From 7f7c41fb566d1a613f6b9f35a62a4ec1eba906c5 Mon Sep 17 00:00:00 2001
From: Henry Castro <hcastro@collabora.com>
Date: Tue, 27 Oct 2015 23:12:41 -0400
Subject: [PATCH] cloudsuite: add showLOleaflet method

---
 controller/documentcontroller.php | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/controller/documentcontroller.php b/controller/documentcontroller.php
index 60fb1ab0..cdb6d35b 100644
--- a/controller/documentcontroller.php
+++ b/controller/documentcontroller.php
@@ -206,4 +206,29 @@ class DocumentController extends Controller{
 			'status' => 'success', 'documents' => $documents,'sessions' => $sessions,'members' => $members
 		);
 	}
+
+	/**
+	 * @PublicPage
+	 * @NoCSRFRequired
+	 *
+	 * @return TemplateResponse
+	 */
+	public function showLOleaflet() {
+		$params = [
+			'urlGenerator' => $this->urlGenerator
+		];
+		$response = new TemplateResponse($this->appName, '3rdparty/cloudsuite/assets/cloudsuite', $params, 'blank');
+
+		$policy = new ContentSecurityPolicy();
+		$policy->addAllowedChildSrcDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\'');
+		$policy->addAllowedScriptDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\'');
+    $policy->addAllowedFrameDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\'');
+		$policy->addAllowedConnectDomain('ws://' . $_SERVER['SERVER_NAME'] . ':9980');
+		$policy->addAllowedImageDomain('*');
+		$policy->allowInlineScript(true);
+		$policy->addAllowedFontDomain('data:');
+		$response->setContentSecurityPolicy($policy);
+
+		return $response;
+  }
 }