From b5cdba09bb37f9fbfa794c7bb6768ca07b55fca7 Mon Sep 17 00:00:00 2001
From: Alex ORLUC <alex.orluc@maarch.org>
Date: Mon, 6 Apr 2020 11:56:25 +0200
Subject: [PATCH] FEAT #13670 TIME 1 add pipe secure url for view front url
---
src/frontend/app/app-common.module.ts | 3 ++
.../attachments-list.component.html | 2 +-
.../folder-document-list.component.html | 2 +-
.../followed-document-list.component.html | 2 +-
src/frontend/app/home/home.component.html | 2 +-
.../linked-resource-list.component.html | 2 +-
.../app/list/basket-list.component.html | 2 +-
src/frontend/plugins/secureUrl.pipe.ts | 40 +++++++++++++++++++
8 files changed, 49 insertions(+), 6 deletions(-)
create mode 100644 src/frontend/plugins/secureUrl.pipe.ts
diff --git a/src/frontend/app/app-common.module.ts b/src/frontend/app/app-common.module.ts
index 47a4678477a..41825d2db29 100755
--- a/src/frontend/app/app-common.module.ts
+++ b/src/frontend/app/app-common.module.ts
@@ -26,6 +26,7 @@ import { TimeLimitPipe } from '../plugins/timeLimit.pipe';
import { FilterListPipe } from '../plugins/filterList.pipe';
import { FullDatePipe } from '../plugins/fullDate.pipe';
import { SafeHtmlPipe } from '../plugins/safeHtml.pipe';
+import { SecureUrlPipe } from '../plugins/secureUrl.pipe';
import { EcplOnlyofficeViewerComponent } from '../plugins/onlyoffice-api-js/onlyoffice-viewer.component';
/*FRONT IMPORTS*/
@@ -110,6 +111,7 @@ export class MyHammerConfig extends HammerGestureConfig {
FilterListPipe,
FullDatePipe,
SafeHtmlPipe,
+ SecureUrlPipe,
IndexingGroupModalComponent,
SmdFabSpeedDialComponent,
SmdFabSpeedDialTrigger,
@@ -156,6 +158,7 @@ export class MyHammerConfig extends HammerGestureConfig {
FilterListPipe,
FullDatePipe,
SafeHtmlPipe,
+ SecureUrlPipe,
PdfViewerModule,
NgStringPipesModule,
SmdFabSpeedDialComponent,
diff --git a/src/frontend/app/attachments/attachments-list.component.html b/src/frontend/app/attachments/attachments-list.component.html
index 6da94830136..3b7b35b03ab 100644
--- a/src/frontend/app/attachments/attachments-list.component.html
+++ b/src/frontend/app/attachments/attachments-list.component.html
@@ -16,7 +16,7 @@
</mat-button-toggle>
</mat-button-toggle-group>
<mat-card *ngFor="let attachment of attachments | filterList:currentFilter:'type'"
- [class.signed]="attachment.status==='SIGN'" [style.background-image]="'url('+attachment.thumbnailUrl+')'"
+ [class.signed]="attachment.status==='SIGN'" [style.background-image]="'url('+(attachment.thumbnailUrl | secureUrl | async)+')'"
style="padding:0;margin: 30px;min-height: 300px;background-size: cover;overflow: hidden;"
(mouseover)="$event.stopPropagation();toggleInfo(attachment,true)">
<div class="layout" *ngIf="attachment.hideMainInfo" [@myAnimation] (click)="showAttachment(attachment)">
diff --git a/src/frontend/app/folder/document-list/folder-document-list.component.html b/src/frontend/app/folder/document-list/folder-document-list.component.html
index 9a1da881adb..a547d2270db 100644
--- a/src/frontend/app/folder/document-list/folder-document-list.component.html
+++ b/src/frontend/app/folder/document-list/folder-document-list.component.html
@@ -1,7 +1,7 @@
<mat-sidenav-container class="maarch-container">
<mat-sidenav-content>
<mat-card id="viewThumbnail" style="display:none;position: fixed;z-index: 2;margin-left: 1px;">
- <img style="max-height: 100vh;" src="{{thumbnailUrl}}" />
+ <img style="max-height: 100vh;" [src]="thumbnailUrl | secureUrl | async" />
</mat-card>
<div class="bg-head">
<div class="bg-head-title" [class.customContainerRight]="appService.getViewMode()">
diff --git a/src/frontend/app/home/followed-list/followed-document-list.component.html b/src/frontend/app/home/followed-list/followed-document-list.component.html
index 47cf008c4c7..ed8fd1d7a0c 100644
--- a/src/frontend/app/home/followed-list/followed-document-list.component.html
+++ b/src/frontend/app/home/followed-list/followed-document-list.component.html
@@ -1,7 +1,7 @@
<mat-sidenav-container class="maarch-container">
<mat-sidenav-content>
<mat-card id="viewThumbnail" style="display:none;position: fixed;z-index: 2;margin-left: 1px;">
- <img style="max-height: 100vh;" src="{{thumbnailUrl}}" />
+ <img style="max-height: 100vh;" [src]="thumbnailUrl | secureUrl | async" />
</mat-card>
<div class="bg-head">
<div class="bg-head-title" [class.customContainerRight]="appService.getViewMode()">
diff --git a/src/frontend/app/home/home.component.html b/src/frontend/app/home/home.component.html
index dc1c740c278..e7e72a734a0 100644
--- a/src/frontend/app/home/home.component.html
+++ b/src/frontend/app/home/home.component.html
@@ -1,7 +1,7 @@
<mat-sidenav-container autosize class="maarch-container">
<mat-sidenav-content>
<mat-card id="viewThumbnail" style="display:none;position: fixed;z-index: 2;margin-left: 1px;"><img
- style="max-height: 100vh;" src="{{thumbnailUrl}}" />
+ style="max-height: 100vh;" [src]="thumbnailUrl | secureUrl | async" />
</mat-card>
<div class="bg-head">
<div class="bg-head-title" [class.customContainerRight]="appService.getViewMode()">
diff --git a/src/frontend/app/linkedResource/linked-resource-list.component.html b/src/frontend/app/linkedResource/linked-resource-list.component.html
index c141469f5e7..c18a29c9470 100644
--- a/src/frontend/app/linkedResource/linked-resource-list.component.html
+++ b/src/frontend/app/linkedResource/linked-resource-list.component.html
@@ -6,7 +6,7 @@
<ng-template #elseLoading>
<mat-card id="viewThumbnail"
style="display:none;position: fixed;z-index: 2;margin-left: 1px;left: 50%;transform: translate(-50%,-50%);top: 50%;">
- <img style="max-height: 100vh;" src="{{thumbnailUrl}}" /></mat-card>
+ <img style="max-height: 100vh;" [src]="thumbnailUrl | secureUrl | async" /></mat-card>
<div class="row" style="margin: 0px;">
<div class="col-md-12">
<mat-paginator #paginator [length]="100" [hidePageSize]="true" [pageSize]="10">
diff --git a/src/frontend/app/list/basket-list.component.html b/src/frontend/app/list/basket-list.component.html
index 79e25b250a0..2077e779263 100644
--- a/src/frontend/app/list/basket-list.component.html
+++ b/src/frontend/app/list/basket-list.component.html
@@ -1,6 +1,6 @@
<mat-sidenav-container class="maarch-container">
<mat-sidenav-content>
- <mat-card id="viewThumbnail" style="display:none;position: fixed;z-index: 2;margin-left: 1px;"><img style="max-height: 100vh;" src="{{thumbnailUrl}}" /></mat-card>
+ <mat-card id="viewThumbnail" style="display:none;position: fixed;z-index: 2;margin-left: 1px;"><img style="max-height: 100vh;" [src]="thumbnailUrl | secureUrl | async" /></mat-card>
<div class="bg-head">
<div class="bg-head-title" [class.customContainerRight]="appService.getViewMode()">
<div class="bg-head-title-label">
diff --git a/src/frontend/plugins/secureUrl.pipe.ts b/src/frontend/plugins/secureUrl.pipe.ts
new file mode 100644
index 00000000000..99e88efc35b
--- /dev/null
+++ b/src/frontend/plugins/secureUrl.pipe.ts
@@ -0,0 +1,40 @@
+import { Pipe, PipeTransform } from '@angular/core';
+import { HttpClient, HttpHeaders } from '@angular/common/http';
+import { Observable } from 'rxjs/internal/Observable';
+import { AuthService } from '../service/auth.service';
+
+@Pipe({
+ name: 'secureUrl'
+})
+export class SecureUrlPipe implements PipeTransform {
+
+ constructor(
+ private http: HttpClient,
+ private authService: AuthService
+ ) { }
+
+ transform(url: string) {
+ const headers = new HttpHeaders({
+ 'Authorization': 'Bearer ' + this.authService.getToken()
+ });
+
+ return new Observable<string>((observer) => {
+ // This is a tiny blank image
+ observer.next('data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==');
+
+ if (url !== undefined) {
+ // The next and error callbacks from the observer
+ const { next, error } = observer;
+
+ this.http.get(url, { headers: headers, responseType: 'blob' }).subscribe(response => {
+ const reader = new FileReader();
+ reader.readAsDataURL(response);
+ reader.onloadend = () => {
+ observer.next(reader.result as any);
+ };
+ });
+ }
+ return { unsubscribe() { } };
+ });
+ }
+}
--
GitLab