mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-11 00:14:50 +03:00
135 lines
4.2 KiB
PHP
135 lines
4.2 KiB
PHP
<?php
|
|
|
|
namespace OCA\SnappyMail\Controller;
|
|
|
|
use OCA\SnappyMail\Util\SnappyMailHelper;
|
|
|
|
use OCP\AppFramework\Controller;
|
|
use OCP\AppFramework\Http\ContentSecurityPolicy;
|
|
use OCP\AppFramework\Http\TemplateResponse;
|
|
|
|
class PageController extends Controller
|
|
{
|
|
/**
|
|
* @NoAdminRequired
|
|
* @NoCSRFRequired
|
|
*/
|
|
public function index()
|
|
{
|
|
// Uncomment to test without using an iframe
|
|
// return static::index_embed();
|
|
|
|
\OC::$server->getNavigationManager()->setActiveEntry('snappymail');
|
|
|
|
\OCP\Util::addStyle('snappymail', 'style');
|
|
|
|
$query = '';
|
|
// If the user has set credentials for SnappyMail in their personal
|
|
// settings, override everything before and use those instead.
|
|
$config = \OC::$server->getConfig();
|
|
$sUID = \OC::$server->getUserSession()->getUser()->getUID();
|
|
$sEmail = $config->getUserValue($sUID, 'snappymail', 'snappymail-email', '');
|
|
if ($sEmail) {
|
|
$password = SnappyMailHelper::decodePassword(
|
|
$config->getUserValue($sUID, 'snappymail', 'snappymail-password', ''),
|
|
\md5($sEmail)
|
|
);
|
|
if ($password) {
|
|
$query = '?sso&hash=' . \RainLoop\Api::CreateUserSsoHash($sEmail, $password);
|
|
}
|
|
}
|
|
if (!$query) {
|
|
$session = \OC::$server->getSession();
|
|
if (!empty($session['snappymail-sso-hash'])) {
|
|
$query = '?sso&hash=' . $session['snappymail-sso-hash'];
|
|
}
|
|
}
|
|
|
|
$params = [
|
|
'snappymail-iframe-url' => SnappyMailHelper::normalizeUrl(SnappyMailHelper::getAppUrl()) . $query
|
|
];
|
|
|
|
$response = new TemplateResponse('snappymail', 'index', $params);
|
|
|
|
$csp = new ContentSecurityPolicy();
|
|
$csp->addAllowedFrameDomain("'self'");
|
|
$response->setContentSecurityPolicy($csp);
|
|
|
|
return $response;
|
|
}
|
|
|
|
/**
|
|
* @NoAdminRequired
|
|
* @NoCSRFRequired
|
|
*/
|
|
public function appGet()
|
|
{
|
|
SnappyMailHelper::startApp();
|
|
}
|
|
|
|
/**
|
|
* @NoAdminRequired
|
|
* @NoCSRFRequired
|
|
*/
|
|
public function appPost()
|
|
{
|
|
SnappyMailHelper::startApp();
|
|
}
|
|
|
|
/**
|
|
* Draft code to run without using an iframe
|
|
*/
|
|
private static function index_embed()
|
|
{
|
|
\OC::$server->getNavigationManager()->setActiveEntry('snappymail');
|
|
|
|
\OCP\Util::addStyle('snappymail', 'style');
|
|
|
|
SnappyMailHelper::startApp(true);
|
|
$webPath = \OC::$server->getAppManager()->getAppWebPath('snappymail') . '/app';
|
|
$oConfig = \RainLoop\Api::Config();
|
|
$oActions = \RainLoop\Api::Actions();
|
|
$oHttp = \MailSo\Base\Http::SingletonInstance();
|
|
$oServiceActions = new \RainLoop\ServiceActions($oHttp, $oActions);
|
|
$sAppJsMin = $oConfig->Get('labs', 'use_app_debug_js', false) ? '' : '.min';
|
|
$sAppCssMin = $oConfig->Get('labs', 'use_app_debug_css', false) ? '' : '.min';
|
|
$sLanguage = $oActions->GetLanguage(false);
|
|
|
|
$sScriptNonce = \OC::$server->getContentSecurityPolicyNonceManager()->getNonce();
|
|
// $sScriptNonce = \SnappyMail\UUID::generate();
|
|
// \RainLoop\Service::setCSP($sScriptNonce);
|
|
|
|
$params = [
|
|
'LoadingDescriptionEsc' => \htmlspecialchars($oConfig->Get('webmail', 'loading_description', 'SnappyMail'), ENT_QUOTES|ENT_IGNORE, 'UTF-8'),
|
|
'BaseTemplates' => \RainLoop\Utils::ClearHtmlOutput($oServiceActions->compileTemplates(false)),
|
|
'BaseAppBootScript' => \str_replace(
|
|
'loadScript(`./?/',
|
|
'loadScript(`'.$webPath.'/?/',
|
|
\file_get_contents(APP_VERSION_ROOT_PATH.'static/js'.($sAppJsMin ? '/min' : '').'/boot'.$sAppJsMin.'.js')
|
|
),
|
|
'BaseAppBootScriptNonce' => $sScriptNonce,
|
|
'BaseLanguage' => $oActions->compileLanguage($sLanguage, false),
|
|
];
|
|
|
|
\OCP\Util::addHeader('style', ['id'=>'app-boot-css'], \file_get_contents(APP_VERSION_ROOT_PATH.'static/css/boot'.$sAppCssMin.'.css'));
|
|
\OCP\Util::addHeader('link', ['type'=>'text/css','rel'=>'stylesheet','href'=>\RainLoop\Utils::WebStaticPath('css/app'.$sAppCssMin.'.css')], '');
|
|
\OCP\Util::addHeader('style', ['id'=>'app-theme-style','data-href'=>$oActions->ThemeLink(false)],
|
|
\preg_replace(
|
|
'/\\s*([:;{},]+)\\s*/s',
|
|
'$1',
|
|
$oActions->compileCss($oActions->GetTheme(false), false)
|
|
));
|
|
|
|
$response = new TemplateResponse('snappymail', 'index_embed', $params);
|
|
|
|
$csp = new ContentSecurityPolicy();
|
|
$csp->addAllowedScriptDomain("'self'");
|
|
$csp->useStrictDynamic(true);
|
|
$csp->allowEvalScript(true); // $csp->addAllowedScriptDomain("'unsafe-eval'");
|
|
$csp->addAllowedStyleDomain("'self'");
|
|
$response->setContentSecurityPolicy($csp);
|
|
|
|
return $response;
|
|
}
|
|
|
|
}
|