The new password hash property is called secure_password in the config
file. `loolconfig` tool should be used to set the password hash in
appropriate format with desired salt length, password length, number of
iterations in PBKDF2.
To be backward compatible, plain-text password for admin-console in
config file is still accepted in case secure_password property is
missing from the config file.
Change-Id: If229999dac62856e368555c0242c4aa6f8061fba
A normal usage to set the admin password would be like :
loolconfig set-admin-password --config-file ./loolwsd.xml
Other command line options can also be given, like --pwd-salt-length,
--pwd-hash-length, --pwd-iterations.
Change-Id: I2a6f8d25e068b53a3f945426f0779c8410b2c8ba
UNDO_CONFLICT was intented to notify views, but
the constant value changed with latest patch upstream
Change-Id: I09062725539df3d974a47d89374d822d1d852770
This reverts commit e8ff268992.
To have support for both multitenancy - several WOPI hosts using same wsd -
and WOPI host aliases, using a ID unique across a WOPI host instance as
part of the WOPI URL is a better approach that handles both of above
mentioned issues cleanly.
When a client connects with expired/invalid
access_token, the document should remain
active for other/existing clients, if any.
However, if no clients exists (i.e. the
first client has invalid access_token),
then the document should be unloaded and
cleaned up.
Change-Id: Iaad95a4286325cc6ee130b37e3ad635993a71c72
Reviewed-on: https://gerrit.libreoffice.org/37916
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
.uno:DeletePage deletes the "current" page, while the intent here is to
delete all slides except the first one. Be explicit about this.
Change-Id: Ia8a8a5bf907e3d79cc646d54803447525375ce72
Reviewed-on: https://gerrit.libreoffice.org/37833
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Miklos Vajna <vmiklos@collabora.co.uk>
When the server recylces, the client should
transparently restore connection when the
server is back on. This was broken because
of the different times when moving in and out
of focus for dimming/inactivity purposes.
Here we track server recycling state
separately, and skip the dimming/inactivity
checks in that case.
Change-Id: I432b97b3278b5a6846c8d2c4fa964184f156d5f3
Reviewed-on: https://gerrit.libreoffice.org/37892
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Fixes the case when the client reconnects on idle
disconnection (because it never got the 'close: idle'
message).
Also, show informative message to users in this case
instead of grey screen.
Change-Id: Ia2e1f2ffefe6d35dd1552e7cc44e490aab86c600
Reviewed-on: https://gerrit.libreoffice.org/37891
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
When WOPI's CheckFileInfo or GetFile responds with status code other
than HTTP 200, show a message to the user indicating some problem in the
storage.
Currently, we open an empty document if storage doesn't return a
document which surely is not correct.
Mention the storage server address when asking user to contact the
server administrator to be more friendly.
Change-Id: I15f0489f36db8689b43d42f6b691fdd21815e4fa
Turns out this introduces two calls to the CheckFileInfo which is not really
what we should be doing; instead, let's do a kind of cannonicalization in the
WOPI host directly.
This reverts commit ec2fd0844f.
Change-Id: I311bf8a45b706ed9a4d8cd00db0a990ac6d461b4
Otherwise, WOPI implementations that use non-standard ports get CSP
voilation errors in the browsers because Poco's URI::getHost() method
strips the port number from the host.
No harm in mentioning the port number always even if its a standard one,
so always use Poco::URI::getPort() to append the port to the frame
ancestor.
Change-Id: I9e7a7021b38f717e14af3d389e30f24ecaf6d122
Otherwise the presesntation mode downloads them instead of showing.
Change-Id: If2c9785aa5ef6bbb65e911b834c77ea83da281e7
Reviewed-on: https://gerrit.libreoffice.org/37716
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
Tested-by: Jan Holesovsky <kendy@collabora.com>
The docKey creation moved to Storage where we first
invoke WOPI (if/when it's a WOPI-hosted doc and WOPI enabled)
and see if the user has access to the document at all.
If they do, we expect the server to give us a
unique ID to use for identifying the host regardless
of hostname aliases.
If a unique ID is not returned (i.e. empty or missing)
we use the hostname and port in its place as fallback.
This will break hostname aliases, but it will still work.
Change-Id: I407b0087395f9df6ad9cc6e037570487999be4a4
Reviewed-on: https://gerrit.libreoffice.org/37697
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Reworked handling of annotation layout. Now it behaves more like
writer annotations.
Now scrolling up annotations leads to scrolling the current slide too
when it is required in order to show not visible annotations.
Moreover the top visible annotation is now remembered for each slide,
and when the top annotation is not the first one, a bit of the bottom
of the previous annotation is showed so that the user gets aware that
there are more annotations above.
Change-Id: I3d087a8db35143a5e3abcd3e95e5e612d7638891
Reviewed-on: https://gerrit.libreoffice.org/37628
Reviewed-by: Marco Cecchetti <mrcekets@gmail.com>
Tested-by: Marco Cecchetti <mrcekets@gmail.com>
Document broker needs to know when the save request is sent and when the
save finished. It uses these parameters to avoid shutting down document,
in the document broker main polling loop, if save is already going on.
But direct .uno:Save commands issued from
loleaflet precludes document broker to keep track of it - in this case a
.uno:Save command issued from loleaflet followed by closing the
session will prevent saving the document to storage, if document is huge
enough and LO core takes a bit of time to save it. A save wrapper
command, 'save', ensures that document broker is aware of all such save
requests (_saveRequestTime member variable) and doesn't close the
document until we completely save it (to storage and other cleanups).
Change-Id: I5ec73d45adff23b2e7543e93dfd0624a5e5af46d
Show the user that authorization failed.
Change-Id: Iad63c11ac2033eee80062ecd43dff76f776924c3
Reviewed-on: https://gerrit.libreoffice.org/37610
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Thread-affinity checks must be inhibited
not just on Socket, but on the SocketPoll as well,
before destroying DocumentBroker instances.
Also, properly initialize the inhibit statics.
Change-Id: I2ced1554d477f0c3faf09bda74034cbae99e4ce1
Reviewed-on: https://gerrit.libreoffice.org/37608
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
...but in combination with the appropriate session's access_token to always
authenticate against the same instance of the WOPI host.
Change-Id: Ic94dfa8fcb226a2d134272b22edc1f8f76c24e34
Timeouts to dimming the doc in the browser
are now configurable from WSD and is relayed
to loleflet as expected.
Out of focus timeout is now 60 seconds.
Change-Id: I8452e30976f6a81b0c3bb3ba5774daa244c1640c
Reviewed-on: https://gerrit.libreoffice.org/37489
Reviewed-by: pranavk <pranavk@collabora.co.uk>
Tested-by: pranavk <pranavk@collabora.co.uk>