chore(release): set APP_VERSION to v2.2.4 [skip ci]

release(v2.2.4): fix(admin): ONLYOFFICE JWT save crash and respect replace/locked flags
2025-11-30 06:59:51 +00:00 · 2025-11-30 01:59:42 -05:00
3 changed files with 25 additions and 14 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,14 @@
 # Changelog

+## Changes 11/30/2025 (v2.2.4)
+
+release(v2.2.4): fix(admin): ONLYOFFICE JWT save crash and respect replace/locked flags
+
+- Prevented a JS crash when the ONLYOFFICE JWT field isn’t present by always initializing payload.onlyoffice before touching jwtSecret.
+- Tightened ONLYOFFICE JWT handling so the secret is only sent when config isn’t locked by PHP and the admin explicitly chooses Replace (or is setting it for the first time), instead of always pushing whatever is in the field.
+
+---
+
 ## Changes 11/29/2025 (v2.2.3)

 fix(preview): harden SVG handling and normalize mime type
--- a/public/js/adminPanel.js
+++ b/public/js/adminPanel.js
@@ -1942,7 +1942,7 @@ function handleSave() {
    oidc: {
      providerUrl: document.getElementById("oidcProviderUrl").value.trim(),
      redirectUri: document.getElementById("oidcRedirectUri").value.trim(),
-      // clientId/clientSecret: only include when replacing
+      // clientId/clientSecret added conditionally below
    },
    globalOtpauthUrl: document.getElementById("globalOtpauthUrl").value.trim(),
    branding: {
@@ -1952,13 +1952,15 @@ function handleSave() {
    },
  };

+  // --- OIDC extras (unchanged) ---
  const idEl = document.getElementById("oidcClientId");
  const scEl = document.getElementById("oidcClientSecret");

  const idVal = idEl?.value.trim() || '';
  const secVal = scEl?.value.trim() || '';
-  const idFirstTime = idEl && !idEl.hasAttribute('data-replace');   // no saved value yet
-  const secFirstTime = scEl && !scEl.hasAttribute('data-replace');   // no saved value yet
+  const idFirstTime = idEl && !idEl.hasAttribute('data-replace');
+  const secFirstTime = scEl && !scEl.hasAttribute('data-replace');
+
  if ((idEl?.dataset.replace === '1' || idFirstTime) && idVal !== '') {
    payload.oidc.clientId = idVal;
  }
@@ -1966,26 +1968,26 @@ function handleSave() {
    payload.oidc.clientSecret = secVal;
  }

+  // ---- ONLYOFFICE payload ----
  const ooSecretEl = document.getElementById("ooJwtSecret");

-
-  if (ooSecretEl?.dataset.replace === '1' && ooSecretEl.value.trim() !== '') {
-    payload.onlyoffice.jwtSecret = ooSecretEl.value.trim();
-  }
-
-  // ---- ONLYOFFICE payload ----
  payload.onlyoffice = {
    enabled: document.getElementById("ooEnabled").checked,
    docsOrigin: document.getElementById("ooDocsOrigin").value.trim()
  };

-  if (!window.__OO_LOCKED) {
-    const ooSecretVal = (document.getElementById("ooJwtSecret")?.value || "").trim();
-    if (ooSecretVal !== "") {
-      payload.onlyoffice.jwtSecret = ooSecretVal;
+  // Only send JWT secret if NOT locked by PHP and user chose Replace / first-time set
+  if (!window.__OO_LOCKED && ooSecretEl) {
+    const val = ooSecretEl.value.trim();
+    const hasSaved = !!window.__HAS_OO_SECRET;           // set in openAdminPanel
+    const shouldReplace = ooSecretEl.dataset.replace === '1' || !hasSaved;
+
+    if (shouldReplace && val !== "") {
+      payload.onlyoffice.jwtSecret = val;
    }
  }

+  // --- save call (unchanged) ---
  fetch('/api/admin/updateConfig.php', {
    method: 'POST',
    credentials: 'include',
--- a/public/js/version.js
+++ b/public/js/version.js
@@ -1,2 +1,2 @@
 // generated by CI
-window.APP_VERSION = 'v2.2.3';
+window.APP_VERSION = 'v2.2.4';
Author	SHA1	Message	Date
github-actions[bot]	da14d204a6	chore(release): set APP_VERSION to v2.2.4 [skip ci]	2025-11-30 06:59:51 +00:00
Ryan	2a87002e1f	release(v2.2.4): fix(admin): ONLYOFFICE JWT save crash and respect replace/locked flags	2025-11-30 01:59:42 -05:00