File Share Quota incorrectly determined for share folders

[rpocklin]

There is a current issue in logic checking if quota && quota.free > 0 in AppBar.vue in order to enable or disable the New + button.

web/packages/web-app-files/src/components/AppBar/AppBar.vue

Lines 264 to 273 in 76036fd

	hasFreeSpace() {
	return (
	!this.quota ||
	this.quota.free > 0 ||
	(this.currentFolder &&
	this.currentFolder.permissions &&
	this.currentFolder.permissions.indexOf('M') >= 0) ||
	this.publicPage()
	)
	},

This makes an assumption the user is in his/her personal space (as it looks up the quota returned from the $client.users.getUser(this.user.id) which works well for personal space.

web/packages/web-app-files/src/views/Personal.vue

Lines 373 to 376 in 60b60d1

	// Load quota
	const user = await this.$client.users.getUser(this.user.id)
	this.SET_QUOTA(user.quota)

This does not work well for shared folders.

If User A shares a folder 1 with user B, correct me if i'm wrong, but all files added or modified in the folder 1 would relate to User A's quota, not user B (as user A is the owner of folder 1). Currently, if user B is set to have 0B personal quota, the buttons for New + get disabled, even in the shared folder screens as it assumes, since the current user B has no available personal quota, he/she cannot add or upload any more files, even within a shared folder.

Steps to reproduce

1. Create User A with 0B quota.
2. Create User B with a quota.
3. With User B, create a folder 1.
4. Share folder 1 with User A.
5. Log in as User A.
6. Navigate to the share 1.
7. Verify that User A cannot click the New + button because this user has 0B quota.

Expected behaviour

It should either do a fileInfo call on the currentFolder or similar to ascertain the quota metrics in this share.
I am unsure how to approach a fix to this - there are 4 metrics for the quota (free, relative, used and total).
The application should then call SET_QUOTA with these correct values, relative to the share.

Expected user behaviour is that the user can click on the New + button.

Actual behaviour

The user cannot click on the New + button.

[rpocklin]

Is it possible to get this looked at for comment?

[rpocklin]

Any chance for a response on this?

[kulmann]

@pmaier1 could you give a statement regarding the handling of quota please? Then we can figure out a technical solution for this.
Sorry @rpocklin for keeping you waiting 😞

[pmaier1]

@pmaier1 could you give a statement regarding the handling of quota please? Then we can figure out a technical solution for this.

Well, I absolutely agree with the expected behavior. In the case of a share, User A is using the quota of User B. Consequently, it should not matter at all whether User A has quota or not. Writing into a folder that belongs to User B needs to be possible within the frame of User B's quota.

Does that answer the question?

[kulmann]

@rpocklin do you want to work on that yourself or should we bring in a PR?

[rpocklin]

Hi @kulmann, I'm not confident creating one as I am unsure how to get the relevant metrics of the share info. Let me know if you are able to make a PR for this and I can certainly review / test it.

[AlexAndBear]

@kulmann @rpocklin
As far as I can see, we have some problems we need to solve first before we can tackle this:

1. The backend graph endpoint me/drives doesn't expose the quota of a shared folder
2. The frontend route files/spaces/shares/ needs to have the storageId as additional parameter

[kulmann]

@kulmann @rpocklin As far as I can see, we have some problems we need to solve first before we can tackle this:

1. The backend graph endpoint me/drives doesn't expose the quota of a shared folder
2. The frontend route files/spaces/shares/ needs to have the storageId as additional parameter

I think in a first iteration we should just disable the quota check inside shared folders. I.e.
a) if share jail is enabled -> any folder inside the files/spaces/shares route shouldn't have quota checks
b) if share jail is disabled -> any subfolder of a shared folder shouldn't have quota checks

Uploads would then just fail with a quota related response from the backend if the quota is exceeded. That's better than never being able to upload into a share (if your own quota is used up).

[AlexAndBear]

@kulmann Maybe we also want to think about discarding the check and disabling the button entirely.
I think it is an edge case, that the remaining quota space is EXACTLY 0, we also have an quota check while uploading files via uppy.

[kulmann]

@kulmann Maybe we also want to think about discarding the check and disabling the button entirely.
I think it is an edge case, that the remaining quota space is EXACTLY 0, we also have an quota check while uploading files via uppy.

Sounds good, let's do that.

[AlexAndBear]

According to my comment:

The backend graph endpoint me/drives doesn't expose the quota of a shared folder

I don't think this will be possible, we would likely expose sensitive user information