mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-07 08:34:29 +01:00
got writable Collabora shares working
This commit is contained in:
parent
e74b939a4e
commit
d40e82fc98
@ -57,9 +57,9 @@ class Sharing extends \EGroupware\Api\Sharing
|
||||
* The anonymous user probably doesn't have the needed permissions to access
|
||||
* the record, so we should set that up to avoid permission errors
|
||||
*/
|
||||
protected function after_login()
|
||||
protected static function after_login(array $share)
|
||||
{
|
||||
list($app) = explode('::', $this->share['share_path']);
|
||||
list($app) = explode('::', $share['share_path']);
|
||||
|
||||
// allow app (gets overwritten by session::create)
|
||||
$GLOBALS['egw_info']['flags']['currentapp'] = $app;
|
||||
|
@ -264,7 +264,7 @@ class Sharing
|
||||
* Sub-class specific things needed to be done to the share (or session)
|
||||
* after we login but before we start actually doing anything
|
||||
*/
|
||||
protected function after_login() {}
|
||||
protected static function after_login() {}
|
||||
|
||||
|
||||
protected static function login($keep_session, &$share)
|
||||
@ -285,7 +285,7 @@ class Sharing
|
||||
{
|
||||
$sessionid = static::create_new_session();
|
||||
|
||||
$GLOBALS['egw']->sharing->after_login();
|
||||
static::after_login($share);
|
||||
}
|
||||
// we have a session we want to keep, but share owner is different from current user and we dont need filemanager UI
|
||||
// --> we dont need session and close it, to not modifiy it
|
||||
@ -507,7 +507,7 @@ class Sharing
|
||||
public function ServeRequest()
|
||||
{
|
||||
// sharing is for a different share, change to current share
|
||||
if ($this->share['share_token'] !== self::get_token())
|
||||
if (empty($this->share['skip_validate_token']) && $this->share['share_token'] !== self::get_token())
|
||||
{
|
||||
// to keep the session we require the regular user flag "N" AND a user-name not equal to "anonymous"
|
||||
self::create_session($GLOBALS['egw']->session->session_flags === 'N' &&
|
||||
|
@ -15,6 +15,7 @@ namespace EGroupware\Api\Vfs;
|
||||
|
||||
use EGroupware\Api;
|
||||
use EGroupware\Api\Vfs;
|
||||
use EGroupware\Collabora\Wopi;
|
||||
use filemanager_ui;
|
||||
|
||||
/**
|
||||
@ -209,14 +210,14 @@ class Sharing extends \EGroupware\Api\Sharing
|
||||
);
|
||||
}
|
||||
|
||||
protected function after_login()
|
||||
protected static function after_login($share)
|
||||
{
|
||||
// only allow filemanager app (gets overwritten by session::create)
|
||||
$GLOBALS['egw_info']['user']['apps'] = array(
|
||||
'filemanager' => $GLOBALS['egw_info']['apps']['filemanager']
|
||||
);
|
||||
// check if sharee has Collabora run rights --> give is to share too
|
||||
$apps = $GLOBALS['egw']->acl->get_user_applications($this->share['share_owner']);
|
||||
$apps = $GLOBALS['egw']->acl->get_user_applications($share['share_owner']);
|
||||
if (!empty($apps['collabora']))
|
||||
{
|
||||
$GLOBALS['egw_info']['user']['apps']['collabora'] = $GLOBALS['egw_info']['apps']['collabora'];
|
||||
|
@ -703,7 +703,7 @@ class StreamWrapper extends Base implements StreamWrapperIface
|
||||
|
||||
// we need to make sure the mount-point is readable eg. if something is mounted into an other users home-directory
|
||||
if (!isset($mount_point)) Vfs::mount_url($url, $mount_point); // resolve_url only returns mount-point for pathes or vfs urls
|
||||
if (!in_array($mount_point, ['/', '/apps', '/home']) && // they all are public readable
|
||||
if (!($mount_point === '/' || Vfs::dirname($mount_point) === '/') && // they all are public readable
|
||||
($class = self::scheme2class(Vfs::parse_url($url, PHP_URL_SCHEME))) &&
|
||||
!is_a($class, Vfs\Sqlfs\StreamWrapper::class) && // decendents of SqlFS stream-wrapper always check traversal right to /
|
||||
!$this->check_access(Vfs::dirname($mount_point), Vfs::READABLE))
|
||||
|
Loading…
Reference in New Issue
Block a user