Merge pull request #41742 from nextcloud/backport/41685/stable28

[stable28] Ensure share has download permissions in F2V
2026-06-08 16:26:59 -04:00 · 2023-11-24 21:15:32 +01:00 · 2023-11-24 21:15:32 +01:00 · 919b448bb6
commit 919b448bb6
parent 9b752d977f 15e4c78014
3 changed files with 20 additions and 6 deletions
--- a/apps/files/src/actions/downloadAction.ts
+++ b/apps/files/src/actions/downloadAction.ts
@ -41,6 +41,22 @@ const downloadNodes = function(dir: string, nodes: Node[]) {
 	triggerDownload(url)
 }

+const isDownloadable = function(node: Node) {
+	if ((node.permissions & Permission.READ) === 0) {
+		return false
+	}
+
+	// If the mount type is a share, ensure it got download permissions.
+	if (node.attributes['mount-type'] === 'shared') {
+		const downloadAttribute = JSON.parse(node.attributes['share-attributes']).find((attribute: { scope: string; key: string }) => attribute.scope === 'permissions' && attribute.key === 'download')
+		if (downloadAttribute !== undefined && downloadAttribute.enabled === false) {
+			return false
+		}
+	}
+
+	return true
+}
+
 export const action = new FileAction({
 	id: 'download',
 	displayName: () => t('files', 'Download'),
@ -59,9 +75,7 @@ export const action = new FileAction({
 			return false
 		}

-		return nodes
-			.map(node => node.permissions)
-			.every(permission => (permission & Permission.READ) !== 0)
+		return nodes.every(isDownloadable)
 	},

 	async exec(node: Node, view: View, dir: string) {
--- a/dist/files-init.js
+++ b/dist/files-init.js
--- a/dist/files-init.js.map
+++ b/dist/files-init.js.map