Compare commits

..

No commits in common. "dc19006738288b908efc5cd5afc4943efd481c17" and "b10074e440904f41701e2bf4aa774e7f7768e584" have entirely different histories.

15 changed files with 257 additions and 725 deletions

36
.env
View File

@ -3,16 +3,18 @@
## `$ composer symfony:dump-env prod` ## `$ composer symfony:dump-env prod`
## ##
## Project environment
# this should be set in docker-compose.yml file
# APP_ENV=prod
## Enable debug
APP_DEBUG=false
## Locale ## Locale
LOCALE=fr LOCALE=fr
###> symfony/framework-bundle ### ## Framework secret
# this should be set in docker-compose.yml file APP_SECRET=ThisTokenIsNotSoSecretChangeIt
APP_ENV=prod
APP_SECRET=ChangeItf2b58287ef7f9976409d3f6c72529e99ChangeIt
TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
TRUSTED_HOSTS='^(localhost|example\.com|nginx)$'
###< symfony/framework-bundle ###
## Wopi server for editing documents online ## Wopi server for editing documents online
WOPI_SERVER=http://collabora:9980 WOPI_SERVER=http://collabora:9980
@ -20,6 +22,13 @@ WOPI_SERVER=http://collabora:9980
# must be manually set in .env.local # must be manually set in .env.local
# ADMIN_PASSWORD= # ADMIN_PASSWORD=
## Symfony/framework-bundle
TRUSTED_HOSTS='^(localhost|127.0.0.1|test.localde)$'
TRUSTED_PROXIES=~
## Doctrine/doctrine-bundle
DATABASE_URL=
## Symfony/swiftmailer ## Symfony/swiftmailer
## Mailer ## Mailer
###> symfony/mailer ### ###> symfony/mailer ###
@ -74,16 +83,3 @@ SHORT_MESSAGE_DSN=null://null
# MESSENGER_TRANSPORT_DSN=redis://localhost:6379/messages # MESSENGER_TRANSPORT_DSN=redis://localhost:6379/messages
MESSENGER_TRANSPORT_DSN=sync:// MESSENGER_TRANSPORT_DSN=sync://
###< symfony/messenger ### ###< symfony/messenger ###
###> doctrine/doctrine-bundle ###
# Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
# IMPORTANT: You MUST configure your server version, either here or in config/packages/doctrine.yaml
#
DATABASE_URL="postgresql://postgres:postgres@db:5432/postgres?serverVersion=14&charset=utf8"
###< doctrine/doctrine-bundle ###
###> lexik/jwt-authentication-bundle ###
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
JWT_PASSPHRASE=2a30f6ba26521a2613821da35f28386e
###< lexik/jwt-authentication-bundle ###

4
.gitignore vendored
View File

@ -75,7 +75,3 @@ yarn-error.log
docker-compose.override.yml docker-compose.override.yml
docker-compose.override.yaml docker-compose.override.yaml
###> lexik/jwt-authentication-bundle ###
/config/jwt/*.pem
###< lexik/jwt-authentication-bundle ###

View File

@ -15,7 +15,7 @@
}, },
"require": { "require": {
"ext-redis": "*", "ext-redis": "*",
"chill-project/chill-bundles": "dev-43-wopi-use-access-token@dev", "chill-project/chill-bundles": "dev-master#bbd2599e7e6040c7090bfb11bc2f913b5a73d5e4",
"symfony/flex": "^1.9", "symfony/flex": "^1.9",
"symfony/http-client": "^4.4 || ^5", "symfony/http-client": "^4.4 || ^5",
"nelmio/alice": "^3.8", "nelmio/alice": "^3.8",
@ -23,8 +23,7 @@
"phpstan/phpstan": "^1.0", "phpstan/phpstan": "^1.0",
"spomky-labs/base64url": "^2.0", "spomky-labs/base64url": "^2.0",
"twig/string-extra": "^3.3", "twig/string-extra": "^3.3",
"symfony/mailer": "^5.4", "symfony/mailer": "^5.4"
"symfony/dependency-injection": "5.4.16"
}, },
"require-dev": { "require-dev": {
"fakerphp/faker": "^1.13", "fakerphp/faker": "^1.13",
@ -59,9 +58,7 @@
}, },
"preferred-install": { "preferred-install": {
"chill-project/chill-bundles": "source", "chill-project/chill-bundles": "source",
"champs-libres/async-uploader-bundle": "source", "champs-libres/async-uploader-bundle": "source"
"champs-libres/wopi-bundle": "source",
"champs-libres/wopi-lib": "source"
} }
} }
} }

851
composer.lock generated

File diff suppressed because it is too large Load Diff

View File

@ -36,5 +36,4 @@ return [
Misd\PhoneNumberBundle\MisdPhoneNumberBundle::class => ['all' => true], Misd\PhoneNumberBundle\MisdPhoneNumberBundle::class => ['all' => true],
App\App::class => ['all' => true], App\App::class => ['all' => true],
KnpU\OAuth2ClientBundle\KnpUOAuth2ClientBundle::class => ['all' => true], KnpU\OAuth2ClientBundle\KnpUOAuth2ClientBundle::class => ['all' => true],
Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle::class => ['all' => true],
]; ];

View File

@ -1,10 +1,3 @@
framework:
cache:
pools:
doctrine.system_cache_pool:
adapter: cache.adapter.redis
doctrine: doctrine:
dbal: dbal:
url: '%env(resolve:DATABASE_URL)%' url: '%env(resolve:DATABASE_URL)%'
@ -12,7 +5,7 @@ doctrine:
geometry: string geometry: string
# IMPORTANT: You MUST configure your server version, # IMPORTANT: You MUST configure your server version,
# either here or in the DATABASE_URL env var (see .env file) # either here or in the DATABASE_URL env var (see .env file)
#server_version: '14' #server_version: '5.7'
orm: orm:
auto_generate_proxy_classes: true auto_generate_proxy_classes: true
naming_strategy: doctrine.orm.naming_strategy.default naming_strategy: doctrine.orm.naming_strategy.default

View File

@ -1,12 +0,0 @@
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%'
# required for wopi - recommended duration
token_ttl: 36000
token_extractors:
query_parameter:
enabled: true
name: access_token

View File

@ -1,6 +1,9 @@
doctrine: doctrine:
orm: orm:
auto_generate_proxy_classes: false auto_generate_proxy_classes: false
metadata_cache_driver:
type: pool
pool: doctrine.system_cache_pool
query_cache_driver: query_cache_driver:
type: pool type: pool
pool: doctrine.system_cache_pool pool: doctrine.system_cache_pool

View File

@ -29,14 +29,6 @@ security:
pattern: ^/(_(profiler|wdt)|css|images|js)/ pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false security: false
wopi:
pattern: ^/wopi
provider: chain_provider
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
default: default:
anonymous: ~ anonymous: ~
provider: chain_provider provider: chain_provider
@ -62,7 +54,7 @@ security:
- { path: ^/saml/metadata, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/saml/metadata, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/(login|logout), roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(login|logout), roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/public, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/public, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/wopi, roles: IS_AUTHENTICATED_FULLY } - { path: ^/wopi, roles: IS_AUTHENTICATED_ANONYMOUSLY }
# access for homepage, the homepage redirect admin to admin section # access for homepage, the homepage redirect admin to admin section
- { path: ^/$, roles: [ IS_AUTHENTICATED_REMEMBERED ] } - { path: ^/$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }
- { path: ^/homepage$, roles: [ IS_AUTHENTICATED_REMEMBERED ] } - { path: ^/homepage$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }

View File

@ -1,4 +0,0 @@
doctrine:
dbal:
# "TEST_TOKEN" is typically set by ParaTest
dbname: 'main_test%env(default::TEST_TOKEN)%'

View File

@ -1,9 +0,0 @@
<?php
if (file_exists(dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php')) {
require dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php';
}
if (file_exists(dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php')) {
require dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php';
}

View File

@ -1,3 +1,3 @@
chill_wopi_bundle: chill_wopi_bundle:
resource: '@ChillWopiBundle/Resources/config/routes/routes.php' resource: '@ChillWopiBundle/Resources/config/routes/routes.php'
prefix: /chill/wopi prefix: /wopi

View File

@ -19,6 +19,7 @@ services:
- '../src/DependencyInjection/' - '../src/DependencyInjection/'
- '../src/Entity/' - '../src/Entity/'
- '../src/Kernel.php' - '../src/Kernel.php'
- '../src/Tests/'
# controllers are imported separately to make sure services can be injected # controllers are imported separately to make sure services can be injected
# as action arguments even if you don't extend any base controller class # as action arguments even if you don't extend any base controller class
@ -44,3 +45,6 @@ services:
arguments: arguments:
$cache: '@cache.user_data' $cache: '@cache.user_data'
App\Service\Wopi\NullProofValidator:
decorates: ChampsLibres\WopiLib\Contract\Service\ProofValidatorInterface

View File

@ -13,7 +13,7 @@ if ($_SERVER['APP_DEBUG']) {
} }
if ($trustedProxies = $_SERVER['TRUSTED_PROXIES'] ?? false) { if ($trustedProxies = $_SERVER['TRUSTED_PROXIES'] ?? false) {
Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO); Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_ALL ^ Request::HEADER_X_FORWARDED_HOST);
} }
if ($trustedHosts = $_SERVER['TRUSTED_HOSTS'] ?? false) { if ($trustedHosts = $_SERVER['TRUSTED_HOSTS'] ?? false) {

View File

@ -51,17 +51,16 @@
"version": "v0.5.3" "version": "v0.5.3"
}, },
"doctrine/doctrine-bundle": { "doctrine/doctrine-bundle": {
"version": "2.7", "version": "2.0",
"recipe": { "recipe": {
"repo": "github.com/symfony/recipes", "repo": "github.com/symfony/recipes",
"branch": "main", "branch": "master",
"version": "2.3", "version": "2.0",
"ref": "b8ddff356705ad8e704ea75b6872ce89a15d614d" "ref": "a9f2463b9f73efe74482f831f03a204a41328555"
}, },
"files": [ "files": [
"config/packages/doctrine.yaml", "config/packages/doctrine.yaml",
"config/packages/prod/doctrine.yaml", "config/packages/prod/doctrine.yaml",
"config/packages/test/doctrine.yaml",
"src/Entity/.gitignore", "src/Entity/.gitignore",
"src/Repository/.gitignore" "src/Repository/.gitignore"
] ]
@ -187,18 +186,6 @@
"league/csv": { "league/csv": {
"version": "9.6.2" "version": "9.6.2"
}, },
"lexik/jwt-authentication-bundle": {
"version": "2.16",
"recipe": {
"repo": "github.com/symfony/recipes",
"branch": "main",
"version": "2.5",
"ref": "5b2157bcd5778166a5696e42f552ad36529a07a6"
},
"files": [
"config/packages/lexik_jwt_authentication.yaml"
]
},
"loophp/psr-http-message-bridge-bundle": { "loophp/psr-http-message-bridge-bundle": {
"version": "1.0.0" "version": "1.0.0"
}, },
@ -555,16 +542,15 @@
"version": "4.4", "version": "4.4",
"recipe": { "recipe": {
"repo": "github.com/symfony/recipes", "repo": "github.com/symfony/recipes",
"branch": "main", "branch": "master",
"version": "4.4", "version": "4.4",
"ref": "24eb45d1355810154890460e6a05c0ca27318fe7" "ref": "af2e2efad553bc959a0c61d9185e33ca9eec5c99"
}, },
"files": [ "files": [
"config/bootstrap.php", "config/bootstrap.php",
"config/packages/cache.yaml", "config/packages/cache.yaml",
"config/packages/framework.yaml", "config/packages/framework.yaml",
"config/packages/test/framework.yaml", "config/packages/test/framework.yaml",
"config/preload.php",
"config/routes/dev/framework.yaml", "config/routes/dev/framework.yaml",
"config/services.yaml", "config/services.yaml",
"public/index.php", "public/index.php",