feat: Add allowed_view_extensions config node
#6564
Conversation
Signed-off-by: Kostiantyn Miakshyn <[email protected]>
Koc
requested review from
juliusknorr and
max-nextcloud
and removed request for
mejo- and
max-nextcloud
Koc
force-pushed
the
feature/add-allowed-view-extensions-config
branch
from
ba678d2
to
bf2f624
Compare
|
@Koc Thanks a lot for addressing this. The current state is really confusing. I'm not sure your proposed solution is really what we want. Before diving into the code I think we should clarify that with @nextcloud/designers . We're always hesitant to add config options. However this config would not be exposed in the UI I assume. But the problematic scenario would remain for files which are not part of the I know the permission setting to prevent downloads is messy. I personally think that this should not exist for the filetypes you list as one can never prevent a screenshot or a copy and paste download. But I'll wait to hear what the designers say. |
There was a problem hiding this comment.
Generally I think it should just work and not necessitate another setting or parameter.
What exactly "just work" means for the "Prevent download" vs being able to view though, it is up to @AndyScherzinger @juliusknorr @sorbaugh to define as it is a technical and security question related to both Files and Office.
|
Hello there, We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process. Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6 Thank you for contributing to Nextcloud and we hope to hear from you soon! (If you believe you should not receive this message, you can add yourself to the blocklist.) |
|
@jancborchardt any suggestions how to make it "just works". In this case I guess we should hardcode list of extensions somewhere |
📝 Summary
It isn't possible to view md files if they were shared without allow downloading. Related to nextcloud/server#48903
🔍 Repoducer
Share file without download possibility
Try to view file as share recipient
To fix that we can introduce a new
allowed_view_extensionsconfig node.🚧 TODO
🏁 Checklist
npm run lint/npm run stylelint/composer run cs:check)