From 13fa0e2a9d3f89e4479f30b847c7c197276e5537 Mon Sep 17 00:00:00 2001 From: Morris Jobke Date: Fri, 7 Feb 2014 17:47:42 +0100 Subject: Fix implied evals and doubled definition of variable fixes #7119 fixes #7120 fixes #7121 fixes #7122 --- apps/files/js/files.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apps/files/js/files.js') diff --git a/apps/files/js/files.js b/apps/files/js/files.js index a535700c1b3..1ec4c4ec7ab 100644 --- a/apps/files/js/files.js +++ b/apps/files/js/files.js @@ -405,7 +405,7 @@ $(document).ready(function() { Files.resizeBreadcrumbs(width, true); // display storage warnings - setTimeout ( "Files.displayStorageWarnings()", 100 ); + setTimeout(Files.displayStorageWarnings, 100); OC.Notification.setDefault(Files.displayStorageWarnings); // only possible at the moment if user is logged in -- cgit v1.2.3 From d5397d813cd731b5bf8ac4b7c193ac39d704af6e Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Thu, 13 Feb 2014 20:20:00 +0100 Subject: Do not send file list for select all on Download/delete - When all files are selected, do not send the whole file list - Download will trigger download for the parent folder, also works with root - Delete will send "allfiles" to the server that will find the file list or the passed directory by itself --- apps/files/ajax/delete.php | 15 ++++++- apps/files/js/filelist.js | 74 +++++++++++++++++++++++++--------- apps/files/js/files.js | 23 ++++++----- apps/files/tests/js/fileactionsSpec.js | 2 +- apps/files/tests/js/filelistSpec.js | 13 ++++-- apps/files_sharing/js/public.js | 30 +++++++++++--- lib/private/files.php | 9 ++++- 7 files changed, 126 insertions(+), 40 deletions(-) (limited to 'apps/files/js/files.js') diff --git a/apps/files/ajax/delete.php b/apps/files/ajax/delete.php index c69f5a8860c..69f859daa97 100644 --- a/apps/files/ajax/delete.php +++ b/apps/files/ajax/delete.php @@ -9,8 +9,21 @@ OCP\JSON::callCheck(); // Get data $dir = stripslashes($_POST["dir"]); $files = isset($_POST["file"]) ? $_POST["file"] : $_POST["files"]; +$allFiles = isset($_POST["allfiles"]) ? $_POST["allfiles"] : $_POST["allfiles"]; +if ($allFiles === 'true') { + $allFiles = true; +} -$files = json_decode($files); +// delete all files in dir ? +if ($allFiles) { + $files = array(); + $fileList = \OC\Files\Filesystem::getDirectoryContent($dir); + foreach ($fileList as $fileInfo) { + $files[] = $fileInfo['name']; + } +} else { + $files = json_decode($files); +} $filesWithError = ''; $success = true; diff --git a/apps/files/js/filelist.js b/apps/files/js/filelist.js index a855d6cbe59..d6cffde05de 100644 --- a/apps/files/js/filelist.js +++ b/apps/files/js/filelist.js @@ -582,30 +582,49 @@ window.FileList={ }}); } }, - do_delete:function(files) { - if (files.substr) { + do_delete:function(files, dir) { + var params; + if (files && files.substr) { files=[files]; } - for (var i=0; i 0) { - return $(tr).find('a.name').attr('href') + '&download'; + if ($.isArray(filename)) { + filename = JSON.stringify(filename); + } + var path = dir || FileList.getCurrentDirectory(); + var params = { + service: 'files', + t: $('#sharingToken').val(), + path: path, + download: null + }; + if (filename) { + params.files = filename; } - return null; + return OC.filePath('', '', 'public.php') + '?' + OC.buildQueryString(params); }; } diff --git a/lib/private/files.php b/lib/private/files.php index 24fca4a5df3..5bbc2e960d7 100644 --- a/lib/private/files.php +++ b/lib/private/files.php @@ -103,7 +103,12 @@ class OC_Files { if ($xsendfile) { $filename = OC_Helper::moveToNoClean($filename); } - $name = $files . '.zip'; + // downloading root ? + if ($files === '') { + $name = 'download.zip'; + } else { + $name = $files . '.zip'; + } set_time_limit($executionTime); } else { $zip = false; @@ -198,6 +203,8 @@ class OC_Files { $dirname=basename($dir); $zip->addEmptyDir($internalDir.$dirname); $internalDir.=$dirname.='/'; + // prevent absolute dirs + $internalDir = ltrim($internalDir, '/'); $files=OC_Files::getDirectoryContent($dir); foreach($files as $file) { $filename=$file['name']; -- cgit v1.2.3 From 609a91a9b1bbee423a6bda2420dc4010b46757f6 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Wed, 19 Feb 2014 14:47:29 +0100 Subject: Show svg mime icons when no preview is available --- apps/files/js/filelist.js | 10 +++++----- apps/files/js/files.js | 9 +++++++-- apps/files/lib/helper.php | 14 ++++++++------ core/ajax/preview.php | 30 +++++++++++++++++------------- 4 files changed, 37 insertions(+), 26 deletions(-) (limited to 'apps/files/js/files.js') diff --git a/apps/files/js/filelist.js b/apps/files/js/filelist.js index a855d6cbe59..b2de0161aa8 100644 --- a/apps/files/js/filelist.js +++ b/apps/files/js/filelist.js @@ -129,7 +129,7 @@ window.FileList={ if (loading) { imgurl = OC.imagePath('core', 'loading.gif'); } else { - imgurl = OC.imagePath('core', 'filetypes/file.png'); + imgurl = OC.imagePath('core', 'filetypes/file'); } var tr = this.createRow( 'file', @@ -157,7 +157,7 @@ window.FileList={ var tr = this.createRow( 'dir', name, - OC.imagePath('core', 'filetypes/folder.png'), + OC.imagePath('core', 'filetypes/folder'), OC.linkTo('files', 'index.php')+"?dir="+ encodeURIComponent($('#dir').val()+'/'+name).replace(/%2F/g, '/'), size, lastModified, @@ -907,7 +907,7 @@ $(document).ready(function() { uploadtext.attr('currentUploads', currentUploads); var translatedText = n('files', 'Uploading %n file', 'Uploading %n files', currentUploads); if (currentUploads === 0) { - var img = OC.imagePath('core', 'filetypes/folder.png'); + var img = OC.imagePath('core', 'filetypes/folder'); data.context.find('td.filename').attr('style','background-image:url('+img+')'); uploadtext.text(translatedText); uploadtext.hide(); @@ -967,7 +967,7 @@ $(document).ready(function() { if (data.errorThrown === 'abort') { //cleanup uploading to a dir var uploadtext = $('tr .uploadtext'); - var img = OC.imagePath('core', 'filetypes/folder.png'); + var img = OC.imagePath('core', 'filetypes/folder'); uploadtext.parents('td.filename').attr('style','background-image:url('+img+')'); uploadtext.fadeOut(); uploadtext.attr('currentUploads', 0); @@ -980,7 +980,7 @@ $(document).ready(function() { if (data.errorThrown === 'abort') { //cleanup uploading to a dir var uploadtext = $('tr .uploadtext'); - var img = OC.imagePath('core', 'filetypes/folder.png'); + var img = OC.imagePath('core', 'filetypes/folder'); uploadtext.parents('td.filename').attr('style','background-image:url('+img+')'); uploadtext.fadeOut(); uploadtext.attr('currentUploads', 0); diff --git a/apps/files/js/files.js b/apps/files/js/files.js index 1ec4c4ec7ab..dab060229e6 100644 --- a/apps/files/js/files.js +++ b/apps/files/js/files.js @@ -731,6 +731,9 @@ Files.getMimeIcon = function(mime, ready) { ready(Files.getMimeIcon.cache[mime]); } else { $.get( OC.filePath('files','ajax','mimeicon.php'), {mime: mime}, function(path) { + if(SVGSupport()){ + path = path.substr(0, path.length-4) + '.svg'; + } Files.getMimeIcon.cache[mime]=path; ready(Files.getMimeIcon.cache[mime]); }); @@ -785,8 +788,10 @@ Files.lazyLoadPreview = function(path, mime, ready, width, height, etag) { // this will make the browser cache the image var img = new Image(); img.onload = function(){ - //set preview thumbnail URL - ready(previewURL); + // if loading the preview image failed (no preview for the mimetype) then img.width will < 5 + if (img.width > 5) { + ready(previewURL); + } } img.src = previewURL; }); diff --git a/apps/files/lib/helper.php b/apps/files/lib/helper.php index ac8a2ad3200..fec1297b180 100644 --- a/apps/files/lib/helper.php +++ b/apps/files/lib/helper.php @@ -36,14 +36,16 @@ class Helper } } } - return \OC_Helper::mimetypeIcon('dir'); + $icon = \OC_Helper::mimetypeIcon('dir'); + }else{ + if($file['isPreviewAvailable']) { + $pathForPreview = $file['directory'] . '/' . $file['name']; + return \OC_Helper::previewIcon($pathForPreview) . '&c=' . $file['etag']; + } + $icon = \OC_Helper::mimetypeIcon($file['mimetype']); } - if($file['isPreviewAvailable']) { - $pathForPreview = $file['directory'] . '/' . $file['name']; - return \OC_Helper::previewIcon($pathForPreview) . '&c=' . $file['etag']; - } - return \OC_Helper::mimetypeIcon($file['mimetype']); + return substr($icon, 0, -3) . 'svg'; } /** diff --git a/core/ajax/preview.php b/core/ajax/preview.php index a1267d6f5cf..5c6d5ce25ab 100644 --- a/core/ajax/preview.php +++ b/core/ajax/preview.php @@ -7,34 +7,38 @@ */ \OC_Util::checkLoggedIn(); -$file = array_key_exists('file', $_GET) ? (string) $_GET['file'] : ''; -$maxX = array_key_exists('x', $_GET) ? (int) $_GET['x'] : '36'; -$maxY = array_key_exists('y', $_GET) ? (int) $_GET['y'] : '36'; -$scalingUp = array_key_exists('scalingup', $_GET) ? (bool) $_GET['scalingup'] : true; +$file = array_key_exists('file', $_GET) ? (string)$_GET['file'] : ''; +$maxX = array_key_exists('x', $_GET) ? (int)$_GET['x'] : '36'; +$maxY = array_key_exists('y', $_GET) ? (int)$_GET['y'] : '36'; +$scalingUp = array_key_exists('scalingup', $_GET) ? (bool)$_GET['scalingup'] : true; -if($file === '') { +if ($file === '') { //400 Bad Request \OC_Response::setStatus(400); \OC_Log::write('core-preview', 'No file parameter was passed', \OC_Log::DEBUG); exit; } -if($maxX === 0 || $maxY === 0) { +if ($maxX === 0 || $maxY === 0) { //400 Bad Request \OC_Response::setStatus(400); \OC_Log::write('core-preview', 'x and/or y set to 0', \OC_Log::DEBUG); exit; } -try{ +try { $preview = new \OC\Preview(\OC_User::getUser(), 'files'); - $preview->setFile($file); - $preview->setMaxX($maxX); - $preview->setMaxY($maxY); - $preview->setScalingUp($scalingUp); + if (!$preview->isMimeSupported(\OC\Files\Filesystem::getMimeType($file))) { + \OC_Response::setStatus(404); + } else { + $preview->setFile($file); + $preview->setMaxX($maxX); + $preview->setMaxY($maxY); + $preview->setScalingUp($scalingUp); + } $preview->show(); -}catch(\Exception $e) { +} catch (\Exception $e) { \OC_Response::setStatus(500); \OC_Log::write('core', $e->getmessage(), \OC_Log::DEBUG); -} \ No newline at end of file +} -- cgit v1.2.3 From 4715fb12c8001b8642c2e6dcef57ac216ef92c3d Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Fri, 21 Feb 2014 14:06:15 +0100 Subject: Add url parameter to control whether previews should return 404 when the mimetype is unsupported --- apps/files/js/files.js | 1 + core/ajax/preview.php | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'apps/files/js/files.js') diff --git a/apps/files/js/files.js b/apps/files/js/files.js index 8b252e69a1d..1f4bd6794f3 100644 --- a/apps/files/js/files.js +++ b/apps/files/js/files.js @@ -786,6 +786,7 @@ Files.lazyLoadPreview = function(path, mime, ready, width, height, etag) { } previewURL = previewURL.replace('(', '%28'); previewURL = previewURL.replace(')', '%29'); + previewURL += '&always=0'; // preload image to prevent delay // this will make the browser cache the image diff --git a/core/ajax/preview.php b/core/ajax/preview.php index 5c6d5ce25ab..285af3a8a76 100644 --- a/core/ajax/preview.php +++ b/core/ajax/preview.php @@ -11,6 +11,7 @@ $file = array_key_exists('file', $_GET) ? (string)$_GET['file'] : ''; $maxX = array_key_exists('x', $_GET) ? (int)$_GET['x'] : '36'; $maxY = array_key_exists('y', $_GET) ? (int)$_GET['y'] : '36'; $scalingUp = array_key_exists('scalingup', $_GET) ? (bool)$_GET['scalingup'] : true; +$always = array_key_exists('always', $_GET) ? (bool)$_GET['always'] : true; if ($file === '') { //400 Bad Request @@ -28,7 +29,7 @@ if ($maxX === 0 || $maxY === 0) { try { $preview = new \OC\Preview(\OC_User::getUser(), 'files'); - if (!$preview->isMimeSupported(\OC\Files\Filesystem::getMimeType($file))) { + if (!$always and !$preview->isMimeSupported(\OC\Files\Filesystem::getMimeType($file))) { \OC_Response::setStatus(404); } else { $preview->setFile($file); -- cgit v1.2.3 From 7c4f81bd78b0933928056f6f59020837e1291525 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Mon, 24 Feb 2014 13:24:10 +0100 Subject: rename url parameter --- apps/files/js/files.js | 2 +- core/ajax/preview.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'apps/files/js/files.js') diff --git a/apps/files/js/files.js b/apps/files/js/files.js index 1f4bd6794f3..f4546120702 100644 --- a/apps/files/js/files.js +++ b/apps/files/js/files.js @@ -786,7 +786,7 @@ Files.lazyLoadPreview = function(path, mime, ready, width, height, etag) { } previewURL = previewURL.replace('(', '%28'); previewURL = previewURL.replace(')', '%29'); - previewURL += '&always=0'; + previewURL += '&forceIcon=0'; // preload image to prevent delay // this will make the browser cache the image diff --git a/core/ajax/preview.php b/core/ajax/preview.php index 285af3a8a76..526719e8a1b 100644 --- a/core/ajax/preview.php +++ b/core/ajax/preview.php @@ -11,7 +11,7 @@ $file = array_key_exists('file', $_GET) ? (string)$_GET['file'] : ''; $maxX = array_key_exists('x', $_GET) ? (int)$_GET['x'] : '36'; $maxY = array_key_exists('y', $_GET) ? (int)$_GET['y'] : '36'; $scalingUp = array_key_exists('scalingup', $_GET) ? (bool)$_GET['scalingup'] : true; -$always = array_key_exists('always', $_GET) ? (bool)$_GET['always'] : true; +$always = array_key_exists('forceIcon', $_GET) ? (bool)$_GET['forceIcon'] : true; if ($file === '') { //400 Bad Request -- cgit v1.2.3 From 1291303c5a312fad9f01fbaf22cc21e3b9b3675d Mon Sep 17 00:00:00 2001 From: Thomas Müller Date: Sun, 2 Mar 2014 22:30:24 +0100 Subject: Replace OC.Router.generate() with OC.generateUrl() --- apps/files/js/filelist.js | 4 +- apps/files/js/files.js | 4 +- apps/files_sharing/appinfo/routes.php | 1 + core/js/jquery.avatar.js | 41 +++++++++--------- core/js/js.js | 31 +++++++++++--- core/js/router.js | 81 ----------------------------------- core/js/tags.js | 18 ++++---- core/routes.php | 2 - lib/base.php | 1 - lib/private/router.php | 24 ----------- settings/js/admin.js | 2 +- settings/js/personal.js | 10 ++--- settings/js/users.js | 5 ++- settings/routes.php | 2 + 14 files changed, 72 insertions(+), 154 deletions(-) delete mode 100644 core/js/router.js (limited to 'apps/files/js/files.js') diff --git a/apps/files/js/filelist.js b/apps/files/js/filelist.js index 550c10dba3e..c3c7f4c2b9b 100644 --- a/apps/files/js/filelist.js +++ b/apps/files/js/filelist.js @@ -137,7 +137,9 @@ window.FileList={ var download_url = null; if (!param.download_url) { - download_url = OC.Router.generate('download', { file: $('#dir').val()+'/'+name }); + download_url = OC.generateUrl( + '/download{file}', + { file: $('#dir').val()+'/'+name }); } else { download_url = param.download_url; } diff --git a/apps/files/js/files.js b/apps/files/js/files.js index f4546120702..c93862e85d8 100644 --- a/apps/files/js/files.js +++ b/apps/files/js/files.js @@ -780,9 +780,9 @@ Files.lazyLoadPreview = function(path, mime, ready, width, height, etag) { if ( $('#isPublic').length ) { urlSpec.t = $('#dirToken').val(); - previewURL = OC.Router.generate('core_ajax_public_preview', urlSpec); + previewURL = OC.generateUrl('/publicpreview.png?') + $.param(urlSpec); } else { - previewURL = OC.Router.generate('core_ajax_preview', urlSpec); + previewURL = OC.generateUrl('/core/preview.png?') + $.param(urlSpec); } previewURL = previewURL.replace('(', '%28'); previewURL = previewURL.replace(')', '%29'); diff --git a/apps/files_sharing/appinfo/routes.php b/apps/files_sharing/appinfo/routes.php index 3469829b6f7..9417a6eeb89 100644 --- a/apps/files_sharing/appinfo/routes.php +++ b/apps/files_sharing/appinfo/routes.php @@ -1,4 +1,5 @@ create('core_ajax_public_preview', '/publicpreview.png')->action( function() { require_once __DIR__ . '/../ajax/publicpreview.php'; diff --git a/core/js/jquery.avatar.js b/core/js/jquery.avatar.js index 02a40c088b4..381c42d9dbb 100644 --- a/core/js/jquery.avatar.js +++ b/core/js/jquery.avatar.js @@ -75,31 +75,32 @@ var $div = this; - OC.Router.registerLoadedCallback(function() { - var url = OC.Router.generate('core_avatar_get', {user: user, size: size})+'?requesttoken='+oc_requesttoken; - $.get(url, function(result) { - if (typeof(result) === 'object') { - if (!hidedefault) { - if (result.data && result.data.displayname) { - $div.imageplaceholder(user, result.data.displayname); - } else { - $div.imageplaceholder(user); - } + var url = OC.generateUrl( + '/avatar/{user}/{size}?requesttoken={requesttoken}', + {user: user, size: size, requesttoken: oc_requesttoken}); + + $.get(url, function(result) { + if (typeof(result) === 'object') { + if (!hidedefault) { + if (result.data && result.data.displayname) { + $div.imageplaceholder(user, result.data.displayname); } else { - $div.hide(); + $div.imageplaceholder(user); } } else { - $div.show(); - if (ie8fix === true) { - $div.html(''); - } else { - $div.html(''); - } + $div.hide(); } - if(typeof callback === 'function') { - callback(); + } else { + $div.show(); + if (ie8fix === true) { + $div.html(''); + } else { + $div.html(''); } - }); + } + if(typeof callback === 'function') { + callback(); + } }); }; }(jQuery)); diff --git a/core/js/js.js b/core/js/js.js index 21ccee0f1d5..80d83dc07f9 100644 --- a/core/js/js.js +++ b/core/js/js.js @@ -194,6 +194,27 @@ var OC={ linkToRemoteBase:function(service) { return OC.webroot + '/remote.php/' + service; }, + + generateUrl: function(url, params) { + var _build = function (text, vars) { + return text.replace(/{([^{}]*)}/g, + function (a, b) { + var r = vars[b]; + return typeof r === 'string' || typeof r === 'number' ? r : a; + } + ); + }; + if (url.charAt(0) !== '/') { + url = '/' + url; + + } + return OC.webroot + '/index.php' + _build(url, params); + }, + + linkToRoute:function(route) { + return OC.webroot + '/index.php/' + route; + }, + /** * @brief Creates an absolute url for remote use * @param string $service id @@ -791,12 +812,10 @@ function initCore() { if (interval < 60) { interval = 60; } - OC.Router.registerLoadedCallback(function(){ - var url = OC.Router.generate('heartbeat'); - setInterval(function(){ - $.post(url); - }, interval * 1000); - }); + var url = OC.linkToRoute('heartbeat'); + setInterval(function(){ + $.post(url); + }, interval * 1000); } // session heartbeat (defaults to enabled) diff --git a/core/js/router.js b/core/js/router.js deleted file mode 100644 index e6ef54a1864..00000000000 --- a/core/js/router.js +++ /dev/null @@ -1,81 +0,0 @@ -OC.router_base_url = OC.webroot + '/index.php'; -OC.Router = { - // register your ajax requests to load after the loading of the routes - // has finished. otherwise you face problems with race conditions - registerLoadedCallback: function(callback){ - if (!this.routes_request){ - return; - } - this.routes_request.done(callback); - }, - routes_request: !window.TESTING && $.ajax(OC.router_base_url + '/core/routes.json', { - dataType: 'json', - success: function(jsondata) { - if (jsondata.status === 'success') { - OC.Router.routes = jsondata.data; - } - } - }), - generate:function(name, opt_params) { - if (!('routes' in this)) { - if(this.routes_request.state() != 'resolved') { - console.warn('To avoid race conditions, please register a callback');// wait - } - } - if (!(name in this.routes)) { - throw new Error('The route "' + name + '" does not exist.'); - } - var route = this.routes[name]; - var params = opt_params || {}; - var unusedParams = $.extend(true, {}, params); - var url = ''; - var optional = true; - $(route.tokens).each(function(i, token) { - if ('text' === token[0]) { - url = token[1] + url; - optional = false; - - return; - } - - if ('variable' === token[0]) { - if (false === optional || !(token[3] in route.defaults) - || ((token[3] in params) && params[token[3]] != route.defaults[token[3]])) { - var value; - if (token[3] in params) { - value = params[token[3]]; - delete unusedParams[token[3]]; - } else if (token[3] in route.defaults) { - value = route.defaults[token[3]]; - } else if (optional) { - return; - } else { - throw new Error('The route "' + name + '" requires the parameter "' + token[3] + '".'); - } - - var empty = true === value || false === value || '' === value; - - if (!empty || !optional) { - url = token[1] + encodeURIComponent(value).replace(/%2F/g, '/') + url; - } - - optional = false; - } - - return; - } - - throw new Error('The token type "' + token[0] + '" is not supported.'); - }); - if (url === '') { - url = '/'; - } - - unusedParams = $.param(unusedParams); - if (unusedParams.length > 0) { - url += '?'+unusedParams; - } - - return OC.router_base_url + url; - } -} diff --git a/core/js/tags.js b/core/js/tags.js index bc6d7b4e071..bc2b42bf5ff 100644 --- a/core/js/tags.js +++ b/core/js/tags.js @@ -69,7 +69,7 @@ OC.Tags= { type = type ? type : this.type; var defer = $.Deferred(), self = this, - url = OC.Router.generate('core_tags_ids_for_tag', {type: type}); + url = OC.generateUrl('/tags/{type}/ids', {type: type}); $.getJSON(url, {tag: tag}, function(response) { if(response.status === 'success') { defer.resolve(response.ids); @@ -90,7 +90,7 @@ OC.Tags= { type = type ? type : this.type; var defer = $.Deferred(), self = this, - url = OC.Router.generate('core_tags_favorites', {type: type}); + url = OC.generateUrl('/tags/{type}/favorites', {type: type}); $.getJSON(url, function(response) { if(response.status === 'success') { defer.resolve(response.ids); @@ -111,7 +111,7 @@ OC.Tags= { type = type ? type : this.type; var defer = $.Deferred(), self = this, - url = OC.Router.generate('core_tags_tags', {type: type}); + url = OC.generateUrl('/tags/{type}', {type: type}); $.getJSON(url, function(response) { if(response.status === 'success') { defer.resolve(response.tags); @@ -133,7 +133,7 @@ OC.Tags= { type = type ? type : this.type; var defer = $.Deferred(), self = this, - url = OC.Router.generate('core_tags_tag', {type: type, id: id}); + url = OC.generateUrl('/tags/{type}/tag/{id}/', {type: type, id: id}); $.post(url, {tag: tag}, function(response) { if(response.status === 'success') { defer.resolve(response); @@ -157,7 +157,7 @@ OC.Tags= { type = type ? type : this.type; var defer = $.Deferred(), self = this, - url = OC.Router.generate('core_tags_untag', {type: type, id: id}); + url = OC.generateUrl('/tags/{type}/untag/{id}/', {type: type, id: id}); $.post(url, {tag: tag}, function(response) { if(response.status === 'success') { defer.resolve(response); @@ -181,7 +181,7 @@ OC.Tags= { type = type ? type : this.type; var defer = $.Deferred(), self = this, - url = OC.Router.generate('core_tags_favorite', {type: type, id: id}); + url = OC.generateUrl('/tags/{type}/favorite/{id}/', {type: type, id: id}); $.post(url, function(response) { if(response.status === 'success') { defer.resolve(response); @@ -205,7 +205,7 @@ OC.Tags= { type = type ? type : this.type; var defer = $.Deferred(), self = this, - url = OC.Router.generate('core_tags_unfavorite', {type: type, id: id}); + url = OC.generateUrl('/tags/{type}/unfavorite/{id}/', {type: type, id: id}); $.post(url, function(response) { if(response.status === 'success') { defer.resolve(); @@ -229,7 +229,7 @@ OC.Tags= { type = type ? type : this.type; var defer = $.Deferred(), self = this, - url = OC.Router.generate('core_tags_add', {type: type}); + url = OC.generateUrl('/tags/{type}/add', {type: type}); $.post(url,{tag:tag}, function(response) { if(typeof cb == 'function') { cb(response); @@ -256,7 +256,7 @@ OC.Tags= { type = type ? type : this.type; var defer = $.Deferred(), self = this, - url = OC.Router.generate('core_tags_delete', {type: type}); + url = OC.generateUrl('/tags/{type}/delete', {type: type}); if(!tags || !tags.length) { throw new Error(t('core', 'No tags selected for deletion.')); } diff --git a/core/routes.php b/core/routes.php index aea788bdc6b..76cf03c3673 100644 --- a/core/routes.php +++ b/core/routes.php @@ -65,8 +65,6 @@ $this->create('core_tags_delete', '/tags/{type}/delete') $this->create('js_config', '/core/js/oc.js') ->actionInclude('core/js/config.php'); // Routing -$this->create('core_ajax_routes', '/core/routes.json') - ->action('OC_Router', 'JSRoutes'); $this->create('core_ajax_preview', '/core/preview.png') ->actionInclude('core/ajax/preview.php'); $this->create('core_lostpassword_index', '/lostpassword/') diff --git a/lib/base.php b/lib/base.php index 49cbb1279d1..7703e83ec2e 100644 --- a/lib/base.php +++ b/lib/base.php @@ -316,7 +316,6 @@ class OC { OC_Util::addScript("config"); //OC_Util::addScript( "multiselect" ); OC_Util::addScript('search', 'result'); - OC_Util::addScript('router'); OC_Util::addScript("oc-requesttoken"); // avatars diff --git a/lib/private/router.php b/lib/private/router.php index 19c1e4473ec..918e3b13206 100644 --- a/lib/private/router.php +++ b/lib/private/router.php @@ -158,28 +158,4 @@ class OC_Router { return $this->getGenerator()->generate($name, $parameters, $absolute); } - /** - * Generate JSON response for routing in javascript - */ - public static function JSRoutes() - { - $router = OC::getRouter(); - - $etag = $router->getCacheKey(); - OC_Response::enableCaching(); - OC_Response::setETagHeader($etag); - - $root = $router->getCollection('root'); - $routes = array(); - foreach($root->all() as $name => $route) { - $compiled_route = $route->compile(); - $defaults = $route->getDefaults(); - unset($defaults['action']); - $routes[$name] = array( - 'tokens' => $compiled_route->getTokens(), - 'defaults' => $defaults, - ); - } - OCP\JSON::success ( array( 'data' => $routes ) ); - } } diff --git a/settings/js/admin.js b/settings/js/admin.js index 5ea6a5af2df..cfb1cb788d0 100644 --- a/settings/js/admin.js +++ b/settings/js/admin.js @@ -64,7 +64,7 @@ $(document).ready(function(){ $('#mail_settings').change(function(){ OC.msg.startSaving('#mail_settings .msg'); var post = $( "#mail_settings" ).serialize(); - $.post(OC.Router.generate('settings_mail_settings'), post, function(data){ + $.post(OC.generateUrl('/settings/admin/mailsettings'), post, function(data){ OC.msg.finishedSaving('#mail_settings .msg', data); }); }); diff --git a/settings/js/personal.js b/settings/js/personal.js index 98bfe7132d4..7a4257f1c97 100644 --- a/settings/js/personal.js +++ b/settings/js/personal.js @@ -67,7 +67,7 @@ function showAvatarCropper() { $cropper.prepend(""); $cropperImage = $('#cropper img'); - $cropperImage.attr('src', OC.Router.generate('core_avatar_get_tmp')+'?requesttoken='+oc_requesttoken+'#'+Math.floor(Math.random()*1000)); + $cropperImage.attr('src', OC.generateUrl('/avatar/tmp')+'?requesttoken='+oc_requesttoken+'#'+Math.floor(Math.random()*1000)); // Looks weird, but on('load', ...) doesn't work in IE8 $cropperImage.ready(function(){ @@ -95,7 +95,7 @@ function sendCropData() { w: cropperdata.w, h: cropperdata.h }; - $.post(OC.Router.generate('core_avatar_post_cropped'), {crop: data}, avatarResponseHandler); + $.post(OC.generateUrl('/avatar/cropped'), {crop: data}, avatarResponseHandler); } function saveCoords(c) { @@ -132,7 +132,7 @@ $(document).ready(function(){ $('#passwordchanged').hide(); $('#passworderror').hide(); // Ajax foo - $.post(OC.Router.generate('settings_personal_changepassword'), post, function(data){ + $.post(OC.generateUrl('/settings/personal/changepassword'), post, function(data){ if( data.status === "success" ){ $('#pass1').val(''); $('#pass2').val(''); @@ -243,7 +243,7 @@ $(document).ready(function(){ OC.dialogs.filepicker( t('settings', "Select a profile picture"), function(path){ - $.post(OC.Router.generate('core_avatar_post'), {path: path}, avatarResponseHandler); + $.post(OC.generateUrl('/avatar/'), {path: path}, avatarResponseHandler); }, false, ["image/png", "image/jpeg"] @@ -253,7 +253,7 @@ $(document).ready(function(){ $('#removeavatar').click(function(){ $.ajax({ type: 'DELETE', - url: OC.Router.generate('core_avatar_delete'), + url: OC.generateUrl('/avatar/'), success: function(msg) { updateAvatar(true); } diff --git a/settings/js/users.js b/settings/js/users.js index 160d0a8d9d2..6b5447c7674 100644 --- a/settings/js/users.js +++ b/settings/js/users.js @@ -225,7 +225,8 @@ var UserList = { } $('table+.loading').css('visibility', 'visible'); UserList.updating = true; - $.get(OC.Router.generate('settings_ajax_userlist', { offset: UserList.offset, limit: UserList.usersToLoad }), function (result) { + var query = $.param({ offset: UserList.offset, limit: UserList.usersToLoad }); + $.get(OC.generateUrl('/settings/ajax/userlist') + query, function (result) { var loadedUsers = 0; var trs = []; if (result.status === 'success') { @@ -401,7 +402,7 @@ $(document).ready(function () { if ($(this).val().length > 0) { var recoveryPasswordVal = $('input:password[id="recoveryPassword"]').val(); $.post( - OC.Router.generate('settings_users_changepassword'), + OC.generateUrl('/settings/users/changepassword'), {username: uid, password: $(this).val(), recoveryPassword: recoveryPasswordVal}, function (result) { if (result.status != 'success') { diff --git a/settings/routes.php b/settings/routes.php index 64f7122f0cf..7d94f130088 100644 --- a/settings/routes.php +++ b/settings/routes.php @@ -6,6 +6,8 @@ * See the COPYING-README file. */ +/** @var $this OC_Router */ + // Settings pages $this->create('settings_help', '/settings/help') ->actionInclude('settings/help.php'); -- cgit v1.2.3 From 2e73c957e5b3ae4030e41520088fb078354ae8b1 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 4 Mar 2014 16:42:40 +0100 Subject: don't allow to create a file or folder named 'Shared' in the root folder, also exclude all combinations of lower and upper case letters --- apps/files/ajax/move.php | 2 +- apps/files/js/file-upload.js | 34 ++++++++++++++--------------- apps/files/js/filelist.js | 9 +++----- apps/files/js/files.js | 7 ++++-- apps/files/tests/js/filesSpec.js | 35 ++++++++++++++++++++++++++++++ lib/private/connector/sabre/directory.php | 4 ++-- lib/private/connector/sabre/objecttree.php | 3 +++ 7 files changed, 66 insertions(+), 28 deletions(-) (limited to 'apps/files/js/files.js') diff --git a/apps/files/ajax/move.php b/apps/files/ajax/move.php index 93063e52eb0..04a260265c2 100644 --- a/apps/files/ajax/move.php +++ b/apps/files/ajax/move.php @@ -18,7 +18,7 @@ if(\OC\Files\Filesystem::file_exists($target . '/' . $file)) { exit; } -if ($dir != '' || $file != 'Shared') { +if ($target != '' || strtolower($file) != 'shared') { $targetFile = \OC\Files\Filesystem::normalizePath($target . '/' . $file); $sourceFile = \OC\Files\Filesystem::normalizePath($dir . '/' . $file); if(\OC\Files\Filesystem::rename($sourceFile, $targetFile)) { diff --git a/apps/files/js/file-upload.js b/apps/files/js/file-upload.js index f962a7044a8..aa85644cefb 100644 --- a/apps/files/js/file-upload.js +++ b/apps/files/js/file-upload.js @@ -82,7 +82,7 @@ OC.Upload = { */ isProcessing:function() { var count = 0; - + jQuery.each(this._uploads,function(i, data) { if (data.state() === 'pending') { count++; @@ -208,13 +208,13 @@ $(document).ready(function() { add: function(e, data) { OC.Upload.log('add', e, data); var that = $(this); - + // we need to collect all data upload objects before starting the upload so we can check their existence // and set individual conflict actions. unfortunately there is only one variable that we can use to identify // the selection a data upload is part of, so we have to collect them in data.originalFiles // turning singleFileUploads off is not an option because we want to gracefully handle server errors like // already exists - + // create a container where we can store the data objects if ( ! data.originalFiles.selection ) { // initialize selection and remember number of files to upload @@ -225,34 +225,34 @@ $(document).ready(function() { }; } var selection = data.originalFiles.selection; - + // add uploads if ( selection.uploads.length < selection.filesToUpload ) { // remember upload selection.uploads.push(data); } - + //examine file var file = data.files[0]; try { // FIXME: not so elegant... need to refactor that method to return a value - Files.isFileNameValid(file.name); + Files.isFileNameValid(file.name, FileList.getCurrentDirectory()); } catch (errorMessage) { data.textStatus = 'invalidcharacters'; data.errorThrown = errorMessage; } - + if (file.type === '' && file.size === 4096) { data.textStatus = 'dirorzero'; data.errorThrown = t('files', 'Unable to upload {filename} as it is a directory or has 0 bytes', {filename: file.name} ); } - + // add size selection.totalBytes += file.size; - + // check PHP upload limit if (selection.totalBytes > $('#upload_limit').val()) { data.textStatus = 'sizeexceedlimit'; @@ -270,7 +270,7 @@ $(document).ready(function() { 'size2': humanFileSize($('#free_space').val()) }); } - + // end upload for whole selection on error if (data.errorThrown) { // trigger fileupload fail @@ -281,12 +281,12 @@ $(document).ready(function() { // check existing files when all is collected if ( selection.uploads.length >= selection.filesToUpload ) { - + //remove our selection hack: delete data.originalFiles.selection; var callbacks = { - + onNoConflicts: function (selection) { $.each(selection.uploads, function(i, upload) { upload.submit(); @@ -309,7 +309,7 @@ $(document).ready(function() { }; OC.Upload.checkExistingFiles(selection, callbacks); - + } return true; // continue adding files @@ -439,7 +439,7 @@ $(document).ready(function() { }); fileupload.on('fileuploadstop', function(e, data) { OC.Upload.log('progress handle fileuploadstop', e, data); - + $('#uploadprogresswrapper input.stop').fadeOut(); $('#uploadprogressbar').fadeOut(); Files.updateStorageStatistics(); @@ -531,7 +531,7 @@ $(document).ready(function() { if ($(this).children('p').length === 0) { return; } - + $('#new .error').tipsy('hide'); $('#new li').each(function(i,element) { @@ -545,7 +545,7 @@ $(document).ready(function() { var text=$(this).children('p').text(); $(this).data('text',text); $(this).children('p').remove(); - + // add input field var form = $('
'); var input = $(''); @@ -562,7 +562,7 @@ $(document).ready(function() { throw t('files', 'URL cannot be empty'); } else if (type !== 'web' && !Files.isFileNameValid(filename)) { // Files.isFileNameValid(filename) throws an exception itself - } else if ($('#dir').val() === '/' && filename === 'Shared') { + } else if (FileList.getCurrentDirectory() === '/' && filename.toLowerCase() === 'shared') { throw t('files', 'In the home folder \'Shared\' is a reserved filename'); } else if (FileList.inList(filename)) { throw t('files', '{new_name} already exists', {new_name: filename}); diff --git a/apps/files/js/filelist.js b/apps/files/js/filelist.js index 550c10dba3e..020ee275b7d 100644 --- a/apps/files/js/filelist.js +++ b/apps/files/js/filelist.js @@ -419,15 +419,12 @@ window.FileList={ len = input.val().length; } input.selectRange(0, len); - var checkInput = function () { var filename = input.val(); if (filename !== oldname) { - if (!Files.isFileNameValid(filename)) { - // Files.isFileNameValid(filename) throws an exception itself - } else if($('#dir').val() === '/' && filename === 'Shared') { - throw t('files','In the home folder \'Shared\' is a reserved filename'); - } else if (FileList.inList(filename)) { + // Files.isFileNameValid(filename) throws an exception itself + Files.isFileNameValid(filename, FileList.getCurrentDirectory()); + if (FileList.inList(filename)) { throw t('files', '{new_name} already exists', {new_name: filename}); } } diff --git a/apps/files/js/files.js b/apps/files/js/files.js index f4546120702..48e5771ae8a 100644 --- a/apps/files/js/files.js +++ b/apps/files/js/files.js @@ -87,9 +87,12 @@ var Files = { * Throws a string exception with an error message if * the file name is not valid */ - isFileNameValid: function (name) { + isFileNameValid: function (name, root) { var trimmedName = name.trim(); - if (trimmedName === '.' || trimmedName === '..') { + if (trimmedName === '.' + || trimmedName === '..' + || (root === '/' && trimmedName.toLowerCase() === 'shared')) + { throw t('files', '"{name}" is an invalid file name.', {name: name}); } else if (trimmedName.length === 0) { throw t('files', 'File name cannot be empty.'); diff --git a/apps/files/tests/js/filesSpec.js b/apps/files/tests/js/filesSpec.js index 018c8ef0f3c..95bf87e03ec 100644 --- a/apps/files/tests/js/filesSpec.js +++ b/apps/files/tests/js/filesSpec.js @@ -48,6 +48,41 @@ describe('Files tests', function() { expect(error).toEqual(false); } }); + it('Validates correct file names do not create Shared folder in root', function() { + // create shared file in subfolder + var error = false; + try { + expect(Files.isFileNameValid('shared', '/foo')).toEqual(true); + expect(Files.isFileNameValid('Shared', '/foo')).toEqual(true); + } + catch (e) { + error = e; + } + expect(error).toEqual(false); + + // create shared file in root + var threwException = false; + try { + Files.isFileNameValid('Shared', '/'); + console.error('Invalid file name not detected'); + } + catch (e) { + threwException = true; + } + expect(threwException).toEqual(true); + + // create shared file in root + var threwException = false; + try { + Files.isFileNameValid('shared', '/'); + console.error('Invalid file name not detected'); + } + catch (e) { + threwException = true; + } + expect(threwException).toEqual(true); + + }); it('Detects invalid file names', function() { var fileNames = [ '', diff --git a/lib/private/connector/sabre/directory.php b/lib/private/connector/sabre/directory.php index 02d1a9f4ba2..3ed9e94d69b 100644 --- a/lib/private/connector/sabre/directory.php +++ b/lib/private/connector/sabre/directory.php @@ -50,7 +50,7 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa */ public function createFile($name, $data = null) { - if ($name === 'Shared' && empty($this->path)) { + if (strtolower($name) === 'shared' && empty($this->path)) { throw new \Sabre_DAV_Exception_Forbidden(); } @@ -86,7 +86,7 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa */ public function createDirectory($name) { - if ($name === 'Shared' && empty($this->path)) { + if (strtolower($name) === 'shared' && empty($this->path)) { throw new \Sabre_DAV_Exception_Forbidden(); } diff --git a/lib/private/connector/sabre/objecttree.php b/lib/private/connector/sabre/objecttree.php index d2fa425b22c..accf020daa2 100644 --- a/lib/private/connector/sabre/objecttree.php +++ b/lib/private/connector/sabre/objecttree.php @@ -94,6 +94,9 @@ class ObjectTree extends \Sabre_DAV_ObjectTree { } if ($sourceDir !== $destinationDir) { // for a full move we need update privileges on sourcePath and sourceDir as well as destinationDir + if (ltrim($destinationDir, '/') === '' && strtolower($sourceNode->getName()) === 'shared') { + throw new \Sabre_DAV_Exception_Forbidden(); + } if (!$fs->isUpdatable($sourceDir)) { throw new \Sabre_DAV_Exception_Forbidden(); } -- cgit v1.2.3