Fix Destroy and change password when pad not stored

www/common/cryptpad-common.js

@@ -1095,6 +1095,7 @@ define([
 
     common.changePadPassword = function (Crypt, Crypto, data, cb) {
         var href = data.href;
+        var oldPassword = data.oldPassword;
         var newPassword = data.password;
         var teamId = data.teamId;
         if (!href) { return void cb({ error: 'EINVAL_HREF' }); }
@@ -1123,7 +1124,9 @@ define([
 
         var isSharedFolder = parsed.type === 'drive';
 
-        var optsGet = {};
+        var optsGet = {
+            password: oldPassword
+        };
         var optsPut = {
             password: newPassword,
             metadata: {},
@@ -1133,7 +1136,7 @@ define([
         var cryptgetVal;
 
         Nthen(function (waitFor) {
-            if (parsed.hashData && parsed.hashData.password) {
+            if (parsed.hashData && parsed.hashData.password && !oldPassword) {
                 common.getPadAttribute('password', waitFor(function (err, password) {
                     optsGet.password = password;
                 }), href);
@@ -1418,6 +1421,7 @@ define([
     common.changeOOPassword = function (data, _cb) {
         var cb = Util.once(Util.mkAsync(_cb));
         var href = data.href;
+        var oldPassword = data.oldPassword;
         var newPassword = data.password;
         var teamId = data.teamId;
         if (!href) { return void cb({ error: 'EINVAL_HREF' }); }
@@ -1452,12 +1456,16 @@ define([
                 validateKey: newSecret.keys.validateKey
             },
         };
-        var optsGet = {};
+        var optsGet = {
+            password: oldPassword
+        };
 
         Nthen(function (waitFor) {
             common.getPadAttribute('', waitFor(function (err, _data) {
                 padData = _data;
-                optsGet.password = padData.password;
+                if (!oldPassword) {
+                    optsGet.password = padData.password;
+                }
             }), href);
             common.getAccessKeys(waitFor(function (keys) {
                 optsGet.accessKeys = keys;

www/common/inner/access.js

@@ -888,9 +888,16 @@ define([
                             });
                         }
 
+                        var href = data.href;
+                        var hashes = priv.hashes || {};
+                        var bestHash = hashes.editHash || hashes.viewHash || hashes.fileHash;
+                        if (data.fakeHref) {
+                            href = Hash.hashToHref(bestHash, priv.app);
+                        }
                         sframeChan.query(q, {
                             teamId: typeof(owned) !== "boolean" ? owned : undefined,
-                            href: data.href,
+                            href: href,
+                            oldPassword: priv.password,
                             password: newPass
                         }, function (err, data) {
                             $(passwordOk).text(Messages.properties_changePasswordButton);
@@ -956,7 +963,7 @@ define([
                     spinner.spin();
                     sframeChan.query('Q_DELETE_OWNED', {
                         teamId: typeof(owned) !== "boolean" ? owned : undefined,
-                        channel: data.channel
+                        channel: data.channel || priv.channel
                     }, function (err, obj) {
                         spinner.done();
                         UI.findCancelButton().click();

www/common/outer/async-store.js

@@ -331,6 +331,8 @@ define([
                 teamId = data.teamId;
             }
 
+            // XXX CLEAR CACHE
+
             if (channel === store.driveChannel && !force) {
                 return void cb({error: 'User drive removal blocked!'});
             }

www/common/proxy-manager.js

@@ -868,7 +868,6 @@ define([
                     if (fId && Env.folders[fId] && Env.folders[fId].deleting) {
                         delete Env.folders[fId].deleting;
                     }
-                    console.error(obj.error, chan);
                     Feedback.send('ERROR_DELETING_OWNED_PAD=' + chan + '|' + obj.error, true);
                     return void cb();
                 }
@@ -881,6 +880,11 @@ define([
                     ids.push(fId);
                 }
 
+                if (!ids.length) {
+                    toDelete = undefined;
+                    return void cb();
+                }
+
                 ids.forEach(function (id) {
                     var paths = findFile(Env, id);
                     var _resolved = _resolvePaths(Env, paths);
@@ -912,8 +916,13 @@ define([
                 });
             });
         }).nThen(function () {
-            // Remove deleted pads from the drive
+            if (!toDelete) {
-            _delete(Env, { resolved: toDelete }, cb);
+                // Nothing to delete
+                cb();
+            } else {
+                // Remove deleted pads from the drive
+                _delete(Env, { resolved: toDelete }, cb);
+            }
             // If we were using the access modal, send a refresh command
             if (data.channel) {
                 Env.Store.refreshDriveUI();

www/common/sframe-common-outer.js

@@ -1407,6 +1407,7 @@ define([
                     };
                     config.data = {
                         app: parsed.type,
+                        channel: secret.channel,
                         hashes: hashes,
                         password: password,
                         isTemplate: isTemplate,

www/secureiframe/main.js

@@ -101,6 +101,7 @@ define([
                             origin: window.location.origin,
                             pathname: window.location.pathname,
                             feedbackAllowed: Utils.Feedback.state,
+                            channel: config.data.channel,
                             hashes: config.data.hashes,
                             password: config.data.password,
                             propChannels: config.data.getPropChannels(),