feat(files_sharing): Make `ShareController` download route use the DAV `ZipFolderPlugin`

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
author: Ferdinand Thiessen <opensource@fthiessen.de> 2024-09-26 22:31:25 +0200
committer: Ferdinand Thiessen <opensource@fthiessen.de> 2024-09-28 13:18:34 +0200
commit: e9d590674d8da6500578db4d97abae760c8525da (patch)
tree: 87d5dbfe60ea7bac3479f8d559c70082e8574f95 /apps/files_sharing/lib/Controller/ShareController.php
parent: 0f6760c810e370023728d93a31f69c79dc5c3e3d (diff)
download: nextcloud-server-e9d590674d8da6500578db4d97abae760c8525da.tar.gz
nextcloud-server-e9d590674d8da6500578db4d97abae760c8525da.zip
1 files changed, 24 insertions, 91 deletions
diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php
index 17b9c2a2196..e2b607f8eb2 100644
--- a/apps/files_sharing/lib/Controller/ShareController.php
+++ b/apps/files_sharing/lib/Controller/ShareController.php
@@ -7,8 +7,6 @@
 namespace OCA\Files_Sharing\Controller;
 
 use OC\Security\CSP\ContentSecurityPolicy;
-use OC_Files;
-use OC_Util;
 use OCA\DAV\Connector\Sabre\PublicAuth;
 use OCA\FederatedFileSharing\FederatedShareProvider;
 use OCA\Files_Sharing\Activity\Providers\Downloads;
@@ -20,6 +18,7 @@ use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
 use OCP\AppFramework\Http\Attribute\PublicPage;
 use OCP\AppFramework\Http\NotFoundResponse;
+use OCP\AppFramework\Http\RedirectResponse;
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\Defaults;
 use OCP\EventDispatcher\IEventDispatcher;
@@ -337,15 +336,15 @@ class ShareController extends AuthPublicShareController {
 	 * @NoSameSiteCookieRequired
 	 *
 	 * @param string $token
-	 * @param string $files
+	 * @param string|null $files
 	 * @param string $path
-	 * @param string $downloadStartSecret
 	 * @return void|\OCP\AppFramework\Http\Response
 	 * @throws NotFoundException
+	 * @deprecated 31.0.0 Users are encouraged to use the DAV endpoint
 	 */
 	#[PublicPage]
 	#[NoCSRFRequired]
-	public function downloadShare($token, $files = null, $path = '', $downloadStartSecret = '') {
+	public function downloadShare($token, $files = null, $path = '') {
 		\OC_User::setIncognitoMode(true);
 
 		$share = $this->shareManager->getShareByToken($token);
@@ -354,27 +353,10 @@ class ShareController extends AuthPublicShareController {
 			return new \OCP\AppFramework\Http\DataResponse('Share has no read permission');
 		}
 
-		$files_list = null;
-		if (!is_null($files)) { // download selected files
-			$files_list = json_decode($files);
-			// in case we get only a single file
-			if ($files_list === null) {
-				$files_list = [$files];
-			}
-			// Just in case $files is a single int like '1234'
-			if (!is_array($files_list)) {
-				$files_list = [$files_list];
-			}
-		}
-
 		if (!$this->validateShare($share)) {
 			throw new NotFoundException();
 		}
 
-		$userFolder = $this->rootFolder->getUserFolder($share->getShareOwner());
-		$originalSharePath = $userFolder->getRelativePath($share->getNode()->getPath());
-
-
 		// Single file share
 		if ($share->getNode() instanceof \OCP\Files\File) {
 			// Single file download
@@ -396,84 +378,35 @@ class ShareController extends AuthPublicShareController {
 				}
 			}
 
-			$originalSharePath = $userFolder->getRelativePath($node->getPath());
-
-			if ($node instanceof \OCP\Files\File) {
-				// Single file download
-				$this->singleFileDownloaded($share, $share->getNode());
-			} else {
-				try {
-					if (!empty($files_list)) {
-						$this->fileListDownloaded($share, $files_list, $node);
-					} else {
-						// The folder is downloaded
-						$this->singleFileDownloaded($share, $share->getNode());
+			if ($node instanceof \OCP\Files\Folder) {
+				if ($files === null || $files === '') {
+					// The folder is downloaded
+					$this->singleFileDownloaded($share, $share->getNode());
+				} else {
+					$fileList = json_decode($files);
+					// in case we get only a single file
+					if (!is_array($fileList)) {
+						$fileList = [$fileList];
+					}
+					foreach ($fileList as $file) {
+						$subNode = $node->get($file);
+						$this->singleFileDownloaded($share, $subNode);
 					}
-				} catch (NotFoundException $e) {
-					return new NotFoundResponse();
 				}
+			} else {
+				// Single file download
+				$this->singleFileDownloaded($share, $share->getNode());
 			}
 		}
 
-		/* FIXME: We should do this all nicely in OCP */
-		OC_Util::tearDownFS();
-		OC_Util::setupFS($share->getShareOwner());
-
-		/**
-		 * this sets a cookie to be able to recognize the start of the download
-		 * the content must not be longer than 32 characters and must only contain
-		 * alphanumeric characters
-		 */
-		if (!empty($downloadStartSecret)
-			&& !isset($downloadStartSecret[32])
-			&& preg_match('!^[a-zA-Z0-9]+$!', $downloadStartSecret) === 1) {
-			// FIXME: set on the response once we use an actual app framework response
-			setcookie('ocDownloadStarted', $downloadStartSecret, time() + 20, '/');
-		}
-
 		$this->emitAccessShareHook($share);
 		$this->emitShareAccessEvent($share, self::SHARE_DOWNLOAD);
 
-		$server_params = [ 'head' => $this->request->getMethod() === 'HEAD' ];
-
-		/**
-		 * Http range requests support
-		 */
-		if (isset($_SERVER['HTTP_RANGE'])) {
-			$server_params['range'] = $this->request->getHeader('Range');
-		}
-
-		// download selected files
-		if (!is_null($files) && $files !== '') {
-			// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
-			// after dispatching the request which results in a "Cannot modify header information" notice.
-			OC_Files::get($originalSharePath, $files_list, $server_params);
-			exit();
-		} else {
-			// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
-			// after dispatching the request which results in a "Cannot modify header information" notice.
-			OC_Files::get(dirname($originalSharePath), basename($originalSharePath), $server_params);
-			exit();
-		}
-	}
-
-	/**
-	 * create activity for every downloaded file
-	 *
-	 * @param Share\IShare $share
-	 * @param array $files_list
-	 * @param \OCP\Files\Folder $node
-	 * @throws NotFoundException when trying to download a folder or multiple files of a "hide download" share
-	 */
-	protected function fileListDownloaded(Share\IShare $share, array $files_list, \OCP\Files\Folder $node) {
-		if ($share->getHideDownload() && count($files_list) > 1) {
-			throw new NotFoundException('Downloading more than 1 file');
-		}
-
-		foreach ($files_list as $file) {
-			$subNode = $node->get($file);
-			$this->singleFileDownloaded($share, $subNode);
+		$davUrl = '/public.php/dav/files/' . $token . '/?accept=zip';
+		if ($files !== null) {
+			$davUrl .= '&files=' . $files;
 		}
+		return new RedirectResponse($this->urlGenerator->getAbsoluteURL($davUrl));
 	}
 
 	/**
author	Ferdinand Thiessen <opensource@fthiessen.de>	2024-09-26 22:31:25 +0200
committer	Ferdinand Thiessen <opensource@fthiessen.de>	2024-09-28 13:18:34 +0200
commit	e9d590674d8da6500578db4d97abae760c8525da (patch)
tree	87d5dbfe60ea7bac3479f8d559c70082e8574f95 /apps/files_sharing/lib/Controller/ShareController.php
parent	0f6760c810e370023728d93a31f69c79dc5c3e3d (diff)
download	nextcloud-server-e9d590674d8da6500578db4d97abae760c8525da.tar.gz nextcloud-server-e9d590674d8da6500578db4d97abae760c8525da.zip