Merge pull request #10494 from owncloud/fix-public-link-file-download

fix: public link download in authenticated context
owncloud · Feb 19, 2024 · dc1cb59 · dc1cb59
2 parents 6fca4f4 + 7d01eea
commit dc1cb59
Show file tree

Hide file tree

Showing 3 changed files with 60 additions and 10 deletions.
diff --git a/changelog/unreleased/bugfix-public-link-file-download b/changelog/unreleased/bugfix-public-link-file-download
@@ -0,0 +1,6 @@
+Bugfix: Public link file download
+
+We've fixed a bug where the download of a file from a public link was not working when the user had logged in already. The download only worked if no user was logged in.
+
+https://github.com/owncloud/web/issues/10473
+https://github.com/owncloud/web/pull/10494
diff --git a/packages/web-pkg/src/composables/download/useDownloadFile.ts b/packages/web-pkg/src/composables/download/useDownloadFile.ts
@@ -24,18 +24,27 @@ export const useDownloadFile = (options?: DownloadFileOptions) => {
     const { owncloudSdk: client } = clientService
     const isUserContext = store.getters['runtime/auth/isUserContextReady']
 
-    // construct the url and headers
-    let url
-    if (unref(isPublicLinkContext)) {
-      url = file.downloadURL
-    } else {
-      if (version === null) {
-        url = `${client.helpers._davPath}${file.webDavPath}`
-      } else {
-        url = client.fileVersions.getFileVersionUrl(file.fileId, version)
+    // public links have a pre-signed download url
+    if (file.downloadURL) {
+      try {
+        triggerDownloadWithFilename(file.downloadURL, file.name)
+      } catch (e) {
+        console.error(e)
+        store.dispatch('showErrorMessage', {
+          title: $gettext('Download failed'),
+          desc: $gettext('File could not be located'),
+          errors: [e]
+        })
       }
+      return
     }
 
+    // construct the download url
+    const url =
+      version === null
+        ? `${client.helpers._davPath}${file.webDavPath}`
+        : client.fileVersions.getFileVersionUrl(file.fileId, version)
+
     // download with signing enabled
     if (isUserContext && unref(isUrlSigningEnabled)) {
       const httpClient = clientService.httpAuthenticated

diff --git a/tests/e2e/cucumber/features/smoke/shares/link.feature b/tests/e2e/cucumber/features/smoke/shares/link.feature
@@ -42,6 +42,10 @@ Feature: link
       | lorem.txt     | lorem_new.txt    |
       | textfile.txt  | textfile_new.txt |
       | new-lorem.txt | test.txt         |
+    #    currently upload folder feature is not available in playwright
+    #    And "Anonymous" uploads the following resources in public link page
+    #      | resource              |
+    #      | filesForUpload/PARENT |
     And "Alice" removes the public link named "myPublicLink" of resource "folderPublic"
     And "Anonymous" should not be able to open the old link "myPublicLink"
     And "Alice" logs out
@@ -69,6 +73,7 @@ Feature: link
     Given "Admin" creates following user using API
       | id    |
       | Brian |
+      | Carol |
     And "Alice" logs in
     And "Alice" creates the following resources
       | resource     | type   |
@@ -97,9 +102,14 @@ Feature: link
     And "Alice" creates a public link for the resource "testavatar.jpg" with password "%public%" using the sidebar panel
     And "Alice" renames the most recently created public link of resource "testavatar.jpg" to "imageLink"
     And "Alice" logs out
+
+    # authenticated user with access to resources. should be redirected to shares with me page
     And "Brian" logs in
     When "Brian" opens the public link "folderLink"
     And "Brian" unlocks the public link with password "%public%"
+    And "Brian" downloads the following public link resources using the sidebar panel
+      | resource         | type |
+      | shareToBrian.txt | file |
     And "Brian" uploads the following resources
       | resource  |
       | lorem.txt |
@@ -121,6 +131,32 @@ Feature: link
     And "Brian" closes the file viewer
     And "Brian" logs out
 
+    # authenticated user without access to resources. should be redirected to the public links page
+    And "Carol" logs in
+    When "Carol" opens the public link "folderLink"
+    And "Carol" unlocks the public link with password "%public%"
+    # https://github.com/owncloud/web/issues/10473
+    And "Carol" downloads the following public link resources using the sidebar panel
+      | resource  | type |
+      | lorem.txt | file |
+    When "Carol" opens the public link "textLink"
+    And "Carol" unlocks the public link with password "%public%"
+    Then "Carol" is in a text-editor
+    And "Carol" closes the file viewer
+    When "Carol" opens the public link "markdownLink"
+    And "Carol" unlocks the public link with password "%public%"
+    Then "Carol" is in a text-editor
+    And "Carol" closes the file viewer
+    When "Carol" opens the public link "pdfLink"
+    And "Carol" unlocks the public link with password "%public%"
+    Then "Carol" is in a pdf-viewer
+    And "Carol" closes the file viewer
+    When "Carol" opens the public link "imageLink"
+    And "Carol" unlocks the public link with password "%public%"
+    Then "Carol" is in a image-viewer
+    And "Carol" closes the file viewer
+    And "Carol" logs out
+
 
   Scenario: add banned password for public link
     When "Alice" logs in
@@ -148,4 +184,3 @@ Feature: link
     And "Anonymous" opens the public link "myPublicLink"
     And "Anonymous" unlocks the public link with password "%copied_password%"
     And "Alice" logs out
-