Commit daa388ce authored by Lukas Reschke's avatar Lukas Reschke
Browse files

Move index.php from files to AppFramework

1. Allows it to use the more secure CSP rules of the AppFramework.
2. Adds some unit tests.
parent 5ec64c4f
......@@ -25,12 +25,14 @@
*/
\OCP\App::registerAdmin('files', 'admin');
\OC::$server->getNavigationManager()->add(function () {
$urlGenerator = \OC::$server->getURLGenerator();
$l = \OC::$server->getL10N('files');
return [
'id' => 'files_index',
'order' => 0,
'href' => \OCP\Util::linkTo('files', 'index.php'),
'href' => $urlGenerator->linkToRoute('files.view.index'),
'icon' => \OCP\Util::imagePath('core', 'places/files.svg'),
'name' => $l->t('Files'),
];
......
......@@ -48,14 +48,17 @@ $application->registerRoutes(
'verb' => 'GET',
'requirements' => array('tagName' => '.+'),
),
[
'name' => 'view#index',
'url' => '/',
'verb' => 'GET',
],
)
)
);
/** @var $this \OC\Route\Router */
$this->create('files_index', '/')
->actionInclude('files/index.php');
$this->create('files_ajax_delete', 'ajax/delete.php')
->actionInclude('files/ajax/delete.php');
$this->create('files_ajax_download', 'ajax/download.php')
......
<?php
/**
* @author Lukas Reschke <lukas@owncloud.com>
*
* @copyright Copyright (c) 2015, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\Files\Controller;
use OC\AppFramework\Http\Request;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\IL10N;
use OCP\INavigationManager;
use OCP\IRequest;
use OCP\IURLGenerator;
use OCP\IConfig;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
/**
* Class ViewController
*
* @package OCA\Files\Controller
*/
class ViewController extends Controller {
/** @var string */
protected $appName;
/** @var IRequest */
protected $request;
/** @var IURLGenerator */
protected $urlGenerator;
/** @var INavigationManager */
protected $navigationManager;
/** @var IL10N */
protected $l10n;
/** @var IConfig */
protected $config;
/** @var EventDispatcherInterface */
protected $eventDispatcher;
/**
* @param string $appName
* @param IRequest $request
* @param IURLGenerator $urlGenerator
* @param INavigationManager $navigationManager
* @param IL10N $l10n
* @param IConfig $config
* @param EventDispatcherInterface $eventDispatcherInterface
*/
public function __construct($appName,
IRequest $request,
IURLGenerator $urlGenerator,
INavigationManager $navigationManager,
IL10N $l10n,
IConfig $config,
EventDispatcherInterface $eventDispatcherInterface) {
parent::__construct($appName, $request);
$this->appName = $appName;
$this->request = $request;
$this->urlGenerator = $urlGenerator;
$this->navigationManager = $navigationManager;
$this->l10n = $l10n;
$this->config = $config;
$this->eventDispatcher = $eventDispatcherInterface;
}
/**
* @param string $appName
* @param string $scriptName
* @return string
*/
protected function renderScript($appName, $scriptName) {
$content = '';
$appPath = \OC_App::getAppPath($appName);
$scriptPath = $appPath . '/' . $scriptName;
if (file_exists($scriptPath)) {
// TODO: sanitize path / script name ?
ob_start();
include $scriptPath;
$content = ob_get_contents();
@ob_end_clean();
}
return $content;
}
/**
* FIXME: Replace with non static code
*
* @return array
* @throws \OCP\Files\NotFoundException
*/
protected function getStorageInfo() {
$dirInfo = \OC\Files\Filesystem::getFileInfo('/', false);
return \OC_Helper::getStorageInfo('/', $dirInfo);
}
/**
* @NoCSRFRequired
* @NoAdminRequired
*
* @param string $dir
* @param string $view
* @return TemplateResponse
* @throws \OCP\Files\NotFoundException
*/
public function index($dir = '', $view = '') {
// Load the files we need
\OCP\Util::addStyle('files', 'files');
\OCP\Util::addStyle('files', 'upload');
\OCP\Util::addStyle('files', 'mobile');
\OCP\Util::addscript('files', 'app');
\OCP\Util::addscript('files', 'file-upload');
\OCP\Util::addscript('files', 'newfilemenu');
\OCP\Util::addscript('files', 'jquery.iframe-transport');
\OCP\Util::addscript('files', 'jquery.fileupload');
\OCP\Util::addscript('files', 'jquery-visibility');
\OCP\Util::addscript('files', 'fileinfomodel');
\OCP\Util::addscript('files', 'filesummary');
\OCP\Util::addscript('files', 'breadcrumb');
\OCP\Util::addscript('files', 'filelist');
\OCP\Util::addscript('files', 'search');
\OCP\Util::addScript('files', 'favoritesfilelist');
\OCP\Util::addScript('files', 'tagsplugin');
\OCP\Util::addScript('files', 'favoritesplugin');
\OCP\Util::addScript('files', 'detailfileinfoview');
\OCP\Util::addScript('files', 'detailtabview');
\OCP\Util::addScript('files', 'mainfileinfodetailview');
\OCP\Util::addScript('files', 'detailsview');
\OCP\Util::addStyle('files', 'detailsView');
\OC_Util::addVendorScript('core', 'handlebars/handlebars');
\OCP\Util::addscript('files', 'fileactions');
\OCP\Util::addscript('files', 'fileactionsmenu');
\OCP\Util::addscript('files', 'files');
\OCP\Util::addscript('files', 'keyboardshortcuts');
\OCP\Util::addscript('files', 'navigation');
// if IE8 and "?dir=path&view=someview" was specified, reformat the URL to use a hash like "#?dir=path&view=someview"
$isIE8 = $this->request->isUserAgent([Request::USER_AGENT_IE_8]);
if ($isIE8 && ($dir !== '' || $view !== '')) {
$dir = !empty($dir) ? $dir : '/';
$view = !empty($view) ? $view : 'files';
$hash = '#?dir=' . \OCP\Util::encodePath($dir);
if ($view !== 'files') {
$hash .= '&view=' . urlencode($view);
}
return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index') . $hash);
}
// mostly for the home storage's free space
// FIXME: Make non static
$storageInfo = $this->getStorageInfo();
$nav = new \OCP\Template('files', 'appnavigation', '');
\OCA\Files\App::getNavigationManager()->add(
[
'id' => 'favorites',
'appname' => 'files',
'script' => 'simplelist.php',
'order' => 5,
'name' => $this->l10n->t('Favorites')
]
);
$navItems = \OCA\Files\App::getNavigationManager()->getAll();
usort($navItems, function($item1, $item2) {
return $item1['order'] - $item2['order'];
});
$nav->assign('navigationItems', $navItems);
$contentItems = [];
// render the container content for every navigation item
foreach ($navItems as $item) {
$content = '';
if (isset($item['script'])) {
$content = $this->renderScript($item['appname'], $item['script']);
}
$contentItem = [];
$contentItem['id'] = $item['id'];
$contentItem['content'] = $content;
$contentItems[] = $contentItem;
}
$this->eventDispatcher->dispatch('OCA\Files::loadAdditionalScripts');
$params = [];
$params['usedSpacePercent'] = (int)$storageInfo['relative'];
$params['owner'] = $storageInfo['owner'];
$params['ownerDisplayName'] = $storageInfo['ownerDisplayName'];
$params['isPublic'] = false;
$params['mailNotificationEnabled'] = $this->config->getAppValue('core', 'shareapi_allow_mail_notification', 'no');
$params['mailPublicNotificationEnabled'] = $this->config->getAppValue('core', 'shareapi_allow_public_notification', 'no');
$params['allowShareWithLink'] = $this->config->getAppValue('core', 'shareapi_allow_links', 'yes');
$params['appNavigation'] = $nav;
$params['appContents'] = $contentItems;
$this->navigationManager->setActiveEntry('files_index');
return new TemplateResponse(
$this->appName,
'index',
$params
);
}
}
<?php
/**
* @author Björn Schießle <schiessle@owncloud.com>
* @author Frank Karlitschek <frank@owncloud.org>
* @author Jakob Sack <mail@jakobsack.de>
* @author Jan-Christoph Borchardt <hey@jancborchardt.net>
* @author Joas Schilling <nickvergessen@owncloud.com>
* @author Jörn Friedrich Dreyer <jfd@butonic.de>
* @author Morris Jobke <hey@morrisjobke.de>
* @author Robin Appelman <icewind@owncloud.com>
* @author Roman Geber <rgeber@owncloudapps.com>
* @author Thomas Müller <thomas.mueller@tmit.eu>
* @author Vincent Petry <pvince81@owncloud.com>
*
* @copyright Copyright (c) 2015, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
// Check if we are a user
OCP\User::checkLoggedIn();
// Load the files we need
OCP\Util::addStyle('files', 'files');
OCP\Util::addStyle('files', 'upload');
OCP\Util::addStyle('files', 'mobile');
OCP\Util::addscript('files', 'app');
OCP\Util::addscript('files', 'file-upload');
OCP\Util::addscript('files', 'newfilemenu');
OCP\Util::addscript('files', 'jquery.iframe-transport');
OCP\Util::addscript('files', 'jquery.fileupload');
OCP\Util::addscript('files', 'jquery-visibility');
OCP\Util::addscript('files', 'fileinfomodel');
OCP\Util::addscript('files', 'filesummary');
OCP\Util::addscript('files', 'breadcrumb');
OCP\Util::addscript('files', 'filelist');
OCP\Util::addscript('files', 'search');
\OCP\Util::addScript('files', 'favoritesfilelist');
\OCP\Util::addScript('files', 'tagsplugin');
\OCP\Util::addScript('files', 'favoritesplugin');
\OCP\Util::addScript('files', 'detailfileinfoview');
\OCP\Util::addScript('files', 'detailtabview');
\OCP\Util::addScript('files', 'mainfileinfodetailview');
\OCP\Util::addScript('files', 'detailsview');
\OCP\Util::addStyle('files', 'detailsView');
\OC_Util::addVendorScript('core', 'handlebars/handlebars');
OCP\App::setActiveNavigationEntry('files_index');
$l = \OC::$server->getL10N('files');
$isIE8 = false;
preg_match('/MSIE (.*?);/', $_SERVER['HTTP_USER_AGENT'], $matches);
if (count($matches) > 0 && $matches[1] <= 9) {
$isIE8 = true;
}
// if IE8 and "?dir=path&view=someview" was specified, reformat the URL to use a hash like "#?dir=path&view=someview"
if ($isIE8 && (isset($_GET['dir']) || isset($_GET['view']))) {
$hash = '#?';
$dir = isset($_GET['dir']) ? $_GET['dir'] : '/';
$view = isset($_GET['view']) ? $_GET['view'] : 'files';
$hash = '#?dir=' . \OCP\Util::encodePath($dir);
if ($view !== 'files') {
$hash .= '&view=' . urlencode($view);
}
header('Location: ' . OCP\Util::linkTo('files', 'index.php') . $hash);
exit();
}
$user = OC_User::getUser();
$config = \OC::$server->getConfig();
// mostly for the home storage's free space
$dirInfo = \OC\Files\Filesystem::getFileInfo('/', false);
$storageInfo=OC_Helper::getStorageInfo('/', $dirInfo);
$nav = new OCP\Template('files', 'appnavigation', '');
function sortNavigationItems($item1, $item2) {
return $item1['order'] - $item2['order'];
}
\OCA\Files\App::getNavigationManager()->add(
array(
'id' => 'favorites',
'appname' => 'files',
'script' => 'simplelist.php',
'order' => 5,
'name' => $l->t('Favorites')
)
);
$navItems = \OCA\Files\App::getNavigationManager()->getAll();
usort($navItems, 'sortNavigationItems');
$nav->assign('navigationItems', $navItems);
$contentItems = array();
function renderScript($appName, $scriptName) {
$content = '';
$appPath = OC_App::getAppPath($appName);
$scriptPath = $appPath . '/' . $scriptName;
if (file_exists($scriptPath)) {
// TODO: sanitize path / script name ?
ob_start();
include $scriptPath;
$content = ob_get_contents();
@ob_end_clean();
}
return $content;
}
// render the container content for every navigation item
foreach ($navItems as $item) {
$content = '';
if (isset($item['script'])) {
$content = renderScript($item['appname'], $item['script']);
}
$contentItem = array();
$contentItem['id'] = $item['id'];
$contentItem['content'] = $content;
$contentItems[] = $contentItem;
}
OCP\Util::addscript('files', 'fileactions');
OCP\Util::addscript('files', 'fileactionsmenu');
OCP\Util::addscript('files', 'files');
OCP\Util::addscript('files', 'navigation');
OCP\Util::addscript('files', 'keyboardshortcuts');
\OC::$server->getEventDispatcher()->dispatch('OCA\Files::loadAdditionalScripts');
$tmpl = new OCP\Template('files', 'index', 'user');
$tmpl->assign('usedSpacePercent', (int)$storageInfo['relative']);
$tmpl->assign('owner', $storageInfo['owner']);
$tmpl->assign('ownerDisplayName', $storageInfo['ownerDisplayName']);
$tmpl->assign('isPublic', false);
$tmpl->assign("mailNotificationEnabled", $config->getAppValue('core', 'shareapi_allow_mail_notification', 'no'));
$tmpl->assign("mailPublicNotificationEnabled", $config->getAppValue('core', 'shareapi_allow_public_notification', 'no'));
$tmpl->assign("allowShareWithLink", $config->getAppValue('core', 'shareapi_allow_links', 'yes'));
$tmpl->assign('appNavigation', $nav);
$tmpl->assign('appContents', $contentItems);
$tmpl->printPage();
<?php
/**
* @author Lukas Reschke <lukas@owncloud.com>
*
* @copyright Copyright (c) 2015, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\Files\Tests\Controller;
use OCA\Files\Controller\ViewController;
use OCP\AppFramework\Http;
use OCP\Template;
use Test\TestCase;
use OCP\IRequest;
use OCP\IURLGenerator;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\INavigationManager;
use OCP\IL10N;
use OCP\IConfig;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
/**
* Class ViewControllerTest
*
* @package OCA\Files\Tests\Controller
*/
class ViewControllerTest extends TestCase {
/** @var IRequest */
private $request;
/** @var IURLGenerator */
private $urlGenerator;
/** @var INavigationManager */
private $navigationManager;
/** @var IL10N */
private $l10n;
/** @var IConfig */
private $config;
/** @var EventDispatcherInterface */
private $eventDispatcher;
/** @var ViewController */
private $viewController;
public function setUp() {
parent::setUp();
$this->request = $this->getMock('\OCP\IRequest');
$this->urlGenerator = $this->getMock('\OCP\IURLGenerator');
$this->navigationManager = $this->getMock('\OCP\INavigationManager');
$this->l10n = $this->getMock('\OCP\IL10N');
$this->config = $this->getMock('\OCP\IConfig');
$this->eventDispatcher = $this->getMock('\Symfony\Component\EventDispatcher\EventDispatcherInterface');
$this->viewController = $this->getMockBuilder('\OCA\Files\Controller\ViewController')
->setConstructorArgs([
'files',
$this->request,
$this->urlGenerator,
$this->navigationManager,
$this->l10n,
$this->config,
$this->eventDispatcher
])
->setMethods([
'getStorageInfo',
'renderScript'
])
->getMock();
}
public function testIndexWithIE8RedirectAndDirDefined() {
$this->request
->expects($this->once())
->method('isUserAgent')
->with(['/MSIE 8.0/'])
->will($this->returnValue(true));
$this->urlGenerator
->expects($this->once())
->method('linkToRoute')
->with('files.view.index')
->will($this->returnValue('/apps/files/'));
$expected = new Http\RedirectResponse('/apps/files/#?dir=MyDir');
$this->assertEquals($expected, $this->viewController->index('MyDir'));
}
public function testIndexWithIE8RedirectAndViewDefined() {
$this->request
->expects($this->once())
->method('isUserAgent')
->with(['/MSIE 8.0/'])
->will($this->returnValue(true));
$this->urlGenerator
->expects($this->once())
->method('linkToRoute')
->with('files.view.index')
->will($this->returnValue('/apps/files/'));
$expected = new Http\RedirectResponse('/apps/files/#?dir=/&view=MyView');
$this->assertEquals($expected, $this->viewController->index('', 'MyView'));
}
public function testIndexWithIE8RedirectAndViewAndDirDefined() {
$this->request
->expects($this->once())
->method('isUserAgent')
->with(['/MSIE 8.0/'])
->will($this->returnValue(true));
$this->urlGenerator
->expects($this->once())
->method('linkToRoute')
->with('files.view.index')
->will($this->returnValue('/apps/files/'));
$expected = new RedirectResponse('/apps/files/#?dir=MyDir&view=MyView');
$this->assertEquals($expected, $this->viewController->index('MyDir', 'MyView'));
}
public function testIndexWithRegularBrowser() {
$this->request
->expects($this->once())
->method('isUserAgent')
->with(['/MSIE 8.0/'])
->will($this->returnValue(false));
$this->viewController
->expects($this->once())
->method('getStorageInfo')
->will($this->returnValue([
'relative' => 123,
'owner' => 'MyName',
'ownerDisplayName' => 'MyDisplayName',
]));
$this->config
->expects($this->any())
->method('getAppValue')
->will($this->returnArgument(2));
$nav = new Template('files', 'appnavigation');
$nav->assign('navigationItems', [
0 => [
'id' => 'files',
'appname' => 'files',
'script' => 'list.php',
'order' => 0,
'name' => new \OC_L10N_String(new \OC_L10N('files'), 'All files', []),
'active' => false,
'icon' => '',
],
1 => [
'id' => 'favorites',
'appname' => 'files',
'script' => 'simplelist.php',
'order' => 5,
'name' => null,
'active' => false,
'icon' => '',
],
2 => [
'id' => 'sharingin',
'appname' => 'files_sharing',
'script' => 'list.php',
'order' => 10,
'name' => new \OC_L10N_String(new \OC_L10N('files_sharing'), 'Shared with you', []),
'active' => false,
'icon' => '',
],
3 => [