This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * ownCloud - Richdocuments App |
||
4 | * |
||
5 | * @author Victor Dubiniuk |
||
6 | * @copyright 2014 Victor Dubiniuk [email protected] |
||
7 | * |
||
8 | * This file is licensed under the Affero General Public License version 3 or |
||
9 | * later. |
||
10 | */ |
||
11 | |||
12 | namespace OCA\Richdocuments\Controller; |
||
13 | |||
14 | use OCA\Richdocuments\Events\BeforeFederationRedirectEvent; |
||
15 | use OCA\Richdocuments\Service\FederationService; |
||
16 | use OCA\Richdocuments\TokenManager; |
||
17 | use \OCP\AppFramework\Controller; |
||
18 | use OCP\AppFramework\Http; |
||
19 | use OCP\AppFramework\Http\JSONResponse; |
||
20 | use OCP\AppFramework\Http\RedirectResponse; |
||
21 | use OCP\Constants; |
||
22 | use OCP\Files\File; |
||
23 | use OCP\Files\Folder; |
||
24 | use OCP\Files\GenericFileException; |
||
25 | use OCP\Files\IRootFolder; |
||
26 | use OCP\Files\Node; |
||
27 | use OCP\Files\NotFoundException; |
||
28 | use OCP\Files\NotPermittedException; |
||
29 | use \OCP\IRequest; |
||
30 | use \OCP\IConfig; |
||
31 | use \OCP\IL10N; |
||
32 | use \OCP\ILogger; |
||
33 | use \OCP\AppFramework\Http\ContentSecurityPolicy; |
||
34 | use \OCP\AppFramework\Http\TemplateResponse; |
||
35 | use \OCA\Richdocuments\AppConfig; |
||
36 | use \OCA\Richdocuments\Helper; |
||
37 | use OCP\ISession; |
||
38 | use OCP\Share\Exceptions\ShareNotFound; |
||
39 | use OCP\Share\IManager; |
||
40 | use OC\Files\Type\TemplateManager; |
||
41 | |||
42 | class DocumentController extends Controller { |
||
43 | /** @var string */ |
||
44 | private $uid; |
||
45 | /** @var IL10N */ |
||
46 | private $l10n; |
||
47 | /** @var IConfig */ |
||
48 | private $settings; |
||
49 | /** @var AppConfig */ |
||
50 | private $appConfig; |
||
51 | /** @var ILogger */ |
||
52 | private $logger; |
||
53 | /** @var IManager */ |
||
54 | private $shareManager; |
||
55 | /** @var TokenManager */ |
||
56 | private $tokenManager; |
||
57 | /** @var ISession */ |
||
58 | private $session; |
||
59 | /** @var IRootFolder */ |
||
60 | private $rootFolder; |
||
61 | /** @var \OCA\Richdocuments\TemplateManager */ |
||
62 | private $templateManager; |
||
63 | /** @var FederationService */ |
||
64 | private $federationService; |
||
65 | /** @var Helper */ |
||
66 | private $helper; |
||
67 | |||
68 | const ODT_TEMPLATE_PATH = '/assets/odttemplate.odt'; |
||
69 | |||
70 | /** |
||
71 | * @param string $appName |
||
72 | * @param IRequest $request |
||
73 | * @param IConfig $settings |
||
74 | * @param AppConfig $appConfig |
||
75 | * @param IL10N $l10n |
||
76 | * @param IManager $shareManager |
||
77 | * @param TokenManager $tokenManager |
||
78 | * @param IRootFolder $rootFolder |
||
79 | * @param ISession $session |
||
80 | * @param string $UserId |
||
81 | * @param ILogger $logger |
||
82 | */ |
||
83 | View Code Duplication | public function __construct( |
|
84 | $appName, |
||
85 | IRequest $request, |
||
86 | IConfig $settings, |
||
87 | AppConfig $appConfig, |
||
88 | IL10N $l10n, |
||
89 | IManager $shareManager, |
||
90 | TokenManager $tokenManager, |
||
91 | IRootFolder $rootFolder, |
||
92 | ISession $session, |
||
93 | $UserId, |
||
94 | ILogger $logger, |
||
95 | \OCA\Richdocuments\TemplateManager $templateManager, |
||
96 | FederationService $federationService, |
||
97 | Helper $helper |
||
98 | ) { |
||
99 | parent::__construct($appName, $request); |
||
100 | $this->uid = $UserId; |
||
101 | $this->l10n = $l10n; |
||
102 | $this->settings = $settings; |
||
103 | $this->appConfig = $appConfig; |
||
104 | $this->shareManager = $shareManager; |
||
105 | $this->tokenManager = $tokenManager; |
||
106 | $this->rootFolder = $rootFolder; |
||
107 | $this->session = $session; |
||
108 | $this->logger = $logger; |
||
109 | $this->templateManager = $templateManager; |
||
110 | $this->federationService = $federationService; |
||
111 | $this->helper = $helper; |
||
112 | } |
||
113 | |||
114 | /** |
||
115 | * @PublicPage |
||
116 | * @NoCSRFRequired |
||
117 | * |
||
118 | * Returns the access_token and urlsrc for WOPI access for given $fileId |
||
119 | * Requests is accepted only when a secret_token is provided set by admin in |
||
120 | * settings page |
||
121 | * |
||
122 | * @param string $fileId |
||
123 | * @return array access_token, urlsrc |
||
124 | */ |
||
125 | public function extAppGetData($fileId) { |
||
126 | $secretToken = $this->request->getParam('secret_token'); |
||
127 | $apps = array_filter(explode(',', $this->appConfig->getAppValue('external_apps'))); |
||
128 | foreach($apps as $app) { |
||
129 | if ($app !== '' && $secretToken === $app) { |
||
130 | $appName = explode(':', $app); |
||
131 | $this->logger->debug('External app "{extApp}" authenticated; issuing access token for fileId {fileId}', [ |
||
132 | 'app' => $this->appName, |
||
133 | 'extApp' => $appName[0], |
||
134 | 'fileId' => $fileId |
||
135 | ]); |
||
136 | try { |
||
137 | $folder = $this->rootFolder->getUserFolder($this->uid); |
||
138 | $item = $folder->getById($fileId)[0]; |
||
139 | if(!($item instanceof Node)) { |
||
140 | throw new \Exception(); |
||
141 | } |
||
142 | list($urlSrc, $token) = $this->tokenManager->getToken($item->getId()); |
||
143 | return [ |
||
144 | 'status' => 'success', |
||
145 | 'urlsrc' => $urlSrc, |
||
146 | 'token' => $token |
||
147 | ]; |
||
148 | } catch (\Exception $e) { |
||
149 | $this->logger->logException($e, ['app'=>'richdocuments']); |
||
150 | $params = [ |
||
151 | 'errors' => [['error' => $e->getMessage()]] |
||
152 | ]; |
||
153 | return new TemplateResponse('core', 'error', $params, 'guest'); |
||
154 | } |
||
155 | } |
||
156 | } |
||
157 | return [ |
||
158 | 'status' => 'error', |
||
159 | 'message' => 'Permission denied' |
||
160 | ]; |
||
161 | } |
||
162 | |||
163 | /** |
||
164 | * Strips the path and query parameters from the URL. |
||
165 | * |
||
166 | * @param string $url |
||
167 | * @return string |
||
168 | */ |
||
169 | private function domainOnly($url) { |
||
170 | $parsed_url = parse_url($url); |
||
171 | $scheme = isset($parsed_url['scheme']) ? $parsed_url['scheme'] . '://' : ''; |
||
172 | $host = isset($parsed_url['host']) ? $parsed_url['host'] : ''; |
||
173 | $port = isset($parsed_url['port']) ? ':' . $parsed_url['port'] : ''; |
||
174 | return "$scheme$host$port"; |
||
175 | } |
||
176 | |||
177 | /** |
||
178 | * Redirect to the files app with proper CSP headers set for federated editing |
||
179 | * This is a workaround since we cannot set a nonce for allowing dynamic URLs in the richdocument iframe |
||
180 | * |
||
181 | * @NoAdminRequired |
||
182 | * @NoCSRFRequired |
||
183 | */ |
||
184 | public function open($fileId) { |
||
185 | try { |
||
186 | $folder = $this->rootFolder->getUserFolder($this->uid); |
||
187 | $item = $folder->getById($fileId)[0]; |
||
188 | if (!($item instanceof File)) { |
||
189 | throw new \Exception('Node is not a file'); |
||
190 | } |
||
191 | |||
192 | if ($item->getStorage()->instanceOfStorage(\OCA\Files_Sharing\External\Storage::class)) { |
||
193 | $remote = $item->getStorage()->getRemote(); |
||
194 | $remoteCollabora = $this->federationService->getRemoteCollaboraURL($remote); |
||
195 | if ($remoteCollabora !== '') { |
||
196 | $absolute = $item->getParent()->getPath(); |
||
197 | $relativeFolderPath = $folder->getRelativePath($absolute); |
||
198 | $relativeFilePath = $folder->getRelativePath($item->getPath()); |
||
199 | $url = '/index.php/apps/files/?dir=' . $relativeFolderPath . |
||
200 | '&richdocuments_open=' . $relativeFilePath . |
||
201 | '&richdocuments_fileId=' . $fileId . |
||
202 | '&richdocuments_remote_access=' . $remote; |
||
203 | |||
204 | $event = new BeforeFederationRedirectEvent( |
||
205 | $item, $relativeFolderPath, $remote |
||
206 | ); |
||
207 | $eventDispatcher = \OC::$server->getEventDispatcher(); |
||
208 | $eventDispatcher->dispatch(BeforeFederationRedirectEvent::class, $event); |
||
209 | if ($event->getRedirectUrl()) { |
||
210 | $url = $event->getRedirectUrl(); |
||
211 | } |
||
212 | return new RedirectResponse($url); |
||
213 | } |
||
214 | $this->logger->warning('Failed to connect to remote collabora instance for ' . $fileId); |
||
215 | } |
||
216 | } catch (\Exception $e) { |
||
217 | $this->logger->logException($e, ['app'=>'richdocuments']); |
||
218 | $params = [ |
||
219 | 'errors' => [['error' => $e->getMessage()]] |
||
220 | ]; |
||
221 | return new TemplateResponse('core', 'error', $params, 'guest'); |
||
222 | } |
||
223 | |||
224 | return new TemplateResponse('core', '403', [], 'guest'); |
||
225 | } |
||
226 | |||
227 | /** |
||
228 | * @NoAdminRequired |
||
229 | * |
||
230 | * @param string $fileId |
||
231 | * @param string|null $path |
||
232 | * @return RedirectResponse|TemplateResponse |
||
233 | */ |
||
234 | public function index($fileId, $path = null) { |
||
235 | try { |
||
236 | $folder = $this->rootFolder->getUserFolder($this->uid); |
||
237 | |||
238 | if ($path !== null) { |
||
239 | $item = $folder->get($path); |
||
240 | } else { |
||
241 | $item = $folder->getById($fileId)[0]; |
||
242 | } |
||
243 | |||
244 | if(!($item instanceof File)) { |
||
245 | throw new \Exception(); |
||
246 | } |
||
247 | |||
248 | /** Open file from remote collabora */ |
||
249 | $federatedUrl = $this->federationService->getRemoteRedirectURL($item); |
||
250 | View Code Duplication | if ($federatedUrl !== null) { |
|
251 | $response = new RedirectResponse($federatedUrl); |
||
252 | $response->addHeader('X-Frame-Options', 'ALLOW'); |
||
253 | return $response; |
||
254 | } |
||
255 | |||
256 | list($urlSrc, $token, $wopi) = $this->tokenManager->getToken($item->getId()); |
||
257 | $params = [ |
||
258 | 'permissions' => $item->getPermissions(), |
||
259 | 'title' => $item->getName(), |
||
260 | 'fileId' => $item->getId() . '_' . $this->settings->getSystemValue('instanceid'), |
||
261 | 'token' => $token, |
||
262 | 'urlsrc' => $urlSrc, |
||
263 | 'path' => $folder->getRelativePath($item->getPath()), |
||
264 | 'instanceId' => $this->settings->getSystemValue('instanceid'), |
||
265 | 'canonical_webroot' => $this->appConfig->getAppValue('canonical_webroot'), |
||
266 | 'userId' => $this->uid |
||
267 | ]; |
||
268 | |||
269 | $encryptionManager = \OC::$server->getEncryptionManager(); |
||
270 | if ($encryptionManager->isEnabled()) |
||
271 | { |
||
272 | // Update the current file to be accessible with system public shared key |
||
273 | $owner = $item->getOwner()->getUID(); |
||
274 | $absPath = '/' . $owner . '/' . $item->getInternalPath(); |
||
275 | $accessList = \OC::$server->getEncryptionFilesHelper()->getAccessList($absPath); |
||
276 | $accessList['public'] = true; |
||
277 | $encryptionManager->getEncryptionModule()->update($absPath, $owner, $accessList); |
||
278 | } |
||
279 | |||
280 | $response = new TemplateResponse('richdocuments', 'documents', $params, 'base'); |
||
281 | $policy = new ContentSecurityPolicy(); |
||
282 | $policy->addAllowedFrameDomain($this->domainOnly($this->appConfig->getAppValue('public_wopi_url'))); |
||
283 | $policy->allowInlineScript(true); |
||
0 ignored issues
–
show
|
|||
284 | $response->setContentSecurityPolicy($policy); |
||
285 | return $response; |
||
286 | } catch (\Exception $e) { |
||
287 | $this->logger->logException($e, ['app'=>'richdocuments']); |
||
288 | $params = [ |
||
289 | 'errors' => [['error' => $e->getMessage()]] |
||
290 | ]; |
||
291 | return new TemplateResponse('core', 'error', $params, 'guest'); |
||
292 | } |
||
293 | |||
294 | return new TemplateResponse('core', '403', [], 'guest'); |
||
295 | } |
||
296 | |||
297 | /** |
||
298 | * @NoAdminRequired |
||
299 | * |
||
300 | * Create a new file from a template |
||
301 | * |
||
302 | * @param int $templateId |
||
303 | * @param string $fileName |
||
304 | * @param string $dir |
||
305 | * @return TemplateResponse |
||
306 | * @throws NotFoundException |
||
307 | * @throws NotPermittedException |
||
308 | * @throws \OCP\Files\InvalidPathException |
||
309 | */ |
||
310 | public function createFromTemplate($templateId, $fileName, $dir) { |
||
311 | if (!$this->templateManager->isTemplate($templateId)) { |
||
312 | return new TemplateResponse('core', '403', [], 'guest'); |
||
313 | } |
||
314 | |||
315 | $userFolder = $this->rootFolder->getUserFolder($this->uid); |
||
316 | try { |
||
317 | $folder = $userFolder->get($dir); |
||
318 | } catch (NotFoundException $e) { |
||
319 | return new TemplateResponse('core', '403', [], 'guest'); |
||
320 | } |
||
321 | |||
322 | if (!$folder instanceof Folder) { |
||
323 | return new TemplateResponse('core', '403', [], 'guest'); |
||
324 | } |
||
325 | |||
326 | $file = $folder->newFile($fileName); |
||
327 | |||
328 | $template = $this->templateManager->get($templateId); |
||
329 | list($urlSrc, $wopi) = $this->tokenManager->getTokenForTemplate($template, $this->uid, $file->getId()); |
||
330 | |||
331 | $wopiFileId = $template->getId() . '-' . $file->getId() . '_' . $this->settings->getSystemValue('instanceid'); |
||
332 | $wopiFileId = $wopi->getFileid() . '_' . $this->settings->getSystemValue('instanceid'); |
||
333 | |||
334 | $params = [ |
||
335 | 'permissions' => $template->getPermissions(), |
||
336 | 'title' => $fileName, |
||
337 | 'fileId' => $wopiFileId, |
||
338 | 'token' => $wopi->getToken(), |
||
339 | 'urlsrc' => $urlSrc, |
||
340 | 'path' => $userFolder->getRelativePath($file->getPath()), |
||
341 | 'instanceId' => $this->settings->getSystemValue('instanceid'), |
||
342 | 'canonical_webroot' => $this->appConfig->getAppValue('canonical_webroot'), |
||
343 | 'userId' => $this->uid |
||
344 | ]; |
||
345 | |||
346 | $response = new TemplateResponse('richdocuments', 'documents', $params, 'base'); |
||
347 | $policy = new ContentSecurityPolicy(); |
||
348 | $policy->addAllowedFrameDomain($this->domainOnly($this->appConfig->getAppValue('public_wopi_url'))); |
||
349 | $policy->allowInlineScript(true); |
||
350 | $response->setContentSecurityPolicy($policy); |
||
351 | return $response; |
||
352 | } |
||
353 | |||
354 | /** |
||
355 | * @PublicPage |
||
356 | * @NoCSRFRequired |
||
357 | * |
||
358 | * @param string $shareToken |
||
359 | * @param string $fileName |
||
360 | * @return TemplateResponse |
||
361 | * @throws \Exception |
||
362 | */ |
||
363 | public function publicPage($shareToken, $fileName, $fileId) { |
||
0 ignored issues
–
show
|
|||
364 | try { |
||
365 | $share = $this->shareManager->getShareByToken($shareToken); |
||
366 | // not authenticated ? |
||
367 | View Code Duplication | if($share->getPassword()){ |
|
368 | if (!$this->session->exists('public_link_authenticated') |
||
369 | || $this->session->get('public_link_authenticated') !== (string)$share->getId() |
||
370 | ) { |
||
371 | throw new \Exception('Invalid password'); |
||
372 | } |
||
373 | } |
||
374 | |||
375 | $node = $share->getNode(); |
||
376 | if($node instanceof Folder) { |
||
377 | $item = $node->getById($fileId)[0]; |
||
378 | } else { |
||
379 | $item = $node; |
||
380 | } |
||
381 | if ($item instanceof Node) { |
||
382 | $params = [ |
||
383 | 'permissions' => $share->getPermissions(), |
||
384 | 'title' => $item->getName(), |
||
385 | 'fileId' => $item->getId() . '_' . $this->settings->getSystemValue('instanceid'), |
||
386 | 'path' => '/', |
||
387 | 'instanceId' => $this->settings->getSystemValue('instanceid'), |
||
388 | 'canonical_webroot' => $this->appConfig->getAppValue('canonical_webroot'), |
||
389 | 'userId' => $this->uid, |
||
390 | ]; |
||
391 | |||
392 | if ($this->uid !== null || ($share->getPermissions() & \OCP\Constants::PERMISSION_UPDATE) === 0 || $this->helper->getGuestName() !== null) { |
||
393 | list($urlSrc, $token) = $this->tokenManager->getToken($item->getId(), $shareToken, $this->uid); |
||
394 | $params['token'] = $token; |
||
395 | $params['urlsrc'] = $urlSrc; |
||
396 | } |
||
397 | |||
398 | $response = new TemplateResponse('richdocuments', 'documents', $params, 'base'); |
||
399 | $policy = new ContentSecurityPolicy(); |
||
400 | $policy->addAllowedFrameDomain($this->domainOnly($this->appConfig->getAppValue('public_wopi_url'))); |
||
401 | $policy->allowInlineScript(true); |
||
0 ignored issues
–
show
The method
OCP\AppFramework\Http\Em...cy::allowInlineScript() has been deprecated with message: 10.0 CSP tokens are now used
This method has been deprecated. The supplier of the class has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.
Loading history...
|
|||
402 | $response->setContentSecurityPolicy($policy); |
||
403 | return $response; |
||
404 | } |
||
405 | } catch (\Exception $e) { |
||
406 | $this->logger->logException($e, ['app'=>'richdocuments']); |
||
407 | $params = [ |
||
408 | 'errors' => [['error' => $e->getMessage()]] |
||
409 | ]; |
||
410 | return new TemplateResponse('core', 'error', $params, 'guest'); |
||
411 | } |
||
412 | |||
413 | return new TemplateResponse('core', '403', [], 'guest'); |
||
414 | } |
||
415 | |||
416 | /** |
||
417 | * @PublicPage |
||
418 | * @NoCSRFRequired |
||
419 | * |
||
420 | * @param string $shareToken |
||
421 | * @param $remoteServer |
||
422 | * @param $remoteServerToken |
||
423 | * @param null $filePath |
||
424 | * @return TemplateResponse |
||
425 | */ |
||
426 | public function remote($shareToken, $remoteServer, $remoteServerToken, $filePath = null) { |
||
427 | try { |
||
428 | $share = $this->shareManager->getShareByToken($shareToken); |
||
429 | // not authenticated ? |
||
430 | View Code Duplication | if($share->getPassword()){ |
|
431 | if (!$this->session->exists('public_link_authenticated') |
||
432 | || $this->session->get('public_link_authenticated') !== (string)$share->getId() |
||
433 | ) { |
||
434 | throw new \Exception('Invalid password'); |
||
435 | } |
||
436 | } |
||
437 | |||
438 | $node = $share->getNode(); |
||
439 | if ($filePath !== null) { |
||
440 | $node = $node->get($filePath); |
||
441 | } |
||
442 | |||
443 | if ($node instanceof Node) { |
||
444 | list($urlSrc, $token, $wopi) = $this->tokenManager->getToken($node->getId(), $shareToken, $this->uid); |
||
445 | |||
446 | $remoteWopi = $this->federationService->getRemoteFileDetails($remoteServer, $remoteServerToken); |
||
447 | if ($remoteWopi === null) { |
||
448 | throw new \Exception('Invalid remote file details for ' . $remoteServerToken); |
||
449 | } |
||
450 | $this->tokenManager->updateToRemoteToken($wopi, $shareToken, $remoteServer, $remoteServerToken, $remoteWopi); |
||
451 | |||
452 | $permissions = $share->getPermissions(); |
||
453 | if (!$remoteWopi['canwrite']) { |
||
454 | $permissions = $permissions & ~ Constants::PERMISSION_UPDATE; |
||
455 | } |
||
456 | |||
457 | $params = [ |
||
458 | 'permissions' => $permissions, |
||
459 | 'title' => $node->getName(), |
||
460 | 'fileId' => $node->getId() . '_' . $this->settings->getSystemValue('instanceid'), |
||
461 | 'token' => $token, |
||
462 | 'urlsrc' => $urlSrc, |
||
463 | 'path' => '/', |
||
464 | 'instanceId' => $this->settings->getSystemValue('instanceid'), |
||
465 | 'canonical_webroot' => $this->appConfig->getAppValue('canonical_webroot'), |
||
466 | 'userId' => $remoteWopi['editorUid'] . '@' . $remoteServer |
||
467 | ]; |
||
468 | |||
469 | $response = new TemplateResponse('richdocuments', 'documents', $params, 'base'); |
||
470 | $policy = new ContentSecurityPolicy(); |
||
471 | $policy->addAllowedFrameDomain($this->domainOnly($this->appConfig->getAppValue('wopi_url'))); |
||
472 | $policy->allowInlineScript(true); |
||
473 | $policy->addAllowedFrameAncestorDomain('https://*'); |
||
474 | $response->setContentSecurityPolicy($policy); |
||
475 | $response->addHeader('X-Frame-Options', 'ALLOW'); |
||
476 | return $response; |
||
477 | } |
||
478 | } catch (ShareNotFound $e) { |
||
479 | return new TemplateResponse('core', '404', [], 'guest'); |
||
480 | } catch (\Exception $e) { |
||
481 | $this->logger->logException($e, ['app'=>'richdocuments']); |
||
482 | $params = [ |
||
483 | 'errors' => [['error' => $e->getMessage()]] |
||
484 | ]; |
||
485 | return new TemplateResponse('core', 'error', $params, 'guest'); |
||
486 | } |
||
487 | |||
488 | return new TemplateResponse('core', '403', [], 'guest'); |
||
489 | } |
||
490 | |||
491 | /** |
||
492 | * @NoAdminRequired |
||
493 | * |
||
494 | * @param string $mimetype |
||
495 | * @param string $filename |
||
496 | * @param string $dir |
||
497 | * @return JSONResponse |
||
498 | * @throws NotPermittedException |
||
499 | * @throws GenericFileException |
||
500 | */ |
||
501 | public function create($mimetype, |
||
502 | $filename, |
||
503 | $dir = '/'){ |
||
504 | |||
505 | $root = $this->rootFolder->getUserFolder($this->uid); |
||
506 | try { |
||
507 | /** @var Folder $folder */ |
||
508 | $folder = $root->get($dir); |
||
509 | } catch (NotFoundException $e) { |
||
510 | return new JSONResponse([ |
||
511 | 'status' => 'error', |
||
512 | 'message' => $this->l10n->t('Can\'t create document') |
||
513 | ], Http::STATUS_BAD_REQUEST); |
||
514 | } |
||
515 | |||
516 | View Code Duplication | if (!($folder instanceof Folder)) { |
|
517 | return new JSONResponse([ |
||
518 | 'status' => 'error', |
||
519 | 'message' => $this->l10n->t('Can\'t create document') |
||
520 | ], Http::STATUS_BAD_REQUEST); |
||
521 | } |
||
522 | |||
523 | $basename = $this->l10n->t('New Document.odt'); |
||
524 | switch ($mimetype) { |
||
525 | case 'application/vnd.oasis.opendocument.spreadsheet': |
||
526 | $basename = $this->l10n->t('New Spreadsheet.ods'); |
||
527 | break; |
||
528 | case 'application/vnd.oasis.opendocument.presentation': |
||
529 | $basename = $this->l10n->t('New Presentation.odp'); |
||
530 | break; |
||
531 | case 'application/vnd.openxmlformats-officedocument.wordprocessingml.document': |
||
532 | $basename = $this->l10n->t('New Document.docx'); |
||
533 | break; |
||
534 | case 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet': |
||
535 | $basename = $this->l10n->t('New Spreadsheet.xlsx'); |
||
536 | break; |
||
537 | case 'application/vnd.openxmlformats-officedocument.presentationml.presentation': |
||
538 | $basename = $this->l10n->t('New Presentation.pptx'); |
||
539 | break; |
||
540 | default: |
||
541 | // to be safe |
||
542 | $mimetype = 'application/vnd.oasis.opendocument.text'; |
||
543 | break; |
||
544 | } |
||
545 | |||
546 | if (!$filename){ |
||
547 | $filename = Helper::getNewFileName($folder, $basename); |
||
548 | } |
||
549 | |||
550 | View Code Duplication | if ($folder->nodeExists($filename)) { |
|
551 | return new JSONResponse([ |
||
552 | 'status' => 'error', |
||
553 | 'message' => $this->l10n->t('Document already exists') |
||
554 | ], Http::STATUS_BAD_REQUEST); |
||
555 | } |
||
556 | |||
557 | try { |
||
558 | $file = $folder->newFile($filename); |
||
559 | } catch (NotPermittedException $e) { |
||
560 | return new JSONResponse([ |
||
561 | 'status' => 'error', |
||
562 | 'message' => $this->l10n->t('Not allowed to create document') |
||
563 | ], Http::STATUS_BAD_REQUEST); |
||
564 | } |
||
565 | |||
566 | $content = ''; |
||
567 | if (class_exists(TemplateManager::class)){ |
||
568 | $manager = \OC_Helper::getFileTemplateManager(); |
||
569 | $content = $manager->getTemplate($mimetype); |
||
570 | } |
||
571 | |||
572 | if (!$content){ |
||
573 | $content = file_get_contents(dirname(dirname(__DIR__)) . self::ODT_TEMPLATE_PATH); |
||
574 | } |
||
575 | |||
576 | if ($content) { |
||
577 | $file->putContent($content); |
||
578 | |||
579 | return new JSONResponse([ |
||
580 | 'status' => 'success', |
||
581 | 'data' => \OCA\Files\Helper::formatFileInfo($file->getFileInfo()) |
||
582 | ]); |
||
583 | } |
||
584 | |||
585 | |||
586 | return new JSONResponse([ |
||
587 | 'status' => 'error', |
||
588 | 'message' => $this->l10n->t('Can\'t create document') |
||
589 | ]); |
||
590 | } |
||
591 | } |
||
592 |
This method has been deprecated. The supplier of the class has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.