[Libreoffice-commits] online.git: loolwsd/LOOLWSD.cpp loolwsd/Storage.cpp loolwsd/Storage.hpp

Sat, 16 Apr 2016 10:58:45 -0700 

 loolwsd/LOOLWSD.cpp |    2 ++
 loolwsd/Storage.cpp |   48 ++++++++++++++++++++++++++++++++++++++++++++----
 loolwsd/Storage.hpp |    9 +++++++++
 3 files changed, 55 insertions(+), 4 deletions(-)

New commits:
commit 115e654d6322d11b09ca2bb7405cfdbe1d81203c
Author: Ashod Nakashian <ashod.nakash...@collabora.co.uk>
Date:   Sat Apr 16 08:13:59 2016 -0400

    bccu#1648: Limit trusted WOPI hosts
    
    Control allowed/trusted wopi hosts from config.
    
    Change-Id: I730b4be8ef0d47bdb5e490926486184777de4eb0
    Reviewed-on: https://gerrit.libreoffice.org/24135
    Reviewed-by: Ashod Nakashian <ashnak...@gmail.com>
    Tested-by: Ashod Nakashian <ashnak...@gmail.com>

diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp
index 43c23a6..0a06948 100644
--- a/loolwsd/LOOLWSD.cpp
+++ b/loolwsd/LOOLWSD.cpp
@@ -1094,6 +1094,8 @@ void LOOLWSD::initialize(Application& self)
     // which forces admins to set this flag on the command-line.
     config().setBool("storage.filesystem[@allow]", AllowLocalStorage);
 
+    StorageBase::initialize();
+
     ServerApplication::initialize(self);
 }
 
diff --git a/loolwsd/Storage.cpp b/loolwsd/Storage.cpp
index 3929df6..1fb3bba 100644
--- a/loolwsd/Storage.cpp
+++ b/loolwsd/Storage.cpp
@@ -31,6 +31,10 @@
 ///////////////////
 // StorageBase Impl
 ///////////////////
+bool StorageBase::_filesystemEnabled;
+bool StorageBase::_wopiEnabled;
+std::vector<std::string> StorageBase::_wopiHosts;
+
 std::string StorageBase::getLocalRootPath() const
 {
     auto localPath = _jailPath;
@@ -52,15 +56,47 @@ size_t StorageBase::getFileSize(const std::string& filename)
     return std::ifstream(filename, std::ifstream::ate | 
std::ifstream::binary).tellg();
 }
 
+void StorageBase::initialize()
+{
+    const auto& app = Poco::Util::Application::instance();
+    _filesystemEnabled = app.config().getBool("storage.filesystem[@allow]", 
false);
+
+    // Parse the WOPI settings.
+    _wopiHosts.clear();
+    _wopiEnabled = app.config().getBool("storage.wopi[@allow]", false);
+    if (_wopiEnabled)
+    {
+        for (size_t i = 0; ; ++i)
+        {
+            const std::string path = "storage.wopi.host[" + std::to_string(i) 
+ "]";
+            if (app.config().getBool(path + "[@allow]", false))
+            {
+                const auto host = app.config().getString(path, "");
+                if (!host.empty())
+                {
+                    Log::info("Adding trusted WOPI host: [" + host + "].");
+                    _wopiHosts.push_back(host);
+                }
+            }
+            else if (!app.config().has(path))
+            {
+                break;
+            }
+        }
+    }
+}
+
 std::unique_ptr<StorageBase> StorageBase::create(const std::string& jailRoot, 
const std::string& jailPath, const Poco::URI& uri)
 {
     std::unique_ptr<StorageBase> storage;
 
     if (UnitWSD::get().createStorage(jailRoot, jailPath, uri, storage))
-        Log::info("Storage load hooked");
+    {
+        Log::info("Storage load hooked.");
+    }
     else if (uri.isRelative() || uri.getScheme() == "file")
     {
-        if 
(!Poco::Util::Application::instance().config().getBool("storage.filesystem[@allow]",
 false))
+        if (!_filesystemEnabled)
         {
             Log::error("Local Storage is disabled by default. Specify 
allowlocalstorage on the command-line to enable.");
             return nullptr;
@@ -69,13 +105,17 @@ std::unique_ptr<StorageBase> StorageBase::create(const 
std::string& jailRoot, co
         Log::info("Public URI [" + uri.toString() + "] is a file.");
         storage = std::unique_ptr<StorageBase>(new LocalStorage(jailRoot, 
jailPath, uri.getPath()));
     }
-    else
+    else if (_wopiEnabled)
     {
         Log::info("Public URI [" + uri.toString() +
                   "] assuming cloud storage.");
-        //TODO: Configure the storage to use. For now, assume it's WOPI.
         storage = std::unique_ptr<StorageBase>(new WopiStorage(jailRoot, 
jailPath, uri.toString()));
     }
+    else
+    {
+        throw std::runtime_error("No Storage configured or invalid URI.");
+    }
+
     return storage;
 }
 
diff --git a/loolwsd/Storage.hpp b/loolwsd/Storage.hpp
index 29f0fc3..9855bbb 100644
--- a/loolwsd/Storage.hpp
+++ b/loolwsd/Storage.hpp
@@ -69,6 +69,10 @@ public:
     static
     size_t getFileSize(const std::string& filename);
 
+    /// Must be called at startup to configure.
+    static void initialize();
+
+    /// Storage object creation factory.
     static std::unique_ptr<StorageBase> create(const std::string& jailRoot,
                                                const std::string& jailPath,
                                                const Poco::URI& uri);
@@ -79,6 +83,11 @@ protected:
     const std::string _uri;
     std::string _jailedFilePath;
     FileInfo _fileInfo;
+
+    static bool _filesystemEnabled;
+    static bool _wopiEnabled;
+    /// Allowed/trusted WOPI hosts, if any and if WOPI is enabled.
+    static std::vector<std::string> _wopiHosts;
 };
 
 /// Trivial implementation of local storage that does not need do anything.
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

Reply via email to