Enable compliant host URLs in CheckFileInfo

src/core/commoniface.py

@@ -80,8 +80,16 @@ def retrieverevalock(rawlock):
 
 
 def encodeinode(endpoint, inode):
-    '''Encodes a given endpoint and inode to be used as a safe WOPISrc: endpoint is assumed to already be URL safe'''
-    return endpoint + '-' + urlsafe_b64encode(inode.encode()).decode()
+    '''Encodes a given endpoint and inode to be used as a safe WOPISrc: endpoint is assumed to already be URL safe.
+    Note that the separator is chosen to be `!` (similar to how the web frontend is implemented) to allow the inverse
+    operation, assuming that `endpoint` does not contain any `!` characters.'''
+    return endpoint + '!' + urlsafe_b64encode(inode.encode()).decode()
+
+
+def decodeinode(inode):
+    '''Decodes an inode obtained from encodeinode()'''
+    e, f = inode.split('!')
+    return e, urlsafe_b64decode(f.encode()).decode()
 
 
 def validatelock(filepath, appname, oldlock, oldvalue, op, log):

src/core/wopi.py

@@ -13,7 +13,6 @@
 import http.client
 from datetime import datetime
 from urllib.parse import unquote_plus as url_unquote
-from urllib.parse import quote_plus as url_quote
 from more_itertools import peekable
 import flask
 import core.wopiutils as utils
@@ -38,8 +37,19 @@ def checkFileInfo(fileid, acctok):
         fmd['BaseFileName'] = fmd['BreadcrumbDocName'] = os.path.basename(acctok['filename'])
         wopiSrc = 'WOPISrc=%s&access_token=%s' % (utils.generateWopiSrc(fileid, acctok['appname'] == srv.proxiedappname),
                                                   flask.request.args['access_token'])
-        fmd['HostViewUrl'] = '%s%s%s' % (acctok['appviewurl'], '&' if '?' in acctok['appviewurl'] else '?', wopiSrc)
-        fmd['HostEditUrl'] = '%s%s%s' % (acctok['appediturl'], '&' if '?' in acctok['appediturl'] else '?', wopiSrc)
+        hosteurl = srv.config.get('general', 'hostediturl', fallback=None)
+        if hosteurl:
+            fmd['HostEditUrl'] = utils.generateUrlFromTemplate(hosteurl, acctok)
+        else:
+            fmd['HostEditUrl'] = '%s%s%s' % (acctok['appediturl'], '&' if '?' in acctok['appediturl'] else '?', wopiSrc)
+        hostvurl = srv.config.get('general', 'hostviewurl', fallback=None)
+        if hostvurl:
+            fmd['HostViewUrl'] = utils.generateUrlFromTemplate(hostvurl, acctok)
+        else:
+            fmd['HostViewUrl'] = '%s%s%s' % (acctok['appviewurl'], '&' if '?' in acctok['appviewurl'] else '?', wopiSrc)
+        fsurl = srv.config.get('general', 'filesharingurl', fallback=None)
+        if fsurl:
+            fmd['FileSharingUrl'] = utils.generateUrlFromTemplate(fsurl, acctok)
         furl = acctok['folderurl']
         fmd['BreadcrumbFolderUrl'] = furl if furl != '/' else srv.wopiurl   # the WOPI URL is a placeholder
         if acctok['username'] == '':
@@ -62,9 +72,6 @@ def checkFileInfo(fileid, acctok):
                 (srv.config.get('general', 'downloadurl'), flask.request.args['access_token'])
         fmd['BreadcrumbBrandName'] = srv.config.get('general', 'brandingname', fallback=None)
         fmd['BreadcrumbBrandUrl'] = srv.config.get('general', 'brandingurl', fallback=None)
-        fsurl = srv.config.get('general', 'filesharingurl', fallback=None)
-        if fsurl:
-            fmd['FileSharingUrl'] = fsurl.replace('<path>', url_quote(acctok['filename'])).replace('<resId>', fileid)
         fmd['OwnerId'] = statInfo['ownerid']
         fmd['UserId'] = acctok['wopiuser']     # typically same as OwnerId; different when accessing shared documents
         fmd['Size'] = statInfo['size']
@@ -399,6 +406,8 @@ def putRelative(fileid, reqheaders, acctok):
     # either way, we now have a targetName to save the file: attempt to do so
     try:
         utils.storeWopiFile(acctok, None, utils.LASTSAVETIMEKEY, targetName)
+        newstat = st.statx(acctok['endpoint'], targetName, acctok['userid'])
+        _, newfileid = common.decodeinode(newstat['inode'])
     except IOError as e:
         utils.storeForRecovery(flask.request.get_data(), acctok['username'], targetName,
                                flask.request.args['access_token'][-20:], e)
@@ -412,12 +421,27 @@ def putRelative(fileid, reqheaders, acctok):
                                                     acctok['folderurl'], acctok['endpoint'],
                                                     (acctok['appname'], acctok['appediturl'], acctok['appviewurl']))
     # prepare and send the response as JSON
-    putrelmd = {}
-    putrelmd['Name'] = os.path.basename(targetName)
+    mdforhosturls = {
+        'appname': acctok['appname'],
+        'filename': targetName,
+        'endpoint': acctok['endpoint'],
+        'fileid': newfileid,
+    }
     newwopisrc = '%s&access_token=%s' % (utils.generateWopiSrc(inode, acctok['appname'] == srv.proxiedappname), newacctok)
-    putrelmd['Url'] = url_unquote(newwopisrc).replace('&access_token', '?access_token')
-    putrelmd['HostEditUrl'] = '%s%s%s' % (acctok['appediturl'], '&' if '?' in acctok['appediturl'] else '?', newwopisrc)
-    putrelmd['HostViewUrl'] = '%s%s%s' % (acctok['appviewurl'], '&' if '?' in acctok['appediturl'] else '?', newwopisrc)
+    putrelmd = {
+        'Name': os.path.basename(targetName),
+        'Url': url_unquote(newwopisrc).replace('&access_token', '?access_token'),
+    }
+    hosteurl = srv.config.get('general', 'hostediturl', fallback=None)
+    if hosteurl:
+        putrelmd['HostEditUrl'] = utils.generateUrlFromTemplate(hosteurl, mdforhosturls)
+    else:
+        putrelmd['HostEditUrl'] = '%s%s%s' % (acctok['appediturl'], '&' if '?' in acctok['appediturl'] else '?', newwopisrc)
+    hostvurl = srv.config.get('general', 'hostviewurl', fallback=None)
+    if hostvurl:
+        putrelmd['HostViewUrl'] = utils.generateUrlFromTemplate(hostvurl, mdforhosturls)
+    else:
+        putrelmd['HostViewUrl'] = '%s%s%s' % (acctok['appviewurl'], '&' if '?' in acctok['appviewurl'] else '?', newwopisrc)
     resp = flask.Response(json.dumps(putrelmd), mimetype='application/json')
     putrelmd['Url'] = putrelmd['HostEditUrl'] = putrelmd['HostViewUrl'] = '_redacted_'
     log.info('msg="PutRelative response" token="%s" metadata="%s"' % (newacctok[-20:], putrelmd))

src/core/wopiutils.py

@@ -146,6 +146,14 @@ def generateWopiSrc(fileid, proxy=False):
     return url_quote_plus('%s/wopi/files/%s' % (srv.wopiproxy, fileid)).replace('-', '%2D')
 
 
+def generateUrlFromTemplate(url, acctok):
+    '''One-liner to parse an URL template and return it with actualised placeholders. See also common.encodeinode().'''
+    return url.replace('<path>', url_quote_plus(acctok['filename'])). \
+               replace('<endpoint>', acctok['endpoint']). \
+               replace('<fileid>', acctok['fileid']). \
+               replace('<app>', acctok['appname'])
+
+
 def getLibreOfficeLockName(filename):
     '''Returns the filename of a LibreOffice-compatible lock file.
     This enables interoperability between Online and Desktop applications'''
@@ -176,8 +184,8 @@ def generateAccessToken(userid, fileid, viewmode, user, folderurl, endpoint, app
     log.debug('msg="Generating token" userid="%s" fileid="%s" endpoint="%s" app="%s"' %
               (userid[-20:], fileid, endpoint, appname))
     try:
-        # stat the file to check for existence and get a version-invariant inode and modification time:
-        # the inode serves as fileid (and must not change across save operations), the mtime is used for version information.
+        # stat the file to check for existence and get a version-invariant inode:
+        # the inode serves as fileid (and must not change across save operations)
         statinfo = st.statx(endpoint, fileid, userid)
     except IOError as e:
         log.info('msg="Requested file not found or not a file" fileid="%s" error="%s"' % (fileid, e))
@@ -202,8 +210,8 @@ def generateAccessToken(userid, fileid, viewmode, user, folderurl, endpoint, app
         # does not set appname when the app is not proxied, so we optimistically assume it's Collabora and let it go)
         log.info('msg="Forcing read-only access to ODF file" filename="%s"' % statinfo['filepath'])
         viewmode = ViewMode.READ_ONLY
-    acctok = jwt.encode({'userid': userid, 'wopiuser': wopiuser, 'filename': statinfo['filepath'], 'username': username,
-                         'viewmode': viewmode.value, 'folderurl': folderurl, 'endpoint': endpoint,
+    acctok = jwt.encode({'userid': userid, 'wopiuser': wopiuser, 'filename': statinfo['filepath'], 'fileid': fileid,
+                         'username': username, 'viewmode': viewmode.value, 'folderurl': folderurl, 'endpoint': endpoint,
                          'appname': appname, 'appediturl': appediturl, 'appviewurl': appviewurl,
                          'exp': exptime, 'iss': 'cs3org:wopiserver:%s' % WOPIVER},    # standard claims
                         srv.wopisecret, algorithm='HS256')
@@ -212,7 +220,6 @@ def generateAccessToken(userid, fileid, viewmode, user, folderurl, endpoint, app
              (userid[-20:], wopiuser if wopiuser != userid else username, viewmode, endpoint,
               statinfo['filepath'], statinfo['inode'], statinfo['mtime'],
               folderurl, appname, exptime, acctok[-20:]))
-    # return the inode == fileid, the filepath and the access token
     return statinfo['inode'], acctok, viewmode
 
 

wopiserver.conf

@@ -44,9 +44,20 @@ loghandler = file
 
 # Optional URL to display a file sharing dialog. This enables
 # a 'Share' button within the application. The URL may contain
-# either the `<path>` or `<resId>` placeholders, which are
-# dynamically replaced with actual values for the opened file.
-#filesharingurl = https://your-efss-server.org/fileshare?filepath=<path>&resource=<resId>
+# any of the `<path>`, `<endpoint>`, `<fileid>`, and `<app>`
+# placeholders, which are dynamically replaced with actual values
+# for the opened file.
+#filesharingurl = https://your-efss-server.org/fileshare?filepath=<path>&app=<app>&fileId=<endpoint>!<fileid>
+
+# URLs for the pages that embed the application in edit mode and
+# preview mode. By default, the appediturl and appviewurl are used,
+# but it is recommended to configure here a URL that displays apps
+# within an iframe on your EFSS.
+# Placeholders `<path>`, `<endpoint>`, `<fileid>`, and `<app>` are
+# dynamically replaced similarly to the above. The suggested example
+# reflects the ownCloud web implementation.
+#hostediturl = https://your-efss-server.org/external/spaces<path>?app=<app>&fileId=<endpoint>!<fileid>
+#hostviewurl = https://your-efss-server.org/external/spaces<path>?app=<app>&fileId=<endpoint>!<fileid>&viewmode=VIEW_MODE_PREVIEW
 
 # Optional URL prefix for WebDAV access to the files. This enables
 # a 'Edit in Desktop client' action on Windows-based clients