Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug]: share by mail: password not automatically set although passwords enforced #43919

Closed
5 of 8 tasks
LM-vb opened this issue Feb 29, 2024 · 13 comments · Fixed by #44184 or #44571
Closed
5 of 8 tasks

[Bug]: share by mail: password not automatically set although passwords enforced #43919

LM-vb opened this issue Feb 29, 2024 · 13 comments · Fixed by #44184 or #44571
Assignees
Labels
1. to develop Accepted and waiting to be taken care of 28-feedback bug feature: sharing

Comments

@LM-vb
Copy link

LM-vb commented Feb 29, 2024

⚠️ This issue respects the following points: ⚠️

Bug description

If creating a share by mail and the usage of a password is enforced (Administration settings -> Sharing -> Allow users to share via link an emails -> Enforce password protection), the password field is not prefilled (as it was until NC 28.0.2). A click on "Save share" leads to an error message and the share is not being created.

Steps to reproduce

  1. Pick a file/folder to share by mail
  2. Type in email
  3. Click "Save share"

Expected behavior

A password should be automatically created and inserted/suggested in the password field.

Installation method

Community Manual installation with Archive

Nextcloud Server version

28

Operating system

Other

PHP engine version

PHP 8.3

Web server

Apache (supported)

Database engine version

PostgreSQL

Is this bug present after an update or on a fresh install?

Updated from a MINOR version (ex. 22.1 to 22.2)

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

  • Default user-backend (database)
  • LDAP/ Active Directory
  • SSO - SAML
  • Other

Configuration report

{
    "system": {
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "***REMOVED SENSITIVE VALUE***"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "pgsql",
        "default_phone_region": "DE",
        "version": "28.0.3.2",
        "overwrite.cli.url": "***REMOVED SENSITIVE VALUE***",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "skeletondirectory": "",
        "memcache.local": "\\OC\\Memcache\\Redis",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "filelocking.enabled": true,
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 0,
            "dbindex": 0,
            "timeout": 0
        },
        "session_lifetime": 3600,
        "session_keepalive": false,
        "tempdirectory": "***REMOVED SENSITIVE VALUE***",
        "remember_login_cookie_lifetime": 0,
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpmode": "smtp",
        "mail_sendmailmode": "smtp",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "25",
        "maintenance": false,
        "theme": "",
        "loglevel": 2,
        "log.condition": {
            "apps": [
                "admin_audit"
            ]
        },
        "default_language": "en",
        "default_locale": "en_GB",
        "knowledgebaseenabled": false,
        "simpleSignUpLink.shown": false,
        "auth.webauthn.enabled": false,
        "updater.release.channel": "stable",
        "trashbin_retention_obligation": "auto, 30",
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "maintenance_window_start": 2,
        "updater.secret": "***REMOVED SENSITIVE VALUE***"
    }
}

List of activated Apps

Enabled:
  - activity: 2.20.0
  - admin_audit: 1.18.0
  - announcementcenter: 6.7.0
  - bruteforcesettings: 2.8.0
  - checksum: 1.2.3
  - cloud_federation_api: 1.11.0
  - comments: 1.18.0
  - contactsinteraction: 1.9.0
  - dav: 1.29.1
  - federatedfilesharing: 1.18.0
  - files: 2.0.0
  - files_automatedtagging: 1.18.0
  - files_pdfviewer: 2.9.0
  - files_reminders: 1.1.0
  - files_sharing: 1.20.0
  - files_trashbin: 1.18.0
  - files_versions: 1.21.0
  - files_zip: 1.5.0
  - impersonate: 1.15.0
  - logreader: 2.13.0
  - lookup_server_connector: 1.16.0
  - nextcloud_announcements: 1.17.0
  - notifications: 2.16.0
  - oauth2: 1.16.3
  - password_policy: 1.18.0
  - photos: 2.4.0
  - privacy: 1.12.0
  - provisioning_api: 1.18.0
  - quota_warning: 1.18.0
  - related_resources: 1.3.0
  - serverinfo: 1.18.0
  - settings: 1.10.1
  - sharebymail: 1.18.0
  - support: 1.11.0
  - survey_client: 1.16.0
  - systemtags: 1.18.0
  - theming: 2.3.0
  - twofactor_backupcodes: 1.17.0
  - updatenotification: 1.18.0
  - viewer: 2.2.0
  - workflowengine: 2.10.0
Disabled:
  - circles: 28.0.0-dev (installed 22.1.1)
  - contacts: 5.5.2 (installed 5.5.2)
  - dashboard: 7.8.0 (installed 7.0.0)
  - encryption: 2.16.0
  - extract: 1.3.6 (installed 1.3.6)
  - federation: 1.18.0 (installed 1.10.1)
  - files_downloadactivity: 1.16.0 (installed 1.16.0)
  - files_external: 1.20.0
  - files_retention: 1.17.0 (installed 1.17.0)
  - files_rightclick: 0.15.1 (installed 1.6.0)
  - firstrunwizard: 2.17.0 (installed 2.9.0)
  - flow_notifications: 1.8.0 (installed 1.8.0)
  - mediadc: 0.3.8 (installed 0.3.8)
  - previewgenerator: 5.4.0 (installed 5.4.0)
  - quicknotes: 0.8.22 (installed 0.8.22)
  - recommendations: 2.0.0 (installed 0.8.0)
  - suspicious_login: 6.0.0
  - text: 3.9.1 (installed 3.1.0)
  - theming_customcss: 1.15.0 (installed 1.15.0)
  - twofactor_totp: 10.0.0-beta.2
  - user_ldap: 1.19.0
  - user_status: 1.8.1 (installed 1.0.1)
  - weather_status: 1.8.0 (installed 1.0.0)

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

No response

Additional info

Bug found in NC 28.0.3

@sorbaugh
Copy link
Contributor

sorbaugh commented Mar 4, 2024

@fenn-cs do you think this is a frontend issue only? can you provide a quick check 🙏

@nfebe
Copy link
Contributor

nfebe commented Mar 4, 2024

@sorbaugh It appears to be at the frontend level

@nfebe nfebe added 1. to develop Accepted and waiting to be taken care of and removed 0. Needs triage Pending check for reproducibility or if it fits our roadmap labels Mar 4, 2024
@daveatpinellas
Copy link

This bug seems to have been a backport into version 27 and now 27 is affected. I tried to apply 27.1.7 this morning and my post upgrade quality testing had this same issue. In version 27.1.7, the UI for automated password appears to be filled as expected. However when you attempt to save the link it fails and displays "Error creating the share: Passwords are enforced for link and mail shares". If you manually type in a password into the password field it works and the share is saved with success. I rolled back to my 27.1.6 snapshot and it immediately worked again as expected. So in some way, the automated password is being put into the UI but the variable is not being loaded correctly until a manual password is entered.

I have another test instance with 27.1.7 and can easily replicate. Happy to test patches.

screenshot

@MalteP
Copy link

MalteP commented Mar 7, 2024

When "Always ask for password" is enabled, but passwort not enforced, share links are created with a password while share by mail does not set a password.

Also share by mail seems to ignore the default link expiration date!

Tested on NC 28.0.3.

Settings:
share_mail_settings

Share by mail - no password, no expiration date:
share_mail

Share by link - working as expected:
share_link

@nfebe nfebe self-assigned this Mar 7, 2024
@ElSi-DVT
Copy link

ElSi-DVT commented Mar 11, 2024

Same problem here. (NC 27.1.7)

@sanidzinic
Copy link

Same Problem here, (NC 27.1.7)

nfebe added a commit that referenced this issue Mar 13, 2024
Before the password is set on a new share, the computed property `hasUnsavedPassword`
is used to check that `this.share.newPassword` is not undefined. Direct assignment without
using Vue's `this.$set` makes it impossible for vue to detect that changes have happened on the share
object. Hence the inreactivity.

This worked initially most likely because `this.share.newPassword = await GeneratePassword()` was executed
before the computed properties where evaluated.

Resolves : #43919

Signed-off-by: fenn-cs <[email protected]>
nfebe added a commit that referenced this issue Mar 13, 2024
Before the password is set on a new share, the computed property `hasUnsavedPassword`
is used to check that `this.share.newPassword` is not undefined. Direct assignment without
using Vue's `this.$set` makes it impossible for vue to detect that changes have happened on the share
object. Hence the inreactivity.

This worked initially most likely because `this.share.newPassword = await GeneratePassword()` was executed
before the computed properties where evaluated.

Resolves : #43919

Signed-off-by: fenn-cs <[email protected]>
backportbot bot pushed a commit that referenced this issue Mar 14, 2024
Before the password is set on a new share, the computed property `hasUnsavedPassword`

is used to check that `this.share.newPassword` is not undefined. Direct assignment without

using Vue's `this.$set` makes it impossible for vue to detect that changes have happened on the share

object. Hence the inreactivity.

This worked initially most likely because `this.share.newPassword = await GeneratePassword()` was executed

before the computed properties where evaluated.

Resolves : #43919

Signed-off-by: fenn-cs <[email protected]>

[skip ci]
backportbot bot pushed a commit that referenced this issue Mar 14, 2024
Before the password is set on a new share, the computed property `hasUnsavedPassword`

is used to check that `this.share.newPassword` is not undefined. Direct assignment without

using Vue's `this.$set` makes it impossible for vue to detect that changes have happened on the share

object. Hence the inreactivity.

This worked initially most likely because `this.share.newPassword = await GeneratePassword()` was executed

before the computed properties where evaluated.

Resolves : #43919

Signed-off-by: fenn-cs <[email protected]>

[skip ci]
susnux pushed a commit that referenced this issue Mar 14, 2024
Before the password is set on a new share, the computed property `hasUnsavedPassword`
is used to check that `this.share.newPassword` is not undefined. Direct assignment without
using Vue's `this.$set` makes it impossible for vue to detect that changes have happened on the share
object. Hence the inreactivity.
This worked initially most likely because `this.share.newPassword = await GeneratePassword()` was executed
before the computed properties where evaluated.
Resolves : #43919

Signed-off-by: fenn-cs <[email protected]>
nfebe added a commit that referenced this issue Mar 14, 2024
Before the password is set on a new share, the computed property `hasUnsavedPassword`

is used to check that `this.share.newPassword` is not undefined. Direct assignment without

using Vue's `this.$set` makes it impossible for vue to detect that changes have happened on the share

object. Hence the inreactivity.

This worked initially most likely because `this.share.newPassword = await GeneratePassword()` was executed

before the computed properties where evaluated.

Resolves : #43919

Signed-off-by: fenn-cs <[email protected]>
susnux pushed a commit that referenced this issue Mar 14, 2024
Before the password is set on a new share, the computed property `hasUnsavedPassword`
is used to check that `this.share.newPassword` is not undefined. Direct assignment without
using Vue's `this.$set` makes it impossible for vue to detect that changes have happened on the share
object. Hence the inreactivity.
This worked initially most likely because `this.share.newPassword = await GeneratePassword()` was executed
before the computed properties where evaluated.
Resolves : #43919

Signed-off-by: fenn-cs <[email protected]>
@dea-75
Copy link

dea-75 commented Mar 28, 2024

On 28.0.4 (final) the problem persist :(

@spideynn
Copy link

spideynn commented Mar 28, 2024

Just upgraded to 28.0.4. It works if the default share permissions under Admin -> Sharing have some permissions enabled, but if the permissions are set to either all enabled or all disabled (view only) it breaks and the password doesn't generate.

@LM-vb
Copy link
Author

LM-vb commented Mar 28, 2024

I can confirm. This bug still exists in 28.0.4. Steps to reproduce are identical to the initial bug report.

@daveatpinellas
Copy link

Confirmed, still broken in 28.0.4 and 27.1.8.
27.1.8, the auto generated password is sitting in the UI but it seems not to 'see' it. The only work around is to hand type in your own password.

@Dennis1993 Dennis1993 reopened this Mar 28, 2024
@susnux
Copy link
Contributor

susnux commented Mar 29, 2024

Fix in #44571

@MalteP
Copy link

MalteP commented May 2, 2024

When "Always ask for password" is enabled, but passwort not enforced, share links are created with a password while share by mail does not set a password.

Problem still persists on NC 28.0.5 and 29.0.0.

@susnux
Copy link
Contributor

susnux commented May 2, 2024

When "Always ask for password" is enabled, but passwort not enforced, share links are created with a password while share by mail does not set a password.

Problem still persists on NC 28.0.5 and 29.0.0.

@MalteP please open a new issue, this is unrelated to this one. This one was about enforced passwords, which is fixed now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
1. to develop Accepted and waiting to be taken care of 28-feedback bug feature: sharing
Projects
None yet