[full-ci] feat(public-links): archive downloads in public links

[fschade]

Description

We introduced archive downloads and app providers in the last weeks, in perspective of getting this out fast we decided to ship those features in small units.

Currently it is not possible to retrieve capabilities from public links which is problematic and prevents usage of features like archiving and app providers.

This is included and now loads the capabilities in public links with password protection and without.
After that was done it was needed to update the launch process of web which now also have a new livecycle hook (userReady).

This also works if the runtime user provisioning step is skipped and another application takes care, in our case the files app.
This shifts responsibility to the individual app and for now is a highly experimental api which should not be used outside of this scope.

some hacky parts are included which needs a refactoring & new design of how applications get loaded, provisioned and rendered. Different topic.

Following features benefit from it:

• create archive from an public link
• create archive from an password protected public link (currently disabled because ocis implications)
• open a file with an app provider from an public link
• open a file with an app provider from an password protected public link
• retrieving capabilities for public links

it also fixes a bug where the capabilities where not available right after a fresh login, we had to do a hard reload before this to work around it.

Related Issue

• Fixes Archive download for public links #5884
• Fixes Add acceptance tests for Public link Sharing #2479
• Fixes Flicker on boot after OAuth2 redirect #5901
• Fixes Open files via public link in associated App (Collabora, OnlyOffice, Word etc.) #5776

Motivation and Context

be able to use new features for public links also

How Has This Been Tested?

• local ocis installation

Screenshots (if appropriate):

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Technical debt
• Tests

Checklist:

• Code changes
• Unit tests added
• Acceptance tests added
• Documentation ticket raised:

Open tasks:

• write tests
• test more
• changelog, TODO is probbally not the best idea ;)

[update-docs]

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

[ownclouders]

Results for oC10SharingAccept https://drone.owncloud.com/owncloud/web/19809/11/1
💥 The acceptance tests pipeline failed. The build has been cancelled.

[ownclouders]

Results for oCISBasic https://drone.owncloud.com/owncloud/web/19864/49/1
💥 The acceptance tests pipeline failed. The build has been cancelled.

[labkode]

• create archive from an password protected public link (currently disabled because ocis implications)

@fschade can you give a pointer to this limitation?

[wkloucek]

I did not succeed in the bookmark usecase for the app provider:

• open a file in X (OnlyOffice / Collabora / CodiMD) from a public link and copy the URL (looks like this: https://ocis.owncloud.test/#/external/Collabora/MTI4NGQyMzgtYWE5Mi00MmNlLWJkYzQtMGIwMDAwMDA5MTU3OmU4ZWRlODQ3LWEwYTUtNGEwNC04Y2UxLWZjNzU4MjRmOGMwNw==?public-token=plcHEpAChHAHzZS)
• open the URL in a new browser / incognito tab
• enjoy the infinite loading spinnner. I would expect the document to open. The console gives me TypeError: Cannot read properties of undefined (reading 'app_providers')

[wkloucek]

• open a file with an app provider from an password protected public link

Is this already supposed to work?
I didn't succeed with this. I get a basic auth popup and if i cancel that, I don't have the apps in the context menues.

Peek.2021-10-22.08-37.mp4

[wkloucek]

Nothing related to Web, but I am currently able to edit and save changes to files I received with a "viewer" public link. This needs to be fixed Reva.

[wkloucek]

Also the public token auth impersonates the original sharer and therefore the apps show the original sharer as user. It should be highlighted that it isn't the original sharer but an anonymous user granted by the original sharer.

[labkode]

Nothing related to Web, but I am currently able to edit and save changes to files I received with a "viewer" public link. This needs to be fixed Reva.

@C0rby can you look into this one?

[fschade]

• open a file with an app provider from an password protected public link

Is this already supposed to work? I didn't succeed with this. I get a basic auth popup and if i cancel that, I don't have the apps in the context menues.

Peek.2021-10-22.08-37.mp4

good point, i only tested it to open the link after files app showed up at least once, this is a bug. Thanks

[fschade]

@wkloucek the bookmark thing should work now.
@labkode we are at the moment not able to use the archiver from a public link, we have no way for now to pass the publikPassword to the backend.

Same could apply for appProviders if the link is bookmarked and the user haven't already provided his password

[CLAassistant]

All committers have signed the CLA.

[ownclouders]

Results for oCISSharingInternalUsers2 https://drone.owncloud.com/owncloud/web/20042/58/1
💥 The acceptance tests pipeline failed. The build has been cancelled.

[ownclouders]

Results for oCISSharingInternalUsers2 https://drone.owncloud.com/owncloud/web/20048/58/1
💥 The acceptance tests pipeline failed. The build has been cancelled.

[ownclouders]

Results for oCISFiles2 https://drone.owncloud.com/owncloud/web/20049/55/1
💥 The acceptance tests pipeline failed. The build has been cancelled.

[kulmann]

LGTM, hacky parts are ok for now

[ownclouders]

Results for oC10Files1 https://drone.owncloud.com/owncloud/web/20109/15/1
The following scenarios passed on retry:

• webUIFilesActionMenu/versions.feature:15

[wkloucek]

Nothing related to Web, but I am currently able to edit and save changes to files I received with a "viewer" public link. This needs to be fixed Reva.

@C0rby can you look into this one?

Will be fixed in cs3org/reva#2214

[sonarcloud]

SonarCloud Quality Gate failed.   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
7 Code Smells

10.4% Coverage
0.0% Duplication

[ownclouders]

Results for oC10Sharing1 https://drone.owncloud.com/owncloud/web/20122/19/1
The following scenarios passed on retry:

• webUISharingExpirationDate/shareWithExpirationDate.feature:14

[diocas]

With this PR merges, does that mean that all the others (#5863 #2479) can be closed?
Does this require anything special from the backend? What I'm seeing from a quick test, is a call to capabilities without any token (which in our case falls back to basic auth). I cancel the auth and the page loads, but then I don't see any call to the apps provider, hence no apps.
(using my text-editor app it redirects me to the idp, I guess I need to set the route as non authenticated? I already have a special route for public-links)

[wkloucek]

With this PR merges, does that mean that all the others (#5863 #2479) can be closed? Does this require anything special from the backend? What I'm seeing from a quick test, is a call to capabilities without any token (which in our case falls back to basic auth). I cancel the auth and the page loads, but then I don't see any call to the apps provider, hence no apps. (using my text-editor app it redirects me to the idp, I guess I need to set the route as non authenticated? I already have a special route for public-links)

cs3org/reva#2143 and owncloud/ocis#2536 needs to be there. The authentication for the capabilities request is done with the public-token header. A curl example would be curl 'https://ocis.ocis-traefik.latest.owncloud.works/ocs/v1.php/cloud/capabilities?format=json' -H 'PUBLIC-TOKEN:KvhXJieGpENGXgQ' but KvhXJieGpENGXgQ needs to be a valid / existing public link token

[diocas]

@ishank011

[wkloucek]

@ishank011 please consider using it in combination with cs3org/reva#2214 only

[ishank011]

Thanks @wkloucek! I'll review that PR asap

[fschade]

@diocas please note this only works for public links without password, #5863 is used as tracking for public links with password