Add random password generation support for each upload

jfut · jfut · commit d189db2bda8e · 2019-06-03T01:20:55.000+09:00
The generated password is printed at the beginning of the message body. Also, if it disable the random password option, the fixed password is printed at the beginning of the message body. Fixes: #54 Signed-off-by: Jun Futagawa <jfut@integ.jp>
diff --git a/src/chrome/content/settings.js b/src/chrome/content/settings.js
@@ -28,7 +28,7 @@
  *     string, value: *}, port: {type: string, value: (string|string|string|Number)},
  *     storageFolder: {type: string, value: (string|string|string|Number)}, username: {type:
  *     string, value: (string|string|string|Number)}, protectUploads: {type: string, value:
- *     (string|string|string|Number)}}}
+ *     (string|string|string|Number), useRandomPassword: {type: bool, value: bool}}}
  */
 function extraArgs () {
 	let displayName = document.getElementById("displayName").value;
@@ -37,6 +37,7 @@ function extraArgs () {
 	let storageFolderValue = document.getElementById("storageFolder").value;
 	let userValue = document.getElementById("username").value;
 	let protectUploadsValue = document.getElementById("protectUploads").value;
+	let useRandomPasswordValue = document.getElementById("useRandomPassword").checked;
 
 	return {
 		"displayName": {
@@ -62,6 +63,19 @@ function extraArgs () {
 		"protectUploads": {
 			type: "char",
 			value: protectUploadsValue
+		},
+		"useRandomPassword": {
+			type: "bool",
+			value: useRandomPasswordValue
 		}
 	};
 }
+
+function onUseRandomPasswordClick () {
+	let useRandomPassword = document.getElementById("useRandomPassword").checked;
+	if (useRandomPassword) {
+		document.getElementById("protectUploads").disabled = "disabled";
+	} else {
+		document.getElementById("protectUploads").disabled = "";
+	}
+}
diff --git a/src/chrome/content/settings.xhtml b/src/chrome/content/settings.xhtml
@@ -50,6 +50,9 @@
 	<input id="storageFolder" type="text" required="true" value="/Mail-attachments"/>
 	<label for="protectUploads">&nextcloudSettings.protectUploads;</label>
 	<input id="protectUploads" type="password" value=""/>
+	<label for="useRandomPassword">
+		<input id="useRandomPassword" type="checkbox" style="display: inline-block; width: auto;" onclick="onUseRandomPasswordClick();"/>&nextcloudSettings.useRandomPassword;
+	</label>
 </form>
 <div id="learn-more">
 	<a href="https://nextcloud.com/">&nextcloudSettings.learnMore;</a>
diff --git a/src/chrome/locale/de/settings.dtd b/src/chrome/locale/de/settings.dtd
@@ -30,3 +30,4 @@
 		<!ENTITY nextcloudSettings.username "Benutzername">
 		<!ENTITY nextcloudSettings.password "Passwort">
 		<!ENTITY nextcloudSettings.protectUploads "Passwort für hochgeladene Dateien">
+		<!ENTITY nextcloudSettings.useRandomPassword "Verwenden Sie für jeden Upload ein zufälliges Passwort">
diff --git a/src/chrome/locale/en/settings.dtd b/src/chrome/locale/en/settings.dtd
@@ -30,3 +30,4 @@
 		<!ENTITY nextcloudSettings.username "Username">
 		<!ENTITY nextcloudSettings.password "Password">
 		<!ENTITY nextcloudSettings.protectUploads "Password for uploaded files">
+		<!ENTITY nextcloudSettings.useRandomPassword "Use random password for each upload">
diff --git a/src/chrome/locale/es/settings.dtd b/src/chrome/locale/es/settings.dtd
@@ -30,3 +30,4 @@
 <!ENTITY nextcloudSettings.username "Nombre de usuario">
 <!ENTITY nextcloudSettings.password "Contraseña">
 <!ENTITY nextcloudSettings.protectUploads "Contraseña para archivos cargados">
+<!ENTITY nextcloudSettings.useRandomPassword "Utilice una contraseña aleatoria para cada carga">
diff --git a/src/chrome/locale/fr/settings.dtd b/src/chrome/locale/fr/settings.dtd
@@ -30,3 +30,4 @@
 		<!ENTITY nextcloudSettings.username "Nom d'utilisateur">
 		<!ENTITY nextcloudSettings.password "Mot de passe">
 		<!ENTITY nextcloudSettings.protectUploads "Mot de passe pour fichiers téléversés">
+		<!ENTITY nextcloudSettings.useRandomPassword "Utilisez un mot de passe aléatoire pour chaque téléchargement">
diff --git a/src/chrome/locale/nl/settings.dtd b/src/chrome/locale/nl/settings.dtd
@@ -30,3 +30,4 @@
 		<!ENTITY nextcloudSettings.username "Gebruikersnaam">
 		<!ENTITY nextcloudSettings.password "Wachtwoord">
 		<!ENTITY nextcloudSettings.protectUploads "Wachtwoord voor geüploade bestanden">
+		<!ENTITY nextcloudSettings.useRandomPassword "Gebruik een willekeurig wachtwoord voor elke upload">
diff --git a/src/chrome/locale/pl/settings.dtd b/src/chrome/locale/pl/settings.dtd
@@ -30,3 +30,4 @@
 		<!ENTITY nextcloudSettings.username "Twoja nazwa użytkownika">
 		<!ENTITY nextcloudSettings.password "Twoje hasło">
 		<!ENTITY nextcloudSettings.protectUploads "Hasło dostępu do wgranych załączników">
+		<!ENTITY nextcloudSettings.useRandomPassword "Użyj losowego hasła do każdego przesyłania">
diff --git a/src/components/nsNextcloud.js b/src/components/nsNextcloud.js
@@ -114,6 +114,7 @@ Nextcloud.prototype = {
 	_userName: "",
 	_password: "",
 	_protectUploads: "",
+	_useRandomPassword: false,
 	_prefBranch: null,
 	_loggedIn: false,
 	_authToken: "",
@@ -133,6 +134,7 @@ Nextcloud.prototype = {
 	_uploads: [],
 	_urlsForFiles: {},
 	_uploadInfo: {}, // upload info keyed on aFiles.
+	_messageWindow: null,
 
 	/**
 	 * Initialize this instance of Nextcloud, setting the accountKey.
@@ -168,6 +170,14 @@ Nextcloud.prototype = {
 		if (this._prefBranch.prefHasUserValue("protectUploads")) {
 			this._protectUploads = this._prefBranch.getCharPref("protectUploads");
 		}
+
+		if (this._prefBranch.prefHasUserValue("useRandomPassword")) {
+			this._useRandomPassword = this._prefBranch.getBoolPref("useRandomPassword");
+		}
+
+		let windowMediator = Components.classes["@mozilla.org/appshell/window-mediator;1"]
+			.getService(Components.interfaces.nsIWindowMediator);
+		this._messageWindow = windowMediator.getMostRecentWindow("msgcompose");
 	},
 
 	/**
@@ -237,6 +247,32 @@ Nextcloud.prototype = {
 	 * @param aFile the nsILocalFile to retrieve the URL for
 	 */
 	urlForFile: function nsNc_urlForFile (aFile) {
+		if (this._uploadInfo["downloadPassword"] == null) {
+			return this._urlsForFiles[aFile.path];
+		}
+
+		// Output download password
+		let document = this._messageWindow.document;
+		let contentFrame = document.getElementById("content-frame");
+		let contentDocument = contentFrame.contentDocument;
+		this.log.debug("Document body: " + contentDocument.body.innerHTML);
+
+		let cloudAttachmentPasswordList = contentDocument.getElementById("cloudAttachmentPasswordList");
+		if (cloudAttachmentPasswordList == null) {
+			// First cloud attachment
+			contentDocument.body.insertAdjacentHTML("afterbegin",
+				'<div id="cloudAttachmentPasswordList"></div>');
+			cloudAttachmentPasswordList = contentDocument.getElementById("cloudAttachmentPasswordList");
+		}
+		cloudAttachmentPasswordList.insertAdjacentHTML("beforeend",
+			'<div class="cloudAttachmentPassword">* Download password for '
+				+ aFile.leafName + ":<br>"
+				+ this._uploadInfo["downloadPassword"] + '</div>');
+
+		if (contentFrame.editortype == "textmail") {
+			// Start a new line before url
+			return "\n" + this._urlsForFiles[aFile.path];
+		}
 		return this._urlsForFiles[aFile.path];
 	},
 
@@ -866,8 +902,15 @@ NextcloudFileUploader.prototype = {
 
 		let formData = "shareType=" + shareType + "&path=" + path;
 		// Request a password for the link if it has been defined during setup time
-		if (this.nextcloud._protectUploads.length) {
-			formData += "&password=" + wwwFormUrlEncode(this.nextcloud._protectUploads);
+		let downloadPassword = this.nextcloud._protectUploads;
+		// Use random password for each upload
+		if (this.nextcloud._useRandomPassword) {
+			downloadPassword = this._generatePassword(16);
+		}
+		if (downloadPassword.length) {
+			this.log.debug("FormData password: " + downloadPassword);
+			this.nextcloud._uploadInfo["downloadPassword"] = downloadPassword;
+			formData += "&password=" + wwwFormUrlEncode(downloadPassword);
 		}
 
 		req.open("POST",
@@ -918,6 +961,48 @@ NextcloudFileUploader.prototype = {
 		}.bind(this);
 		this.log.debug("Raw formData: " + formData);
 		req.send(formData);
+	},
+
+	/**
+	 * A private function which generates a password.
+	 *
+	 * On Nextcloud, most strict password policy require:
+	 * - Enforce upper and lower case characters
+	 * - Enforce numeric characters
+	 * - Enforce special characters
+	 *
+	 * @param length password length
+	 * @private
+	 */
+	_generatePassword: function generatePassword(length) {
+		const lower = "abcdefghijklmnopqrstuvwxyz";
+		const upper = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+		const numeric = "0123456789"
+		// Excludes characters that fail to output if continuous: <>
+		const special = "!\"#$%&'()*+,-./:;=?@[\\]^_`{|}~";
+		const seed = lower + upper + numeric + special;
+
+		const lowerRegex = new RegExp("[" + lower + "]");
+		const upperRegex = new RegExp("[" + upper + "]");
+		const numericRegex = new RegExp("[" + numeric + "]");
+		const specialRegex = new RegExp("[" + special + "]");
+
+		let limit = 100000;
+		let i = 0;
+		let password = "";
+		while (i < limit) {
+			i++;
+			password = Array.from(Array(length)).map(() => seed[Math.floor(Math.random() * seed.length)]).join("");
+
+			if (!lowerRegex.test(password)) continue;
+			if (!upperRegex.test(password)) continue;
+			if (!numericRegex.test(password)) continue;
+			if (!specialRegex.test(password)) continue;
+
+			break;
+		}
+		this.log.debug("Generated password: " + i + ": " + password);
+		return password;
 	}
 };
 
