Guest Upload V2

[Kwonunn]

hehe sorry for the long wait :3

i've restarted development on 1.8.4, will rebase onto master when the PR is finished.

i've rewritten the entire feature from scratch and i'm taking more of a minimum viable product approach this time. first version is going to be quite limited, but that should make adding more features later a lot easier.

right now I still have to do the following things:

• un-break e2e encryption (might need some help with this but will ask)
• do a good security check to see if i haven't made any holes
• delete the token once it's been successfully used
• make a nicer result page when the upload succeeded

[Forceu]

Thanks a lot for your hard work! Let me know when it is ready for review or if you need help!

[Kwonunn]

after reading some more about how it works, i think i'm not going to do e2e encryption support for guest uploads (at least for now). it would require sending the e2e encryption key to anyone with a guest upload token which seems really insecure and a bad idea.

right now, if e2e encryption is enabled, guest uploads work just fine but won't be e2e encrypted. i think this is pretty good behaviour, but some warnings that guest uploads aren't encrypted in the docs and setup would be nice i think.

[Forceu]

In theory it would be possible to create a new key for each upload request, but to be honest I am not sure if it would be worth it. Maybe it can be implemented at some point in the future, but I don't see it as a high priority either.

[Kwonunn]

oki, i've finished everything for the first version

• E2E is now disabled for guest uploads, there's notices about this in the setup and the docs
• guest tokens are now deleted after they've been used
• after uploading the link is shown in a nicer interface

i'd like to submit the code for review now, but i would also appreciate a little help with making the guest upload result page look a little nicer. i'm not good with bootstrap/frontend so i just slapped some stuff together.

[Forceu]

Thanks, I might have some time to review it next week. Would you mind resolving the merge conflicts as well? That would make it a little bit easier

[Kwonunn]

finished the rebase, take your time with the review!

[Forceu]

Would you mind giving me write access to the branch? I would like to add a function for upgrading the database, otherwise the server crashes if started with an already existing configuration

[Kwonunn]

Done!

[Forceu]

Thank you. I am not sure if I can review the rest this week, I will probably have more time next week. Also I think it would be a better idea, if the uploaded files are listed in the upload request tab, instead of the main tab, so no confusion exists. In addition it is probably a good idea if multiple files can be uploaded at once and then are grouped together. I will look into it as well however.