pengjunjie/server
1
0
Fork 1
mirror of https://github.com/ONLYOFFICE/server.git synced 2026-04-07 14:04:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bug] Fix 'savefromorigin' with password; Fix bug 70466

Browse Source
This commit is contained in:
Sergey Konovalov
2024-10-02 17:25:56 +03:00
parent eb2077cc31
commit fcf1195c0a
2 changed files with 27 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
DocService/sources/DocsCoServer.js
View File

@ -1553,35 +1553,34 @@ exports.getExternalChangeInfo = getExternalChangeInfo;
exports.checkJwt = checkJwt;
exports.getRequestParams = getRequestParams;
exports.checkJwtHeader = checkJwtHeader;
function encryptPasswordParams(ctx, data) {
return co(function*(){
let dataWithPassword;
if (data.type === 'openDocument' && data.message) {
dataWithPassword = data.message;
} else if (data.type === 'auth' && data.openCmd) {
dataWithPassword = data.openCmd;
} else if (data.c === 'savefromorigin') {
dataWithPassword = data;
async function encryptPasswordParams(ctx, data) {
let dataWithPassword;
if (data.type === 'openDocument' && data.message) {
dataWithPassword = data.message;
} else if (data.type === 'auth' && data.openCmd) {
dataWithPassword = data.openCmd;
} else if (data.c === 'savefromorigin') {
dataWithPassword = data;
}
if (dataWithPassword && dataWithPassword.password) {
if (dataWithPassword.password.length > constants.PASSWORD_MAX_LENGTH) {
//todo send back error
ctx.logger.warn('encryptPasswordParams password too long actual = %s; max = %s', dataWithPassword.password.length, constants.PASSWORD_MAX_LENGTH);
dataWithPassword.password = null;
} else {
dataWithPassword.password = await utils.encryptPassword(ctx, dataWithPassword.password);
}
if (dataWithPassword && dataWithPassword.password) {
if (dataWithPassword.password.length > constants.PASSWORD_MAX_LENGTH) {
//todo send back error
ctx.logger.warn('encryptPasswordParams password too long actual = %s; max = %s', dataWithPassword.password.length, constants.PASSWORD_MAX_LENGTH);
dataWithPassword.password = null;
} else {
dataWithPassword.password = yield utils.encryptPassword(ctx, dataWithPassword.password);
}
}
if (dataWithPassword && dataWithPassword.savepassword) {
if (dataWithPassword.savepassword.length > constants.PASSWORD_MAX_LENGTH) {
//todo send back error
ctx.logger.warn('encryptPasswordParams password too long actual = %s; max = %s', dataWithPassword.savepassword.length, constants.PASSWORD_MAX_LENGTH);
dataWithPassword.savepassword = null;
} else {
dataWithPassword.savepassword = await utils.encryptPassword(ctx, dataWithPassword.savepassword);
}
if (dataWithPassword && dataWithPassword.savepassword) {
if (dataWithPassword.savepassword.length > constants.PASSWORD_MAX_LENGTH) {
//todo send back error
ctx.logger.warn('encryptPasswordParams password too long actual = %s; max = %s', dataWithPassword.savepassword.length, constants.PASSWORD_MAX_LENGTH);
dataWithPassword.savepassword = null;
} else {
dataWithPassword.savepassword = yield utils.encryptPassword(ctx, dataWithPassword.savepassword);
}
}
});
}
}
exports.encryptPasswordParams = encryptPasswordParams;
exports.getOpenFormatByEditor = getOpenFormatByEditor;

2
DocService/sources/canvasservice.js
View File

@ -1449,7 +1449,7 @@ exports.downloadAs = function(req, res) {
yield* commandSave(ctx, cmd, outputData);
break;
case 'savefromorigin':
docsCoServer.encryptPasswordParams(ctx, cmd)
yield docsCoServer.encryptPasswordParams(ctx, cmd);
yield* commandSaveFromOrigin(ctx, cmd, outputData, row && row.password);
break;
case 'sendmm':