// This change is due the fact that an admin may not be expected
+// to execute arbitrary code in every environment.
+if($app === 'core' && isset($_POST['key']) &&(substr($_POST['key'],0,7) === 'remote_' || substr($_POST['key'],0,7) === 'public_')) {
+ OC_JSON::error(array('data' => array('message' => 'Unexpected error!')));
+ return;
+}
+
$result=false;
switch($action) {
case 'getValue':
- $result=OC_Appconfig::getValue($_GET['app'], $_GET['key'], $_GET['defaultValue']);
+ $result=OC_Appconfig::getValue($app, $_GET['key'], $_GET['defaultValue']);
break;
case 'setValue':
- $result=OC_Appconfig::setValue($_POST['app'], $_POST['key'], $_POST['value']);
+ $result=OC_Appconfig::setValue($app, $_POST['key'], $_POST['value']);
break;
case 'getApps':
$result=OC_Appconfig::getApps();
break;
case 'getKeys':
- $result=OC_Appconfig::getKeys($_GET['app']);
+ $result=OC_Appconfig::getKeys($app);
break;
case 'hasKey':
- $result=OC_Appconfig::hasKey($_GET['app'], $_GET['key']);
+ $result=OC_Appconfig::hasKey($app, $_GET['key']);
break;
case 'deleteKey':
- $result=OC_Appconfig::deleteKey($_POST['app'], $_POST['key']);
+ $result=OC_Appconfig::deleteKey($app, $_POST['key']);
break;
case 'deleteApp':
- $result=OC_Appconfig::deleteApp($_POST['app']);
+ $result=OC_Appconfig::deleteApp($app);
break;
}
OC_JSON::success(array('data'=>$result));
+
diff --git a/core/ajax/preview.php b/core/ajax/preview.php
index af0f0493f4c..526719e8a1b 100644
--- a/core/ajax/preview.php
+++ b/core/ajax/preview.php
@@ -7,34 +7,39 @@
*/
\OC_Util::checkLoggedIn();
-$file = array_key_exists('file', $_GET) ? (string) urldecode($_GET['file']) : '';
-$maxX = array_key_exists('x', $_GET) ? (int) $_GET['x'] : '36';
-$maxY = array_key_exists('y', $_GET) ? (int) $_GET['y'] : '36';
-$scalingUp = array_key_exists('scalingup', $_GET) ? (bool) $_GET['scalingup'] : true;
+$file = array_key_exists('file', $_GET) ? (string)$_GET['file'] : '';
+$maxX = array_key_exists('x', $_GET) ? (int)$_GET['x'] : '36';
+$maxY = array_key_exists('y', $_GET) ? (int)$_GET['y'] : '36';
+$scalingUp = array_key_exists('scalingup', $_GET) ? (bool)$_GET['scalingup'] : true;
+$always = array_key_exists('forceIcon', $_GET) ? (bool)$_GET['forceIcon'] : true;
-if($file === '') {
+if ($file === '') {
//400 Bad Request
\OC_Response::setStatus(400);
\OC_Log::write('core-preview', 'No file parameter was passed', \OC_Log::DEBUG);
exit;
}
-if($maxX === 0 || $maxY === 0) {
+if ($maxX === 0 || $maxY === 0) {
//400 Bad Request
\OC_Response::setStatus(400);
\OC_Log::write('core-preview', 'x and/or y set to 0', \OC_Log::DEBUG);
exit;
}
-try{
+try {
$preview = new \OC\Preview(\OC_User::getUser(), 'files');
- $preview->setFile($file);
- $preview->setMaxX($maxX);
- $preview->setMaxY($maxY);
- $preview->setScalingUp($scalingUp);
+ if (!$always and !$preview->isMimeSupported(\OC\Files\Filesystem::getMimeType($file))) {
+ \OC_Response::setStatus(404);
+ } else {
+ $preview->setFile($file);
+ $preview->setMaxX($maxX);
+ $preview->setMaxY($maxY);
+ $preview->setScalingUp($scalingUp);
+ }
$preview->show();
-}catch(\Exception $e) {
+} catch (\Exception $e) {
\OC_Response::setStatus(500);
\OC_Log::write('core', $e->getmessage(), \OC_Log::DEBUG);
-} \ No newline at end of file
+}
diff --git a/core/ajax/share.php b/core/ajax/share.php
index 8b48effb458..3f04e1e4ad1 100644
--- a/core/ajax/share.php
+++ b/core/ajax/share.php
@@ -80,98 +80,45 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
break;
case 'setExpirationDate':
if (isset($_POST['date'])) {
+ $l = OC_L10N::get('core');
+ $date = new \DateTime($_POST['date']);
+ $today = new \DateTime('now');
+
+ if ($date < $today) {
+ OC_JSON::error(array('data' => array('message' => $l->t('Expiration date is in the past.'))));
+ return;
+ }
$return = OCP\Share::setExpirationDate($_POST['itemType'], $_POST['itemSource'], $_POST['date']);
($return) ? OC_JSON::success() : OC_JSON::error();
}
break;
case 'informRecipients':
-
$l = OC_L10N::get('core');
-
$shareType = (int) $_POST['shareType'];
$itemType = $_POST['itemType'];
$itemSource = $_POST['itemSource'];
$recipient = $_POST['recipient'];
- $ownerDisplayName = \OCP\User::getDisplayName();
- $from = \OCP\Util::getDefaultEmailAddress('sharing-noreply');
-
- $noMail = array();
- $recipientList = array();
if($shareType === \OCP\Share::SHARE_TYPE_USER) {
$recipientList[] = $recipient;
} elseif ($shareType === \OCP\Share::SHARE_TYPE_GROUP) {
$recipientList = \OC_Group::usersInGroup($recipient);
}
-
// don't send a mail to the user who shared the file
$recipientList = array_diff($recipientList, array(\OCP\User::getUser()));
- // send mail to all recipients with an email address
- foreach ($recipientList as $recipient) {
- //get correct target folder name
- $email = OC_Preferences::getValue($recipient, 'settings', 'email', '');
-
- if ($email !== '') {
- $displayName = \OCP\User::getDisplayName($recipient);
- $items = \OCP\Share::getItemSharedWithUser($itemType, $itemSource, $recipient);
- $filename = trim($items[0]['file_target'], '/');
- $subject = (string)$l->t('%s shared »%s« with you', array($ownerDisplayName, $filename));
- $expiration = null;
- if (isset($items[0]['expiration'])) {
- try {
- $date = new DateTime($items[0]['expiration']);
- $expiration = $l->l('date', $date->getTimestamp());
- } catch (Exception $e) {
- \OCP\Util::writeLog('sharing', "Couldn't read date: " . $e->getMessage(), \OCP\Util::ERROR);
- }
- }
-
- if ($itemType === 'folder') {
- $foldername = "/Shared/" . $filename;
- } else {
- // if it is a file we can just link to the Shared folder,
- // that's the place where the user will find the file
- $foldername = "/Shared";
- }
-
- $link = \OCP\Util::linkToAbsolute('files', 'index.php', array("dir" => $foldername));
-
- $content = new OC_Template("core", "mail", "");
- $content->assign('link', $link);
- $content->assign('user_displayname', $ownerDisplayName);
- $content->assign('filename', $filename);
- $content->assign('expiration', $expiration);
- $text = $content->fetchPage();
-
- $content = new OC_Template("core", "altmail", "");
- $content->assign('link', $link);
- $content->assign('user_displayname', $ownerDisplayName);
- $content->assign('filename', $filename);
- $content->assign('expiration', $expiration);
- $alttext = $content->fetchPage();
-
- $default_from = OCP\Util::getDefaultEmailAddress('sharing-noreply');
- $from = OCP\Config::getUserValue(\OCP\User::getUser(), 'settings', 'email', $default_from);
-
- // send it out now
- try {
- OCP\Util::sendMail($email, $displayName, $subject, $text, $from, $ownerDisplayName, 1, $alttext);
- } catch (Exception $exception) {
- $noMail[] = \OCP\User::getDisplayName($recipient);
- }
- }
- }
+ $mailNotification = new OC\Share\MailNotifications();
+ $result = $mailNotification->sendInternalShareMail($recipientList, $itemSource, $itemType);
\OCP\Share::setSendMailStatus($itemType, $itemSource, $shareType, true);
- if (empty($noMail)) {
+ if (empty($result)) {
OCP\JSON::success();
} else {
OCP\JSON::error(array(
'data' => array(
'message' => $l->t("Couldn't send mail to following users: %s ",
- implode(', ', $noMail)
+ implode(', ', $result)
)
)
));
@@ -187,56 +134,38 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
break;
case 'email':
- // enable l10n support
- $l = OC_L10N::get('core');
// read post variables
- $user = OCP\USER::getUser();
- $displayName = OCP\User::getDisplayName();
- $type = $_POST['itemType'];
$link = $_POST['link'];
$file = $_POST['file'];
$to_address = $_POST['toaddress'];
+ $mailNotification = new \OC\Share\MailNotifications();
+
$expiration = null;
if (isset($_POST['expiration']) && $_POST['expiration'] !== '') {
try {
$date = new DateTime($_POST['expiration']);
- $expiration = $l->l('date', $date->getTimestamp());
+ $expiration = $date->getTimestamp();
} catch (Exception $e) {
\OCP\Util::writeLog('sharing', "Couldn't read date: " . $e->getMessage(), \OCP\Util::ERROR);
}
}
- // setup the email
- $subject = (string)$l->t('%s shared »%s« with you', array($displayName, $file));
-
- $content = new OC_Template("core", "mail", "");
- $content->assign ('link', $link);
- $content->assign ('type', $type);
- $content->assign ('user_displayname', $displayName);
- $content->assign ('filename', $file);
- $content->assign('expiration', $expiration);
- $text = $content->fetchPage();
-
- $content = new OC_Template("core", "altmail", "");
- $content->assign ('link', $link);
- $content->assign ('type', $type);
- $content->assign ('user_displayname', $displayName);
- $content->assign ('filename', $file);
- $content->assign('expiration', $expiration);
- $alttext = $content->fetchPage();
-
- $default_from = OCP\Util::getDefaultEmailAddress('sharing-noreply');
- $from_address = OCP\Config::getUserValue($user, 'settings', 'email', $default_from );
-
- // send it out now
- try {
- OCP\Util::sendMail($to_address, $to_address, $subject, $text, $from_address, $displayName, 1, $alttext);
- OCP\JSON::success();
- } catch (Exception $exception) {
- OCP\JSON::error(array('data' => array('message' => OC_Util::sanitizeHTML($exception->getMessage()))));
+ $result = $mailNotification->sendLinkShareMail($to_address, $file, $link, $expiration);
+ if(empty($result)) {
+ \OCP\JSON::success();
+ } else {
+ $l = OC_L10N::get('core');
+ OCP\JSON::error(array(
+ 'data' => array(
+ 'message' => $l->t("Couldn't send mail to following users: %s ",
+ implode(', ', $result)
+ )
+ )
+ ));
}
+
break;
}
} else if (isset($_GET['fetch'])) {
@@ -354,6 +283,10 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo
break;
}
}
+ $sorter = new \OC\Share\SearchResultSorter($_GET['search'],
+ 'label',
+ new \OC\Log());
+ usort($shareWith, array($sorter, 'sort'));
OC_JSON::success(array('data' => $shareWith));
}
break;
diff --git a/core/ajax/update.php b/core/ajax/update.php
index 99e8f275316..55e8ab15ec2 100644
--- a/core/ajax/update.php
+++ b/core/ajax/update.php
@@ -15,15 +15,6 @@ if (OC::checkUpgrade(false)) {
$updater->listen('\OC\Updater', 'dbUpgrade', function () use ($eventSource, $l) {
$eventSource->send('success', (string)$l->t('Updated database'));
});
- $updater->listen('\OC\Updater', 'filecacheStart', function () use ($eventSource, $l) {
- $eventSource->send('success', (string)$l->t('Updating filecache, this may take really long...'));
- });
- $updater->listen('\OC\Updater', 'filecacheDone', function () use ($eventSource, $l) {
- $eventSource->send('success', (string)$l->t('Updated filecache'));
- });
- $updater->listen('\OC\Updater', 'filecacheProgress', function ($out) use ($eventSource, $l) {
- $eventSource->send('success', (string)$l->t('... %d%% done ...', array('percent' => $out)));
- });
$updater->listen('\OC\Updater', 'failure', function ($message) use ($eventSource) {
$eventSource->send('failure', $message);
$eventSource->close();