Rootviewer service (#204)

* Add CORS preflight check support in datasvc and preferencessvc

* get filename as a parameter in url instead of in url path

* root viewer iframe service

* datasvc: Check for filename parameter else use url path as filename

cmd/revad/svcs/httpsvcs/datasvc/datasvc.go

@@ -100,6 +100,7 @@ func (s *svc) setHandler() {
 	s.handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		switch r.Method {
 		case "HEAD":
+			addCorsHeader(w)
 			w.WriteHeader(http.StatusOK)
 			return
 		case "GET":
@@ -114,3 +115,10 @@ func (s *svc) setHandler() {
 		}
 	})
 }
+
+func addCorsHeader(res http.ResponseWriter) {
+	headers := res.Header()
+	headers.Set("Access-Control-Allow-Origin", "*")
+	headers.Set("Access-Control-Allow-Headers", "Content-Type, Origin, Authorization")
+	headers.Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS, HEAD")
+}

cmd/revad/svcs/httpsvcs/datasvc/get.go

@@ -30,7 +30,13 @@ import (
 func (s *svc) doGet(w http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
 	log := appctx.GetLogger(ctx)
-	fn := r.URL.Path
+	var fn string
+	files, ok := r.URL.Query()["filename"]
+	if !ok || len(files[0]) < 1 {
+		fn = r.URL.Path
+	} else {
+		fn = files[0]
+	}
 
 	fsfn := strings.TrimPrefix(fn, s.conf.ProviderPath)
 	ref := &storageproviderv0alphapb.Reference{Spec: &storageproviderv0alphapb.Reference_Path{Path: fsfn}}

cmd/revad/svcs/httpsvcs/iframeuisvc/iframeuisvc.go

@@ -20,10 +20,12 @@ package iframeuisvc
 
 import (
 	"net/http"
+	"strings"
 
 	"github.com/cs3org/reva/cmd/revad/httpserver"
 	"github.com/cs3org/reva/cmd/revad/svcs/httpsvcs"
 	"github.com/cs3org/reva/pkg/appctx"
+	"github.com/cs3org/reva/pkg/user"
 	"github.com/mitchellh/mapstructure"
 )
 
@@ -74,32 +76,25 @@ func getHandler() http.Handler {
 }
 
 func doOpen(w http.ResponseWriter, r *http.Request) {
-	log := appctx.GetLogger(r.Context())
-	filename := r.URL.Path
-	html := `
-<!DOCTYPE html>
-<html>
-<head>
-	<meta charset="UTF-8">
-	<meta http-equiv="X-UA-Compatible" content="IE=edge">
-
-	<script src="https://root.cern/js/latest/scripts/JSRootCore.min.js" type="text/javascript"></script>
-
-	<script type="text/javascript">
-		var filename = "http://localhost:9998/data` + filename + `";
-		JSROOT.OpenFile(filename, function(file) {
-			file.ReadObject("c1;1", function(obj) {
-				JSROOT.draw("drawing", obj, "colz");
-			});
-		});
-	</script>
-</head>
-<body>
-<div id="drawing" style="width:800px; height:600px"></div>
-</body>
-</html>
-	`
-	if _, err := w.Write([]byte(html)); err != nil {
-		log.Err(err).Msg("error writing response")
+	ctx := r.Context()
+	log := appctx.GetLogger(ctx)
+
+	u, ok := user.ContextGetUser(ctx)
+	if !ok {
+		log.Error().Msg("error getting user from context")
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	filename := strings.TrimPrefix(r.URL.Path, "/")
+
+	tokens := r.URL.Query()["access_token"]
+	token := tokens[0]
+
+	responseString := `https://root.cern/js/latest/?file=http://localhost:9998/data?filename=/` + u.Username + `/` + filename + `&access_token=` + token
+	_, err := w.Write([]byte(responseString))
+	if err != nil {
+		log.Error().Err(err).Msg("can't write to response")
+		w.WriteHeader(http.StatusInternalServerError)
 	}
 }

cmd/revad/svcs/httpsvcs/preferencessvc/preferencessvc.go

@@ -81,13 +81,25 @@ func (s *svc) setHandler() {
 		case "POST":
 			s.doSet(w, r)
 			return
+		case "OPTIONS":
+			addCorsHeader(w)
+			w.WriteHeader(http.StatusOK)
+			return
 		default:
 			w.WriteHeader(http.StatusNotFound)
 			return
 		}
 	})
 }
 
+func addCorsHeader(res http.ResponseWriter) {
+	headers := res.Header()
+	headers.Set("Access-Control-Allow-Origin", "http://localhost:8300")
+	headers.Set("Access-Control-Allow-Headers", "Content-Type, Origin, Authorization")
+	headers.Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
+	headers.Set("Content-Type", "application/json")
+}
+
 func (s *svc) getConn() (*grpc.ClientConn, error) {
 	if s.conn != nil {
 		return s.conn, nil