2016-03-31 01:48:34 -05:00
|
|
|
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
|
|
|
|
/*
|
|
|
|
* This file is part of the LibreOffice project.
|
|
|
|
*
|
|
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
*/
|
|
|
|
|
2016-04-08 06:49:33 -05:00
|
|
|
#include "config.h"
|
|
|
|
|
2017-03-08 10:38:22 -06:00
|
|
|
#include "Storage.hpp"
|
|
|
|
|
2016-11-11 08:32:29 -06:00
|
|
|
#include <algorithm>
|
2016-03-31 01:48:34 -05:00
|
|
|
#include <cassert>
|
|
|
|
#include <fstream>
|
loolwsd: include cleanup and organization
A source file (.cpp) must include its own header first.
This insures that the header is self-contained and
doesn't depend on arbitrary (and accidental) includes
before it to compile.
Furthermore, system headers should go next, followed by
C then C++ headers, then libraries (Poco, etc) and, finally,
project headers come last.
This makes sure that headers and included in the same dependency
order to avoid side-effects. For example, Poco should never rely on
anything from our project in the same way that a C header should
never rely on anything in C++, Poco, or project headers.
Also, includes ought to be sorted where possible, to improve
readability and avoid accidental duplicates (of which there
were a few).
Change-Id: I62cc1343e4a091d69195e37ed659dba20cfcb1ef
Reviewed-on: https://gerrit.libreoffice.org/25262
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-05-21 09:23:07 -05:00
|
|
|
#include <string>
|
2016-03-31 01:48:34 -05:00
|
|
|
|
2016-12-16 07:19:27 -06:00
|
|
|
#include <Poco/DateTime.h>
|
|
|
|
#include <Poco/DateTimeParser.h>
|
|
|
|
#include <Poco/Exception.h>
|
loolwsd: include cleanup and organization
A source file (.cpp) must include its own header first.
This insures that the header is self-contained and
doesn't depend on arbitrary (and accidental) includes
before it to compile.
Furthermore, system headers should go next, followed by
C then C++ headers, then libraries (Poco, etc) and, finally,
project headers come last.
This makes sure that headers and included in the same dependency
order to avoid side-effects. For example, Poco should never rely on
anything from our project in the same way that a C header should
never rely on anything in C++, Poco, or project headers.
Also, includes ought to be sorted where possible, to improve
readability and avoid accidental duplicates (of which there
were a few).
Change-Id: I62cc1343e4a091d69195e37ed659dba20cfcb1ef
Reviewed-on: https://gerrit.libreoffice.org/25262
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-05-21 09:23:07 -05:00
|
|
|
#include <Poco/JSON/Object.h>
|
|
|
|
#include <Poco/JSON/Parser.h>
|
|
|
|
#include <Poco/Net/DNS.h>
|
2016-04-08 04:24:52 -05:00
|
|
|
#include <Poco/Net/HTTPClientSession.h>
|
loolwsd: include cleanup and organization
A source file (.cpp) must include its own header first.
This insures that the header is self-contained and
doesn't depend on arbitrary (and accidental) includes
before it to compile.
Furthermore, system headers should go next, followed by
C then C++ headers, then libraries (Poco, etc) and, finally,
project headers come last.
This makes sure that headers and included in the same dependency
order to avoid side-effects. For example, Poco should never rely on
anything from our project in the same way that a C header should
never rely on anything in C++, Poco, or project headers.
Also, includes ought to be sorted where possible, to improve
readability and avoid accidental duplicates (of which there
were a few).
Change-Id: I62cc1343e4a091d69195e37ed659dba20cfcb1ef
Reviewed-on: https://gerrit.libreoffice.org/25262
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-05-21 09:23:07 -05:00
|
|
|
#include <Poco/Net/HTTPRequest.h>
|
|
|
|
#include <Poco/Net/HTTPResponse.h>
|
2016-03-31 01:48:34 -05:00
|
|
|
#include <Poco/Net/HTTPSClientSession.h>
|
2017-05-17 03:48:51 -05:00
|
|
|
#include <Poco/Net/NameValueCollection.h>
|
2016-04-19 03:17:50 -05:00
|
|
|
#include <Poco/Net/NetworkInterface.h>
|
2016-03-31 01:48:34 -05:00
|
|
|
#include <Poco/Net/SSLManager.h>
|
|
|
|
#include <Poco/StreamCopier.h>
|
2016-12-16 07:19:27 -06:00
|
|
|
#include <Poco/Timestamp.h>
|
2016-03-31 01:48:34 -05:00
|
|
|
|
2017-04-27 12:47:35 -05:00
|
|
|
// For residual Poco SSL usage.
|
|
|
|
#include <Poco/Net/Context.h>
|
|
|
|
#include <Poco/Net/SSLManager.h>
|
|
|
|
#include <Poco/Net/AcceptCertificateHandler.h>
|
|
|
|
#include <Poco/Net/KeyConsoleHandler.h>
|
|
|
|
|
2016-03-31 01:48:34 -05:00
|
|
|
#include "Auth.hpp"
|
2016-04-16 11:55:56 -05:00
|
|
|
#include "Common.hpp"
|
|
|
|
#include "Exceptions.hpp"
|
2016-11-12 15:38:13 -06:00
|
|
|
#include "common/FileUtil.hpp"
|
2016-07-18 06:45:36 -05:00
|
|
|
#include "LOOLWSD.hpp"
|
loolwsd: include cleanup and organization
A source file (.cpp) must include its own header first.
This insures that the header is self-contained and
doesn't depend on arbitrary (and accidental) includes
before it to compile.
Furthermore, system headers should go next, followed by
C then C++ headers, then libraries (Poco, etc) and, finally,
project headers come last.
This makes sure that headers and included in the same dependency
order to avoid side-effects. For example, Poco should never rely on
anything from our project in the same way that a C header should
never rely on anything in C++, Poco, or project headers.
Also, includes ought to be sorted where possible, to improve
readability and avoid accidental duplicates (of which there
were a few).
Change-Id: I62cc1343e4a091d69195e37ed659dba20cfcb1ef
Reviewed-on: https://gerrit.libreoffice.org/25262
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-05-21 09:23:07 -05:00
|
|
|
#include "Log.hpp"
|
2016-04-07 15:59:27 -05:00
|
|
|
#include "Unit.hpp"
|
loolwsd: include cleanup and organization
A source file (.cpp) must include its own header first.
This insures that the header is self-contained and
doesn't depend on arbitrary (and accidental) includes
before it to compile.
Furthermore, system headers should go next, followed by
C then C++ headers, then libraries (Poco, etc) and, finally,
project headers come last.
This makes sure that headers and included in the same dependency
order to avoid side-effects. For example, Poco should never rely on
anything from our project in the same way that a C header should
never rely on anything in C++, Poco, or project headers.
Also, includes ought to be sorted where possible, to improve
readability and avoid accidental duplicates (of which there
were a few).
Change-Id: I62cc1343e4a091d69195e37ed659dba20cfcb1ef
Reviewed-on: https://gerrit.libreoffice.org/25262
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-05-21 09:23:07 -05:00
|
|
|
#include "Util.hpp"
|
2016-03-31 01:48:34 -05:00
|
|
|
|
2016-06-07 02:18:49 -05:00
|
|
|
bool StorageBase::FilesystemEnabled;
|
|
|
|
bool StorageBase::WopiEnabled;
|
|
|
|
Util::RegexListMatcher StorageBase::WopiHosts;
|
2016-04-16 07:13:59 -05:00
|
|
|
|
2016-03-31 01:48:34 -05:00
|
|
|
std::string StorageBase::getLocalRootPath() const
|
|
|
|
{
|
|
|
|
auto localPath = _jailPath;
|
|
|
|
if (localPath[0] == '/')
|
|
|
|
{
|
|
|
|
// Remove the leading /
|
|
|
|
localPath.erase(0, 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
// /chroot/jailId/user/doc/childId
|
|
|
|
const auto rootPath = Poco::Path(_localStorePath, localPath);
|
|
|
|
Poco::File(rootPath).createDirectories();
|
|
|
|
|
|
|
|
return rootPath.toString();
|
|
|
|
}
|
|
|
|
|
|
|
|
size_t StorageBase::getFileSize(const std::string& filename)
|
|
|
|
{
|
|
|
|
return std::ifstream(filename, std::ifstream::ate | std::ifstream::binary).tellg();
|
|
|
|
}
|
|
|
|
|
2016-04-16 07:13:59 -05:00
|
|
|
void StorageBase::initialize()
|
|
|
|
{
|
|
|
|
const auto& app = Poco::Util::Application::instance();
|
2016-06-07 02:18:49 -05:00
|
|
|
FilesystemEnabled = app.config().getBool("storage.filesystem[@allow]", false);
|
2016-04-16 07:13:59 -05:00
|
|
|
|
|
|
|
// Parse the WOPI settings.
|
2016-06-07 02:18:49 -05:00
|
|
|
WopiHosts.clear();
|
|
|
|
WopiEnabled = app.config().getBool("storage.wopi[@allow]", false);
|
|
|
|
if (WopiEnabled)
|
2016-04-16 07:13:59 -05:00
|
|
|
{
|
|
|
|
for (size_t i = 0; ; ++i)
|
|
|
|
{
|
|
|
|
const std::string path = "storage.wopi.host[" + std::to_string(i) + "]";
|
2016-04-16 17:12:10 -05:00
|
|
|
const auto host = app.config().getString(path, "");
|
|
|
|
if (!host.empty())
|
2016-04-16 07:13:59 -05:00
|
|
|
{
|
2016-04-16 17:12:10 -05:00
|
|
|
if (app.config().getBool(path + "[@allow]", false))
|
2016-04-16 07:13:59 -05:00
|
|
|
{
|
2016-11-03 19:26:40 -05:00
|
|
|
LOG_INF("Adding trusted WOPI host: [" << host << "].");
|
2016-06-07 02:18:49 -05:00
|
|
|
WopiHosts.allow(host);
|
2016-04-16 17:12:10 -05:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2016-11-03 19:26:40 -05:00
|
|
|
LOG_INF("Adding blocked WOPI host: [" << host << "].");
|
2016-06-07 02:18:49 -05:00
|
|
|
WopiHosts.deny(host);
|
2016-04-16 07:13:59 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
else if (!app.config().has(path))
|
|
|
|
{
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2017-04-27 12:47:35 -05:00
|
|
|
|
|
|
|
#if ENABLE_SSL
|
|
|
|
// FIXME: should use our own SSL socket implementation here.
|
|
|
|
Poco::Crypto::initializeCrypto();
|
|
|
|
Poco::Net::initializeSSL();
|
|
|
|
|
|
|
|
// Init client
|
|
|
|
Poco::Net::Context::Params sslClientParams;
|
|
|
|
|
|
|
|
// TODO: Be more strict and setup SSL key/certs for remove server and us
|
|
|
|
sslClientParams.verificationMode = Poco::Net::Context::VERIFY_NONE;
|
|
|
|
|
|
|
|
Poco::SharedPtr<Poco::Net::PrivateKeyPassphraseHandler> consoleClientHandler = new Poco::Net::KeyConsoleHandler(false);
|
|
|
|
Poco::SharedPtr<Poco::Net::InvalidCertificateHandler> invalidClientCertHandler = new Poco::Net::AcceptCertificateHandler(false);
|
|
|
|
|
|
|
|
Poco::Net::Context::Ptr sslClientContext = new Poco::Net::Context(Poco::Net::Context::CLIENT_USE, sslClientParams);
|
|
|
|
Poco::Net::SSLManager::instance().initializeClient(consoleClientHandler, invalidClientCertHandler, sslClientContext);
|
|
|
|
#endif
|
2016-04-16 07:13:59 -05:00
|
|
|
}
|
|
|
|
|
2017-05-19 03:32:24 -05:00
|
|
|
bool isLocalhost(const std::string& targetHost)
|
2016-04-19 03:17:50 -05:00
|
|
|
{
|
2016-04-19 08:32:22 -05:00
|
|
|
std::string targetAddress;
|
|
|
|
try
|
|
|
|
{
|
|
|
|
targetAddress = Poco::Net::DNS::resolveOne(targetHost).toString();
|
|
|
|
}
|
|
|
|
catch (const Poco::Exception& exc)
|
|
|
|
{
|
2016-12-22 15:41:05 -06:00
|
|
|
LOG_WRN("Poco::Net::DNS::resolveOne(\"" << targetHost << "\") failed: " << exc.displayText());
|
2016-04-19 08:32:22 -05:00
|
|
|
try
|
|
|
|
{
|
|
|
|
targetAddress = Poco::Net::IPAddress(targetHost).toString();
|
|
|
|
}
|
|
|
|
catch (const Poco::Exception& exc1)
|
|
|
|
{
|
2016-12-22 15:41:05 -06:00
|
|
|
LOG_WRN("Poco::Net::IPAddress(\"" << targetHost << "\") failed: " << exc1.displayText());
|
2016-04-19 08:32:22 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-04-19 03:17:50 -05:00
|
|
|
Poco::Net::NetworkInterface::NetworkInterfaceList list = Poco::Net::NetworkInterface::list(true,true);
|
2016-04-28 01:43:19 -05:00
|
|
|
for (auto& netif : list)
|
2016-04-19 03:17:50 -05:00
|
|
|
{
|
|
|
|
std::string address = netif.address().toString();
|
2016-04-26 02:34:32 -05:00
|
|
|
address = address.substr(0, address.find('%', 0));
|
2016-04-19 03:17:50 -05:00
|
|
|
if (address == targetAddress)
|
2016-04-19 08:32:22 -05:00
|
|
|
{
|
2016-11-03 19:26:40 -05:00
|
|
|
LOG_INF("WOPI host is on the same host as the WOPI client: \"" <<
|
|
|
|
targetAddress << "\". Connection is allowed.");
|
2016-04-19 03:17:50 -05:00
|
|
|
return true;
|
2016-04-19 08:32:22 -05:00
|
|
|
}
|
2016-04-19 03:17:50 -05:00
|
|
|
}
|
2016-11-03 19:26:40 -05:00
|
|
|
|
|
|
|
LOG_INF("WOPI host is not on the same host as the WOPI client: \"" <<
|
|
|
|
targetAddress << "\". Connection is not allowed.");
|
2016-04-19 03:17:50 -05:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2016-10-14 05:09:43 -05:00
|
|
|
std::unique_ptr<StorageBase> StorageBase::create(const Poco::URI& uri, const std::string& jailRoot, const std::string& jailPath)
|
2016-04-07 15:59:27 -05:00
|
|
|
{
|
Attempt to handle unauthorized WOPI usage better
Use the previously unused UnauthorizedRequestException for this, and
throw a such in StorageBase::create() when the WOPI host doesn't match
any of those configured.
In a developer debug build, without access to any real WOPI
functionality, you can test by setting the FAKE_UNAUTHORIZED
environment variable and attempting to edit a plain local file:
URI. That will cause such an exception to be thrown in that function.
Catch that UnauthorizedRequestException in
ClientRequestHandler::handleGetRequest(), and send an 'error:
cmd=internal kind=unauthorized' message to the client. Handle that in
loleaflet in the same place where the 'error: cmd=internal
kild=diskfull' message is handled, and in the same fashion, giving up
on the document.
Actually, using exceptions for relatively non-exceptional situations
like this is lame and makes understanding the code harder, but that is
just my personal preference...
FIXME: By the time StorageBase::create() gets called we have already
sent three 'statusindicator:' messages ('find', 'connect', and
'ready') to the client. We should ideally do the checks we do in
StorageBase::create() much earlier.
Also consider that ClientRequestHandler::handleClientRequest() has
code that catches UnauthorizedRequestException and
BadRequestException, and tries to set the HTTP response in those
cases. I am not sure if that functionality has ever been exercised,
though. Currently, we upgrade the HTTP connection to WebSocket early,
and only after that we check whether the WOPI host is authorized
etc. By that time it is too late to return an HTTP response to the
user. If that even is what we ideally should do? If not, then we
probably should drop the code that constructs HTTP responses and
attempts to send them.
Also, if I, as a test, force an HTTPResponse::HTTP_BAD_REQUEST to be
sent before the HTTP connection is upgraded to WebSocket, loleaflet
throws up the generic "Well, this is embarrassing" dialog anyway. At
least in Firefox on Linux. (Instead of the browser showing some own
dialog, which I was half-expecting to happen.)
2016-10-17 08:55:20 -05:00
|
|
|
// FIXME: By the time this gets called we have already sent to the client three
|
|
|
|
// 'statusindicator:' messages: 'find', 'connect' and 'ready'. We should ideally do the checks
|
|
|
|
// here much earlier. Also, using exceptions is lame and makes understanding the code harder,
|
|
|
|
// but that is just my personal preference.
|
|
|
|
|
2016-04-07 15:59:27 -05:00
|
|
|
std::unique_ptr<StorageBase> storage;
|
|
|
|
|
2016-10-14 05:09:43 -05:00
|
|
|
if (UnitWSD::get().createStorage(uri, jailRoot, jailPath, storage))
|
2016-04-16 07:13:59 -05:00
|
|
|
{
|
2016-11-03 19:26:40 -05:00
|
|
|
LOG_INF("Storage load hooked.");
|
2016-08-31 10:05:10 -05:00
|
|
|
if (storage)
|
2016-11-03 19:26:40 -05:00
|
|
|
{
|
2016-08-31 10:05:10 -05:00
|
|
|
return storage;
|
2016-11-03 19:26:40 -05:00
|
|
|
}
|
2016-04-16 07:13:59 -05:00
|
|
|
}
|
2016-04-07 15:59:27 -05:00
|
|
|
else if (uri.isRelative() || uri.getScheme() == "file")
|
|
|
|
{
|
2016-11-03 19:26:40 -05:00
|
|
|
LOG_INF("Public URI [" << uri.toString() << "] is a file.");
|
|
|
|
|
Attempt to handle unauthorized WOPI usage better
Use the previously unused UnauthorizedRequestException for this, and
throw a such in StorageBase::create() when the WOPI host doesn't match
any of those configured.
In a developer debug build, without access to any real WOPI
functionality, you can test by setting the FAKE_UNAUTHORIZED
environment variable and attempting to edit a plain local file:
URI. That will cause such an exception to be thrown in that function.
Catch that UnauthorizedRequestException in
ClientRequestHandler::handleGetRequest(), and send an 'error:
cmd=internal kind=unauthorized' message to the client. Handle that in
loleaflet in the same place where the 'error: cmd=internal
kild=diskfull' message is handled, and in the same fashion, giving up
on the document.
Actually, using exceptions for relatively non-exceptional situations
like this is lame and makes understanding the code harder, but that is
just my personal preference...
FIXME: By the time StorageBase::create() gets called we have already
sent three 'statusindicator:' messages ('find', 'connect', and
'ready') to the client. We should ideally do the checks we do in
StorageBase::create() much earlier.
Also consider that ClientRequestHandler::handleClientRequest() has
code that catches UnauthorizedRequestException and
BadRequestException, and tries to set the HTTP response in those
cases. I am not sure if that functionality has ever been exercised,
though. Currently, we upgrade the HTTP connection to WebSocket early,
and only after that we check whether the WOPI host is authorized
etc. By that time it is too late to return an HTTP response to the
user. If that even is what we ideally should do? If not, then we
probably should drop the code that constructs HTTP responses and
attempts to send them.
Also, if I, as a test, force an HTTPResponse::HTTP_BAD_REQUEST to be
sent before the HTTP connection is upgraded to WebSocket, loleaflet
throws up the generic "Well, this is embarrassing" dialog anyway. At
least in Firefox on Linux. (Instead of the browser showing some own
dialog, which I was half-expecting to happen.)
2016-10-17 08:55:20 -05:00
|
|
|
#if ENABLE_DEBUG
|
|
|
|
if (std::getenv("FAKE_UNAUTHORIZED"))
|
|
|
|
{
|
2016-11-03 19:26:40 -05:00
|
|
|
LOG_FTL("Faking an UnauthorizedRequestException");
|
Attempt to handle unauthorized WOPI usage better
Use the previously unused UnauthorizedRequestException for this, and
throw a such in StorageBase::create() when the WOPI host doesn't match
any of those configured.
In a developer debug build, without access to any real WOPI
functionality, you can test by setting the FAKE_UNAUTHORIZED
environment variable and attempting to edit a plain local file:
URI. That will cause such an exception to be thrown in that function.
Catch that UnauthorizedRequestException in
ClientRequestHandler::handleGetRequest(), and send an 'error:
cmd=internal kind=unauthorized' message to the client. Handle that in
loleaflet in the same place where the 'error: cmd=internal
kild=diskfull' message is handled, and in the same fashion, giving up
on the document.
Actually, using exceptions for relatively non-exceptional situations
like this is lame and makes understanding the code harder, but that is
just my personal preference...
FIXME: By the time StorageBase::create() gets called we have already
sent three 'statusindicator:' messages ('find', 'connect', and
'ready') to the client. We should ideally do the checks we do in
StorageBase::create() much earlier.
Also consider that ClientRequestHandler::handleClientRequest() has
code that catches UnauthorizedRequestException and
BadRequestException, and tries to set the HTTP response in those
cases. I am not sure if that functionality has ever been exercised,
though. Currently, we upgrade the HTTP connection to WebSocket early,
and only after that we check whether the WOPI host is authorized
etc. By that time it is too late to return an HTTP response to the
user. If that even is what we ideally should do? If not, then we
probably should drop the code that constructs HTTP responses and
attempts to send them.
Also, if I, as a test, force an HTTPResponse::HTTP_BAD_REQUEST to be
sent before the HTTP connection is upgraded to WebSocket, loleaflet
throws up the generic "Well, this is embarrassing" dialog anyway. At
least in Firefox on Linux. (Instead of the browser showing some own
dialog, which I was half-expecting to happen.)
2016-10-17 08:55:20 -05:00
|
|
|
throw UnauthorizedRequestException("No acceptable WOPI hosts found matching the target host in config.");
|
|
|
|
}
|
|
|
|
#endif
|
2016-06-07 02:18:49 -05:00
|
|
|
if (FilesystemEnabled)
|
2016-04-07 15:59:27 -05:00
|
|
|
{
|
2016-10-14 05:09:43 -05:00
|
|
|
return std::unique_ptr<StorageBase>(new LocalStorage(uri, jailRoot, jailPath));
|
2016-04-07 15:59:27 -05:00
|
|
|
}
|
2017-08-02 11:55:43 -05:00
|
|
|
else
|
|
|
|
{
|
|
|
|
// guard against attempts to escape
|
|
|
|
Poco::URI normalizedUri(uri);
|
|
|
|
normalizedUri.normalize();
|
|
|
|
|
|
|
|
std::vector<std::string> pathSegments;
|
|
|
|
normalizedUri.getPathSegments(pathSegments);
|
|
|
|
|
|
|
|
if (pathSegments.size() == 4 && pathSegments[0] == "tmp" && pathSegments[1] == "convert-to")
|
|
|
|
{
|
|
|
|
LOG_INF("Public URI [" << normalizedUri.toString() << "] is actually a convert-to tempfile.");
|
|
|
|
return std::unique_ptr<StorageBase>(new LocalStorage(normalizedUri, jailRoot, jailPath));
|
|
|
|
}
|
|
|
|
}
|
2016-04-07 15:59:27 -05:00
|
|
|
|
2016-11-03 19:26:40 -05:00
|
|
|
LOG_ERR("Local Storage is disabled by default. Enable in the config file or on the command-line to enable.");
|
2016-04-07 15:59:27 -05:00
|
|
|
}
|
2016-06-07 02:18:49 -05:00
|
|
|
else if (WopiEnabled)
|
2016-04-07 15:59:27 -05:00
|
|
|
{
|
2016-11-03 19:26:40 -05:00
|
|
|
LOG_INF("Public URI [" << uri.toString() << "] considered WOPI.");
|
2016-04-26 02:34:32 -05:00
|
|
|
const auto& targetHost = uri.getHost();
|
2017-05-19 03:32:24 -05:00
|
|
|
if (WopiHosts.match(targetHost) || isLocalhost(targetHost))
|
2016-04-16 11:55:56 -05:00
|
|
|
{
|
2016-10-14 05:09:43 -05:00
|
|
|
return std::unique_ptr<StorageBase>(new WopiStorage(uri, jailRoot, jailPath));
|
2016-04-16 11:55:56 -05:00
|
|
|
}
|
|
|
|
|
Attempt to handle unauthorized WOPI usage better
Use the previously unused UnauthorizedRequestException for this, and
throw a such in StorageBase::create() when the WOPI host doesn't match
any of those configured.
In a developer debug build, without access to any real WOPI
functionality, you can test by setting the FAKE_UNAUTHORIZED
environment variable and attempting to edit a plain local file:
URI. That will cause such an exception to be thrown in that function.
Catch that UnauthorizedRequestException in
ClientRequestHandler::handleGetRequest(), and send an 'error:
cmd=internal kind=unauthorized' message to the client. Handle that in
loleaflet in the same place where the 'error: cmd=internal
kild=diskfull' message is handled, and in the same fashion, giving up
on the document.
Actually, using exceptions for relatively non-exceptional situations
like this is lame and makes understanding the code harder, but that is
just my personal preference...
FIXME: By the time StorageBase::create() gets called we have already
sent three 'statusindicator:' messages ('find', 'connect', and
'ready') to the client. We should ideally do the checks we do in
StorageBase::create() much earlier.
Also consider that ClientRequestHandler::handleClientRequest() has
code that catches UnauthorizedRequestException and
BadRequestException, and tries to set the HTTP response in those
cases. I am not sure if that functionality has ever been exercised,
though. Currently, we upgrade the HTTP connection to WebSocket early,
and only after that we check whether the WOPI host is authorized
etc. By that time it is too late to return an HTTP response to the
user. If that even is what we ideally should do? If not, then we
probably should drop the code that constructs HTTP responses and
attempts to send them.
Also, if I, as a test, force an HTTPResponse::HTTP_BAD_REQUEST to be
sent before the HTTP connection is upgraded to WebSocket, loleaflet
throws up the generic "Well, this is embarrassing" dialog anyway. At
least in Firefox on Linux. (Instead of the browser showing some own
dialog, which I was half-expecting to happen.)
2016-10-17 08:55:20 -05:00
|
|
|
throw UnauthorizedRequestException("No acceptable WOPI hosts found matching the target host [" + targetHost + "] in config.");
|
2016-04-16 07:13:59 -05:00
|
|
|
}
|
|
|
|
|
2016-04-16 11:55:56 -05:00
|
|
|
throw BadRequestException("No Storage configured or invalid URI.");
|
2016-04-07 15:59:27 -05:00
|
|
|
}
|
|
|
|
|
2016-10-26 07:47:42 -05:00
|
|
|
std::atomic<unsigned> LocalStorage::LastLocalStorageId;
|
2016-09-30 04:02:09 -05:00
|
|
|
|
2017-05-12 10:42:03 -05:00
|
|
|
std::unique_ptr<LocalStorage::LocalFileInfo> LocalStorage::getLocalFileInfo()
|
2016-03-31 01:48:34 -05:00
|
|
|
{
|
2017-05-12 10:42:03 -05:00
|
|
|
const auto path = Poco::Path(_uri.getPath());
|
|
|
|
LOG_DBG("Getting info for local uri [" << _uri.toString() << "], path [" << path.toString() << "].");
|
2016-10-26 06:15:28 -05:00
|
|
|
|
2016-12-20 09:53:11 -06:00
|
|
|
const auto& filename = path.getFileName();
|
|
|
|
const auto file = Poco::File(path);
|
|
|
|
const auto lastModified = file.getLastModified();
|
|
|
|
const auto size = file.getSize();
|
2016-10-26 06:15:28 -05:00
|
|
|
|
2016-12-20 09:53:11 -06:00
|
|
|
_fileInfo = FileInfo({filename, "localhost", lastModified, size});
|
2016-10-26 06:15:28 -05:00
|
|
|
|
|
|
|
// Set automatic userid and username
|
2017-07-01 15:30:14 -05:00
|
|
|
return std::unique_ptr<LocalStorage::LocalFileInfo>(new LocalFileInfo({"localhost" + std::to_string(LastLocalStorageId), "Local Host #" + std::to_string(LastLocalStorageId++)}));
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
|
|
|
|
2017-08-16 09:38:00 -05:00
|
|
|
std::string LocalStorage::loadStorageFileToLocal(const Authorization& /*auth*/)
|
2016-03-31 01:48:34 -05:00
|
|
|
{
|
|
|
|
// /chroot/jailId/user/doc/childId/file.ext
|
2016-10-14 04:28:19 -05:00
|
|
|
const auto filename = Poco::Path(_uri.getPath()).getFileName();
|
2017-03-21 21:56:16 -05:00
|
|
|
_jailedFilePath = Poco::Path(getLocalRootPath(), filename).toString();
|
2016-11-03 19:26:40 -05:00
|
|
|
LOG_INF("Public URI [" << _uri.getPath() <<
|
2016-12-22 15:41:05 -06:00
|
|
|
"] jailed to [" << _jailedFilePath << "].");
|
2016-03-31 01:48:34 -05:00
|
|
|
|
2016-09-30 08:09:53 -05:00
|
|
|
// Despite the talk about URIs it seems that _uri is actually just a pathname here
|
2016-10-14 04:28:19 -05:00
|
|
|
const auto publicFilePath = _uri.getPath();
|
2016-09-30 08:09:53 -05:00
|
|
|
|
2017-06-16 12:34:07 -05:00
|
|
|
if (!FileUtil::checkDiskSpace(_jailedFilePath))
|
2016-11-03 19:26:40 -05:00
|
|
|
{
|
2017-06-16 12:34:07 -05:00
|
|
|
throw StorageSpaceLowException("Low disk space for " + _jailedFilePath);
|
2016-11-03 19:26:40 -05:00
|
|
|
}
|
2016-09-30 08:09:53 -05:00
|
|
|
|
2016-11-03 19:26:40 -05:00
|
|
|
LOG_INF("Linking " << publicFilePath << " to " << _jailedFilePath);
|
2016-03-31 01:48:34 -05:00
|
|
|
if (!Poco::File(_jailedFilePath).exists() && link(publicFilePath.c_str(), _jailedFilePath.c_str()) == -1)
|
|
|
|
{
|
|
|
|
// Failed
|
2016-12-22 15:41:05 -06:00
|
|
|
LOG_WRN("link(\"" << publicFilePath << "\", \"" << _jailedFilePath << "\") failed. Will copy.");
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
try
|
|
|
|
{
|
|
|
|
// Fallback to copying.
|
|
|
|
if (!Poco::File(_jailedFilePath).exists())
|
|
|
|
{
|
2016-11-03 19:26:40 -05:00
|
|
|
LOG_INF("Copying " << publicFilePath << " to " << _jailedFilePath);
|
2016-03-31 01:48:34 -05:00
|
|
|
Poco::File(publicFilePath).copyTo(_jailedFilePath);
|
|
|
|
_isCopy = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
catch (const Poco::Exception& exc)
|
|
|
|
{
|
2016-12-22 15:41:05 -06:00
|
|
|
LOG_ERR("copyTo(\"" << publicFilePath << "\", \"" << _jailedFilePath << "\") failed: " << exc.displayText());
|
2016-03-31 01:48:34 -05:00
|
|
|
throw;
|
|
|
|
}
|
|
|
|
|
2016-10-14 05:09:43 -05:00
|
|
|
_isLoaded = true;
|
2016-03-31 01:48:34 -05:00
|
|
|
// Now return the jailed path.
|
2017-02-06 16:26:38 -06:00
|
|
|
#ifndef KIT_IN_PROCESS
|
2017-04-05 13:20:47 -05:00
|
|
|
if (LOOLWSD::NoCapsForKit)
|
|
|
|
return _jailedFilePath;
|
|
|
|
else
|
|
|
|
return Poco::Path(_jailPath, filename).toString();
|
2017-02-06 16:26:38 -06:00
|
|
|
#else
|
|
|
|
return _jailedFilePath;
|
|
|
|
#endif
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
|
|
|
|
2017-08-16 09:38:00 -05:00
|
|
|
StorageBase::SaveResult LocalStorage::saveLocalFileToStorage(const Authorization& /*auth*/)
|
2016-03-31 01:48:34 -05:00
|
|
|
{
|
|
|
|
try
|
|
|
|
{
|
2017-06-10 09:45:00 -05:00
|
|
|
LOG_TRC("Saving local file to local file storage " << _isCopy << " for " << _jailedFilePath);
|
2016-03-31 01:48:34 -05:00
|
|
|
// Copy the file back.
|
|
|
|
if (_isCopy && Poco::File(_jailedFilePath).exists())
|
|
|
|
{
|
2017-05-12 10:42:03 -05:00
|
|
|
LOG_INF("Copying " << _jailedFilePath << " to " << _uri.getPath());
|
|
|
|
Poco::File(_jailedFilePath).copyTo(_uri.getPath());
|
2017-05-31 12:34:32 -05:00
|
|
|
|
2017-06-10 09:45:00 -05:00
|
|
|
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
2017-06-10 09:45:00 -05:00
|
|
|
|
|
|
|
// update its fileinfo object. This is used later to check if someone else changed the
|
|
|
|
// document while we are/were editing it
|
|
|
|
_fileInfo._modifiedTime = Poco::File(_uri.getPath()).getLastModified();
|
|
|
|
Log::trace() << "New FileInfo modified time in storage " << _fileInfo._modifiedTime << Log::end;
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
|
|
|
catch (const Poco::Exception& exc)
|
|
|
|
{
|
2017-05-12 10:42:03 -05:00
|
|
|
LOG_ERR("copyTo(\"" << _jailedFilePath << "\", \"" << _uri.getPath() <<
|
2016-11-03 19:26:40 -05:00
|
|
|
"\") failed: " << exc.displayText());
|
2016-03-31 01:48:34 -05:00
|
|
|
throw;
|
|
|
|
}
|
|
|
|
|
2016-11-23 06:09:54 -06:00
|
|
|
return StorageBase::SaveResult::OK;
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
|
|
|
|
2016-07-18 06:45:36 -05:00
|
|
|
namespace {
|
|
|
|
|
2016-12-23 00:47:04 -06:00
|
|
|
inline
|
2016-10-04 07:10:45 -05:00
|
|
|
Poco::Net::HTTPClientSession* getHTTPClientSession(const Poco::URI& uri)
|
2016-07-18 06:45:36 -05:00
|
|
|
{
|
2017-04-27 12:47:35 -05:00
|
|
|
// FIXME: if we're configured for http - we can still use an https:// wopi
|
|
|
|
// host surely; of course - the converse is not true / sensible.
|
2017-03-30 04:15:28 -05:00
|
|
|
return (LOOLWSD::isSSLEnabled() || LOOLWSD::isSSLTermination())
|
|
|
|
? new Poco::Net::HTTPSClientSession(uri.getHost(), uri.getPort(),
|
|
|
|
Poco::Net::SSLManager::instance().defaultClientContext())
|
|
|
|
: new Poco::Net::HTTPClientSession(uri.getHost(), uri.getPort());
|
2016-07-18 06:45:36 -05:00
|
|
|
}
|
|
|
|
|
2016-11-11 08:32:29 -06:00
|
|
|
int getLevenshteinDist(const std::string& string1, const std::string& string2) {
|
|
|
|
int matrix[string1.size() + 1][string2.size() + 1];
|
2016-12-08 02:33:24 -06:00
|
|
|
std::memset(matrix, 0, sizeof(matrix[0][0]) * (string1.size() + 1) * (string2.size() + 1));
|
2016-11-11 08:32:29 -06:00
|
|
|
|
|
|
|
for (size_t i = 0; i < string1.size() + 1; i++)
|
|
|
|
{
|
|
|
|
for (size_t j = 0; j < string2.size() + 1; j++)
|
|
|
|
{
|
|
|
|
if (i == 0)
|
|
|
|
{
|
|
|
|
matrix[i][j] = j;
|
|
|
|
}
|
|
|
|
else if (j == 0)
|
|
|
|
{
|
|
|
|
matrix[i][j] = i;
|
|
|
|
}
|
|
|
|
else if (string1[i - 1] == string2[j - 1])
|
|
|
|
{
|
|
|
|
matrix[i][j] = matrix[i - 1][j - 1];
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
matrix[i][j] = 1 + std::min(std::min(matrix[i][j - 1], matrix[i - 1][j]),
|
|
|
|
matrix[i - 1][j - 1]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return matrix[string1.size()][string2.size()];
|
|
|
|
}
|
|
|
|
|
Inform all clients when document changed behind our back
Introduce a new header X-LOOL-WOPI-Timestamp
This is a WOPI header extension to detect any external document change. For
example, when the file that is already opened by LOOL is changed
in storage.
The WOPI host sends LastModifiedTime field (in WOPI specs) as part
of the CheckFileInfo response. It also expects wsd to send the
same timestamp in X-LOOL-WOPI-Timestamp header during WOPI::PutFile. If
this header is present, then WOPI host checks, before saving the
document, if the timestamp in the header is equal to the timestamp of
the file in its storage. Only upon meeting this condition, it saves the
file back to storage, otherwise it informs us about some change
to the document.
We are supposed to inform the user accordingly. If user is okay
with over-writing the document, then we can omit sending
X-LOOL-WOPI-Timestamp header, in which case, no check as mentioned above
would be performed while saving the file and document will be
overwritten.
Also, use a separate list of LOOL status codes to denote such a change.
It would be wrong to use HTTP_CONFLICT status code for denoting doc
changed in storage scenario. WOPI specs reserves that for WOPI locks
which are not yet implemented. Better to use a separate LOOL specific
status codes synced across WOPI hosts and us to denote scenario that we
expect and are not covered in WOPI specs.
Change-Id: I61539dfae672bc104b8008f030f96e90f9ff48a5
2017-05-31 12:48:33 -05:00
|
|
|
// Gets value for `key` directly from the given JSON in `object`
|
|
|
|
template <typename T>
|
|
|
|
T getJSONValue(const Poco::JSON::Object::Ptr &object, const std::string& key)
|
|
|
|
{
|
|
|
|
T value = T();
|
|
|
|
try
|
|
|
|
{
|
|
|
|
const Poco::Dynamic::Var valueVar = object->get(key);
|
|
|
|
value = valueVar.convert<T>();
|
|
|
|
}
|
|
|
|
catch (const Poco::Exception& exc)
|
|
|
|
{
|
|
|
|
LOG_ERR("getJSONValue: " << exc.displayText() <<
|
|
|
|
(exc.nested() ? " (" + exc.nested()->displayText() + ")" : ""));
|
|
|
|
}
|
|
|
|
|
|
|
|
return value;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Function that searches `object` for `key` and warns if there are minor mis-spellings involved
|
|
|
|
// Upon successfull search, fills `value` with value found in object.
|
2016-11-11 08:32:29 -06:00
|
|
|
template <typename T>
|
|
|
|
void getWOPIValue(const Poco::JSON::Object::Ptr &object, const std::string& key, T& value)
|
2016-10-21 03:57:17 -05:00
|
|
|
{
|
2016-11-11 08:32:29 -06:00
|
|
|
std::vector<std::string> propertyNames;
|
|
|
|
object->getNames(propertyNames);
|
|
|
|
|
|
|
|
// Check each property name against given key
|
|
|
|
// and accept with a mis-spell tolerance of 2
|
|
|
|
// TODO: propertyNames can be pruned after getting its value
|
|
|
|
for (const auto& userInput: propertyNames)
|
|
|
|
{
|
|
|
|
std::string string1(key), string2(userInput);
|
|
|
|
std::transform(key.begin(), key.end(), string1.begin(), tolower);
|
|
|
|
std::transform(userInput.begin(), userInput.end(), string2.begin(), tolower);
|
|
|
|
int levDist = getLevenshteinDist(string1, string2);
|
|
|
|
|
|
|
|
if (levDist > 2) /* Mis-spelling tolerance */
|
|
|
|
continue;
|
|
|
|
else if (levDist > 0 || key != userInput)
|
|
|
|
{
|
2016-11-11 11:02:16 -06:00
|
|
|
LOG_WRN("Incorrect JSON property [" << userInput << "]. Did you mean " << key << " ?");
|
|
|
|
return;
|
2016-11-11 08:32:29 -06:00
|
|
|
}
|
|
|
|
|
Inform all clients when document changed behind our back
Introduce a new header X-LOOL-WOPI-Timestamp
This is a WOPI header extension to detect any external document change. For
example, when the file that is already opened by LOOL is changed
in storage.
The WOPI host sends LastModifiedTime field (in WOPI specs) as part
of the CheckFileInfo response. It also expects wsd to send the
same timestamp in X-LOOL-WOPI-Timestamp header during WOPI::PutFile. If
this header is present, then WOPI host checks, before saving the
document, if the timestamp in the header is equal to the timestamp of
the file in its storage. Only upon meeting this condition, it saves the
file back to storage, otherwise it informs us about some change
to the document.
We are supposed to inform the user accordingly. If user is okay
with over-writing the document, then we can omit sending
X-LOOL-WOPI-Timestamp header, in which case, no check as mentioned above
would be performed while saving the file and document will be
overwritten.
Also, use a separate list of LOOL status codes to denote such a change.
It would be wrong to use HTTP_CONFLICT status code for denoting doc
changed in storage scenario. WOPI specs reserves that for WOPI locks
which are not yet implemented. Better to use a separate LOOL specific
status codes synced across WOPI hosts and us to denote scenario that we
expect and are not covered in WOPI specs.
Change-Id: I61539dfae672bc104b8008f030f96e90f9ff48a5
2017-05-31 12:48:33 -05:00
|
|
|
value = getJSONValue<T>(object, userInput);
|
2016-11-11 08:32:29 -06:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
LOG_WRN("Missing JSON property [" << key << "]");
|
2016-10-21 03:57:17 -05:00
|
|
|
}
|
|
|
|
|
Inform all clients when document changed behind our back
Introduce a new header X-LOOL-WOPI-Timestamp
This is a WOPI header extension to detect any external document change. For
example, when the file that is already opened by LOOL is changed
in storage.
The WOPI host sends LastModifiedTime field (in WOPI specs) as part
of the CheckFileInfo response. It also expects wsd to send the
same timestamp in X-LOOL-WOPI-Timestamp header during WOPI::PutFile. If
this header is present, then WOPI host checks, before saving the
document, if the timestamp in the header is equal to the timestamp of
the file in its storage. Only upon meeting this condition, it saves the
file back to storage, otherwise it informs us about some change
to the document.
We are supposed to inform the user accordingly. If user is okay
with over-writing the document, then we can omit sending
X-LOOL-WOPI-Timestamp header, in which case, no check as mentioned above
would be performed while saving the file and document will be
overwritten.
Also, use a separate list of LOOL status codes to denote such a change.
It would be wrong to use HTTP_CONFLICT status code for denoting doc
changed in storage scenario. WOPI specs reserves that for WOPI locks
which are not yet implemented. Better to use a separate LOOL specific
status codes synced across WOPI hosts and us to denote scenario that we
expect and are not covered in WOPI specs.
Change-Id: I61539dfae672bc104b8008f030f96e90f9ff48a5
2017-05-31 12:48:33 -05:00
|
|
|
// Parse the json string and fill the Poco::JSON object
|
|
|
|
// Returns true if parsing successful otherwise false
|
|
|
|
bool parseJSON(const std::string& json, Poco::JSON::Object::Ptr& object)
|
|
|
|
{
|
|
|
|
bool success = false;
|
2017-07-06 04:17:19 -05:00
|
|
|
const auto index = json.find_first_of('{');
|
Inform all clients when document changed behind our back
Introduce a new header X-LOOL-WOPI-Timestamp
This is a WOPI header extension to detect any external document change. For
example, when the file that is already opened by LOOL is changed
in storage.
The WOPI host sends LastModifiedTime field (in WOPI specs) as part
of the CheckFileInfo response. It also expects wsd to send the
same timestamp in X-LOOL-WOPI-Timestamp header during WOPI::PutFile. If
this header is present, then WOPI host checks, before saving the
document, if the timestamp in the header is equal to the timestamp of
the file in its storage. Only upon meeting this condition, it saves the
file back to storage, otherwise it informs us about some change
to the document.
We are supposed to inform the user accordingly. If user is okay
with over-writing the document, then we can omit sending
X-LOOL-WOPI-Timestamp header, in which case, no check as mentioned above
would be performed while saving the file and document will be
overwritten.
Also, use a separate list of LOOL status codes to denote such a change.
It would be wrong to use HTTP_CONFLICT status code for denoting doc
changed in storage scenario. WOPI specs reserves that for WOPI locks
which are not yet implemented. Better to use a separate LOOL specific
status codes synced across WOPI hosts and us to denote scenario that we
expect and are not covered in WOPI specs.
Change-Id: I61539dfae672bc104b8008f030f96e90f9ff48a5
2017-05-31 12:48:33 -05:00
|
|
|
if (index != std::string::npos)
|
|
|
|
{
|
|
|
|
const std::string stringJSON = json.substr(index);
|
|
|
|
Poco::JSON::Parser parser;
|
|
|
|
const auto result = parser.parse(stringJSON);
|
|
|
|
object = result.extract<Poco::JSON::Object::Ptr>();
|
|
|
|
success = true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return success;
|
|
|
|
}
|
|
|
|
|
2017-05-17 03:48:51 -05:00
|
|
|
void addStorageDebugCookie(Poco::Net::HTTPRequest& request)
|
|
|
|
{
|
2017-05-17 06:13:24 -05:00
|
|
|
(void) request;
|
2017-05-17 03:48:51 -05:00
|
|
|
#if ENABLE_DEBUG
|
|
|
|
if (std::getenv("LOOL_STORAGE_COOKIE"))
|
|
|
|
{
|
|
|
|
Poco::Net::NameValueCollection nvcCookies;
|
|
|
|
std::vector<std::string> cookieTokens = LOOLProtocol::tokenize(std::string(std::getenv("LOOL_STORAGE_COOKIE")), ':');
|
|
|
|
if (cookieTokens.size() == 2)
|
|
|
|
{
|
|
|
|
nvcCookies.add(cookieTokens[0], cookieTokens[1]);
|
|
|
|
request.setCookies(nvcCookies);
|
|
|
|
LOG_TRC("Added storage debug cookie [" << cookieTokens[0] << "=" << cookieTokens[1] << "].");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2017-05-31 12:22:54 -05:00
|
|
|
Poco::Timestamp iso8601ToTimestamp(const std::string& iso8601Time)
|
|
|
|
{
|
|
|
|
Poco::Timestamp timestamp = Poco::Timestamp::fromEpochTime(0);
|
|
|
|
try
|
|
|
|
{
|
|
|
|
int timeZoneDifferential;
|
|
|
|
Poco::DateTime dateTime;
|
|
|
|
Poco::DateTimeParser::parse(Poco::DateTimeFormat::ISO8601_FRAC_FORMAT, iso8601Time, dateTime, timeZoneDifferential);
|
|
|
|
timestamp = dateTime.timestamp();
|
|
|
|
}
|
|
|
|
catch (const Poco::SyntaxException& exc)
|
|
|
|
{
|
|
|
|
LOG_WRN("Time [" << iso8601Time << "] is in invalid format: " << exc.displayText() <<
|
|
|
|
(exc.nested() ? " (" + exc.nested()->displayText() + ")" : ""));
|
|
|
|
}
|
|
|
|
|
|
|
|
return timestamp;
|
|
|
|
}
|
|
|
|
|
Inform all clients when document changed behind our back
Introduce a new header X-LOOL-WOPI-Timestamp
This is a WOPI header extension to detect any external document change. For
example, when the file that is already opened by LOOL is changed
in storage.
The WOPI host sends LastModifiedTime field (in WOPI specs) as part
of the CheckFileInfo response. It also expects wsd to send the
same timestamp in X-LOOL-WOPI-Timestamp header during WOPI::PutFile. If
this header is present, then WOPI host checks, before saving the
document, if the timestamp in the header is equal to the timestamp of
the file in its storage. Only upon meeting this condition, it saves the
file back to storage, otherwise it informs us about some change
to the document.
We are supposed to inform the user accordingly. If user is okay
with over-writing the document, then we can omit sending
X-LOOL-WOPI-Timestamp header, in which case, no check as mentioned above
would be performed while saving the file and document will be
overwritten.
Also, use a separate list of LOOL status codes to denote such a change.
It would be wrong to use HTTP_CONFLICT status code for denoting doc
changed in storage scenario. WOPI specs reserves that for WOPI locks
which are not yet implemented. Better to use a separate LOOL specific
status codes synced across WOPI hosts and us to denote scenario that we
expect and are not covered in WOPI specs.
Change-Id: I61539dfae672bc104b8008f030f96e90f9ff48a5
2017-05-31 12:48:33 -05:00
|
|
|
|
|
|
|
|
2016-07-18 06:45:36 -05:00
|
|
|
} // anonymous namespace
|
|
|
|
|
2017-08-16 09:38:00 -05:00
|
|
|
std::unique_ptr<WopiStorage::WOPIFileInfo> WopiStorage::getWOPIFileInfo(const Authorization& auth)
|
2016-03-31 01:48:34 -05:00
|
|
|
{
|
2017-05-12 10:42:03 -05:00
|
|
|
// update the access_token to the one matching to the session
|
2017-05-19 03:32:24 -05:00
|
|
|
Poco::URI uriObject(_uri);
|
2017-08-16 09:38:00 -05:00
|
|
|
auth.authorizeURI(uriObject);
|
2017-05-12 10:42:03 -05:00
|
|
|
|
|
|
|
LOG_DBG("Getting info for wopi uri [" << uriObject.toString() << "].");
|
2016-10-14 05:09:43 -05:00
|
|
|
|
2016-12-23 01:53:50 -06:00
|
|
|
std::string resMsg;
|
2016-10-14 07:46:49 -05:00
|
|
|
const auto startTime = std::chrono::steady_clock::now();
|
2016-12-23 01:53:50 -06:00
|
|
|
std::chrono::duration<double> callDuration(0);
|
|
|
|
try
|
|
|
|
{
|
2017-05-12 10:42:03 -05:00
|
|
|
std::unique_ptr<Poco::Net::HTTPClientSession> psession(getHTTPClientSession(uriObject));
|
2016-12-23 01:53:50 -06:00
|
|
|
|
2017-05-12 10:42:03 -05:00
|
|
|
Poco::Net::HTTPRequest request(Poco::Net::HTTPRequest::HTTP_GET, uriObject.getPathAndQuery(), Poco::Net::HTTPMessage::HTTP_1_1);
|
2017-05-14 14:17:19 -05:00
|
|
|
request.set("User-Agent", WOPI_AGENT_STRING);
|
2017-08-16 09:38:00 -05:00
|
|
|
auth.authorizeRequest(request);
|
2017-05-17 03:48:51 -05:00
|
|
|
addStorageDebugCookie(request);
|
2016-12-23 01:53:50 -06:00
|
|
|
psession->sendRequest(request);
|
2016-07-18 06:45:36 -05:00
|
|
|
|
2016-12-23 01:53:50 -06:00
|
|
|
Poco::Net::HTTPResponse response;
|
|
|
|
std::istream& rs = psession->receiveResponse(response);
|
|
|
|
callDuration = (std::chrono::steady_clock::now() - startTime);
|
2016-03-31 01:48:34 -05:00
|
|
|
|
2017-03-11 13:42:34 -06:00
|
|
|
auto logger = Log::trace();
|
|
|
|
if (logger.enabled())
|
2016-12-23 01:53:50 -06:00
|
|
|
{
|
2017-05-12 10:42:03 -05:00
|
|
|
logger << "WOPI::CheckFileInfo header for URI [" << uriObject.toString() << "]:\n";
|
2016-12-22 15:41:05 -06:00
|
|
|
for (const auto& pair : response)
|
|
|
|
{
|
|
|
|
logger << '\t' << pair.first << ": " << pair.second << " / ";
|
|
|
|
}
|
|
|
|
|
2017-03-11 13:42:34 -06:00
|
|
|
LOG_END(logger);
|
2016-12-23 01:53:50 -06:00
|
|
|
}
|
2016-03-31 01:48:34 -05:00
|
|
|
|
2017-05-18 13:05:45 -05:00
|
|
|
if (response.getStatus() != Poco::Net::HTTPResponse::HTTP_OK)
|
|
|
|
{
|
2017-05-19 10:34:03 -05:00
|
|
|
LOG_ERR("WOPI::CheckFileInfo failed with " << response.getStatus() << ' ' << response.getReason());
|
2017-05-18 13:05:45 -05:00
|
|
|
throw StorageConnectionException("WOPI::CheckFileInfo failed");
|
|
|
|
}
|
|
|
|
|
2016-12-23 01:53:50 -06:00
|
|
|
Poco::StreamCopier::copyToString(rs, resMsg);
|
|
|
|
}
|
|
|
|
catch(const Poco::Exception& pexc)
|
2016-03-31 01:48:34 -05:00
|
|
|
{
|
2017-05-21 23:26:07 -05:00
|
|
|
LOG_ERR("Cannot get file info from WOPI storage uri [" << uriObject.toString() << "]. Error: " << pexc.displayText() <<
|
2016-12-23 01:53:50 -06:00
|
|
|
(pexc.nested() ? " (" + pexc.nested()->displayText() + ")" : ""));
|
|
|
|
throw;
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
// Parse the response.
|
|
|
|
std::string filename;
|
|
|
|
size_t size = 0;
|
2016-11-08 02:14:14 -06:00
|
|
|
std::string ownerId;
|
2016-08-29 08:41:37 -05:00
|
|
|
std::string userId;
|
|
|
|
std::string userName;
|
2017-05-28 11:20:49 -05:00
|
|
|
std::string userExtraInfo;
|
2016-10-19 09:52:53 -05:00
|
|
|
bool canWrite = false;
|
2016-11-08 07:37:28 -06:00
|
|
|
bool enableOwnerTermination = false;
|
2016-10-25 02:13:00 -05:00
|
|
|
std::string postMessageOrigin;
|
2016-11-10 06:21:39 -06:00
|
|
|
bool hidePrintOption = false;
|
|
|
|
bool hideSaveOption = false;
|
|
|
|
bool hideExportOption = false;
|
2016-12-13 05:30:43 -06:00
|
|
|
bool disablePrint = false;
|
|
|
|
bool disableExport = false;
|
|
|
|
bool disableCopy = false;
|
2016-12-16 07:19:27 -06:00
|
|
|
std::string lastModifiedTime;
|
2016-10-14 07:46:49 -05:00
|
|
|
|
2016-12-22 15:41:05 -06:00
|
|
|
LOG_DBG("WOPI::CheckFileInfo returned: " << resMsg << ". Call duration: " << callDuration.count() << "s");
|
Inform all clients when document changed behind our back
Introduce a new header X-LOOL-WOPI-Timestamp
This is a WOPI header extension to detect any external document change. For
example, when the file that is already opened by LOOL is changed
in storage.
The WOPI host sends LastModifiedTime field (in WOPI specs) as part
of the CheckFileInfo response. It also expects wsd to send the
same timestamp in X-LOOL-WOPI-Timestamp header during WOPI::PutFile. If
this header is present, then WOPI host checks, before saving the
document, if the timestamp in the header is equal to the timestamp of
the file in its storage. Only upon meeting this condition, it saves the
file back to storage, otherwise it informs us about some change
to the document.
We are supposed to inform the user accordingly. If user is okay
with over-writing the document, then we can omit sending
X-LOOL-WOPI-Timestamp header, in which case, no check as mentioned above
would be performed while saving the file and document will be
overwritten.
Also, use a separate list of LOOL status codes to denote such a change.
It would be wrong to use HTTP_CONFLICT status code for denoting doc
changed in storage scenario. WOPI specs reserves that for WOPI locks
which are not yet implemented. Better to use a separate LOOL specific
status codes synced across WOPI hosts and us to denote scenario that we
expect and are not covered in WOPI specs.
Change-Id: I61539dfae672bc104b8008f030f96e90f9ff48a5
2017-05-31 12:48:33 -05:00
|
|
|
Poco::JSON::Object::Ptr object;
|
|
|
|
if (parseJSON(resMsg, object))
|
2016-03-31 01:48:34 -05:00
|
|
|
{
|
2016-11-11 08:32:29 -06:00
|
|
|
getWOPIValue(object, "BaseFileName", filename);
|
|
|
|
getWOPIValue(object, "Size", size);
|
|
|
|
getWOPIValue(object, "OwnerId", ownerId);
|
|
|
|
getWOPIValue(object, "UserId", userId);
|
|
|
|
getWOPIValue(object, "UserFriendlyName", userName);
|
2017-05-28 11:20:49 -05:00
|
|
|
getWOPIValue(object, "UserExtraInfo", userExtraInfo);
|
2016-11-11 08:32:29 -06:00
|
|
|
getWOPIValue(object, "UserCanWrite", canWrite);
|
|
|
|
getWOPIValue(object, "PostMessageOrigin", postMessageOrigin);
|
|
|
|
getWOPIValue(object, "HidePrintOption", hidePrintOption);
|
|
|
|
getWOPIValue(object, "HideSaveOption", hideSaveOption);
|
|
|
|
getWOPIValue(object, "HideExportOption", hideExportOption);
|
|
|
|
getWOPIValue(object, "EnableOwnerTermination", enableOwnerTermination);
|
2016-12-13 05:30:43 -06:00
|
|
|
getWOPIValue(object, "DisablePrint", disablePrint);
|
|
|
|
getWOPIValue(object, "DisableExport", disableExport);
|
|
|
|
getWOPIValue(object, "DisableCopy", disableCopy);
|
2016-12-16 07:19:27 -06:00
|
|
|
getWOPIValue(object, "LastModifiedTime", lastModifiedTime);
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
2016-10-21 03:57:17 -05:00
|
|
|
else
|
2016-12-22 15:41:05 -06:00
|
|
|
{
|
2017-05-14 21:58:02 -05:00
|
|
|
LOG_ERR("WOPI::CheckFileInfo failed and no JSON payload returned. Access denied.");
|
2017-05-21 23:26:07 -05:00
|
|
|
throw UnauthorizedRequestException("Access denied. WOPI::CheckFileInfo failed on: " + uriObject.toString());
|
2016-12-22 15:41:05 -06:00
|
|
|
}
|
2016-03-31 01:48:34 -05:00
|
|
|
|
Inform all clients when document changed behind our back
Introduce a new header X-LOOL-WOPI-Timestamp
This is a WOPI header extension to detect any external document change. For
example, when the file that is already opened by LOOL is changed
in storage.
The WOPI host sends LastModifiedTime field (in WOPI specs) as part
of the CheckFileInfo response. It also expects wsd to send the
same timestamp in X-LOOL-WOPI-Timestamp header during WOPI::PutFile. If
this header is present, then WOPI host checks, before saving the
document, if the timestamp in the header is equal to the timestamp of
the file in its storage. Only upon meeting this condition, it saves the
file back to storage, otherwise it informs us about some change
to the document.
We are supposed to inform the user accordingly. If user is okay
with over-writing the document, then we can omit sending
X-LOOL-WOPI-Timestamp header, in which case, no check as mentioned above
would be performed while saving the file and document will be
overwritten.
Also, use a separate list of LOOL status codes to denote such a change.
It would be wrong to use HTTP_CONFLICT status code for denoting doc
changed in storage scenario. WOPI specs reserves that for WOPI locks
which are not yet implemented. Better to use a separate LOOL specific
status codes synced across WOPI hosts and us to denote scenario that we
expect and are not covered in WOPI specs.
Change-Id: I61539dfae672bc104b8008f030f96e90f9ff48a5
2017-05-31 12:48:33 -05:00
|
|
|
const Poco::Timestamp modifiedTime = iso8601ToTimestamp(lastModifiedTime);
|
2017-05-19 03:32:24 -05:00
|
|
|
_fileInfo = FileInfo({filename, ownerId, modifiedTime, size});
|
|
|
|
|
2017-05-28 11:20:49 -05:00
|
|
|
return std::unique_ptr<WopiStorage::WOPIFileInfo>(new WOPIFileInfo({userId, userName, userExtraInfo, canWrite, postMessageOrigin, hidePrintOption, hideSaveOption, hideExportOption, enableOwnerTermination, disablePrint, disableExport, disableCopy, callDuration}));
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
|
|
|
|
2017-08-09 18:02:03 -05:00
|
|
|
/// PutRelativeFile - uri format: http://server/<...>/wopi*/files/<id>/
|
2017-08-17 20:44:33 -05:00
|
|
|
std::string WopiStorage::createCopyFile(const Authorization& auth, const std::string& newFileName, const std::string& path)
|
2017-08-09 18:02:03 -05:00
|
|
|
{
|
|
|
|
const auto size = getFileSize(_jailedFilePath);
|
|
|
|
std::ostringstream oss;
|
|
|
|
Poco::URI uriObject(_uri);
|
2017-08-17 20:44:33 -05:00
|
|
|
auth.authorizeURI(uriObject);
|
2017-08-09 18:02:03 -05:00
|
|
|
|
|
|
|
LOG_DBG("Wopi PutRelativeFile(save as) request for : " << uriObject.toString());
|
|
|
|
|
|
|
|
try
|
|
|
|
{
|
|
|
|
std::unique_ptr<Poco::Net::HTTPClientSession> psession(getHTTPClientSession(uriObject));
|
|
|
|
|
|
|
|
Poco::Net::HTTPRequest request(Poco::Net::HTTPRequest::HTTP_POST, uriObject.getPathAndQuery(), Poco::Net::HTTPMessage::HTTP_1_1);
|
|
|
|
request.set("User-Agent", WOPI_AGENT_STRING);
|
2017-08-17 20:44:33 -05:00
|
|
|
auth.authorizeRequest(request);
|
2017-08-09 18:02:03 -05:00
|
|
|
request.set("X-WOPI-Override", "PUT_RELATIVE");
|
|
|
|
request.set("X-WOPI-RelativeTarget", newFileName + "." + getFileExtension());
|
|
|
|
request.set("X-WOPI-Size", std::to_string(size));
|
|
|
|
/// custom header
|
|
|
|
request.set("X-WOPI-TargetPath", path);
|
|
|
|
request.setContentType("application/octet-stream");
|
|
|
|
request.setContentLength(size);
|
|
|
|
|
|
|
|
addStorageDebugCookie(request);
|
|
|
|
std::ostream& os = psession->sendRequest(request);
|
|
|
|
std::ifstream ifs(_jailedFilePath);
|
|
|
|
Poco::StreamCopier::copyStream(ifs, os);
|
|
|
|
|
|
|
|
Poco::Net::HTTPResponse response;
|
|
|
|
std::istream& rs = psession->receiveResponse(response);
|
|
|
|
Poco::StreamCopier::copyStream(rs, oss);
|
|
|
|
LOG_INF("WOPI::createCopyFile response: " << oss.str());
|
|
|
|
LOG_INF("WOPI::createCopyFile tried to create a copy of file at [" << uriObject.toString()
|
|
|
|
<< "] having a size of " << size << " bytes and suggested name is " << newFileName + "." + getFileExtension() << ". Response recieved "
|
|
|
|
<< response.getStatus() << " " << response.getReason());
|
|
|
|
|
|
|
|
auto logger = Log::trace();
|
|
|
|
if (logger.enabled())
|
|
|
|
{
|
|
|
|
logger << "WOPI::createCopyFile header for URI [" << uriObject.toString() << "]:\n";
|
|
|
|
for (const auto& pair : response)
|
|
|
|
{
|
|
|
|
logger << '\t' << pair.first << ": " << pair.second << " / ";
|
|
|
|
}
|
|
|
|
|
|
|
|
LOG_END(logger);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (response.getStatus() != Poco::Net::HTTPResponse::HTTP_OK)
|
|
|
|
{
|
|
|
|
LOG_ERR("WOPI::createCopyFile failed with " << response.getStatus() << ' ' << response.getReason());
|
|
|
|
throw StorageConnectionException("WOPI::createCopyFile failed");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
catch(const Poco::Exception& pexc)
|
|
|
|
{
|
|
|
|
LOG_ERR("createCopyFile cannot create a copy of file with WOPI storage uri [" << uriObject.toString() << "]. Error: " << pexc.displayText() <<
|
|
|
|
(pexc.nested() ? " (" + pexc.nested()->displayText() + ")" : ""));
|
|
|
|
return "";
|
|
|
|
}
|
|
|
|
|
|
|
|
std::string filename;
|
|
|
|
std::string url;
|
|
|
|
std::string hostEditUrl;
|
|
|
|
std::string hostViewUrl;
|
|
|
|
|
|
|
|
LOG_DBG("WOPI::createCopyFile returned: " << oss.str() );
|
|
|
|
Poco::JSON::Object::Ptr object;
|
|
|
|
if (parseJSON(oss.str(), object))
|
|
|
|
{
|
|
|
|
getWOPIValue(object, "Name", filename);
|
|
|
|
getWOPIValue(object, "Url", url);
|
|
|
|
getWOPIValue(object, "HostViewUrl", hostViewUrl);
|
|
|
|
getWOPIValue(object, "HostEditUrl", hostEditUrl);
|
|
|
|
}
|
|
|
|
return hostEditUrl;
|
|
|
|
}
|
|
|
|
|
2016-03-31 01:48:34 -05:00
|
|
|
/// uri format: http://server/<...>/wopi*/files/<id>/content
|
2017-08-16 09:38:00 -05:00
|
|
|
std::string WopiStorage::loadStorageFileToLocal(const Authorization& auth)
|
2016-03-31 01:48:34 -05:00
|
|
|
{
|
|
|
|
// WOPI URI to download files ends in '/contents'.
|
|
|
|
// Add it here to get the payload instead of file info.
|
|
|
|
Poco::URI uriObject(_uri);
|
2016-10-05 03:14:38 -05:00
|
|
|
uriObject.setPath(uriObject.getPath() + "/contents");
|
2017-08-16 09:38:00 -05:00
|
|
|
auth.authorizeURI(uriObject);
|
|
|
|
|
2016-12-22 15:41:05 -06:00
|
|
|
LOG_DBG("Wopi requesting: " << uriObject.toString());
|
2016-03-31 01:48:34 -05:00
|
|
|
|
2016-10-14 07:46:49 -05:00
|
|
|
const auto startTime = std::chrono::steady_clock::now();
|
2016-12-23 01:53:50 -06:00
|
|
|
try
|
|
|
|
{
|
|
|
|
std::unique_ptr<Poco::Net::HTTPClientSession> psession(getHTTPClientSession(uriObject));
|
2016-07-18 06:45:36 -05:00
|
|
|
|
2016-12-23 01:53:50 -06:00
|
|
|
Poco::Net::HTTPRequest request(Poco::Net::HTTPRequest::HTTP_GET, uriObject.getPathAndQuery(), Poco::Net::HTTPMessage::HTTP_1_1);
|
2017-05-14 14:17:19 -05:00
|
|
|
request.set("User-Agent", WOPI_AGENT_STRING);
|
2017-08-16 09:38:00 -05:00
|
|
|
auth.authorizeRequest(request);
|
2017-05-17 03:48:51 -05:00
|
|
|
addStorageDebugCookie(request);
|
2016-12-23 01:53:50 -06:00
|
|
|
psession->sendRequest(request);
|
2016-03-31 01:48:34 -05:00
|
|
|
|
2016-12-23 01:53:50 -06:00
|
|
|
Poco::Net::HTTPResponse response;
|
|
|
|
std::istream& rs = psession->receiveResponse(response);
|
|
|
|
const std::chrono::duration<double> diff = (std::chrono::steady_clock::now() - startTime);
|
|
|
|
_wopiLoadDuration += diff;
|
2016-03-31 01:48:34 -05:00
|
|
|
|
2017-03-11 13:42:34 -06:00
|
|
|
auto logger = Log::trace();
|
|
|
|
if (logger.enabled())
|
2016-12-23 01:53:50 -06:00
|
|
|
{
|
2016-12-22 15:41:05 -06:00
|
|
|
logger << "WOPI::GetFile header for URI [" << uriObject.toString() << "]:\n";
|
|
|
|
for (const auto& pair : response)
|
|
|
|
{
|
|
|
|
logger << '\t' << pair.first << ": " << pair.second << " / ";
|
|
|
|
}
|
|
|
|
|
2017-03-11 13:42:34 -06:00
|
|
|
LOG_END(logger);
|
2016-12-23 01:53:50 -06:00
|
|
|
}
|
2016-03-31 01:48:34 -05:00
|
|
|
|
2017-05-18 13:05:45 -05:00
|
|
|
if (response.getStatus() != Poco::Net::HTTPResponse::HTTP_OK)
|
|
|
|
{
|
2017-05-19 10:34:03 -05:00
|
|
|
LOG_ERR("WOPI::GetFile failed with " << response.getStatus() << ' ' << response.getReason());
|
2017-05-18 13:05:45 -05:00
|
|
|
throw StorageConnectionException("WOPI::GetFile failed");
|
|
|
|
}
|
|
|
|
else // Successful
|
|
|
|
{
|
|
|
|
_jailedFilePath = Poco::Path(getLocalRootPath(), _fileInfo._filename).toString();
|
|
|
|
std::ofstream ofs(_jailedFilePath);
|
|
|
|
std::copy(std::istreambuf_iterator<char>(rs),
|
|
|
|
std::istreambuf_iterator<char>(),
|
|
|
|
std::ostreambuf_iterator<char>(ofs));
|
|
|
|
LOG_INF("WOPI::GetFile downloaded " << getFileSize(_jailedFilePath) << " bytes from [" << uriObject.toString() <<
|
|
|
|
"] -> " << _jailedFilePath << " in " << diff.count() << "s");
|
|
|
|
|
|
|
|
_isLoaded = true;
|
|
|
|
// Now return the jailed path.
|
|
|
|
return Poco::Path(_jailPath, _fileInfo._filename).toString();
|
|
|
|
}
|
2016-12-23 01:53:50 -06:00
|
|
|
}
|
|
|
|
catch(const Poco::Exception& pexc)
|
|
|
|
{
|
|
|
|
LOG_ERR("Cannot load document from WOPI storage uri [" + uriObject.toString() + "]. Error: " << pexc.displayText() <<
|
|
|
|
(pexc.nested() ? " (" + pexc.nested()->displayText() + ")" : ""));
|
|
|
|
throw;
|
|
|
|
}
|
2016-03-31 01:48:34 -05:00
|
|
|
|
2017-05-18 13:05:45 -05:00
|
|
|
return "";
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
|
|
|
|
2017-08-16 09:38:00 -05:00
|
|
|
StorageBase::SaveResult WopiStorage::saveLocalFileToStorage(const Authorization& auth)
|
2016-03-31 01:48:34 -05:00
|
|
|
{
|
2016-10-19 09:52:53 -05:00
|
|
|
// TODO: Check if this URI has write permission (canWrite = true)
|
2016-03-31 01:48:34 -05:00
|
|
|
const auto size = getFileSize(_jailedFilePath);
|
2016-12-22 15:41:05 -06:00
|
|
|
|
2017-05-12 10:42:03 -05:00
|
|
|
Poco::URI uriObject(_uri);
|
2016-10-05 03:14:38 -05:00
|
|
|
uriObject.setPath(uriObject.getPath() + "/contents");
|
2017-08-16 09:38:00 -05:00
|
|
|
auth.authorizeURI(uriObject);
|
2017-05-12 10:42:03 -05:00
|
|
|
|
|
|
|
LOG_INF("Uploading URI via WOPI [" << uriObject.toString() << "] from [" << _jailedFilePath + "].");
|
2016-03-31 01:48:34 -05:00
|
|
|
|
|
|
|
std::ostringstream oss;
|
2016-11-23 06:09:54 -06:00
|
|
|
StorageBase::SaveResult saveResult = StorageBase::SaveResult::FAILED;
|
2016-12-23 01:53:50 -06:00
|
|
|
try
|
2016-11-23 06:09:54 -06:00
|
|
|
{
|
2016-12-23 01:53:50 -06:00
|
|
|
std::unique_ptr<Poco::Net::HTTPClientSession> psession(getHTTPClientSession(uriObject));
|
|
|
|
|
|
|
|
Poco::Net::HTTPRequest request(Poco::Net::HTTPRequest::HTTP_POST, uriObject.getPathAndQuery(), Poco::Net::HTTPMessage::HTTP_1_1);
|
|
|
|
request.set("X-WOPI-Override", "PUT");
|
2017-08-16 09:38:00 -05:00
|
|
|
auth.authorizeRequest(request);
|
2017-06-01 09:16:03 -05:00
|
|
|
if (!_forceSave)
|
2017-06-01 07:56:54 -05:00
|
|
|
{
|
|
|
|
// Request WOPI host to not overwrite if timestamps mismatch
|
|
|
|
request.set("X-LOOL-WOPI-Timestamp",
|
|
|
|
Poco::DateTimeFormatter::format(Poco::DateTime(_fileInfo._modifiedTime),
|
|
|
|
Poco::DateTimeFormat::ISO8601_FRAC_FORMAT));
|
|
|
|
}
|
2017-06-01 09:16:03 -05:00
|
|
|
|
2016-12-23 01:53:50 -06:00
|
|
|
request.setContentType("application/octet-stream");
|
|
|
|
request.setContentLength(size);
|
2017-05-17 03:48:51 -05:00
|
|
|
addStorageDebugCookie(request);
|
2016-12-23 01:53:50 -06:00
|
|
|
std::ostream& os = psession->sendRequest(request);
|
|
|
|
std::ifstream ifs(_jailedFilePath);
|
|
|
|
Poco::StreamCopier::copyStream(ifs, os);
|
|
|
|
|
|
|
|
Poco::Net::HTTPResponse response;
|
|
|
|
std::istream& rs = psession->receiveResponse(response);
|
|
|
|
Poco::StreamCopier::copyStream(rs, oss);
|
|
|
|
LOG_INF("WOPI::PutFile response: " << oss.str());
|
|
|
|
LOG_INF("WOPI::PutFile uploaded " << size << " bytes from [" << _jailedFilePath <<
|
|
|
|
"] -> [" << uriObject.toString() << "]: " <<
|
|
|
|
response.getStatus() << " " << response.getReason());
|
|
|
|
|
|
|
|
if (response.getStatus() == Poco::Net::HTTPResponse::HTTP_OK)
|
|
|
|
{
|
|
|
|
saveResult = StorageBase::SaveResult::OK;
|
Inform all clients when document changed behind our back
Introduce a new header X-LOOL-WOPI-Timestamp
This is a WOPI header extension to detect any external document change. For
example, when the file that is already opened by LOOL is changed
in storage.
The WOPI host sends LastModifiedTime field (in WOPI specs) as part
of the CheckFileInfo response. It also expects wsd to send the
same timestamp in X-LOOL-WOPI-Timestamp header during WOPI::PutFile. If
this header is present, then WOPI host checks, before saving the
document, if the timestamp in the header is equal to the timestamp of
the file in its storage. Only upon meeting this condition, it saves the
file back to storage, otherwise it informs us about some change
to the document.
We are supposed to inform the user accordingly. If user is okay
with over-writing the document, then we can omit sending
X-LOOL-WOPI-Timestamp header, in which case, no check as mentioned above
would be performed while saving the file and document will be
overwritten.
Also, use a separate list of LOOL status codes to denote such a change.
It would be wrong to use HTTP_CONFLICT status code for denoting doc
changed in storage scenario. WOPI specs reserves that for WOPI locks
which are not yet implemented. Better to use a separate LOOL specific
status codes synced across WOPI hosts and us to denote scenario that we
expect and are not covered in WOPI specs.
Change-Id: I61539dfae672bc104b8008f030f96e90f9ff48a5
2017-05-31 12:48:33 -05:00
|
|
|
Poco::JSON::Object::Ptr object;
|
|
|
|
if (parseJSON(oss.str(), object))
|
2017-05-31 12:22:54 -05:00
|
|
|
{
|
Inform all clients when document changed behind our back
Introduce a new header X-LOOL-WOPI-Timestamp
This is a WOPI header extension to detect any external document change. For
example, when the file that is already opened by LOOL is changed
in storage.
The WOPI host sends LastModifiedTime field (in WOPI specs) as part
of the CheckFileInfo response. It also expects wsd to send the
same timestamp in X-LOOL-WOPI-Timestamp header during WOPI::PutFile. If
this header is present, then WOPI host checks, before saving the
document, if the timestamp in the header is equal to the timestamp of
the file in its storage. Only upon meeting this condition, it saves the
file back to storage, otherwise it informs us about some change
to the document.
We are supposed to inform the user accordingly. If user is okay
with over-writing the document, then we can omit sending
X-LOOL-WOPI-Timestamp header, in which case, no check as mentioned above
would be performed while saving the file and document will be
overwritten.
Also, use a separate list of LOOL status codes to denote such a change.
It would be wrong to use HTTP_CONFLICT status code for denoting doc
changed in storage scenario. WOPI specs reserves that for WOPI locks
which are not yet implemented. Better to use a separate LOOL specific
status codes synced across WOPI hosts and us to denote scenario that we
expect and are not covered in WOPI specs.
Change-Id: I61539dfae672bc104b8008f030f96e90f9ff48a5
2017-05-31 12:48:33 -05:00
|
|
|
const std::string lastModifiedTime = getJSONValue<std::string>(object, "LastModifiedTime");
|
|
|
|
LOG_TRC("WOPI::PutFile returns LastModifiedTime [" << lastModifiedTime << "].");
|
2017-05-31 12:22:54 -05:00
|
|
|
_fileInfo._modifiedTime = iso8601ToTimestamp(lastModifiedTime);
|
2017-06-01 09:16:03 -05:00
|
|
|
|
|
|
|
// Reset the force save flag now, if any, since we are done saving
|
|
|
|
// Next saves shouldn't be saved forcefully unless commanded
|
|
|
|
_forceSave = false;
|
2017-05-31 12:22:54 -05:00
|
|
|
}
|
Inform all clients when document changed behind our back
Introduce a new header X-LOOL-WOPI-Timestamp
This is a WOPI header extension to detect any external document change. For
example, when the file that is already opened by LOOL is changed
in storage.
The WOPI host sends LastModifiedTime field (in WOPI specs) as part
of the CheckFileInfo response. It also expects wsd to send the
same timestamp in X-LOOL-WOPI-Timestamp header during WOPI::PutFile. If
this header is present, then WOPI host checks, before saving the
document, if the timestamp in the header is equal to the timestamp of
the file in its storage. Only upon meeting this condition, it saves the
file back to storage, otherwise it informs us about some change
to the document.
We are supposed to inform the user accordingly. If user is okay
with over-writing the document, then we can omit sending
X-LOOL-WOPI-Timestamp header, in which case, no check as mentioned above
would be performed while saving the file and document will be
overwritten.
Also, use a separate list of LOOL status codes to denote such a change.
It would be wrong to use HTTP_CONFLICT status code for denoting doc
changed in storage scenario. WOPI specs reserves that for WOPI locks
which are not yet implemented. Better to use a separate LOOL specific
status codes synced across WOPI hosts and us to denote scenario that we
expect and are not covered in WOPI specs.
Change-Id: I61539dfae672bc104b8008f030f96e90f9ff48a5
2017-05-31 12:48:33 -05:00
|
|
|
else
|
|
|
|
{
|
|
|
|
LOG_WRN("Invalid/Missing JSON found in WOPI::PutFile response");
|
|
|
|
}
|
2016-12-23 01:53:50 -06:00
|
|
|
}
|
|
|
|
else if (response.getStatus() == Poco::Net::HTTPResponse::HTTP_REQUESTENTITYTOOLARGE)
|
|
|
|
{
|
|
|
|
saveResult = StorageBase::SaveResult::DISKFULL;
|
|
|
|
}
|
2017-05-31 01:21:12 -05:00
|
|
|
else if (response.getStatus() == Poco::Net::HTTPResponse::HTTP_UNAUTHORIZED)
|
|
|
|
{
|
|
|
|
saveResult = StorageBase::SaveResult::UNAUTHORIZED;
|
|
|
|
}
|
Inform all clients when document changed behind our back
Introduce a new header X-LOOL-WOPI-Timestamp
This is a WOPI header extension to detect any external document change. For
example, when the file that is already opened by LOOL is changed
in storage.
The WOPI host sends LastModifiedTime field (in WOPI specs) as part
of the CheckFileInfo response. It also expects wsd to send the
same timestamp in X-LOOL-WOPI-Timestamp header during WOPI::PutFile. If
this header is present, then WOPI host checks, before saving the
document, if the timestamp in the header is equal to the timestamp of
the file in its storage. Only upon meeting this condition, it saves the
file back to storage, otherwise it informs us about some change
to the document.
We are supposed to inform the user accordingly. If user is okay
with over-writing the document, then we can omit sending
X-LOOL-WOPI-Timestamp header, in which case, no check as mentioned above
would be performed while saving the file and document will be
overwritten.
Also, use a separate list of LOOL status codes to denote such a change.
It would be wrong to use HTTP_CONFLICT status code for denoting doc
changed in storage scenario. WOPI specs reserves that for WOPI locks
which are not yet implemented. Better to use a separate LOOL specific
status codes synced across WOPI hosts and us to denote scenario that we
expect and are not covered in WOPI specs.
Change-Id: I61539dfae672bc104b8008f030f96e90f9ff48a5
2017-05-31 12:48:33 -05:00
|
|
|
else if (response.getStatus() == Poco::Net::HTTPResponse::HTTP_CONFLICT)
|
|
|
|
{
|
|
|
|
saveResult = StorageBase::SaveResult::CONFLICT;
|
|
|
|
Poco::JSON::Object::Ptr object;
|
|
|
|
if (parseJSON(oss.str(), object))
|
|
|
|
{
|
|
|
|
const unsigned loolStatusCode = getJSONValue<unsigned>(object, "LOOLStatusCode");
|
|
|
|
if (loolStatusCode == static_cast<unsigned>(LOOLStatusCode::DOC_CHANGED))
|
|
|
|
{
|
|
|
|
saveResult = StorageBase::SaveResult::DOC_CHANGED;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
LOG_WRN("Invalid/missing JSON in WOPI::PutFile response");
|
|
|
|
}
|
|
|
|
}
|
2016-11-23 06:09:54 -06:00
|
|
|
}
|
2016-12-23 01:53:50 -06:00
|
|
|
catch(const Poco::Exception& pexc)
|
2016-11-23 06:09:54 -06:00
|
|
|
{
|
2016-12-23 01:53:50 -06:00
|
|
|
LOG_ERR("Cannot save file to WOPI storage uri [" + uriObject.toString() + "]. Error: " << pexc.displayText() <<
|
|
|
|
(pexc.nested() ? " (" + pexc.nested()->displayText() + ")" : ""));
|
|
|
|
saveResult = StorageBase::SaveResult::FAILED;
|
2016-11-23 06:09:54 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
return saveResult;
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
|
|
|
|
2017-08-16 09:38:00 -05:00
|
|
|
std::string WebDAVStorage::loadStorageFileToLocal(const Authorization& /*auth*/)
|
2016-03-31 01:48:34 -05:00
|
|
|
{
|
|
|
|
// TODO: implement webdav GET.
|
2016-10-14 05:09:43 -05:00
|
|
|
_isLoaded = true;
|
2016-10-14 04:28:19 -05:00
|
|
|
return _uri.toString();
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
|
|
|
|
2017-08-16 09:38:00 -05:00
|
|
|
StorageBase::SaveResult WebDAVStorage::saveLocalFileToStorage(const Authorization& /*auth*/)
|
2016-03-31 01:48:34 -05:00
|
|
|
{
|
|
|
|
// TODO: implement webdav PUT.
|
2016-11-23 06:09:54 -06:00
|
|
|
return StorageBase::SaveResult::OK;
|
2016-03-31 01:48:34 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|