示例#1
0
 /**
  * CAUTION: the @Stuff turns off security checks; for this page no admin is
  *          required and no CSRF check. If you don't know what CSRF is, read
  *          it up in the docs or you might create a security hole. This is
  *          basically the only required method to add this exemption, don't
  *          add it to any other method if you don't exactly know what it does
  *
  * @NoAdminRequired
  * @NoCSRFRequired
  */
 public function index()
 {
     $uploadLimit = Util::uploadLimit();
     $params = ['user' => $this->userId, 'uploadLimit' => $uploadLimit];
     /** @var ContentSecurityPolicy $csp */
     $csp = new ContentSecurityPolicy();
     $csp->addAllowedConnectDomain('*');
     /** @var TemplateResponse $response */
     if (isset($_SESSION['targetType']) && $_SESSION['targetType'] == TargetType::PROJECT) {
         $response = new TemplateResponse('pkdrive', 'container', $params);
     } else {
         $response = new TemplateResponse('pkdrive', 'target', $params);
     }
     $response->setContentSecurityPolicy($csp);
     return $response;
 }
示例#2
0
 /**
  * @PublicPage
  * @NoCSRFRequired
  *
  * @param string $token
  * @param string $path
  * @return TemplateResponse
  */
 public function showShare($token, $path = '')
 {
     \OC_User::setIncognitoMode(true);
     // Check whether share exists
     $linkItem = Share::getShareByToken($token, false);
     if ($linkItem === false) {
         return new TemplateResponse('core', '404', array(), 'guest');
     }
     $linkItem = OCP\Share::getShareByToken($token, false);
     $shareOwner = $linkItem['uid_owner'];
     $originalSharePath = null;
     $rootLinkItem = OCP\Share::resolveReShare($linkItem);
     if (isset($rootLinkItem['uid_owner'])) {
         OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
         OC_Util::tearDownFS();
         OC_Util::setupFS($rootLinkItem['uid_owner']);
         $originalSharePath = Filesystem::getPath($linkItem['file_source']);
     }
     // Share is password protected - check whether the user is permitted to access the share
     if (isset($linkItem['share_with']) && !Helper::authenticate($linkItem)) {
         return new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.authenticate', array('token' => $token)));
     }
     if (Filesystem::isReadable($originalSharePath . $path)) {
         $getPath = Filesystem::normalizePath($path);
         $originalSharePath .= $path;
     }
     $file = basename($originalSharePath);
     $shareTmpl = array();
     $shareTmpl['displayName'] = User::getDisplayName($shareOwner);
     $shareTmpl['filename'] = $file;
     $shareTmpl['directory_path'] = $linkItem['file_target'];
     $shareTmpl['mimetype'] = Filesystem::getMimeType($originalSharePath);
     $shareTmpl['dirToken'] = $linkItem['token'];
     $shareTmpl['sharingToken'] = $token;
     $shareTmpl['server2serversharing'] = Helper::isOutgoingServer2serverShareEnabled();
     $shareTmpl['protected'] = isset($linkItem['share_with']) ? 'true' : 'false';
     $shareTmpl['dir'] = '';
     $shareTmpl['fileSize'] = \OCP\Util::humanFileSize(\OC\Files\Filesystem::filesize($originalSharePath));
     // Show file list
     if (Filesystem::is_dir($originalSharePath)) {
         $shareTmpl['dir'] = $getPath;
         $files = array();
         $maxUploadFilesize = Util::maxUploadFilesize($originalSharePath);
         $freeSpace = Util::freeSpace($originalSharePath);
         $uploadLimit = Util::uploadLimit();
         $folder = new Template('files', 'list', '');
         $folder->assign('dir', $getPath);
         $folder->assign('dirToken', $linkItem['token']);
         $folder->assign('permissions', \OCP\Constants::PERMISSION_READ);
         $folder->assign('isPublic', true);
         $folder->assign('publicUploadEnabled', 'no');
         $folder->assign('files', $files);
         $folder->assign('uploadMaxFilesize', $maxUploadFilesize);
         $folder->assign('uploadMaxHumanFilesize', OCP\Util::humanFileSize($maxUploadFilesize));
         $folder->assign('freeSpace', $freeSpace);
         $folder->assign('uploadLimit', $uploadLimit);
         // PHP upload limit
         $folder->assign('usedSpacePercent', 0);
         $folder->assign('trash', false);
         $shareTmpl['folder'] = $folder->fetchPage();
     }
     $shareTmpl['downloadURL'] = $this->urlGenerator->linkToRouteAbsolute('files_sharing.sharecontroller.downloadShare', array('token' => $token));
     return new TemplateResponse($this->appName, 'public', $shareTmpl, 'base');
 }
 /**
  * @PublicPage
  * @NoCSRFRequired
  *
  * @param string $token
  * @param string $path
  * @return TemplateResponse|RedirectResponse
  */
 public function showShare($token, $path = '')
 {
     \OC_User::setIncognitoMode(true);
     // Check whether share exists
     $linkItem = Share::getShareByToken($token, false);
     if ($linkItem === false) {
         return new NotFoundResponse();
     }
     $shareOwner = $linkItem['uid_owner'];
     $originalSharePath = $this->getPath($token);
     // Share is password protected - check whether the user is permitted to access the share
     if (isset($linkItem['share_with']) && !Helper::authenticate($linkItem)) {
         return new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.authenticate', array('token' => $token)));
     }
     if (Filesystem::isReadable($originalSharePath . $path)) {
         $getPath = Filesystem::normalizePath($path);
         $originalSharePath .= $path;
     } else {
         throw new OCP\Files\NotFoundException();
     }
     $file = basename($originalSharePath);
     $shareTmpl = [];
     $shareTmpl['displayName'] = User::getDisplayName($shareOwner);
     $shareTmpl['filename'] = $file;
     $shareTmpl['directory_path'] = $linkItem['file_target'];
     $shareTmpl['mimetype'] = Filesystem::getMimeType($originalSharePath);
     $shareTmpl['previewSupported'] = \OC::$server->getPreviewManager()->isMimeSupported($shareTmpl['mimetype']);
     $shareTmpl['dirToken'] = $linkItem['token'];
     $shareTmpl['sharingToken'] = $token;
     $shareTmpl['server2serversharing'] = Helper::isOutgoingServer2serverShareEnabled();
     $shareTmpl['protected'] = isset($linkItem['share_with']) ? 'true' : 'false';
     $shareTmpl['dir'] = '';
     $nonHumanFileSize = \OC\Files\Filesystem::filesize($originalSharePath);
     $shareTmpl['nonHumanFileSize'] = $nonHumanFileSize;
     $shareTmpl['fileSize'] = \OCP\Util::humanFileSize($nonHumanFileSize);
     // Show file list
     if (Filesystem::is_dir($originalSharePath)) {
         $shareTmpl['dir'] = $getPath;
         $maxUploadFilesize = Util::maxUploadFilesize($originalSharePath);
         $freeSpace = Util::freeSpace($originalSharePath);
         $uploadLimit = Util::uploadLimit();
         $folder = new Template('files', 'list', '');
         $folder->assign('dir', $getPath);
         $folder->assign('dirToken', $linkItem['token']);
         $folder->assign('permissions', \OCP\Constants::PERMISSION_READ);
         $folder->assign('isPublic', true);
         $folder->assign('publicUploadEnabled', 'no');
         $folder->assign('uploadMaxFilesize', $maxUploadFilesize);
         $folder->assign('uploadMaxHumanFilesize', OCP\Util::humanFileSize($maxUploadFilesize));
         $folder->assign('freeSpace', $freeSpace);
         $folder->assign('uploadLimit', $uploadLimit);
         // PHP upload limit
         $folder->assign('usedSpacePercent', 0);
         $folder->assign('trash', false);
         $shareTmpl['folder'] = $folder->fetchPage();
     }
     $shareTmpl['downloadURL'] = $this->urlGenerator->linkToRouteAbsolute('files_sharing.sharecontroller.downloadShare', array('token' => $token));
     $shareTmpl['maxSizeAnimateGif'] = $this->config->getSystemValue('max_filesize_animated_gifs_public_sharing', 10);
     $csp = new OCP\AppFramework\Http\ContentSecurityPolicy();
     $csp->addAllowedFrameDomain('\'self\'');
     $response = new TemplateResponse($this->appName, 'public', $shareTmpl, 'base');
     $response->setContentSecurityPolicy($csp);
     return $response;
 }
示例#4
0
 /**
  * @PublicPage
  * @NoCSRFRequired
  *
  * @param string $token
  * @param string $path
  * @return TemplateResponse|RedirectResponse
  * @throws NotFoundException
  */
 public function showShare($token, $path = '')
 {
     \OC_User::setIncognitoMode(true);
     // Check whether share exists
     try {
         $share = $this->shareManager->getShareByToken($token);
     } catch (\OC\Share20\Exception\ShareNotFound $e) {
         return new NotFoundResponse();
     }
     // Share is password protected - check whether the user is permitted to access the share
     if ($share->getPassword() !== null && !$this->linkShareAuth($share)) {
         return new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.authenticate', array('token' => $token)));
     }
     // We can't get the path of a file share
     if ($share->getNode() instanceof \OCP\Files\File && $path !== '') {
         throw new NotFoundException();
     }
     $rootFolder = null;
     if ($share->getNode() instanceof \OCP\Files\Folder) {
         /** @var \OCP\Files\Folder $rootFolder */
         $rootFolder = $share->getNode();
         try {
             $path = $rootFolder->get($path);
         } catch (\OCP\Files\NotFoundException $e) {
             throw new NotFoundException();
         }
     }
     $shareTmpl = [];
     $shareTmpl['displayName'] = $share->getShareOwner()->getDisplayName();
     $shareTmpl['owner'] = $share->getShareOwner()->getUID();
     $shareTmpl['filename'] = $share->getNode()->getName();
     $shareTmpl['directory_path'] = $share->getTarget();
     $shareTmpl['mimetype'] = $share->getNode()->getMimetype();
     $shareTmpl['previewSupported'] = $this->previewManager->isMimeSupported($share->getNode()->getMimetype());
     $shareTmpl['dirToken'] = $token;
     $shareTmpl['sharingToken'] = $token;
     $shareTmpl['server2serversharing'] = Helper::isOutgoingServer2serverShareEnabled();
     $shareTmpl['protected'] = $share->getPassword() !== null ? 'true' : 'false';
     $shareTmpl['dir'] = '';
     $shareTmpl['nonHumanFileSize'] = $share->getNode()->getSize();
     $shareTmpl['fileSize'] = \OCP\Util::humanFileSize($share->getNode()->getSize());
     // Show file list
     if ($share->getNode() instanceof \OCP\Files\Folder) {
         $shareTmpl['dir'] = $rootFolder->getRelativePath($path->getPath());
         /*
          * The OC_Util methods require a view. This just uses the node API
          */
         $freeSpace = $share->getNode()->getStorage()->free_space($share->getNode()->getInternalPath());
         if ($freeSpace !== \OCP\Files\FileInfo::SPACE_UNKNOWN) {
             $freeSpace = max($freeSpace, 0);
         } else {
             $freeSpace = INF > 0 ? INF : PHP_INT_MAX;
             // work around https://bugs.php.net/bug.php?id=69188
         }
         $uploadLimit = Util::uploadLimit();
         $maxUploadFilesize = min($freeSpace, $uploadLimit);
         $folder = new Template('files', 'list', '');
         $folder->assign('dir', $rootFolder->getRelativePath($path->getPath()));
         $folder->assign('dirToken', $token);
         $folder->assign('permissions', \OCP\Constants::PERMISSION_READ);
         $folder->assign('isPublic', true);
         $folder->assign('publicUploadEnabled', 'no');
         $folder->assign('uploadMaxFilesize', $maxUploadFilesize);
         $folder->assign('uploadMaxHumanFilesize', OCP\Util::humanFileSize($maxUploadFilesize));
         $folder->assign('freeSpace', $freeSpace);
         $folder->assign('uploadLimit', $uploadLimit);
         // PHP upload limit
         $folder->assign('usedSpacePercent', 0);
         $folder->assign('trash', false);
         $shareTmpl['folder'] = $folder->fetchPage();
     }
     $shareTmpl['downloadURL'] = $this->urlGenerator->linkToRouteAbsolute('files_sharing.sharecontroller.downloadShare', array('token' => $token));
     $shareTmpl['maxSizeAnimateGif'] = $this->config->getSystemValue('max_filesize_animated_gifs_public_sharing', 10);
     $shareTmpl['previewEnabled'] = $this->config->getSystemValue('enable_previews', true);
     $csp = new OCP\AppFramework\Http\ContentSecurityPolicy();
     $csp->addAllowedFrameDomain('\'self\'');
     $response = new TemplateResponse($this->appName, 'public', $shareTmpl, 'base');
     $response->setContentSecurityPolicy($csp);
     return $response;
 }