Docker/documize
Docker/documize
1
0
Fork 0
mirror of https://github.com/documize/community.git synced 2025-07-20 13:49:42 +02:00
Code Releases Activity

Improve attachment and link handling

Browse source
This commit is contained in:
Harvey Kandola 2019-01-16 16:55:43 +00:00
parent 6c07d2e569
commit b6d9c54667
8 changed files with 762 additions and 740 deletions
Download patch file Download diff file Expand all files Collapse all files

35
domain/attachment/endpoint.go
View file

@ -100,19 +100,40 @@ func (h *Handler) Download(w http.ResponseWriter, r *http.Request) {
return return
} }
// Get the organization for this request
// Get the space for this attachment
org, err := h.Store.Organization.GetOrganization(ctx, ctx.OrgID)
if err == sql.ErrNoRows {
response.WriteNotFoundError(w, method, a.DocumentID)
return
}
if err != nil {
h.Runtime.Log.Error("get attachment org", err)
response.WriteServerError(w, method, err)
return
}
// At this point, all data associated data is loaded. // At this point, all data associated data is loaded.
// We now begin security checks based upon the request. // We now begin security checks based upon the request.
// If attachment is in public space then anyone can download // If attachment is in public space then anyone can download
if sp.Type == space.ScopePublic { if org.AllowAnonymousAccess && sp.Type == space.ScopePublic {
canDownload = true
}
// External users can be sent secure document viewing links.
// Those documents may contain attachments that external viewers
// can download as required.
// Such secure document viewing links can have expiry dates.
if !canDownload && len(secureToken) > 0 {
canDownload = true canDownload = true
} }
// If an user authentication token was provided we check to see // If an user authentication token was provided we check to see
// if user can view document. // if user can view document.
// This check only applies to attachments NOT in public spaces. // This check only applies to attachments NOT in public spaces.
if sp.Type != space.ScopePublic && len(authToken) > 0 { if !canDownload && len(authToken) > 0 {
// Decode and check incoming token // Decode and check incoming token.
creds, _, err := auth.DecodeJWT(h.Runtime, authToken) creds, _, err := auth.DecodeJWT(h.Runtime, authToken)
if err != nil { if err != nil {
h.Runtime.Log.Error("get attachment decode auth token", err) h.Runtime.Log.Error("get attachment decode auth token", err)
@ -140,14 +161,6 @@ func (h *Handler) Download(w http.ResponseWriter, r *http.Request) {
canDownload = true canDownload = true
} }
// External users can be sent secure document viewing links.
// Those documents may contain attachments that external viewers
// can download as required.
// Such secure document viewing links can have expiry dates.
if len(authToken) == 0 && len(secureToken) > 0 {
// TODO
}
// Send back error if caller unable view attachment // Send back error if caller unable view attachment
if !canDownload { if !canDownload {
h.Runtime.Log.Error("get attachment refused", err) h.Runtime.Log.Error("get attachment refused", err)

2
edition/community.go
View file

@ -42,7 +42,7 @@ func main() {
rt.Product.Major = "2" rt.Product.Major = "2"
rt.Product.Minor = "0" rt.Product.Minor = "0"
rt.Product.Patch = "0" rt.Product.Patch = "0"
rt.Product.Revision = 190114220236 rt.Product.Revision = 190115203818
rt.Product.Version = fmt.Sprintf("%s.%s.%s", rt.Product.Major, rt.Product.Minor, rt.Product.Patch) rt.Product.Version = fmt.Sprintf("%s.%s.%s", rt.Product.Major, rt.Product.Minor, rt.Product.Patch)
rt.Product.Edition = domain.CommunityEdition rt.Product.Edition = domain.CommunityEdition
rt.Product.Title = fmt.Sprintf("%s Edition", rt.Product.Edition) rt.Product.Title = fmt.Sprintf("%s Edition", rt.Product.Edition)

1414
embed/bindata.go
View file

File diff suppressed because one or more lines are too long

6
gui/app/components/document/sidebar-attachment.js
View file

@ -87,10 +87,10 @@ export default Component.extend(Modals, Notifier, {
// For authenticated users we send server auth token. // For authenticated users we send server auth token.
let qry = ''; let qry = '';
if (this.get('session.authenticated')) { if (this.get('session.hasSecureToken')) {
qry = '?token=' + this.get('session.authToken');
} else {
qry = '?secure=' + this.get('session.secureToken'); qry = '?secure=' + this.get('session.secureToken');
} else if (this.get('session.authenticated')) {
qry = '?token=' + this.get('session.authToken');
} }
this.set('downloadQuery', qry); this.set('downloadQuery', qry);
}, },

18
gui/app/components/document/view-content.js
View file

@ -21,7 +21,7 @@ export default Component.extend(Notifier, {
sectionService: service('section'), sectionService: service('section'),
store: service(), store: service(),
appMeta: service(), appMeta: service(),
link: service(), linkSvc: service('link'),
hasPages: notEmpty('pages'), hasPages: notEmpty('pages'),
showInsertSectionModal: false, showInsertSectionModal: false,
newSectionLocation: '', newSectionLocation: '',
@ -40,24 +40,21 @@ export default Component.extend(Notifier, {
this.set('showLikes', this.get('folder.allowLikes') && this.get('document.isLive')); this.set('showLikes', this.get('folder.allowLikes') && this.get('document.isLive'));
}, },
didRender() {
this._super(...arguments);
this.contentLinkHandler();
},
didInsertElement() { didInsertElement() {
this._super(...arguments); this._super(...arguments);
this.jumpToSection(this.get('currentPageId')); this.jumpToSection(this.get('currentPageId'));
this.contentLinkHandler();
}, },
contentLinkHandler() { contentLinkHandler() {
let links = this.get('link'); let linkSvc = this.get('linkSvc');
let doc = this.get('document'); let doc = this.get('document');
let self = this; let self = this;
$("a[data-documize='true']").off('click').on('click', function (e) { $("a[data-documize='true']").off('click').on('click', function (e) {
let link = links.getLinkObject(self.get('links'), this); let link = linkSvc.getLinkObject(self.get('links'), this);
// local link? exists? // local link? exists?
if ((link.linkType === "section" || link.linkType === "tab") && link.documentId === doc.get('id')) { if ((link.linkType === "section" || link.linkType === "tab") && link.documentId === doc.get('id')) {
@ -79,7 +76,10 @@ export default Component.extend(Notifier, {
return false; return false;
} }
links.linkClick(doc, link); e.preventDefault();
e.stopPropagation();
linkSvc.linkClick(doc, link);
return false; return false;
}); });
}, },

18
gui/app/services/link.js
View file

@ -66,13 +66,7 @@ export default Service.extend(Notifier, {
result = `<a data-documize='true' data-link-space-id='${link.spaceId}' data-link-id='${link.id}' data-link-target-document-id='${link.documentId}' data-link-target-id='${link.targetId}' data-link-type='${link.linkType}' href='${href}'>${link.title}</a>`; result = `<a data-documize='true' data-link-space-id='${link.spaceId}' data-link-id='${link.id}' data-link-target-document-id='${link.documentId}' data-link-target-id='${link.targetId}' data-link-type='${link.linkType}' href='${href}'>${link.title}</a>`;
} }
if (link.linkType === "file") { if (link.linkType === "file") {
// For authenticated users we send server auth token. href = `${endpoint}/public/attachment/${orgId}/${link.targetId}`;
let qry = '';
if (this.get('session.authenticated')) {
qry = '?token=' + this.get('session.authToken');
}
href = `${endpoint}/public/attachment/${orgId}/${link.targetId}${qry}`;
result = `<a data-documize='true' data-link-space-id='${link.spaceId}' data-link-id='${link.id}' data-link-target-document-id='${link.documentId}' data-link-target-id='${link.targetId}' data-link-type='${link.linkType}' href='${href}'>${link.title}</a>`; result = `<a data-documize='true' data-link-space-id='${link.spaceId}' data-link-id='${link.id}' data-link-target-document-id='${link.documentId}' data-link-target-id='${link.targetId}' data-link-type='${link.linkType}' href='${href}'>${link.title}</a>`;
} }
if (link.linkType === "network") { if (link.linkType === "network") {
@ -136,8 +130,16 @@ export default Service.extend(Notifier, {
// handle attachment links // handle attachment links
if (link.linkType === "file") { if (link.linkType === "file") {
// For authenticated users we send server auth token.
let qry = '';
if (this.get('session.hasSecureToken')) {
qry = '?secure=' + this.get('session.secureToken');
} else if (this.get('session.authenticated')) {
qry = '?token=' + this.get('session.authToken');
}
link.url = link.url.replace('attachments/', 'attachment/'); link.url = link.url.replace('attachments/', 'attachment/');
window.location.href = link.url; window.location.href = link.url + qry;
return; return;
} }

5
gui/app/services/session.js
View file

@ -25,7 +25,12 @@ export default SimpleAuthSession.extend({
currentFolder: null, currentFolder: null,
isMac: false, isMac: false,
isMobile: false, isMobile: false,
secureToken: '', secureToken: '',
hasSecureToken: computed('secureToken', function () {
let st = this.get('secureToken');
return is.not.null(st) && is.not.undefined(st) && st.length > 0;
}),
hasAccounts: computed('isAuthenticated', 'session.content.authenticated.user', function () { hasAccounts: computed('isAuthenticated', 'session.content.authenticated.user', function () {
return this.get('session.authenticator') !== 'authenticator:anonymous' && this.get('session.content.authenticated.user.accounts').length > 0; return this.get('session.authenticator') !== 'authenticator:anonymous' && this.get('session.content.authenticated.user.accounts').length > 0;

2
gui/app/templates/components/document/sidebar-toc.hbs
View file

@ -16,6 +16,8 @@
</div> </div>
</div> </div>
</div> </div>
{{else}}
{{ui/ui-spacer size=100}}
{{/if}} {{/if}}
<div class="document-sidebar-toc"> <div class="document-sidebar-toc">