diff --git a/Common/config/default.json b/Common/config/default.json index e33a8ef4..d681de7b 100644 --- a/Common/config/default.json +++ b/Common/config/default.json @@ -103,8 +103,8 @@ "storageFolderName": "files", "cacheFolderName": "data", "urlExpires": 604800, - "accessKeyId": "AKID", - "secretAccessKey": "SECRET", + "accessKeyId": "", + "secretAccessKey": "", "sslEnabled": false, "s3ForcePathStyle": true, "externalHost": "" diff --git a/Common/sources/storage-s3.js b/Common/sources/storage-s3.js index 07ae0c67..d45ce946 100644 --- a/Common/sources/storage-s3.js +++ b/Common/sources/storage-s3.js @@ -63,12 +63,14 @@ function getS3Client(storageCfg) { */ let configS3 = { region: storageCfg.region, - endpoint: storageCfg.endpoint, - credentials : { + endpoint: storageCfg.endpoint + }; + if (storageCfg.accessKeyId && storageCfg.secretAccessKey) { + configS3.credentials = { accessKeyId: storageCfg.accessKeyId, secretAccessKey: storageCfg.secretAccessKey } - }; + } if (configS3.endpoint) { configS3.tls = storageCfg.sslEnabled; diff --git a/DocService/sources/DocsCoServer.js b/DocService/sources/DocsCoServer.js index 4ca47102..febe2ce6 100644 --- a/DocService/sources/DocsCoServer.js +++ b/DocService/sources/DocsCoServer.js @@ -3111,7 +3111,7 @@ exports.install = function(server, callbackFunction) { let addRes = await editorData.addLocksNX(ctx, docId, locks); let documentLocks = addRes.allLocks; let isAllAdded = Object.keys(addRes.lockConflict).length === 0; - if (!isAllAdded || !fCheckLock(ctx, docId, documentLocks, locks, arrayBlocks, userId)) { + if (!isAllAdded && !fCheckLock(ctx, docId, documentLocks, locks, arrayBlocks, userId)) { //remove new locks let toRemove = {}; for (let lockId in locks) { diff --git a/DocService/sources/server.js b/DocService/sources/server.js index 150dca50..2053a57e 100644 --- a/DocService/sources/server.js +++ b/DocService/sources/server.js @@ -394,8 +394,13 @@ docsCoServer.install(server, () => { }); }); app.get('/document_editor_service_worker.js', apicache.middleware("5 min"), async (req, res) => { - //make handler only for development version - res.sendFile(path.resolve("../../sdkjs/common/serviceworker/document_editor_service_worker.js")); + let staticContent = config.get('services.CoAuthoring.server.static_content'); + if (staticContent['/sdkjs']) { + //make handler only for development version + res.sendFile(path.resolve(staticContent['/sdkjs'].path + "/common/serviceworker/document_editor_service_worker.js")); + } else { + res.sendStatus(404); + } }); app.use((err, req, res, next) => { let ctx = new operationContext.Context(); diff --git a/DocService/sources/wopiClient.js b/DocService/sources/wopiClient.js index ce72847f..2851b62f 100644 --- a/DocService/sources/wopiClient.js +++ b/DocService/sources/wopiClient.js @@ -383,7 +383,7 @@ async function getWopiFileUrl(ctx, fileInfo, userAuth) { } else if (fileInfo?.TemplateSource) { url = fileInfo.TemplateSource; } else if (userAuth) { - url = `${userAuth.wopiSrc}/contents?access_token=${userAuth.access_token}`; + url = `${userAuth.wopiSrc}/contents?access_token=${encodeURIComponent(userAuth.access_token)}`; await fillStandardHeaders(ctx, headers, url, userAuth.access_token); } ctx.logger.debug('getWopiFileUrl url=%s; headers=%j', url, headers); @@ -740,7 +740,7 @@ function putFile(ctx, wopiParams, data, dataStream, dataSize, userLastChangeId, } let fileInfo = wopiParams.commonInfo.fileInfo; let userAuth = wopiParams.userAuth; - let uri = `${userAuth.wopiSrc}/contents?access_token=${userAuth.access_token}`; + let uri = `${userAuth.wopiSrc}/contents?access_token=${encodeURIComponent(userAuth.access_token)}`; let filterStatus = yield checkIpFilter(ctx, uri); if (0 !== filterStatus) { return postRes; @@ -785,7 +785,7 @@ function putRelativeFile(ctx, wopiSrc, access_token, data, dataStream, dataSize, ctx.logger.info('wopi putRelativeFile start'); const tenCallbackRequestTimeout = ctx.getCfg('services.CoAuthoring.server.callbackRequestTimeout', cfgCallbackRequestTimeout); - let uri = `${wopiSrc}?access_token=${access_token}`; + let uri = `${wopiSrc}?access_token=${encodeURIComponent(access_token)}`; let filterStatus = yield checkIpFilter(ctx, uri); if (0 !== filterStatus) { return res; @@ -825,7 +825,7 @@ function renameFile(ctx, wopiParams, name) { } let fileInfo = wopiParams.commonInfo.fileInfo; let userAuth = wopiParams.userAuth; - let uri = `${userAuth.wopiSrc}?access_token=${userAuth.access_token}`; + let uri = `${userAuth.wopiSrc}?access_token=${encodeURIComponent(userAuth.access_token)}`; let filterStatus = yield checkIpFilter(ctx, uri); if (0 !== filterStatus) { return res; @@ -909,7 +909,7 @@ function checkFileInfo(ctx, wopiSrc, access_token, opt_sc) { ctx.logger.info('wopi checkFileInfo start'); const tenDownloadTimeout = ctx.getCfg('FileConverter.converter.downloadTimeout', cfgDownloadTimeout); - let uri = `${encodeURI(wopiSrc)}?access_token=${encodeURIComponent(access_token)}`; + let uri = `${wopiSrc}?access_token=${encodeURIComponent(access_token)}`; let filterStatus = yield checkIpFilter(ctx, uri); if (0 !== filterStatus) { return fileInfo; @@ -946,7 +946,7 @@ function lock(ctx, command, lockId, fileInfo, userAuth) { } let wopiSrc = userAuth.wopiSrc; let access_token = userAuth.access_token; - let uri = `${wopiSrc}?access_token=${access_token}`; + let uri = `${wopiSrc}?access_token=${encodeURIComponent(access_token)}`; let filterStatus = yield checkIpFilter(ctx, uri); if (0 !== filterStatus) { return false; @@ -985,7 +985,7 @@ async function unlock(ctx, wopiParams) { let wopiSrc = wopiParams.userAuth.wopiSrc; let lockId = wopiParams.commonInfo.lockId; let access_token = wopiParams.userAuth.access_token; - let uri = `${wopiSrc}?access_token=${access_token}`; + let uri = `${wopiSrc}?access_token=${encodeURIComponent(access_token)}`; let filterStatus = await checkIpFilter(ctx, uri); if (0 !== filterStatus) { return; diff --git a/Readme.md b/Readme.md index a7a3adfd..109334f8 100644 --- a/Readme.md +++ b/Readme.md @@ -3,7 +3,7 @@ [![License](https://img.shields.io/badge/License-GNU%20AGPL%20V3-green.svg?style=flat)](https://www.gnu.org/licenses/agpl-3.0.en.html) -The backend server software layer which is the part of [ONLYOFFICE Document Server][2] and [ONLYOFFICE Desktop Editors][4] and is the base for all other components. +The backend server software layer which is the part of [ONLYOFFICE Document Server][2] and is the base for all other components. ## Document service set up @@ -98,7 +98,6 @@ If you have any problems with or questions about [ONLYOFFICE Document Server][2] [1]: https://forum.onlyoffice.com [2]: https://github.com/ONLYOFFICE/DocumentServer [3]: https://stackoverflow.com/questions/tagged/onlyoffice - [4]: https://github.com/ONLYOFFICE/DesktopEditors ## License