From c156094d8b8593838c97bd1d034954e943173a0a Mon Sep 17 00:00:00 2001 From: Gianmaria Del Monte Date: Tue, 31 Oct 2023 13:53:02 +0100 Subject: [PATCH] disable open in app for given paths --- .../http/services/owncloud/ocdav/ocdav.go | 1 + .../http/services/owncloud/ocdav/propfind.go | 21 +++++++++++++++++++ internal/http/services/owncloud/ocdav/tus.go | 1 + .../services/owncloud/ocs/conversions/role.go | 9 ++++++-- 4 files changed, 30 insertions(+), 2 deletions(-) diff --git a/internal/http/services/owncloud/ocdav/ocdav.go b/internal/http/services/owncloud/ocdav/ocdav.go index 6606be76f5..c67f4021b1 100644 --- a/internal/http/services/owncloud/ocdav/ocdav.go +++ b/internal/http/services/owncloud/ocdav/ocdav.go @@ -119,6 +119,7 @@ type Config struct { FavoriteStorageDriver string `mapstructure:"favorite_storage_driver"` FavoriteStorageDrivers map[string]map[string]interface{} `mapstructure:"favorite_storage_drivers"` PublicLinkDownload *ConfigPublicLinkDownload `mapstructure:"publiclink_download"` + DisabledOpenInAppPaths []string `mapstructure:"disabled_open_in_app_paths"` Notifications map[string]interface{} `docs:"Settingsg for the Notification Helper" mapstructure:"notifications"` } diff --git a/internal/http/services/owncloud/ocdav/propfind.go b/internal/http/services/owncloud/ocdav/propfind.go index ab6e341623..ea5efe59b1 100644 --- a/internal/http/services/owncloud/ocdav/propfind.go +++ b/internal/http/services/owncloud/ocdav/propfind.go @@ -514,6 +514,26 @@ func supportLegacyOCMAccess(ctx context.Context, md *provider.ResourceInfo) { } } +func appendSlash(path string) string { + if path == "" { + return "/" + } + if path[len(path)-1] == '/' { + return path + } + return path + "/" +} + +func (s *svc) isOpenable(path string) bool { + path = appendSlash(path) + for _, prefix := range s.c.DisabledOpenInAppPaths { + if strings.HasPrefix(path, appendSlash(prefix)) { + return false + } + } + return true +} + // mdToPropResponse converts the CS3 metadata into a webdav PropResponse // ns is the CS3 namespace that needs to be removed from the CS3 path before // prefixing it with the baseURI. @@ -567,6 +587,7 @@ func (s *svc) mdToPropResponse(ctx context.Context, pf *propfindXML, md *provide isShared, false, isPublic, + s.isOpenable(md.Path), ) sublog.Debug().Interface("role", role).Str("dav-permissions", wdp).Msg("converted PermissionSet") } diff --git a/internal/http/services/owncloud/ocdav/tus.go b/internal/http/services/owncloud/ocdav/tus.go index e533af289b..9e993a9499 100644 --- a/internal/http/services/owncloud/ocdav/tus.go +++ b/internal/http/services/owncloud/ocdav/tus.go @@ -303,6 +303,7 @@ func (s *svc) handleTusPost(ctx context.Context, w http.ResponseWriter, r *http. isShared, false, isPublic, + s.isOpenable(info.Path), ) w.Header().Set(HeaderContentType, info.MimeType) diff --git a/internal/http/services/owncloud/ocs/conversions/role.go b/internal/http/services/owncloud/ocs/conversions/role.go index 2d0587b395..36ad6836a2 100644 --- a/internal/http/services/owncloud/ocs/conversions/role.go +++ b/internal/http/services/owncloud/ocs/conversions/role.go @@ -96,8 +96,9 @@ func (r *Role) OCSPermissions() Permissions { // S = Shared // R = Shareable // M = Mounted -// Z = Deniable (NEW). -func (r *Role) WebDAVPermissions(isDir, isShared, isMountpoint, isPublic bool) string { +// Z = Deniable +// O = Openable. +func (r *Role) WebDAVPermissions(isDir, isShared, isMountpoint, isPublic, isOpenable bool) string { var b strings.Builder if !isPublic && isShared { fmt.Fprintf(&b, "S") @@ -125,6 +126,10 @@ func (r *Role) WebDAVPermissions(isDir, isShared, isMountpoint, isPublic bool) s fmt.Fprintf(&b, "Z") } + if isOpenable && !isDir { + fmt.Fprintf(&b, "O") + } + return b.String() }