Actualización

plugin/onlyoffice/callback.php

@@ -0,0 +1,264 @@
+<?php
+/**
+ * (c) Copyright Ascensio System SIA 2024.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+require_once __DIR__.'/../../main/inc/global.inc.php';
+
+use ChamiloSession as Session;
+use Onlyoffice\DocsIntegrationSdk\Models\Callback as OnlyofficeCallback;
+use Onlyoffice\DocsIntegrationSdk\Models\CallbackDocStatus;
+
+$plugin = OnlyofficePlugin::create();
+
+if (isset($_GET['hash']) && !empty($_GET['hash'])) {
+    $callbackResponseArray = [];
+    @header('Content-Type: application/json; charset==utf-8');
+    @header('X-Robots-Tag: noindex');
+    @header('X-Content-Type-Options: nosniff');
+
+    $appSettings = new OnlyofficeAppsettings($plugin);
+    $jwtManager = new OnlyofficeJwtManager($appSettings);
+    list($hashData, $error) = $jwtManager->readHash($_GET['hash'], api_get_security_key());
+    if (null === $hashData) {
+        $callbackResponseArray['status'] = 'error';
+        $callbackResponseArray['error'] = $error;
+        exit(json_encode($callbackResponseArray));
+    }
+
+    $type = $hashData->type;
+    $courseId = $hashData->courseId;
+    $userId = $hashData->userId;
+    $docId = $hashData->docId;
+    $groupId = $hashData->groupId;
+    $sessionId = $hashData->sessionId;
+
+    $courseInfo = api_get_course_info_by_id($courseId);
+    $courseCode = $courseInfo['code'];
+
+    if (!empty($userId)) {
+        $userInfo = api_get_user_info($userId);
+    } else {
+        $result['error'] = 'User not found';
+        exit(json_encode($result));
+    }
+
+    if (api_is_anonymous()) {
+        $loggedUser = [
+            'user_id' => $userInfo['id'],
+            'status' => $userInfo['status'],
+            'uidReset' => true,
+        ];
+
+        Session::write('_user', $loggedUser);
+        Login::init_user($loggedUser['user_id'], true);
+    } else {
+        $userId = api_get_user_id();
+    }
+
+    switch ($type) {
+        case 'track':
+            $callbackResponseArray = track();
+            exit(json_encode($callbackResponseArray));
+        case 'download':
+            $callbackResponseArray = download();
+            exit(json_encode($callbackResponseArray));
+        case 'empty':
+            $callbackResponseArray = emptyFile();
+            exit(json_encode($callbackResponseArray));
+        default:
+            $callbackResponseArray['status'] = 'error';
+            $callbackResponseArray['error'] = '404 Method not found';
+            exit(json_encode($callbackResponseArray));
+    }
+}
+
+/**
+ * Handle request from the document server with the document status information.
+ */
+function track(): array
+{
+    $result = [];
+
+    global $plugin;
+    global $courseCode;
+    global $userId;
+    global $docId;
+    global $groupId;
+    global $sessionId;
+    global $courseInfo;
+    global $appSettings;
+    global $jwtManager;
+
+    if (($body_stream = file_get_contents('php://input')) === false) {
+        $result['error'] = 'Bad Request';
+
+        return $result;
+    }
+
+    $data = json_decode($body_stream, true);
+
+    if (null === $data) {
+        $result['error'] = 'Bad Response';
+
+        return $result;
+    }
+
+    if ($jwtManager->isJwtEnabled()) {
+        if (!empty($data['token'])) {
+            try {
+                $payload = $jwtManager->decode($data['token'], $appSettings->getJwtKey());
+            } catch (UnexpectedValueException $e) {
+                $result['status'] = 'error';
+                $result['error'] = '403 Access denied';
+
+                return $result;
+            }
+        } else {
+            $token = substr(getallheaders()[$appSettings->getJwtHeader()], strlen('Bearer '));
+            try {
+                $decodeToken = $jwtManager->decode($token, $appSettings->getJwtKey());
+                $payload = $decodeToken->payload;
+            } catch (UnexpectedValueException $e) {
+                $result['status'] = 'error';
+                $result['error'] = '403 Access denied';
+
+                return $result;
+            }
+        }
+
+        $data['url'] = isset($payload->url) ? $payload->url : null;
+        $data['status'] = $payload->status;
+    }
+
+    $docStatus = new CallbackDocStatus($data['status']);
+    $callback = new OnlyofficeCallback();
+    $callback->setStatus($docStatus);
+    $callback->setKey($docId);
+    $callback->setUrl($data['url']);
+    $callbackService = new OnlyofficeCallbackService(
+        $appSettings,
+        $jwtManager,
+        [
+            'courseCode' => $courseCode,
+            'userId' => $userId,
+            'docId' => $docId,
+            'groupId' => $groupId,
+            'sessionId' => $sessionId,
+            'courseInfo' => $courseInfo,
+        ]);
+    $result = $callbackService->processCallback($callback, $docId);
+
+    return $result;
+}
+
+/**
+ * Downloading file by the document service.
+ */
+function download()
+{
+    global $plugin;
+    global $courseCode;
+    global $userId;
+    global $docId;
+    global $groupId;
+    global $sessionId;
+    global $courseInfo;
+    global $appSettings;
+    global $jwtManager;
+
+    if ($jwtManager->isJwtEnabled()) {
+        $token = substr(getallheaders()[$appSettings->getJwtHeader()], strlen('Bearer '));
+        try {
+            $payload = $jwtManager->decode($token, $appSettings->getJwtKey());
+        } catch (UnexpectedValueException $e) {
+            $result['status'] = 'error';
+            $result['error'] = '403 Access denied';
+
+            return $result;
+        }
+    }
+
+    if (!empty($docId) && !empty($courseCode)) {
+        $docInfo = DocumentManager::get_document_data_by_id($docId, $courseCode, false, $sessionId);
+
+        if (false === $docInfo) {
+            $result['error'] = 'File not found';
+
+            return $result;
+        }
+
+        $filePath = $docInfo['absolute_path'];
+    } else {
+        $result['error'] = 'File not found';
+
+        return $result;
+    }
+
+    @header('Content-Type: application/octet-stream');
+    @header('Content-Disposition: attachment; filename='.$docInfo['title']);
+
+    readfile($filePath);
+    exit;
+}
+
+/**
+ * Downloading empty file by the document service.
+ */
+function emptyFile()
+{
+    global $plugin;
+    global $type;
+    global $courseCode;
+    global $userId;
+    global $docId;
+    global $groupId;
+    global $sessionId;
+    global $courseInfo;
+    global $appSettings;
+    global $jwtManager;
+
+    if ($type !== 'empty') {
+        $result['status'] = 'error';
+        $result['error'] = 'Download empty with other action';
+
+        return $result;
+    }
+
+    if ($jwtManager->isJwtEnabled()) {
+        $token = substr(getallheaders()[$appSettings->getJwtHeader()], strlen('Bearer '));
+        try {
+            $payload = $jwtManager->decode($token, $appSettings->getJwtKey());
+        } catch (UnexpectedValueException $e) {
+            $result['status'] = 'error';
+            $result['error'] = '403 Access denied';
+
+            return $result;
+        }
+    }
+
+    $template = TemplateManager::getEmptyTemplate('docx');
+
+    if (!$template) {
+        $result['status'] = 'error';
+        $result['error'] = 'File not found';
+
+        return $result;
+    }
+
+    @header('Content-Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document');
+    @header('Content-Disposition: attachment; filename='.'docx.docx');
+    readfile($template);
+    exit;
+}