diff --git a/CHANGELOG.md b/CHANGELOG.md index 494eff80..85f390d8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Change Log -- zh-TW, pt-PT +- offline viewer for anonymous +- added hy, eu, zh-TW, ms, pt-PT + +## 1.3.0 +- update empty files +- anonymous without chat +- changed jwt implementation in csharp, csharp-mvc, php, ruby ## 1.2.0 - ruby v3.0 diff --git a/web/documentserver-example/csharp-mvc/3rd-Party.license b/web/documentserver-example/csharp-mvc/3rd-Party.license index e2d5af1c..008b3b80 100644 --- a/web/documentserver-example/csharp-mvc/3rd-Party.license +++ b/web/documentserver-example/csharp-mvc/3rd-Party.license @@ -24,11 +24,15 @@ jQuery.UI - jQuery UI is an open source library of interface components — License: MIT License File: jQuery.UI.license +JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/) +License: MIT +License File: JWT.license + Microsoft.Web.Infrastructure - This package contains the Microsoft.Web.Infrastructure assembly that lets you dynamically register HTTP modules at run time. (https://www.microsoft.com/web/webpi/eula/aspnetmvc3update-eula.htm) License: MS-EULA License License File: Microsoft.Web.Infrastructure.license -Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://licenses.nuget.org/MIT) +Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json) License: MIT License File: Newtonsoft.Json.license diff --git a/web/documentserver-example/csharp-mvc/Helpers/DocManagerHelper.cs b/web/documentserver-example/csharp-mvc/Helpers/DocManagerHelper.cs index affed566..79f3a9c5 100644 --- a/web/documentserver-example/csharp-mvc/Helpers/DocManagerHelper.cs +++ b/web/documentserver-example/csharp-mvc/Helpers/DocManagerHelper.cs @@ -242,7 +242,8 @@ namespace OnlineEditorsExampleMVC.Helpers { var uri = new UriBuilder(GetServerUrl(forDocumentServer)) { - Path = HttpRuntime.AppDomainAppVirtualPath + "/" + Path = HttpRuntime.AppDomainAppVirtualPath + + (HttpRuntime.AppDomainAppVirtualPath.EndsWith("/") ? "" : "/") + CurUserHostAddress() + "/" + fileName, Query = "" @@ -292,7 +293,7 @@ namespace OnlineEditorsExampleMVC.Helpers + "webeditor.ashx", Query = "type=track" + "&fileName=" + HttpUtility.UrlEncode(fileName) - + "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress) + + "&userAddress=" + HttpUtility.UrlEncode(CurUserHostAddress(HttpContext.Current.Request.UserHostAddress)) }; return callbackUrl.ToString(); } @@ -314,7 +315,7 @@ namespace OnlineEditorsExampleMVC.Helpers // create the public history url public static string GetHistoryDownloadUrl(string filename, string version, string file, Boolean isServer = true) { - var userAddress = "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress); + var userAddress = "&userAddress=" + HttpUtility.UrlEncode(CurUserHostAddress(HttpContext.Current.Request.UserHostAddress)); var downloadUrl = new UriBuilder(GetServerUrl(isServer)) { Path = @@ -342,6 +343,7 @@ namespace OnlineEditorsExampleMVC.Helpers + "webeditor.ashx", Query = "type=download" + "&fileName=" + HttpUtility.UrlEncode(fileName) + + "&userAddress=" + HttpUtility.UrlEncode(CurUserHostAddress(HttpContext.Current.Request.UserHostAddress)) + userAddress }; return downloadUrl.ToString(); diff --git a/web/documentserver-example/csharp-mvc/Helpers/JwtManager.cs b/web/documentserver-example/csharp-mvc/Helpers/JwtManager.cs index e0bf2cbf..392fb9eb 100644 --- a/web/documentserver-example/csharp-mvc/Helpers/JwtManager.cs +++ b/web/documentserver-example/csharp-mvc/Helpers/JwtManager.cs @@ -16,12 +16,12 @@ * */ -using System; +using JWT; +using JWT.Algorithms; +using JWT.Builder; +using JWT.Serializers; using System.Collections.Generic; -using System.Security.Cryptography; -using System.Text; using System.Web.Configuration; -using System.Web.Script.Serialization; namespace OnlineEditorsExampleMVC.Helpers { @@ -30,31 +30,19 @@ namespace OnlineEditorsExampleMVC.Helpers private static readonly string Secret; public static readonly bool Enabled; - private static readonly JavaScriptSerializer Serializer; - static JwtManager() { Secret = WebConfigurationManager.AppSettings["files.docservice.secret"] ?? ""; // get token secret from the config parameters Enabled = !string.IsNullOrEmpty(Secret); // check if the token is enabled - Serializer = new JavaScriptSerializer(); // define java script serializer } // encode a payload object into a token using a secret key public static string Encode(IDictionary payload) { - // define the hashing algorithm and the token type - var header = new Dictionary - { - { "alg", "HS256" }, - { "typ", "JWT" } - }; - - // three parts of token - var encHeader = Base64UrlEncode(Serializer.Serialize(header)); // header - var encPayload = Base64UrlEncode(Serializer.Serialize(payload)); // payload - var hashSum = Base64UrlEncode(CalculateHash(encHeader, encPayload)); // signature - - return string.Format("{0}.{1}.{2}", encHeader, encPayload, hashSum); + var encoder = new JwtEncoder(new HMACSHA256Algorithm(), + new JsonNetSerializer(), + new JwtBase64UrlEncoder()); + return encoder.Encode(payload, Secret); } // decode a token into a payload object using a secret key @@ -62,52 +50,11 @@ namespace OnlineEditorsExampleMVC.Helpers { if (!Enabled || string.IsNullOrEmpty(token)) return ""; - var split = token.Split('.'); - if (split.Length != 3) return ""; - - var hashSum = Base64UrlEncode(CalculateHash(split[0], split[1])); // get signature - if (hashSum != split[2]) return ""; // and check if it is equal to the signature from the token - return Base64UrlDecode(split[1]); // decode payload - } - - // generate a hash code based on a key using the HMAC method - private static byte[] CalculateHash(string encHeader, string encPayload) - { - using (var hasher = new HMACSHA256(Encoding.UTF8.GetBytes(Secret))) - { - var bytes = Encoding.UTF8.GetBytes(string.Format("{0}.{1}", encHeader, encPayload)); - return hasher.ComputeHash(bytes); - } - } - - // encode a string into the base64 value - private static string Base64UrlEncode(string str) - { - return Base64UrlEncode(Encoding.UTF8.GetBytes(str)); - } - - // encode bytes into the base64 value - private static string Base64UrlEncode(byte[] bytes) - { - return Convert.ToBase64String(bytes) - .TrimEnd('=').Replace('+', '-').Replace('/', '_'); - } - - // decode a base64 value into the string - private static string Base64UrlDecode(string payload) - { - var b64 = payload.Replace('_', '/').Replace('-', '+'); - switch (b64.Length%4) - { - case 2: - b64 += "=="; - break; - case 3: - b64 += "="; - break; - } - var bytes = Convert.FromBase64String(b64); - return Encoding.UTF8.GetString(bytes); + return JwtBuilder.Create() + .WithAlgorithm(new HMACSHA256Algorithm()) + .WithSecret(Secret) + .MustVerifySignature() + .Decode(token); } } } \ No newline at end of file diff --git a/web/documentserver-example/csharp-mvc/Helpers/Users.cs b/web/documentserver-example/csharp-mvc/Helpers/Users.cs index 6552e899..848c35d9 100644 --- a/web/documentserver-example/csharp-mvc/Helpers/Users.cs +++ b/web/documentserver-example/csharp-mvc/Helpers/Users.cs @@ -67,7 +67,9 @@ namespace OnlineEditorsExampleMVC.Helpers "Can't mention others in comments", "Can't create new files from the editor", "Can’t see anyone’s information", - "Can't rename files from the editor" + "Can't rename files from the editor", + "Can't view chat", + "View file without collaboration", }; private static List users = new List() { diff --git a/web/documentserver-example/csharp-mvc/Models/FileModel.cs b/web/documentserver-example/csharp-mvc/Models/FileModel.cs index 1de6710c..bfc0c69b 100755 --- a/web/documentserver-example/csharp-mvc/Models/FileModel.cs +++ b/web/documentserver-example/csharp-mvc/Models/FileModel.cs @@ -150,6 +150,7 @@ namespace OnlineEditorsExampleMVC.Models { "modifyFilter", editorsMode != "filter" }, { "modifyContentControl", editorsMode != "blockcontent" }, { "review", canEdit && (editorsMode == "edit" || editorsMode == "review") }, + { "chat", !user.id.Equals("uid-0") }, { "reviewGroups", user.reviewGroups }, { "commentGroups", user.commentGroups }, { "userInfoGroups", user.userInfoGroups } @@ -164,6 +165,11 @@ namespace OnlineEditorsExampleMVC.Models { "mode", mode }, { "lang", request.Cookies.GetOrDefault("ulang", "en") }, { "callbackUrl", CallbackUrl }, // absolute URL to the document storage service + { "coEditing", editorsMode == "view" && user.id.Equals("uid-0") ? + new Dictionary{ + {"mode", "strict"}, + {"change", false} + } : null }, { "createUrl", !user.id.Equals("uid-0") ? createUrl : null }, { "templates", user.templates ? templates : null }, { @@ -197,7 +203,7 @@ namespace OnlineEditorsExampleMVC.Models { "goback", new Dictionary // settings for the Open file location menu button and upper right corner button { - { "url", url.Action("Index", "Home") } // the absolute URL to the website address which will be opened when clicking the Open file location menu button + { "url", DocManagerHelper.GetServerUrl(false) } // the absolute URL to the website address which will be opened when clicking the Open file location menu button } } } diff --git a/web/documentserver-example/csharp-mvc/OnlineEditorsExampleMVC.csproj b/web/documentserver-example/csharp-mvc/OnlineEditorsExampleMVC.csproj index 43694b0d..7c57de31 100644 --- a/web/documentserver-example/csharp-mvc/OnlineEditorsExampleMVC.csproj +++ b/web/documentserver-example/csharp-mvc/OnlineEditorsExampleMVC.csproj @@ -43,6 +43,9 @@ 4 + + packages\JWT.9.0.3\lib\net46\JWT.dll + diff --git a/web/documentserver-example/csharp-mvc/Views/Home/Index.aspx b/web/documentserver-example/csharp-mvc/Views/Home/Index.aspx index ac5d02f3..18a621a2 100644 --- a/web/documentserver-example/csharp-mvc/Views/Home/Index.aspx +++ b/web/documentserver-example/csharp-mvc/Views/Home/Index.aspx @@ -163,7 +163,7 @@ var isFillFormDoc = DocManagerHelper.FillFormExts.Contains(ext); %> - + " target="_blank"> <%= storedFile.Name %> diff --git a/web/documentserver-example/csharp-mvc/assets b/web/documentserver-example/csharp-mvc/assets index 1d601d84..1fc823af 160000 --- a/web/documentserver-example/csharp-mvc/assets +++ b/web/documentserver-example/csharp-mvc/assets @@ -1 +1 @@ -Subproject commit 1d601d84c415303c60beee14edc3867ebac0626f +Subproject commit 1fc823afa909e4c49551e4e5b945189a21ff1999 diff --git a/web/documentserver-example/csharp-mvc/licenses/3rd-Party.license b/web/documentserver-example/csharp-mvc/licenses/3rd-Party.license index e2d5af1c..008b3b80 100644 --- a/web/documentserver-example/csharp-mvc/licenses/3rd-Party.license +++ b/web/documentserver-example/csharp-mvc/licenses/3rd-Party.license @@ -24,11 +24,15 @@ jQuery.UI - jQuery UI is an open source library of interface components — License: MIT License File: jQuery.UI.license +JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/) +License: MIT +License File: JWT.license + Microsoft.Web.Infrastructure - This package contains the Microsoft.Web.Infrastructure assembly that lets you dynamically register HTTP modules at run time. (https://www.microsoft.com/web/webpi/eula/aspnetmvc3update-eula.htm) License: MS-EULA License License File: Microsoft.Web.Infrastructure.license -Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://licenses.nuget.org/MIT) +Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json) License: MIT License File: Newtonsoft.Json.license diff --git a/web/documentserver-example/csharp-mvc/licenses/JWT.license b/web/documentserver-example/csharp-mvc/licenses/JWT.license new file mode 100644 index 00000000..c10aa66a --- /dev/null +++ b/web/documentserver-example/csharp-mvc/licenses/JWT.license @@ -0,0 +1,21 @@ +# Public Domain + +Written by John Sheehan (http://john-sheehan.com) + +This work is public domain. + +The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law. + +For more information, please visit: http://creativecommons.org/publicdomain/zero/1.0/ + +# MIT + +Copyright (c) 2019 Jwt.Net Maintainers and Contributors. + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +For more information, please visit: https://opensource.org/licenses/MIT \ No newline at end of file diff --git a/web/documentserver-example/csharp-mvc/packages.config b/web/documentserver-example/csharp-mvc/packages.config index ef083700..3a896490 100644 --- a/web/documentserver-example/csharp-mvc/packages.config +++ b/web/documentserver-example/csharp-mvc/packages.config @@ -2,6 +2,7 @@ + @@ -11,6 +12,6 @@ - + \ No newline at end of file diff --git a/web/documentserver-example/csharp-mvc/web.appsettings.config b/web/documentserver-example/csharp-mvc/web.appsettings.config index abec08cf..8954c715 100644 --- a/web/documentserver-example/csharp-mvc/web.appsettings.config +++ b/web/documentserver-example/csharp-mvc/web.appsettings.config @@ -1,7 +1,7 @@ - + @@ -16,7 +16,7 @@ - + diff --git a/web/documentserver-example/csharp/3rd-Party.license b/web/documentserver-example/csharp/3rd-Party.license index 7bb4393a..6eeba4af 100644 --- a/web/documentserver-example/csharp/3rd-Party.license +++ b/web/documentserver-example/csharp/3rd-Party.license @@ -19,3 +19,11 @@ License File: jQuery.iframe-transport.license jQuery.UI - jQuery UI is an open source library of interface components — interactions, full-featured widgets, and animation effects — based on the stellar jQuery javascript library . Each component is built according to jQuery's event-driven architecture (find something, manipulate it) and is themeable, making it easy for developers of any skill level to integrate and extend into their own code. (https://jquery.org/license/) License: MIT License File: jQuery.UI.license + +JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/) +License: MIT +License File: JWT.license + +Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json) +License: MIT +License File: Newtonsoft.Json.license \ No newline at end of file diff --git a/web/documentserver-example/csharp/Default.aspx b/web/documentserver-example/csharp/Default.aspx index beb96345..f6922423 100644 --- a/web/documentserver-example/csharp/Default.aspx +++ b/web/documentserver-example/csharp/Default.aspx @@ -165,7 +165,7 @@ var isFillFormDoc = FillFormsExts.Contains(ext); %> - + <%= storedFile.Name %> diff --git a/web/documentserver-example/csharp/Default.aspx.cs b/web/documentserver-example/csharp/Default.aspx.cs index 8551245a..71c823cd 100644 --- a/web/documentserver-example/csharp/Default.aspx.cs +++ b/web/documentserver-example/csharp/Default.aspx.cs @@ -485,7 +485,7 @@ namespace OnlineEditorsExample + (HttpRuntime.AppDomainAppVirtualPath.EndsWith("/") ? "" : "/") + "webeditor.ashx"; fileUrl.Query = "type=download&fileName=" + HttpUtility.UrlEncode(_fileName) - + "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress); + + "&userAddress=" + HttpUtility.UrlEncode(CurUserHostAddress(HttpContext.Current.Request.UserHostAddress)); // get the url to the converted file string newFileUri; diff --git a/web/documentserver-example/csharp/DocEditor.aspx.cs b/web/documentserver-example/csharp/DocEditor.aspx.cs index 89600196..cdbc50a7 100755 --- a/web/documentserver-example/csharp/DocEditor.aspx.cs +++ b/web/documentserver-example/csharp/DocEditor.aspx.cs @@ -81,7 +81,7 @@ namespace OnlineEditorsExample + "webeditor.ashx"; callbackUrl.Query = "type=track" + "&fileName=" + HttpUtility.UrlEncode(FileName) - + "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress); + + "&userAddress=" + HttpUtility.UrlEncode(_Default.CurUserHostAddress(HttpContext.Current.Request.UserHostAddress)); return callbackUrl.ToString(); } } @@ -102,7 +102,7 @@ namespace OnlineEditorsExample // get url to download a file public static string getDownloadUrl(string fileName, Boolean isServer = true) { - var userAddress = isServer ? "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress) : ""; + var userAddress = isServer ? "&userAddress=" + HttpUtility.UrlEncode(_Default.CurUserHostAddress(HttpContext.Current.Request.UserHostAddress)) : ""; var downloadUrl = new UriBuilder(_Default.GetServerUrl(isServer)); downloadUrl.Path = HttpRuntime.AppDomainAppVirtualPath @@ -219,6 +219,7 @@ namespace OnlineEditorsExample { "modifyFilter", editorsMode != "filter" }, { "modifyContentControl", editorsMode != "blockcontent" }, { "review", canEdit && (editorsMode == "edit" || editorsMode == "review") }, + { "chat", !user.id.Equals("uid-0") }, { "reviewGroups", user.reviewGroups }, { "commentGroups", user.commentGroups }, { "userInfoGroups", user.userInfoGroups } @@ -233,6 +234,11 @@ namespace OnlineEditorsExample { "mode", mode }, { "lang", Request.Cookies.GetOrDefault("ulang", "en") }, { "callbackUrl", CallbackUrl }, // absolute URL to the document storage service + { "coEditing", editorsMode == "view" && user.id.Equals("uid-0") ? + new Dictionary{ + {"mode", "strict"}, + {"change", false} + } : null }, { "createUrl", !user.id.Equals("uid-0") ? createUrl : null }, { "templates", user.templates ? templates : null }, { @@ -551,7 +557,7 @@ namespace OnlineEditorsExample // create the public history url private string MakePublicHistoryUrl(string filename, string version, string file, Boolean isServer = true) { - var userAddress = isServer ? "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress) : ""; + var userAddress = isServer ? "&userAddress=" + HttpUtility.UrlEncode(_Default.CurUserHostAddress(HttpContext.Current.Request.UserHostAddress)) : ""; var fileUrl = new UriBuilder(_Default.GetServerUrl(isServer)); fileUrl.Path = HttpRuntime.AppDomainAppVirtualPath + (HttpRuntime.AppDomainAppVirtualPath.EndsWith("/") ? "" : "/") diff --git a/web/documentserver-example/csharp/JwtManager.cs b/web/documentserver-example/csharp/JwtManager.cs index 8faea06e..6205b430 100644 --- a/web/documentserver-example/csharp/JwtManager.cs +++ b/web/documentserver-example/csharp/JwtManager.cs @@ -16,12 +16,12 @@ * */ -using System; +using JWT; +using JWT.Algorithms; +using JWT.Builder; +using JWT.Serializers; using System.Collections.Generic; -using System.Security.Cryptography; -using System.Text; using System.Web.Configuration; -using System.Web.Script.Serialization; namespace OnlineEditorsExample { @@ -30,31 +30,19 @@ namespace OnlineEditorsExample private static readonly string Secret; public static readonly bool Enabled; - private static readonly JavaScriptSerializer Serializer; - static JwtManager() { Secret = WebConfigurationManager.AppSettings["files.docservice.secret"] ?? ""; // get token secret from the config parameters Enabled = !string.IsNullOrEmpty(Secret); // check if the token is enabled - Serializer = new JavaScriptSerializer(); // define java script serializer } // encode a payload object into a token using a secret key public static string Encode(IDictionary payload) { - // define the hashing algorithm and the token type - var header = new Dictionary - { - { "alg", "HS256" }, - { "typ", "JWT" } - }; - - // three parts of token - var encHeader = Base64UrlEncode(Serializer.Serialize(header)); // header - var encPayload = Base64UrlEncode(Serializer.Serialize(payload)); // payload - var hashSum = Base64UrlEncode(CalculateHash(encHeader, encPayload)); // signature - - return string.Format("{0}.{1}.{2}", encHeader, encPayload, hashSum); + var encoder = new JwtEncoder(new HMACSHA256Algorithm(), + new JsonNetSerializer(), + new JwtBase64UrlEncoder()); + return encoder.Encode(payload, Secret); } // decode a token into a payload object using a secret key @@ -62,52 +50,11 @@ namespace OnlineEditorsExample { if (!Enabled || string.IsNullOrEmpty(token)) return ""; - var split = token.Split('.'); - if (split.Length != 3) return ""; - - var hashSum = Base64UrlEncode(CalculateHash(split[0], split[1])); // get signature - if (hashSum != split[2]) return ""; // and check if it is equal to the signature from the token - return Base64UrlDecode(split[1]); // decode payload - } - - // generate a hash code based on a key using the HMAC method - private static byte[] CalculateHash(string encHeader, string encPayload) - { - using (var hasher = new HMACSHA256(Encoding.UTF8.GetBytes(Secret))) - { - var bytes = Encoding.UTF8.GetBytes(string.Format("{0}.{1}", encHeader, encPayload)); - return hasher.ComputeHash(bytes); - } - } - - // encode a string into the base64 value - private static string Base64UrlEncode(string str) - { - return Base64UrlEncode(Encoding.UTF8.GetBytes(str)); - } - - // encode bytes into the base64 value - private static string Base64UrlEncode(byte[] bytes) - { - return Convert.ToBase64String(bytes) - .TrimEnd('=').Replace('+', '-').Replace('/', '_'); - } - - // decode a base64 value into the string - private static string Base64UrlDecode(string payload) - { - var b64 = payload.Replace('_', '/').Replace('-', '+'); - switch (b64.Length%4) - { - case 2: - b64 += "=="; - break; - case 3: - b64 += "="; - break; - } - var bytes = Convert.FromBase64String(b64); - return Encoding.UTF8.GetString(bytes); + return JwtBuilder.Create() + .WithAlgorithm(new HMACSHA256Algorithm()) + .WithSecret(Secret) + .MustVerifySignature() + .Decode(token); } } } \ No newline at end of file diff --git a/web/documentserver-example/csharp/OnlineEditorsExample.csproj b/web/documentserver-example/csharp/OnlineEditorsExample.csproj index 0529c06d..e6e5b28e 100644 --- a/web/documentserver-example/csharp/OnlineEditorsExample.csproj +++ b/web/documentserver-example/csharp/OnlineEditorsExample.csproj @@ -44,10 +44,16 @@ false + + packages\JWT.9.0.3\lib\net46\JWT.dll + packages\Microsoft.Web.Infrastructure.1.0.0.0\lib\net40\Microsoft.Web.Infrastructure.dll + + packages\Newtonsoft.Json.10.0.3\lib\net45\Newtonsoft.Json.dll + diff --git a/web/documentserver-example/csharp/Users.cs b/web/documentserver-example/csharp/Users.cs index 5d607ab0..6b0a4fd0 100644 --- a/web/documentserver-example/csharp/Users.cs +++ b/web/documentserver-example/csharp/Users.cs @@ -66,7 +66,9 @@ namespace OnlineEditorsExample "Can't mention others in comments", "Can't create new files from the editor", "Can’t see anyone’s information", - "Can't rename files from the editor" + "Can't rename files from the editor", + "Can't view chat", + "View file without collaboration", }; private static List users = new List() { diff --git a/web/documentserver-example/csharp/WebEditor.ashx.cs b/web/documentserver-example/csharp/WebEditor.ashx.cs index 4487f8ce..50ba23bb 100644 --- a/web/documentserver-example/csharp/WebEditor.ashx.cs +++ b/web/documentserver-example/csharp/WebEditor.ashx.cs @@ -207,7 +207,7 @@ namespace OnlineEditorsExample try { var fileName = Path.GetFileName(context.Request["fileName"]); - var path = _Default.StoragePath(fileName, HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress)); + var path = _Default.StoragePath(fileName, HttpUtility.UrlEncode(_Default.CurUserHostAddress(HttpContext.Current.Request.UserHostAddress))); var histDir = _Default.HistoryDir(path); if (File.Exists(path)) File.Delete(path); // delete file diff --git a/web/documentserver-example/csharp/assets b/web/documentserver-example/csharp/assets index 1d601d84..1fc823af 160000 --- a/web/documentserver-example/csharp/assets +++ b/web/documentserver-example/csharp/assets @@ -1 +1 @@ -Subproject commit 1d601d84c415303c60beee14edc3867ebac0626f +Subproject commit 1fc823afa909e4c49551e4e5b945189a21ff1999 diff --git a/web/documentserver-example/csharp/licenses/3rd-Party.license b/web/documentserver-example/csharp/licenses/3rd-Party.license index 7bb4393a..6eeba4af 100644 --- a/web/documentserver-example/csharp/licenses/3rd-Party.license +++ b/web/documentserver-example/csharp/licenses/3rd-Party.license @@ -19,3 +19,11 @@ License File: jQuery.iframe-transport.license jQuery.UI - jQuery UI is an open source library of interface components — interactions, full-featured widgets, and animation effects — based on the stellar jQuery javascript library . Each component is built according to jQuery's event-driven architecture (find something, manipulate it) and is themeable, making it easy for developers of any skill level to integrate and extend into their own code. (https://jquery.org/license/) License: MIT License File: jQuery.UI.license + +JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/) +License: MIT +License File: JWT.license + +Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json) +License: MIT +License File: Newtonsoft.Json.license \ No newline at end of file diff --git a/web/documentserver-example/csharp/licenses/JWT.license b/web/documentserver-example/csharp/licenses/JWT.license new file mode 100644 index 00000000..c10aa66a --- /dev/null +++ b/web/documentserver-example/csharp/licenses/JWT.license @@ -0,0 +1,21 @@ +# Public Domain + +Written by John Sheehan (http://john-sheehan.com) + +This work is public domain. + +The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law. + +For more information, please visit: http://creativecommons.org/publicdomain/zero/1.0/ + +# MIT + +Copyright (c) 2019 Jwt.Net Maintainers and Contributors. + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +For more information, please visit: https://opensource.org/licenses/MIT \ No newline at end of file diff --git a/web/documentserver-example/csharp/licenses/Newtonsoft.Json.license b/web/documentserver-example/csharp/licenses/Newtonsoft.Json.license new file mode 100644 index 00000000..dfaadbe4 --- /dev/null +++ b/web/documentserver-example/csharp/licenses/Newtonsoft.Json.license @@ -0,0 +1,20 @@ +The MIT License (MIT) + +Copyright (c) 2007 James Newton-King + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/web/documentserver-example/csharp/packages.config b/web/documentserver-example/csharp/packages.config index 43681638..59580bcc 100644 --- a/web/documentserver-example/csharp/packages.config +++ b/web/documentserver-example/csharp/packages.config @@ -1,6 +1,8 @@  + + \ No newline at end of file diff --git a/web/documentserver-example/csharp/settings.config b/web/documentserver-example/csharp/settings.config index 7ac83375..28604133 100644 --- a/web/documentserver-example/csharp/settings.config +++ b/web/documentserver-example/csharp/settings.config @@ -1,7 +1,7 @@ - + @@ -15,7 +15,7 @@ - + diff --git a/web/documentserver-example/java-spring/pom.xml b/web/documentserver-example/java-spring/pom.xml index 3e2bd94a..47736371 100644 --- a/web/documentserver-example/java-spring/pom.xml +++ b/web/documentserver-example/java-spring/pom.xml @@ -48,7 +48,7 @@ com.google.code.gson gson - 2.8.5 + 2.8.9 com.inversoft diff --git a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/ExampleData.java b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/ExampleData.java index 10712df1..be5c2d90 100644 --- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/ExampleData.java +++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/ExampleData.java @@ -42,7 +42,9 @@ public class ExampleData { "Can't mention others in comments", "Can't create new files from the editor", "Can’t see anyone’s information", - "Can't rename files from the editor" + "Can't rename files from the editor", + "Can't view chat", + "View file without collaboration" ); List description_user_1 = List.of( // the description for user 1 "File author by default", @@ -51,7 +53,8 @@ public class ExampleData { "He can do everything with the comments", "The file favorite state is undefined", "Can create a file from a template with data from the editor", - "Can see the information about all users" + "Can see the information about all users", + "Can view chat" ); List description_user_2 = List.of( // the description for user 2 "He belongs to Group2", @@ -59,7 +62,8 @@ public class ExampleData { "He can view every comment, edit his comments and the comments left by the users who don't belong to any of the groups and remove only his comments", "This file is favorite", "Can create a file from an editor", - "Can see the information about users from Group2 and users who don’t belong to any group" + "Can see the information about users from Group2 and users who don’t belong to any group", + "Can view chat" ); List description_user_3 = List.of( // the description for user 3 "He belongs to Group3", @@ -70,7 +74,8 @@ public class ExampleData { "He can’t download the file", "He can’t print the file", "Can create a file from an editor", - "Can see the information about Group2 users" + "Can see the information about Group2 users", + "Can view chat" ); userService.createUser("John Smith", "smith@example.com", // create user 1 with the specified parameters description_user_1, "", List.of(FilterState.NULL.toString()), @@ -78,15 +83,18 @@ public class ExampleData { List.of(FilterState.NULL.toString()), List.of(FilterState.NULL.toString()), List.of(FilterState.NULL.toString()), - null); + null, true); userService.createUser("Mark Pottato", "pottato@example.com", // create user 2 with the specified parameters description_user_2, "group-2", List.of("","group-2"), List.of(FilterState.NULL.toString()), - List.of("group-2", ""), List.of("group-2"), List.of("group-2", ""), true); + List.of("group-2", ""), List.of("group-2"), List.of("group-2", ""), true, + true); userService.createUser("Hamish Mitchell", "mitchell@example.com", // create user 3 with the specified parameters description_user_3, "group-3", List.of("group-2"), List.of("group-2", "group-3"), - List.of("group-2"), new ArrayList<>(), List.of("group-2"), false); + List.of("group-2"), new ArrayList<>(), List.of("group-2"), false, + true); userService.createUser("Anonymous",null, // create user 0 with the specified parameters description_user_0,"", List.of(FilterState.NULL.toString()), List.of(FilterState.NULL.toString()), - List.of(FilterState.NULL.toString()), List.of(FilterState.NULL.toString()), new ArrayList<>(),null); + List.of(FilterState.NULL.toString()), List.of(FilterState.NULL.toString()), new ArrayList<>(),null, + false); } } diff --git a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/enums/Action.java b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/enums/Action.java index 170a69ab..5cf8c190 100755 --- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/enums/Action.java +++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/enums/Action.java @@ -25,6 +25,7 @@ public enum Action { embedded, filter, comment, + chat, fillForms, blockcontent } diff --git a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/filemodel/EditorConfig.java b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/filemodel/EditorConfig.java index bf0a1121..bbcda7d2 100755 --- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/filemodel/EditorConfig.java +++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/filemodel/EditorConfig.java @@ -38,6 +38,7 @@ import java.util.List; public class EditorConfig { // the parameters pertaining to the editor interface: opening mode (viewer or editor), interface language, additional buttons, etc. private HashMap actionLink = null; // the data which contains the information about the action in the document that will be scrolled to private String callbackUrl; // the absolute URL to the document storage service + private HashMap coEditing = null; private String createUrl; // the absolute URL of the document where it will be created and available after creation @Autowired private Customization customization; // the parameters which allow to customize the editor interface so that it looked like your other products (if there are any) and change the presence or absence of the additional buttons, links, change logos and editor owner details diff --git a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/filemodel/Permission.java b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/filemodel/Permission.java index 899bbd4f..06518af8 100755 --- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/filemodel/Permission.java +++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/models/filemodel/Permission.java @@ -43,6 +43,7 @@ public class Permission extends AbstractModel { // the permission for the docum private Boolean modifyFilter = true; // if the filter can applied globally (true) affecting all the other users, or locally (false) private Boolean modifyContentControl = true; // if the content control settings can be changed private Boolean review = true; // if the document can be reviewed or not + private Boolean chat = true; // if a chat can be used @JsonInclude(value = JsonInclude.Include.CUSTOM, valueFilter = SerializerFilter.class) private List reviewGroups; // the groups whose changes the user can accept/reject @Autowired diff --git a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/entities/Permission.java b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/entities/Permission.java index e84630e2..673fc3d0 100755 --- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/entities/Permission.java +++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/entities/Permission.java @@ -38,6 +38,7 @@ public class Permission extends AbstractEntity { private Boolean modifyFilter = true; private Boolean modifyContentControl = true; private Boolean review = true; + private Boolean chat = true; private Boolean templates=true; @ManyToMany private List reviewGroups; diff --git a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/PermissionServices.java b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/PermissionServices.java index bdf1b325..83a4e4c2 100755 --- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/PermissionServices.java +++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/PermissionServices.java @@ -37,7 +37,8 @@ public class PermissionServices { List commentViewGroups, List commentEditGroups, List commentRemoveGroups, - List userInfoGroups){ + List userInfoGroups, + Boolean chat){ Permission permission = new Permission(); permission.setReviewGroups(reviewGroups); // define the groups whose changes the user can accept/reject @@ -45,6 +46,7 @@ public class PermissionServices { permission.setCommentsEditGroups(commentEditGroups); // defines the groups whose comments the user can edit permission.setCommentsRemoveGroups(commentRemoveGroups); // defines the groups whose comments the user can remove permission.setUserInfoGroups(userInfoGroups); + permission.setChat(chat); permissionRepository.save(permission); // save new permissions diff --git a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/UserServices.java b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/UserServices.java index f4aad266..de6e5501 100755 --- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/UserServices.java +++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/UserServices.java @@ -56,7 +56,9 @@ public class UserServices { List reviewGroups, List viewGroups, List editGroups, - List removeGroups, List userInfoGroups, Boolean favoriteDoc){ + List removeGroups, + List userInfoGroups, Boolean favoriteDoc, + Boolean chat){ User newUser = new User(); newUser.setName(name); // set the user name newUser.setEmail(email); // set the user email @@ -71,7 +73,7 @@ public class UserServices { List usInfoGroups = groupServices.createGroups(userInfoGroups); Permission permission = permissionService - .createPermission(groupsReview, commentGroupsView, commentGroupsEdit, commentGroupsRemove, usInfoGroups); // specify permissions for the current user + .createPermission(groupsReview, commentGroupsView, commentGroupsEdit, commentGroupsRemove, usInfoGroups, chat); // specify permissions for the current user newUser.setPermissions(permission); userRepository.save(newUser); // save a new user diff --git a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/configurers/implementations/DefaultEditorConfigConfigurer.java b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/configurers/implementations/DefaultEditorConfigConfigurer.java index 42a62e70..3714576c 100644 --- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/configurers/implementations/DefaultEditorConfigConfigurer.java +++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/services/configurers/implementations/DefaultEditorConfigConfigurer.java @@ -82,6 +82,10 @@ public class DefaultEditorConfigConfigurer implements EditorConfigConfigurer() {{ + put("mode", "strict"); + put("change", false); + }} : null); defaultCustomizationConfigurer.configure(config.getCustomization(), DefaultCustomizationWrapper.builder() // define the customization configurer .action(action) diff --git a/web/documentserver-example/java-spring/src/main/resources/application.properties b/web/documentserver-example/java-spring/src/main/resources/application.properties index 57659199..a38e595d 100755 --- a/web/documentserver-example/java-spring/src/main/resources/application.properties +++ b/web/documentserver-example/java-spring/src/main/resources/application.properties @@ -1,4 +1,4 @@ -server.version=1.2.0 +server.version=1.3.0 server.address= server.port=4000 @@ -27,7 +27,7 @@ files.docservice.header=Authorization files.docservice.verify-peer-off=true -files.docservice.languages=en:English|az:Azerbaijani|be:Belarusian|bg:Bulgarian|ca:Catalan|zh:Chinese (People's Republic of China)|zh-TW:Chinese (Traditional, Taiwan)|cs:Czech|da:Danish|nl:Dutch|fi:Finnish|fr:French|gl:Galego|de:German|el:Greek|hu:Hungarian|id:Indonesian|it:Italian|ja:Japanese|ko:Korean|lv:Latvian|lo:Lao|nb:Norwegian|pl:Polish|pt:Portuguese (Brazil)|pt-PT:Portuguese (Portugal)|ro:Romanian|ru:Russian|sk:Slovak|sl:Slovenian|es:Spanish|sv:Swedish|tr:Turkish|uk:Ukrainian|vi:Vietnamese +files.docservice.languages=en:English|hy:Armenian|az:Azerbaijani|eu:Basque|be:Belarusian|bg:Bulgarian|ca:Catalan|zh:Chinese (People's Republic of China)|zh-TW:Chinese (Traditional, Taiwan)|cs:Czech|da:Danish|nl:Dutch|fi:Finnish|fr:French|gl:Galego|de:German|el:Greek|hu:Hungarian|id:Indonesian|it:Italian|ja:Japanese|ko:Korean|lv:Latvian|lo:Lao|ms:Malay (Malaysia)|nb:Norwegian|pl:Polish|pt:Portuguese (Brazil)|pt-PT:Portuguese (Portugal)|ro:Romanian|ru:Russian|sk:Slovak|sl:Slovenian|es:Spanish|sv:Swedish|tr:Turkish|uk:Ukrainian|vi:Vietnamese spring.datasource.url=jdbc:h2:mem:usersdb spring.datasource.driverClassName=org.h2.Driver diff --git a/web/documentserver-example/java-spring/src/main/resources/assets b/web/documentserver-example/java-spring/src/main/resources/assets index 1d601d84..1fc823af 160000 --- a/web/documentserver-example/java-spring/src/main/resources/assets +++ b/web/documentserver-example/java-spring/src/main/resources/assets @@ -1 +1 @@ -Subproject commit 1d601d84c415303c60beee14edc3867ebac0626f +Subproject commit 1fc823afa909e4c49551e4e5b945189a21ff1999 diff --git a/web/documentserver-example/java/pom.xml b/web/documentserver-example/java/pom.xml index 5d15743f..784172bb 100644 --- a/web/documentserver-example/java/pom.xml +++ b/web/documentserver-example/java/pom.xml @@ -29,7 +29,7 @@ com.google.code.gson gson - 2.8.5 + 2.8.9 com.inversoft diff --git a/web/documentserver-example/java/src/main/java/entities/FileModel.java b/web/documentserver-example/java/src/main/java/entities/FileModel.java index 14015089..26ffe6f1 100755 --- a/web/documentserver-example/java/src/main/java/entities/FileModel.java +++ b/web/documentserver-example/java/src/main/java/entities/FileModel.java @@ -78,6 +78,12 @@ public class FileModel // set the editor config parameters editorConfig = new EditorConfig(actionData); editorConfig.callbackUrl = DocumentManager.GetCallback(fileName); // get callback url + + editorConfig.coEditing = mode.equals("view") && user.id.equals("uid-0") ? + new HashMap() {{ + put("mode", "strict"); + put("change", false); + }} : null; if (lang != null) editorConfig.lang = lang; // write language parameter to the config @@ -268,9 +274,11 @@ public class FileModel public Boolean modifyFilter; public Boolean modifyContentControl; public Boolean review; + public Boolean chat; public List reviewGroups; public CommentGroups commentGroups; public List userInfoGroups; + //public Gson gson = new Gson(); // defines what can be done with a document public Permissions(String mode, String type, Boolean canEdit, User user) @@ -284,6 +292,7 @@ public class FileModel modifyFilter = !mode.equals("filter"); modifyContentControl = !mode.equals("blockcontent"); review = canEdit && (mode.equals("edit") || mode.equals("review")); + chat = !user.id.equals("uid-0"); reviewGroups = user.reviewGroups; commentGroups = user.commentGroups; userInfoGroups = user.userInfoGroups; @@ -308,6 +317,7 @@ public class FileModel public HashMap actionLink = null; public String mode = "edit"; public String callbackUrl; + public HashMap coEditing = null; public String lang = "en"; public String createUrl; public List> templates; diff --git a/web/documentserver-example/java/src/main/java/helpers/Users.java b/web/documentserver-example/java/src/main/java/helpers/Users.java index 30cf0e09..e9185a17 100755 --- a/web/documentserver-example/java/src/main/java/helpers/Users.java +++ b/web/documentserver-example/java/src/main/java/helpers/Users.java @@ -65,6 +65,8 @@ public class Users { add("Can't create new files from the editor"); add("Can’t see anyone’s information"); add("Can't rename files from the editor"); + add("Can't view chat"); + add("View file without collaboration"); }}; private static List users = new ArrayList() {{ diff --git a/web/documentserver-example/java/src/main/resources/assets b/web/documentserver-example/java/src/main/resources/assets index 1d601d84..1fc823af 160000 --- a/web/documentserver-example/java/src/main/resources/assets +++ b/web/documentserver-example/java/src/main/resources/assets @@ -1 +1 @@ -Subproject commit 1d601d84c415303c60beee14edc3867ebac0626f +Subproject commit 1fc823afa909e4c49551e4e5b945189a21ff1999 diff --git a/web/documentserver-example/java/src/main/resources/settings.properties b/web/documentserver-example/java/src/main/resources/settings.properties index 79b2af21..352b40f5 100644 --- a/web/documentserver-example/java/src/main/resources/settings.properties +++ b/web/documentserver-example/java/src/main/resources/settings.properties @@ -1,4 +1,4 @@ -version=1.2.0 +version=1.3.0 filesize-max=5242880 storage-folder=app_data @@ -16,7 +16,7 @@ files.docservice.url.api=web-apps/apps/api/documents/api.js files.docservice.url.preloader=web-apps/apps/api/documents/cache-scripts.html files.docservice.url.example= -files.docservice.languages=en:English|az:Azerbaijani|be:Belarusian|bg:Bulgarian|ca:Catalan|zh:Chinese (People's Republic of China)|zh-TW:Chinese (Traditional, Taiwan)|cs:Czech|da:Danish|nl:Dutch|fi:Finnish|fr:French|gl:Galego|de:German|el:Greek|hu:Hungarian|id:Indonesian|it:Italian|ja:Japanese|ko:Korean|lv:Latvian|lo:Lao|nb:Norwegian|pl:Polish|pt:Portuguese (Brazil)|pt-PT:Portuguese (Portugal)|ro:Romanian|ru:Russian|sk:Slovak|sl:Slovenian|es:Spanish|sv:Swedish|tr:Turkish|uk:Ukrainian|vi:Vietnamese +files.docservice.languages=en:English|hy:Armenian|az:Azerbaijani|eu:Basque|be:Belarusian|bg:Bulgarian|ca:Catalan|zh:Chinese (People's Republic of China)|zh-TW:Chinese (Traditional, Taiwan)|cs:Czech|da:Danish|nl:Dutch|fi:Finnish|fr:French|gl:Galego|de:German|el:Greek|hu:Hungarian|id:Indonesian|it:Italian|ja:Japanese|ko:Korean|lv:Latvian|lo:Lao|ms:Malay (Malaysia)|nb:Norwegian|pl:Polish|pt:Portuguese (Brazil)|pt-PT:Portuguese (Portugal)|ro:Romanian|ru:Russian|sk:Slovak|sl:Slovenian|es:Spanish|sv:Swedish|tr:Turkish|uk:Ukrainian|vi:Vietnamese files.docservice.secret= files.docservice.header=Authorization diff --git a/web/documentserver-example/nodejs/app.js b/web/documentserver-example/nodejs/app.js index 79a771ed..52dede94 100755 --- a/web/documentserver-example/nodejs/app.js +++ b/web/documentserver-example/nodejs/app.js @@ -211,7 +211,6 @@ app.post("/upload", function (req, res) { // define a handler for uploading fil const form = new formidable.IncomingForm(); // create a new incoming form form.uploadDir = uploadDirTmp; // and write there all the necessary parameters form.keepExtensions = true; - form.maxFileSize = configServer.get("maxFileSize"); form.parse(req, function (err, fields, files) { // parse this form if (err) { // if an error occurs diff --git a/web/documentserver-example/nodejs/config/default.json b/web/documentserver-example/nodejs/config/default.json index d8dc0747..a7bd85b2 100644 --- a/web/documentserver-example/nodejs/config/default.json +++ b/web/documentserver-example/nodejs/config/default.json @@ -1,5 +1,5 @@ { - "version": "1.2.0", + "version": "1.3.0", "log": { "appenders": [ { @@ -48,7 +48,9 @@ "verify_peer_off": true, "languages": { "en": "English", + "hy": "Armenian", "az": "Azerbaijani", + "eu": "Basque", "be": "Belarusian", "bg": "Bulgarian", "ca": "Catalan", @@ -69,6 +71,7 @@ "ko": "Korean", "lv": "Latvian", "lo": "Lao", + "ms": "Malay (Malaysia)", "nb": "Norwegian", "pl": "Polish", "pt" : "Portuguese (Brazil)", diff --git a/web/documentserver-example/nodejs/public/assets b/web/documentserver-example/nodejs/public/assets index 1d601d84..1fc823af 160000 --- a/web/documentserver-example/nodejs/public/assets +++ b/web/documentserver-example/nodejs/public/assets @@ -1 +1 @@ -Subproject commit 1d601d84c415303c60beee14edc3867ebac0626f +Subproject commit 1fc823afa909e4c49551e4e5b945189a21ff1999 diff --git a/web/documentserver-example/nodejs/public/javascripts/jscript.js b/web/documentserver-example/nodejs/public/javascripts/jscript.js index 158ba405..4b3af03e 100644 --- a/web/documentserver-example/nodejs/public/javascripts/jscript.js +++ b/web/documentserver-example/nodejs/public/javascripts/jscript.js @@ -328,12 +328,12 @@ if (typeof jQuery != "undefined") { if (hideTooltipTimeout != null) { clearTimeout(hideTooltipTimeout); } - jq(".info").on("touchend", function () { + jq("#info").on("touchend", function () { showUserTooltip(true); }); } } else { - jq(".info").mouseover(function (event) { + jq("#info").mouseover(function (event) { if (fileList.length > 0) { if (hideTooltipTimeout != null) { clearTimeout(hideTooltipTimeout); @@ -357,6 +357,20 @@ if (typeof jQuery != "undefined") { }, 500); }); } + + jq(".info-tooltip").mouseover(function (event) { + var target = event.target; + var id = target.dataset.id ? target.dataset.id : target.id; + var tooltip = target.dataset.tooltip; + + jq("
" + tooltip + "
").appendTo("body"); + + var top = jq("#" + id).offset().top + jq("#" + id).outerHeight() / 2 - jq("div.tooltip").outerHeight() / 2; + var left = jq("#" + id).offset().left + jq("#" + id).outerWidth() + 20; + jq("div.tooltip").css({"top": top, "left": left}); + }).mouseout(function () { + jq("div.tooltip").remove(); + }); } function getUrlVars() { diff --git a/web/documentserver-example/nodejs/public/stylesheets/stylesheet.css b/web/documentserver-example/nodejs/public/stylesheets/stylesheet.css index fd9eb3a8..044a13fa 100644 --- a/web/documentserver-example/nodejs/public/stylesheets/stylesheet.css +++ b/web/documentserver-example/nodejs/public/stylesheets/stylesheet.css @@ -620,6 +620,31 @@ footer table tr td:first-child { margin: -2px 5px; } +.tooltip { + background: #FFFFFF; + border-radius: 5px; + box-shadow: 0px 7px 25px rgba(85, 85, 85, 0.15); + color: #666666; + line-height: 160%; + max-width: 455px; + padding: 14px; + position: absolute; +} + +.tooltip ul { + margin: 0; +} + +.arrow { + border-top: 8px solid transparent; + border-bottom: 8px solid transparent; + border-right: 8px solid #FFFFFF; + left: -4px; + position: absolute; + top: 50%; + transform: translate(-50%, -50%); +} + .user-block-table { height: 100%; padding-top: 14px; diff --git a/web/documentserver-example/nodejs/views/index.ejs b/web/documentserver-example/nodejs/views/index.ejs index 2f454138..3297c9f1 100755 --- a/web/documentserver-example/nodejs/views/index.ejs +++ b/web/documentserver-example/nodejs/views/index.ejs @@ -76,7 +76,7 @@ Username - + <% Object.keys(languages).forEach(key => { %> diff --git a/web/documentserver-example/nodejs/views/wopiIndex.ejs b/web/documentserver-example/nodejs/views/wopiIndex.ejs index 959325a0..286e1899 100755 --- a/web/documentserver-example/nodejs/views/wopiIndex.ejs +++ b/web/documentserver-example/nodejs/views/wopiIndex.ejs @@ -77,7 +77,7 @@ Username - + <% Object.keys(languages).forEach(key => { %> diff --git a/web/documentserver-example/php/3rd-Party.license b/web/documentserver-example/php/3rd-Party.license index 7bb4393a..a893eafb 100644 --- a/web/documentserver-example/php/3rd-Party.license +++ b/web/documentserver-example/php/3rd-Party.license @@ -19,3 +19,7 @@ License File: jQuery.iframe-transport.license jQuery.UI - jQuery UI is an open source library of interface components — interactions, full-featured widgets, and animation effects — based on the stellar jQuery javascript library . Each component is built according to jQuery's event-driven architecture (find something, manipulate it) and is themeable, making it easy for developers of any skill level to integrate and extend into their own code. (https://jquery.org/license/) License: MIT License File: jQuery.UI.license + +JWT - JSON Web Token implementation (https://github.com/firebase/php-jwt/blob/master/LICENSE) +License: BSD +License File: jwt.license diff --git a/web/documentserver-example/php/assets b/web/documentserver-example/php/assets index 1d601d84..1fc823af 160000 --- a/web/documentserver-example/php/assets +++ b/web/documentserver-example/php/assets @@ -1 +1 @@ -Subproject commit 1d601d84c415303c60beee14edc3867ebac0626f +Subproject commit 1fc823afa909e4c49551e4e5b945189a21ff1999 diff --git a/web/documentserver-example/php/config.php b/web/documentserver-example/php/config.php index ed3d2b30..f6331a40 100644 --- a/web/documentserver-example/php/config.php +++ b/web/documentserver-example/php/config.php @@ -1,6 +1,6 @@ 'English', + 'hy' => 'Armenian', 'az' => 'Azerbaijani', + 'eu' => 'Basque', 'be' => 'Belarusian', 'bg' => 'Bulgarian', 'ca' => 'Catalan', @@ -69,6 +71,7 @@ $GLOBALS['LANGUAGES'] = array( 'ko' => 'Korean', 'lv' => 'Latvian', 'lo' => 'Lao', + 'ms' => 'Malay (Malaysia)', 'nb' => 'Norwegian', 'pl' => 'Polish', 'pt' => 'Portuguese (Brazil)', diff --git a/web/documentserver-example/php/doceditor.php b/web/documentserver-example/php/doceditor.php index bb98c76b..92a57699 100755 --- a/web/documentserver-example/php/doceditor.php +++ b/web/documentserver-example/php/doceditor.php @@ -108,6 +108,7 @@ "modifyFilter" => $editorsMode != "filter", "modifyContentControl" => $editorsMode != "blockcontent", "review" => $canEdit && ($editorsMode == "edit" || $editorsMode == "review"), + "chat" => $user->id != "uid-0", "reviewGroups" => $user->reviewGroups, "commentGroups" => $user->commentGroups, "userInfoGroups" => $user->userInfoGroups @@ -118,6 +119,10 @@ "mode" => $mode, "lang" => empty($_COOKIE["ulang"]) ? "en" : $_COOKIE["ulang"], "callbackUrl" => getCallbackUrl($filename), // absolute URL to the document storage service + "coEditing" => $editorsMode == "view" && $user->id == "uid-0" ? [ + "mode" => "strict", + "change" => false + ] : null, "createUrl" => $user->id != "uid-0" ? $createUrl : null, "templates" => $user->templates ? $templates : null, "user" => [ // the user currently viewing or editing the document diff --git a/web/documentserver-example/php/jwtmanager.php b/web/documentserver-example/php/jwtmanager.php index 5ac3840f..6ae02724 100644 --- a/web/documentserver-example/php/jwtmanager.php +++ b/web/documentserver-example/php/jwtmanager.php @@ -17,6 +17,10 @@ * */ +require_once( dirname(__FILE__) . '/lib/jwt/BeforeValidException.php' ); +require_once( dirname(__FILE__) . '/lib/jwt/ExpiredException.php' ); +require_once( dirname(__FILE__) . '/lib/jwt/SignatureInvalidException.php' ); +require_once( dirname(__FILE__) . '/lib/jwt/JWT.php' ); require_once( dirname(__FILE__) . '/config.php' ); // check if a secret key to generate token exists or not @@ -26,51 +30,17 @@ function isJwtEnabled() { // encode a payload object into a token using a secret key function jwtEncode($payload) { - $header = [ - "alg" => "HS256", // the hashing algorithm - "typ" => "JWT" // the token type - ]; - // three parts of token - $encHeader = base64UrlEncode(json_encode($header)); // header - $encPayload = base64UrlEncode(json_encode($payload)); // payload - $hash = base64UrlEncode(calculateHash($encHeader, $encPayload)); // signature - - return "$encHeader.$encPayload.$hash"; + return \Firebase\JWT\JWT::encode($payload, $GLOBALS["DOC_SERV_JWT_SECRET"]); } // decode a token into a payload object using a secret key function jwtDecode($token) { - if (!isJwtEnabled()) return ""; - - $split = explode(".", $token); - if (count($split) != 3) return ""; - - $hash = base64UrlEncode(calculateHash($split[0], $split[1])); - - if (strcmp($hash, $split[2]) != 0) return ""; - return base64UrlDecode($split[1]); -} - -// generate a hash code based on a key using the HMAC method -function calculateHash($encHeader, $encPayload) { - return hash_hmac("sha256", "$encHeader.$encPayload", $GLOBALS['DOC_SERV_JWT_SECRET'], true); -} - -// encode a string into the base64 value -function base64UrlEncode($str) { - return str_replace("/", "_", str_replace("+", "-", trim(base64_encode($str), "="))); -} - -// decode a base64 value into the string -function base64UrlDecode($payload) { - $b64 = str_replace("_", "/", str_replace("-", "+", $payload)); - switch (strlen($b64) % 4) { - case 2: - $b64 = $b64 . "=="; break; - case 3: - $b64 = $b64 . "="; break; + try { + $payload = \Firebase\JWT\JWT::decode($token, $GLOBALS["DOC_SERV_JWT_SECRET"], array("HS256")); + } catch (\UnexpectedValueException $e) { + $payload = ""; } - return base64_decode($b64); -} + return $payload; +} ?> \ No newline at end of file diff --git a/web/documentserver-example/php/lib/jwt/BeforeValidException.php b/web/documentserver-example/php/lib/jwt/BeforeValidException.php new file mode 100644 index 00000000..a6ee2f7c --- /dev/null +++ b/web/documentserver-example/php/lib/jwt/BeforeValidException.php @@ -0,0 +1,7 @@ + + * @author Anant Narayanan + * @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD + * @link https://github.com/firebase/php-jwt + */ +class JWT +{ + + /** + * When checking nbf, iat or expiration times, + * we want to provide some extra leeway time to + * account for clock skew. + */ + public static $leeway = 0; + + /** + * Allow the current timestamp to be specified. + * Useful for fixing a value within unit testing. + * + * Will default to PHP time() value if null. + */ + public static $timestamp = null; + + public static $supported_algs = array( + 'HS256' => array('hash_hmac', 'SHA256'), + 'HS512' => array('hash_hmac', 'SHA512'), + 'HS384' => array('hash_hmac', 'SHA384'), + 'RS256' => array('openssl', 'SHA256'), + ); + + /** + * Decodes a JWT string into a PHP object. + * + * @param string $jwt The JWT + * @param string|array $key The key, or map of keys. + * If the algorithm used is asymmetric, this is the public key + * @param array $allowed_algs List of supported verification algorithms + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * + * @return object The JWT's payload as a PHP object + * + * @throws UnexpectedValueException Provided JWT was invalid + * @throws SignatureInvalidException Provided JWT was invalid because the signature verification failed + * @throws BeforeValidException Provided JWT is trying to be used before it's eligible as defined by 'nbf' + * @throws BeforeValidException Provided JWT is trying to be used before it's been created as defined by 'iat' + * @throws ExpiredException Provided JWT has since expired, as defined by the 'exp' claim + * + * @uses jsonDecode + * @uses urlsafeB64Decode + */ + public static function decode($jwt, $key, $allowed_algs = array()) + { + $timestamp = is_null(static::$timestamp) ? time() : static::$timestamp; + + if (empty($key)) { + throw new InvalidArgumentException('Key may not be empty'); + } + if (!is_array($allowed_algs)) { + throw new InvalidArgumentException('Algorithm not allowed'); + } + $tks = explode('.', $jwt); + if (count($tks) != 3) { + throw new UnexpectedValueException('Wrong number of segments'); + } + list($headb64, $bodyb64, $cryptob64) = $tks; + if (null === ($header = static::jsonDecode(static::urlsafeB64Decode($headb64)))) { + throw new UnexpectedValueException('Invalid header encoding'); + } + if (null === $payload = static::jsonDecode(static::urlsafeB64Decode($bodyb64))) { + throw new UnexpectedValueException('Invalid claims encoding'); + } + $sig = static::urlsafeB64Decode($cryptob64); + + if (empty($header->alg)) { + throw new UnexpectedValueException('Empty algorithm'); + } + if (empty(static::$supported_algs[$header->alg])) { + throw new UnexpectedValueException('Algorithm not supported'); + } + if (!in_array($header->alg, $allowed_algs)) { + throw new UnexpectedValueException('Algorithm not allowed'); + } + if (is_array($key) || $key instanceof \ArrayAccess) { + if (isset($header->kid)) { + $key = $key[$header->kid]; + } else { + throw new UnexpectedValueException('"kid" empty, unable to lookup correct key'); + } + } + + // Check the signature + if (!static::verify("$headb64.$bodyb64", $sig, $key, $header->alg)) { + throw new SignatureInvalidException('Signature verification failed'); + } + + // Check if the nbf if it is defined. This is the time that the + // token can actually be used. If it's not yet that time, abort. + if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) { + throw new BeforeValidException( + 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->nbf) + ); + } + + // Check that this token has been created before 'now'. This prevents + // using tokens that have been created for later use (and haven't + // correctly used the nbf claim). + if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) { + throw new BeforeValidException( + 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->iat) + ); + } + + // Check if this token has expired. + if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) { + throw new ExpiredException('Expired token'); + } + + return $payload; + } + + /** + * Converts and signs a PHP object or array into a JWT string. + * + * @param object|array $payload PHP object or array + * @param string $key The secret key. + * If the algorithm used is asymmetric, this is the private key + * @param string $alg The signing algorithm. + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * @param mixed $keyId + * @param array $head An array with header elements to attach + * + * @return string A signed JWT + * + * @uses jsonEncode + * @uses urlsafeB64Encode + */ + public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $head = null) + { + $header = array('typ' => 'JWT', 'alg' => $alg); + if ($keyId !== null) { + $header['kid'] = $keyId; + } + if ( isset($head) && is_array($head) ) { + $header = array_merge($head, $header); + } + $segments = array(); + $segments[] = static::urlsafeB64Encode(static::jsonEncode($header)); + $segments[] = static::urlsafeB64Encode(static::jsonEncode($payload)); + $signing_input = implode('.', $segments); + + $signature = static::sign($signing_input, $key, $alg); + $segments[] = static::urlsafeB64Encode($signature); + + return implode('.', $segments); + } + + /** + * Sign a string with a given key and algorithm. + * + * @param string $msg The message to sign + * @param string|resource $key The secret key + * @param string $alg The signing algorithm. + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * + * @return string An encrypted message + * + * @throws DomainException Unsupported algorithm was specified + */ + public static function sign($msg, $key, $alg = 'HS256') + { + if (empty(static::$supported_algs[$alg])) { + throw new DomainException('Algorithm not supported'); + } + list($function, $algorithm) = static::$supported_algs[$alg]; + switch($function) { + case 'hash_hmac': + return hash_hmac($algorithm, $msg, $key, true); + case 'openssl': + $signature = ''; + $success = openssl_sign($msg, $signature, $key, $algorithm); + if (!$success) { + throw new DomainException("OpenSSL unable to sign data"); + } else { + return $signature; + } + } + } + + /** + * Verify a signature with the message, key and method. Not all methods + * are symmetric, so we must have a separate verify and sign method. + * + * @param string $msg The original message (header and body) + * @param string $signature The original signature + * @param string|resource $key For HS*, a string key works. for RS*, must be a resource of an openssl public key + * @param string $alg The algorithm + * + * @return bool + * + * @throws DomainException Invalid Algorithm or OpenSSL failure + */ + private static function verify($msg, $signature, $key, $alg) + { + if (empty(static::$supported_algs[$alg])) { + throw new DomainException('Algorithm not supported'); + } + + list($function, $algorithm) = static::$supported_algs[$alg]; + switch($function) { + case 'openssl': + $success = openssl_verify($msg, $signature, $key, $algorithm); + if (!$success) { + throw new DomainException("OpenSSL unable to verify data: " . openssl_error_string()); + } else { + return $signature; + } + case 'hash_hmac': + default: + $hash = hash_hmac($algorithm, $msg, $key, true); + if (function_exists('hash_equals')) { + return hash_equals($signature, $hash); + } + $len = min(static::safeStrlen($signature), static::safeStrlen($hash)); + + $status = 0; + for ($i = 0; $i < $len; $i++) { + $status |= (ord($signature[$i]) ^ ord($hash[$i])); + } + $status |= (static::safeStrlen($signature) ^ static::safeStrlen($hash)); + + return ($status === 0); + } + } + + /** + * Decode a JSON string into a PHP object. + * + * @param string $input JSON string + * + * @return object Object representation of JSON string + * + * @throws DomainException Provided string was invalid JSON + */ + public static function jsonDecode($input) + { + if (version_compare(PHP_VERSION, '5.4.0', '>=') && !(defined('JSON_C_VERSION') && PHP_INT_SIZE > 4)) { + /** In PHP >=5.4.0, json_decode() accepts an options parameter, that allows you + * to specify that large ints (like Steam Transaction IDs) should be treated as + * strings, rather than the PHP default behaviour of converting them to floats. + */ + $obj = json_decode($input, false, 512, JSON_BIGINT_AS_STRING); + } else { + /** Not all servers will support that, however, so for older versions we must + * manually detect large ints in the JSON string and quote them (thus converting + *them to strings) before decoding, hence the preg_replace() call. + */ + $max_int_length = strlen((string) PHP_INT_MAX) - 1; + $json_without_bigints = preg_replace('/:\s*(-?\d{'.$max_int_length.',})/', ': "$1"', $input); + $obj = json_decode($json_without_bigints); + } + + if (function_exists('json_last_error') && $errno = json_last_error()) { + static::handleJsonError($errno); + } elseif ($obj === null && $input !== 'null') { + throw new DomainException('Null result with non-null input'); + } + return $obj; + } + + /** + * Encode a PHP object into a JSON string. + * + * @param object|array $input A PHP object or array + * + * @return string JSON representation of the PHP object or array + * + * @throws DomainException Provided object could not be encoded to valid JSON + */ + public static function jsonEncode($input) + { + $json = json_encode($input); + if (function_exists('json_last_error') && $errno = json_last_error()) { + static::handleJsonError($errno); + } elseif ($json === 'null' && $input !== null) { + throw new DomainException('Null result with non-null input'); + } + return $json; + } + + /** + * Decode a string with URL-safe Base64. + * + * @param string $input A Base64 encoded string + * + * @return string A decoded string + */ + public static function urlsafeB64Decode($input) + { + $remainder = strlen($input) % 4; + if ($remainder) { + $padlen = 4 - $remainder; + $input .= str_repeat('=', $padlen); + } + return base64_decode(strtr($input, '-_', '+/')); + } + + /** + * Encode a string with URL-safe Base64. + * + * @param string $input The string you want encoded + * + * @return string The base64 encode of what you passed in + */ + public static function urlsafeB64Encode($input) + { + return str_replace('=', '', strtr(base64_encode($input), '+/', '-_')); + } + + /** + * Helper method to create a JSON error. + * + * @param int $errno An error number from json_last_error() + * + * @return void + */ + private static function handleJsonError($errno) + { + $messages = array( + JSON_ERROR_DEPTH => 'Maximum stack depth exceeded', + JSON_ERROR_CTRL_CHAR => 'Unexpected control character found', + JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON' + ); + throw new DomainException( + isset($messages[$errno]) + ? $messages[$errno] + : 'Unknown JSON error: ' . $errno + ); + } + + /** + * Get the number of bytes in cryptographic strings. + * + * @param string + * + * @return int + */ + private static function safeStrlen($str) + { + if (function_exists('mb_strlen')) { + return mb_strlen($str, '8bit'); + } + return strlen($str); + } +} diff --git a/web/documentserver-example/php/lib/jwt/LICENSE b/web/documentserver-example/php/lib/jwt/LICENSE new file mode 100644 index 00000000..cb0c49b3 --- /dev/null +++ b/web/documentserver-example/php/lib/jwt/LICENSE @@ -0,0 +1,30 @@ +Copyright (c) 2011, Neuman Vong + +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following + disclaimer in the documentation and/or other materials provided + with the distribution. + + * Neither the name of Neuman Vong nor the names of other + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/web/documentserver-example/php/lib/jwt/SignatureInvalidException.php b/web/documentserver-example/php/lib/jwt/SignatureInvalidException.php new file mode 100644 index 00000000..27332b21 --- /dev/null +++ b/web/documentserver-example/php/lib/jwt/SignatureInvalidException.php @@ -0,0 +1,7 @@ += 5.2.0 + $data = json_decode($body_stream, false); // check if the response is correct if ($data === NULL) { @@ -47,27 +47,29 @@ function readBody() { sendlog(" jwt enabled, checking tokens", "webedior-ajax.log"); $inHeader = false; - $token = ""; + $data = ""; $jwtHeader = $GLOBALS['DOC_SERV_JWT_HEADER'] == "" ? "Authorization" : $GLOBALS['DOC_SERV_JWT_HEADER']; if (!empty($data["token"])) { // if the document token is in the data - $token = jwtDecode($data["token"]); // decode it + $data = jwtDecode($data["token"]); // decode it + sendlog(" jwt in body", "webedior-ajax.log"); } elseif (!empty(apache_request_headers()[$jwtHeader])) { // if the Authorization header exists - $token = jwtDecode(substr(apache_request_headers()[$jwtHeader], strlen("Bearer "))); // decode its part after Authorization prefix + $data = jwtDecode(substr(apache_request_headers()[$jwtHeader], strlen("Bearer "))); // decode its part after Authorization prefix $inHeader = true; + sendlog(" jwt in header", "webedior-ajax.log"); } else { // otherwise, an error occurs sendlog(" jwt token wasn't found in body or headers", "webedior-ajax.log"); $result["error"] = "Expected JWT"; return $result; } - if (empty($token)) { // invalid signature error + + if ($data === "") { // invalid signature error sendlog(" token was found but signature is invalid", "webedior-ajax.log"); $result["error"] = "Invalid JWT signature"; return $result; } - $data = json_decode($token, true); - if ($inHeader) $data = $data["payload"]; + if ($inHeader) $data = $data->payload; } return $data; @@ -75,14 +77,14 @@ function readBody() { // file saving process function processSave($data, $fileName, $userAddress) { - $downloadUri = $data["url"]; + $downloadUri = $data->url; if ($downloadUri === null) { $result["error"] = 1; return $result; } $curExt = strtolower('.' . pathinfo($fileName, PATHINFO_EXTENSION)); // get current file extension - $downloadExt = strtolower('.' . $data["filetype"]); // get the extension of the downloaded file + $downloadExt = strtolower('.' . $data->filetype); // get the extension of the downloaded file // TODO [Delete in version 7.0 or higher] if (!$downloadExt) $downloadExt = strtolower('.' . pathinfo($downloadUri, PATHINFO_EXTENSION)); // Support for versions below 7.0 @@ -123,18 +125,18 @@ function processSave($data, $fileName, $userAddress) { rename(getStoragePath($fileName, $userAddress), $verDir . DIRECTORY_SEPARATOR . "prev" . $curExt); // get the path to the previous file version and rename the storage path with it file_put_contents($storagePath, $new_data, LOCK_EX); // save file to the storage directory - if ($changesData = file_get_contents($data["changesurl"])) { + if ($changesData = file_get_contents($data->changesurl)) { file_put_contents($verDir . DIRECTORY_SEPARATOR . "diff.zip", $changesData, LOCK_EX); // save file changes to the diff.zip archive } - $histData = empty($data["changeshistory"]) ? null : $data["changeshistory"]; + $histData = empty($data->changeshistory) ? null : $data->changeshistory; if (empty($histData)) { - $histData = json_encode($data["history"], JSON_PRETTY_PRINT); + $histData = json_encode($data->history, JSON_PRETTY_PRINT); } if (!empty($histData)) { file_put_contents($verDir . DIRECTORY_SEPARATOR . "changes.json", $histData, LOCK_EX); // write the history changes to the changes.json file } - file_put_contents($verDir . DIRECTORY_SEPARATOR . "key.txt", $data["key"], LOCK_EX); // write the key value to the key.txt file + file_put_contents($verDir . DIRECTORY_SEPARATOR . "key.txt", $data->key, LOCK_EX); // write the key value to the key.txt file $forcesavePath = getForcesavePath($newFileName, $userAddress, false); // get the path to the forcesaved file version if ($forcesavePath != "") { // if the forcesaved file version exists @@ -151,14 +153,14 @@ function processSave($data, $fileName, $userAddress) { // file force saving process function processForceSave($data, $fileName, $userAddress) { - $downloadUri = $data["url"]; + $downloadUri = $data->url; if ($downloadUri === null) { $result["error"] = 1; return $result; } $curExt = strtolower('.' . pathinfo($fileName, PATHINFO_EXTENSION)); // get current file extension - $downloadExt = strtolower('.' . $data["filetype"]); // get the extension of the downloaded file + $downloadExt = strtolower('.' . $data->filetype); // get the extension of the downloaded file // TODO [Delete in version 7.0 or higher] if (!$downloadExt) $downloadExt = strtolower('.' . pathinfo($downloadUri, PATHINFO_EXTENSION)); // Support for versions below 7.0 @@ -190,7 +192,7 @@ function processForceSave($data, $fileName, $userAddress) { if (!(($new_data = file_get_contents($downloadUri)) === FALSE)) { $baseNameWithoutExt = substr($fileName, 0, strlen($fileName) - strlen($curExt)); - $isSubmitForm = $data["forcesavetype"] == 3; // SubmitForm + $isSubmitForm = $data->forcesavetype == 3; // SubmitForm if ($isSubmitForm) { if ($newFileName){ @@ -213,7 +215,7 @@ function processForceSave($data, $fileName, $userAddress) { file_put_contents($forcesavePath, $new_data, LOCK_EX); if ($isSubmitForm) { - $uid = $data["actions"][0]["userid"]; // get the user id + $uid = $data->actions[0]->userid; // get the user id createMeta($fileName, $uid, "Filling Form", $userAddress); // create meta data for the forcesaved file } diff --git a/web/documentserver-example/php/users.php b/web/documentserver-example/php/users.php index c1571adb..992fe6b2 100644 --- a/web/documentserver-example/php/users.php +++ b/web/documentserver-example/php/users.php @@ -74,7 +74,9 @@ $descr_user_0 = [ "Can't mention others in comments", "Can't create new files from the editor", "Can’t see anyone’s information", - "Can't rename files from the editor" + "Can't rename files from the editor", + "Can't view chat", + "View file without collaboration", ]; $users = [ diff --git a/web/documentserver-example/php/webeditor-ajax.php b/web/documentserver-example/php/webeditor-ajax.php index 7ab64c97..e825ed47 100755 --- a/web/documentserver-example/php/webeditor-ajax.php +++ b/web/documentserver-example/php/webeditor-ajax.php @@ -215,22 +215,24 @@ function track() { // get the body of the post request and check if it is correct $data = readBody(); - if (!empty($data["error"])){ + + if (!empty($data->error)){ return $data; } global $_trackerStatus; - $status = $_trackerStatus[$data["status"]]; // get status from the request body + $status = $_trackerStatus[$data->status]; // get status from the request body $userAddress = $_GET["userAddress"]; $fileName = basename($_GET["fileName"]); + sendlog(" CommandRequest status: " . $data->status, "webedior-ajax.log"); switch ($status) { case "Editing": // status == 1 - if ($data["actions"] && $data["actions"][0]["type"] == 0) { // finished edit - $user = $data["actions"][0]["userid"]; // the user who finished editing - if (array_search($user, $data["users"]) === FALSE) { - $commandRequest = commandRequest("forcesave", $data["key"]); // create a command request with the forcasave method + if ($data->actions && $data->actions[0]->type == 0) { // finished edit + $user = $data->actions[0]->userid; // the user who finished editing + if (array_search($user, $data->users) === FALSE) { + $commandRequest = commandRequest("forcesave", $data->key); // create a command request with the forcasave method sendlog(" CommandRequest forcesave: " . serialize($commandRequest), "webedior-ajax.log"); } } @@ -259,7 +261,7 @@ function convert() { $internalExtension = trim(getInternalExtension($fileName),'.'); // check if the file with such an extension can be converted - if (in_array("." + $extension, $GLOBALS['DOC_SERV_CONVERT']) && $internalExtension != "") { + if (in_array("." . $extension, $GLOBALS['DOC_SERV_CONVERT']) && $internalExtension != "") { $fileUri = $post["fileUri"]; if ($fileUri == NULL || $fileUri == "") { diff --git a/web/documentserver-example/python/assets b/web/documentserver-example/python/assets index 1d601d84..1fc823af 160000 --- a/web/documentserver-example/python/assets +++ b/web/documentserver-example/python/assets @@ -1 +1 @@ -Subproject commit 1d601d84c415303c60beee14edc3867ebac0626f +Subproject commit 1fc823afa909e4c49551e4e5b945189a21ff1999 diff --git a/web/documentserver-example/python/config.py b/web/documentserver-example/python/config.py index 0403a133..c11dd2e2 100644 --- a/web/documentserver-example/python/config.py +++ b/web/documentserver-example/python/config.py @@ -1,6 +1,6 @@ import os -VERSION = '1.2.0' +VERSION = '1.3.0' FILE_SIZE_MAX = 5242880 STORAGE_PATH = 'app_data' @@ -55,7 +55,9 @@ EXT_DOCUMENT = [ LANGUAGES = { 'en': 'English', + 'hy': 'Armenian', 'az': 'Azerbaijani', + 'eu': 'Basque', 'be': 'Belarusian', 'bg': 'Bulgarian', 'ca': 'Catalan', @@ -76,6 +78,7 @@ LANGUAGES = { 'ko': 'Korean', 'lv': 'Latvian', 'lo': 'Lao', + 'ms': 'Malay (Malaysia)', 'nb': 'Norwegian', 'pl': 'Polish', 'pt' : 'Portuguese (Brazil)', diff --git a/web/documentserver-example/python/src/utils/users.py b/web/documentserver-example/python/src/utils/users.py index ec12a0ad..44061169 100644 --- a/web/documentserver-example/python/src/utils/users.py +++ b/web/documentserver-example/python/src/utils/users.py @@ -80,7 +80,9 @@ descr_user_0 = [ "Can't mention others in comments", "Can't create new files from the editor", "Can’t see anyone’s information", - "Can't rename files from the editor" + "Can't rename files from the editor", + "Can't view chat", + "View file without collaboration", ] USERS = [ diff --git a/web/documentserver-example/python/src/views/actions.py b/web/documentserver-example/python/src/views/actions.py index db8fa21e..482d53ed 100755 --- a/web/documentserver-example/python/src/views/actions.py +++ b/web/documentserver-example/python/src/views/actions.py @@ -248,6 +248,7 @@ def edit(request): 'modifyFilter': edMode != 'filter', 'modifyContentControl': edMode != "blockcontent", 'review': canEdit & ((edMode == 'edit') | (edMode == 'review')), + 'chat': user.id !='uid-0', 'reviewGroups': user.reviewGroups, 'commentGroups': user.commentGroups, 'userInfoGroups': user.userInfoGroups @@ -258,6 +259,11 @@ def edit(request): 'mode': mode, 'lang': lang, 'callbackUrl': docManager.getCallbackUrl(filename, request), # absolute URL to the document storage service + 'coEditing': { + "mode": "strict", + "change": False + } + if edMode == 'view' and user.id =='uid-0' else None, 'createUrl' : createUrl if user.id !='uid-0' else None, 'templates' : templates if user.templates else None, 'user': { # the user currently viewing or editing the document diff --git a/web/documentserver-example/ruby/Gemfile b/web/documentserver-example/ruby/Gemfile index b5dde36c..0d6df986 100644 --- a/web/documentserver-example/ruby/Gemfile +++ b/web/documentserver-example/ruby/Gemfile @@ -47,4 +47,7 @@ gem 'uuid' gem 'rack-cors' -gem 'webrick' \ No newline at end of file +gem 'webrick' + +# A ruby implementation of the RFC 7519 OAuth JSON Web Token (JWT) standard. +gem 'jwt', '~> 2.4.1' \ No newline at end of file diff --git a/web/documentserver-example/ruby/Gemfile.lock b/web/documentserver-example/ruby/Gemfile.lock index aa5bc03f..2cec467e 100644 --- a/web/documentserver-example/ruby/Gemfile.lock +++ b/web/documentserver-example/ruby/Gemfile.lock @@ -78,7 +78,7 @@ GEM coffee-script-source execjs coffee-script-source (1.12.2) - concurrent-ruby (1.1.9) + concurrent-ruby (1.1.10) crass (1.0.6) debug_inspector (1.1.0) erubi (1.10.0) @@ -87,16 +87,17 @@ GEM ffi (1.15.5-x64-mingw32) globalid (1.0.0) activesupport (>= 5.0) - i18n (1.9.1) + i18n (1.12.0) concurrent-ruby (~> 1.0) jbuilder (2.9.1) activesupport (>= 4.2.0) - jquery-rails (4.4.0) + jquery-rails (4.5.0) rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) json (1.8.6) - loofah (2.13.0) + jwt (2.4.1) + loofah (2.18.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) macaddr (1.7.2) @@ -106,18 +107,18 @@ GEM marcel (1.0.2) method_source (1.0.0) mini_mime (1.1.2) - minitest (5.15.0) + minitest (5.16.2) nio4r (2.5.8) - nokogiri (1.13.4-x64-mingw32) + nokogiri (1.13.8-x64-mingw32) racc (~> 1.4) - nokogiri (1.13.4-x86_64-linux) + nokogiri (1.13.8-x86_64-linux) racc (~> 1.4) racc (1.6.0) - rack (2.2.3) + rack (2.2.4) rack-cors (1.1.1) rack (>= 2.0.0) - rack-test (1.1.0) - rack (>= 1.0, < 3) + rack-test (2.0.2) + rack (>= 1.3) rails (6.1.4.1) actioncable (= 6.1.4.1) actionmailbox (= 6.1.4.1) @@ -136,7 +137,7 @@ GEM rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.4.2) + rails-html-sanitizer (1.4.3) loofah (~> 2.3) railties (6.1.4.1) actionpack (= 6.1.4.1) @@ -161,7 +162,7 @@ GEM sdoc (0.4.2) json (~> 1.7, >= 1.7.7) rdoc (~> 4.0) - sprockets (4.0.2) + sprockets (4.1.1) concurrent-ruby (~> 1.0) rack (> 1, < 3) sprockets-rails (3.4.2) @@ -171,13 +172,13 @@ GEM sqlite3 (1.4.2) systemu (2.6.5) thor (1.2.1) - tilt (2.0.10) + tilt (2.0.11) turbolinks (5.2.1) turbolinks-source (~> 5.2) turbolinks-source (5.2.0) - tzinfo (2.0.4) + tzinfo (2.0.5) concurrent-ruby (~> 1.0) - tzinfo-data (1.2021.5) + tzinfo-data (1.2022.1) tzinfo (>= 1.0.0) uglifier (4.2.0) execjs (>= 0.3.0, < 3) @@ -192,7 +193,7 @@ GEM websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.5.4) + zeitwerk (2.6.0) PLATFORMS x64-mingw32 @@ -203,6 +204,7 @@ DEPENDENCIES coffee-rails (~> 5.0.0) jbuilder (~> 2.9.1) jquery-rails + jwt (~> 2.4.1) mimemagic! rack-cors rails (= 6.1.4.1) @@ -217,4 +219,4 @@ DEPENDENCIES webrick BUNDLED WITH - 2.1.4 + 2.2.22 diff --git a/web/documentserver-example/ruby/app/models/file_model.rb b/web/documentserver-example/ruby/app/models/file_model.rb index 903b5a78..0fd856e9 100755 --- a/web/documentserver-example/ruby/app/models/file_model.rb +++ b/web/documentserver-example/ruby/app/models/file_model.rb @@ -128,6 +128,7 @@ class FileModel :modifyFilter => !editorsmode.eql?("filter"), :modifyContentControl => !editorsmode.eql?("blockcontent"), :review => canEdit && (editorsmode.eql?("edit") || editorsmode.eql?("review")), + :chat => !@user.id.eql?("uid-0"), :reviewGroups => @user.reviewGroups, :commentGroups => @user.commentGroups, :userInfoGroups => @user.userInfoGroups @@ -138,6 +139,10 @@ class FileModel :mode => mode, :lang => @lang ? @lang : "en", :callbackUrl => callback_url, # absolute URL to the document storage service + :coEditing => editorsmode.eql?("view") && @user.id.eql?("uid-0") ? { + :mode => "strict", + :change => false + } : nil, :createUrl => !@user.id.eql?("uid-0") ? create_url : nil, :templates => @user.templates ? templates : nil, :user => { # the user currently viewing or editing the document @@ -158,7 +163,7 @@ class FileModel :forcesave => false, # adding the request for the forced file saving to the callback handler :submitForm => submitForm, # the Submit form button state :goback => { - :url => DocumentHelper.get_server_url(true) + :url => DocumentHelper.get_server_url(false) }, } } diff --git a/web/documentserver-example/ruby/app/models/jwt_helper.rb b/web/documentserver-example/ruby/app/models/jwt_helper.rb index a2528f1c..a31b6150 100644 --- a/web/documentserver-example/ruby/app/models/jwt_helper.rb +++ b/web/documentserver-example/ruby/app/models/jwt_helper.rb @@ -14,6 +14,8 @@ # limitations under the License. # +require 'jwt' + class JwtHelper @jwt_secret = Rails.configuration.jwtSecret @@ -26,37 +28,19 @@ class JwtHelper # encode a payload object into a token using a secret key def encode(payload) - header = { :alg => "HS256", :typ => "JWT" } # define the hashing algorithm and the token type - # three parts of token - enc_header = Base64.urlsafe_encode64(header.to_json).remove("=") # header - enc_payload = Base64.urlsafe_encode64(payload.to_json).remove("=") # payload - hash = Base64.urlsafe_encode64(calc_hash(enc_header, enc_payload)).remove("=") # signature - - return "#{enc_header}.#{enc_payload}.#{hash}" + return JWT.encode payload, @jwt_secret, 'HS256' # define the hashing algorithm and get token end # decode a token into a payload object using a secret key def decode(token) - if !is_enabled + begin + decoded = JWT.decode token, @jwt_secret, true, { algorithm: 'HS256' } + rescue return "" end - - split = token.split(".") - - hash = Base64.urlsafe_encode64(calc_hash(split[0], split[1])).remove("=") - - if !hash.eql?(split[2]) - return "" - end - - return Base64.urlsafe_decode64(split[1]) - end - - private - - # generate a hash code based on a key using the HMAC method - def calc_hash(header, payload) - return OpenSSL::HMAC.digest("SHA256", @jwt_secret, "#{header}.#{payload}") + # decoded = Array [ {"data"=>"test"}, # payload + # {"alg"=>"HS256"} # header ] + return decoded[0].to_json # get json payload end end end \ No newline at end of file diff --git a/web/documentserver-example/ruby/app/models/users.rb b/web/documentserver-example/ruby/app/models/users.rb index e6be9a0e..dbad8818 100644 --- a/web/documentserver-example/ruby/app/models/users.rb +++ b/web/documentserver-example/ruby/app/models/users.rb @@ -73,7 +73,9 @@ class Users "Can't mention others in comments", "Can't create new files from the editor", "Can’t see anyone’s information", - "Can't rename files from the editor" + "Can't rename files from the editor", + "Can't view chat", + "View file without collaboration" ]; @@users = [ diff --git a/web/documentserver-example/ruby/config/application.rb b/web/documentserver-example/ruby/config/application.rb index 923ba3a8..884b6042 100644 --- a/web/documentserver-example/ruby/config/application.rb +++ b/web/documentserver-example/ruby/config/application.rb @@ -26,7 +26,7 @@ module OnlineEditorsExampleRuby end end - Rails.configuration.version="1.2.0" + Rails.configuration.version="1.3.0" Rails.configuration.fileSizeMax=5242880 Rails.configuration.storagePath="app_data" @@ -52,7 +52,9 @@ module OnlineEditorsExampleRuby Rails.configuration.languages={ 'en' => 'English', + 'hy' => 'Armenian', 'az' => 'Azerbaijani', + 'eu' => 'Basque', 'be' => 'Belarusian', 'bg' => 'Bulgarian', 'ca' => 'Catalan', @@ -73,6 +75,7 @@ module OnlineEditorsExampleRuby 'ko' => 'Korean', 'lv' => 'Latvian', 'lo' => 'Lao', + 'ms' => 'Malay (Malaysia)', 'nb' => 'Norwegian', 'pl' => 'Polish', 'pt' => 'Portuguese (Brazil)', diff --git a/web/documentserver-example/ruby/licenses/3rd-Party.license b/web/documentserver-example/ruby/licenses/3rd-Party.license index f62fef82..729ddc70 100644 --- a/web/documentserver-example/ruby/licenses/3rd-Party.license +++ b/web/documentserver-example/ruby/licenses/3rd-Party.license @@ -36,6 +36,10 @@ jquery-rails - This gem provides jQuery and the jQuery-ujs driver for your Rail License: MIT License File: jquery-rails.license +mimemagic - А library to detect the mime type of a file by extension or by content. (https://github.com/mimemagicrb/mimemagic/blob/master/LICENSE) +License: MIT +License File: mimemagic.license + rails - Rails is a web-application framework that includes everything needed to create database-backed web applications according to the Model-View-Controller (MVC) pattern. (https://github.com/rails/rails/blob/v6.0.3.2/MIT-LICENSE) License: MIT License File: rails.license diff --git a/web/documentserver-example/ruby/licenses/jwt.license b/web/documentserver-example/ruby/licenses/jwt.license new file mode 100644 index 00000000..a561ae6c --- /dev/null +++ b/web/documentserver-example/ruby/licenses/jwt.license @@ -0,0 +1,19 @@ +Copyright (c) 2011 Jeff Lindsay + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +urnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE +OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/web/documentserver-example/ruby/public/assets b/web/documentserver-example/ruby/public/assets index 1d601d84..1fc823af 160000 --- a/web/documentserver-example/ruby/public/assets +++ b/web/documentserver-example/ruby/public/assets @@ -1 +1 @@ -Subproject commit 1d601d84c415303c60beee14edc3867ebac0626f +Subproject commit 1fc823afa909e4c49551e4e5b945189a21ff1999