fix: generate token for user shared config url

Signed-off-by: codewithvk <[email protected]>

lib/Controller/SettingsController.php

@@ -7,7 +7,6 @@
 
 use OCA\Richdocuments\AppConfig;
 use OCA\Richdocuments\Capabilities;
-use OCA\Richdocuments\Db\WopiMapper;
 use OCA\Richdocuments\Service\CapabilitiesService;
 use OCA\Richdocuments\Service\ConnectivityService;
 use OCA\Richdocuments\Service\DemoService;
@@ -26,7 +25,6 @@
 use OCP\Files\NotPermittedException;
 use OCP\Files\SimpleFS\ISimpleFile;
 use OCP\IConfig;
-use OCP\IGroupManager;
 use OCP\IL10N;
 use OCP\IRequest;
 use OCP\IURLGenerator;
@@ -59,9 +57,7 @@ public function __construct(
 		private FontService $fontService,
 		private SettingsService $settingsService,
 		private LoggerInterface $logger,
-		private IGroupManager $groupManager,
 		private IURLGenerator $urlGenerator,
-		private WopiMapper $wopiMapper,
 		private ?string $userId,
 	) {
 		parent::__construct($appName, $request);
@@ -423,22 +419,15 @@ public function getFontFileOverview(string $name): DataDisplayResponse {
 	 * @param string $type - Type is 'admin' or 'user'
 	 * @return DataResponse
 	 */
-	public function generateIframeToken(string $type) : DataResponse {
-		$userId = $this->userId;
-		if ($type === 'admin' && !$this->groupManager->isAdmin($userId)) {
+	public function generateIframeToken(string $type): DataResponse {
+		try {
+			$response = $this->settingsService->generateIframeToken($type, $this->userId);
+			return new DataResponse($response);
+		} catch (\Exception $e) {
 			return new DataResponse([
-				'message' => 'Permission denied'
-			], Http::STATUS_FORBIDDEN);
+				'message' => 'Settings token not generated.'
+			], Http::STATUS_INTERNAL_SERVER_ERROR);
 		}
-		$serverHost = $this->urlGenerator->getAbsoluteURL('/');
-		$version = $this->capabilitiesService->getProductVersion();
-
-		$wopi = $this->wopiMapper->generateUserSettingsToken(-1, $userId, $version, $serverHost);
-
-		return new DataResponse([
-			'token' => $wopi->getToken(),
-			'token_ttl' => $wopi->getExpiry(),
-		]);
 	}
 
 	/**

lib/Controller/WopiController.php

@@ -411,12 +411,12 @@ public function getSettings(string $type, string $access_token): JSONResponse {
 		try {
 			$wopi = $this->wopiMapper->getWopiForToken($access_token);
 			if ($wopi->getTokenType() !== Wopi::TOKEN_TYPE_SETTING_AUTH) {
-				return new JSONResponse(['error' => 'Invalid token type'], Http::STATUS_FORBIDDEN);
+				return new JSONResponse(['error' => 'Invalid token type'], Http::STATUS_BAD_REQUEST);
 			}
 
 			$user = $this->userManager->get($wopi->getOwnerUid());
 			if (!$user || !$this->groupManager->isAdmin($user->getUID())) {
-				return new JSONResponse(['error' => 'Access denied'], Http::STATUS_FORBIDDEN);
+				return new JSONResponse(['error' => 'Access denied'], Http::STATUS_BAD_REQUEST);
 			}
 
 			$userConfig = $this->settingsService->generateSettingsConfig($type);
@@ -990,9 +990,14 @@ private function getWopiUrlForTemplate(Wopi $wopi): string {
 		$nextcloudUrl = $this->appConfig->getNextcloudUrl() ?: trim($this->urlGenerator->getAbsoluteURL(''), '/');
 		return $nextcloudUrl . '/index.php/apps/richdocuments/wopi/template/' . $wopi->getTemplateId() . '?access_token=' . $wopi->getToken();
 	}
+	private function generateSettingToken(Wopi $wopi): string {
+		$userId = $wopi->getEditorUid();
+		$res = $this->settingsService->generateIframeToken('user', $userId);
+		return $res['token'];
+	}
 	// todo extract nextcloud url from everything
 	private function generateUserSettingsUri(Wopi $wopi): string {
 		$nextcloudUrl = $this->appConfig->getNextcloudUrl() ?: trim($this->urlGenerator->getAbsoluteURL(''), '/');
-		return $nextcloudUrl . '/index.php/apps/richdocuments/wopi/settings' . '?type=userconfig' . '&access_token=' . $wopi->getToken() . '&fileId=' . '-1';
+		return $nextcloudUrl . '/index.php/apps/richdocuments/wopi/settings' . '?type=userconfig' . '&access_token=' . $this->generateSettingToken($wopi) . '&fileId=' . '-1';
 	}
 }

lib/Service/SettingsService.php

@@ -9,6 +9,7 @@
 namespace OCA\Richdocuments\Service;
 
 use OCA\Richdocuments\AppInfo\Application;
+use OCA\Richdocuments\Db\WopiMapper;
 use OCA\Richdocuments\WOPI\SettingsUrl;
 use OCP\Files\IAppData;
 use OCP\Files\NotFoundException;
@@ -17,6 +18,7 @@
 use OCP\Files\SimpleFS\ISimpleFolder;
 use OCP\ICacheFactory;
 use OCP\IConfig;
+use OCP\IGroupManager;
 use OCP\IURLGenerator;
 
 /**
@@ -36,6 +38,9 @@ public function __construct(
 		ICacheFactory $cacheFactory,
 		private IURLGenerator $urlGenerator,
 		private IConfig $config,
+		private CapabilitiesService $capabilitiesService,
+		private WopiMapper $wopiMapper,
+		private IGroupManager $groupManager,
 	) {
 		// Create a distributed cache for caching file lists
 		$this->cache = $cacheFactory->createDistributed(Application::APPNAME);
@@ -114,6 +119,33 @@ public function getCategoryFileList(string $type, string $category): array {
 		}, $files);
 	}
 
+	/**
+	 * Get list of files in a setting category.
+	 *
+	 * @param string $type
+	 * @param string $userId
+	 */
+
+	public function generateIframeToken(string $type, string $userId): array {
+		try {
+			if ($type === 'admin' && !$this->groupManager->isAdmin($userId)) {
+				throw new NotPermittedException('Permission denied');
+			}
+
+			$serverHost = $this->urlGenerator->getAbsoluteURL('/');
+			$version = $this->capabilitiesService->getProductVersion();
+
+			$wopi = $this->wopiMapper->generateUserSettingsToken(-1, $userId, $version, $serverHost);
+
+			return [
+				'token' => $wopi->getToken(),
+				'token_ttl' => $wopi->getExpiry(),
+			];
+		} catch (NotPermittedException $e) {
+			throw $e;
+		}
+	}
+
 	/**
 	 * generate setting config
 	 *