mirror of
https://github.com/ONLYOFFICE/document-server-integration.git
synced 2026-04-07 14:06:11 +08:00
Compare commits
25 Commits
v7.1.1.76
...
v99.99.99.
| Author | SHA1 | Date | |
|---|---|---|---|
| 988a8339b1 | |||
| b425d15f0a | |||
| 0f8dec1e6e | |||
| 193b31fe75 | |||
| 583403cf78 | |||
| 641e45e24f | |||
| 87a1755729 | |||
| 752a2a2364 | |||
| d1affa2911 | |||
| 0ef2a4f3fd | |||
| 675d3f318a | |||
| 05512ffa23 | |||
| 2eeed5d26d | |||
| 9e3dbd5eb5 | |||
| efbab7c113 | |||
| b8f0f6447c | |||
| 8779a90433 | |||
| b3162ee410 | |||
| 42edd5e208 | |||
| e041baeef7 | |||
| 5bf682a007 | |||
| 6dacf49faa | |||
| 63c9c4242e | |||
| b5e345ed50 | |||
| 33f8436d42 |
29
CHANGELOG.md
Normal file
29
CHANGELOG.md
Normal file
@ -0,0 +1,29 @@
|
||||
# Change Log
|
||||
|
||||
## 1.3.0
|
||||
- update empty files
|
||||
- anonymous without chat
|
||||
- changed jwt implementation in csharp, csharp-mvc, php, ruby
|
||||
|
||||
## 1.2.0
|
||||
- ruby v3.0
|
||||
- set filetype in setHistoryData
|
||||
- read filetype from input request
|
||||
- creating file on WOPI
|
||||
- upload on WOPI page
|
||||
- fix xss
|
||||
- set userInfoGroups
|
||||
- check JWT on downloading history
|
||||
- upload dialog on mobile
|
||||
- anonymous without id
|
||||
- renaming from editor
|
||||
- new skin languages
|
||||
- ignore certificate
|
||||
|
||||
## 1.1.0
|
||||
- creating docxf
|
||||
- opening docxf, oform
|
||||
|
||||
|
||||
## 1.0.0
|
||||
- added java spring
|
||||
@ -24,11 +24,15 @@ jQuery.UI - jQuery UI is an open source library of interface components —
|
||||
License: MIT
|
||||
License File: jQuery.UI.license
|
||||
|
||||
JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/)
|
||||
License: MIT
|
||||
License File: JWT.license
|
||||
|
||||
Microsoft.Web.Infrastructure - This package contains the Microsoft.Web.Infrastructure assembly that lets you dynamically register HTTP modules at run time. (https://www.microsoft.com/web/webpi/eula/aspnetmvc3update-eula.htm)
|
||||
License: MS-EULA License
|
||||
License File: Microsoft.Web.Infrastructure.license
|
||||
|
||||
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://licenses.nuget.org/MIT)
|
||||
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json)
|
||||
License: MIT
|
||||
License File: Newtonsoft.Json.license
|
||||
|
||||
|
||||
@ -242,7 +242,8 @@ namespace OnlineEditorsExampleMVC.Helpers
|
||||
{
|
||||
var uri = new UriBuilder(GetServerUrl(forDocumentServer))
|
||||
{
|
||||
Path = HttpRuntime.AppDomainAppVirtualPath + "/"
|
||||
Path = HttpRuntime.AppDomainAppVirtualPath
|
||||
+ (HttpRuntime.AppDomainAppVirtualPath.EndsWith("/") ? "" : "/")
|
||||
+ CurUserHostAddress() + "/"
|
||||
+ fileName,
|
||||
Query = ""
|
||||
@ -292,7 +293,7 @@ namespace OnlineEditorsExampleMVC.Helpers
|
||||
+ "webeditor.ashx",
|
||||
Query = "type=track"
|
||||
+ "&fileName=" + HttpUtility.UrlEncode(fileName)
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress)
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(CurUserHostAddress(HttpContext.Current.Request.UserHostAddress))
|
||||
};
|
||||
return callbackUrl.ToString();
|
||||
}
|
||||
@ -322,7 +323,7 @@ namespace OnlineEditorsExampleMVC.Helpers
|
||||
+ "webeditor.ashx",
|
||||
Query = "type=downloadhistory"
|
||||
+ "&fileName=" + HttpUtility.UrlEncode(filename)
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress)
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(CurUserHostAddress(HttpContext.Current.Request.UserHostAddress))
|
||||
+ "&ver=" + version
|
||||
+ "&file="+ file
|
||||
};
|
||||
@ -340,7 +341,7 @@ namespace OnlineEditorsExampleMVC.Helpers
|
||||
+ "webeditor.ashx",
|
||||
Query = "type=download"
|
||||
+ "&fileName=" + HttpUtility.UrlEncode(fileName)
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress)
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(CurUserHostAddress(HttpContext.Current.Request.UserHostAddress))
|
||||
};
|
||||
return downloadUrl.ToString();
|
||||
}
|
||||
|
||||
@ -16,12 +16,12 @@
|
||||
*
|
||||
*/
|
||||
|
||||
using System;
|
||||
using JWT;
|
||||
using JWT.Algorithms;
|
||||
using JWT.Builder;
|
||||
using JWT.Serializers;
|
||||
using System.Collections.Generic;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using System.Web.Configuration;
|
||||
using System.Web.Script.Serialization;
|
||||
|
||||
namespace OnlineEditorsExampleMVC.Helpers
|
||||
{
|
||||
@ -30,31 +30,19 @@ namespace OnlineEditorsExampleMVC.Helpers
|
||||
private static readonly string Secret;
|
||||
public static readonly bool Enabled;
|
||||
|
||||
private static readonly JavaScriptSerializer Serializer;
|
||||
|
||||
static JwtManager()
|
||||
{
|
||||
Secret = WebConfigurationManager.AppSettings["files.docservice.secret"] ?? ""; // get token secret from the config parameters
|
||||
Enabled = !string.IsNullOrEmpty(Secret); // check if the token is enabled
|
||||
Serializer = new JavaScriptSerializer(); // define java script serializer
|
||||
}
|
||||
|
||||
// encode a payload object into a token using a secret key
|
||||
public static string Encode(IDictionary<string, object> payload)
|
||||
{
|
||||
// define the hashing algorithm and the token type
|
||||
var header = new Dictionary<string, object>
|
||||
{
|
||||
{ "alg", "HS256" },
|
||||
{ "typ", "JWT" }
|
||||
};
|
||||
|
||||
// three parts of token
|
||||
var encHeader = Base64UrlEncode(Serializer.Serialize(header)); // header
|
||||
var encPayload = Base64UrlEncode(Serializer.Serialize(payload)); // payload
|
||||
var hashSum = Base64UrlEncode(CalculateHash(encHeader, encPayload)); // signature
|
||||
|
||||
return string.Format("{0}.{1}.{2}", encHeader, encPayload, hashSum);
|
||||
var encoder = new JwtEncoder(new HMACSHA256Algorithm(),
|
||||
new JsonNetSerializer(),
|
||||
new JwtBase64UrlEncoder());
|
||||
return encoder.Encode(payload, Secret);
|
||||
}
|
||||
|
||||
// decode a token into a payload object using a secret key
|
||||
@ -62,52 +50,11 @@ namespace OnlineEditorsExampleMVC.Helpers
|
||||
{
|
||||
if (!Enabled || string.IsNullOrEmpty(token)) return "";
|
||||
|
||||
var split = token.Split('.');
|
||||
if (split.Length != 3) return "";
|
||||
|
||||
var hashSum = Base64UrlEncode(CalculateHash(split[0], split[1])); // get signature
|
||||
if (hashSum != split[2]) return ""; // and check if it is equal to the signature from the token
|
||||
return Base64UrlDecode(split[1]); // decode payload
|
||||
}
|
||||
|
||||
// generate a hash code based on a key using the HMAC method
|
||||
private static byte[] CalculateHash(string encHeader, string encPayload)
|
||||
{
|
||||
using (var hasher = new HMACSHA256(Encoding.UTF8.GetBytes(Secret)))
|
||||
{
|
||||
var bytes = Encoding.UTF8.GetBytes(string.Format("{0}.{1}", encHeader, encPayload));
|
||||
return hasher.ComputeHash(bytes);
|
||||
}
|
||||
}
|
||||
|
||||
// encode a string into the base64 value
|
||||
private static string Base64UrlEncode(string str)
|
||||
{
|
||||
return Base64UrlEncode(Encoding.UTF8.GetBytes(str));
|
||||
}
|
||||
|
||||
// encode bytes into the base64 value
|
||||
private static string Base64UrlEncode(byte[] bytes)
|
||||
{
|
||||
return Convert.ToBase64String(bytes)
|
||||
.TrimEnd('=').Replace('+', '-').Replace('/', '_');
|
||||
}
|
||||
|
||||
// decode a base64 value into the string
|
||||
private static string Base64UrlDecode(string payload)
|
||||
{
|
||||
var b64 = payload.Replace('_', '/').Replace('-', '+');
|
||||
switch (b64.Length%4)
|
||||
{
|
||||
case 2:
|
||||
b64 += "==";
|
||||
break;
|
||||
case 3:
|
||||
b64 += "=";
|
||||
break;
|
||||
}
|
||||
var bytes = Convert.FromBase64String(b64);
|
||||
return Encoding.UTF8.GetString(bytes);
|
||||
return JwtBuilder.Create()
|
||||
.WithAlgorithm(new HMACSHA256Algorithm())
|
||||
.WithSecret(Secret)
|
||||
.MustVerifySignature()
|
||||
.Decode(token);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -67,7 +67,8 @@ namespace OnlineEditorsExampleMVC.Helpers
|
||||
"Can't mention others in comments",
|
||||
"Can't create new files from the editor",
|
||||
"Can’t see anyone’s information",
|
||||
"Can't rename files from the editor"
|
||||
"Can't rename files from the editor",
|
||||
"Can't view chat",
|
||||
};
|
||||
|
||||
private static List<User> users = new List<User>() {
|
||||
|
||||
@ -148,6 +148,7 @@ namespace OnlineEditorsExampleMVC.Models
|
||||
{ "modifyFilter", editorsMode != "filter" },
|
||||
{ "modifyContentControl", editorsMode != "blockcontent" },
|
||||
{ "review", canEdit && (editorsMode == "edit" || editorsMode == "review") },
|
||||
{ "chat", !user.id.Equals("uid-0") },
|
||||
{ "reviewGroups", user.reviewGroups },
|
||||
{ "commentGroups", user.commentGroups },
|
||||
{ "userInfoGroups", user.userInfoGroups }
|
||||
@ -195,7 +196,7 @@ namespace OnlineEditorsExampleMVC.Models
|
||||
{
|
||||
"goback", new Dictionary<string, object> // settings for the Open file location menu button and upper right corner button
|
||||
{
|
||||
{ "url", url.Action("Index", "Home") } // the absolute URL to the website address which will be opened when clicking the Open file location menu button
|
||||
{ "url", DocManagerHelper.GetServerUrl(false) } // the absolute URL to the website address which will be opened when clicking the Open file location menu button
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -43,6 +43,9 @@
|
||||
<WarningLevel>4</WarningLevel>
|
||||
</PropertyGroup>
|
||||
<ItemGroup>
|
||||
<Reference Include="JWT, Version=9.0.0.0, Culture=neutral, PublicKeyToken=6f98bca0f40f2ecf, processorArchitecture=MSIL">
|
||||
<HintPath>packages\JWT.9.0.3\lib\net46\JWT.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.CSharp" />
|
||||
<Reference Include="System" />
|
||||
<Reference Include="System.ComponentModel.DataAnnotations" />
|
||||
|
||||
@ -166,6 +166,7 @@
|
||||
var data = {
|
||||
newfilename: newfilename,
|
||||
dockey: config.document.key,
|
||||
ext: config.document.fileType
|
||||
};
|
||||
|
||||
let xhr = new XMLHttpRequest();
|
||||
|
||||
@ -163,7 +163,7 @@
|
||||
var isFillFormDoc = DocManagerHelper.FillFormExts.Contains(ext);
|
||||
%>
|
||||
|
||||
<tr class="tableRow" title="<%= storedFile.Name %> [<%= DocManagerHelper.GetFileVersion(storedFile.Name, HttpContext.Current.Request.UserHostAddress) %>]">
|
||||
<tr class="tableRow" title="<%= storedFile.Name %> [<%= DocManagerHelper.GetFileVersion(storedFile.Name, HttpContext.Current.Request.UserHostAddress.Replace(':', '_')) %>]">
|
||||
<td class="contentCells">
|
||||
<a class="stored-edit <%= docType %>" href="<%= Url.Action("Editor", "Home", new { fileName = storedFile.Name }) %>" target="_blank">
|
||||
<span><%= storedFile.Name %></span>
|
||||
|
||||
@ -575,7 +575,15 @@ namespace OnlineEditorsExampleMVC
|
||||
var jss = new JavaScriptSerializer();
|
||||
var body = jss.Deserialize<Dictionary<string, object>>(fileData);
|
||||
var newFileName = (string) body["newfilename"];
|
||||
var docKey = (string) body["dockey"];
|
||||
var docKey = (string) body["dockey"];
|
||||
|
||||
var origExt = '.' + (string) body["ext"];
|
||||
var curExt = Path.GetExtension(newFileName).ToLower();
|
||||
|
||||
if (string.Compare(origExt, curExt, true) != 0)
|
||||
{
|
||||
newFileName += origExt;
|
||||
}
|
||||
var meta = new Dictionary<string, object>() {
|
||||
{ "title", newFileName }
|
||||
};
|
||||
|
||||
Submodule web/documentserver-example/csharp-mvc/assets updated: 1d601d84c4...1fc823afa9
@ -24,11 +24,15 @@ jQuery.UI - jQuery UI is an open source library of interface components —
|
||||
License: MIT
|
||||
License File: jQuery.UI.license
|
||||
|
||||
JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/)
|
||||
License: MIT
|
||||
License File: JWT.license
|
||||
|
||||
Microsoft.Web.Infrastructure - This package contains the Microsoft.Web.Infrastructure assembly that lets you dynamically register HTTP modules at run time. (https://www.microsoft.com/web/webpi/eula/aspnetmvc3update-eula.htm)
|
||||
License: MS-EULA License
|
||||
License File: Microsoft.Web.Infrastructure.license
|
||||
|
||||
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://licenses.nuget.org/MIT)
|
||||
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json)
|
||||
License: MIT
|
||||
License File: Newtonsoft.Json.license
|
||||
|
||||
|
||||
21
web/documentserver-example/csharp-mvc/licenses/JWT.license
Normal file
21
web/documentserver-example/csharp-mvc/licenses/JWT.license
Normal file
@ -0,0 +1,21 @@
|
||||
# Public Domain
|
||||
|
||||
Written by John Sheehan (http://john-sheehan.com)
|
||||
|
||||
This work is public domain.
|
||||
|
||||
The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.
|
||||
|
||||
For more information, please visit: http://creativecommons.org/publicdomain/zero/1.0/
|
||||
|
||||
# MIT
|
||||
|
||||
Copyright (c) 2019 Jwt.Net Maintainers and Contributors.
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
|
||||
For more information, please visit: https://opensource.org/licenses/MIT
|
||||
@ -2,6 +2,7 @@
|
||||
<packages>
|
||||
<package id="Antlr" version="3.5.0.2" targetFramework="net45" />
|
||||
<package id="EntityFramework" version="6.4.4" targetFramework="net45" />
|
||||
<package id="JWT" version="9.0.3" targetFramework="net48" />
|
||||
<package id="Microsoft.AspNet.Mvc" version="5.2.7" targetFramework="net45" />
|
||||
<package id="Microsoft.AspNet.Razor" version="3.2.7" targetFramework="net45" />
|
||||
<package id="Microsoft.AspNet.Web.Optimization" version="1.1.3" targetFramework="net45" />
|
||||
@ -11,6 +12,6 @@
|
||||
<package id="Microsoft.AspNet.WebPages" version="3.2.7" targetFramework="net45" />
|
||||
<package id="Microsoft.CSharp" version="4.7.0" targetFramework="net45" />
|
||||
<package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net45" />
|
||||
<package id="Newtonsoft.Json" version="12.0.3" targetFramework="net45" />
|
||||
<package id="Newtonsoft.Json" version="13.0.1" targetFramework="net45" />
|
||||
<package id="WebGrease" version="1.6.0" targetFramework="net45" />
|
||||
</packages>
|
||||
@ -1,7 +1,7 @@
|
||||
<?xml version="1.0"?>
|
||||
<appSettings>
|
||||
<clear />
|
||||
<add key="version" value="1.2.0"/>
|
||||
<add key="version" value="1.3.0"/>
|
||||
|
||||
<add key="filesize-max" value="52428800"/>
|
||||
<add key="storage-path" value=""/>
|
||||
|
||||
@ -19,3 +19,11 @@ License File: jQuery.iframe-transport.license
|
||||
jQuery.UI - jQuery UI is an open source library of interface components — interactions, full-featured widgets, and animation effects — based on the stellar jQuery javascript library . Each component is built according to jQuery's event-driven architecture (find something, manipulate it) and is themeable, making it easy for developers of any skill level to integrate and extend into their own code. (https://jquery.org/license/)
|
||||
License: MIT
|
||||
License File: jQuery.UI.license
|
||||
|
||||
JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/)
|
||||
License: MIT
|
||||
License File: JWT.license
|
||||
|
||||
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json)
|
||||
License: MIT
|
||||
License File: Newtonsoft.Json.license
|
||||
@ -165,7 +165,7 @@
|
||||
var isFillFormDoc = FillFormsExts.Contains(ext);
|
||||
%>
|
||||
|
||||
<tr class="tableRow" title="<%= storedFile.Name %> [<%= GetFileVersion(storedFile.Name, HttpContext.Current.Request.UserHostAddress) %>]">
|
||||
<tr class="tableRow" title="<%= storedFile.Name %> [<%= GetFileVersion(storedFile.Name, HttpContext.Current.Request.UserHostAddress.Replace(':','_')) %>]">
|
||||
<td class="contentCells">
|
||||
<a class="stored-edit <%= docType %>" href="<%= editUrl %>" target="_blank">
|
||||
<span><%= storedFile.Name %></span>
|
||||
|
||||
@ -485,7 +485,7 @@ namespace OnlineEditorsExample
|
||||
+ (HttpRuntime.AppDomainAppVirtualPath.EndsWith("/") ? "" : "/")
|
||||
+ "webeditor.ashx";
|
||||
fileUrl.Query = "type=download&fileName=" + HttpUtility.UrlEncode(_fileName)
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress);
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(CurUserHostAddress(HttpContext.Current.Request.UserHostAddress));
|
||||
|
||||
// get the url to the converted file
|
||||
string newFileUri;
|
||||
|
||||
@ -178,6 +178,7 @@
|
||||
var data = {
|
||||
newfilename: newfilename,
|
||||
dockey: config.document.key,
|
||||
ext: config.document.fileType
|
||||
};
|
||||
|
||||
let xhr = new XMLHttpRequest();
|
||||
|
||||
@ -81,7 +81,7 @@ namespace OnlineEditorsExample
|
||||
+ "webeditor.ashx";
|
||||
callbackUrl.Query = "type=track"
|
||||
+ "&fileName=" + HttpUtility.UrlEncode(FileName)
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress);
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(_Default.CurUserHostAddress(HttpContext.Current.Request.UserHostAddress));
|
||||
return callbackUrl.ToString();
|
||||
}
|
||||
}
|
||||
@ -109,7 +109,7 @@ namespace OnlineEditorsExample
|
||||
+ "webeditor.ashx";
|
||||
downloadUrl.Query = "type=download"
|
||||
+ "&fileName=" + HttpUtility.UrlEncode(fileName)
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress);
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(_Default.CurUserHostAddress(HttpContext.Current.Request.UserHostAddress));
|
||||
return downloadUrl.ToString();
|
||||
}
|
||||
|
||||
@ -216,6 +216,7 @@ namespace OnlineEditorsExample
|
||||
{ "modifyFilter", editorsMode != "filter" },
|
||||
{ "modifyContentControl", editorsMode != "blockcontent" },
|
||||
{ "review", canEdit && (editorsMode == "edit" || editorsMode == "review") },
|
||||
{ "chat", !user.id.Equals("uid-0") },
|
||||
{ "reviewGroups", user.reviewGroups },
|
||||
{ "commentGroups", user.commentGroups },
|
||||
{ "userInfoGroups", user.userInfoGroups }
|
||||
@ -529,7 +530,7 @@ namespace OnlineEditorsExample
|
||||
+ "webeditor.ashx";
|
||||
fileUrl.Query = "type=downloadhistory&fileName=" + HttpUtility.UrlEncode(filename)
|
||||
+ "&ver=" + version + "&file=" + file
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress);
|
||||
+ "&userAddress=" + HttpUtility.UrlEncode(_Default.CurUserHostAddress(HttpContext.Current.Request.UserHostAddress));
|
||||
return fileUrl.ToString();
|
||||
}
|
||||
|
||||
|
||||
@ -16,12 +16,12 @@
|
||||
*
|
||||
*/
|
||||
|
||||
using System;
|
||||
using JWT;
|
||||
using JWT.Algorithms;
|
||||
using JWT.Builder;
|
||||
using JWT.Serializers;
|
||||
using System.Collections.Generic;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using System.Web.Configuration;
|
||||
using System.Web.Script.Serialization;
|
||||
|
||||
namespace OnlineEditorsExample
|
||||
{
|
||||
@ -30,31 +30,19 @@ namespace OnlineEditorsExample
|
||||
private static readonly string Secret;
|
||||
public static readonly bool Enabled;
|
||||
|
||||
private static readonly JavaScriptSerializer Serializer;
|
||||
|
||||
static JwtManager()
|
||||
{
|
||||
Secret = WebConfigurationManager.AppSettings["files.docservice.secret"] ?? ""; // get token secret from the config parameters
|
||||
Enabled = !string.IsNullOrEmpty(Secret); // check if the token is enabled
|
||||
Serializer = new JavaScriptSerializer(); // define java script serializer
|
||||
}
|
||||
|
||||
// encode a payload object into a token using a secret key
|
||||
public static string Encode(IDictionary<string, object> payload)
|
||||
{
|
||||
// define the hashing algorithm and the token type
|
||||
var header = new Dictionary<string, object>
|
||||
{
|
||||
{ "alg", "HS256" },
|
||||
{ "typ", "JWT" }
|
||||
};
|
||||
|
||||
// three parts of token
|
||||
var encHeader = Base64UrlEncode(Serializer.Serialize(header)); // header
|
||||
var encPayload = Base64UrlEncode(Serializer.Serialize(payload)); // payload
|
||||
var hashSum = Base64UrlEncode(CalculateHash(encHeader, encPayload)); // signature
|
||||
|
||||
return string.Format("{0}.{1}.{2}", encHeader, encPayload, hashSum);
|
||||
var encoder = new JwtEncoder(new HMACSHA256Algorithm(),
|
||||
new JsonNetSerializer(),
|
||||
new JwtBase64UrlEncoder());
|
||||
return encoder.Encode(payload, Secret);
|
||||
}
|
||||
|
||||
// decode a token into a payload object using a secret key
|
||||
@ -62,52 +50,11 @@ namespace OnlineEditorsExample
|
||||
{
|
||||
if (!Enabled || string.IsNullOrEmpty(token)) return "";
|
||||
|
||||
var split = token.Split('.');
|
||||
if (split.Length != 3) return "";
|
||||
|
||||
var hashSum = Base64UrlEncode(CalculateHash(split[0], split[1])); // get signature
|
||||
if (hashSum != split[2]) return ""; // and check if it is equal to the signature from the token
|
||||
return Base64UrlDecode(split[1]); // decode payload
|
||||
}
|
||||
|
||||
// generate a hash code based on a key using the HMAC method
|
||||
private static byte[] CalculateHash(string encHeader, string encPayload)
|
||||
{
|
||||
using (var hasher = new HMACSHA256(Encoding.UTF8.GetBytes(Secret)))
|
||||
{
|
||||
var bytes = Encoding.UTF8.GetBytes(string.Format("{0}.{1}", encHeader, encPayload));
|
||||
return hasher.ComputeHash(bytes);
|
||||
}
|
||||
}
|
||||
|
||||
// encode a string into the base64 value
|
||||
private static string Base64UrlEncode(string str)
|
||||
{
|
||||
return Base64UrlEncode(Encoding.UTF8.GetBytes(str));
|
||||
}
|
||||
|
||||
// encode bytes into the base64 value
|
||||
private static string Base64UrlEncode(byte[] bytes)
|
||||
{
|
||||
return Convert.ToBase64String(bytes)
|
||||
.TrimEnd('=').Replace('+', '-').Replace('/', '_');
|
||||
}
|
||||
|
||||
// decode a base64 value into the string
|
||||
private static string Base64UrlDecode(string payload)
|
||||
{
|
||||
var b64 = payload.Replace('_', '/').Replace('-', '+');
|
||||
switch (b64.Length%4)
|
||||
{
|
||||
case 2:
|
||||
b64 += "==";
|
||||
break;
|
||||
case 3:
|
||||
b64 += "=";
|
||||
break;
|
||||
}
|
||||
var bytes = Convert.FromBase64String(b64);
|
||||
return Encoding.UTF8.GetString(bytes);
|
||||
return JwtBuilder.Create()
|
||||
.WithAlgorithm(new HMACSHA256Algorithm())
|
||||
.WithSecret(Secret)
|
||||
.MustVerifySignature()
|
||||
.Decode(token);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -44,10 +44,16 @@
|
||||
<Prefer32Bit>false</Prefer32Bit>
|
||||
</PropertyGroup>
|
||||
<ItemGroup>
|
||||
<Reference Include="JWT, Version=9.0.0.0, Culture=neutral, PublicKeyToken=6f98bca0f40f2ecf, processorArchitecture=MSIL">
|
||||
<HintPath>packages\JWT.9.0.3\lib\net46\JWT.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.CSharp" />
|
||||
<Reference Include="Microsoft.Web.Infrastructure">
|
||||
<HintPath>packages\Microsoft.Web.Infrastructure.1.0.0.0\lib\net40\Microsoft.Web.Infrastructure.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Newtonsoft.Json, Version=10.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
|
||||
<HintPath>packages\Newtonsoft.Json.10.0.3\lib\net45\Newtonsoft.Json.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="System" />
|
||||
<Reference Include="System.Web.Extensions" />
|
||||
<Reference Include="System.Web" />
|
||||
|
||||
@ -66,7 +66,8 @@ namespace OnlineEditorsExample
|
||||
"Can't mention others in comments",
|
||||
"Can't create new files from the editor",
|
||||
"Can’t see anyone’s information",
|
||||
"Can't rename files from the editor"
|
||||
"Can't rename files from the editor",
|
||||
"Can't view chat",
|
||||
};
|
||||
|
||||
private static List<User> users = new List<User>() {
|
||||
|
||||
@ -207,7 +207,7 @@ namespace OnlineEditorsExample
|
||||
try
|
||||
{
|
||||
var fileName = Path.GetFileName(context.Request["fileName"]);
|
||||
var path = _Default.StoragePath(fileName, HttpUtility.UrlEncode(HttpContext.Current.Request.UserHostAddress));
|
||||
var path = _Default.StoragePath(fileName, HttpUtility.UrlEncode(_Default.CurUserHostAddress(HttpContext.Current.Request.UserHostAddress)));
|
||||
var histDir = _Default.HistoryDir(path);
|
||||
|
||||
if (File.Exists(path)) File.Delete(path); // delete file
|
||||
@ -394,6 +394,15 @@ namespace OnlineEditorsExample
|
||||
var body = jss.Deserialize<Dictionary<string, object>>(fileData);
|
||||
var newFileName = (string) body["newfilename"];
|
||||
var docKey = (string) body["dockey"];
|
||||
|
||||
var origExt = '.' + (string) body["ext"];
|
||||
var curExt = Path.GetExtension(newFileName).ToLower();
|
||||
|
||||
if (string.Compare(origExt, curExt, true) != 0)
|
||||
{
|
||||
newFileName += origExt;
|
||||
}
|
||||
|
||||
var meta = new Dictionary<string, object>() {
|
||||
{ "title", newFileName }
|
||||
};
|
||||
|
||||
Submodule web/documentserver-example/csharp/assets updated: 1d601d84c4...1fc823afa9
@ -19,3 +19,11 @@ License File: jQuery.iframe-transport.license
|
||||
jQuery.UI - jQuery UI is an open source library of interface components — interactions, full-featured widgets, and animation effects — based on the stellar jQuery javascript library . Each component is built according to jQuery's event-driven architecture (find something, manipulate it) and is themeable, making it easy for developers of any skill level to integrate and extend into their own code. (https://jquery.org/license/)
|
||||
License: MIT
|
||||
License File: jQuery.UI.license
|
||||
|
||||
JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/)
|
||||
License: MIT
|
||||
License File: JWT.license
|
||||
|
||||
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json)
|
||||
License: MIT
|
||||
License File: Newtonsoft.Json.license
|
||||
21
web/documentserver-example/csharp/licenses/JWT.license
Normal file
21
web/documentserver-example/csharp/licenses/JWT.license
Normal file
@ -0,0 +1,21 @@
|
||||
# Public Domain
|
||||
|
||||
Written by John Sheehan (http://john-sheehan.com)
|
||||
|
||||
This work is public domain.
|
||||
|
||||
The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.
|
||||
|
||||
For more information, please visit: http://creativecommons.org/publicdomain/zero/1.0/
|
||||
|
||||
# MIT
|
||||
|
||||
Copyright (c) 2019 Jwt.Net Maintainers and Contributors.
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
|
||||
For more information, please visit: https://opensource.org/licenses/MIT
|
||||
@ -0,0 +1,20 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2007 James Newton-King
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
@ -1,6 +1,8 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<packages>
|
||||
<package id="JWT" version="9.0.3" targetFramework="net48" />
|
||||
<package id="Microsoft.AspNet.Razor" version="3.2.7" targetFramework="net45" />
|
||||
<package id="Microsoft.AspNet.WebPages" version="3.2.7" targetFramework="net45" />
|
||||
<package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net45" />
|
||||
<package id="Newtonsoft.Json" version="10.0.3" targetFramework="net48" />
|
||||
</packages>
|
||||
@ -1,7 +1,7 @@
|
||||
<?xml version="1.0" encoding="utf-8" ?>
|
||||
<appSettings>
|
||||
<clear />
|
||||
<add key="version" value="1.2.0"/>
|
||||
<add key="version" value="1.3.0"/>
|
||||
|
||||
<add key="filesize-max" value="52428800"/>
|
||||
<add key="storage-path" value=""/>
|
||||
|
||||
4
web/documentserver-example/java-spring/pom.xml
Executable file → Normal file
4
web/documentserver-example/java-spring/pom.xml
Executable file → Normal file
@ -48,7 +48,7 @@
|
||||
<dependency>
|
||||
<groupId>com.google.code.gson</groupId>
|
||||
<artifactId>gson</artifactId>
|
||||
<version>2.8.5</version>
|
||||
<version>2.8.9</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.inversoft</groupId>
|
||||
@ -64,7 +64,7 @@
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-databind</artifactId>
|
||||
<version>2.12.2</version>
|
||||
<version>2.12.6.1</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.modelmapper</groupId>
|
||||
|
||||
@ -42,7 +42,8 @@ public class ExampleData {
|
||||
"Can't mention others in comments",
|
||||
"Can't create new files from the editor",
|
||||
"Can’t see anyone’s information",
|
||||
"Can't rename files from the editor"
|
||||
"Can't rename files from the editor",
|
||||
"Can't view chat"
|
||||
);
|
||||
List<String> description_user_1 = List.of( // the description for user 1
|
||||
"File author by default",
|
||||
@ -51,7 +52,8 @@ public class ExampleData {
|
||||
"He can do everything with the comments",
|
||||
"The file favorite state is undefined",
|
||||
"Can create a file from a template with data from the editor",
|
||||
"Can see the information about all users"
|
||||
"Can see the information about all users",
|
||||
"Can view chat"
|
||||
);
|
||||
List<String> description_user_2 = List.of( // the description for user 2
|
||||
"He belongs to Group2",
|
||||
@ -59,7 +61,8 @@ public class ExampleData {
|
||||
"He can view every comment, edit his comments and the comments left by the users who don't belong to any of the groups and remove only his comments",
|
||||
"This file is favorite",
|
||||
"Can create a file from an editor",
|
||||
"Can see the information about users from Group2 and users who don’t belong to any group"
|
||||
"Can see the information about users from Group2 and users who don’t belong to any group",
|
||||
"Can view chat"
|
||||
);
|
||||
List<String> description_user_3 = List.of( // the description for user 3
|
||||
"He belongs to Group3",
|
||||
@ -70,7 +73,8 @@ public class ExampleData {
|
||||
"He can’t download the file",
|
||||
"He can’t print the file",
|
||||
"Can create a file from an editor",
|
||||
"Can see the information about Group2 users"
|
||||
"Can see the information about Group2 users",
|
||||
"Can view chat"
|
||||
);
|
||||
userService.createUser("John Smith", "smith@example.com", // create user 1 with the specified parameters
|
||||
description_user_1, "", List.of(FilterState.NULL.toString()),
|
||||
@ -78,15 +82,18 @@ public class ExampleData {
|
||||
List.of(FilterState.NULL.toString()),
|
||||
List.of(FilterState.NULL.toString()),
|
||||
List.of(FilterState.NULL.toString()),
|
||||
null);
|
||||
null, true);
|
||||
userService.createUser("Mark Pottato", "pottato@example.com", // create user 2 with the specified parameters
|
||||
description_user_2, "group-2", List.of("","group-2"), List.of(FilterState.NULL.toString()),
|
||||
List.of("group-2", ""), List.of("group-2"), List.of("group-2", ""), true);
|
||||
List.of("group-2", ""), List.of("group-2"), List.of("group-2", ""), true,
|
||||
true);
|
||||
userService.createUser("Hamish Mitchell", "mitchell@example.com", // create user 3 with the specified parameters
|
||||
description_user_3, "group-3", List.of("group-2"), List.of("group-2", "group-3"),
|
||||
List.of("group-2"), new ArrayList<>(), List.of("group-2"), false);
|
||||
List.of("group-2"), new ArrayList<>(), List.of("group-2"), false,
|
||||
true);
|
||||
userService.createUser("Anonymous",null, // create user 0 with the specified parameters
|
||||
description_user_0,"", List.of(FilterState.NULL.toString()), List.of(FilterState.NULL.toString()),
|
||||
List.of(FilterState.NULL.toString()), List.of(FilterState.NULL.toString()), new ArrayList<>(),null);
|
||||
List.of(FilterState.NULL.toString()), List.of(FilterState.NULL.toString()), new ArrayList<>(),null,
|
||||
false);
|
||||
}
|
||||
}
|
||||
|
||||
@ -371,6 +371,16 @@ public class FileController {
|
||||
public String rename(@RequestBody JSONObject body) {
|
||||
String newfilename = (String) body.get("newfilename");
|
||||
String dockey = (String) body.get("dockey");
|
||||
String origExt = "." + (String) body.get("ext");
|
||||
String curExt = newfilename;
|
||||
|
||||
if(newfilename.indexOf(".") != -1) {
|
||||
curExt = (String) fileUtility.getFileExtension(newfilename);
|
||||
}
|
||||
|
||||
if(origExt.compareTo(curExt) != 0) {
|
||||
newfilename += origExt;
|
||||
}
|
||||
|
||||
HashMap<String, String> meta = new HashMap<>();
|
||||
meta.put("title", newfilename);
|
||||
|
||||
@ -25,6 +25,7 @@ public enum Action {
|
||||
embedded,
|
||||
filter,
|
||||
comment,
|
||||
chat,
|
||||
fillForms,
|
||||
blockcontent
|
||||
}
|
||||
|
||||
@ -43,6 +43,7 @@ public class Permission extends AbstractModel { // the permission for the docum
|
||||
private Boolean modifyFilter = true; // if the filter can applied globally (true) affecting all the other users, or locally (false)
|
||||
private Boolean modifyContentControl = true; // if the content control settings can be changed
|
||||
private Boolean review = true; // if the document can be reviewed or not
|
||||
private Boolean chat = true; // if a chat can be used
|
||||
@JsonInclude(value = JsonInclude.Include.CUSTOM, valueFilter = SerializerFilter.class)
|
||||
private List<String> reviewGroups; // the groups whose changes the user can accept/reject
|
||||
@Autowired
|
||||
|
||||
@ -38,6 +38,7 @@ public class Permission extends AbstractEntity {
|
||||
private Boolean modifyFilter = true;
|
||||
private Boolean modifyContentControl = true;
|
||||
private Boolean review = true;
|
||||
private Boolean chat = true;
|
||||
private Boolean templates=true;
|
||||
@ManyToMany
|
||||
private List<Group> reviewGroups;
|
||||
|
||||
@ -37,7 +37,8 @@ public class PermissionServices {
|
||||
List<Group> commentViewGroups,
|
||||
List<Group> commentEditGroups,
|
||||
List<Group> commentRemoveGroups,
|
||||
List<Group> userInfoGroups){
|
||||
List<Group> userInfoGroups,
|
||||
Boolean chat){
|
||||
|
||||
Permission permission = new Permission();
|
||||
permission.setReviewGroups(reviewGroups); // define the groups whose changes the user can accept/reject
|
||||
@ -45,6 +46,7 @@ public class PermissionServices {
|
||||
permission.setCommentsEditGroups(commentEditGroups); // defines the groups whose comments the user can edit
|
||||
permission.setCommentsRemoveGroups(commentRemoveGroups); // defines the groups whose comments the user can remove
|
||||
permission.setUserInfoGroups(userInfoGroups);
|
||||
permission.setChat(chat);
|
||||
|
||||
permissionRepository.save(permission); // save new permissions
|
||||
|
||||
|
||||
@ -56,7 +56,9 @@ public class UserServices {
|
||||
List<String> reviewGroups,
|
||||
List<String> viewGroups,
|
||||
List<String> editGroups,
|
||||
List<String> removeGroups, List<String> userInfoGroups, Boolean favoriteDoc){
|
||||
List<String> removeGroups,
|
||||
List<String> userInfoGroups, Boolean favoriteDoc,
|
||||
Boolean chat){
|
||||
User newUser = new User();
|
||||
newUser.setName(name); // set the user name
|
||||
newUser.setEmail(email); // set the user email
|
||||
@ -71,7 +73,7 @@ public class UserServices {
|
||||
List<Group> usInfoGroups = groupServices.createGroups(userInfoGroups);
|
||||
|
||||
Permission permission = permissionService
|
||||
.createPermission(groupsReview, commentGroupsView, commentGroupsEdit, commentGroupsRemove, usInfoGroups); // specify permissions for the current user
|
||||
.createPermission(groupsReview, commentGroupsView, commentGroupsEdit, commentGroupsRemove, usInfoGroups, chat); // specify permissions for the current user
|
||||
newUser.setPermissions(permission);
|
||||
|
||||
userRepository.save(newUser); // save a new user
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
server.version=1.2.0
|
||||
server.version=1.3.0
|
||||
|
||||
server.address=
|
||||
server.port=4000
|
||||
|
||||
@ -149,6 +149,7 @@
|
||||
var data = {
|
||||
newfilename: newfilename,
|
||||
dockey: config.document.key,
|
||||
ext: config.document.fileType
|
||||
};
|
||||
let xhr = new XMLHttpRequest();
|
||||
xhr.open("POST", "rename");
|
||||
|
||||
@ -29,7 +29,7 @@
|
||||
<dependency>
|
||||
<groupId>com.google.code.gson</groupId>
|
||||
<artifactId>gson</artifactId>
|
||||
<version>2.8.5</version>
|
||||
<version>2.8.9</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.inversoft</groupId>
|
||||
|
||||
@ -573,6 +573,17 @@ public class IndexServlet extends HttpServlet
|
||||
String newfilename = (String) body.get("newfilename");
|
||||
String dockey = (String) body.get("dockey");
|
||||
|
||||
String origExt = "." + (String) body.get("ext");
|
||||
String curExt = newfilename;
|
||||
|
||||
if(newfilename.indexOf(".") != -1) {
|
||||
curExt = (String) FileUtility.GetFileExtension(newfilename);
|
||||
}
|
||||
|
||||
if(origExt.compareTo(curExt) != 0) {
|
||||
newfilename += origExt;
|
||||
}
|
||||
|
||||
HashMap<String, String> meta = new HashMap<>();
|
||||
meta.put("title", newfilename);
|
||||
|
||||
|
||||
@ -265,6 +265,7 @@ public class FileModel
|
||||
public Boolean modifyFilter;
|
||||
public Boolean modifyContentControl;
|
||||
public Boolean review;
|
||||
public Boolean chat;
|
||||
public List<String> reviewGroups;
|
||||
public CommentGroups commentGroups;
|
||||
public List<String> userInfoGroups;
|
||||
@ -281,6 +282,7 @@ public class FileModel
|
||||
modifyFilter = !mode.equals("filter");
|
||||
modifyContentControl = !mode.equals("blockcontent");
|
||||
review = canEdit && (mode.equals("edit") || mode.equals("review"));
|
||||
chat = !user.id.equals("uid-0");
|
||||
reviewGroups = user.reviewGroups;
|
||||
commentGroups = user.commentGroups;
|
||||
userInfoGroups = user.userInfoGroups;
|
||||
|
||||
@ -65,6 +65,7 @@ public class Users {
|
||||
add("Can't create new files from the editor");
|
||||
add("Can’t see anyone’s information");
|
||||
add("Can't rename files from the editor");
|
||||
add("Can't view chat");
|
||||
}};
|
||||
|
||||
private static List<User> users = new ArrayList<User>() {{
|
||||
|
||||
Submodule web/documentserver-example/java/src/main/resources/assets updated: 1d601d84c4...1fc823afa9
@ -1,4 +1,4 @@
|
||||
version=1.2.0
|
||||
version=1.3.0
|
||||
|
||||
filesize-max=5242880
|
||||
storage-folder=app_data
|
||||
|
||||
@ -150,6 +150,7 @@
|
||||
var data = {
|
||||
newfilename: newfilename,
|
||||
dockey: config.document.key,
|
||||
ext: config.document.fileType
|
||||
};
|
||||
let xhr = new XMLHttpRequest();
|
||||
xhr.open("POST", "IndexServlet?type=rename");
|
||||
|
||||
@ -128,9 +128,8 @@ app.get("/download", function(req, res) { // define a handler for downloading f
|
||||
|
||||
var fileName = fileUtility.getFileName(req.query.fileName);
|
||||
var userAddress = req.query.useraddress;
|
||||
var isEmbedded = req.query.dmode;
|
||||
|
||||
if ((cfgSignatureEnable && cfgSignatureUseForRequest) && isEmbedded == null ) {
|
||||
if ((cfgSignatureEnable && cfgSignatureUseForRequest)) {
|
||||
var authorization = req.get(cfgSignatureAuthorizationHeader);
|
||||
if (authorization && authorization.startsWith(cfgSignatureAuthorizationHeaderPrefix)) {
|
||||
var token = authorization.substring(cfgSignatureAuthorizationHeaderPrefix.length);
|
||||
@ -212,7 +211,6 @@ app.post("/upload", function (req, res) { // define a handler for uploading fil
|
||||
const form = new formidable.IncomingForm(); // create a new incoming form
|
||||
form.uploadDir = uploadDirTmp; // and write there all the necessary parameters
|
||||
form.keepExtensions = true;
|
||||
form.maxFileSize = configServer.get("maxFileSize");
|
||||
|
||||
form.parse(req, function (err, fields, files) { // parse this form
|
||||
if (err) { // if an error occurs
|
||||
@ -325,7 +323,7 @@ app.post("/convert", function (req, res) { // define a handler for converting f
|
||||
var fileName = fileUtility.getFileName(req.body.filename);
|
||||
var filePass = req.body.filePass ? req.body.filePass : null;
|
||||
var lang = req.body.lang ? req.body.lang : null;
|
||||
var fileUri = req.docManager.getFileUri(fileName);
|
||||
var fileUri = req.docManager.getDownloadUrl(fileName, true);
|
||||
var fileExt = fileUtility.getFileExtension(fileName);
|
||||
var fileType = fileUtility.getFileType(fileName);
|
||||
var internalFileExt = req.docManager.getInternalExtension(fileType);
|
||||
@ -807,8 +805,8 @@ app.get("/editor", function (req, res) { // define a handler for editing docume
|
||||
};
|
||||
}
|
||||
var key = req.docManager.getKey(fileName);
|
||||
var url = req.docManager.getDownloadUrl(fileName);
|
||||
var urlUser = path.isAbsolute(storageFolder) ? req.docManager.getDownloadUrl(fileName) + "&dmode=emb" : req.docManager.getlocalFileUri(fileName, 0, false);
|
||||
var url = req.docManager.getDownloadUrl(fileName, true);
|
||||
var urlUser = req.docManager.getDownloadUrl(fileName);
|
||||
var mode = req.query.mode || "edit"; // mode: view/edit/review/comment/fillForms/embedded
|
||||
|
||||
var type = req.query.type || ""; // type: embedded/mobile/desktop
|
||||
@ -852,7 +850,7 @@ app.get("/editor", function (req, res) { // define a handler for editing docume
|
||||
fileType: fileExt.slice(1),
|
||||
version: i,
|
||||
key: keyVersion,
|
||||
url: i == countVersion ? url : (`${req.docManager.getServerUrl(false)}/history?fileName=${encodeURIComponent(fileName)}&file=prev${fileExt}&ver=${i}&useraddress=${userAddress}`),
|
||||
url: i == countVersion ? url : (`${req.docManager.getServerUrl(true)}/history?fileName=${encodeURIComponent(fileName)}&file=prev${fileExt}&ver=${i}&useraddress=${userAddress}`),
|
||||
};
|
||||
|
||||
if (i > 1 && req.docManager.existsSync(req.docManager.diffPath(fileName, userAddress, i-1))) { // check if the path to the file with document versions differences exists
|
||||
@ -861,7 +859,7 @@ app.get("/editor", function (req, res) { // define a handler for editing docume
|
||||
key: historyData[i-2].key,
|
||||
url: historyData[i-2].url,
|
||||
};
|
||||
let changesUrl = `${req.docManager.getServerUrl(false)}/history?fileName=${encodeURIComponent(fileName)}&file=diff.zip&ver=${i-1}&useraddress=${userAddress}`;
|
||||
let changesUrl = `${req.docManager.getServerUrl(true)}/history?fileName=${encodeURIComponent(fileName)}&file=diff.zip&ver=${i-1}&useraddress=${userAddress}`;
|
||||
historyD.changesUrl = changesUrl; // get the path to the diff.zip file and write it to the history object
|
||||
}
|
||||
|
||||
@ -909,6 +907,7 @@ app.get("/editor", function (req, res) { // define a handler for editing docume
|
||||
templates: user.templates ? templates : null,
|
||||
isEdit: canEdit && (mode == "edit" || mode == "view" || mode == "filter" || mode == "blockcontent"),
|
||||
review: canEdit && (mode == "edit" || mode == "review"),
|
||||
chat: userid != "uid-0",
|
||||
comment: mode != "view" && mode != "fillForms" && mode != "embedded" && mode != "blockcontent",
|
||||
fillForms: mode != "view" && mode != "comment" && mode != "embedded" && mode != "blockcontent",
|
||||
modifyFilter: mode != "filter",
|
||||
@ -976,6 +975,12 @@ app.get("/editor", function (req, res) { // define a handler for editing docume
|
||||
app.post("/rename", function (req, res) { //define a handler for renaming file
|
||||
|
||||
var newfilename = req.body.newfilename;
|
||||
var origExt = req.body.ext;
|
||||
var curExt = fileUtility.getFileExtension(newfilename, true);
|
||||
if (curExt !== origExt) {
|
||||
newfilename += '.' + origExt;
|
||||
}
|
||||
|
||||
var dockey = req.body.dockey;
|
||||
var meta = {title: newfilename};
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
{
|
||||
"version": "1.2.0",
|
||||
"version": "1.3.0",
|
||||
"log": {
|
||||
"appenders": [
|
||||
{
|
||||
|
||||
@ -163,22 +163,6 @@ docManager.prototype.getFileData = function (fileName, userAddress) {
|
||||
return ((fileSystem.readFileSync(history)).toString()).split(",");
|
||||
};
|
||||
|
||||
// get url to the original file
|
||||
docManager.prototype.getFileUri = function (fileName) {
|
||||
return this.getlocalFileUri(fileName, 0, true);
|
||||
};
|
||||
|
||||
// get local file url
|
||||
docManager.prototype.getlocalFileUri = function (fileName, version, forDocumentServer) {
|
||||
const serverPath = this.getServerUrl(forDocumentServer);
|
||||
const hostAddress = this.curUserHostAddress();
|
||||
let url = serverPath + configServer.get("storagePath") + "/" + hostAddress + "/" + encodeURIComponent(fileName); // get full url address to the file
|
||||
if (!version) {
|
||||
return url;
|
||||
}
|
||||
return url + "-history/" + version; // return history path to the specified file version
|
||||
};
|
||||
|
||||
// get server url
|
||||
docManager.prototype.getServerUrl = function (forDocumentServer) {
|
||||
return (forDocumentServer && !!configServer.get("exampleUrl")) ? configServer.get("exampleUrl") : this.getServerPath();
|
||||
@ -218,10 +202,13 @@ docManager.prototype.getCreateUrl = function (docType, userid, type, lang) {
|
||||
}
|
||||
|
||||
// get url to download a file
|
||||
docManager.prototype.getDownloadUrl = function (fileName) {
|
||||
const server = this.getServerUrl(true);
|
||||
const hostAddress = this.curUserHostAddress();
|
||||
const handler = "/download?fileName=" + encodeURIComponent(fileName) + "&useraddress=" + encodeURIComponent(hostAddress);
|
||||
docManager.prototype.getDownloadUrl = function (fileName, forDocumentServer) {
|
||||
const server = this.getServerUrl(forDocumentServer);
|
||||
var handler = "/download?fileName=" + encodeURIComponent(fileName);
|
||||
if (forDocumentServer) {
|
||||
const hostAddress = this.curUserHostAddress();
|
||||
handler += "&useraddress=" + encodeURIComponent(hostAddress);
|
||||
}
|
||||
|
||||
return server + handler;
|
||||
};
|
||||
@ -387,7 +374,7 @@ docManager.prototype.getTemplateImageUrl = function (fileType) {
|
||||
// get document key
|
||||
docManager.prototype.getKey = function (fileName, userAddress) {
|
||||
userAddress = userAddress || this.curUserHostAddress();
|
||||
let key = userAddress + this.getlocalFileUri(fileName); // get document key by adding local file url to the current user host address
|
||||
let key = userAddress + fileName; // get document key by adding local file url to the current user host address
|
||||
|
||||
let historyPath = this.historyPath(fileName, userAddress); // get the path to the file history
|
||||
if (historyPath != ""){ // if the path to the file history exists
|
||||
|
||||
@ -60,6 +60,7 @@ var descr_user_0 = [
|
||||
"Can't create new files from the editor",
|
||||
"Can’t see anyone’s information",
|
||||
"Can't rename files from the editor",
|
||||
"Can't view chat",
|
||||
//"Can’t submit forms"
|
||||
];
|
||||
|
||||
|
||||
2130
web/documentserver-example/nodejs/npm-shrinkwrap.json
generated
2130
web/documentserver-example/nodejs/npm-shrinkwrap.json
generated
File diff suppressed because it is too large
Load Diff
Submodule web/documentserver-example/nodejs/public/assets updated: 1d601d84c4...1fc823afa9
@ -328,12 +328,12 @@ if (typeof jQuery != "undefined") {
|
||||
if (hideTooltipTimeout != null) {
|
||||
clearTimeout(hideTooltipTimeout);
|
||||
}
|
||||
jq(".info").on("touchend", function () {
|
||||
jq("#info").on("touchend", function () {
|
||||
showUserTooltip(true);
|
||||
});
|
||||
}
|
||||
} else {
|
||||
jq(".info").mouseover(function (event) {
|
||||
jq("#info").mouseover(function (event) {
|
||||
if (fileList.length > 0) {
|
||||
if (hideTooltipTimeout != null) {
|
||||
clearTimeout(hideTooltipTimeout);
|
||||
@ -357,6 +357,20 @@ if (typeof jQuery != "undefined") {
|
||||
}, 500);
|
||||
});
|
||||
}
|
||||
|
||||
jq(".info-tooltip").mouseover(function (event) {
|
||||
var target = event.target;
|
||||
var id = target.dataset.id ? target.dataset.id : target.id;
|
||||
var tooltip = target.dataset.tooltip;
|
||||
|
||||
jq("<div class='tooltip'>" + tooltip + "<div class='arrow'></div></div>").appendTo("body");
|
||||
|
||||
var top = jq("#" + id).offset().top + jq("#" + id).outerHeight() / 2 - jq("div.tooltip").outerHeight() / 2;
|
||||
var left = jq("#" + id).offset().left + jq("#" + id).outerWidth() + 20;
|
||||
jq("div.tooltip").css({"top": top, "left": left});
|
||||
}).mouseout(function () {
|
||||
jq("div.tooltip").remove();
|
||||
});
|
||||
}
|
||||
|
||||
function getUrlVars() {
|
||||
|
||||
@ -620,6 +620,31 @@ footer table tr td:first-child {
|
||||
margin: -2px 5px;
|
||||
}
|
||||
|
||||
.tooltip {
|
||||
background: #FFFFFF;
|
||||
border-radius: 5px;
|
||||
box-shadow: 0px 7px 25px rgba(85, 85, 85, 0.15);
|
||||
color: #666666;
|
||||
line-height: 160%;
|
||||
max-width: 455px;
|
||||
padding: 14px;
|
||||
position: absolute;
|
||||
}
|
||||
|
||||
.tooltip ul {
|
||||
margin: 0;
|
||||
}
|
||||
|
||||
.arrow {
|
||||
border-top: 8px solid transparent;
|
||||
border-bottom: 8px solid transparent;
|
||||
border-right: 8px solid #FFFFFF;
|
||||
left: -4px;
|
||||
position: absolute;
|
||||
top: 50%;
|
||||
transform: translate(-50%, -50%);
|
||||
}
|
||||
|
||||
.user-block-table {
|
||||
height: 100%;
|
||||
padding-top: 14px;
|
||||
|
||||
@ -14,6 +14,7 @@
|
||||
"favorite": <%- file.favorite %>
|
||||
},
|
||||
"permissions": {
|
||||
"chat": <%- editor.chat %>,
|
||||
"comment": <%- editor.comment %>,
|
||||
"copy": <%- editor.copy %>,
|
||||
"download": <%- editor.download %>,
|
||||
|
||||
@ -175,6 +175,7 @@
|
||||
var data = {
|
||||
newfilename: newfilename,
|
||||
dockey: config.document.key,
|
||||
ext: config.document.fileType
|
||||
};
|
||||
let xhr = new XMLHttpRequest();
|
||||
xhr.open("POST", "rename");
|
||||
|
||||
@ -76,7 +76,7 @@
|
||||
<tr>
|
||||
<td valign="middle">
|
||||
<span class="select-user">Username</span>
|
||||
<img class="info" src="images/info.svg" />
|
||||
<img id="info" class="info" src="images/info.svg" />
|
||||
<select class="select-user" id="user">
|
||||
<% users.forEach(user => { %>
|
||||
<option value="<%= user.id %>"><%= user.name == null ? "Anonymous" : user.name %></option>
|
||||
@ -86,7 +86,8 @@
|
||||
</tr>
|
||||
<tr>
|
||||
<td valign="middle">
|
||||
<span class="select-user">Language editors interface</span>
|
||||
<span class="select-user">Language</span>
|
||||
<img class="info info-tooltip" data-id="language" data-tooltip="Choose the language for ONLYOFFICE editors interface" src="images/info.svg" />
|
||||
<select class="select-user" id="language">
|
||||
<% Object.keys(languages).forEach(key => { %>
|
||||
<option value="<%= key %>"><%= languages[key] %></option>
|
||||
|
||||
@ -77,7 +77,7 @@
|
||||
<tr>
|
||||
<td valign="middle">
|
||||
<span class="select-user">Username</span>
|
||||
<img class="info" data-id="user" src="images/info.svg" />
|
||||
<img id="info" class="info" data-id="user" src="images/info.svg" />
|
||||
<select class="select-user" id="user">
|
||||
<% users.forEach(user => { %>
|
||||
<option value="<%= user.id %>"><%= user.name == null ? "Anonymous" : user.name %></option>
|
||||
@ -87,7 +87,8 @@
|
||||
</tr>
|
||||
<tr>
|
||||
<td valign="middle">
|
||||
<span class="select-user">Language editors interface</span>
|
||||
<span class="select-user">Language</span>
|
||||
<img class="info info-tooltip" data-id="language" data-tooltip="Choose the language for ONLYOFFICE editors interface" src="images/info.svg" />
|
||||
<select class="select-user" id="language">
|
||||
<% Object.keys(languages).forEach(key => { %>
|
||||
<option value="<%= key %>"><%= languages[key] %></option>
|
||||
|
||||
@ -19,3 +19,7 @@ License File: jQuery.iframe-transport.license
|
||||
jQuery.UI - jQuery UI is an open source library of interface components — interactions, full-featured widgets, and animation effects — based on the stellar jQuery javascript library . Each component is built according to jQuery's event-driven architecture (find something, manipulate it) and is themeable, making it easy for developers of any skill level to integrate and extend into their own code. (https://jquery.org/license/)
|
||||
License: MIT
|
||||
License File: jQuery.UI.license
|
||||
|
||||
JWT - JSON Web Token implementation (https://github.com/firebase/php-jwt/blob/master/LICENSE)
|
||||
License: BSD
|
||||
License File: jwt.license
|
||||
|
||||
Submodule web/documentserver-example/php/assets updated: 1d601d84c4...1fc823afa9
@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
$GLOBALS['version'] = "1.2.0";
|
||||
$GLOBALS['version'] = "1.3.0";
|
||||
|
||||
$GLOBALS['FILE_SIZE_MAX'] = 5242880;
|
||||
$GLOBALS['STORAGE_PATH'] = "";
|
||||
|
||||
@ -106,6 +106,7 @@
|
||||
"modifyFilter" => $editorsMode != "filter",
|
||||
"modifyContentControl" => $editorsMode != "blockcontent",
|
||||
"review" => $canEdit && ($editorsMode == "edit" || $editorsMode == "review"),
|
||||
"chat" => $user->id != "uid-0",
|
||||
"reviewGroups" => $user->reviewGroups,
|
||||
"commentGroups" => $user->commentGroups,
|
||||
"userInfoGroups" => $user->userInfoGroups
|
||||
@ -474,6 +475,7 @@
|
||||
var data = {
|
||||
newfilename: newfilename,
|
||||
dockey: config.document.key,
|
||||
ext: config.document.fileType
|
||||
};
|
||||
|
||||
let xhr = new XMLHttpRequest();
|
||||
|
||||
@ -17,6 +17,10 @@
|
||||
*
|
||||
*/
|
||||
|
||||
require_once( dirname(__FILE__) . '/lib/jwt/BeforeValidException.php' );
|
||||
require_once( dirname(__FILE__) . '/lib/jwt/ExpiredException.php' );
|
||||
require_once( dirname(__FILE__) . '/lib/jwt/SignatureInvalidException.php' );
|
||||
require_once( dirname(__FILE__) . '/lib/jwt/JWT.php' );
|
||||
require_once( dirname(__FILE__) . '/config.php' );
|
||||
|
||||
// check if a secret key to generate token exists or not
|
||||
@ -26,51 +30,17 @@ function isJwtEnabled() {
|
||||
|
||||
// encode a payload object into a token using a secret key
|
||||
function jwtEncode($payload) {
|
||||
$header = [
|
||||
"alg" => "HS256", // the hashing algorithm
|
||||
"typ" => "JWT" // the token type
|
||||
];
|
||||
// three parts of token
|
||||
$encHeader = base64UrlEncode(json_encode($header)); // header
|
||||
$encPayload = base64UrlEncode(json_encode($payload)); // payload
|
||||
$hash = base64UrlEncode(calculateHash($encHeader, $encPayload)); // signature
|
||||
|
||||
return "$encHeader.$encPayload.$hash";
|
||||
return \Firebase\JWT\JWT::encode($payload, $GLOBALS["DOC_SERV_JWT_SECRET"]);
|
||||
}
|
||||
|
||||
// decode a token into a payload object using a secret key
|
||||
function jwtDecode($token) {
|
||||
if (!isJwtEnabled()) return "";
|
||||
|
||||
$split = explode(".", $token);
|
||||
if (count($split) != 3) return "";
|
||||
|
||||
$hash = base64UrlEncode(calculateHash($split[0], $split[1]));
|
||||
|
||||
if (strcmp($hash, $split[2]) != 0) return "";
|
||||
return base64UrlDecode($split[1]);
|
||||
}
|
||||
|
||||
// generate a hash code based on a key using the HMAC method
|
||||
function calculateHash($encHeader, $encPayload) {
|
||||
return hash_hmac("sha256", "$encHeader.$encPayload", $GLOBALS['DOC_SERV_JWT_SECRET'], true);
|
||||
}
|
||||
|
||||
// encode a string into the base64 value
|
||||
function base64UrlEncode($str) {
|
||||
return str_replace("/", "_", str_replace("+", "-", trim(base64_encode($str), "=")));
|
||||
}
|
||||
|
||||
// decode a base64 value into the string
|
||||
function base64UrlDecode($payload) {
|
||||
$b64 = str_replace("_", "/", str_replace("-", "+", $payload));
|
||||
switch (strlen($b64) % 4) {
|
||||
case 2:
|
||||
$b64 = $b64 . "=="; break;
|
||||
case 3:
|
||||
$b64 = $b64 . "="; break;
|
||||
try {
|
||||
$payload = \Firebase\JWT\JWT::decode($token, $GLOBALS["DOC_SERV_JWT_SECRET"], array("HS256"));
|
||||
} catch (\UnexpectedValueException $e) {
|
||||
$payload = "";
|
||||
}
|
||||
return base64_decode($b64);
|
||||
}
|
||||
|
||||
return $payload;
|
||||
}
|
||||
?>
|
||||
@ -0,0 +1,7 @@
|
||||
<?php
|
||||
namespace Firebase\JWT;
|
||||
|
||||
class BeforeValidException extends \UnexpectedValueException
|
||||
{
|
||||
|
||||
}
|
||||
@ -0,0 +1,7 @@
|
||||
<?php
|
||||
namespace Firebase\JWT;
|
||||
|
||||
class ExpiredException extends \UnexpectedValueException
|
||||
{
|
||||
|
||||
}
|
||||
370
web/documentserver-example/php/lib/jwt/JWT.php
Normal file
370
web/documentserver-example/php/lib/jwt/JWT.php
Normal file
@ -0,0 +1,370 @@
|
||||
<?php
|
||||
|
||||
namespace Firebase\JWT;
|
||||
use \DomainException;
|
||||
use \InvalidArgumentException;
|
||||
use \UnexpectedValueException;
|
||||
use \DateTime;
|
||||
|
||||
/**
|
||||
* JSON Web Token implementation, based on this spec:
|
||||
* http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06
|
||||
*
|
||||
* PHP version 5
|
||||
*
|
||||
* @category Authentication
|
||||
* @package Authentication_JWT
|
||||
* @author Neuman Vong <neuman@twilio.com>
|
||||
* @author Anant Narayanan <anant@php.net>
|
||||
* @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD
|
||||
* @link https://github.com/firebase/php-jwt
|
||||
*/
|
||||
class JWT
|
||||
{
|
||||
|
||||
/**
|
||||
* When checking nbf, iat or expiration times,
|
||||
* we want to provide some extra leeway time to
|
||||
* account for clock skew.
|
||||
*/
|
||||
public static $leeway = 0;
|
||||
|
||||
/**
|
||||
* Allow the current timestamp to be specified.
|
||||
* Useful for fixing a value within unit testing.
|
||||
*
|
||||
* Will default to PHP time() value if null.
|
||||
*/
|
||||
public static $timestamp = null;
|
||||
|
||||
public static $supported_algs = array(
|
||||
'HS256' => array('hash_hmac', 'SHA256'),
|
||||
'HS512' => array('hash_hmac', 'SHA512'),
|
||||
'HS384' => array('hash_hmac', 'SHA384'),
|
||||
'RS256' => array('openssl', 'SHA256'),
|
||||
);
|
||||
|
||||
/**
|
||||
* Decodes a JWT string into a PHP object.
|
||||
*
|
||||
* @param string $jwt The JWT
|
||||
* @param string|array $key The key, or map of keys.
|
||||
* If the algorithm used is asymmetric, this is the public key
|
||||
* @param array $allowed_algs List of supported verification algorithms
|
||||
* Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
|
||||
*
|
||||
* @return object The JWT's payload as a PHP object
|
||||
*
|
||||
* @throws UnexpectedValueException Provided JWT was invalid
|
||||
* @throws SignatureInvalidException Provided JWT was invalid because the signature verification failed
|
||||
* @throws BeforeValidException Provided JWT is trying to be used before it's eligible as defined by 'nbf'
|
||||
* @throws BeforeValidException Provided JWT is trying to be used before it's been created as defined by 'iat'
|
||||
* @throws ExpiredException Provided JWT has since expired, as defined by the 'exp' claim
|
||||
*
|
||||
* @uses jsonDecode
|
||||
* @uses urlsafeB64Decode
|
||||
*/
|
||||
public static function decode($jwt, $key, $allowed_algs = array())
|
||||
{
|
||||
$timestamp = is_null(static::$timestamp) ? time() : static::$timestamp;
|
||||
|
||||
if (empty($key)) {
|
||||
throw new InvalidArgumentException('Key may not be empty');
|
||||
}
|
||||
if (!is_array($allowed_algs)) {
|
||||
throw new InvalidArgumentException('Algorithm not allowed');
|
||||
}
|
||||
$tks = explode('.', $jwt);
|
||||
if (count($tks) != 3) {
|
||||
throw new UnexpectedValueException('Wrong number of segments');
|
||||
}
|
||||
list($headb64, $bodyb64, $cryptob64) = $tks;
|
||||
if (null === ($header = static::jsonDecode(static::urlsafeB64Decode($headb64)))) {
|
||||
throw new UnexpectedValueException('Invalid header encoding');
|
||||
}
|
||||
if (null === $payload = static::jsonDecode(static::urlsafeB64Decode($bodyb64))) {
|
||||
throw new UnexpectedValueException('Invalid claims encoding');
|
||||
}
|
||||
$sig = static::urlsafeB64Decode($cryptob64);
|
||||
|
||||
if (empty($header->alg)) {
|
||||
throw new UnexpectedValueException('Empty algorithm');
|
||||
}
|
||||
if (empty(static::$supported_algs[$header->alg])) {
|
||||
throw new UnexpectedValueException('Algorithm not supported');
|
||||
}
|
||||
if (!in_array($header->alg, $allowed_algs)) {
|
||||
throw new UnexpectedValueException('Algorithm not allowed');
|
||||
}
|
||||
if (is_array($key) || $key instanceof \ArrayAccess) {
|
||||
if (isset($header->kid)) {
|
||||
$key = $key[$header->kid];
|
||||
} else {
|
||||
throw new UnexpectedValueException('"kid" empty, unable to lookup correct key');
|
||||
}
|
||||
}
|
||||
|
||||
// Check the signature
|
||||
if (!static::verify("$headb64.$bodyb64", $sig, $key, $header->alg)) {
|
||||
throw new SignatureInvalidException('Signature verification failed');
|
||||
}
|
||||
|
||||
// Check if the nbf if it is defined. This is the time that the
|
||||
// token can actually be used. If it's not yet that time, abort.
|
||||
if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) {
|
||||
throw new BeforeValidException(
|
||||
'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->nbf)
|
||||
);
|
||||
}
|
||||
|
||||
// Check that this token has been created before 'now'. This prevents
|
||||
// using tokens that have been created for later use (and haven't
|
||||
// correctly used the nbf claim).
|
||||
if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) {
|
||||
throw new BeforeValidException(
|
||||
'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->iat)
|
||||
);
|
||||
}
|
||||
|
||||
// Check if this token has expired.
|
||||
if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) {
|
||||
throw new ExpiredException('Expired token');
|
||||
}
|
||||
|
||||
return $payload;
|
||||
}
|
||||
|
||||
/**
|
||||
* Converts and signs a PHP object or array into a JWT string.
|
||||
*
|
||||
* @param object|array $payload PHP object or array
|
||||
* @param string $key The secret key.
|
||||
* If the algorithm used is asymmetric, this is the private key
|
||||
* @param string $alg The signing algorithm.
|
||||
* Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
|
||||
* @param mixed $keyId
|
||||
* @param array $head An array with header elements to attach
|
||||
*
|
||||
* @return string A signed JWT
|
||||
*
|
||||
* @uses jsonEncode
|
||||
* @uses urlsafeB64Encode
|
||||
*/
|
||||
public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $head = null)
|
||||
{
|
||||
$header = array('typ' => 'JWT', 'alg' => $alg);
|
||||
if ($keyId !== null) {
|
||||
$header['kid'] = $keyId;
|
||||
}
|
||||
if ( isset($head) && is_array($head) ) {
|
||||
$header = array_merge($head, $header);
|
||||
}
|
||||
$segments = array();
|
||||
$segments[] = static::urlsafeB64Encode(static::jsonEncode($header));
|
||||
$segments[] = static::urlsafeB64Encode(static::jsonEncode($payload));
|
||||
$signing_input = implode('.', $segments);
|
||||
|
||||
$signature = static::sign($signing_input, $key, $alg);
|
||||
$segments[] = static::urlsafeB64Encode($signature);
|
||||
|
||||
return implode('.', $segments);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sign a string with a given key and algorithm.
|
||||
*
|
||||
* @param string $msg The message to sign
|
||||
* @param string|resource $key The secret key
|
||||
* @param string $alg The signing algorithm.
|
||||
* Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
|
||||
*
|
||||
* @return string An encrypted message
|
||||
*
|
||||
* @throws DomainException Unsupported algorithm was specified
|
||||
*/
|
||||
public static function sign($msg, $key, $alg = 'HS256')
|
||||
{
|
||||
if (empty(static::$supported_algs[$alg])) {
|
||||
throw new DomainException('Algorithm not supported');
|
||||
}
|
||||
list($function, $algorithm) = static::$supported_algs[$alg];
|
||||
switch($function) {
|
||||
case 'hash_hmac':
|
||||
return hash_hmac($algorithm, $msg, $key, true);
|
||||
case 'openssl':
|
||||
$signature = '';
|
||||
$success = openssl_sign($msg, $signature, $key, $algorithm);
|
||||
if (!$success) {
|
||||
throw new DomainException("OpenSSL unable to sign data");
|
||||
} else {
|
||||
return $signature;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify a signature with the message, key and method. Not all methods
|
||||
* are symmetric, so we must have a separate verify and sign method.
|
||||
*
|
||||
* @param string $msg The original message (header and body)
|
||||
* @param string $signature The original signature
|
||||
* @param string|resource $key For HS*, a string key works. for RS*, must be a resource of an openssl public key
|
||||
* @param string $alg The algorithm
|
||||
*
|
||||
* @return bool
|
||||
*
|
||||
* @throws DomainException Invalid Algorithm or OpenSSL failure
|
||||
*/
|
||||
private static function verify($msg, $signature, $key, $alg)
|
||||
{
|
||||
if (empty(static::$supported_algs[$alg])) {
|
||||
throw new DomainException('Algorithm not supported');
|
||||
}
|
||||
|
||||
list($function, $algorithm) = static::$supported_algs[$alg];
|
||||
switch($function) {
|
||||
case 'openssl':
|
||||
$success = openssl_verify($msg, $signature, $key, $algorithm);
|
||||
if (!$success) {
|
||||
throw new DomainException("OpenSSL unable to verify data: " . openssl_error_string());
|
||||
} else {
|
||||
return $signature;
|
||||
}
|
||||
case 'hash_hmac':
|
||||
default:
|
||||
$hash = hash_hmac($algorithm, $msg, $key, true);
|
||||
if (function_exists('hash_equals')) {
|
||||
return hash_equals($signature, $hash);
|
||||
}
|
||||
$len = min(static::safeStrlen($signature), static::safeStrlen($hash));
|
||||
|
||||
$status = 0;
|
||||
for ($i = 0; $i < $len; $i++) {
|
||||
$status |= (ord($signature[$i]) ^ ord($hash[$i]));
|
||||
}
|
||||
$status |= (static::safeStrlen($signature) ^ static::safeStrlen($hash));
|
||||
|
||||
return ($status === 0);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Decode a JSON string into a PHP object.
|
||||
*
|
||||
* @param string $input JSON string
|
||||
*
|
||||
* @return object Object representation of JSON string
|
||||
*
|
||||
* @throws DomainException Provided string was invalid JSON
|
||||
*/
|
||||
public static function jsonDecode($input)
|
||||
{
|
||||
if (version_compare(PHP_VERSION, '5.4.0', '>=') && !(defined('JSON_C_VERSION') && PHP_INT_SIZE > 4)) {
|
||||
/** In PHP >=5.4.0, json_decode() accepts an options parameter, that allows you
|
||||
* to specify that large ints (like Steam Transaction IDs) should be treated as
|
||||
* strings, rather than the PHP default behaviour of converting them to floats.
|
||||
*/
|
||||
$obj = json_decode($input, false, 512, JSON_BIGINT_AS_STRING);
|
||||
} else {
|
||||
/** Not all servers will support that, however, so for older versions we must
|
||||
* manually detect large ints in the JSON string and quote them (thus converting
|
||||
*them to strings) before decoding, hence the preg_replace() call.
|
||||
*/
|
||||
$max_int_length = strlen((string) PHP_INT_MAX) - 1;
|
||||
$json_without_bigints = preg_replace('/:\s*(-?\d{'.$max_int_length.',})/', ': "$1"', $input);
|
||||
$obj = json_decode($json_without_bigints);
|
||||
}
|
||||
|
||||
if (function_exists('json_last_error') && $errno = json_last_error()) {
|
||||
static::handleJsonError($errno);
|
||||
} elseif ($obj === null && $input !== 'null') {
|
||||
throw new DomainException('Null result with non-null input');
|
||||
}
|
||||
return $obj;
|
||||
}
|
||||
|
||||
/**
|
||||
* Encode a PHP object into a JSON string.
|
||||
*
|
||||
* @param object|array $input A PHP object or array
|
||||
*
|
||||
* @return string JSON representation of the PHP object or array
|
||||
*
|
||||
* @throws DomainException Provided object could not be encoded to valid JSON
|
||||
*/
|
||||
public static function jsonEncode($input)
|
||||
{
|
||||
$json = json_encode($input);
|
||||
if (function_exists('json_last_error') && $errno = json_last_error()) {
|
||||
static::handleJsonError($errno);
|
||||
} elseif ($json === 'null' && $input !== null) {
|
||||
throw new DomainException('Null result with non-null input');
|
||||
}
|
||||
return $json;
|
||||
}
|
||||
|
||||
/**
|
||||
* Decode a string with URL-safe Base64.
|
||||
*
|
||||
* @param string $input A Base64 encoded string
|
||||
*
|
||||
* @return string A decoded string
|
||||
*/
|
||||
public static function urlsafeB64Decode($input)
|
||||
{
|
||||
$remainder = strlen($input) % 4;
|
||||
if ($remainder) {
|
||||
$padlen = 4 - $remainder;
|
||||
$input .= str_repeat('=', $padlen);
|
||||
}
|
||||
return base64_decode(strtr($input, '-_', '+/'));
|
||||
}
|
||||
|
||||
/**
|
||||
* Encode a string with URL-safe Base64.
|
||||
*
|
||||
* @param string $input The string you want encoded
|
||||
*
|
||||
* @return string The base64 encode of what you passed in
|
||||
*/
|
||||
public static function urlsafeB64Encode($input)
|
||||
{
|
||||
return str_replace('=', '', strtr(base64_encode($input), '+/', '-_'));
|
||||
}
|
||||
|
||||
/**
|
||||
* Helper method to create a JSON error.
|
||||
*
|
||||
* @param int $errno An error number from json_last_error()
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
private static function handleJsonError($errno)
|
||||
{
|
||||
$messages = array(
|
||||
JSON_ERROR_DEPTH => 'Maximum stack depth exceeded',
|
||||
JSON_ERROR_CTRL_CHAR => 'Unexpected control character found',
|
||||
JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON'
|
||||
);
|
||||
throw new DomainException(
|
||||
isset($messages[$errno])
|
||||
? $messages[$errno]
|
||||
: 'Unknown JSON error: ' . $errno
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the number of bytes in cryptographic strings.
|
||||
*
|
||||
* @param string
|
||||
*
|
||||
* @return int
|
||||
*/
|
||||
private static function safeStrlen($str)
|
||||
{
|
||||
if (function_exists('mb_strlen')) {
|
||||
return mb_strlen($str, '8bit');
|
||||
}
|
||||
return strlen($str);
|
||||
}
|
||||
}
|
||||
30
web/documentserver-example/php/lib/jwt/LICENSE
Normal file
30
web/documentserver-example/php/lib/jwt/LICENSE
Normal file
@ -0,0 +1,30 @@
|
||||
Copyright (c) 2011, Neuman Vong
|
||||
|
||||
All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are met:
|
||||
|
||||
* Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
|
||||
* Redistributions in binary form must reproduce the above
|
||||
copyright notice, this list of conditions and the following
|
||||
disclaimer in the documentation and/or other materials provided
|
||||
with the distribution.
|
||||
|
||||
* Neither the name of Neuman Vong nor the names of other
|
||||
contributors may be used to endorse or promote products derived
|
||||
from this software without specific prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
@ -0,0 +1,7 @@
|
||||
<?php
|
||||
namespace Firebase\JWT;
|
||||
|
||||
class SignatureInvalidException extends \UnexpectedValueException
|
||||
{
|
||||
|
||||
}
|
||||
@ -19,3 +19,7 @@ License File: jQuery.iframe-transport.license
|
||||
jQuery.UI - jQuery UI is an open source library of interface components — interactions, full-featured widgets, and animation effects — based on the stellar jQuery javascript library . Each component is built according to jQuery's event-driven architecture (find something, manipulate it) and is themeable, making it easy for developers of any skill level to integrate and extend into their own code. (https://jquery.org/license/)
|
||||
License: MIT
|
||||
License File: jQuery.UI.license
|
||||
|
||||
JWT - JSON Web Token implementation (https://github.com/firebase/php-jwt/blob/master/LICENSE)
|
||||
License: BSD
|
||||
License File: jwt.license
|
||||
|
||||
30
web/documentserver-example/php/licenses/jwt.license
Normal file
30
web/documentserver-example/php/licenses/jwt.license
Normal file
@ -0,0 +1,30 @@
|
||||
Copyright (c) 2011, Neuman Vong
|
||||
|
||||
All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are met:
|
||||
|
||||
* Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
|
||||
* Redistributions in binary form must reproduce the above
|
||||
copyright notice, this list of conditions and the following
|
||||
disclaimer in the documentation and/or other materials provided
|
||||
with the distribution.
|
||||
|
||||
* Neither the name of Neuman Vong nor the names of other
|
||||
contributors may be used to endorse or promote products derived
|
||||
from this software without specific prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
@ -32,7 +32,7 @@ function readBody() {
|
||||
return $result;
|
||||
}
|
||||
|
||||
$data = json_decode($body_stream, TRUE); // json_decode - PHP 5 >= 5.2.0
|
||||
$data = json_decode($body_stream, false);
|
||||
|
||||
// check if the response is correct
|
||||
if ($data === NULL) {
|
||||
@ -47,27 +47,29 @@ function readBody() {
|
||||
sendlog(" jwt enabled, checking tokens", "webedior-ajax.log");
|
||||
|
||||
$inHeader = false;
|
||||
$token = "";
|
||||
$data = "";
|
||||
$jwtHeader = $GLOBALS['DOC_SERV_JWT_HEADER'] == "" ? "Authorization" : $GLOBALS['DOC_SERV_JWT_HEADER'];
|
||||
|
||||
if (!empty($data["token"])) { // if the document token is in the data
|
||||
$token = jwtDecode($data["token"]); // decode it
|
||||
$data = jwtDecode($data["token"]); // decode it
|
||||
sendlog(" jwt in body", "webedior-ajax.log");
|
||||
} elseif (!empty(apache_request_headers()[$jwtHeader])) { // if the Authorization header exists
|
||||
$token = jwtDecode(substr(apache_request_headers()[$jwtHeader], strlen("Bearer "))); // decode its part after Authorization prefix
|
||||
$data = jwtDecode(substr(apache_request_headers()[$jwtHeader], strlen("Bearer "))); // decode its part after Authorization prefix
|
||||
$inHeader = true;
|
||||
sendlog(" jwt in header", "webedior-ajax.log");
|
||||
} else { // otherwise, an error occurs
|
||||
sendlog(" jwt token wasn't found in body or headers", "webedior-ajax.log");
|
||||
$result["error"] = "Expected JWT";
|
||||
return $result;
|
||||
}
|
||||
if (empty($token)) { // invalid signature error
|
||||
|
||||
if ($data === "") { // invalid signature error
|
||||
sendlog(" token was found but signature is invalid", "webedior-ajax.log");
|
||||
$result["error"] = "Invalid JWT signature";
|
||||
return $result;
|
||||
}
|
||||
|
||||
$data = json_decode($token, true);
|
||||
if ($inHeader) $data = $data["payload"];
|
||||
if ($inHeader) $data = $data->payload;
|
||||
}
|
||||
|
||||
return $data;
|
||||
@ -75,14 +77,14 @@ function readBody() {
|
||||
|
||||
// file saving process
|
||||
function processSave($data, $fileName, $userAddress) {
|
||||
$downloadUri = $data["url"];
|
||||
$downloadUri = $data->url;
|
||||
if ($downloadUri === null) {
|
||||
$result["error"] = 1;
|
||||
return $result;
|
||||
}
|
||||
|
||||
$curExt = strtolower('.' . pathinfo($fileName, PATHINFO_EXTENSION)); // get current file extension
|
||||
$downloadExt = strtolower('.' . $data["filetype"]); // get the extension of the downloaded file
|
||||
$downloadExt = strtolower('.' . $data->filetype); // get the extension of the downloaded file
|
||||
|
||||
// TODO [Delete in version 7.0 or higher]
|
||||
if (!$downloadExt) $downloadExt = strtolower('.' . pathinfo($downloadUri, PATHINFO_EXTENSION)); // Support for versions below 7.0
|
||||
@ -123,18 +125,18 @@ function processSave($data, $fileName, $userAddress) {
|
||||
rename(getStoragePath($fileName, $userAddress), $verDir . DIRECTORY_SEPARATOR . "prev" . $curExt); // get the path to the previous file version and rename the storage path with it
|
||||
file_put_contents($storagePath, $new_data, LOCK_EX); // save file to the storage directory
|
||||
|
||||
if ($changesData = file_get_contents($data["changesurl"])) {
|
||||
if ($changesData = file_get_contents($data->changesurl)) {
|
||||
file_put_contents($verDir . DIRECTORY_SEPARATOR . "diff.zip", $changesData, LOCK_EX); // save file changes to the diff.zip archive
|
||||
}
|
||||
|
||||
$histData = empty($data["changeshistory"]) ? null : $data["changeshistory"];
|
||||
$histData = empty($data->changeshistory) ? null : $data->changeshistory;
|
||||
if (empty($histData)) {
|
||||
$histData = json_encode($data["history"], JSON_PRETTY_PRINT);
|
||||
$histData = json_encode($data->history, JSON_PRETTY_PRINT);
|
||||
}
|
||||
if (!empty($histData)) {
|
||||
file_put_contents($verDir . DIRECTORY_SEPARATOR . "changes.json", $histData, LOCK_EX); // write the history changes to the changes.json file
|
||||
}
|
||||
file_put_contents($verDir . DIRECTORY_SEPARATOR . "key.txt", $data["key"], LOCK_EX); // write the key value to the key.txt file
|
||||
file_put_contents($verDir . DIRECTORY_SEPARATOR . "key.txt", $data->key, LOCK_EX); // write the key value to the key.txt file
|
||||
|
||||
$forcesavePath = getForcesavePath($newFileName, $userAddress, false); // get the path to the forcesaved file version
|
||||
if ($forcesavePath != "") { // if the forcesaved file version exists
|
||||
@ -151,14 +153,14 @@ function processSave($data, $fileName, $userAddress) {
|
||||
|
||||
// file force saving process
|
||||
function processForceSave($data, $fileName, $userAddress) {
|
||||
$downloadUri = $data["url"];
|
||||
$downloadUri = $data->url;
|
||||
if ($downloadUri === null) {
|
||||
$result["error"] = 1;
|
||||
return $result;
|
||||
}
|
||||
|
||||
$curExt = strtolower('.' . pathinfo($fileName, PATHINFO_EXTENSION)); // get current file extension
|
||||
$downloadExt = strtolower('.' . $data["filetype"]); // get the extension of the downloaded file
|
||||
$downloadExt = strtolower('.' . $data->filetype); // get the extension of the downloaded file
|
||||
|
||||
// TODO [Delete in version 7.0 or higher]
|
||||
if (!$downloadExt) $downloadExt = strtolower('.' . pathinfo($downloadUri, PATHINFO_EXTENSION)); // Support for versions below 7.0
|
||||
@ -190,7 +192,7 @@ function processForceSave($data, $fileName, $userAddress) {
|
||||
|
||||
if (!(($new_data = file_get_contents($downloadUri)) === FALSE)) {
|
||||
$baseNameWithoutExt = substr($fileName, 0, strlen($fileName) - strlen($curExt));
|
||||
$isSubmitForm = $data["forcesavetype"] == 3; // SubmitForm
|
||||
$isSubmitForm = $data->forcesavetype == 3; // SubmitForm
|
||||
|
||||
if ($isSubmitForm) {
|
||||
if ($newFileName){
|
||||
@ -213,7 +215,7 @@ function processForceSave($data, $fileName, $userAddress) {
|
||||
file_put_contents($forcesavePath, $new_data, LOCK_EX);
|
||||
|
||||
if ($isSubmitForm) {
|
||||
$uid = $data["actions"][0]["userid"]; // get the user id
|
||||
$uid = $data->actions[0]->userid; // get the user id
|
||||
createMeta($fileName, $uid, "Filling Form", $userAddress); // create meta data for the forcesaved file
|
||||
}
|
||||
|
||||
|
||||
@ -74,7 +74,8 @@ $descr_user_0 = [
|
||||
"Can't mention others in comments",
|
||||
"Can't create new files from the editor",
|
||||
"Can’t see anyone’s information",
|
||||
"Can't rename files from the editor"
|
||||
"Can't rename files from the editor",
|
||||
"Can't view chat",
|
||||
];
|
||||
|
||||
$users = [
|
||||
|
||||
@ -215,22 +215,24 @@ function track() {
|
||||
|
||||
// get the body of the post request and check if it is correct
|
||||
$data = readBody();
|
||||
if (!empty($data["error"])){
|
||||
|
||||
if (!empty($data->error)){
|
||||
return $data;
|
||||
}
|
||||
|
||||
global $_trackerStatus;
|
||||
$status = $_trackerStatus[$data["status"]]; // get status from the request body
|
||||
$status = $_trackerStatus[$data->status]; // get status from the request body
|
||||
|
||||
$userAddress = $_GET["userAddress"];
|
||||
$fileName = basename($_GET["fileName"]);
|
||||
|
||||
sendlog(" CommandRequest status: " . $data->status, "webedior-ajax.log");
|
||||
switch ($status) {
|
||||
case "Editing": // status == 1
|
||||
if ($data["actions"] && $data["actions"][0]["type"] == 0) { // finished edit
|
||||
$user = $data["actions"][0]["userid"]; // the user who finished editing
|
||||
if (array_search($user, $data["users"]) === FALSE) {
|
||||
$commandRequest = commandRequest("forcesave", $data["key"]); // create a command request with the forcasave method
|
||||
if ($data->actions && $data->actions[0]->type == 0) { // finished edit
|
||||
$user = $data->actions[0]->userid; // the user who finished editing
|
||||
if (array_search($user, $data->users) === FALSE) {
|
||||
$commandRequest = commandRequest("forcesave", $data->key); // create a command request with the forcasave method
|
||||
sendlog(" CommandRequest forcesave: " . serialize($commandRequest), "webedior-ajax.log");
|
||||
}
|
||||
}
|
||||
@ -259,7 +261,7 @@ function convert() {
|
||||
$internalExtension = trim(getInternalExtension($fileName),'.');
|
||||
|
||||
// check if the file with such an extension can be converted
|
||||
if (in_array("." + $extension, $GLOBALS['DOC_SERV_CONVERT']) && $internalExtension != "") {
|
||||
if (in_array("." . $extension, $GLOBALS['DOC_SERV_CONVERT']) && $internalExtension != "") {
|
||||
|
||||
$fileUri = $post["fileUri"];
|
||||
if ($fileUri == NULL || $fileUri == "") {
|
||||
@ -469,6 +471,13 @@ function delTree($dir) {
|
||||
function renamefile() {
|
||||
$post = json_decode(file_get_contents('php://input'), true);
|
||||
$newfilename = $post["newfilename"];
|
||||
|
||||
$curExt = strtolower(array_pop(explode('.', $newfilename)));
|
||||
$origExt = $post["ext"];
|
||||
if($origExt !== $curExt){
|
||||
$newfilename .= '.' . $origExt;
|
||||
}
|
||||
|
||||
$dockey = $post["dockey"];
|
||||
$meta = ["title" => $newfilename];
|
||||
|
||||
|
||||
Submodule web/documentserver-example/python/assets updated: 1d601d84c4...1fc823afa9
@ -1,6 +1,6 @@
|
||||
import os
|
||||
|
||||
VERSION = '1.2.0'
|
||||
VERSION = '1.3.0'
|
||||
|
||||
FILE_SIZE_MAX = 5242880
|
||||
STORAGE_PATH = 'app_data'
|
||||
|
||||
@ -80,7 +80,8 @@ descr_user_0 = [
|
||||
"Can't mention others in comments",
|
||||
"Can't create new files from the editor",
|
||||
"Can’t see anyone’s information",
|
||||
"Can't rename files from the editor"
|
||||
"Can't rename files from the editor",
|
||||
"Can't view chat",
|
||||
]
|
||||
|
||||
USERS = [
|
||||
|
||||
@ -153,6 +153,12 @@ def rename(request):
|
||||
|
||||
body = json.loads(request.body)
|
||||
newfilename = body['newfilename']
|
||||
|
||||
origExt = '.' + body['ext']
|
||||
curExt = fileUtils.getFileExt(newfilename)
|
||||
if (origExt != curExt):
|
||||
newfilename += origExt
|
||||
|
||||
dockey = body['dockey']
|
||||
meta = {'title': newfilename}
|
||||
|
||||
@ -240,6 +246,7 @@ def edit(request):
|
||||
'modifyFilter': edMode != 'filter',
|
||||
'modifyContentControl': edMode != "blockcontent",
|
||||
'review': canEdit & ((edMode == 'edit') | (edMode == 'review')),
|
||||
'chat': user.id !='uid-0',
|
||||
'reviewGroups': user.reviewGroups,
|
||||
'commentGroups': user.commentGroups,
|
||||
'userInfoGroups': user.userInfoGroups
|
||||
|
||||
@ -165,6 +165,7 @@
|
||||
var data = {
|
||||
newfilename: newfilename,
|
||||
dockey: config.document.key,
|
||||
ext: config.document.fileType
|
||||
};
|
||||
let xhr = new XMLHttpRequest();
|
||||
xhr.open("POST", "rename");
|
||||
|
||||
@ -47,4 +47,7 @@ gem 'uuid'
|
||||
|
||||
gem 'rack-cors'
|
||||
|
||||
gem 'webrick'
|
||||
gem 'webrick'
|
||||
|
||||
# A ruby implementation of the RFC 7519 OAuth JSON Web Token (JWT) standard.
|
||||
gem 'jwt', '~> 2.4.1'
|
||||
@ -78,24 +78,26 @@ GEM
|
||||
coffee-script-source
|
||||
execjs
|
||||
coffee-script-source (1.12.2)
|
||||
concurrent-ruby (1.1.9)
|
||||
concurrent-ruby (1.1.10)
|
||||
crass (1.0.6)
|
||||
debug_inspector (1.1.0)
|
||||
erubi (1.10.0)
|
||||
execjs (2.8.1)
|
||||
ffi (1.15.5)
|
||||
ffi (1.15.5-x64-mingw32)
|
||||
globalid (1.0.0)
|
||||
activesupport (>= 5.0)
|
||||
i18n (1.9.1)
|
||||
i18n (1.12.0)
|
||||
concurrent-ruby (~> 1.0)
|
||||
jbuilder (2.9.1)
|
||||
activesupport (>= 4.2.0)
|
||||
jquery-rails (4.4.0)
|
||||
jquery-rails (4.5.0)
|
||||
rails-dom-testing (>= 1, < 3)
|
||||
railties (>= 4.2.0)
|
||||
thor (>= 0.14, < 2.0)
|
||||
json (2.3.0)
|
||||
loofah (2.13.0)
|
||||
json (1.8.6)
|
||||
jwt (2.4.1)
|
||||
loofah (2.18.0)
|
||||
crass (~> 1.0.2)
|
||||
nokogiri (>= 1.5.9)
|
||||
macaddr (1.7.2)
|
||||
@ -105,21 +107,18 @@ GEM
|
||||
marcel (1.0.2)
|
||||
method_source (1.0.0)
|
||||
mini_mime (1.1.2)
|
||||
minitest (5.15.0)
|
||||
minitest (5.16.2)
|
||||
nio4r (2.5.8)
|
||||
nokogiri (1.13.3)
|
||||
mini_portile2 (~> 2.8.0)
|
||||
nokogiri (1.13.8-x64-mingw32)
|
||||
racc (~> 1.4)
|
||||
nokogiri (1.13.3-x64-mingw32)
|
||||
racc (~> 1.4)
|
||||
nokogiri (1.13.3-x86_64-linux)
|
||||
nokogiri (1.13.8-x86_64-linux)
|
||||
racc (~> 1.4)
|
||||
racc (1.6.0)
|
||||
rack (2.2.3)
|
||||
rack (2.2.4)
|
||||
rack-cors (1.1.1)
|
||||
rack (>= 2.0.0)
|
||||
rack-test (1.1.0)
|
||||
rack (>= 1.0, < 3)
|
||||
rack-test (2.0.2)
|
||||
rack (>= 1.3)
|
||||
rails (6.1.4.1)
|
||||
actioncable (= 6.1.4.1)
|
||||
actionmailbox (= 6.1.4.1)
|
||||
@ -138,7 +137,7 @@ GEM
|
||||
rails-dom-testing (2.0.3)
|
||||
activesupport (>= 4.2.0)
|
||||
nokogiri (>= 1.6)
|
||||
rails-html-sanitizer (1.4.2)
|
||||
rails-html-sanitizer (1.4.3)
|
||||
loofah (~> 2.3)
|
||||
railties (6.1.4.1)
|
||||
actionpack (= 6.1.4.1)
|
||||
@ -147,9 +146,11 @@ GEM
|
||||
rake (>= 0.13)
|
||||
thor (~> 1.0)
|
||||
rake (13.0.6)
|
||||
rdoc (6.3.1)
|
||||
rdoc (4.3.0)
|
||||
sass-rails (6.0.0)
|
||||
sassc-rails (~> 2.1, >= 2.1.1)
|
||||
sassc (2.4.0)
|
||||
ffi (~> 1.9)
|
||||
sassc (2.4.0-x64-mingw32)
|
||||
ffi (~> 1.9)
|
||||
sassc-rails (2.1.2)
|
||||
@ -161,7 +162,7 @@ GEM
|
||||
sdoc (0.4.2)
|
||||
json (~> 1.7, >= 1.7.7)
|
||||
rdoc (~> 4.0)
|
||||
sprockets (4.0.2)
|
||||
sprockets (4.1.1)
|
||||
concurrent-ruby (~> 1.0)
|
||||
rack (> 1, < 3)
|
||||
sprockets-rails (3.4.2)
|
||||
@ -171,13 +172,13 @@ GEM
|
||||
sqlite3 (1.4.2)
|
||||
systemu (2.6.5)
|
||||
thor (1.2.1)
|
||||
tilt (2.0.10)
|
||||
tilt (2.0.11)
|
||||
turbolinks (5.2.1)
|
||||
turbolinks-source (~> 5.2)
|
||||
turbolinks-source (5.2.0)
|
||||
tzinfo (2.0.4)
|
||||
tzinfo (2.0.5)
|
||||
concurrent-ruby (~> 1.0)
|
||||
tzinfo-data (1.2021.5)
|
||||
tzinfo-data (1.2022.1)
|
||||
tzinfo (>= 1.0.0)
|
||||
uglifier (4.2.0)
|
||||
execjs (>= 0.3.0, < 3)
|
||||
@ -192,16 +193,18 @@ GEM
|
||||
websocket-driver (0.7.5)
|
||||
websocket-extensions (>= 0.1.0)
|
||||
websocket-extensions (0.1.5)
|
||||
zeitwerk (2.5.4)
|
||||
zeitwerk (2.6.0)
|
||||
|
||||
PLATFORMS
|
||||
x64-mingw32
|
||||
x86_64-linux
|
||||
|
||||
DEPENDENCIES
|
||||
byebug
|
||||
coffee-rails (~> 5.0.0)
|
||||
jbuilder (~> 2.9.1)
|
||||
jquery-rails
|
||||
jwt (~> 2.4.1)
|
||||
mimemagic!
|
||||
rack-cors
|
||||
rails (= 6.1.4.1)
|
||||
@ -216,4 +219,4 @@ DEPENDENCIES
|
||||
webrick
|
||||
|
||||
BUNDLED WITH
|
||||
2.1.4
|
||||
2.2.22
|
||||
|
||||
@ -351,6 +351,13 @@ class HomeController < ApplicationController
|
||||
body = JSON.parse(request.body.read)
|
||||
dockey = body["dockey"]
|
||||
newfilename = body["newfilename"]
|
||||
|
||||
orig_ext = '.' + body["ext"]
|
||||
cur_ext = File.extname(newfilename).downcase
|
||||
if orig_ext != cur_ext
|
||||
newfilename += orig_ext
|
||||
end
|
||||
|
||||
meta = {
|
||||
:title => newfilename
|
||||
}
|
||||
|
||||
@ -230,7 +230,7 @@ class DocumentHelper
|
||||
|
||||
# get file url
|
||||
def get_file_uri(file_name, for_document_server)
|
||||
uri = get_server_url(for_document_server) + '/' + Rails.configuration.storagePath + '/' + cur_user_host_address(nil) + '/' + URI::encode(file_name)
|
||||
uri = get_server_url(for_document_server) + '/' + Rails.configuration.storagePath + '/' + cur_user_host_address(nil) + '/' + ERB::Util.url_encode(file_name)
|
||||
|
||||
return uri
|
||||
end
|
||||
@ -238,7 +238,7 @@ class DocumentHelper
|
||||
# get history path url
|
||||
def get_historypath_uri(file_name,version,file)
|
||||
# for redirection to my link
|
||||
uri = get_server_url(true) + '/downloadhistory/?fileName=' + URI::encode(file_name) + '&ver='+ version.to_s + '&file='+ URI::encode(file) + '&userAddress=' + cur_user_host_address(nil)
|
||||
uri = get_server_url(true) + '/downloadhistory/?fileName=' + ERB::Util.url_encode(file_name) + '&ver='+ version.to_s + '&file='+ ERB::Util.url_encode(file) + '&userAddress=' + cur_user_host_address(nil)
|
||||
return uri
|
||||
end
|
||||
|
||||
@ -254,7 +254,7 @@ class DocumentHelper
|
||||
# get callback url
|
||||
def get_callback(file_name)
|
||||
|
||||
get_server_url(true) + '/track?fileName=' + URI::encode(file_name) + '&userAddress=' + cur_user_host_address(nil)
|
||||
get_server_url(true) + '/track?fileName=' + ERB::Util.url_encode(file_name) + '&userAddress=' + cur_user_host_address(nil)
|
||||
|
||||
end
|
||||
|
||||
@ -268,7 +268,7 @@ class DocumentHelper
|
||||
# get url to download a file
|
||||
def get_download_url(file_name)
|
||||
|
||||
get_server_url(true) + '/download?fileName=' + URI::encode(file_name) + '&userAddress=' + cur_user_host_address(nil)
|
||||
get_server_url(true) + '/download?fileName=' + ERB::Util.url_encode(file_name) + '&userAddress=' + cur_user_host_address(nil)
|
||||
|
||||
end
|
||||
|
||||
|
||||
@ -127,6 +127,7 @@ class FileModel
|
||||
:modifyFilter => !editorsmode.eql?("filter"),
|
||||
:modifyContentControl => !editorsmode.eql?("blockcontent"),
|
||||
:review => canEdit && (editorsmode.eql?("edit") || editorsmode.eql?("review")),
|
||||
:chat => !@user.id.eql?("uid-0"),
|
||||
:reviewGroups => @user.reviewGroups,
|
||||
:commentGroups => @user.commentGroups,
|
||||
:userInfoGroups => @user.userInfoGroups
|
||||
@ -157,7 +158,7 @@ class FileModel
|
||||
:forcesave => false, # adding the request for the forced file saving to the callback handler
|
||||
:submitForm => submitForm, # the Submit form button state
|
||||
:goback => {
|
||||
:url => DocumentHelper.get_server_url(true)
|
||||
:url => DocumentHelper.get_server_url(false)
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
@ -14,6 +14,8 @@
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
require 'jwt'
|
||||
|
||||
class JwtHelper
|
||||
|
||||
@jwt_secret = Rails.configuration.jwtSecret
|
||||
@ -26,37 +28,19 @@ class JwtHelper
|
||||
|
||||
# encode a payload object into a token using a secret key
|
||||
def encode(payload)
|
||||
header = { :alg => "HS256", :typ => "JWT" } # define the hashing algorithm and the token type
|
||||
# three parts of token
|
||||
enc_header = Base64.urlsafe_encode64(header.to_json).remove("=") # header
|
||||
enc_payload = Base64.urlsafe_encode64(payload.to_json).remove("=") # payload
|
||||
hash = Base64.urlsafe_encode64(calc_hash(enc_header, enc_payload)).remove("=") # signature
|
||||
|
||||
return "#{enc_header}.#{enc_payload}.#{hash}"
|
||||
return JWT.encode payload, @jwt_secret, 'HS256' # define the hashing algorithm and get token
|
||||
end
|
||||
|
||||
# decode a token into a payload object using a secret key
|
||||
def decode(token)
|
||||
if !is_enabled
|
||||
begin
|
||||
decoded = JWT.decode token, @jwt_secret, true, { algorithm: 'HS256' }
|
||||
rescue
|
||||
return ""
|
||||
end
|
||||
|
||||
split = token.split(".")
|
||||
|
||||
hash = Base64.urlsafe_encode64(calc_hash(split[0], split[1])).remove("=")
|
||||
|
||||
if !hash.eql?(split[2])
|
||||
return ""
|
||||
end
|
||||
|
||||
return Base64.urlsafe_decode64(split[1])
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
# generate a hash code based on a key using the HMAC method
|
||||
def calc_hash(header, payload)
|
||||
return OpenSSL::HMAC.digest("SHA256", @jwt_secret, "#{header}.#{payload}")
|
||||
# decoded = Array [ {"data"=>"test"}, # payload
|
||||
# {"alg"=>"HS256"} # header ]
|
||||
return decoded[0].to_json # get json payload
|
||||
end
|
||||
end
|
||||
end
|
||||
@ -73,7 +73,8 @@ class Users
|
||||
"Can't mention others in comments",
|
||||
"Can't create new files from the editor",
|
||||
"Can’t see anyone’s information",
|
||||
"Can't rename files from the editor"
|
||||
"Can't rename files from the editor",
|
||||
"Can't view chat"
|
||||
];
|
||||
|
||||
@@users = [
|
||||
|
||||
@ -140,6 +140,7 @@
|
||||
var data = {
|
||||
newfilename: newfilename,
|
||||
dockey: config.document.key,
|
||||
ext: config.document.fileType
|
||||
};
|
||||
let xhr = new XMLHttpRequest();
|
||||
xhr.open("POST", "rename");
|
||||
|
||||
@ -128,7 +128,7 @@
|
||||
<%
|
||||
docs.each { |d|
|
||||
isFillFormDoc = DocumentHelper.fill_forms_exts.include?(File.extname(d).downcase)
|
||||
editUrl = "editor?fileName=#{URI::encode(d)}"
|
||||
editUrl = "editor?fileName=#{ERB::Util.url_encode(d)}"
|
||||
docType = FileUtility.get_file_type(d)
|
||||
canEdit = DocumentHelper.edited_exts.include?(File.extname(d).downcase) %>
|
||||
<tr class="tableRow" title="<%= d %> [<%= DocumentHelper.get_file_version(DocumentHelper.history_dir(DocumentHelper.storage_path(d, nil))) %>]">
|
||||
@ -221,7 +221,7 @@
|
||||
</a>
|
||||
</td>
|
||||
<td class="contentCells contentCells-shift contentCells-icon downloadContentCellShift">
|
||||
<a href="<%= "download?fileName=#{URI::encode(d)}" %>">
|
||||
<a href="<%= "download?fileName=#{ERB::Util.url_encode(d)}" %>">
|
||||
<img class="icon-download" src="assets/download.svg" alt="Download" title="Download" />
|
||||
</a>
|
||||
</td>
|
||||
|
||||
@ -26,7 +26,7 @@ module OnlineEditorsExampleRuby
|
||||
end
|
||||
end
|
||||
|
||||
Rails.configuration.version="1.2.0"
|
||||
Rails.configuration.version="1.3.0"
|
||||
|
||||
Rails.configuration.fileSizeMax=5242880
|
||||
Rails.configuration.storagePath="app_data"
|
||||
@ -62,7 +62,7 @@ module OnlineEditorsExampleRuby
|
||||
'nl' => 'Dutch',
|
||||
'fi' => 'Finnish',
|
||||
'fr' => 'French',
|
||||
'gl' => 'Galego'
|
||||
'gl' => 'Galego',
|
||||
'de' => 'German',
|
||||
'el' => 'Greek',
|
||||
'hu' => 'Hungarian',
|
||||
|
||||
@ -36,6 +36,10 @@ jquery-rails - This gem provides jQuery and the jQuery-ujs driver for your Rail
|
||||
License: MIT
|
||||
License File: jquery-rails.license
|
||||
|
||||
mimemagic - А library to detect the mime type of a file by extension or by content. (https://github.com/mimemagicrb/mimemagic/blob/master/LICENSE)
|
||||
License: MIT
|
||||
License File: mimemagic.license
|
||||
|
||||
rails - Rails is a web-application framework that includes everything needed to create database-backed web applications according to the Model-View-Controller (MVC) pattern. (https://github.com/rails/rails/blob/v6.0.3.2/MIT-LICENSE)
|
||||
License: MIT
|
||||
License File: rails.license
|
||||
|
||||
19
web/documentserver-example/ruby/licenses/jwt.license
Normal file
19
web/documentserver-example/ruby/licenses/jwt.license
Normal file
@ -0,0 +1,19 @@
|
||||
Copyright (c) 2011 Jeff Lindsay
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
urnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in
|
||||
all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
||||
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
|
||||
OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
Reference in New Issue
Block a user