diff --git a/www/common/common-ui-elements.js b/www/common/common-ui-elements.js index 70da31523..3149e4e5d 100644 --- a/www/common/common-ui-elements.js +++ b/www/common/common-ui-elements.js @@ -162,7 +162,7 @@ define([ } var parsed = Hash.parsePadUrl(data.href || data.roHref); - if (!data.noEditPassword && owned && parsed.hashData.type === 'pad') { + if (!data.noEditPassword && owned && parsed.hashData.type === 'pad' && parsed.type !== "sheet") { // FIXME SHEET fix password change for sheets var sframeChan = common.getSframeChannel(); var changePwTitle = Messages.properties_changePassword; var changePwConfirm = Messages.properties_confirmChange; diff --git a/www/common/onlyoffice/main.js b/www/common/onlyoffice/main.js index d056cad42..6bd6c7df5 100644 --- a/www/common/onlyoffice/main.js +++ b/www/common/onlyoffice/main.js @@ -102,9 +102,12 @@ define([ Cryptpad.onlyoffice.onEvent.reg(function (obj) { if (obj.ev === 'MESSAGE' && !/^cp\|/.test(obj.data)) { try { + var validateKey = obj.data.validateKey || true; + var skipCheck = validateKey === true; + var msg = obj.data.msg; obj.data = { - msg: JSON.parse(Utils.crypto.decrypt(obj.data, Utils.secret.keys.validateKey)), - hash: obj.data.slice(0,64) + msg: JSON.parse(Utils.crypto.decrypt(msg, validateKey, skipCheck)), + hash: msg.slice(0,64) }; } catch (e) { console.error(e); diff --git a/www/common/outer/onlyoffice.js b/www/common/outer/onlyoffice.js index 3b57b4123..70bc413ec 100644 --- a/www/common/outer/onlyoffice.js +++ b/www/common/outer/onlyoffice.js @@ -26,7 +26,10 @@ define([ if (!c.id) { c.id = chan.wc.myID + '-' + client; } chan.history.forEach(function (msg) { - ctx.emit('MESSAGE', msg, [client]); + ctx.emit('MESSAGE', { + msg: msg, + validateKey: chan.validateKey + }, [client]); }); // ==> And push the new tab to the list @@ -37,7 +40,8 @@ define([ var onOpen = function (wc) { ctx.channels[channel] = ctx.channels[channel] || { - history: [] + history: [], + validateKey: obj.validateKey }; chan = ctx.channels[channel]; @@ -61,7 +65,10 @@ define([ }); wc.on('message', function (msg) { chan.history.push(msg); - ctx.emit('MESSAGE', msg, chan.clients); + ctx.emit('MESSAGE', { + msg: msg, + validateKey: chan.validateKey + }, chan.clients); }); chan.wc = wc; @@ -101,6 +108,7 @@ define([ }; network.on('message', function (msg, sender) { + if (!ctx.channels[channel]) { return; } var hk = network.historyKeeper; if (sender !== hk) { return; } @@ -115,7 +123,12 @@ define([ // Keep only metadata messages for the current channel if (parsed.channel && parsed.channel !== channel) { return; } // Ignore the metadata message - if (parsed.validateKey && parsed.channel) { return; } + if (parsed.validateKey && parsed.channel) { + if (!chan.validateKey) { + chan.validateKey = parsed.validateKey; + } + return; + } // End of history: emit READY if (parsed.state && parsed.state === 1 && parsed.channel) { ctx.emit('READY', '', chan.clients); @@ -132,7 +145,9 @@ define([ if (hash === chan.lastKnownHash || hash === chan.lastCpHash) { return; } chan.lastKnownHash = hash; - ctx.emit('MESSAGE', msg, chan.clients); + ctx.emit('MESSAGE', { + msg: msg, + }, chan.clients); chan.history.push(msg); }); @@ -176,7 +191,9 @@ define([ return void chan.sendMsg(data.isCp, cb); } chan.sendMsg(data.msg, cb); - ctx.emit('MESSAGE', data.msg, chan.clients.filter(function (cl) { + ctx.emit('MESSAGE', { + msg: data.msg + }, chan.clients.filter(function (cl) { return cl !== clientId; })); }; diff --git a/www/common/outer/userObject.js b/www/common/outer/userObject.js index e67dd5f01..e12883eb5 100644 --- a/www/common/outer/userObject.js +++ b/www/common/outer/userObject.js @@ -625,6 +625,11 @@ define([ var root = exp.find([ROOT]); var toClean = []; for (var id in fd) { + if (String(id) !== String(Number(id))) { + debug("Invalid file ID in filesData.", id); + toClean.push(id); + continue; + } id = Number(id); var el = fd[id]; diff --git a/www/common/proxy-manager.js b/www/common/proxy-manager.js index 017a403bb..9d8bbe6ba 100644 --- a/www/common/proxy-manager.js +++ b/www/common/proxy-manager.js @@ -342,7 +342,7 @@ define([ }); // Remove the elements from the old location (without unpinning) - Env.user.userObject.delete(resolved.main, waitFor()); + Env.user.userObject.delete(resolved.main, waitFor()); // FIXME waitFor() is called synchronously } } } @@ -369,7 +369,7 @@ define([ if (copy) { return; } // Remove the elements from the old location (without unpinning) - uoFrom.delete(paths, waitFor()); + uoFrom.delete(paths, waitFor()); // FIXME waitFor() is called synchronously } }); } @@ -707,6 +707,7 @@ define([ if (type === 'expirable') { return function (fileId) { var data = userObject.getFileData(fileId); + if (!data) { return; } // Don't push duplicates if (result.indexOf(data.channel) !== -1) { return; } // Return pads owned by someone else or expired by time @@ -718,6 +719,7 @@ define([ if (type === 'owned') { return function (fileId) { var data = userObject.getFileData(fileId); + if (!data) { return; } // Don't push duplicates if (result.indexOf(data.channel) !== -1) { return; } // Return owned pads @@ -729,6 +731,7 @@ define([ if (type === "pin") { return function (fileId) { var data = userObject.getFileData(fileId); + if (!data) { return; } // Don't pin pads owned by someone else if (_ownedByOther(Env, data.owners)) { return; } // Don't push duplicates diff --git a/www/common/toolbar3.js b/www/common/toolbar3.js index 303a983e0..2da2fc7d8 100644 --- a/www/common/toolbar3.js +++ b/www/common/toolbar3.js @@ -832,11 +832,17 @@ MessengerUI, Messages) { return $spin; }; - var createLimit = function (toolbar) { + var createLimit = function (toolbar, config) { var $limitIcon = $('', {'class': 'fa fa-exclamation-triangle'}); var $limit = toolbar.$userAdmin.find('.'+LIMIT_CLS).attr({ 'title': Messages.pinLimitReached }).append($limitIcon).hide(); + + var priv = config.metadataMgr.getPrivateData(); + var origin = priv.origin; + var l = document.createElement("a"); + l.href = origin; + var todo = function (e, overLimit) { if (e) { return void console.error("Unable to get the pinned usage", e); } if (overLimit) { @@ -845,7 +851,7 @@ MessengerUI, Messages) { key = 'pinLimitReachedAlertNoAccounts'; } $limit.show().click(function () { - UI.alert(Messages._getKey(key, [encodeURIComponent(window.location.hostname)]), null, true); + UI.alert(Messages._getKey(key, [encodeURIComponent(l.hostname)]), null, true); }); } }; diff --git a/www/common/userObject.js b/www/common/userObject.js index a9068afe6..f39e80aee 100644 --- a/www/common/userObject.js +++ b/www/common/userObject.js @@ -311,12 +311,12 @@ define([ _getFiles[FILES_DATA] = function () { var ret = []; if (!files[FILES_DATA]) { return ret; } - return Object.keys(files[FILES_DATA]).map(Number); + return Object.keys(files[FILES_DATA]).map(Number).filter(Boolean); }; _getFiles[SHARED_FOLDERS] = function () { var ret = []; if (!files[SHARED_FOLDERS]) { return ret; } - return Object.keys(files[SHARED_FOLDERS]).map(Number); + return Object.keys(files[SHARED_FOLDERS]).map(Number).filter(Boolean); }; var getFiles = exp.getFiles = function (categories) { var ret = [];