Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

public sharing #121

Merged
merged 4 commits into from
Sep 11, 2024
Merged

public sharing #121

merged 4 commits into from
Sep 11, 2024

Conversation

hweihwang
Copy link
Contributor

No description provided.

@hweihwang hweihwang requested a review from juliusknorr August 23, 2024 08:44
juliusknorr
juliusknorr reviewed Aug 23, 2024
View reviewed changes
src/main.tsx Outdated

const publicSharingToken = document.getElementById('sharingToken')?.value || null

if (publicSharingToken) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should also limit this to single file shares (see https://github.com/nextcloud/text/blob/main/src/public.js#L143-L151 how text checks for if a files table is rendered)

@hweihwang hweihwang force-pushed the feat/public-sharing branch from bd1fcf6 to 2c52b6d Compare August 28, 2024 10:27
@hweihwang hweihwang marked this pull request as ready for review August 28, 2024 10:47
@hweihwang hweihwang force-pushed the feat/public-sharing branch 5 times, most recently from 82a682a to 9a6aad5 Compare September 2, 2024 07:06
@juliusknorr
Copy link
Member

We should make sure to set the viewModeEnabled to enforce read only depending on permissions in the frontend: https://docs.excalidraw.com/docs/@excalidraw/excalidraw/api/props/#viewmodeenabled

In addition we should also block handling SCENE_INIT payloads from read only clients on the node backend

@hweihwang
Copy link
Contributor Author

@juliushaertl Yes we already have that and working okay with sharing to specific person:

async serverBroadcastHandler(socket, roomID, encryptedData, iv) {
		const isReadOnly = await this.isSocketReadOnly(socket.id)
		if (!socket.rooms.has(roomID) || isReadOnly) return

		socket.broadcast.to(roomID).emit('client-broadcast', encryptedData, iv)

		const decryptedData = JSON.parse(Utils.convertArrayBufferToString(encryptedData))
		const socketData = await this.socketDataManager.getSocketData(socket.id)
		const userSocketsAndIds = await this.getUserSocketsAndIds(roomID)

		await this.roomDataManager.syncRoomData(
			roomID,
			decryptedData.payload.elements,
			userSocketsAndIds.map(u => u.userId),
			socketData.user.id,
		)
	}

this.socket.on('read-only', () => this.handleReadOnlySocket())

Find out that i have wrongly taken the permissions of the Share, it should be $share->getPermissions() instead of getting the File of that Share first and do $file->getPermissions(), correct me if I'm wrong :)

@juliusknorr
Copy link
Member

Ok, strange, I would actually expect $share->getNode()->getPermissions() to return the correct ones as well

@hweihwang hweihwang linked an issue Sep 4, 2024 that may be closed by this pull request
Change default styles #55
Closed
2 tasks
@juliusknorr juliusknorr merged commit f77d91a into main Sep 11, 2024
23 checks passed
@juliusknorr juliusknorr deleted the feat/public-sharing branch September 11, 2024 08:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@juliusknorr juliusknorr juliusknorr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Change default styles
2 participants
@hweihwang @juliusknorr