feat(collaboration): add UserExtraInfo with avatar and mail to CheckFileInfo#2560
Conversation
|
pedropintosilva
force-pushed
the
feat/add-userextrainfo-to-checkfileinfo
branch
from
9bff898 to
454dfdc
Compare
|
I cannot see what are the specific complains from SonarCloud , I'm not part of the org so, I get some error when attempting to open it in my SonarCloud account. |
Yeah, that is really inconvenient. I took a quick look into the complaints and they all where about to much "Cognitive Complexity" (i.e. too deeply nested if/switch statements). SonarCloud is probably right about that, but I've "accepted" those warning for now, since it isn't your changes that introduced the complexity. Btw, I think you should see the warnings in the annotations here: https://github.com/opencloud-eu/opencloud/pull/2560/changes (I can see them there at least) Thanks for you contributions, I like it. We still need to take a deeper look into the changes before we can merge them. |
|
@pedropintosilva I think we need to change the implementation a bit. You are making the avatar GET Api call an unprotected == public route. That is not possible. We should implement a dedicated endpoint in the Collaboration service which is authenticated by the WOPI token. Does Collabora have the possibility to send the WOPI token to the download endpoint? |
Agreed :)
You are correct, I was a bit unsure if that's ok (that's why I left that note in the commit message) but at the end I thought would be ok, as anyhow even guests benefit from seeing who they are collaborating with.
Hm I don't think we have we just set the img.src directly: https://github.com/CollaboraOnline/online/blob/main/browser/src/app/LOUtil.ts#L351 but you are right we already have that /wopi/templates/ case so, it would be elegant to have also /wopi/avatars/ and we would still receive the url that we need. |
…ileInfo Add UserExtraInfo (avatar + mail) to the WOPI CheckFileInfo response for authenticated, non-public-share users. UserExtraInfo format (per Collabora SDK): https://sdk.collaboraonline.com/docs/advanced_integration.html#userextrainfo ```json { "avatar": "http://url/to/user/avatar", "mail": "user@server.com" } ``` After this change, CheckFileInfo returns: ```json { "BaseFileName": "Pedro-filled-hazcom.docx", "UserFriendlyName": "Admin", "UserId": "346364...39323030", "UserCanWrite": true, "UserCanRename": true, "IsAdminUser": true, "EnableInsertRemoteImage": true, "EnableInsertRemoteFile": true, "EnableOwnerTermination": true, "UserExtraInfo": { "avatar": "https://host:9300/wopi/avatars/{userID}?access_token={wopiToken}", "mail": "admin@example.org" }, "PostMessageOrigin": "https://localhost:9200", "message": "CheckFileInfo: success" } ``` Avatars are served via a new /wopi/avatars/{userID} endpoint on the collaboration service, authenticated by the WOPI token. The endpoint calls the Graph service directly (bypassing the proxy) using the reva access token via x-access-token header. All tests pass: go test ./services/collaboration/... ./services/graph/... ./services/proxy/... Signed-off-by: Pedro Pinto Silva <pedro.silva@collabora.com>
pedropintosilva
force-pushed
the
feat/add-userextrainfo-to-checkfileinfo
branch
from
454dfdc to
864e200
Compare
|
@pedropintosilva Is there a special Collabora version needed? I have tried this change with collabora/code:25.04.9.4.1 but it doesn't pick up the avatar url. |
Sorry, it is fine. I needed to accept the self signed cert. Now it works. |
|
Where is the email address used? |
micbar
force-pushed
the
feat/add-userextrainfo-to-checkfileinfo
branch
from
1ab82b2 to
35aaf92
Compare
|
right nowhere, Collabora Online never renders mail, it only passes it through to the integrator and OpenCloud's side doesn't consumes /uses the forwarded postMessage. But there are few cases where I think we could leverage in the future that email to improve the UX, examples:
so I think it's nice to have the field there. |
4 participants
feat(collaboration): add UserExtraInfo with avatar and mail to CheckFileInfo
Add UserExtraInfo (avatar + mail) to the WOPI CheckFileInfo response for
authenticated, non-public-share users.
UserExtraInfo format (per Collabora SDK):
https://sdk.collaboraonline.com/docs/advanced_integration.html#userextrainfo
{ "avatar": "http://url/to/user/avatar", "mail": "user@server.com" }After this change, CheckFileInfo returns:
{ "BaseFileName": "Pedro-filled-hazcom.docx", "UserFriendlyName": "Admin", "UserId": "346364...39323030", "UserCanWrite": true, "UserCanRename": true, "IsAdminUser": true, "EnableInsertRemoteImage": true, "EnableInsertRemoteFile": true, "EnableOwnerTermination": true, "UserExtraInfo": { "avatar": "https://host:9300/wopi/avatars/{userID}?access_token={wopiToken}", "mail": "admin@example.org" }, "PostMessageOrigin": "https://localhost:9200", "message": "CheckFileInfo: success" }Avatars are served via a new /wopi/avatars/{userID} endpoint on the
collaboration service, authenticated by the WOPI token. The endpoint
calls the Graph service directly (bypassing the proxy) using the reva
access token via x-access-token header.
All tests pass:
go test ./services/collaboration/... ./services/graph/... ./services/proxy/...
Signed-off-by: Pedro Pinto Silva pedro.silva@collabora.com