From 3817392481be639f93db336baeb04b24c6ca419a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= <jfd@butonic.de>
Date: Wed, 29 May 2024 16:49:54 +0200
Subject: [PATCH] add secureview flag when listing apps via http
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
---
 .../add-providerinfo-secure-view-flag.md      |  5 ++
 .../http/services/appprovider/appprovider.go  | 49 ++++++++++++++-----
 2 files changed, 43 insertions(+), 11 deletions(-)
 create mode 100644 changelog/unreleased/add-providerinfo-secure-view-flag.md

diff --git a/changelog/unreleased/add-providerinfo-secure-view-flag.md b/changelog/unreleased/add-providerinfo-secure-view-flag.md
new file mode 100644
index 0000000000..2a7a1edf95
--- /dev/null
+++ b/changelog/unreleased/add-providerinfo-secure-view-flag.md
@@ -0,0 +1,5 @@
+Enhancement: add secureview flag when listing apps via http
+
+To allow clients to see which application supports secure view we add a flag to the http response when the app name matches a configured secure view app.
+
+https://github.com/cs3org/reva/pull/4703
diff --git a/internal/http/services/appprovider/appprovider.go b/internal/http/services/appprovider/appprovider.go
index 2181e98b95..5c8cf641c2 100644
--- a/internal/http/services/appprovider/appprovider.go
+++ b/internal/http/services/appprovider/appprovider.go
@@ -56,11 +56,12 @@ func init() {
 
 // Config holds the config options for the HTTP appprovider service
 type Config struct {
-	Prefix     string `mapstructure:"prefix"`
-	GatewaySvc string `mapstructure:"gatewaysvc"`
-	Insecure   bool   `mapstructure:"insecure"`
-	WebBaseURI string `mapstructure:"webbaseuri"`
-	Web        Web    `mapstructure:"web"`
+	Prefix        string `mapstructure:"prefix"`
+	GatewaySvc    string `mapstructure:"gatewaysvc"`
+	Insecure      bool   `mapstructure:"insecure"`
+	WebBaseURI    string `mapstructure:"webbaseuri"`
+	Web           Web    `mapstructure:"web"`
+	SecureViewApp string `mapstructure:"secure_view_app"`
 }
 
 // Web holds the config options for the URL parameters for Web
@@ -342,6 +343,16 @@ func (s *svc) handleList(w http.ResponseWriter, r *http.Request) {
 	}
 
 	res := filterAppsByUserAgent(listRes.MimeTypes, r.UserAgent())
+
+	// if app name or address matches the configured secure view app add that flag to the response
+	for _, mt := range res {
+		for _, app := range mt.AppProviders {
+			if app.Name == s.conf.SecureViewApp {
+				app.SecureView = true
+			}
+		}
+	}
+
 	js, err := json.Marshal(map[string]interface{}{"mime-types": res})
 	if err != nil {
 		writeError(w, r, appErrorServerError, "error marshalling JSON response", err)
@@ -545,22 +556,38 @@ func newOpenInWebResponse(baseURI string, params, staticParams map[string]string
 	return openInWebResponse{URI: uri.String()}, nil
 }
 
-func filterAppsByUserAgent(mimeTypes []*appregistry.MimeTypeInfo, userAgent string) []*appregistry.MimeTypeInfo {
+// MimeTypeInfo wraps the appregistry.MimeTypeInfo to change the app providers to ProviderInfos with a secure view flag
+type MimeTypeInfo struct {
+	appregistry.MimeTypeInfo
+	AppProviders []*ProviderInfo `json:"app_providers"`
+}
+
+// ProviderInfo wraps the appregistry.ProviderInfo to add a secure view flag
+type ProviderInfo struct {
+	appregistry.ProviderInfo
+	// TODO make this part of the CS3 provider info
+	SecureView bool `json:"secure_view"`
+}
+
+// filterAppsByUserAgent rewrites the mime type info to only include apps that can be called by the user agent
+// it also wraps the provider info to be able to add a secure view flag
+func filterAppsByUserAgent(mimeTypes []*appregistry.MimeTypeInfo, userAgent string) []*MimeTypeInfo {
 	ua := ua.Parse(userAgent)
-	res := []*appregistry.MimeTypeInfo{}
+	res := []*MimeTypeInfo{}
 	for _, m := range mimeTypes {
-		apps := []*appregistry.ProviderInfo{}
+		apps := []*ProviderInfo{}
 		for _, p := range m.AppProviders {
 			p.Address = "" // address is internal only and not needed in the client
 			// apps are called by name, so if it has no name it cannot be called and should not be advertised
 			// also filter Desktop-only apps if ua is not Desktop
 			if p.Name != "" && (ua.Desktop || !p.DesktopOnly) {
-				apps = append(apps, p)
+				apps = append(apps, &ProviderInfo{ProviderInfo: *p})
 			}
 		}
 		if len(apps) > 0 {
-			m.AppProviders = apps
-			res = append(res, m)
+			mt := &MimeTypeInfo{MimeTypeInfo: *m}
+			mt.AppProviders = apps
+			res = append(res, mt)
 		}
 	}
 	return res