Added toggle button/menu entry for enable/disable accessibility support.
This ui feature is available for Online Writer only.
The button/menu entry is added only when accessibility is enabled at
server level.
That allows to enable/disable accessibility per view.
By default, the accessibility support is disabled.
Anyway the accessibility support state is saved to local storage
if available.
Signed-off-by: Marco Cecchetti <marco.cecchetti@collabora.com>
Change-Id: If5968a47f17922038b9da3d320cbed84ebb7688b
UnitBase::isUnitTesting() and UnitWSD::isUnitTesting() to avoid
calling methods that crash on mobile.
Signed-off-by: Patrick Luby <plubius@neooffice.org>
Change-Id: Ie6bc2d238ac9e475b02ceef5809c55acc129dd52
Still needed to add a bunch of #if !MOBILAPP to disable all of the
Online server's unit testing classes so that the iOS app won't crash
when opening a document.
TODO: the iOS app will not accept text input at all. Is some code
unexpectedly consuming message data sent over the mobile fake socket?
Signed-off-by: Patrick Luby <plubius@neooffice.org>
Change-Id: Ie874ee8e452188a7b4cdf6d5f87708e5ed9b0235
A new section about accessibility has been appended to coolwsd.xml
config file
Signed-off-by: Marco Cecchetti <marco.cecchetti@collabora.com>
Change-Id: I086abdf73646639283eb655ae60f200fb64e495a
it will be used to store user data which shouldn't
be shared between views
Signed-off-by: Szymon Kłos <szymon.klos@collabora.com>
Change-Id: I58b7f22e4364ce9e07bb6cc74e8431363912a872
We need to differentiate between a document
that cannot be edited (due to permissions)
and Storage being read-only.
The distinction isn't always important,
except when readonly is set either by
the client side permissions, or is due
to opening a view-only document (such as
a PDF). Since for a view-only document,
adding and editing comments might be
allowed, while the document is read-only
and cannot be otherwise edited, we
still need to upload it to storage.
This is to preserve the changes done
to comments.
Since we need to differentiate between
read-only Storage vs the above cases,
we use a new flag in Session: isWritable.
Change-Id: I028e7908db7f0f10e5407a45c71d89aaab858390
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This helper is only true if editing of the document
is enabled and not whether or not the document is
writable in storage. Since it unifies isReadOnly
and isAllowChangeComments, which are in Session,
there is no advantage in having it in ClientSession.
It is now renamed to isEditable in Session.
Change-Id: Ib923b6162a8075be145049bc1442c42479c8ce4b
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This adds dumpState to DocumentState, SaveManager,
and StorageManager classes, and dumps all the
missing members.
Also, normalize the format and make it symmetric
and consistent.
Change-Id: Ie0cc8e07d13de60c33d64cd621abf4e815a4ef94
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Makes unit-rendering-options fail reliably.
This reverts commit 175c9c5b2a.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: Id05c911991baaae0dbc52678a192fc01639352e0
By passing a traceevent=yes query parameter in the URL. Note that if
Trace Event generation is not enabled in loolwsd.xml this will have no
effect.
It is a bit silly to notice this query parameter only in loleaflet and
then send the information back to the server. Would be better if the
server noticed it itself before sending the URL to loleaflet.
While at it, let's not bother ever enabling Trace Event generation in
the WSD process. That is not what we are interested in.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I985bfd1e2dbd14aa5a55b386b4762fb64bcb4008
"Specifies whether the macro execution is enabled in
general. This will disable Basic, Beanshell, Javascript
and Python scripts. If it is set to false, the
macro_security_level is ignored. If it is set to true,
the mentioned entry specified the level of macro security".
Change-Id: I4bc5b690268a93994d17e2b02b7b60b6398646b7
Signed-off-by: Henry Castro <hcastro@collabora.com>
size_t in C and in C++ are not necessarily the same
type. The C++ size_t is in the std namespace. Since
we do include many C headers, and indeed some C++
runtime headers do define size_t for backwards
compatibility, it's easy to mix and match the two
types.
Also, 'using std::size_t;' isn't a great practice,
so removed.
This is not exhaustive, just some low-hanging cases.
Change-Id: I85a36b6fd1acd204274b1869de9bcb94c8b3cf13
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This adds a "view_comment" in addition to "view" and "edit" state
into discovery.xml. In case it is enabled, the filters let the
comment commands through to core.
In addition add "Save Comment" menu action to allow saving the
comments, which is enabled when in "read-only" with "view_comment"
mode.
Change-Id: I3ab3dbee93ee2167ae96adea7025fc0b385f8201
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/99473
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>
loolmount now works and supports mounting and
unmounting, plus numerous improvements,
refactoring, logging, etc.. When enabled,
binding improves the jail setup time by anywhere
from 2x to orders of magnitude (in docker, f.e.).
A new config entry mount_jail_tree controls
whether mounting is used or the old method of
linking/copying of jail contents. It is set to
true by default and falls back to linking/copying.
A test mount is done when the setting is enabled,
and if mounting fails, it's disabled to avoid noise.
Temporarily disabled for unit-tests until we can
cleanup lingering mounts after Jenkins aborts our
build job. In a future patch we will have mount/jail
cleanup as part of make.
The network/system files in /etc that need frequent
refreshing are now updated in systemplate to make
their most recent version available in the jails.
These files can change during the course of loolwsd
lifetime, and are unlikely to be updated in
systemplate after installation at all. We link to
them in the systemplate/etc directory, and if that
fails, we copy them before forking each kit
instance to have the latest.
This reworks the approach used to bind-mount the
jails and the templates such that the total is
now down to only three mounts: systemplate, lo, tmp.
As now systemplate and lotemplate are shared, they
must be mounted as readonly, this means that user/
must now be moved into tmp/user/ which is writable.
The mount-points must be recursive, because we mount
lo/ within the mount-point of systemplate (which is
the root of the jail). But because we (re)bind
recursively, and because both systemplate and
lotemplate are mounted for each jails, we need to
make them unbindable, so they wouldn't multiply the
mount-points for each jails (an explosive growth!)
Contrarywise, we don't want the mount-points to
be shared, because we don't expect to add/remove
mounts after a jail is created.
The random temp directory is now created and set
correctly, plus many logging and other improvements.
Change-Id: Iae3fda5e876cf47d2cae6669a87b5b826a8748df
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92829
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
StringVector is heavily used for tokenization
and benefits from inlining of small functions.
Also, cat doesn't need to be slower than necessary.
Change-Id: I4ab2ff1b1f1a81092049d2cde64b6df10b34b5f7
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/95287
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Jenkins
More readable and typically more efficient.
Change-Id: I9bd5bfc91f4ac255bb8ae0987708fb8b56b398f8
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/95285
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
This patch allows the lok core to know about the device form facor of
the client requesting the creation of a new view, immediately instead
of a later time.
When a request for a new view is sent a 'deviceFormFactor' parameter
is appended to the message.
This parameter can have one of the following values: 'desktop',
'tablet','mobile' and is forwarded to the lok core.
Change-Id: I21739ddb8c43c960164b3c625e4cf0a80f4616a4
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92691
Tested-by: Marco Cecchetti <marco.cecchetti@collabora.com>
Reviewed-by: Marco Cecchetti <marco.cecchetti@collabora.com>
The switch away from LOOLWebSocket and the use of a websocket
for talking to forkit removes the need for the pipe code.
Change-Id: Ifb0c6c88681289e7a1709d9bc3281532935c7be4
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92033
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
This sometimes causes unit-integration to fail and now is consistent
with other member functions of Session that handle missing protocol.
Change-Id: I43c7fcae964cfcb5911ff57d63bd4cb569e6b97c
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/90732
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
It took both an std::string and a length. Take a char* and a length
instead.
Change-Id: Id37dfa67fe1baae09b69819680848a0a8a1d80ed
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/90552
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Essentially we want to be able to separate low-level socket code
for eg. TCP vs. UDS, from Protocol handling: eg. WebSocketHandler
and client sessions themselves which handle and send messages
which now implement the simple MessageHandlerInterface.
Some helpful renaming too:
s/SocketHandlerInterface/ProtocolHandlerInterface/
Change-Id: I58092b5e0b5792fda47498fb2c875851eada461d
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/90138
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
WebSocketHandler handles this complexity for us now, and for the
forseeable future. Simplify to prepare for larger re-factor.
Change-Id: I73b919885adc358cb6502a13492cdac85c34459c
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/90059
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
This is meant to reduce lots of small allocations and instead have
pointers into the single string for the various tokens instead.
This has a few requirements, though:
1) It's no longer OK to modify the tokens, changing their length would
invalidate the start/length of other tokens. Rework
DocumentBroker::load() to avoid such mutation.
2) The iterators no longer expose zero-terminated strings, so
Poco::cat() doesn't work anymore: add an own cat() instead and use that
in e.g. ChildSession. The own cat() has the benefit that it won't read
past the end of the array if the begin index is out of bounds to add
more safety.
(This nicely works towards killing Poco usage in general.)
3) If zero-terminated strings for all individual tokens is needed, a
copy has to be made, as done in spawnProcess().
(For all of these requirements, the build fails if there are problems.)
Change-Id: Iea40e4400e630b2d669f5c72aea85cb40edf9a2c
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89711
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
The bulk of this commit just changes std::vector<std::string> to
StringVector when we deal with tokens from a websocket message.
The less boring part of it is the new StringVector class, which is a
wrapper around std::vector<std::string>, and provides the same API,
except that operator[] returns a string, not a string&, and this allows
returning an empty string in case that prevents reading past the end of
the underlying array.
This means in case client code forgets to check size() before invoking
operator[], we don't crash. (See the ~3 previous commits which fixed
such crashes.)
Later the ctor could be changed to take a single underlying string to
avoid lots of tiny allocations, that's not yet done in this commit.
Change-Id: I8a6082143a8ac0b65824f574b32104d7889c184f
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89687
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
- target ClientSession::_handleInput(), since crashing there would bring
down the whole loolwsd (not just a kit process), and it deals with
input from untrusted users (browsers)
- add a --enable-fuzzers configure switch to build with
-fsanitize=fuzzer (compared to normal sanitizers build, this is the only
special flag needed)
- configuring other sanitizers is not done automatically, either use
--with-sanitizer=... or the environment variables from LODE's sanitizer
config
- run the actual fuzzer like this:
./clientsession_fuzzer -max_len=16384 fuzzer/data/
- note that at least openSUSE Leap 15.1 sadly ships with a clang with
libfuzzer static libs removed from the package, so you need a
self-built clang to run the fuzzer (either manual build or one from
LODE)
- <https://chromium.googlesource.com/chromium/src/testing/libfuzzer/+/refs/heads/master/efficient_fuzzing.md#execution-speed>
suggests that "You should aim for at least 1,000 exec/s from your fuzz
target locally" (i.e. one run should not take more than 1 ms), so try
this minimal approach first. The alternative would be to start from the
existing loolwsd_fuzzer binary, then step by step cut it down to not
fork(), not do any network traffic, etc -- till it's fast enough that
the fuzzer can find interesting input
- the various configurations start to be really complex (the matrix is
just very large), so try to use Util::isFuzzing() for fuzzer-specific
changes (this is what core.git does as well), and only resort to ifdefs
for the Util::isFuzzing() itself
Change-Id: I72dc1193b34c93eacb5d8e39cef42387d42bd72f
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89226
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Use a fully reliable uniqueness check, rather than a hash, and get
simpler ids as a bonus. Fetch view data from the session itself
rather than passing it in too.
Change-Id: Ibcd625156b5a98eb280e35d6537b5c8c026d0197
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/86150
Reviewed-by: Mert Tümer <mert.tumer@collabora.com>
Tested-by: Mert Tümer <mert.tumer@collabora.com>
Particularly those used on Android...
Change-Id: I47bf9692f5e99ba30140d698558472201168a198
Reviewed-on: https://gerrit.libreoffice.org/82302
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
Tested-by: Jan Holesovsky <kendy@collabora.com>
Michael Meeks
Caolán McNamara
Marco Cecchetti
Patrick Luby
Ashod Nakashian
Szymon Kłos
Pranam Lashkari
Andras Timar
Tor Lillqvist
Henry Castro
mert
Tomaž Vajngerl
Miklos Vajna
Jan Holesovsky
Miklos Vajna