While UserFriendlyName is an optional field
in the WOPI protocol, Core needs it for
the Author of the document. When it's blank
the Author is not set and the document fails
to load.
By default we are at least able to load the
document with a sensible placeholder for the
Author. Meanwhile, we log a warning to let
the integrators know of the issue.
Documentation updated.
Change-Id: I4dd2c9d164b4d889f85701a4a27ee8d395bff220
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
The development environment is necessary analyse
the logs, so disable setting SAL_LOG instead to
add a parameter to already a long list of options
Change-Id: Id8e4a66e1dcb32c636806e47e1d69270af4c53f5
Signed-off-by: Henry Castro <hcastro@collabora.com>
A minor cleanup of UploadResult to make tidy
it up a little bit and make it less specific.
Single-argument constructors should be explicit
to avoid unexpected conversion and other surprises.
Change-Id: I57599805743dffddac620f501dc6ca79c2217f89
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
In some cases we cannot do a fast bind-mount of the files we want
in our jail since we don't have cap_sys_admin for loolmount inside
eg. docker.
Thus we need to fallback to hard-linking, however various security
systems namespace parts of our tree, such that link() fails with
EXDEV even across the (apparently) same file-system.
As such we need to assemble a copy of what we want to hard-link
close to our jails. However, this needs to be owned by root / the
system to avoid having writable files shared between jails. Hence
we need cap_chown in addition to cap_fowner, to get ownership right
and then hard-link.
Change-Id: Iba0ef46ddbc1c03f3dc7177bc1ec1755624135db
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Most C and Posix API clobber errno. By failing to save
it immediately after invoking an API we risk simply
reporting the result of an arbitrary subsequent API call.
This adds LOG_SYS_ERRNO to take errno explicitly.
This is necessary because sometimes logging is not done
immediately after calling the function for which we
want to report errno. Similarly, log macros that log
errno need to save errno before calling any functions.
This is necessary as the argements might contain calls
that clobber errno.
This also converts some LOG_SYS entries to LOG_ERR
because there can be no relevant errno in that context
(f.e. in a catch clause).
A couple of LOG_ macros have been folded into others,
reducing redundancy.
Finally, both of these log macros append errno to the
log message, so there is little point in ending the
messages with a period.
Change-Id: Iecc656f67115fec78b65cad4e7c17a17623ecf43
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Cleans up some of the conversions and implicity
unit in integral types.
Change-Id: I79f35b92f8f631894e55bdb39851b050870fce96
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Happens when renderfont is called without first loading a document.
Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: I1152d1f4b3f610364e22c406cda5494672f20aed
Avoiding some debug code ending up in the product.
Change-Id: If37b2986f134986a33b9dd5b4729b50c56cbc248
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Saving documents to storage also logs and broadcasts
the result to the users. Return values from these
functions are ignored, and anyway not actionable.
Change-Id: Iaf0dab9c6ac8c593e4df292c71fcb30e8b6d7eeb
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Also, makes the logging of units much less error prone.
The overloaded streaming operators are temporary as
they are provided in C++20. The ones here (though
incomplete) are fashioned after the C++20 specs.
Change-Id: Ieb499282ccb6e63fa939ba07bed3e5a4fbef1bd0
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
chrono::system_clock can go back in time.
For time interval measurements, where we don't
care about the local time, a monotonic clock
should be used.
This avoids the server uptime jumping around
with daylight saving (or indeed by regular
synchronization with an atomic clock), among
other cases.
Change-Id: I09f9b24c82d19439348a2e66cad9e9de7d755208
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
While chrono supports double as a datatype, it
is opaque and doesn't lend itself to any obvious
units of time (presumably seconds). Using
chrono::milliseconds is much more readable and
also safe when converting from seconds or any
other units. Ultimately, we typically convert
to milliseconds anyway, mostly for logging.
There is but one exception where we convert
in seconds, and now that case is documented.
Change-Id: Ide98f45f2ad8da8225d41ae870bbc4bc09a2a0b5
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
No advantage in using int when chrono handles
conversion and comparisons transparently for us.
Change-Id: Idc942e7a2557ef979d876f378cf6bb84d3e657cd
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
std::chrono handles unit conversion handsomely
and where there could be logical errors, the
compiler errors out. We only ever need to
use raw integer or double values to interface
C functions and possibly for IO.
Change-Id: I5c2b43c36bd69840f1a4172e9898666c4d68c567
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Now chosen log level is propagated to forkit and kits.
Also, admin console users can filter logs according to their channel names on client side.
Change-Id: Ife15a6148ed87533b81e9d63da252c633e74e559
Signed-off-by: Gökay Şatır <gokaysatir@collabora.com>
A number of call-sites, eg. clipboard, or admin-ws were
writing to sockets assuming they could return all the data
in a single series of writes, without needing to poll. As
such they failed to addSocketToPoll on the new poll - eg.
the docBroker. Unfortunately this meant that on EAGAIN
writes, the socket would be closed and the last parts
of a message lost.
Browsers would give net::ERR_CONTENT_LENGTH_MISMATCH 200 (OK)
The situation is/was intermittent, so painful to debug.
On under-loaded developer machines, socket buffers are larger,
so this was seldom seen.
The re-factor forces a transfer to another SocketPoll via
the disposition, except for a couple of corner cases.
Change-Id: I2f1b2f99f179c4fda84464c9241fe434fa527725
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Using "load" and "save" in the storage was a poor
choice of verbs, in hindsight, because these very
same verbs are also used to describe the loading
and saving of documents in Core.
It is more appropriate to label the storage
operations as download and upload, respectively,
to avoid any confusion. This is especially useful
because when reporting we have for some time now
been reporting the results of each of these
stages separately, there is no longer reason
to label them the same.
We already used "upload" and "download" in
some of the logs, but not all.
Change-Id: I0fac9130032e2c3c6dfb4d671c31130265091f0d
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This is in preparation for asynchronous uploading.
Change-Id: I5c9977107b415efd24cbd99c29599b86cfe32933
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
The current session is needed only while loading, as it's not
yet in the sessions container. But while saving, broadcasting
to all sessions includes the current session as well, and
we avoid sending duplicate message to the current session.
We also make the broadcast helper a member of DocumentBroker
which simplifies it.
Change-Id: I3bb37cc808d97ba2b772b88474a8c10f7fdff6b7
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This is in preparation for asynchronous uploading.
Change-Id: Ibd0ff0fa8edfc08ad2755a45227891ed40e09d1c
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
The temporary directories created for convert-to
and insertfile are used only once and should be
cleaned up to avoid clutter.
We also de-poco the temp directory creation as
it doesn't add value and do a bit of cleanup.
Change-Id: Ie1fd5b4749788ff4407f2cc886d405258f65f97a
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
We now download the convert-to files into the
child-root/tmp directory and then move it into
the jail that will convert it. This way ownership
and cleanup become contained within our child-root
and jail subsystems. This reduces the chances of
leaking convert-to files and simplifies the design.
In addition, we avoid an extra file copy and improve
the security of the convert-to API.
Change-Id: I450c24d0d0dc0da447c8072b0701c3b48d07c81b
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
size_t in C and in C++ are not necessarily the same
type. The C++ size_t is in the std namespace. Since
we do include many C headers, and indeed some C++
runtime headers do define size_t for backwards
compatibility, it's easy to mix and match the two
types.
Also, 'using std::size_t;' isn't a great practice,
so removed.
This is not exhaustive, just some low-hanging cases.
Change-Id: I85a36b6fd1acd204274b1869de9bcb94c8b3cf13
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This makes the code self-documenting and avoids accidental
comparison or assignment of Result variables/values.
Change-Id: I84b8e36aa999191c8704938552b73ddc1c3dc3fc
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This replaces Util::getFileTimestamp with
FileUtil::Stat::modifiedTimepoint() and fixes a potential bug:
getFileTimestamp had only 1 second precision (it simply dropped
sub-second data). This could mean that any modifications to a file
within a second could not be detected.
Minor simplifications done where possible and overly long lines
have been reformatted.
This is a non-functional change (except that file modified-time
now supports microsecond precision).
Change-Id: I3606638a86fc3e00c0ad5cb602bdbb2b4651867b
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Confusion arose due to separate creation of session, and watermark
property fetch from CheckFileInfo which happens in DocumentBroker::load
which doesn't do a load. This happens in a subsequent 'load url='
message cf. global.js which can then race vs. the session creation.
This causes mis-ordering of another unhelpfully shared Session,
letting the view canonicalization list to get out of sync between
the two processes.
So instead - tell the view it's canonical id. An example of the
problems of trying to share some unclear subset of the Session
class between kit and wsd perhaps.
Change-Id: I63dc30f9a047e3f889fd339b6aaf392b9fef37b9
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
