Merge remote-tracking branch 'origin/develop' into develop

Author: cdujeu

core/src/core/src/pydio/Core/Http/Wopi/AuthFrontend.php

@@ -75,12 +75,12 @@ function retrieveParams(ServerRequestInterface &$request, ResponseInterface &$re
         $httpVars["auth_token"] = $payload->token;
         $httpVars["auth_hash"] = $payload->hash;
 
-        // NOT GREAT - WE REMOVE /contents from the uri to ensure that the auth_hash works fine
         $uri = $request->getUri();
-        $path = str_replace("/contents", "", $uri->getPath());
-        $uri = $uri->withPath($path);
+        $query = $uri->getQuery();
+        $uri = $uri->withPath($payload->uri);
+        $path = $uri->getPath();
 
-        $_SERVER["REQUEST_URI"] = $uri->getPath() . '?' . $uri->getQuery();
+        $_SERVER["REQUEST_URI"] = $path . '?' . $query;
 
         // Handle upload case
         if ($action == "upload") {
@@ -92,7 +92,7 @@ function retrieveParams(ServerRequestInterface &$request, ResponseInterface &$re
                 $stream,
                 $size,
                 0,
-                basename($path)
+                basename($payload->uri)
             );
 
             $request = $request->withUploadedFiles(["userfile_0" => $uploadedFile]);
@@ -159,4 +159,4 @@ function tryToLogUser(ServerRequestInterface &$request, ResponseInterface &$resp
         // We're through
         return true;
     }
-} 
+}

core/src/core/src/pydio/Core/Http/Wopi/Middleware.php

@@ -96,7 +96,7 @@ public function emitResponse(ServerRequestInterface $request, ResponseInterface
                 $meta = $node->getNodeInfoMeta();
                 $userId = $node->getUser()->getId();
                 $data = [
-                    "BaseFileName" => $node->getLabel(),
+                    "BaseFileName" => urlencode($node->getLabel()),
                     "OwnerId" => $userId,
                     "Size" => $meta["bytesize"],
                     "UserId" => $userId,
@@ -126,12 +126,15 @@ public function emitResponse(ServerRequestInterface $request, ResponseInterface
             }
         }
 
-        if($response !== false && ($response->getBody()->getSize() || $response instanceof EmptyResponse) || $response->getStatusCode() != 200) {
+        if( $response->getBody()->getSize() === null
+            || $response->getBody()->getSize() > 0
+            || $response instanceof \Zend\Diactoros\Response\EmptyResponse
+            || $response->getStatusCode() != 200) {
             $emitter = new SapiEmitter();
             ShutdownScheduler::setCloseHeaders($response);
             $emitter->emit($response);
             ShutdownScheduler::getInstance()->callRegisteredShutdown();
         }
     }
 
-}
+}

core/src/plugins/editor.libreoffice/Driver.php

@@ -94,11 +94,9 @@ public function switchAction(ServerRequestInterface &$request, ResponseInterface
 
         $selection = UserSelection::fromContext($ctx, $httpVars);
         $destStreamURL = $selection->currentBaseUrl();
-        $filePath = str_replace('%2F', '/', rawurlencode($httpVars['file']));
+        $node = $selection->getUniqueNode();
 
-        $nodeUrl = $destStreamURL . $filePath;
-
-        if (empty($userId) || empty($filePath) || empty($repository)) return false;
+        if (empty($userId) || empty($node) || empty($repository)) return false;
 
         if ($action == "libreoffice_get_file_url") {
 
@@ -114,23 +112,30 @@ public function switchAction(ServerRequestInterface &$request, ResponseInterface
 
             // Generating the auth hash and token
             $nonce = sha1(rand());
-            $uri = '/wopi/files/' . $repositoryId . $filePath;
 
-            $msg = $uri . ':' . $nonce . ':' . $private;
+            $nodePath = $node->getPath();
+            $nodeUrl = $node->getUrl();
+
+            $escapedNodePath = str_replace('%2F', '/', rawurlencode($node->getPath()));
+
+            $uri = '/wopi/files/' . $repositoryId . $nodePath;
+            $escapedUri = '/wopi/files/' . $repositoryId . $escapedNodePath;
+
+            $msg = $escapedUri . ':' . $nonce . ':' . $private;
             $hmac = hash_hmac('sha256', $msg, $token);
             $auth_hash = $nonce . ':' . $hmac;
 
             // Generating the jwt token for the file
             $payload["token"] = $token;
             $payload["hash"] = $auth_hash;
-            $payload["file"] = $uri;
+            $payload["uri"] = $uri;
             $payload["task"] = $task;
 
             $jwt = JWT::encode($payload, $private);
 
             $resp = [
                 'host' => ApplicationState::detectServerURL(),
-                'uri' => $uri,
+                'uri' => $escapedUri,
                 'jwt' => $jwt,
                 'permission' => $user->canWrite($repositoryId) && is_writeable($nodeUrl) ? 'edit' : 'readonly'
             ];
@@ -198,4 +203,4 @@ public function listEmptyFormatsAction(ServerRequestInterface $requestInterface,
         $responseInterface = new JsonResponse($list);
 
     }
-}
+}