Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Public share middleware & controller #9518

Merged
merged 15 commits into from
Jun 21, 2018
Merged

Public share middleware & controller #9518

merged 15 commits into from
Jun 21, 2018

Conversation

rullzer
Copy link
Member

@rullzer rullzer commented May 18, 2018
edited
Loading

Fixes #5986

@juliushaertl as discussed.

Todo:

  • integrate Do not logout on auth on public share page #9756
  • add since tags etc
  • Maybe nog change functions for publci sharing?
  • Move PublicFileShareController just to files_sharing
  • Move basic auth templates to core (so they are default by default as well)
  • add tests

Once merged:

@rullzer rullzer added this to the Nextcloud 14 milestone May 18, 2018
@rullzer rullzer requested a review from juliusknorr May 18, 2018 10:45
@rullzer rullzer added 2. developing Work in progress and removed 3. to review Waiting for reviews labels May 18, 2018
juliusknorr
juliusknorr reviewed May 18, 2018
View reviewed changes
lib/public/AppFramework/PublicShareController.php Outdated
* Show the authentication page
* The form has to submit to the authenticate method route
*/
abstract public function showAuthenticate(string $token): TemplateResponse;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't we have a general showAuthenticate implementation here as well, since most of the time, we will just render a passwort request form.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could do that sure.. just server it from the core app I guess then.

@juliusknorr
Copy link
Member

@rullzer The IShareManager is just to be used by files, right? So calendar or other apps still need to implement their own sharing logic.

@rullzer
Copy link
Member Author

rullzer commented May 18, 2018

@juliushaertl that is correct.

Ok let me think how to make it more generic then.
And then maybe have a FilesPublicShareController for all the apps that want to share files that implements some extra stuff.

@rullzer rullzer force-pushed the feature/5986/public_share_controller_middleware branch from cd160d7 to a30b48e Compare May 18, 2018 19:53
@rullzer
Copy link
Member Author

rullzer commented May 18, 2018

@juliushaertl ok abstracted away some more ;) This should work for all types of shares I guess

@rullzer
Copy link
Member Author

rullzer commented May 18, 2018

Ok so it probably should be even further split up. Some controllers just need to know you are properly authenticated (like preview endpoints). If not they will just 404... I'll look into that more next week.

@rullzer rullzer force-pushed the feature/5986/public_share_controller_middleware branch from a30b48e to f351b9d Compare May 23, 2018 09:17
@codecov
Copy link

codecov bot commented May 23, 2018
edited
Loading

Codecov Report

Merging #9518 into master will increase coverage by 0.02%.
The diff coverage is 65.47%.

@@             Coverage Diff              @@
##             master    #9518      +/-   ##
============================================
+ Coverage      52.1%   52.12%   +0.02%     
- Complexity    25910    25946      +36     
============================================
  Files          1642     1645       +3     
  Lines         95721    96130     +409     
  Branches       1289     1373      +84     
============================================
+ Hits          49871    50108     +237     
- Misses        45850    46021     +171     
- Partials          0        1       +1
Impacted Files Coverage Δ Complexity Δ
..._sharing/lib/Middleware/SharingCheckMiddleware.php 83.78% <ø> (-3.98%) 15 <0> (-6)
apps/files_sharing/js/public.js 47.42% <0%> (ø) 0 <0> (ø) ⬇️
core/templates/publicshareauth.php 0% <0%> (ø) 0 <0> (?)
apps/files_sharing/appinfo/routes.php 0% <0%> (ø) 0 <0> (ø) ⬇️
lib/private/legacy/template/functions.php 9.3% <0%> (ø) 0 <0> (ø) ⬇️
...e/AppFramework/DependencyInjection/DIContainer.php 83.18% <100%> (+0.3%) 54 <2> (ø) ⬇️
...sharing/lib/Controller/PublicPreviewController.php 30.3% <21.05%> (-6.07%) 22 <5> (+4)
...s/files_sharing/lib/Controller/ShareController.php 37.85% <37.5%> (-9.7%) 55 <24> (-9)
.../public/AppFramework/AuthPublicShareController.php 76.08% <76.08%> (ø) 13 <13> (?)
lib/public/AppFramework/PublicShareController.php 82.35% <82.35%> (ø) 8 <8> (?)
... and 12 more

@rullzer
Copy link
Member Author

rullzer commented May 23, 2018

@juliushaertl even more splitup now. It is a lot of abstraction and not maybe 100% efficient. But better to have it secure I guess ;)

@rullzer rullzer force-pushed the feature/5986/public_share_controller_middleware branch from f351b9d to a68d26c Compare June 5, 2018 11:24
@rullzer rullzer mentioned this pull request Jun 6, 2018
Closed
juliusknorr
juliusknorr reviewed Jun 11, 2018
View reviewed changes
Copy link
Member

@juliusknorr juliusknorr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rullzer Looks good to me now in terms of separation 👍

- Move basic auth templates to core (so they are default by default as well)

👍

apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php Outdated
@@ -102,12 +102,14 @@ public function beforeController($controller, $methodName) {
!$this->externalSharesChecks()) {
throw new S2SException('Federated sharing not allowed');
} else if ($controller instanceof ShareController) {
/*
$token = $this->request->getParam('token');
$share = $this->shareManager->getShareByToken($token);
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK
&& !$this->isLinkSharingEnabled()) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That check should probably also be in the PublicShareController, right?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

mmm good point.

Yeah probably makes sense to not allow any public shares when it is disabled.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

lib/public/AppFramework/FilesPublicShareController.php Outdated
use OCP\Share\IManager as ShareManager;
use OCP\Share\IShare;

abstract class FilesPublicShareController extends AuthPublicShareController {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this would probably make more sense to move this to the files_sharing app, since it is limited to be used with the ShareManager. At least I cannot think of how an app would require to use this.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In theory gallery could use it for example. BUt I agree. I'll move it. So the new code we add stays simple. If it turns out we duplicate it again in a lot (>4) places. Then we can think how to unify again.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

@rullzer rullzer force-pushed the feature/5986/public_share_controller_middleware branch 5 times, most recently from da5ed84 to c855295 Compare June 14, 2018 12:16
@rullzer
Copy link
Member Author

rullzer commented Jun 14, 2018

Failing test is unrelated

@rullzer rullzer added 3. to review Waiting for reviews and removed 2. developing Work in progress labels Jun 14, 2018
@rullzer
Copy link
Member Author

rullzer commented Jun 19, 2018

@MorrisJobke yes that happens because you go directly to the auth page. So there is no state stored yet. Anyways let me fix that.

@rullzer
Copy link
Member Author

rullzer commented Jun 19, 2018

@danxuliu ah you are right. Yes the tests need to be updated.

@rullzer rullzer force-pushed the feature/5986/public_share_controller_middleware branch from ed23248 to ab4939a Compare June 19, 2018 19:46
rullzer added 14 commits June 20, 2018 08:53
@rullzer
Add the new PublicShareController and PublicShareMiddleware
f36ef8c 
Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Quick hack to make the files sharing app work with this properly
53a1b9a 
Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Move public preview endpoint over
366981f 
Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Move public auth page over
31392c2 
Now this is in core so the basics (that 99% of the app will want to
use) looks always the same.

Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Don't allow public share pages if link sharing is disabled
20e5146 
Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Fix PublicPreviewControllerTests
ff3f63f 
Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Fix ShareControllerTest
9f658fe 
* Removed tests that are now handled by the middleware
* Updated tests

Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Update SharingCheckMiddlewareTest
58376db 
* They are handled now by the overal sharing public page middleware

Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Add PublicShareMiddlewareTest
e733817 
Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Add PublicShareControllerTests
61e445d 
Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Add AuthPublicShareControllerTest
1bb8bc8 
Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Update token on regeneration for public login
6de656e 
Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Fix direct access to authen page
5455045 
Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer
Fix acceptance test
5805159 
Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer rullzer force-pushed the feature/5986/public_share_controller_middleware branch from ab4939a to 5805159 Compare June 20, 2018 06:57
@rullzer
Copy link
Member Author

rullzer commented Jun 20, 2018

All happy!

MorrisJobke
MorrisJobke approved these changes Jun 20, 2018
View reviewed changes
Copy link
Member

@MorrisJobke MorrisJobke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested and works 👍

juliusknorr
juliusknorr reviewed Jun 20, 2018
View reviewed changes
apps/files_sharing/js/public.js Outdated
urlSpec.t = $('#dirToken').val();
return OC.generateUrl('/apps/files_sharing/ajax/publicpreview.php?') + $.param(urlSpec);
var token = $('#dirToken').val();
return OC.linkTo('files_sharing', '/publicpreview/'+token) + '?' + OC.buildQueryString(urlSpec);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should be OC.generateUrl(OC.linkTo(...)) otherwise index.php prefix isn't added.

juliusknorr
juliusknorr previously requested changes Jun 20, 2018
View reviewed changes
Copy link
Member

@juliusknorr juliusknorr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Small issue with public previews on my instance, but besides that 👍

apps/files_sharing/js/public.js Outdated
imgcontainer.appendTo('#imgframe');
} else if (mimetype.substr(0, mimetype.indexOf('/')) !== 'video') {
img.attr('src', OC.Util.replaceSVGIcon(mimetypeIcon));
img.attr('width', 128);
imgcontainer.appendTo('#imgframe');
}
else if (previewSupported === 'true') {
$('#imgframe > video').attr('poster', OC.filePath('files_sharing', 'ajax', 'publicpreview.php') + '?' + OC.buildQueryString(params));
$('#imgframe > video').attr('poster', OC.linkTo('files_sharing', '/publicpreview/'+token) + '?' + OC.buildQueryString(params));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should be OC.generateUrl(OC.linkTo(...)) otherwise index.php prefix isn't added.

@rullzer
Fix index.php links
a596b06 
Signed-off-by: Roeland Jago Douma <[email protected]>
@MorrisJobke MorrisJobke added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Jun 20, 2018
@rullzer rullzer merged commit 8ebc3d9 into master Jun 21, 2018
@rullzer rullzer deleted the feature/5986/public_share_controller_middleware branch June 21, 2018 08:09
@juliusknorr juliusknorr mentioned this pull request Aug 23, 2018
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@juliusknorr juliusknorr juliusknorr approved these changes

@MorrisJobke MorrisJobke MorrisJobke approved these changes

@icewind1991 icewind1991 Awaiting requested review from icewind1991

@schiessle schiessle Awaiting requested review from schiessle

@blizzz blizzz Awaiting requested review from blizzz

@skjnldsv skjnldsv Awaiting requested review from skjnldsv

Assignees
No one assigned
Labels
4. to release Ready to be released and/or waiting for tests to finish enhancement feature: sharing
Projects
None yet
Milestone
Nextcloud 14
Development

Successfully merging this pull request may close these issues.
4 participants
@rullzer @juliusknorr @MorrisJobke @danxuliu