Password-protected shared folders

6 years ago · bf55657993
parent e6379dacd8
commit bf55657993
7 changed files with 44 additions and 29 deletions
--- a/www/common/common-ui-elements.js
+++ b/www/common/common-ui-elements.js
@ -156,7 +156,7 @@ define([
            }
            var parsed = Hash.parsePadUrl(data.href || data.roHref);
-            if (owned && parsed.hashData.type === 'pad') {
+            if (!data.noEditPassword && owned && parsed.hashData.type === 'pad') {
                var sframeChan = common.getSframeChannel();
                var changePwTitle = Messages.properties_changePassword;
                var changePwConfirm = Messages.properties_confirmChange;
--- a/www/common/cryptpad-common.js
+++ b/www/common/cryptpad-common.js
@ -128,6 +128,7 @@ define([
                href: '/drive/#' + Hash.getEditHashFromKeys(secret),
                roHref: '/drive/#' + Hash.getViewHashFromKeys(secret),
                channel: secret.channel,
                password: secret.password,
                ctime: +new Date()
            }
        }, cb);
--- a/www/common/proxy-manager.js
+++ b/www/common/proxy-manager.js
@ -386,14 +386,14 @@ define([
            if (data.folderData) { return; }
            // Folder creation
-            var hash = Hash.createRandomHash('drive');
+            var hash = Hash.createRandomHash('drive', data.password);
-            var href = '/drive/#' + hash;
+            var secret = Hash.getSecrets('drive', hash, data.password);
-            var secret = Hash.getSecrets('drive', hash);
+            var hashes = Hash.getHashes(secret);
            folderData = {
-                href: href,
+                href: '/drive/#' + hashes.editHash,
-                roHref: '/drive/#' + Hash.getViewHashFromKeys(secret),
+                roHref: '/drive/#' + hashes.viewHash,
                channel: secret.channel,
-                ctime: +new Date()
+                ctime: +new Date(),
            };
            if (data.password) { folderData.password = data.password; }
            if (data.owned) { folderData.owners = [Env.edPublic]; }
@ -541,6 +541,11 @@ define([
    // Set the value everywhere the given pad is stored (main and shared folders)
    var setPadAttribute = function (Env, data, cb) {
        cb = cb || function () {};
        if (!data.attr || !data.attr.trim()) { return void cb("E_INVAL_ATTR"); }
        var sfId = Env.user.userObject.getSFIdFromHref(data.href);
        if (sfId) {
            Env.user.proxy[UserObject.SHARED_FOLDERS][sfId][data.attr] = data.value;
        }
        var datas = findHref(Env, data.href);
        var nt = nThen;
        datas.forEach(function (d) {
@ -557,6 +562,10 @@ define([
    // correct one.
    var getPadAttribute = function (Env, data, cb) {
        cb = cb || function () {};
        var sfId = Env.user.userObject.getSFIdFromHref(data.href);
        if (sfId) {
            return void cb(null, Env.user.proxy[UserObject.SHARED_FOLDERS][sfId][data.attr]);
        }
        var datas = findHref(Env, data.href);
        var nt = nThen;
        var res = {};
--- a/www/common/sframe-common-outer.js
+++ b/www/common/sframe-common-outer.js
@ -204,6 +204,10 @@ define([
                // If no password, continue...
                todo();
            }
        }).nThen(function (waitFor) {
            if (cfg.afterSecrets) {
                cfg.afterSecrets(Cryptpad, Utils, secret, waitFor());
            }
        }).nThen(function (waitFor) {
            // Check if the pad exists on server
            if (!window.location.hash) { isNewFile = true; return; }
--- a/www/common/userObject.js
+++ b/www/common/userObject.js
@ -320,6 +320,18 @@ define([
            return result;
        };
        exp.getSFIdFromHref = function (href) {
            var result;
            getFiles([SHARED_FOLDERS]).some(function (id) {
                if (files[SHARED_FOLDERS][id].href === href ||
                    files[SHARED_FOLDERS][id].roHref === href) {
                    result = id;
                    return true;
                }
            });
            return result;
        };
        // SEARCH
        var _findFileInRoot = function (path, file) {
            if (!isPathIn(path, [ROOT, TRASH])) { return []; }
--- a/www/drive/inner.js
+++ b/www/drive/inner.js
@ -1763,8 +1763,8 @@ define([
                h('h4', Messages.sharedFolders_create),
                h('label', {for: 'cp-app-drive-sf-name'}, Messages.sharedFolders_create_name),
                h('input#cp-app-drive-sf-name', {type: 'text', placeholder: Messages.fm_newFolder}),
-                //h('label', {for: 'cp-app-drive-sf-password'}, Messages.sharedFolders_create_password),
+                h('label', {for: 'cp-app-drive-sf-password'}, Messages.sharedFolders_create_password),
-                //UI.passwordInput({id: 'cp-app-drive-sf-password'}),
+                UI.passwordInput({id: 'cp-app-drive-sf-password'}),
                h('span', {
                    style: 'display:flex;align-items:center;justify-content:space-between'
                }, [
@ -1784,8 +1784,7 @@ define([
                // Get the values
                var newName = $(content).find('#cp-app-drive-sf-name').val();
-                //var password = $(content).find('#cp-app-drive-sf-password').val() || undefined;
+                var password = $(content).find('#cp-app-drive-sf-password').val() || undefined;
                var password;
                var owned = $(content).find('#cp-app-drive-sf-owned').is(':checked');
                cb({
@ -3067,7 +3066,8 @@ define([
            if (manager.isSharedFolder(el)) {
                delete data.roHref;
-                data.noPassword = true;
+                //data.noPassword = true;
                data.noEditPassword = true;
                data.noExpiration = true;
            }
--- a/www/drive/main.js
+++ b/www/drive/main.js
@ -36,21 +36,13 @@ define([
        };
        window.addEventListener('message', onMsg);
    }).nThen(function (/*waitFor*/) {
-        var getSecrets = function (Cryptpad, Utils, cb) {
+        var afterSecrets = function (Cryptpad, Utils, secret, cb) {
            var hash = window.location.hash.slice(1);
            var secret = Utils.Hash.getSecrets('drive', hash);
            if (hash && Utils.LocalStore.isLoggedIn()) {
                // Add a shared folder!
                // TODO password?
                Cryptpad.addSharedFolder(secret, function (id) {
                    window.CryptPad_newSharedFolder = id;
-                    // Update the hash in the address bar
+                    cb();
                    var ohc = window.onhashchange;
                    window.onhashchange = function () {};
                    window.location.hash = "";
                    window.onhashchange = ohc;
                    ohc({reset:true});
                    cb(null, secret);
                });
                return;
            } else if (hash) {
@ -58,14 +50,11 @@ define([
                window.CryptPad_newSharedFolder = id;
                var data = {
                    href: Utils.Hash.getRelativeHref(window.location.href),
                    password: secret.password
                };
-                Cryptpad.loadSharedFolder(id, data, function () {
+                return void Cryptpad.loadSharedFolder(id, data, cb);
                    cb(null, secret);
                });
                return;
            }
-            // No password for drive
+            cb();
            cb(null, secret);
        };
        var addRpc = function (sframeChan, Cryptpad, Utils) {
            sframeChan.on('EV_BURN_ANON_DRIVE', function () {
@ -123,7 +112,7 @@ define([
            });
        };
        SFCommonO.start({
-            getSecrets: getSecrets,
+            afterSecrets: afterSecrets,
            noHash: true,
            noRealtime: true,
            driveEvents: true,