[web] Show logged in users the resource location of a public link

[exalate-issue-sync]

Description

User Stories

• As a logged in user who receives a public link I want to see its location so that I don't rely on the link to find the resource.

Value

• improve collaboration

Acceptance Criteria

• If a logged in user opens a public link, the user should be redirected to the resource location within their account (if he/she has authenticated access to this resource - the owner or sharee or space member).
• If the user has no authenticated access (not the owner or sharee or space member) to the resource, the user should get redirected to a public link page (= current behaviour)
• if an unauthenticated user opens a public link and logs in, he/she should get redirected after successful login to the resource location (see first acceptance criterion)

Note: Edgcase - If the public link has more rights than the share, an authenticated user gets the permissions of the share (not of the public link). he/she would need to open a private tab in order to utilize the permission of the link.

Definition of ready

[ ] everybody needs to understand the value written in the user story
[ ] acceptance criteria has to be defined
[ ] all dependencies of the user story need to be identified
[ ] feature should be seen from an end user perspective
[ ] user story has to be estimated
[ ] story points need to be less then 20

Definition of done

• Functional requirements
  [ ] functionality described in the user story works
  [ ] acceptance criteria are fulfilled
• Quality
  [ ] codre review happened
  [ ] CI is green
  [ ] critical code received unit tests by the developer
  [ ] add 1 E2E test for an authenticated user that opens a public link and gets redirected to the correct location. Note: existing E2E might need to be changed with regards to anonymous browsercontexts.
  [ ] automated tests passed (if automated tests are not available, this test needs to be created and passed
• Non-functional requirements
  [ ] no sonar cloud issues

[elizavetaRa]

@tbsbdr tested this and in our opinion the usability of the edgecase is bad. Currently, it forces me to accept the share or redirects me to shares view instead of straight opening the content. Also, as we mentioned in some of the meetings, the maximum rights should apply in user context, it*s very unintuitive that you need to open in a private tab to get the maximum rights. The user might have no idea, where the maximum rights are, so will be very confused.

[tbsbdr]

@elizavetaRa talked with @JammingBen about our idea of always showing the public link page in-between with an option ""show location to open the actual location (scribble). this approach would bear some efforts we'd need to overcome for this cornercase. instead: would it be also useful for you to disable the resolving via cern config flag we'd provide? imo this would would be more fast-forward and if needed, we can build the "show location" feature.

Would a feature flag to disable this behaviour be okay for you?

[elizavetaRa]

@tbsbdr @JammingBen, yes, it sounds like a good solution

[JammingBen]

Behaviour has been disabled for CERN via #9651.