diff --git a/lib/file_manticore_api.php b/lib/file_manticore_api.php index b590062..1a50712 100644 --- a/lib/file_manticore_api.php +++ b/lib/file_manticore_api.php @@ -1,440 +1,440 @@ | +--------------------------------------------------------------------------+ | Author: Aleksander Machniak | +--------------------------------------------------------------------------+ */ /** * Helper class to connect to the Manticore API */ class file_manticore_api { /** * @var HTTP_Request2 */ private $request; /** * @var string */ private $base_url; /** * @var bool */ private $debug = false; const ERROR_INTERNAL = 100; const ERROR_CONNECTION = 500; const ACCEPT_HEADER = "application/json,text/javascript,*/*"; const ACCESS_WRITE = 'write'; const ACCESS_READ = 'read'; const ACCESS_DENY = 'deny'; /** * Class constructor. * * @param string $base_url Base URL of the Kolab API */ public function __construct($base_url) { require_once 'HTTP/Request2.php'; $config = rcube::get_instance()->config; $this->debug = rcube_utils::get_boolean($config->get('fileapi_manticore_debug')); $this->base_url = rtrim($base_url, '/') . '/'; $this->request = new HTTP_Request2(); self::configure($this->request); } /** * Configure HTTP_Request2 object * * @param HTTP_Request2 $request Request object */ public static function configure($request) { // Configure connection options $config = rcube::get_instance()->config; $http_config = (array) $config->get('http_request', $config->get('kolab_http_request')); // Deprecated config, all options are separated variables if (empty($http_config)) { $options = array( 'ssl_verify_peer', 'ssl_verify_host', 'ssl_cafile', 'ssl_capath', 'ssl_local_cert', 'ssl_passphrase', 'follow_redirects', ); foreach ($options as $optname) { if (($optvalue = $config->get($optname)) !== null || ($optvalue = $config->get('kolab_' . $optname)) !== null ) { $http_config[$optname] = $optvalue; } } } if (!empty($http_config)) { try { $request->setConfig($http_config); } catch (Exception $e) { - rcube::log_error("HTTP: " . $e->getMessage()); + rcube::raise_error("HTTP: " . $e->getMessage(), true, false); } } // proxy User-Agent $request->setHeader('user-agent', $_SERVER['HTTP_USER_AGENT']); // some HTTP server configurations require this header $request->setHeader('accept', self::ACCEPT_HEADER); $request->setHeader('Content-Type', 'application/json; charset=UTF-8'); } /** * Return API's base URL * * @return string Base URL */ public function base_url() { return $this->base_url; } /** * Return HTTP_Request2 object * * @return HTTP_Request2 Request object */ public function request() { return $this->request; } /** * Logs specified user into the API * * @param string $username User name * @param string $password User password * * @return string Session token (on success) */ public function login($username, $password) { $query = array( 'email' => $username, 'password' => $password, ); // remove current token if any $this->request->setHeader('Authorization'); // authenticate the user $response = $this->post('auth/local', $query); if ($token = $response->get('token')) { $this->set_session_token($token); } return $token; } /** * Sets request session token. * * @param string $token Session token. * @param bool $validate Enables token validatity check * * @return bool Token validity status */ public function set_session_token($token, $validate = false) { $this->request->setHeader('Authorization', "Bearer $token"); if ($validate) { $result = $this->get('api/users/me'); return $result->get_error_code() == 200; } return true; } /** * Delete document editing session * * @param array $id Session identifier * * @return bool True on success, False on failure */ public function document_delete($id) { $res = $this->delete('api/documents/' . $id); return $res->get_error_code() == 204; } /** * Create document editing session * * @param array $params Session parameters * * @return bool True on success, False on failure */ public function document_create($params) { $res = $this->post('api/documents', $params); // @FIXME: 422? return $res->get_error_code() == 201 || $res->get_error_code() == 422; } /** * Add document editor (update 'access' array) * * @param array $session_id Session identifier * @param array $identity User identifier * * @return bool True on success, False on failure */ public function editor_add($session_id, $identity, $permission) { $res = $this->get("api/documents/$session_id/access"); if ($res->get_error_code() != 200) { return false; } $access = $res->get(); // sanity check, this should never be empty if (empty($access)) { return false; } // add editor to the 'access' array foreach ($access as $entry) { if ($entry['identity'] == $identity) { return true; } } $access[] = array('identity' => $identity, 'permission' => $permission); $res = $this->put("api/documents/$session_id/access", $access); return $res->get_error_code() == 200; } /** * Remove document editor (update 'access' array) * * @param array $session_id Session identifier * @param array $identity User identifier * * @return bool True on success, False on failure */ public function editor_delete($session_id, $identity) { $res = $this->get("api/documents/$session_id/access"); if ($res->get_error_code() != 200) { return false; } $access = $res->get(); $found = true; // remove editor from the 'access' array foreach ((array) $access as $idx => $entry) { if ($entry['identity'] == $identity) { unset($access[$idx]); } } if (!$found) { return false; } $res = $this->put("api/documents/$session_id/access", $access); return $res->get_error_code() == 200; } /** * API's GET request. * * @param string $action Action name * @param array $get Request arguments * * @return file_ui_api_result Response */ public function get($action, $get = array()) { $url = $this->build_url($action, $get); if ($this->debug) { rcube::write_log('manticore', "GET: $url " . json_encode($get)); } $this->request->setMethod(HTTP_Request2::METHOD_GET); $this->request->setBody(''); return $this->get_response($url); } /** * API's POST request. * * @param string $action Action name * @param array $post POST arguments * * @return kolab_client_api_result Response */ public function post($action, $post = array()) { $url = $this->build_url($action); if ($this->debug) { rcube::write_log('manticore', "POST: $url " . json_encode($post)); } $this->request->setMethod(HTTP_Request2::METHOD_POST); $this->request->setBody(json_encode($post)); return $this->get_response($url); } /** * API's PUT request. * * @param string $action Action name * @param array $post POST arguments * * @return kolab_client_api_result Response */ public function put($action, $post = array()) { $url = $this->build_url($action); if ($this->debug) { rcube::write_log('manticore', "PUT: $url " . json_encode($post)); } $this->request->setMethod(HTTP_Request2::METHOD_PUT); $this->request->setBody(json_encode($post)); return $this->get_response($url); } /** * API's DELETE request. * * @param string $action Action name * @param array $get Request arguments * * @return file_ui_api_result Response */ public function delete($action, $get = array()) { $url = $this->build_url($action, $get); if ($this->debug) { rcube::write_log('manticore', "DELETE: $url " . json_encode($get)); } $this->request->setMethod(HTTP_Request2::METHOD_DELETE); $this->request->setBody(''); return $this->get_response($url); } /** * @param string $action Action GET parameter * @param array $args GET parameters (hash array: name => value) * * @return Net_URL2 URL object */ private function build_url($action, $args = array()) { $url = new Net_URL2($this->base_url . $action); $url->setQueryVariables((array) $args); return $url; } /** * HTTP Response handler. * * @param Net_URL2 $url URL object * * @return kolab_client_api_result Response object */ private function get_response($url) { try { $this->request->setUrl($url); $response = $this->request->send(); } catch (Exception $e) { return new file_ui_api_result(null, self::ERROR_CONNECTION, $e->getMessage()); } try { $body = $response->getBody(); } catch (Exception $e) { return new file_ui_api_result(null, self::ERROR_INTERNAL, $e->getMessage()); } $code = $response->getStatus(); if ($this->debug) { rcube::write_log('manticore', "Response [$code]: $body"); } if ($code < 300) { $result = $body ? json_decode($body, true) : array(); } else { if ($code != 401) { rcube::raise_error("Error $code on $url", true, false); } $error = $body; } return new file_ui_api_result($result, $code, $error); } } diff --git a/lib/file_ui_api.php b/lib/file_ui_api.php index 542f803..b5d57e9 100644 --- a/lib/file_ui_api.php +++ b/lib/file_ui_api.php @@ -1,289 +1,289 @@ | +--------------------------------------------------------------------------+ | Author: Aleksander Machniak | +--------------------------------------------------------------------------+ */ /** * Helper class to connect to the API */ class file_ui_api { /** * @var HTTP_Request2 */ private $request; /** * @var string */ private $base_url; const ERROR_INTERNAL = 100; const ERROR_CONNECTION = 200; const ACCEPT_HEADER = "application/json,text/javascript,*/*"; /** * Class constructor. * * @param string $base_url Base URL of the Kolab API */ public function __construct($base_url) { $this->base_url = $base_url; $this->init(); } /** * Initializes HTTP Request object. */ public function init() { require_once 'HTTP/Request2.php'; $this->request = new HTTP_Request2(); self::configure($this->request); } /** * Configure HTTP_Request2 object * * @param HTTP_Request2 $request Request object */ public static function configure($request) { // Configure connection options $config = rcube::get_instance()->config; $http_config = (array) $config->get('http_request', $config->get('kolab_http_request')); // Deprecated config, all options are separated variables if (empty($http_config)) { $options = array( 'ssl_verify_peer', 'ssl_verify_host', 'ssl_cafile', 'ssl_capath', 'ssl_local_cert', 'ssl_passphrase', 'follow_redirects', ); foreach ($options as $optname) { if (($optvalue = $config->get($optname)) !== null || ($optvalue = $config->get('kolab_' . $optname)) !== null ) { $http_config[$optname] = $optvalue; } } } if (!empty($http_config)) { try { $request->setConfig($http_config); } catch (Exception $e) { -// rcube::log_error("HTTP: " . $e->getMessage()); + //rcube::raise_error("HTTP: " . $e->getMessage(), true, false); } } // proxy User-Agent $request->setHeader('user-agent', $_SERVER['HTTP_USER_AGENT']); // some HTTP server configurations require this header $request->setHeader('accept', self::ACCEPT_HEADER); } /** * Return API's base URL * * @return string Base URL */ public function base_url() { return $this->base_url; } /** * Return HTTP_Request2 object * * @return HTTP_Request2 Request object */ public function request() { return $this->request; } /** * Logs specified user into the API * * @param string $username User name * @param string $password User password * @param array $get Additional GET parameters (e.g. 'version') * * @return file_ui_api_result Request response */ public function login($username, $password, $get = null) { $query = array( 'username' => $username, 'password' => $password, ); $response = $this->post('authenticate', $get, $query); return $response; } /** * Logs specified user out of the API * * @return bool True on success, False on failure */ public function logout() { $response = $this->get('quit'); return $response->get_error_code() ? false : true; } /** * Sets session token value. * * @param string $token Token string */ public function set_session_token($token) { $this->request->setHeader('X-Session-Token', $token); } /** * Gets capabilities of the API (according to logged in user). * * @return kolab_client_api_result Capabilities response */ public function get_capabilities() { $this->get('capabilities'); } /** * API's GET request. * * @param string $action Action name * @param array $args Request arguments * * @return file_ui_api_result Response */ public function get($action, $args = array()) { $url = $this->build_url($action, $args); // Log::trace("Calling API GET: $url"); $this->request->setMethod(HTTP_Request2::METHOD_GET); return $this->get_response($url); } /** * API's POST request. * * @param string $action Action name * @param array $url_args URL arguments * @param array $post POST arguments * * @return kolab_client_api_result Response */ public function post($action, $url_args = array(), $post = array()) { $url = $this->build_url($action, $url_args); // Log::trace("Calling API POST: $url"); $this->request->setMethod(HTTP_Request2::METHOD_POST); $this->request->addPostParameter($post); return $this->get_response($url); } /** * @param string $action Action GET parameter * @param array $args GET parameters (hash array: name => value) * * @return Net_URL2 URL object */ private function build_url($action, $args) { $url = new Net_URL2($this->base_url); $args['method'] = $action; $url->setQueryVariables($args); return $url; } /** * HTTP Response handler. * * @param Net_URL2 $url URL object * * @return kolab_client_api_result Response object */ private function get_response($url) { try { $this->request->setUrl($url); $response = $this->request->send(); } catch (Exception $e) { return new file_ui_api_result(null, self::ERROR_CONNECTION, $e->getMessage()); } try { $body = $response->getBody(); } catch (Exception $e) { return new file_ui_api_result(null, self::ERROR_INTERNAL, $e->getMessage()); } $body = @json_decode($body, true); $err_code = null; $err_str = null; if (is_array($body) && (empty($body['status']) || $body['status'] != 'OK')) { $err_code = !empty($body['code']) ? $body['code'] : self::ERROR_INTERNAL; $err_str = !empty($body['reason']) ? $body['reason'] : 'Unknown error'; } else if (!is_array($body)) { $err_code = self::ERROR_INTERNAL; $err_str = 'Unable to decode response'; } if (!$err_code && array_key_exists('result', (array) $body)) { $body = $body['result']; } return new file_ui_api_result($body, $err_code, $err_str); } } diff --git a/lib/file_wopi.php b/lib/file_wopi.php index 0442346..c752dc8 100644 --- a/lib/file_wopi.php +++ b/lib/file_wopi.php @@ -1,356 +1,356 @@ | +--------------------------------------------------------------------------+ | Author: Aleksander Machniak | +--------------------------------------------------------------------------+ */ /** * Document editing sessions handling (WOPI) */ class file_wopi extends file_document { protected $cache; // Mimetypes supported by CODE, but not advertised by all possible names protected $mimetype_aliases = array( 'application/vnd.corel-draw' => 'image/x-coreldraw', ); // Mimetypes supported by other Chwala viewers or ones we don't want to be editable protected $mimetype_exceptions = array( 'text/plain', 'image/bmp', 'image/png', 'image/jpeg', 'image/jpg', 'image/pjpeg', 'image/gif', 'image/tiff', 'image/x-tiff', ); /** * Return viewer URI for specified file/session. This creates * a new collaborative editing session when needed. * * @param string $file File path * @param array &$file_info File metadata (e.g. type) * @param string &$session_id Optional session ID to join to * @param string $readonly Create readonly (one-time) session * * @return string WOPI URI for specified document * @throws Exception */ public function session_start($file, &$file_info, &$session_id = null, $readonly = false) { parent::session_start($file, $file_info, $session_id, $readonly); if ($session_id) { // Create Chwala session for use as WOPI access_token // This session will have access to this one document session only $keys = array('env', 'user_id', 'user', 'username', 'password', 'storage_host', 'storage_port', 'storage_ssl', 'user_roledns'); $data = array_intersect_key($_SESSION, array_flip($keys)); $data['document_session'] = $session_id; $this->token = $this->api->session->create($data); $this->log_login($session_id); } return $this->frame_uri($session_id, $file_info['type']); } /** * Generate URI of WOPI editing session (WOPIsrc) */ protected function frame_uri($id, $mimetype) { $capabilities = $this->capabilities(); if (empty($capabilities) || empty($mimetype)) { return; } $metadata = $capabilities[strtolower($mimetype)]; if (empty($metadata)) { return; } $office_url = rtrim($metadata['urlsrc'], ' /?'); // collabora $service_url = $this->api->api_url() . '/wopi/files/' . $id; // @TODO: Parsing and replacing placeholder values // https://wopi.readthedocs.io/en/latest/discovery.html#action-urls $args = array('WOPISrc' => $service_url); // We could also set: title, closebutton, revisionhistory // @TODO: do it in editor_post_params() when supported by the editor if ($lang = $this->api->env['language']) { $args['lang'] = str_replace('_', '-', $lang); } return $office_url . '?' . http_build_query($args, '', '&'); } /** * Retern extra viewer parameters to post to the viewer iframe * * @param array $info File info * * @return array POST parameters */ public function editor_post_params($info) { // Access token TTL (number of milliseconds since January 1, 1970 UTC) if ($ttl = $this->rc->config->get('session_lifetime', 0) * 60) { $now = new DateTime('now', new DateTimeZone('UTC')); $ttl = ($ttl + $now->format('U')) . '000'; } $params = array( 'access_token' => $this->token, 'access_token_ttl' => $ttl ?: 0, ); return $params; } /** * List supported mimetypes * * @param bool $editable Return only editable mimetypes * * @return array List of supported mimetypes */ public function supported_filetypes($editable = false) { $caps = $this->capabilities(); if ($editable) { $editable = array(); foreach ($caps as $mimetype => $c) { if ($c['name'] == 'edit') { $editable[] = $mimetype; } } return $editable; } return array_keys($caps); } /** * Uses WOPI discovery to get Office capabilities * https://wopi.readthedocs.io/en/latest/discovery.html */ protected function capabilities() { $cache_key = 'wopi.capabilities'; if ($result = $this->get_from_cache($cache_key)) { return $this->apply_aliases_and_exceptions($result); } $office_url = rtrim($this->rc->config->get('fileapi_wopi_office'), ' /'); $office_url .= '/hosting/discovery'; try { $request = $this->http_request(); $request->setMethod(HTTP_Request2::METHOD_GET); $request->setBody(''); $request->setUrl($office_url); $response = $request->send(); $body = $response->getBody(); $code = $response->getStatus(); if (empty($body) || $code != 200) { throw new Exception("Unexpected WOPI discovery response"); } } catch (Exception $e) { rcube::raise_error($e, true, false); // Don't bail out here, it would make the kolab_files UI broken return array(); } // parse XML output // // // // // // ... $node = new DOMDocument('1.0', 'UTF-8'); $node->loadXML($body); $result = array(); foreach ($node->getElementsByTagName('app') as $app) { if ($mimetype = $app->getAttribute('name')) { if ($action = $app->getElementsByTagName('action')->item(0)) { foreach ($action->attributes as $attr) { $result[$mimetype][$attr->name] = $attr->value; } } } } if (empty($result)) { rcube::raise_error("Failed to parse WOPI discovery response: $body", true, false); // Don't bail out here, it would make the kolab_files UI broken return array(); } $this->save_in_cache($cache_key, $result); return $this->apply_aliases_and_exceptions($result); } /** * Initializes HTTP request object */ protected function http_request() { require_once 'HTTP/Request2.php'; $request = new HTTP_Request2(); // Configure connection options $config = $this->rc->config; $http_config = (array) $config->get('http_request', $config->get('kolab_http_request')); // Deprecated config, all options are separated variables if (empty($http_config)) { $options = array( 'ssl_verify_peer', 'ssl_verify_host', 'ssl_cafile', 'ssl_capath', 'ssl_local_cert', 'ssl_passphrase', 'follow_redirects', ); foreach ($options as $optname) { if (($optvalue = $config->get($optname)) !== null || ($optvalue = $config->get('kolab_' . $optname)) !== null ) { $http_config[$optname] = $optvalue; } } } if (!empty($http_config)) { try { $request->setConfig($http_config); } catch (Exception $e) { - rcube::log_error("HTTP: " . $e->getMessage()); + rcube::raise_error("HTTP: " . $e->getMessage(), true, false); } } // proxy User-Agent $request->setHeader('user-agent', $_SERVER['HTTP_USER_AGENT']); // some HTTP server configurations require this header $request->setHeader('accept', "application/json,text/javascript,*/*"); return $request; } /** * Get cached data */ protected function get_from_cache($key) { if ($cache = $this->get_cache()) { return $cache->get($key); } } /** * Store data in cache */ protected function save_in_cache($key, $value) { if ($cache = $this->get_cache()) { $cache->set($key, $value); } } /** * Getter for the shared cache engine object */ protected function get_cache() { if ($this->cache === null) { $this->cache = $this->rc->get_cache_shared('fileapi') ?: false; } return $this->cache; } /** * Support more mimetypes in CODE capabilities */ protected function apply_aliases_and_exceptions($caps) { foreach ($this->mimetype_aliases as $type => $alias) { if (isset($caps[$type]) && !isset($caps[$alias])) { $caps[$alias] = $caps[$type]; } } foreach ($this->mimetype_exceptions as $type) { unset($caps[$type]); } return $caps; } /** * Write login data (name, ID, IP address) to the 'userlogins' log file. */ protected function log_login($session_id) { if (!$this->api->config->get('log_logins')) { return; } $rcube = rcube::get_instance(); $user_name = $rcube->get_user_name(); $user_id = $rcube->get_user_id(); $message = sprintf('CODE access for %s (ID: %d) from %s in session %s; %s', $user_name, $user_id, rcube_utils::remote_ip(), session_id(), $session_id); // log login rcube::write_log('userlogins', $message); } }