Alfresco Etherpad integration

1 Likes

Commercial Support Available

Details at www.parashift.com.au

About this add-on

This Share plugin enables users to edit HTML documents within Etherpad lite from Alfresco Share. This will create a new Edit in Etherpad action within the document library for HTML documents. This allows multiple users to collaborate in real time and to save back those changes …

Visit github.com

Development Status:

Alpha

Alfresco Version(s)

Description

This Share plugin enables users to edit HTML documents within Etherpad lite from Alfresco Share. This will create a new Edit in Etherpad action within the document library for HTML documents. This allows multiple users to collaborate in real time and to save back those changes to Alfresco.

Tested with Enterprise 4.2.*, but it should work with any new-ish version of Alfresco. Requires Dojo.

image

Installation

  • On somewhere which has the JDK and Gradle installed, run gradle jar from the share directory.
  • Copy etherpad-integration-share.jar from share/build/libs/ into your Share's WEB-INF/lib/ Directory
  • Update your share-config-custom.xml to include two new endpoints, etherpad and etherpad-api. etherpad is for end users and etherpad-api is only for Share to update content from Alfresco and setup pads.
  • Update your share-config-custom.xml to disable CSRF actions for the etherpad endpoint. Copy the entries in share-security-config.xml and prepend the example below.
  • Restart Alfresco Share

Example share-config-custom.xml

This example uses the following:

  • 127.0.0.1 as the host
  • 9001 as the port
  • an API Key of CHANGEME.

To find the API key, check for the file APIKEY.txt on your etherpad instance.

Example Endpoints

<config evaluator="string-compare" condition="Remote">
<remote>
<endpoint>
<id>etherpad</id>
<name>Etherpad - unauthenticated access</name>
<description>Etherpad access</description>
<connector-id>http</connector-id>
<endpoint-url>http://127.0.0.1:9001</endpoint-url>
<identity>none</identity>
</endpoint>
<endpoint>
<id>etherpad-api</id>
<name>Etherpad - API access</name>
<description>Etherpad access</description>
<connector-id>etherpad</connector-id>
<endpoint-url>http://127.0.0.1:9001/api/1/</endpoint-url>
<identity>declared</identity>
<username>apikey</username>
<password>CHANGEME</password>
<unsecure>true</unsecure>
</endpoint>
</remote>
</config>

Example CSRF Policy

<config evaluator="string-compare" condition="CSRFPolicy">
<filter>
<rule>
<request>
<method>POST</method>
<path>/proxy/etherpad/.*</path>
</request>
</rule>
</filter>
</config>

Todo

  • Increase security of Etherpad. Right now you will still need the Node's UUID to discover the pad, but we can do better.
  • Handle error cases alot better (wrong API Key, etc..)
  • Provide some documentation on setting up etherpad correctly
  • Support text documents
  • Test on Community and earlier versions of Enterprise

Technical Details


Comments

  • I have a problem for installation that is
    •Update your share-config-custom.xml to disable CSRF actions for the etherpad endpoint. Copy the entries in share-security-config.xml and prepend the example below.
    Please give me a more detailed description.
    Thanks.

    xiaoqunhua Fri, 08/01/2014 - 07:14
  • Hi xiaoqunhua,

    Because CSRF is enabled for all POST requests, we need to override the default CSRF policy to switch it off for POST requests to the etherpad proxy.

    As discussed in this blog, there are two options. Both involve overriding configuration in your share-config-custom.xml file.

    You can switch off the CSRF Policy completely by using this statement (not recommended in production):

    <config evaluator="string-compare" condition="CSRFPolicy" replace="true">
    <filter/>
    </config>

    Or you can the CSRFPolicy configuration from this file and then add the example in the etherpad-alfresco readme. So you would end up with a config section like this in your share-config-custom.xml:

    <config evaluator="string-compare" condition="CSRFPolicy">
    <filter>
    <rule>
    <request>
    <method>POST</method>
    <path>/proxy/etherpad/.*</path>
    </request>
    </rule>
    </filter>
    <-- OTHER RULE STATEMENTS FROM share-security-config.xml -->
    </config>

    What this accomplishes is that you have the default CSRFPolicy, so you are secure, but you enable POST requests to pass through unfiltered to etherpad.

    If you're just testing it out in development, use the first option, because it's easier.

    cetra Sat, 08/02/2014 - 03:37
  • Thank you for your prompt reply.

    xiaoqunhua Sat, 08/02/2014 - 03:47
  • The Web Script /share/service/components/etherpad-edit has responded with a status of 500 - Internal Error.

    500 Description: An error inside the HTTP server which prevented it from fulfilling the request.

    Message: 07010003 Failed to execute script 'classpath*:alfresco/site-webscripts/com/parashift/etherpad-edit.get.js': 07010002 ReferenceError: "JSON" is not defined. (jar:file:/C:/AlfrescoEE4.2.1/tomcat/webapps/share/WEB-INF/lib/etherpad-integration-share.jar!/alfresco/site-webscripts/com/parashift/etherpad-edit.get.js#13)

    Exception: org.mozilla.javascript.EcmaError - ReferenceError: "JSON" is not defined. (jar:file:/C:/AlfrescoEE4.2.1/tomcat/webapps/share/WEB-INF/lib/etherpad-integration-share.jar!/alfresco/site-webscripts/com/parashift/etherpad-edit.get.js#13)

    org.mozilla.javascript.ScriptRuntime.constructError(ScriptRuntime.java:3350)
    org.mozilla.javascript.ScriptRuntime.constructError(ScriptRuntime.java:3340)
    org.mozilla.javascript.ScriptRuntime.notFoundError(ScriptRuntime.java:3413)
    org.mozilla.javascript.ScriptRuntime.name(ScriptRuntime.java:1612)
    org.mozilla.javascript.gen.c24._c0(jar:file:/C:/AlfrescoEE4.2.1/tomcat/webapps/share/WEB-INF/lib/etherpad-integration-share.jar!/alfresco/site-webscripts/com/parashift/etherpad-edit.get.js:13)
    org.mozilla.javascript.gen.c24.call(jar:file:/C:/AlfrescoEE4.2.1/tomcat/webapps/share/WEB-INF/lib/etherpad-integration-share.jar!/alfresco/site-webscripts/com/parashift/etherpad-edit.get.js)
    org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:393)
    org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:2834)

    xiaoqunhua Fri, 08/01/2014 - 07:24
  • Hi xiaoqunhua,

    This is because the JSON.parse function is not available in 4.2.1.

    I've resolved this and pushed changes to github. Please re-download the new version (i.e, git pull && gradle jar).

    cetra Sat, 08/02/2014 - 04:05
  • I tried again and now it works fine. Great work! Buy the way, I did the test on the 4.2.1 enterprise edition.

    xiaoqunhua Sat, 08/02/2014 - 05:01