From: Stephen Smith Date: Mon, 16 Aug 2021 19:17:28 +0000 (-0400) Subject: 15159: Hide "open in new tab" if unsafe and TrustAllContent is false X-Git-Tag: 2.3.0~5^2~4 X-Git-Url: https://git.arvados.org/arvados-workbench2.git/commitdiff_plain/ed9e3a9e1e1dcdec012ff3b03d0cf1b87c4ffb6b 15159: Hide "open in new tab" if unsafe and TrustAllContent is false Arvados-DCO-1.1-Signed-off-by: Stephen Smith --- diff --git a/src/common/config.ts b/src/common/config.ts index 28d4855b..56f7c488 100644 --- a/src/common/config.ts +++ b/src/common/config.ts @@ -89,7 +89,8 @@ export interface ClusterConfigJSON { Value: string, Protected?: boolean, } - } + }, + TrustAllContent: boolean }; Volumes: { [key: string]: { @@ -271,6 +272,7 @@ export const mockClusterConfigJSON = (config: Partial): Clust }, Collections: { ForwardSlashNameSubstitution: "", + TrustAllContent: false, }, Volumes: {}, ...config diff --git a/src/views-components/context-menu/actions/collection-file-viewer-action.tsx b/src/views-components/context-menu/actions/collection-file-viewer-action.tsx index 27a65018..f736f0bf 100644 --- a/src/views-components/context-menu/actions/collection-file-viewer-action.tsx +++ b/src/views-components/context-menu/actions/collection-file-viewer-action.tsx @@ -7,7 +7,7 @@ import { RootState } from "../../../store/store"; import { FileViewerAction } from 'views-components/context-menu/actions/file-viewer-action'; import { getNodeValue } from "models/tree"; import { ContextMenuKind } from 'views-components/context-menu/context-menu'; -import { getInlineFileUrl, sanitizeToken } from "./helpers"; +import { getInlineFileUrl, sanitizeToken, isInlineFileUrlSafe } from "./helpers"; const mapStateToProps = (state: RootState) => { const { resource } = state.contextMenu; @@ -18,7 +18,12 @@ const mapStateToProps = (state: RootState) => { ContextMenuKind.COLLECTION_DIRECTORY_ITEM, ContextMenuKind.READONLY_COLLECTION_DIRECTORY_ITEM ].indexOf(resource.menuKind as ContextMenuKind) > -1) { const file = getNodeValue(resource.uuid)(state.collectionPanelFiles); - if (file) { + const shouldShowInlineUrl = isInlineFileUrlSafe( + file ? file.url : "", + state.auth.config.keepWebServiceUrl, + state.auth.config.keepWebInlineServiceUrl + ) || state.auth.config.clusterConfig.Collections.TrustAllContent; + if (file && shouldShowInlineUrl) { const fileUrl = sanitizeToken(getInlineFileUrl( file.url, state.auth.config.keepWebServiceUrl, diff --git a/src/views-components/context-menu/actions/helpers.ts b/src/views-components/context-menu/actions/helpers.ts index dfa8d04f..159b1c18 100644 --- a/src/views-components/context-menu/actions/helpers.ts +++ b/src/views-components/context-menu/actions/helpers.ts @@ -43,4 +43,11 @@ export const getInlineFileUrl = (url: string, keepWebSvcUrl: string, keepWebInli inlineUrl = inlineUrl.replace(`/c=${collMatch[1]}`, ''); } return inlineUrl; -}; \ No newline at end of file +}; + +export const isInlineFileUrlSafe = (url: string, keepWebSvcUrl: string, keepWebInlineSvcUrl: string): boolean => { + let inlineUrl = keepWebInlineSvcUrl !== "" + ? url.replace(keepWebSvcUrl, keepWebInlineSvcUrl) + : url; + return inlineUrl.indexOf('*.') > -1; +} diff --git a/tools/arvados_config.yml b/tools/arvados_config.yml index 3fcd6119..369046e6 100644 --- a/tools/arvados_config.yml +++ b/tools/arvados_config.yml @@ -10,7 +10,7 @@ Clusters: CollectionVersioning: true PreserveVersionIfIdle: -1s BlobSigningKey: zfhgfenhffzltr9dixws36j1yhksjoll2grmku38mi7yxd66h5j4q9w4jzanezacp8s6q0ro3hxakfye02152hncy6zml2ed0uc - TrustAllContent: true + TrustAllContent: false ForwardSlashNameSubstitution: / ManagedProperties: original_owner_uuid: {Function: original_owner, Protected: true}