1
0

DefaultPublicShareTemplateProvider.php 8.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
  5. * SPDX-License-Identifier: AGPL-3.0-or-later
  6. */
  7. namespace OCA\Files_Sharing;
  8. use OCA\FederatedFileSharing\FederatedShareProvider;
  9. use OCA\Files_Sharing\AppInfo\Application;
  10. use OCA\Files_Sharing\Event\BeforeTemplateRenderedEvent;
  11. use OCA\Viewer\Event\LoadViewer;
  12. use OCP\Accounts\IAccountManager;
  13. use OCP\AppFramework\Http\ContentSecurityPolicy;
  14. use OCP\AppFramework\Http\Template\ExternalShareMenuAction;
  15. use OCP\AppFramework\Http\Template\LinkMenuAction;
  16. use OCP\AppFramework\Http\Template\PublicTemplateResponse;
  17. use OCP\AppFramework\Http\Template\SimpleMenuAction;
  18. use OCP\AppFramework\Http\TemplateResponse;
  19. use OCP\AppFramework\Services\IInitialState;
  20. use OCP\Constants;
  21. use OCP\Defaults;
  22. use OCP\EventDispatcher\IEventDispatcher;
  23. use OCP\Files\File;
  24. use OCP\IAppConfig;
  25. use OCP\IConfig;
  26. use OCP\IL10N;
  27. use OCP\IPreview;
  28. use OCP\IRequest;
  29. use OCP\IURLGenerator;
  30. use OCP\IUser;
  31. use OCP\IUserManager;
  32. use OCP\Share\IPublicShareTemplateProvider;
  33. use OCP\Share\IShare;
  34. use OCP\Util;
  35. class DefaultPublicShareTemplateProvider implements IPublicShareTemplateProvider {
  36. public function __construct(
  37. private IUserManager $userManager,
  38. private IAccountManager $accountManager,
  39. private IPreview $previewManager,
  40. protected FederatedShareProvider $federatedShareProvider,
  41. private IUrlGenerator $urlGenerator,
  42. private IEventDispatcher $eventDispatcher,
  43. private IL10N $l10n,
  44. private Defaults $defaults,
  45. private IConfig $config,
  46. private IRequest $request,
  47. private IInitialState $initialState,
  48. private IAppConfig $appConfig,
  49. ) {
  50. }
  51. public function shouldRespond(IShare $share): bool {
  52. return true;
  53. }
  54. public function renderPage(IShare $share, string $token, string $path): TemplateResponse {
  55. $shareNode = $share->getNode();
  56. $ownerName = '';
  57. $ownerId = '';
  58. // Only make the share owner public if they allowed to show their name
  59. $owner = $this->userManager->get($share->getShareOwner());
  60. if ($owner instanceof IUser) {
  61. $ownerAccount = $this->accountManager->getAccount($owner);
  62. $ownerNameProperty = $ownerAccount->getProperty(IAccountManager::PROPERTY_DISPLAYNAME);
  63. if ($ownerNameProperty->getScope() === IAccountManager::SCOPE_PUBLISHED) {
  64. $ownerName = $owner->getDisplayName();
  65. $ownerId = $owner->getUID();
  66. }
  67. }
  68. $view = 'public-share';
  69. if ($shareNode instanceof File) {
  70. $view = 'public-file-share';
  71. $this->initialState->provideInitialState('fileId', $shareNode->getId());
  72. } elseif (($share->getPermissions() & Constants::PERMISSION_CREATE)
  73. && !($share->getPermissions() & Constants::PERMISSION_READ)
  74. ) {
  75. // share is a folder with create but no read permissions -> file drop only
  76. $view = 'public-file-drop';
  77. // Only needed for file drops
  78. $this->initialState->provideInitialState(
  79. 'disclaimer',
  80. $this->appConfig->getValueString('core', 'shareapi_public_link_disclaimertext'),
  81. );
  82. }
  83. // Set up initial state
  84. $this->initialState->provideInitialState('isPublic', true);
  85. $this->initialState->provideInitialState('sharingToken', $token);
  86. $this->initialState->provideInitialState('sharePermissions', $share->getPermissions());
  87. $this->initialState->provideInitialState('filename', $shareNode->getName());
  88. $this->initialState->provideInitialState('view', $view);
  89. // Load scripts and styles for UI
  90. Util::addInitScript('files', 'init');
  91. Util::addInitScript(Application::APP_ID, 'init');
  92. Util::addInitScript(Application::APP_ID, 'init-public');
  93. Util::addScript('files', 'main');
  94. // Add file-request script if needed
  95. $attributes = $share->getAttributes();
  96. $isFileRequest = $attributes?->getAttribute('fileRequest', 'enabled') === true;
  97. if ($isFileRequest) {
  98. Util::addScript(Application::APP_ID, 'public-file-request');
  99. }
  100. // Load Viewer scripts
  101. if (class_exists(LoadViewer::class)) {
  102. $this->eventDispatcher->dispatchTyped(new LoadViewer());
  103. }
  104. // Allow external apps to register their scripts
  105. $this->eventDispatcher->dispatchTyped(new BeforeTemplateRenderedEvent($share));
  106. // OpenGraph Support: http://ogp.me/
  107. $this->addOpenGraphHeaders($share);
  108. // CSP to allow office
  109. $csp = new ContentSecurityPolicy();
  110. $csp->addAllowedFrameDomain('\'self\'');
  111. $response = new PublicTemplateResponse(
  112. 'files',
  113. 'index',
  114. );
  115. $response->setContentSecurityPolicy($csp);
  116. // If the share has a label, use it as the title
  117. if ($share->getLabel() !== '') {
  118. $response->setHeaderTitle($share->getLabel());
  119. $response->setParams(['pageTitle' => $share->getLabel()]);
  120. } else {
  121. $response->setHeaderTitle($shareNode->getName());
  122. $response->setParams(['pageTitle' => $shareNode->getName()]);
  123. }
  124. if ($ownerName !== '') {
  125. $response->setHeaderDetails($this->l10n->t('shared by %s', [$ownerName]));
  126. }
  127. // Create the header action menu
  128. $headerActions = [];
  129. if ($view !== 'public-file-drop') {
  130. // The download URL is used for the "download" header action as well as in some cases for the direct link
  131. $downloadUrl = $this->urlGenerator->linkToRouteAbsolute('files_sharing.sharecontroller.downloadShare', [
  132. 'token' => $token,
  133. 'filename' => ($shareNode instanceof File) ? $shareNode->getName() : null,
  134. ]);
  135. // If not a file drop, then add the download header action
  136. $headerActions[] = new SimpleMenuAction('download', $this->l10n->t('Download'), 'icon-download', $downloadUrl, 0, (string)$shareNode->getSize());
  137. // If remote sharing is enabled also add the remote share action to the menu
  138. if ($this->federatedShareProvider->isOutgoingServer2serverShareEnabled() && !$share->getHideDownload()) {
  139. $headerActions[] = new ExternalShareMenuAction(
  140. // TRANSLATORS The placeholder refers to the software product name as in 'Add to your Nextcloud'
  141. $this->l10n->t('Add to your %s', [$this->defaults->getProductName()]),
  142. 'icon-external',
  143. $ownerId,
  144. $ownerName,
  145. $shareNode->getName(),
  146. );
  147. }
  148. }
  149. $shareUrl = $this->urlGenerator->linkToRouteAbsolute('files_sharing.sharecontroller.showShare', ['token' => $token]);
  150. // By default use the share link as the direct link
  151. $directLink = $shareUrl;
  152. // Add the direct link header actions
  153. if ($shareNode->getMimePart() === 'image') {
  154. // If this is a file and especially an image directly point to the image preview
  155. $directLink = $this->urlGenerator->linkToRouteAbsolute('files_sharing.publicpreview.directLink', ['token' => $token]);
  156. } elseif (($share->getPermissions() & Constants::PERMISSION_READ) && !$share->getHideDownload()) {
  157. // Can read and no download restriction, so just download it
  158. $directLink = $downloadUrl ?? $shareUrl;
  159. }
  160. $headerActions[] = new LinkMenuAction($this->l10n->t('Direct link'), 'icon-public', $directLink);
  161. $response->setHeaderActions($headerActions);
  162. return $response;
  163. }
  164. /**
  165. * Add OpenGraph headers to response for preview
  166. * @param IShare $share The share for which to add the headers
  167. */
  168. protected function addOpenGraphHeaders(IShare $share): void {
  169. $shareNode = $share->getNode();
  170. $token = $share->getToken();
  171. $shareUrl = $this->urlGenerator->linkToRouteAbsolute('files_sharing.sharecontroller.showShare', ['token' => $token]);
  172. // Handle preview generation for OpenGraph
  173. if ($this->previewManager->isMimeSupported($shareNode->getMimetype())) {
  174. // For images we can use direct links
  175. if ($shareNode->getMimePart() === 'image') {
  176. $ogPreview = $this->urlGenerator->linkToRouteAbsolute('files_sharing.publicpreview.directLink', ['token' => $token]);
  177. // Whatsapp is kind of picky about their size requirements
  178. if ($this->request->isUserAgent(['/^WhatsApp/'])) {
  179. $ogPreview = $this->urlGenerator->linkToRouteAbsolute('files_sharing.PublicPreview.getPreview', [
  180. 'token' => $token,
  181. 'x' => 256,
  182. 'y' => 256,
  183. 'a' => true,
  184. ]);
  185. }
  186. } else {
  187. // For normal files use preview API
  188. $ogPreview = $this->urlGenerator->linkToRouteAbsolute(
  189. 'files_sharing.PublicPreview.getPreview',
  190. [
  191. 'x' => 256,
  192. 'y' => 256,
  193. 'file' => $share->getTarget(),
  194. 'token' => $token,
  195. ],
  196. );
  197. }
  198. } else {
  199. // No preview supported, so we just add the favicon
  200. $ogPreview = $this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'favicon-fb.png'));
  201. }
  202. Util::addHeader('meta', ['property' => 'og:title', 'content' => $shareNode->getName()]);
  203. Util::addHeader('meta', ['property' => 'og:description', 'content' => $this->defaults->getName() . ($this->defaults->getSlogan() !== '' ? ' - ' . $this->defaults->getSlogan() : '')]);
  204. Util::addHeader('meta', ['property' => 'og:site_name', 'content' => $this->defaults->getName()]);
  205. Util::addHeader('meta', ['property' => 'og:url', 'content' => $shareUrl]);
  206. Util::addHeader('meta', ['property' => 'og:type', 'content' => 'object']);
  207. Util::addHeader('meta', ['property' => 'og:image', 'content' => $ogPreview]);
  208. }
  209. }