Feat/wopi phase 4

README.md

@@ -1,25 +1,134 @@
 # Office
 
-A template to get started with Nextcloud app development.
+A Nextcloud app that integrates Euro-Office as a WOPI host, providing a full-page
+editor and a document hub. Nextcloud acts as the WOPI host (file storage, token
+authority, lock manager); Euro-Office acts as the WOPI client (rendering, editing).
 
-## Usage
+The overview UI is developed in `feat/euro-office-overview`. This branch adds the
+WOPI backend on top of it. For combined local testing see `feat/overview-and-wopi`.
 
-- To get started easily use the [Appstore App generator](https://apps.nextcloud.com/developer/apps/generate) to
-  dynamically generate an App based on this repository with all the constants prefilled.
-- Alternatively you can use the "Use this template" button on the top of this page to create a new repository based on
-  this repository. Afterwards adjust all the necessary constants like App ID, namespace, descriptions etc.
+---
 
-Once your app is ready follow the [instructions](https://nextcloudappstore.readthedocs.io/en/latest/developer.html) to
-upload it to the Appstore.
+## Features
 
-## Resources
+- **Overview page** — browse, filter, search, and create office documents (see overview branch)
+- **Full-page editor** at `/apps/office/open?fileId=N`
+- **WOPI host implementation** — CheckFileInfo, GetFile, PutFile, Lock/Unlock/RefreshLock
+- **Files app integration** — DEFAULT file action for all MIME types advertised by the editor
+- **Public share support** — guest tokens for link-share access (Phase 3)
+- **Conflict-free close** — editor close returns the user to the overview via `history.back()`
 
-### Documentation for developers:
+---
 
-- General documentation and tutorials: https://nextcloud.com/developer
-- Technical documentation: https://docs.nextcloud.com/server/latest/developer_manual
+## Local development
 
-### Help for developers:
+### Requirements
 
-- Official community chat: https://cloud.nextcloud.com/call/xs25tz5y
-- Official community forum: https://help.nextcloud.com/c/dev/11
+- [nextcloud-docker-dev](https://github.com/juliushaertl/nextcloud-docker-dev)
+- NC ≥ 31
+- Node 24 / npm 11
+- Euro-Office server reachable from the NC container
+
+### 1. Mount the app into the container
+
+Add to `nextcloud-docker-dev/docker-compose.override.yml`:
+
+```yaml
+services:
+  nextcloud:
+    volumes:
+      - /path/to/office:/var/www/html/apps-extra/office
+```
+
+Restart the container after saving.
+
+### 2. Enable the app and disable eurooffice
+
+```bash
+docker exec -u www-data nextcloud-docker-dev-nextcloud-1 \
+  php occ app:enable office
+
+# Disable eurooffice so it does not compete for the DEFAULT file action
+docker exec -u www-data nextcloud-docker-dev-nextcloud-1 \
+  php occ app:disable eurooffice
+```
+
+### 3. Build the frontend
+
+```bash
+npm ci
+npm run build      # one-off build
+npm run watch      # rebuild on file changes
+```
+
+---
+
+## How it works
+
+### WOPI flow
+
+```
+Browser                  NC (WOPI host)                  Euro-Office (WOPI client)
+   |                          |                                   |
+   |  GET /apps/office/open   |                                   |
+   |------------------------->|                                   |
+   |                          | mint WOPI token (TokenManager)    |
+   |                          | build editor URL with wopisrc     |
+   |   editor iframe / page   |                                   |
+   |<-------------------------|                                   |
+   |                          |  GET /wopi/files/{id}?token=...  |
+   |                          |<----------------------------------|
+   |                          |  CheckFileInfo response           |
+   |                          |---------------------------------->|
+   |                          |  GET /wopi/files/{id}/contents   |
+   |                          |<----------------------------------|
+   |                          |  file bytes                       |
+   |                          |---------------------------------->|
+   |   ← editing session →    |                                   |
+   |                          |  POST /wopi/files/{id}/contents  |
+   |                          |<----------------------------------|
+   |                          |  204 No Content                   |
+   |                          |---------------------------------->|
+```
+
+### Key classes
+
+| Class | Responsibility |
+|---|---|
+| `EditorController` | Renders editor page; mints WOPI token; builds editor URL from discovery XML |
+| `WopiController` | WOPI protocol endpoint — handles all `/wopi/files/` requests |
+| `TokenManager` | Creates and validates WOPI tokens; manages token TTL and guest vs user access |
+| `DiscoveryService` | Fetches and caches the editor's discovery XML; resolves MIME → action URL |
+| `ShareController` | Issues guest tokens for public share links |
+| `WopiMapper` / `WopiLockMapper` | Persistence for WOPI tokens and file locks |
+| `CleanupJob` | Background job — expires stale locks and tokens |
+
+---
+
+## Public share support (Phase 3)
+
+Share link visitors (`/s/{token}`) receive a guest WOPI token via `ShareController`.
+File access, locking, and `CheckFileInfo` flags (`HideExportOption`, `DisablePrint`,
+`UserCanWrite`, etc.) are all derived from the share's permissions and `hide_download`
+flag at token-issue time.
+
+**Known gaps** — see `PHASE3_DECISIONS.md` for full context:
+
+- **KG1** — Password-protected shares: no redirect to `/s/{token}` password page yet.
+  Users must authenticate at `/s/{token}` before navigating to the editor.
+- **KG2** — Authenticated users through share links receive guest tokens.
+  Full user-token path deferred to Phase 4.
+- **KG3** — Federated/remote shares not tested.
+
+---
+
+## Architecture notes
+
+The WOPI token row (`oc_office_wopi`) is the authority for per-session flags
+(`canwrite`, `hideDownload`, `ownerUid`). Flags are stamped at token-generation
+time and not re-read on subsequent WOPI requests — this avoids a per-request
+`IShareManager` lookup on every CheckFileInfo heartbeat, matching the richdocuments
+pattern. Trade-off: share revocation mid-session is not enforced within the token TTL
+(10 h).
+
+Design decisions for Phase 3 are recorded in `PHASE3_DECISIONS.md`.

appinfo/info.xml

@@ -12,8 +12,14 @@
 	<category>office</category>
 	<bugs>https://github.com/nextcloud/office</bugs>
 	<dependencies>
-		<nextcloud min-version="31" max-version="32"/>
+		<nextcloud min-version="31" max-version="35"/>
 	</dependencies>
+	<background-jobs>
+		<job>OCA\Office\BackgroundJob\CleanupJob</job>
+	</background-jobs>
+	<settings>
+		<admin>OCA\Office\Settings\Admin</admin>
+	</settings>
 	<navigations>
 		<navigation>
 			<id>office</id>

lib/AppInfo/Application.php

@@ -4,10 +4,12 @@
 
 namespace OCA\Office\AppInfo;
 
+use OCA\Office\Listener\LoadAdditionalScriptsListener;
 use OCP\AppFramework\App;
 use OCP\AppFramework\Bootstrap\IBootContext;
 use OCP\AppFramework\Bootstrap\IBootstrap;
 use OCP\AppFramework\Bootstrap\IRegistrationContext;
+use OCP\Collaboration\Resources\LoadAdditionalScriptsEvent;
 
 class Application extends App implements IBootstrap {
 	public const APP_ID = 'office';
@@ -18,6 +20,7 @@ public function __construct() {
 	}
 
 	public function register(IRegistrationContext $context): void {
+		$context->registerEventListener(LoadAdditionalScriptsEvent::class, LoadAdditionalScriptsListener::class);
 	}
 
 	public function boot(IBootContext $context): void {

lib/BackgroundJob/CleanupJob.php

@@ -0,0 +1,40 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Office\BackgroundJob;
+
+use OCA\Office\Db\WopiLockMapper;
+use OCA\Office\Db\WopiMapper;
+use OCP\AppFramework\Utility\ITimeFactory;
+use OCP\BackgroundJob\TimedJob;
+
+class CleanupJob extends TimedJob {
+	private const BATCH_SIZE = 500;
+
+	public function __construct(
+		ITimeFactory $time,
+		private WopiMapper $wopiMapper,
+		private WopiLockMapper $wopiLockMapper,
+	) {
+		parent::__construct($time);
+		$this->setInterval(3600); // run hourly
+	}
+
+	protected function run(mixed $argument): void {
+		$tokenIds = $this->wopiMapper->getExpiredTokenIds(self::BATCH_SIZE);
+		if (!empty($tokenIds)) {
+			$this->wopiMapper->deleteByIds($tokenIds);
+		}
+
+		$lockIds = $this->wopiLockMapper->getExpiredLockIds(self::BATCH_SIZE);
+		if (!empty($lockIds)) {
+			$this->wopiLockMapper->deleteByIds($lockIds);
+		}
+	}
+}

lib/Controller/EditorController.php

@@ -0,0 +1,96 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Office\Controller;
+
+use OCA\Office\AppInfo\Application;
+use OCA\Office\Service\DiscoveryService;
+use OCA\Office\TokenManager;
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\FrontpageRoute;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
+use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
+use OCP\AppFramework\Http\JSONResponse;
+use OCP\AppFramework\Http\TemplateResponse;
+use OCP\Files\File;
+use OCP\Files\IRootFolder;
+use OCP\Files\NotFoundException;
+use OCP\Files\NotPermittedException;
+use OCP\IRequest;
+use OCP\IURLGenerator;
+use Psr\Log\LoggerInterface;
+
+class EditorController extends Controller {
+	public function __construct(
+		string $appName,
+		IRequest $request,
+		private IRootFolder $rootFolder,
+		private TokenManager $tokenManager,
+		private DiscoveryService $discoveryService,
+		private IURLGenerator $urlGenerator,
+		private LoggerInterface $logger,
+		private ?string $userId,
+	) {
+		parent::__construct($appName, $request);
+	}
+
+	/**
+	 * Open a file in the WOPI editor.
+	 *
+	 * Returns an HTML page that embeds the editor in a full-screen iframe.
+	 */
+	#[NoAdminRequired]
+	#[NoCSRFRequired]
+	#[FrontpageRoute(verb: 'GET', url: '/open')]
+	public function open(int $fileId): TemplateResponse|JSONResponse {
+		try {
+			$userFolder = $this->rootFolder->getUserFolder((string)$this->userId);
+			$file = $userFolder->getFirstNodeById($fileId);
+
+			if (!$file instanceof File) {
+				return new JSONResponse(['error' => 'File not found'], \OCP\AppFramework\Http::STATUS_NOT_FOUND);
+			}
+
+			$extension = pathinfo($file->getName(), PATHINFO_EXTENSION);
+			$urlsrc = $this->discoveryService->getUrlSrc($extension, 'edit')
+				?? $this->discoveryService->getUrlSrc($extension, 'view');
+
+			if ($urlsrc === null) {
+				return new JSONResponse(
+					['error' => 'File type not supported by the editor'],
+					\OCP\AppFramework\Http::STATUS_UNSUPPORTED_MEDIA_TYPE
+				);
+			}
+
+			$wopi = $this->tokenManager->generateToken($fileId);
+
+			$wopiSrc = $this->urlGenerator->linkToRouteAbsolute(
+				'office.wopi.checkFileInfo',
+				['fileId' => $fileId]
+			);
+
+			$editorUrl = $this->discoveryService->buildEditorUrl($urlsrc, $wopiSrc, $wopi->getToken());
+
+		} catch (NotFoundException|NotPermittedException $e) {
+			$this->logger->warning($e->getMessage(), ['exception' => $e]);
+			return new JSONResponse(['error' => 'File not accessible'], \OCP\AppFramework\Http::STATUS_FORBIDDEN);
+		} catch (\Throwable $e) {
+			$this->logger->error($e->getMessage(), ['exception' => $e]);
+			return new JSONResponse(['error' => 'Internal error'], \OCP\AppFramework\Http::STATUS_INTERNAL_SERVER_ERROR);
+		}
+
+		$response = new TemplateResponse(Application::APP_ID, 'editor', [], 'base');
+		$response->setParams([
+			'editorUrl' => $editorUrl,
+			'postMessageOrigin' => $wopi->getServerHost(),
+			'fileName' => $file->getName(),
+		]);
+		return $response;
+	}
+}

lib/Controller/SettingsController.php

@@ -0,0 +1,65 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Office\Controller;
+
+use OCA\Office\AppInfo\Application;
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\ApiRoute;
+use OCP\AppFramework\Http\Attribute\AuthorizedAdminSetting;
+use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
+use OCP\AppFramework\Http\DataResponse;
+use OCP\IAppConfig;
+use OCP\IRequest;
+
+class SettingsController extends Controller {
+	public function __construct(
+		string $appName,
+		IRequest $request,
+		private IAppConfig $appConfig,
+	) {
+		parent::__construct($appName, $request);
+	}
+
+	/**
+	 * Return the current admin settings.
+	 */
+	#[AuthorizedAdminSetting(settings: \OCA\Office\Settings\Admin::class)]
+	#[NoCSRFRequired]
+	#[ApiRoute(verb: 'GET', url: '/settings/admin')]
+	public function getAdmin(): DataResponse {
+		return new DataResponse([
+			'wopi_url' => $this->appConfig->getValueString(Application::APP_ID, 'wopi_url', ''),
+			'disable_certificate_verification' => $this->appConfig->getValueString(Application::APP_ID, 'disable_certificate_verification', 'no'),
+		]);
+	}
+
+	/**
+	 * Persist admin settings.
+	 */
+	#[AuthorizedAdminSetting(settings: \OCA\Office\Settings\Admin::class)]
+	#[ApiRoute(verb: 'POST', url: '/settings/admin')]
+	public function setAdmin(string $wopi_url, string $disable_certificate_verification = 'no'): DataResponse {
+		if ($wopi_url !== '') {
+			$parsed = parse_url($wopi_url);
+			if ($parsed === false || !in_array($parsed['scheme'] ?? '', ['http', 'https'], true)) {
+				return new DataResponse(['error' => 'wopi_url must use the http or https scheme'], Http::STATUS_BAD_REQUEST);
+			}
+			if (isset($parsed['user']) || isset($parsed['pass'])) {
+				return new DataResponse(['error' => 'wopi_url must not contain credentials'], Http::STATUS_BAD_REQUEST);
+			}
+		}
+
+		$this->appConfig->setValueString(Application::APP_ID, 'wopi_url', rtrim($wopi_url, '/'));
+		$this->appConfig->setValueString(Application::APP_ID, 'disable_certificate_verification', $disable_certificate_verification === 'yes' ? 'yes' : 'no');
+
+		return new DataResponse([]);
+	}
+}