@fiduswriter/document 0.1.0-alpha.1

package/src/common/network.js

@@ -0,0 +1,79 @@
+const getCookie = name => {
+    if (typeof document === "undefined" || !document.cookie) {
+        return ""
+    }
+    const cookie = document.cookie
+        .split(";")
+        .map(cookie => cookie.trim())
+        .find(cookie => cookie.substring(0, name.length + 1) === `${name}=`)
+    return cookie ? decodeURIComponent(cookie.substring(name.length + 1)) : ""
+}
+
+const handleFetchErrors = response => {
+    if (!response.ok) {
+        throw response
+    }
+    return response
+}
+
+export const get = (url, params = {}) => {
+    const csrfToken = getCookie("csrftoken")
+    const queryString = Object.keys(params)
+        .map(
+            key =>
+                `${encodeURIComponent(key)}=${encodeURIComponent(params[key])}`
+        )
+        .join("&")
+    if (queryString.length) {
+        url = `${url}?${queryString}`
+    }
+    return fetch(url, {
+        method: "GET",
+        headers: {
+            "X-CSRFToken": csrfToken,
+            Accept: "application/json",
+            "X-Requested-With": "XMLHttpRequest"
+        },
+        credentials: "include"
+    }).then(handleFetchErrors)
+}
+
+export const post = (url, object = {}, files = {}) => {
+    const csrfToken = getCookie("csrftoken")
+    const fetchOptions = {
+        method: "POST",
+        headers: {
+            "X-CSRFToken": csrfToken,
+            Accept: "application/json",
+            "X-Requested-With": "XMLHttpRequest"
+        },
+        credentials: "include"
+    }
+
+    if (Object.keys(files).length) {
+        const body = new FormData()
+        body.append("csrfmiddlewaretoken", csrfToken)
+        body.append("json", JSON.stringify(object))
+        Object.keys(files).forEach(key => {
+            const value = files[key]
+            if (typeof value === "object" && value.file && value.filename) {
+                body.append(key, value.file, value.filename)
+            } else if (Array.isArray(value)) {
+                value.forEach(item => body.append(`${key}[]`, item))
+            } else {
+                body.append(key, value)
+            }
+        })
+        fetchOptions.body = body
+    } else {
+        fetchOptions.headers["Content-Type"] = "application/json"
+        fetchOptions.body = JSON.stringify(object)
+    }
+
+    return fetch(url, fetchOptions).then(handleFetchErrors)
+}
+
+export const postJson = (url, object = {}, files = {}) =>
+    post(url, object, files).then(response =>
+        response.json().then(json => ({json, status: response.status}))
+    )

package/src/common/text.js

@@ -0,0 +1,44 @@
+export const escapeText = text => {
+    if (typeof text !== "string") {
+        return String(text)
+    }
+    return text
+        .replace(/&/g, "&")
+        .replace(/</g, "&lt;")
+        .replace(/>/g, "&gt;")
+        .replace(/"/g, "&quot;")
+        .replace(
+            /[^\x09\x0A\x0D\x20-\uD7FF\uE000-\uFFFD\u10000-\u10FFFF]/g,
+            ""
+        ) // invalid in XML chars
+}
+
+export const unescapeText = text =>
+    text
+        .replace(/&lt;/g, "<")
+        .replace(/&gt;/g, ">")
+        .replace(/&quot;/g, '"')
+        .replace(/&amp;/g, "&")
+
+/**
+ * Turn string literals into single line, removing spaces at start of line
+ */
+export const noSpaceTmp = (strings, ...values) => {
+    const tmpStrings = Array.from(strings)
+
+    let combined = ""
+    while (tmpStrings.length > 0 || values.length > 0) {
+        if (tmpStrings.length > 0) {
+            combined += tmpStrings.shift()
+        }
+        if (values.length > 0) {
+            combined += values.shift()
+        }
+    }
+
+    let out = ""
+    combined.split("\n").forEach(line => {
+        out += line.replace(/^\s*/g, "")
+    })
+    return out
+}

package/src/editor/e2ee/encryptor.js

@@ -0,0 +1,228 @@
+/**
+ * E2EE Encryptor - Handles encryption and decryption of document content
+ * for end-to-end encrypted documents.
+ *
+ * Uses AES-GCM (256-bit) for all encryption operations. Each encryption
+ * operation generates a random 12-byte IV (initialization vector) to
+ * ensure that encrypting the same plaintext twice produces different
+ * ciphertext.
+ *
+ * Encrypted data format (Appendix A of the E2EE plan):
+ *   [IV (12 bytes)][Ciphertext (variable length)][Auth Tag (16 bytes, implicit in AES-GCM)]
+ *
+ * When stored as a string (e.g., in JSON fields), the entire structure
+ * is Base64-encoded.
+ */
+export class E2EEEncryptor {
+    /**
+     * Encrypt a string with AES-GCM.
+     *
+     * @param {string} plaintext - The plaintext string to encrypt
+     * @param {CryptoKey} key - An AES-GCM key (from E2EEKeyManager.deriveKey)
+     * @returns {Promise<string>} Base64-encoded string (iv + ciphertext + auth tag)
+     */
+    static async encrypt(plaintext, key) {
+        const iv = crypto.getRandomValues(new Uint8Array(12))
+        const encoded = new TextEncoder().encode(plaintext)
+        const ciphertext = await crypto.subtle.encrypt(
+            {name: "AES-GCM", iv: iv},
+            key,
+            encoded
+        )
+        // Prepend IV to ciphertext for storage
+        const combined = new Uint8Array(iv.length + ciphertext.byteLength)
+        combined.set(iv, 0)
+        combined.set(new Uint8Array(ciphertext), iv.length)
+        return E2EEEncryptor._uint8ArrayToBase64(combined)
+    }
+
+    /**
+     * Decrypt a Base64-encoded AES-GCM ciphertext.
+     *
+     * @param {string} ciphertextBase64 - Base64-encoded (iv + ciphertext + auth tag)
+     * @param {CryptoKey} key - An AES-GCM key (from E2EEKeyManager.deriveKey)
+     * @returns {Promise<string>} The decrypted plaintext string
+     */
+    static async decrypt(ciphertextBase64, key) {
+        const combined = E2EEEncryptor._base64ToUint8Array(ciphertextBase64)
+        const iv = combined.slice(0, 12)
+        const ciphertext = combined.slice(12)
+        const decrypted = await crypto.subtle.decrypt(
+            {name: "AES-GCM", iv: iv},
+            key,
+            ciphertext
+        )
+        return new TextDecoder().decode(decrypted)
+    }
+
+    /**
+     * Encrypt a JSON-serializable object.
+     *
+     * Serializes the object to JSON, then encrypts the JSON string.
+     *
+     * @param {Object} obj - A JSON-serializable object
+     * @param {CryptoKey} key - An AES-GCM key
+     * @returns {Promise<string>} Base64-encoded encrypted data
+     */
+    static encryptObject(obj, key) {
+        return E2EEEncryptor.encrypt(JSON.stringify(obj), key)
+    }
+
+    /**
+     * Decrypt to a JSON-serializable object.
+     *
+     * Decrypts the Base64-encoded ciphertext, then parses the result as JSON.
+     *
+     * @param {string} ciphertextBase64 - Base64-encoded encrypted data
+     * @param {CryptoKey} key - An AES-GCM key
+     * @returns {Promise<Object>} The decrypted and parsed object
+     */
+    static async decryptObject(ciphertextBase64, key) {
+        const plaintext = await E2EEEncryptor.decrypt(ciphertextBase64, key)
+        return JSON.parse(plaintext)
+    }
+
+    /**
+     * Encrypt an ArrayBuffer (for images and other binary data).
+     *
+     * @param {ArrayBuffer} buffer - The binary data to encrypt
+     * @param {CryptoKey} key - An AES-GCM key
+     * @returns {Promise<string>} Base64-encoded encrypted data (iv + ciphertext)
+     */
+    static async encryptBuffer(buffer, key) {
+        const iv = crypto.getRandomValues(new Uint8Array(12))
+        const ciphertext = await crypto.subtle.encrypt(
+            {name: "AES-GCM", iv: iv},
+            key,
+            buffer
+        )
+        // Prepend IV to ciphertext
+        const combined = new Uint8Array(iv.length + ciphertext.byteLength)
+        combined.set(iv, 0)
+        combined.set(new Uint8Array(ciphertext), iv.length)
+        return E2EEEncryptor._uint8ArrayToBase64(combined)
+    }
+
+    /**
+     * Decrypt to an ArrayBuffer.
+     *
+     * @param {string} ciphertextBase64 - Base64-encoded encrypted data
+     * @param {CryptoKey} key - An AES-GCM key
+     * @returns {Promise<ArrayBuffer>} The decrypted binary data
+     */
+    static decryptBuffer(ciphertextBase64, key) {
+        const combined = E2EEEncryptor._base64ToUint8Array(ciphertextBase64)
+        const iv = combined.slice(0, 12)
+        const ciphertext = combined.slice(12)
+        return crypto.subtle.decrypt({name: "AES-GCM", iv: iv}, key, ciphertext)
+    }
+
+    /**
+     * Encrypt an image File/Blob for upload.
+     *
+     * Reads the file as an ArrayBuffer, encrypts it, and returns
+     * a Blob with application/octet-stream type (since the encrypted
+     * data is opaque binary).
+     *
+     * @param {File|Blob} file - The image file to encrypt
+     * @param {CryptoKey} key - An AES-GCM key
+     * @returns {Promise<Blob>} An encrypted Blob with type application/octet-stream
+     */
+    static async encryptImage(file, key) {
+        const buffer = await file.arrayBuffer()
+        const iv = crypto.getRandomValues(new Uint8Array(12))
+        const ciphertext = await crypto.subtle.encrypt(
+            {name: "AES-GCM", iv: iv},
+            key,
+            buffer
+        )
+        // Prepend IV to ciphertext
+        const combined = new Uint8Array(iv.length + ciphertext.byteLength)
+        combined.set(iv, 0)
+        combined.set(new Uint8Array(ciphertext), iv.length)
+        return new Blob([combined], {type: "application/octet-stream"})
+    }
+
+    /**
+     * Decrypt an encrypted image back to an ArrayBuffer.
+     *
+     * @param {string} ciphertextBase64 - Base64-encoded encrypted image data
+     * @param {CryptoKey} key - An AES-GCM key
+     * @returns {Promise<ArrayBuffer>} The decrypted image data
+     */
+    static decryptImage(ciphertextBase64, key) {
+        return E2EEEncryptor.decryptBuffer(ciphertextBase64, key)
+    }
+
+    /**
+     * Decrypt a Base64-encoded ciphertext and return as a Base64 string.
+     *
+     * Useful for decrypting encrypted images that need to be stored
+     * as Base64 data URLs or re-exported.
+     *
+     * @param {string} ciphertextBase64 - Base64-encoded encrypted data
+     * @param {CryptoKey} key - An AES-GCM key
+     * @returns {Promise<string>} Base64-encoded decrypted data
+     */
+    static async decryptBufferToBase64(ciphertextBase64, key) {
+        const buffer = await E2EEEncryptor.decryptBuffer(ciphertextBase64, key)
+        const bytes = new Uint8Array(buffer)
+        let binary = ""
+        for (let i = 0; i < bytes.length; i++) {
+            binary += String.fromCharCode(bytes[i])
+        }
+        return btoa(binary)
+    }
+
+    /**
+     * Decrypt an encrypted image and return a blob URL for display.
+     *
+     * Fetches the encrypted image file from the given URL, decrypts it,
+     * and creates a temporary object URL that can be used as an img src.
+     *
+     * @param {string} imageUrl - The URL of the encrypted image file
+     * @param {CryptoKey} key - An AES-GCM key
+     * @param {string} mimeType - The MIME type of the decrypted image
+     * @returns {Promise<string>} A blob URL for the decrypted image
+     */
+    static async decryptImageToUrl(imageUrl, key, mimeType = "image/png") {
+        const response = await fetch(imageUrl)
+        const arrayBuffer = await response.arrayBuffer()
+        const bytes = new Uint8Array(arrayBuffer)
+        let binary = ""
+        for (let i = 0; i < bytes.length; i++) {
+            binary += String.fromCharCode(bytes[i])
+        }
+        const base64 = btoa(binary)
+        const decrypted = await E2EEEncryptor.decryptBuffer(base64, key)
+        const blob = new Blob([decrypted], {type: mimeType})
+        return URL.createObjectURL(blob)
+    }
+
+    // --- Private helper methods ---
+
+    /**
+     * Convert a Uint8Array to a Base64-encoded string.
+     * @private
+     */
+    static _uint8ArrayToBase64(bytes) {
+        let binary = ""
+        for (let i = 0; i < bytes.length; i++) {
+            binary += String.fromCharCode(bytes[i])
+        }
+        return btoa(binary)
+    }
+
+    /**
+     * Convert a Base64-encoded string to a Uint8Array.
+     * @private
+     */
+    static _base64ToUint8Array(base64) {
+        const binary = atob(base64)
+        const bytes = new Uint8Array(binary.length)
+        for (let i = 0; i < binary.length; i++) {
+            bytes[i] = binary.charCodeAt(i)
+        }
+        return bytes
+    }
+}

package/src/exporter/docx/citations.js

@@ -0,0 +1,177 @@
+import {DOMParser, DOMSerializer} from "prosemirror-model"
+
+import {cslBibSchema} from "../../bibliography/csl_bib.js"
+import {FormatCitations} from "../../citations/format.js"
+import {fnSchema} from "../../schema/footnotes.js"
+import {descendantNodes} from "../tools/doc_content.js"
+
+export class DOCXExporterCitations {
+    constructor(docContent, settings, bibDB, csl, xml, origCitInfos = []) {
+        this.docContent = docContent
+        this.settings = settings
+        this.bibDB = bibDB
+        this.csl = csl
+        this.xml = xml
+        this.origCitInfos = origCitInfos
+
+        this.citInfos = []
+        this.citationTexts = []
+        this.pmCits = []
+        this.citFm = false
+        this.pmBib = false
+        this.styleXML = false
+        this.styleFilePath = "word/styles.xml"
+    }
+
+    init() {
+        return this.xml
+            .getXml(this.styleFilePath)
+            .then(styleXML => {
+                this.styleXML = styleXML
+                return Promise.resolve()
+            })
+            .then(() => this.formatCitations())
+    }
+
+    // Citations are highly interdependent -- so we need to format them all
+    // together before laying out the document.
+    formatCitations() {
+        if (this.origCitInfos.length) {
+            // Initial citInfos are taken from a previous run to include in bibliography,
+            // and they are removed before spitting out the citation entries for the given document.
+            // That way the bibliography should contain information from both.
+            this.citInfos = this.citInfos.concat(this.origCitInfos)
+        }
+
+        descendantNodes(this.docContent).forEach(node => {
+            if (node.type === "citation") {
+                this.citInfos.push(JSON.parse(JSON.stringify(node.attrs)))
+            }
+        })
+        this.citFm = new FormatCitations(
+            this.csl,
+            this.citInfos,
+            this.settings.citationstyle,
+            "",
+            this.bibDB,
+            false,
+            this.settings.language
+        )
+        return this.citFm.init().then(() => {
+            this.citationTexts = this.citFm.citationTexts
+            if (this.origCitInfos.length) {
+                // Remove all citation texts originating from original starting citInfos
+                this.citationTexts.splice(0, this.origCitInfos.length)
+            }
+            this.convertCitations()
+            return Promise.resolve()
+        })
+    }
+
+    convertCitations() {
+        // There could be some formatting in the citations, so we parse them through the PM schema for final formatting.
+        // We need to put the citations each in a paragraph so that it works with
+        // the fiduswriter schema and so that the converter doesn't mash them together.
+        let citationsHTML = ""
+        this.citationTexts.forEach(ct => {
+            citationsHTML += `<p>${ct}</p>`
+        })
+
+        if (citationsHTML.length) {
+            // We create a standard body footnotecontainer node, add the citations into it, and parse it back.
+            const fnNode = fnSchema.nodeFromJSON({type: "footnotecontainer"})
+
+            const serializer = DOMSerializer.fromSchema(fnSchema)
+            const dom = serializer.serializeNode(fnNode)
+            dom.innerHTML = citationsHTML
+            this.pmCits = DOMParser.fromSchema(fnSchema)
+                .parse(dom, {topNode: fnNode})
+                .toJSON().content
+        }
+
+        // Now we do the same for the bibliography.
+        const cslBib = this.citFm.bibliography
+        if (cslBib && cslBib[1].length > 0) {
+            this.addReferenceStyle(cslBib[0])
+            const bibNode = cslBibSchema.nodeFromJSON({type: "cslbib"})
+            const cslSerializer = DOMSerializer.fromSchema(cslBibSchema)
+            const dom = cslSerializer.serializeNode(bibNode)
+            dom.innerHTML = cslBib[1].join("")
+            this.pmBib = DOMParser.fromSchema(cslBibSchema)
+                .parse(dom, {topNode: bibNode})
+                .toJSON()
+        }
+    }
+
+    addReferenceStyle(bibInfo) {
+        const stylesEl = this.styleXML.query("w:styles")
+        if (
+            !this.styleXML.query("w:style", {
+                "w:styleId": "BibliographyHeading"
+            })
+        ) {
+            // There is no style definition for the bibliography heading. We have to add it.
+            const headingStyleDef = `
+                <w:style w:type="paragraph" w:styleId="BibliographyHeading">
+                    <w:name w:val="Bibliography Heading"/>
+                    <w:basedOn w:val="Heading"/>
+                    <w:pPr>
+                        <w:suppressLineNumbers/>
+                        <w:ind w:left="0" w:hanging="0"/>
+                    </w:pPr>
+                    <w:rPr>
+                        <w:b/>
+                        <w:bCs/>
+                        <w:sz w:val="32"/>
+                        <w:szCs w:val="32"/>
+                    </w:rPr>
+                </w:style>`
+            stylesEl.appendXML(headingStyleDef)
+        }
+        // The style called "Bibliography" will override any previous style
+        // of the same name.
+        const stylesParStyle = this.styleXML.query("w:style", {
+            "w:styleId": "Bibliography"
+        })
+        if (stylesParStyle) {
+            stylesParStyle.parentElement.removeChild(stylesParStyle)
+        }
+
+        const lineHeight = 240 * bibInfo.linespacing
+        const marginBottom = 240 * bibInfo.entryspacing
+        let marginLeft = 0,
+            hangingIndent = 0,
+            tabStops = ""
+
+        if (bibInfo.hangingindent) {
+            marginLeft = 720
+            hangingIndent = 720
+        } else if (bibInfo["second-field-align"]) {
+            // We calculate 120 as roughly equivalent to one letter width.
+            const firstFieldWidth = (bibInfo.maxoffset + 1) * 120
+            if (bibInfo["second-field-align"] === "margin") {
+                hangingIndent = firstFieldWidth
+                tabStops =
+                    '<w:tabs><w:tab w:val="left" w:pos="0" w:leader="none"/></w:tabs>'
+            } else {
+                hangingIndent = firstFieldWidth
+                marginLeft = firstFieldWidth
+                tabStops = `<w:tabs><w:tab w:val="left" w:pos="${firstFieldWidth}" w:leader="none"/></w:tabs>`
+            }
+        }
+        const styleDef = `
+            <w:style w:type="paragraph" w:styleId="Bibliography">
+                <w:name w:val="Bibliography"/>
+                <w:basedOn w:val="Normal"/>
+                <w:qFormat/>
+                <w:pPr>
+                    ${tabStops}
+                    <w:spacing w:lineRule="atLeast" w:line="${lineHeight}" w:before="0" w:after="${marginBottom}"/>
+                    <w:ind w:left="${marginLeft}" w:hanging="${hangingIndent}"/>
+                </w:pPr>
+                <w:rPr></w:rPr>
+            </w:style>`
+
+        stylesEl.appendXML(styleDef)
+    }
+}