feat(files_sharing): add config option for extending link-share permissions

This allows the admin to control the behavior whether link shares with
READ permissions should be extended to also gain SHARE permissions,
allowing users (public share receivers) to add the share to their cloud.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

Author: susnux

apps/files_sharing/lib/Controller/ShareAPIController.php

@@ -10,6 +10,7 @@
 namespace OCA\Files_Sharing\Controller;
 
 use Exception;
+use OC\Core\AppInfo\ConfigLexicon;
 use OC\Files\Storage\Wrapper\Wrapper;
 use OCA\Circles\Api\v1\Circles;
 use OCA\Files\Helper;
@@ -39,6 +40,7 @@
 use OCP\Files\Node;
 use OCP\Files\NotFoundException;
 use OCP\HintException;
+use OCP\IAppConfig;
 use OCP\IConfig;
 use OCP\IDateTimeZone;
 use OCP\IGroupManager;
@@ -86,6 +88,7 @@ public function __construct(
 		private IURLGenerator $urlGenerator,
 		private IL10N $l,
 		private IConfig $config,
+		private IAppConfig $appConfig,
 		private IAppManager $appManager,
 		private ContainerInterface $serverContainer,
 		private IUserStatusManager $userStatusManager,
@@ -967,9 +970,9 @@ private function getLinkSharePermissions(?int $permissions, ?bool $legacyPublicU
 				: Constants::PERMISSION_READ;
 		}
 
-		// TODO: It might make sense to have a dedicated setting to allow/deny converting link shares into federated ones
 		if ($this->hasPermission($permissions, Constants::PERMISSION_READ)
-			&& $this->shareManager->outgoingServer2ServerSharesAllowed()) {
+			&& $this->shareManager->outgoingServer2ServerSharesAllowed()
+			&& $this->appConfig->getValueBool('core', ConfigLexicon::SHAREAPI_ALLOW_FEDERATION_ON_PUBLIC_SHARES, true)) {
 			$permissions |= Constants::PERMISSION_SHARE;
 		}
 

apps/files_sharing/tests/ApiTest.php

@@ -20,6 +20,7 @@
 use OCP\Constants;
 use OCP\Files\Folder;
 use OCP\Files\IRootFolder;
+use OCP\IAppConfig;
 use OCP\IConfig;
 use OCP\IDateTimeZone;
 use OCP\IGroupManager;
@@ -34,6 +35,7 @@
 use OCP\Share\IProviderFactory;
 use OCP\Share\IShare;
 use OCP\UserStatus\IManager as IUserStatusManager;
+use PHPUnit\Framework\MockObject\MockObject;
 use Psr\Container\ContainerInterface;
 use Psr\Log\LoggerInterface;
 
@@ -49,11 +51,9 @@ class ApiTest extends TestCase {
 
 	private static $tempStorage;
 
-	/** @var Folder */
-	private $userFolder;
-
-	/** @var string */
-	private $subsubfolder;
+	private Folder $userFolder;
+	private string $subsubfolder;
+	protected IAppConfig&MockObject $appConfig;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -80,6 +80,8 @@ protected function setUp(): void {
 		$mount->getStorage()->getScanner()->scan('', Scanner::SCAN_RECURSIVE);
 
 		$this->userFolder = \OC::$server->getUserFolder(self::TEST_FILES_SHARING_API_USER1);
+
+		$this->appConfig = $this->createMock(IAppConfig::class);
 	}
 
 	protected function tearDown(): void {
@@ -125,6 +127,7 @@ private function createOCS($userId) {
 			Server::get(IURLGenerator::class),
 			$l,
 			$config,
+			$this->appConfig,
 			$appManager,
 			$serverContainer,
 			$userStatusManager,
@@ -232,8 +235,12 @@ public function testCreateShareLink(): void {
 
 	/**
 	 * @group RoutingWeirdness
+	 * @dataProvider dataAllowFederationOnPublicShares
 	 */
-	public function testCreateShareLinkPublicUpload(): void {
+	public function testCreateShareLinkPublicUpload(array $appConfig, int $permissions): void {
+		$this->appConfig->method('getValueBool')
+			->willReturnMap([$appConfig]);
+
 		$ocs = $this->createOCS(self::TEST_FILES_SHARING_API_USER1);
 		$result = $ocs->createShare($this->folder, Constants::PERMISSION_ALL, IShare::TYPE_LINK, null, 'true');
 		$ocs->cleanup();
@@ -244,7 +251,7 @@ public function testCreateShareLinkPublicUpload(): void {
 			Constants::PERMISSION_CREATE |
 			Constants::PERMISSION_UPDATE |
 			Constants::PERMISSION_DELETE |
-			Constants::PERMISSION_SHARE,
+			$permissions,
 			$data['permissions']
 		);
 		$this->assertEmpty($data['expiration']);
@@ -1004,8 +1011,13 @@ public function testUpdateShare(): void {
 
 	/**
 	 * @medium
+	 * @dataProvider dataAllowFederationOnPublicShares
 	 */
-	public function testUpdateShareUpload(): void {
+	public function testUpdateShareUpload(array $appConfig, int $permissions): void {
+		$this->appConfig->method('getValueBool')->willReturnMap([
+			$appConfig,
+		]);
+
 		$node1 = $this->userFolder->get($this->folder);
 		$share1 = $this->shareManager->newShare();
 		$share1->setNode($node1)
@@ -1025,14 +1037,21 @@ public function testUpdateShareUpload(): void {
 			Constants::PERMISSION_CREATE |
 			Constants::PERMISSION_UPDATE |
 			Constants::PERMISSION_DELETE |
-			Constants::PERMISSION_SHARE,
+			$permissions,
 			$share1->getPermissions()
 		);
 
 		// cleanup
 		$this->shareManager->deleteShare($share1);
 	}
 
+	public static function dataAllowFederationOnPublicShares(): array {
+		return [
+			[['core', 'shareapi_allow_federation_on_public_shares', true, false], 0],
+			[['core', 'shareapi_allow_federation_on_public_shares', true, true], Constants::PERMISSION_SHARE],
+		];
+	}
+
 	/**
 	 * @medium
 	 */

apps/files_sharing/tests/Controller/ShareAPIControllerTest.php

@@ -21,6 +21,7 @@
 use OCP\Files\Mount\IShareOwnerlessMount;
 use OCP\Files\NotFoundException;
 use OCP\Files\Storage\IStorage;
+use OCP\IAppConfig;
 use OCP\IConfig;
 use OCP\IDateTimeZone;
 use OCP\IGroup;
@@ -70,6 +71,7 @@ class ShareAPIControllerTest extends TestCase {
 	private IURLGenerator&MockObject $urlGenerator;
 	private IL10N&MockObject $l;
 	private IConfig&MockObject $config;
+	private IAppConfig&MockObject $appConfig;
 	private IAppManager&MockObject $appManager;
 	private ContainerInterface&MockObject $serverContainer;
 	private IUserStatusManager&MockObject $userStatusManager;
@@ -102,6 +104,7 @@ protected function setUp(): void {
 				return vsprintf($text, $parameters);
 			});
 		$this->config = $this->createMock(IConfig::class);
+		$this->appConfig = $this->createMock(IAppConfig::class);
 		$this->appManager = $this->createMock(IAppManager::class);
 		$this->serverContainer = $this->createMock(ContainerInterface::class);
 		$this->userStatusManager = $this->createMock(IUserStatusManager::class);
@@ -126,6 +129,7 @@ protected function setUp(): void {
 			$this->urlGenerator,
 			$this->l,
 			$this->config,
+			$this->appConfig,
 			$this->appManager,
 			$this->serverContainer,
 			$this->userStatusManager,
@@ -154,6 +158,7 @@ private function mockFormatShare() {
 				$this->urlGenerator,
 				$this->l,
 				$this->config,
+				$this->appConfig,
 				$this->appManager,
 				$this->serverContainer,
 				$this->userStatusManager,
@@ -839,6 +844,7 @@ public function testGetShare(IShare $share, array $result): void {
 				$this->urlGenerator,
 				$this->l,
 				$this->config,
+				$this->appConfig,
 				$this->appManager,
 				$this->serverContainer,
 				$this->userStatusManager,
@@ -1472,6 +1478,7 @@ public function testGetShares(array $getSharesParameters, array $shares, array $
 				$this->urlGenerator,
 				$this->l,
 				$this->config,
+				$this->appConfig,
 				$this->appManager,
 				$this->serverContainer,
 				$this->userStatusManager,
@@ -1863,6 +1870,7 @@ public function testCreateShareUser(): void {
 				$this->urlGenerator,
 				$this->l,
 				$this->config,
+				$this->appConfig,
 				$this->appManager,
 				$this->serverContainer,
 				$this->userStatusManager,
@@ -1961,6 +1969,7 @@ public function testCreateShareGroup(): void {
 				$this->urlGenerator,
 				$this->l,
 				$this->config,
+				$this->appConfig,
 				$this->appManager,
 				$this->serverContainer,
 				$this->userStatusManager,
@@ -2387,6 +2396,7 @@ public function testCreateShareRemote(): void {
 				$this->urlGenerator,
 				$this->l,
 				$this->config,
+				$this->appConfig,
 				$this->appManager,
 				$this->serverContainer,
 				$this->userStatusManager,
@@ -2458,6 +2468,7 @@ public function testCreateShareRemoteGroup(): void {
 				$this->urlGenerator,
 				$this->l,
 				$this->config,
+				$this->appConfig,
 				$this->appManager,
 				$this->serverContainer,
 				$this->userStatusManager,
@@ -2696,6 +2707,7 @@ public function testCreateReshareOfFederatedMountNoDeletePermissions(): void {
 				$this->urlGenerator,
 				$this->l,
 				$this->config,
+				$this->appConfig,
 				$this->appManager,
 				$this->serverContainer,
 				$this->userStatusManager,

apps/settings/lib/Settings/Admin/Sharing.php

@@ -9,6 +9,7 @@
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\AppFramework\Services\IInitialState;
 use OCP\Constants;
+use OCP\IAppConfig;
 use OCP\IConfig;
 use OCP\IL10N;
 use OCP\IURLGenerator;
@@ -19,6 +20,7 @@
 class Sharing implements IDelegatedSettings {
 	public function __construct(
 		private IConfig $config,
+		private IAppConfig $appConfig,
 		private IL10N $l,
 		private IManager $shareManager,
 		private IAppManager $appManager,
@@ -46,6 +48,7 @@ public function getForm() {
 			'allowPublicUpload' => $this->getHumanBooleanConfig('core', 'shareapi_allow_public_upload', true),
 			'allowResharing' => $this->getHumanBooleanConfig('core', 'shareapi_allow_resharing', true),
 			'allowShareDialogUserEnumeration' => $this->getHumanBooleanConfig('core', 'shareapi_allow_share_dialog_user_enumeration', true),
+			'allowFederationOnPublicShares' => $this->appConfig->getValueBool('core', 'shareapi_allow_federation_on_public_shares', true),
 			'restrictUserEnumerationToGroup' => $this->getHumanBooleanConfig('core', 'shareapi_restrict_user_enumeration_to_group'),
 			'restrictUserEnumerationToPhone' => $this->getHumanBooleanConfig('core', 'shareapi_restrict_user_enumeration_to_phone'),
 			'restrictUserEnumerationFullMatch' => $this->getHumanBooleanConfig('core', 'shareapi_restrict_user_enumeration_full_match', true),

apps/settings/src/components/AdminSettingsSharingForm.vue

@@ -39,6 +39,10 @@
 				<NcCheckboxRadioSwitch :checked.sync="settings.allowPublicUpload">
 					{{ t('settings', 'Allow public uploads') }}
 				</NcCheckboxRadioSwitch>
+				<NcCheckboxRadioSwitch v-model="settings.allowFederationOnPublicShares">
+					{{ t('settings', 'Allow public shares to be added to other clouds by federation.') }}
+					{{ t('settings', 'This will add share permissions to all newly created link shares.') }}
+				</NcCheckboxRadioSwitch>
 				<NcCheckboxRadioSwitch :checked.sync="settings.enableLinkPasswordByDefault">
 					{{ t('settings', 'Always ask for a password') }}
 				</NcCheckboxRadioSwitch>
@@ -232,6 +236,7 @@ interface IShareSettings {
 	allowPublicUpload: boolean
 	allowResharing: boolean
 	allowShareDialogUserEnumeration: boolean
+	allowFederationOnPublicShares: boolean
 	restrictUserEnumerationToGroup: boolean
 	restrictUserEnumerationToPhone: boolean
 	restrictUserEnumerationFullMatch: boolean

apps/settings/tests/Settings/Admin/SharingTest.php

@@ -10,6 +10,7 @@
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\AppFramework\Services\IInitialState;
 use OCP\Constants;
+use OCP\IAppConfig;
 use OCP\IConfig;
 use OCP\IL10N;
 use OCP\IURLGenerator;
@@ -18,25 +19,30 @@
 use Test\TestCase;
 
 class SharingTest extends TestCase {
+	private Sharing $admin;
+
 	private IConfig&MockObject $config;
+	private IAppConfig&MockObject $appConfig;
 	private IL10N&MockObject $l10n;
 	private IManager&MockObject $shareManager;
 	private IAppManager&MockObject $appManager;
 	private IURLGenerator&MockObject $urlGenerator;
 	private IInitialState&MockObject $initialState;
-	private Sharing $admin;
 
 	protected function setUp(): void {
 		parent::setUp();
 		$this->config = $this->createMock(IConfig::class);
+		$this->appConfig = $this->createMock(IAppConfig::class);
 		$this->l10n = $this->createMock(IL10N::class);
+
 		$this->shareManager = $this->createMock(IManager::class);
 		$this->appManager = $this->createMock(IAppManager::class);
 		$this->urlGenerator = $this->createMock(IURLGenerator::class);
 		$this->initialState = $this->createMock(IInitialState::class);
 
 		$this->admin = new Sharing(
 			$this->config,
+			$this->appConfig,
 			$this->l10n,
 			$this->shareManager,
 			$this->appManager,
@@ -47,6 +53,12 @@ protected function setUp(): void {
 	}
 
 	public function testGetFormWithoutExcludedGroups(): void {
+		$this->appConfig
+			->method('getValueBool')
+			->willReturnMap([
+				['core', 'shareapi_allow_federation_on_public_shares', true, false, true],
+			]);
+
 		$this->config
 			->method('getAppValue')
 			->willReturnMap([
@@ -102,6 +114,7 @@ public function testGetFormWithoutExcludedGroups(): void {
 				'allowPublicUpload' => true,
 				'allowResharing' => true,
 				'allowShareDialogUserEnumeration' => true,
+				'allowFederationOnPublicShares' => true,
 				'restrictUserEnumerationToGroup' => false,
 				'restrictUserEnumerationToPhone' => false,
 				'restrictUserEnumerationFullMatch' => true,

core/AppInfo/Application.php

@@ -78,6 +78,9 @@ public function register(IRegistrationContext $context): void {
 
 		// Tags
 		$context->registerEventListener(UserDeletedEvent::class, TagManager::class);
+
+		// config lexicon
+		$context->registerConfigLexicon(ConfigLexicon::class);
 	}
 
 	public function boot(IBootContext $context): void {

core/AppInfo/ConfigLexicon.php

@@ -0,0 +1,37 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OC\Core\AppInfo;
+
+use NCU\Config\Lexicon\ConfigLexiconEntry;
+use NCU\Config\Lexicon\ConfigLexiconStrictness;
+use NCU\Config\Lexicon\IConfigLexicon;
+use NCU\Config\ValueType;
+
+/**
+ * Config Lexicon for core.
+ *
+ * Please Add & Manage your Config Keys in that file and keep the Lexicon up to date!
+ */
+class ConfigLexicon implements IConfigLexicon {
+	public const SHAREAPI_ALLOW_FEDERATION_ON_PUBLIC_SHARES = 'shareapi_allow_federation_on_public_shares';
+
+	public function getStrictness(): ConfigLexiconStrictness {
+		return ConfigLexiconStrictness::IGNORE;
+	}
+
+	public function getAppConfigs(): array {
+		return [
+			new ConfigLexiconEntry(self::SHAREAPI_ALLOW_FEDERATION_ON_PUBLIC_SHARES, ValueType::BOOL, true, 'adds share permission to public shares to allow adding them to your Nextcloud (federation)'),
+		];
+	}
+
+	public function getUserConfigs(): array {
+		return [];
+	}
+}