From 8d5a0c6dd874e6ba9b2199348228203d542ff257 Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Wed, 10 Apr 2024 18:22:43 +0200 Subject: [PATCH] fix(public-share-auth): allow to create new documents in public share folder The public share authentication middleware only allowed to open existing documents the /app/new route was missing. Fixes #8691 --- .../unreleased/fix-adding-wopi-doc-on-public-share.md | 7 +++++++ services/proxy/pkg/middleware/public_share_auth.go | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 changelog/unreleased/fix-adding-wopi-doc-on-public-share.md diff --git a/changelog/unreleased/fix-adding-wopi-doc-on-public-share.md b/changelog/unreleased/fix-adding-wopi-doc-on-public-share.md new file mode 100644 index 0000000000..5c901ab553 --- /dev/null +++ b/changelog/unreleased/fix-adding-wopi-doc-on-public-share.md @@ -0,0 +1,7 @@ +Bugfix: Fix creating new WOPI documents on public shares + +Creating a new Office document in a publicly shared folder is now possible. + +https://github.com/owncloud/ocis/pull/8828 +https://github.com/owncloud/ocis/issues/8691 + diff --git a/services/proxy/pkg/middleware/public_share_auth.go b/services/proxy/pkg/middleware/public_share_auth.go index f66e030a00..403d5d598b 100644 --- a/services/proxy/pkg/middleware/public_share_auth.go +++ b/services/proxy/pkg/middleware/public_share_auth.go @@ -44,7 +44,7 @@ func isPublicShareArchive(r *http.Request) bool { // The app open requests can also be made in authenticated context. In these cases the PublicShareAuthenticator // needs to ignore the request. func isPublicShareAppOpen(r *http.Request) bool { - return strings.HasPrefix(r.URL.Path, "/app/open") && + return (strings.HasPrefix(r.URL.Path, "/app/open") || strings.HasPrefix(r.URL.Path, "/app/new")) && (r.URL.Query().Get(headerShareToken) != "" || r.Header.Get(headerShareToken) != "") }