From 366981fba6d01167c1ac38f559bd611062d8e534 Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Wed, 23 May 2018 10:50:44 +0200 Subject: Move public preview endpoint over Signed-off-by: Roeland Jago Douma --- apps/files_sharing/appinfo/routes.php | 8 +--- apps/files_sharing/js/public.js | 11 +++--- .../lib/Controller/PublicPreviewController.php | 44 +++++++++++++++++----- .../lib/Controller/ShareController.php | 2 +- 4 files changed, 41 insertions(+), 24 deletions(-) (limited to 'apps/files_sharing') diff --git a/apps/files_sharing/appinfo/routes.php b/apps/files_sharing/appinfo/routes.php index 863b27da277..8e5110c6a16 100644 --- a/apps/files_sharing/appinfo/routes.php +++ b/apps/files_sharing/appinfo/routes.php @@ -34,13 +34,7 @@ return [ ], [ 'name' => 'PublicPreview#getPreview', - 'url' => '/publicpreview', - 'verb' => 'GET', - ], - - [ - 'name' => 'PublicPreview#getPreview', - 'url' => '/ajax/publicpreview.php', + 'url' => '/publicpreview/{token}', 'verb' => 'GET', ], diff --git a/apps/files_sharing/js/public.js b/apps/files_sharing/js/public.js index 1de7c6b4fcd..e1e05f8964c 100644 --- a/apps/files_sharing/js/public.js +++ b/apps/files_sharing/js/public.js @@ -112,7 +112,6 @@ OCA.Sharing.PublicApp = { y: Math.ceil(previewHeight * window.devicePixelRatio), a: 'true', file: encodeURIComponent(this.initialDir + $('#filename').val()), - t: token, scalingup: 0 }; @@ -150,7 +149,7 @@ OCA.Sharing.PublicApp = { } else if ((previewSupported === 'true' && mimetype.substr(0, mimetype.indexOf('/')) !== 'video') || mimetype.substr(0, mimetype.indexOf('/')) === 'image' && mimetype !== 'image/svg+xml') { - img.attr('src', OC.filePath('files_sharing', 'ajax', 'publicpreview.php') + '?' + OC.buildQueryString(params)); + img.attr('src', OC.linkTo('files_sharing', '/publicpreview/'+token) + '?' + OC.buildQueryString(params)); imgcontainer.appendTo('#imgframe'); } else if (mimetype.substr(0, mimetype.indexOf('/')) !== 'video') { img.attr('src', OC.Util.replaceSVGIcon(mimetypeIcon)); @@ -158,7 +157,7 @@ OCA.Sharing.PublicApp = { imgcontainer.appendTo('#imgframe'); } else if (previewSupported === 'true') { - $('#imgframe > video').attr('poster', OC.filePath('files_sharing', 'ajax', 'publicpreview.php') + '?' + OC.buildQueryString(params)); + $('#imgframe > video').attr('poster', OC.linkTo('files_sharing', '/publicpreview/'+token) + '?' + OC.buildQueryString(params)); } if (this.fileList) { @@ -223,8 +222,8 @@ OCA.Sharing.PublicApp = { urlSpec.y *= window.devicePixelRatio; urlSpec.x = Math.ceil(urlSpec.x); urlSpec.y = Math.ceil(urlSpec.y); - urlSpec.t = $('#dirToken').val(); - return OC.generateUrl('/apps/files_sharing/ajax/publicpreview.php?') + $.param(urlSpec); + var token = $('#dirToken').val(); + return OC.linkTo('files_sharing', '/publicpreview/'+token) + '?' + OC.buildQueryString(urlSpec); }; this.fileList.updateEmptyContent = function() { @@ -427,4 +426,4 @@ $(document).ready(function () { }; } -}); \ No newline at end of file +}); diff --git a/apps/files_sharing/lib/Controller/PublicPreviewController.php b/apps/files_sharing/lib/Controller/PublicPreviewController.php index 0870995fc7b..b13c0a64b0e 100644 --- a/apps/files_sharing/lib/Controller/PublicPreviewController.php +++ b/apps/files_sharing/lib/Controller/PublicPreviewController.php @@ -27,15 +27,18 @@ use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\FileDisplayResponse; +use OCP\AppFramework\PublicShareController; use OCP\Constants; use OCP\Files\Folder; use OCP\Files\NotFoundException; use OCP\IPreview; use OCP\IRequest; +use OCP\ISession; use OCP\Share\Exceptions\ShareNotFound; use OCP\Share\IManager as ShareManager; +use OCP\Share\IShare; -class PublicPreviewController extends Controller { +class PublicPreviewController extends PublicShareController { /** @var ShareManager */ private $shareManager; @@ -43,16 +46,38 @@ class PublicPreviewController extends Controller { /** @var IPreview */ private $previewManager; - public function __construct($appName, + /** @var IShare */ + private $share; + + public function __construct(string $appName, IRequest $request, ShareManager $shareManger, + ISession $session, IPreview $previewManager) { - parent::__construct($appName, $request); + parent::__construct($appName, $request, $session); $this->shareManager = $shareManger; $this->previewManager = $previewManager; } + protected function getPasswordHash(): string { + return $this->share->getPassword(); + } + + public function isValidToken(): bool { + try { + $this->share = $this->shareManager->getShareByToken($this->getToken()); + return true; + } catch (ShareNotFound $e) { + return false; + } + } + + protected function isPasswordProtected(): bool { + return $this->share->getPassword() !== null; + } + + /** * @PublicPage * @NoCSRFRequired @@ -60,24 +85,23 @@ class PublicPreviewController extends Controller { * @param string $file * @param int $x * @param int $y - * @param string $t * @param bool $a * @return DataResponse|FileDisplayResponse */ public function getPreview( - $file = '', - $x = 32, - $y = 32, - $t = '', + string $token, + string $file = '', + int $x = 32, + int $y = 32, $a = false ) { - if ($t === '' || $x === 0 || $y === 0) { + if ($token === '' || $x === 0 || $y === 0) { return new DataResponse([], Http::STATUS_BAD_REQUEST); } try { - $share = $this->shareManager->getShareByToken($t); + $share = $this->shareManager->getShareByToken($token); } catch (ShareNotFound $e) { return new DataResponse([], Http::STATUS_NOT_FOUND); } diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php index 662099cd306..5c72bbd8c7b 100644 --- a/apps/files_sharing/lib/Controller/ShareController.php +++ b/apps/files_sharing/lib/Controller/ShareController.php @@ -372,7 +372,7 @@ class ShareController extends AuthPublicShareController { $ogPreview = ''; if ($shareTmpl['previewSupported']) { $shareTmpl['previewImage'] = $this->urlGenerator->linkToRouteAbsolute( 'files_sharing.PublicPreview.getPreview', - ['x' => 200, 'y' => 200, 'file' => $shareTmpl['directory_path'], 't' => $shareTmpl['dirToken']]); + ['x' => 200, 'y' => 200, 'file' => $shareTmpl['directory_path'], 'token' => $shareTmpl['dirToken']]); $ogPreview = $shareTmpl['previewImage']; // We just have direct previews for image files -- cgit v1.2.3