Merge branch 'develop'

Author: cdujeu

README.md

@@ -10,7 +10,7 @@
 
 This is the main source code repository of Pydio (formerly AjaXplorer), containing all the PHP server and HTML5 Web GUI.
 
-* Latest Stable release : 8.0.0
+* Latest Stable release : 8.0.1
 * License: [AGPLv3](https://www.gnu.org/licenses/agpl.html)
 * Lead developer  : Charles du Jeu (cdujeu): [Github](https://github.com/cdujeu) | [Twitter](https://twitter.com/Pydio)
 
@@ -59,7 +59,7 @@ If you think you have found a bug and a way to fix it neatly in the code, use a
 
 #### Writing new plugins
 
-Please read the Developer doc located at https://pydio.com/en/docs/developer-guide-v7, you will find here a bunch of useful information about the plugins architecture, how to create your own plugin, etc. The action.skeleton plugin is a perfect start for that. 
+Please read the Developer doc located at https://pydio.com/en/docs/developer-guide, you will find here a bunch of useful information about the plugins architecture, how to create your own plugin, etc. The action.skeleton plugin is a perfect start for that. 
 
 New in latest build, in the Settings panel, you can find a new "Developer" node where all actions contributed by all plugins are listed. These can be called either by http, or via the CLI API. At the same location, you will find all "hooks" registered and triggered in the server, that are VERY useful when you want your plugin to be really sandboxed.  
 

core/src/conf/RELEASE_NOTE

@@ -1,6 +1,71 @@
 Pydio ##VERSION_NUMBER## Release Note
 
-Bug Fixes for 8.0.0 :
+This is a bugfix for Pydio 8.0.1, below is a list of the commits
+
+Fix ldap mapping attribute to roles
+Update version to 8.0.1
+Fixing a remote stream function
+Adding ability to re-generate refresh token if expired
+Missing hook for filter_boot.conf
+Previous vpath adapter is replaced by use_path_style_endpoint in client config (for custom url)
+Make sure action.cart will mount its react component by default.
+Clean manifest from old actions
+Disable background copy if not using session api, seems to break sync client in some case.
+Fix test before create new alias class
+Fix set context for object
+Fix test key "type" if it exists
+Fix test key "type" if it exists
+Fix migration public link with password
+Fix collabora on smb + session credential workspace
+Fix collabora on smb + session credential workspace
+Fix collabora on smb + session credential workspace
+Updated Korean translation
+Missing comma in Korean i18n file was added
+Fix remember me feature
+Fix upload dialog width when there are few uploaders - Close #1384
+Fix #1376
+Replace Pear dependency to Mail_mimeDecode to Composer library. Should remove problematic plugin dependency, see #1385
+Force redirecting to https version of Pixlr - See #1371
+Php doc fix
+False negtive on OB detection
+Fix #1393
+Typo in forbidden
+Typo
+Fix postgresql convert false to "false"
+Remove fuzzy search and upgrade elastica to 5.3.0
+Fix displaying user in sql groups
+Close session before reading audio file
+Remove unused img_library and associated images
+Fix developer doc link - Close #1395
+Add support referral binding
+Implement a default displaymode and default sorting parameter per workspace
+Fix download resuming
+Fix #1355 - Use renamed from SOURCE instead of renamed to NODE
+Remove src attributes
+Fix api v2 create user
+Reduce Batch size for delete - Fix usage of PATH parameter in S3 driver - Close #1365 at last !
+Avoid some js errors with empty values
+Forgotten console
+Fix getS3Service() method
+Add param for smb option
+Fix error while index mounted repo
+Update password fields everywhere to avoid allowing save when not correctly set.
+Fix Admin create/delete group works only if group id starts with double slash
+Fix disclaimer dialog (enable scrollBody)
+Throw an error when trying to restore on an existing file. Close #1368
+Fix write-only workspace : wrong response header - do not show activity log. Close #1367
+Hack for user specific locks and api access
+Fix quota not updating on workspace switch
+Change Accept-Ranges header
+Plugin Load ClassFile for a given php version if necessary
+Fix Advanced Search and meta fields, inc. missing Content field. Factorize in AbstractSearchEngineIndexer. Try to fix login window not appearing in some case Fix Quota panel not refreshed
+New BookmarksList - Meta/Ctrl key support in main files list (close #1351)
+Forms: lower onChange trigger timeout to avoid field blinking
+Fix field validation
+
+========================
+
+Pydio 8.0.1 - 2017/06/15 - Bug Fixes for 8.0.0
 
 [Most noticeable]
 Fix wrong path separator, triggering error on open_basedir

core/src/core/composer.json

@@ -14,13 +14,14 @@
     "gimler/guzzle-description-loader" : "*",
     "commerceguys/guzzle-oauth2-plugin": "~2.0",
     "nikic/fast-route":"~1.0",
-    "symfony/console":"^3.0",
+    "symfony/console":"3.3.9",
     "davegardnerisme/nsqphp": "dev-master",
     "sabre/dav":"1.8.10",
     "aws/aws-sdk-php": "^3.19.4",
     "meenie/javascript-packer":"1.1",
     "dapphp/securimage":"3.6.4",
-    "phpseclib/phpseclib":"2.0.3"
+    "phpseclib/phpseclib":"2.0.3",
+    "pear/mail_mime-decode":"1.5.5.2"
   }
 
 }

core/src/core/src/pydio/Core/Controller/Controller.php

@@ -228,6 +228,7 @@ public static function run(ServerRequestInterface $request, &$actionNode = null)
                         && $loggedUser->canWrite($ctx->getRepositoryId()."")){
                         // Special case of "write only" right : return empty listing, no auth error.
                         $response = new Response();
+                        $response = $response->withHeader("Content-type", "text/xml");
                         $response->getBody()->write(XMLHelper::wrapDocument(""));
                         return $response;
                     }else{

core/src/core/src/pydio/Core/Exception/ForbiddenCharacterException.php

@@ -34,6 +34,6 @@ class ForbiddenCharacterException extends PydioException
      */
     public function __construct($originalString)
     {
-        parent::__construct("$originalString contains forbbiden characters", null, 5012);
+        parent::__construct("$originalString contains forbidden characters", null, 5012);
     }
 }

core/src/core/src/pydio/Core/Http/Response/FileReaderResponse.php

@@ -240,8 +240,11 @@ public function readFile($node = null, $filePath = null, $data = null, $headerTy
 
         $localName = ($localName =="" ? basename((isSet($originalFilePath)?$originalFilePath:$filePathOrData)) : $localName);
 
-        if ($headerType == "plain") {
 
+        header("Pragma: public");
+        header("Cache-Control: public, must-revalidate, post-check=0, pre-check=0");
+
+        if ($headerType == "plain") {
             header("Content-type:text/plain");
             header("Content-Length: ".$size);
 
@@ -253,14 +256,16 @@ public function readFile($node = null, $filePath = null, $data = null, $headerTy
 
         } else {
 
+            header("Accept-Ranges: bytes");
+
             if ($isFile) {
-                header("Accept-Ranges: 0-$size");
                 $this->logDebug("Sending accept range 0-$size");
+                $tsstring = gmdate('D, d M Y H:i:s ', filemtime($filePathOrData)) . 'GMT';
+                header("Last-Modified: $tsstring");
             }
 
             // Check if we have a range header (we are resuming a transfer)
             if ( isset($serverParams['HTTP_RANGE']) && $isFile && $size != 0 ) {
-
                 if ($headerType == "stream_content") {
 
                     if (extension_loaded('fileinfo')  && (( $node !== null && !$node->wrapperIsRemote()) || $filePath !== null)) {
@@ -282,15 +287,25 @@ public function readFile($node = null, $filePath = null, $data = null, $headerTy
                 // multiple ranges, which can become pretty complex, so ignore it for now
                 $ranges = explode('=', $_SERVER['HTTP_RANGE']);
                 $offsets = explode('-', $ranges[1]);
-                $offset = floatval($offsets[0]);
+                if(!$offsets[0]) {
+                    $offset = 0;
+                }else{
+                    $offset = floatval($offsets[0]);
+                }
+
+                if (!$offsets[1]) {
+                    $length = $size - $offset;
+                }else{
+                    $length = floatval($offsets[1]) - $offset;
+                    if ($length + $offset > $size || $length < 0) {
+                        $length = $size - $offset;
+                    }
+                }
 
-                $length = floatval($offsets[1]) - $offset;
-                if (!$length) $length = $size - $offset;
-                if ($length + $offset > $size || $length < 0) $length = $size - $offset;
+                $dataSizeFromOffset = ($offset + $length - 1) >= 0 ? ($offset + $length - 1): 0;
                 $this->logDebug('Content-Range: bytes ' . $offset . '-' . $length . '/' . $size);
                 header('HTTP/1.1 206 Partial Content');
-                header('Content-Range: bytes ' . $offset . '-' . ($offset + $length) . '/' . $size);
-
+                header('Content-Range: bytes ' . $offset . '-' . $dataSizeFromOffset . '/' . $size);
                 header("Content-Length: ". $length);
                 $file = fopen($filePathOrData, 'rb');
                 if(!is_resource($file)){
@@ -304,32 +319,28 @@ public function readFile($node = null, $filePath = null, $data = null, $headerTy
                     $relOffset -= 2000000000;
                     // This works because we never overcome the PHP 32 bit limit
                 }
-                fseek($file, $relOffset, SEEK_CUR);
+                $fseek = fseek($file, $relOffset, SEEK_CUR);
 
                 while(ob_get_level()) ob_end_flush();
                 $readSize = 0.0;
                 $bufferSize = 1024 * 8;
                 while (!feof($file) && $readSize < $length && connection_status() == 0) {
-                    $this->logDebug("dl reading $readSize to $length", ["httpRange" => $serverParams["HTTP_RANGE"]]);
-                    echo fread($file, $bufferSize);
+                    echo  fread($file, $bufferSize);
                     $readSize += $bufferSize;
                     flush();
                 }
 
                 fclose($file);
                 return;
 
-            } else {
-
+            }
+            else {
                 if ($confGzip) {
-
                     $gzippedData = ($data?gzencode($filePathOrData,9):gzencode(file_get_contents($filePathOrData), 9));
                     $size = strlen($gzippedData);
 
                 }
-
                 HTMLWriter::emitAttachmentsHeaders($localName, $size, $isFile, $confGzip);
-
                 if ($confGzip && isSet($gzippedData)) {
                     print $gzippedData;
                     return;
@@ -448,7 +459,7 @@ protected function sendToAccelerator($accelConfiguration, $localPathOrNode, $ser
         // Pydio Agent acceleration - We make sure that request was really proxied by Agent, by checking a specific header.
         if($accelConfiguration === "pydio" && array_key_exists("HTTP_X_PYDIO_DOWNLOAD_SUPPORTED", $serverParams)
             && ApiKeysService::requestHasValidHeadersForAdminTask($serverParams, PYDIO_BOOSTER_TASK_IDENTIFIER)) {
-            
+
             if ($localPathOrNode instanceof AJXP_Node) {
                 $options = MetaStreamWrapper::getResolvedOptionsForNode($localPathOrNode);
                 if($options["TYPE"] === "php"){

core/src/core/src/pydio/Core/Http/Wopi/AuthFrontend.php

@@ -23,10 +23,12 @@
 use JWT;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
+use Pydio\Auth\Core\MemorySafe;
 use Pydio\Core\Model\ContextInterface;
 use Pydio\Core\Services\ApiKeysService;
 use Pydio\Auth\Frontend\Core\AbstractAuthFrontend;
 use Pydio\Conf\Sql\SqlConfDriver;
+use Pydio\Core\Services\CacheService;
 use Pydio\Log\Core\Logger;
 use Zend\Diactoros\UploadedFile;
 
@@ -137,6 +139,12 @@ function tryToLogUser(ServerRequestInterface &$request, ResponseInterface &$resp
         $token = $payload->token;
         $task = $payload->task;
 
+        // store  encrypted user's credential in cache.
+        $sessionId = $payload->session_id;
+        $encryptedString = CacheService::fetch(AJXP_CACHE_SERVICE_NS_SHARED, $sessionId);
+        $credential = MemorySafe::getCredentialsFromEncodedString($encryptedString);
+        MemorySafe::storeCredentials($credential["user"], $credential["password"]);
+
         $key = ApiKeysService::findPairForAdminTask($task, $currentUser->getId());
 
         if ($key["t"] !== $token) {

core/src/core/src/pydio/Core/PluginFramework/Plugin.php

@@ -782,7 +782,18 @@ public function getClassFile()
         if($this->manifestXML != null) $this->unserializeManifest();
         $files = $this->xPath->query("class_definition");
         if(!$files->length) return false;
-        return $this->nodeAttrToHash($files->item(0));
+        foreach($files as $classDef){
+            $data = $this->nodeAttrToHash($classDef);
+            if(!empty($data["version"])){
+                if (version_compare(phpversion(), $data["version"]) >= 0) {
+                    return $data;
+                } else {
+                    continue;
+                }
+            } else {
+                return $data;
+            }
+        }
     }
 
     /**

core/src/core/src/pydio/Core/Services/UsersService.php

@@ -235,7 +235,7 @@ public static function invalidateCache(){
 
     }
 
-    
+
 
     /**
      * Whether the whole users management system is enabled or not.
@@ -331,7 +331,7 @@ public static function isReservedUserId($username)
      * @param $userId
      * @param $userPass
      * @param bool $cookieString
-     * @return bool|void
+     * @return bool
      * @throws UserNotFoundException
      */
     public static function checkPassword($userId, $userPass, $cookieString = false)
@@ -341,7 +341,7 @@ public static function checkPassword($userId, $userPass, $cookieString = false)
         $authDriver = ConfService::getAuthDriverImpl();
         if ($cookieString) {
             $userObject = self::getUserById($userId);
-            $res = CookiesHelper::checkCookieString($userObject, $userPass);
+            $res = CookiesHelper::checkCookieString($userObject, $cookieString);
             return $res;
         }
         return $authDriver->checkPassword($userId, $userPass);
@@ -623,7 +623,7 @@ public static function browseUsersGroupsWithCallback($baseGroup, $userCallback,
         if($recursive){
             $childrenGroups = $authDriver->listChildrenGroups($baseGroup);
             foreach($childrenGroups as $relativePath => $groupLabel){
-                self::browseUsersGroupsWithCallback(rtrim($baseGroup, "/")."/".$relativePath, $userCallback, true, $groupCallback, $groupLabel);
+                self::browseUsersGroupsWithCallback(rtrim($baseGroup, "/")."/".ltrim($relativePath,"/"), $userCallback, true, $groupCallback, $groupLabel);
             }
         }
 
@@ -765,4 +765,4 @@ public static function getUserPersonalParameter($parameterName, $userIdOrObject,
         return $value;
 
     }
-}
+}

core/src/core/src/pydio/Tests/PHP_OB.php

@@ -41,7 +41,7 @@ public function doTest()
     {
         $this->failedLevel = "warning";
         $v = @ini_get("output_buffering");
-        if (isSet($v) && (is_numeric($v) || strtolower($v) == "on")) {
+        if (isSet($v) && ( (is_numeric($v) && $v != "0") || strtolower($v) == "on")) {
             $this->testedParams["PHP Output Buffer disabled"] = "No";
             return FALSE;
         } else if (!isSet($v)) {