Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-08-25 00:53:48 +00:00
Code Issues Actions Projects Releases Wiki Activity

Dav: implements JWT extraction from the URL, and add the access_token in dav urls

Browse Source
This commit is contained in:
Julien Fastré
2023-09-14 21:54:30 +02:00
parent 146e0090fb
commit 6f6683f549
10 changed files with 193 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
src/Bundle/ChillDocStoreBundle/Controller/WebdavController.php
View File

@@ -15,6 +15,7 @@ use Chill\DocStoreBundle\Dav\Request\PropfindRequestAnalyzer;
use Chill\DocStoreBundle\Dav\Response\DavResponse;
use Chill\DocStoreBundle\Entity\StoredObject;
use Chill\DocStoreBundle\Service\StoredObjectManagerInterface;
use DateTimeInterface;
use Lexik\Bundle\JWTAuthenticationBundle\Services\JWTTokenManagerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
@@ -30,41 +31,44 @@ final readonly class WebdavController
public function __construct(
private \Twig\Environment $engine,
private StoredObjectManagerInterface $storedObjectManager,
private Security $security,
private ?JWTTokenManagerInterface $JWTTokenManager = null,
) {
$this->requestAnalyzer = new PropfindRequestAnalyzer();
}
/**
* @Route("/dav/open/{uuid}")
* @Route("/chdoc/open/{uuid}")
*/
public function open(StoredObject $storedObject): Response
{
/*$accessToken = $this->JWTTokenManager->createFromPayload($this->security->getUser(), [
$accessToken = $this->JWTTokenManager?->createFromPayload($this->security->getUser(), [
'UserCanWrite' => true,
'UserCanAttend' => true,
'UserCanPresent' => true,
'fileId' => $storedObject->getUuid(),
]);*/
]);
return new DavResponse($this->engine->render('@ChillDocStore/Webdav/open_in_browser.html.twig', [
'stored_object' => $storedObject, 'access_token' => '',
'stored_object' => $storedObject, 'access_token' => $accessToken,
]));
}
/**
* @Route("/dav/get/{uuid}/", methods={"GET", "HEAD"}, name="chill_docstore_dav_directory_get")
* @Route("/dav/{access_token}/get/{uuid}/", methods={"GET", "HEAD"}, name="chill_docstore_dav_directory_get")
*/
public function getDirectory(StoredObject $storedObject): Response
public function getDirectory(StoredObject $storedObject, string $access_token): Response
{
return new DavResponse(
$this->engine->render('@ChillDocStore/Webdav/directory.html.twig', [
'stored_object' => $storedObject
'stored_object' => $storedObject,
'access_token' => $access_token,
])
);
}
/**
* @Route("/dav/get/{uuid}/", methods={"OPTIONS"})
* @Route("/dav/{access_token}/get/{uuid}/", methods={"OPTIONS"})
*/
public function optionsDirectory(StoredObject $storedObject): Response
{
@@ -78,9 +82,9 @@ final readonly class WebdavController
}
/**
* @Route("/dav/get/{uuid}/", methods={"PROPFIND"})
* @Route("/dav/{access_token}/get/{uuid}/", methods={"PROPFIND"})
*/
public function propfindDirectory(StoredObject $storedObject, Request $request): Response
public function propfindDirectory(StoredObject $storedObject, string $access_token, Request $request): Response
{
$depth = $request->headers->get('depth');
@@ -111,10 +115,11 @@ final readonly class WebdavController
$this->engine->render('@ChillDocStore/Webdav/directory_propfind.xml.twig', [
'stored_object' => $storedObject,
'properties' => $properties,
'last_modified' => $lastModified ?? null,
'etag' => $etag ?? null,
'content_length' => $length ?? null,
'depth' => (int) $depth
'last_modified' => $lastModified ,
'etag' => $etag,
'content_length' => $length,
'depth' => (int) $depth,
'access_token' => $access_token,
]),
207
);
@@ -127,7 +132,7 @@ final readonly class WebdavController
}
/**
* @Route("/dav/get/{uuid}/d", name="chill_docstore_dav_document_get", methods={"GET"})
* @Route("/dav/{access_token}/get/{uuid}/d", name="chill_docstore_dav_document_get", methods={"GET"})
*/
public function getDocument(StoredObject $storedObject): Response
{
@@ -136,7 +141,7 @@ final readonly class WebdavController
}
/**
* @Route("/dav/get/{uuid}/d", methods={"HEAD"})
* @Route("/dav/{access_token}/get/{uuid}/d", methods={"HEAD"})
*/
public function headDocument(StoredObject $storedObject): Response
{
@@ -154,7 +159,7 @@ final readonly class WebdavController
}
/**
* @Route("/dav/get/{uuid}/d", methods={"OPTIONS"})
* @Route("/dav/{access_token}/get/{uuid}/d", methods={"OPTIONS"})
*/
public function optionsDocument(StoredObject $storedObject): Response
{
@@ -176,9 +181,9 @@ final readonly class WebdavController
}
/**
* @Route("/dav/get/{uuid}/d", methods={"PROPFIND"})
* @Route("/dav/{access_token}/get/{uuid}/d", methods={"PROPFIND"})
*/
public function propfindDocument(StoredObject $storedObject, Request $request): Response
public function propfindDocument(StoredObject $storedObject, string $access_token, Request $request): Response
{
$content = $request->getContent();
$xml = new \DOMDocument();
@@ -204,9 +209,10 @@ final readonly class WebdavController
[
'stored_object' => $storedObject,
'properties' => $properties,
'etag' => $etag ?? null,
'last_modified' => $lastModified ?? null,
'content_length' => $length ?? null,
'etag' => $etag,
'last_modified' => $lastModified,
'content_length' => $length,
'access_token' => $access_token,
]
),
207
@@ -221,7 +227,7 @@ final readonly class WebdavController
}
/**
* @Route("/dav/get/{uuid}/d", methods={"PUT"})
* @Route("/dav/{access_token}/get/{uuid}/d", methods={"PUT"})
*/
public function putDocument(StoredObject $storedObject, Request $request): Response
{