Added new annotations for the externalsharescontroller class
* @NoOutgoingFederatedSharingRequired
* @NoIncomingFederatedSharingRequired
By default both are required for all functions in the
externalSharesController.
A proper exception is thrown and then a 405 is returned instead of the
default error page. Since it is only an API endpoint this makes more
sense.
Unit tests added and updated
Since for external shares there is no need for link shares to be enabled
we should check which controller is actually being called.
This makes sure that in all cases we verify that the files_sharing app
is enabled. But only for the share controller (public shares) we check
if the API is enabled and if links are enabled.
TODO: add checks for federated sharing as well
The data from the share_external is not to much. Thus we enrich this
data with info from the filecache.
This allows endpoints using this to actually show usefull information.
The filecache might not be up to date but that is a sacrifice we need to
make in terms of speed. Else the number of remote PROPFINDS grows
lineary with the number of remote shares wich will make this endpoint
practically unusable.
Since we need a unique id to accept/reject shares for now we keep the
pending shares under remote_shares.
* remote_shares/pending lists pending shares
* PUT/DELETE to remote_shares/pending/<ID> will accept/reject the share
* list incoming remote shares at 'remote_shares'
* get per share info at 'remote_shares/<ID>'
* delete remote share with a DELETE to 'remote_shares/<ID>'
The sharing backend may throw another exception for example when the activity app encounters a problem. Previously this just triggered a 404 error page and the exception got not logged at all. With this change such exceptions get not intercepted and regularly handled as exceptions so that we have meaningful log data. Also the user will be shown a window informing him that an error happened.
Helps to debug cases such as https://github.com/owncloud/core/issues/19465
This makes it possible for the recipient to still trigger the sidebar
and share tab to see information about the share.
In the case where the file is not shared and no permissions exists, no
action icon will be displayed.
When a public link password has been input, its auth is stored in the
session.
This fix makes it possible to recognize the session when using public
webdav from the files UI.
If the sharing API setting is disabled that sharing check middle ware
should block the request. Thus making link shares unavailable.
Fixes#18970
* Unit test added
* Unit tests updated
Whenever outgoing shares are disabled, still allow ajax requests to make
it possible to use the Webdav interface in the public link page.
Please note that disabling outgoing shares isn't strong anyway as
someone could abuse the ajax endpoints to access files anyway. To
properly disable remote sharing, public link sharing must be disabled
too.