fix(Wopi): fall back to super share if share token is not available

blizzz · elzody · commit c47507c59547 · 2025-05-06T17:25:13.000-04:00
On internal shares the controller is called without the share token. But
necessary information, like share attributes, might be necessary to know
and are available from the super share of the SharedStorage in that case.

For this approach was used elsewhere, too, some repetitive code was
consolidated in the Helper class.

Signed-off-by: Arthur Schiwon &lt;blizzz@arthur-schiwon.de&gt;
diff --git a/lib/Controller/AssetsController.php b/lib/Controller/AssetsController.php
@@ -6,9 +6,9 @@
 
 namespace OCA\Richdocuments\Controller;
 
-use OCA\Files_Sharing\SharedStorage;
 use OCA\Richdocuments\Controller\Attribute\RestrictToWopiServer;
 use OCA\Richdocuments\Db\AssetMapper;
+use OCA\Richdocuments\Helper;
 use OCA\Richdocuments\Service\UserScopeService;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Db\DoesNotExistException;
@@ -36,6 +36,7 @@ public function __construct(
 		private IURLGenerator $urlGenerator,
 		private IManager $taskProcessingManager,
 		private IL10N $l10n,
+		private Helper $helper,
 	) {
 		parent::__construct($appName, $request);
 	}
@@ -57,14 +58,12 @@ public function create($path) {
 				return new JSONResponse([], Http::STATUS_NOT_FOUND);
 			}
 
-			$storage = $node->getStorage();
-			if ($storage->instanceOfStorage(SharedStorage::class)) {
-				/** @var SharedStorage $storage */
-				$share = $storage->getShare();
-				$attributes = $share->getAttributes();
-				if ($attributes !== null && $attributes->getAttribute('permissions', 'download') === false) {
-					throw new NotPermittedException();
-				}
+			$share = $this->helper->getShareFromNode($node);
+			$attributes = $share?->getAttributes();
+			if ($attributes !== null
+				&& $attributes->getAttribute('permissions', 'download') === false
+			) {
+				throw new NotPermittedException();
 			}
 		} catch (NotFoundException) {
 			return new JSONResponse([], Http::STATUS_NOT_FOUND);
diff --git a/lib/Controller/WopiController.php b/lib/Controller/WopiController.php
@@ -92,6 +92,7 @@ public function __construct(
 		private TaskProcessingManager $taskProcessingManager,
 		private SettingsService $settingsService,
 		private CapabilitiesService $capabilitiesService,
+		private Helper $helper,
 	) {
 		parent::__construct($appName, $request);
 	}
@@ -219,7 +220,7 @@ public function checkFileInfo(string $fileId, string $access_token): JSONRespons
 			$response['TemplateSource'] = $this->getWopiUrlForTemplate($wopi);
 		}
 
-		$share = $this->getShareForWopiToken($wopi);
+		$share = $this->getShareForWopiToken($wopi, $file);
 		if ($this->permissionManager->shouldWatermark($file, $wopi->getEditorUid(), $share)) {
 			$email = $user !== null && !$isPublic ? $user->getEMailAddress() : '';
 			$currentDateTime = new \DateTime(
@@ -925,9 +926,13 @@ private function getFileForWopiToken(Wopi $wopi) {
 		return array_shift($files);
 	}
 
-	private function getShareForWopiToken(Wopi $wopi): ?IShare {
+	private function getShareForWopiToken(Wopi $wopi, File $file): ?IShare {
 		try {
-			return $wopi->getShare() ? $this->shareManager->getShareByToken($wopi->getShare()) : null;
+			$shareToken = $wopi->getShare();
+			if ($shareToken) {
+				return $this->shareManager->getShareByToken($shareToken);
+			}
+			return $this->helper->getShareFromNode($file);
 		} catch (ShareNotFound) {
 		}
 
diff --git a/lib/Helper.php b/lib/Helper.php
@@ -7,7 +7,11 @@
 
 use DateTime;
 use DateTimeZone;
+use OCA\Files_Sharing\SharedStorage;
 use OCP\Files\Folder;
+use OCP\Files\Node;
+use OCP\Files\NotFoundException;
+use OCP\Share\IShare;
 
 class Helper {
 	/**
@@ -82,4 +86,17 @@ public function getGuestNameFromCookie() {
 		}
 		return $_COOKIE['guestUser'];
 	}
+
+	public function getShareFromNode(Node $node): ?IShare {
+		try {
+			$storage = $node->getStorage();
+		} catch (NotFoundException) {
+			return null;
+		}
+		if ($storage->instanceOfStorage(SharedStorage::class)) {
+			/** @var SharedStorage $storage */
+			return $storage->getShare();
+		}
+		return null;
+	}
 }
diff --git a/lib/Listener/BeforeFetchPreviewListener.php b/lib/Listener/BeforeFetchPreviewListener.php
@@ -10,7 +10,7 @@
 
 namespace OCA\Richdocuments\Listener;
 
-use OCA\Files_Sharing\SharedStorage;
+use OCA\Richdocuments\Helper;
 use OCA\Richdocuments\PermissionManager;
 use OCP\EventDispatcher\Event;
 use OCP\EventDispatcher\IEventListener;
@@ -20,7 +20,6 @@
 use OCP\Preview\BeforePreviewFetchedEvent;
 use OCP\Share\Exceptions\ShareNotFound;
 use OCP\Share\IManager;
-use OCP\Share\IShare;
 
 /** @template-implements IEventListener<Event|BeforePreviewFetchedEvent> */
 class BeforeFetchPreviewListener implements IEventListener {
@@ -29,6 +28,7 @@ public function __construct(
 		private IUserSession $userSession,
 		private IRequest $request,
 		private IManager $shareManager,
+		private Helper $helper,
 	) {
 	}
 
@@ -38,20 +38,12 @@ public function handle(Event $event): void {
 		}
 		$shareToken = $this->request->getParam('token');
 
-		$share = null;
-
-		// Get share for internal shares
-		$storage = $event->getNode()->getStorage();
-		if (!$shareToken && $storage->instanceOfStorage(SharedStorage::class)) {
-			if (method_exists(IShare::class, 'getAttributes')) {
-				/** @var SharedStorage $storage */
-				$share = $storage->getShare();
-			}
-		}
-
-		// Get different share for public previews as the share from the node is only set for mounted shares
 		try {
-			$share = $shareToken ? $this->shareManager->getShareByToken($shareToken) : $share;
+			$share = $shareToken ?
+				// Get different share for public previews as the share from the node is only set for mounted shares
+				$this->shareManager->getShareByToken($shareToken)
+				// Get share for internal shares
+				: $this->helper->getShareFromNode($event->getNode());
 		} catch (ShareNotFound) {
 		}
 
diff --git a/lib/TokenManager.php b/lib/TokenManager.php
@@ -7,7 +7,6 @@
 namespace OCA\Richdocuments;
 
 use Exception;
-use OCA\Files_Sharing\SharedStorage;
 use OCA\Richdocuments\Db\Direct;
 use OCA\Richdocuments\Db\Wopi;
 use OCA\Richdocuments\Db\WopiMapper;
@@ -24,7 +23,6 @@
 use OCP\IURLGenerator;
 use OCP\Share\Exceptions\ShareNotFound;
 use OCP\Share\IManager;
-use OCP\Share\IShare;
 use OCP\Util;
 use Psr\Log\LoggerInterface;
 
@@ -83,19 +81,13 @@ public function generateWopiToken(string $fileId, ?string $shareToken = null, ?s
 
 			// disable download if at least one shared access has it disabled
 			foreach ($files as $file) {
-				$storage = $file->getStorage();
-				// using string as we have no guarantee that "files_sharing" app is loaded
-				if ($storage->instanceOfStorage(SharedStorage::class)) {
-					if (!method_exists(IShare::class, 'getAttributes')) {
-						break;
-					}
-					/** @var SharedStorage $storage */
-					$share = $storage->getShare();
-					$attributes = $share->getAttributes();
-					if ($attributes !== null && $attributes->getAttribute('permissions', 'download') === false) {
-						$hideDownload = true;
-						break;
-					}
+				$share = $this->helper->getShareFromNode($file);
+				$attributes = $share?->getAttributes();
+				if ($attributes !== null
+					&& $attributes->getAttribute('permissions', 'download') === false
+				) {
+					$hideDownload = true;
+					break;
 				}
 			}
 		}
