From f5858f524d1c40e362dc791b64731cbff849c84a Mon Sep 17 00:00:00 2001 From: yflory Date: Mon, 24 Jun 2019 12:17:08 +0200 Subject: [PATCH 1/5] Fix invalid file ID in the drive --- www/common/outer/userObject.js | 5 +++++ www/common/proxy-manager.js | 1 + www/common/userObject.js | 4 ++-- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/www/common/outer/userObject.js b/www/common/outer/userObject.js index e67dd5f01..1f8b73da9 100644 --- a/www/common/outer/userObject.js +++ b/www/common/outer/userObject.js @@ -626,6 +626,11 @@ define([ var toClean = []; for (var id in fd) { id = Number(id); + if (!id && id !== 0) { + debug("Invalid file ID in filesData.", id); + toClean.push(id); + continue; + } var el = fd[id]; // Clean corrupted data diff --git a/www/common/proxy-manager.js b/www/common/proxy-manager.js index 017a403bb..8bbf641f6 100644 --- a/www/common/proxy-manager.js +++ b/www/common/proxy-manager.js @@ -729,6 +729,7 @@ define([ if (type === "pin") { return function (fileId) { var data = userObject.getFileData(fileId); + if (!data) { return; } // Don't pin pads owned by someone else if (_ownedByOther(Env, data.owners)) { return; } // Don't push duplicates diff --git a/www/common/userObject.js b/www/common/userObject.js index a9068afe6..f39e80aee 100644 --- a/www/common/userObject.js +++ b/www/common/userObject.js @@ -311,12 +311,12 @@ define([ _getFiles[FILES_DATA] = function () { var ret = []; if (!files[FILES_DATA]) { return ret; } - return Object.keys(files[FILES_DATA]).map(Number); + return Object.keys(files[FILES_DATA]).map(Number).filter(Boolean); }; _getFiles[SHARED_FOLDERS] = function () { var ret = []; if (!files[SHARED_FOLDERS]) { return ret; } - return Object.keys(files[SHARED_FOLDERS]).map(Number); + return Object.keys(files[SHARED_FOLDERS]).map(Number).filter(Boolean); }; var getFiles = exp.getFiles = function (categories) { var ret = []; From bba3e355d00ec3c11e062ee0c6d7c9657df58c36 Mon Sep 17 00:00:00 2001 From: yflory Date: Mon, 24 Jun 2019 12:28:46 +0200 Subject: [PATCH 2/5] Invalid ID fix --- www/common/outer/userObject.js | 4 ++-- www/common/proxy-manager.js | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/www/common/outer/userObject.js b/www/common/outer/userObject.js index 1f8b73da9..e12883eb5 100644 --- a/www/common/outer/userObject.js +++ b/www/common/outer/userObject.js @@ -625,12 +625,12 @@ define([ var root = exp.find([ROOT]); var toClean = []; for (var id in fd) { - id = Number(id); - if (!id && id !== 0) { + if (String(id) !== String(Number(id))) { debug("Invalid file ID in filesData.", id); toClean.push(id); continue; } + id = Number(id); var el = fd[id]; // Clean corrupted data diff --git a/www/common/proxy-manager.js b/www/common/proxy-manager.js index 8bbf641f6..fdfde9263 100644 --- a/www/common/proxy-manager.js +++ b/www/common/proxy-manager.js @@ -707,6 +707,7 @@ define([ if (type === 'expirable') { return function (fileId) { var data = userObject.getFileData(fileId); + if (!data) { return; } // Don't push duplicates if (result.indexOf(data.channel) !== -1) { return; } // Return pads owned by someone else or expired by time @@ -718,6 +719,7 @@ define([ if (type === 'owned') { return function (fileId) { var data = userObject.getFileData(fileId); + if (!data) { return; } // Don't push duplicates if (result.indexOf(data.channel) !== -1) { return; } // Return owned pads From 905bbef8238017ace07af812cfa50c6803e54158 Mon Sep 17 00:00:00 2001 From: yflory Date: Mon, 24 Jun 2019 18:15:53 +0200 Subject: [PATCH 3/5] Add FIXME comments --- www/common/common-ui-elements.js | 2 +- www/common/proxy-manager.js | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/www/common/common-ui-elements.js b/www/common/common-ui-elements.js index c6668e41f..24e50863f 100644 --- a/www/common/common-ui-elements.js +++ b/www/common/common-ui-elements.js @@ -162,7 +162,7 @@ define([ } var parsed = Hash.parsePadUrl(data.href || data.roHref); - if (!data.noEditPassword && owned && parsed.hashData.type === 'pad') { + if (!data.noEditPassword && owned && parsed.hashData.type === 'pad' && parsed.type !== "sheet") { // FIXME SHEET fix password change for sheets var sframeChan = common.getSframeChannel(); var changePwTitle = Messages.properties_changePassword; var changePwConfirm = Messages.properties_confirmChange; diff --git a/www/common/proxy-manager.js b/www/common/proxy-manager.js index fdfde9263..9d8bbe6ba 100644 --- a/www/common/proxy-manager.js +++ b/www/common/proxy-manager.js @@ -342,7 +342,7 @@ define([ }); // Remove the elements from the old location (without unpinning) - Env.user.userObject.delete(resolved.main, waitFor()); + Env.user.userObject.delete(resolved.main, waitFor()); // FIXME waitFor() is called synchronously } } } @@ -369,7 +369,7 @@ define([ if (copy) { return; } // Remove the elements from the old location (without unpinning) - uoFrom.delete(paths, waitFor()); + uoFrom.delete(paths, waitFor()); // FIXME waitFor() is called synchronously } }); } From 59d5723f3e7e7d61d3643205b821007b2f471848 Mon Sep 17 00:00:00 2001 From: yflory Date: Mon, 24 Jun 2019 18:16:32 +0200 Subject: [PATCH 4/5] Fix read-only spreadsheets --- www/common/onlyoffice/main.js | 7 +++++-- www/common/outer/onlyoffice.js | 29 +++++++++++++++++++++++------ 2 files changed, 28 insertions(+), 8 deletions(-) diff --git a/www/common/onlyoffice/main.js b/www/common/onlyoffice/main.js index d056cad42..6bd6c7df5 100644 --- a/www/common/onlyoffice/main.js +++ b/www/common/onlyoffice/main.js @@ -102,9 +102,12 @@ define([ Cryptpad.onlyoffice.onEvent.reg(function (obj) { if (obj.ev === 'MESSAGE' && !/^cp\|/.test(obj.data)) { try { + var validateKey = obj.data.validateKey || true; + var skipCheck = validateKey === true; + var msg = obj.data.msg; obj.data = { - msg: JSON.parse(Utils.crypto.decrypt(obj.data, Utils.secret.keys.validateKey)), - hash: obj.data.slice(0,64) + msg: JSON.parse(Utils.crypto.decrypt(msg, validateKey, skipCheck)), + hash: msg.slice(0,64) }; } catch (e) { console.error(e); diff --git a/www/common/outer/onlyoffice.js b/www/common/outer/onlyoffice.js index 3b57b4123..70bc413ec 100644 --- a/www/common/outer/onlyoffice.js +++ b/www/common/outer/onlyoffice.js @@ -26,7 +26,10 @@ define([ if (!c.id) { c.id = chan.wc.myID + '-' + client; } chan.history.forEach(function (msg) { - ctx.emit('MESSAGE', msg, [client]); + ctx.emit('MESSAGE', { + msg: msg, + validateKey: chan.validateKey + }, [client]); }); // ==> And push the new tab to the list @@ -37,7 +40,8 @@ define([ var onOpen = function (wc) { ctx.channels[channel] = ctx.channels[channel] || { - history: [] + history: [], + validateKey: obj.validateKey }; chan = ctx.channels[channel]; @@ -61,7 +65,10 @@ define([ }); wc.on('message', function (msg) { chan.history.push(msg); - ctx.emit('MESSAGE', msg, chan.clients); + ctx.emit('MESSAGE', { + msg: msg, + validateKey: chan.validateKey + }, chan.clients); }); chan.wc = wc; @@ -101,6 +108,7 @@ define([ }; network.on('message', function (msg, sender) { + if (!ctx.channels[channel]) { return; } var hk = network.historyKeeper; if (sender !== hk) { return; } @@ -115,7 +123,12 @@ define([ // Keep only metadata messages for the current channel if (parsed.channel && parsed.channel !== channel) { return; } // Ignore the metadata message - if (parsed.validateKey && parsed.channel) { return; } + if (parsed.validateKey && parsed.channel) { + if (!chan.validateKey) { + chan.validateKey = parsed.validateKey; + } + return; + } // End of history: emit READY if (parsed.state && parsed.state === 1 && parsed.channel) { ctx.emit('READY', '', chan.clients); @@ -132,7 +145,9 @@ define([ if (hash === chan.lastKnownHash || hash === chan.lastCpHash) { return; } chan.lastKnownHash = hash; - ctx.emit('MESSAGE', msg, chan.clients); + ctx.emit('MESSAGE', { + msg: msg, + }, chan.clients); chan.history.push(msg); }); @@ -176,7 +191,9 @@ define([ return void chan.sendMsg(data.isCp, cb); } chan.sendMsg(data.msg, cb); - ctx.emit('MESSAGE', data.msg, chan.clients.filter(function (cl) { + ctx.emit('MESSAGE', { + msg: data.msg + }, chan.clients.filter(function (cl) { return cl !== clientId; })); }; From 2d881caaeba7ef602f6ff504acd4563d1123b989 Mon Sep 17 00:00:00 2001 From: yflory Date: Tue, 25 Jun 2019 15:07:43 +0200 Subject: [PATCH 5/5] Fix accounts href in limit popup --- www/common/toolbar3.js | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/www/common/toolbar3.js b/www/common/toolbar3.js index 303a983e0..2da2fc7d8 100644 --- a/www/common/toolbar3.js +++ b/www/common/toolbar3.js @@ -832,11 +832,17 @@ MessengerUI, Messages) { return $spin; }; - var createLimit = function (toolbar) { + var createLimit = function (toolbar, config) { var $limitIcon = $('', {'class': 'fa fa-exclamation-triangle'}); var $limit = toolbar.$userAdmin.find('.'+LIMIT_CLS).attr({ 'title': Messages.pinLimitReached }).append($limitIcon).hide(); + + var priv = config.metadataMgr.getPrivateData(); + var origin = priv.origin; + var l = document.createElement("a"); + l.href = origin; + var todo = function (e, overLimit) { if (e) { return void console.error("Unable to get the pinned usage", e); } if (overLimit) { @@ -845,7 +851,7 @@ MessengerUI, Messages) { key = 'pinLimitReachedAlertNoAccounts'; } $limit.show().click(function () { - UI.alert(Messages._getKey(key, [encodeURIComponent(window.location.hostname)]), null, true); + UI.alert(Messages._getKey(key, [encodeURIComponent(l.hostname)]), null, true); }); } };