[Bug]: Nextcloud don't send share passwords through mail automatically

[hs7296792]

⚠️ This issue respects the following points: ⚠️

• This is a bug, not a question or a configuration/webserver/proxy issue.
• This issue is not already reported on Github (I've searched it).
• Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• I agree to follow Nextcloud's Code of Conduct.

Bug description

Before upgrading to Nextcloud 24.0.1 if I create a share by mail which have the share password setting enforced, Nextcloud generates a random password and sends it with an additional email to the given recipient. The recipient gets two mails: A first one with the public share link and another one with the share password. After the upgrade, the recipient only gets the email with the share link. While opening this, the recipient needs to enter a password which he doesn't know.

Steps to reproduce

1. Set the following share settings:

2. Create a folder.
3. Open the share menue.
4. Enter only the recipient email address.
5. Click on it in the autocompletion.

I could reproduce this issue with two independent Nextcloud servers.

Expected behavior

The recipient should get two emails.

1. A email which includes only the share link
2. A email which only includes the autogenerated share password

Installation method

Manual installation

Operating system

Debian/Ubuntu

PHP engine version

PHP 7.4

Web server

Nginx

Database engine version

MariaDB

Is this bug present after an update or on a fresh install?

Updated to a major version (ex. 22.2.3 to 23.0.1)

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

• Default user-backend (database)
• LDAP/ Active Directory
• SSO - SAML
• Other

Configuration report

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "***REMOVED SENSITIVE VALUE***",
            "***REMOVED SENSITIVE VALUE***",
            "***REMOVED SENSITIVE VALUE***"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "23.0.5.1",
        "overwrite.cli.url": "***REMOVED SENSITIVE VALUE***",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "mail_smtpmode": "smtp",
        "mail_sendmailmode": "smtp",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "26",
        "ldapIgnoreNamingRules": false,
        "ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory",
        "memcache.local": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "filelocking.enabled": "true",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 0,
            "timeout": 0
        },
        "mail_smtpsecure": "tls",
        "maintenance": false,
        "theme": "",
        "loglevel": 2,
        "default_locale": "de_DE",
        "twofactor_enforced": "true",
        "twofactor_enforced_groups": [],
        "twofactor_enforced_excluded_groups": [
            "admin"
        ],
        "skeletondirectory": "",
        "force_language": "de_DE",
        "force_locale": "de_DE",
        "default_phone_region": "DE",
        "trusted_proxies": "***REMOVED SENSITIVE VALUE***",
        "lost_password_link": "disabled",
        "auth.webauthn.enabled": false,
        "allow_user_to_change_display_name": false,
        "oidc_login_provider_url": "***REMOVED SENSITIVE VALUE***",
        "oidc_login_client_id": "***REMOVED SENSITIVE VALUE***",
        "oidc_login_client_secret": "***REMOVED SENSITIVE VALUE***",
        "oidc_login_auto_redirect": false,
        "oidc_login_button_text": "***REMOVED SENSITIVE VALUE***",
        "oidc_login_scope": "openid profile",
        "oidc_login_disable_registration": false,
        "oidc_login_update_avatar": true,
        "oidc_login_hide_password_form": true,
        "profile.enabled": false
    }
}

List of activated Apps

Enabled:
  - accessibility: 1.9.0
  - activity: 2.15.0
  - circles: 23.1.1
  - cloud_federation_api: 1.6.0
  - contactsinteraction: 1.4.0
  - dav: 1.21.0
  - extract: 1.3.5
  - federatedfilesharing: 1.13.0
  - federation: 1.13.0
  - files: 1.18.0
  - files_accesscontrol: 1.13.0
  - files_pdfviewer: 2.4.0
  - files_retention: 1.12.0
  - files_rightclick: 1.2.0
  - files_sharing: 1.15.0
  - files_trashbin: 1.13.0
  - files_versions: 1.16.0
  - files_videoplayer: 1.12.0
  - impersonate: 1.10.0
  - logreader: 2.8.0
  - lookup_server_connector: 1.11.0
  - nextcloud_announcements: 1.12.0
  - notifications: 2.11.1
  - notify_push: 0.4.0
  - oauth2: 1.11.0
  - oidc_login: 2.3.2
  - password_policy: 1.13.0
  - privacy: 1.7.0
  - provisioning_api: 1.13.0
  - serverinfo: 1.13.0
  - settings: 1.5.0
  - sharebymail: 1.13.0
  - support: 1.6.0
  - systemtags: 1.13.0
  - theming: 1.14.0
  - twofactor_backupcodes: 1.12.0
  - twofactor_totp: 6.3.0
  - updatenotification: 1.13.0
  - user_ldap: 1.13.1
  - viewer: 1.7.0
  - workflowengine: 2.5.0
Disabled:
  - admin_audit
  - bruteforcesettings: 2.4.0
  - comments: 1.9.0
  - contacts: 4.1.1
  - dashboard: 7.0.0
  - encryption
  - files_antivirus: 3.2.2
  - files_external
  - firstrunwizard: 2.8.0
  - forms: 2.5.0
  - onlyoffice: 7.3.4
  - photos: 1.1.0
  - recommendations: 0.7.0
  - spreed: 13.0.5
  - survey_client: 1.7.0
  - text: 3.0.1
  - user_saml: 5.0.0
  - user_status: 1.0.1
  - weather_status: 1.0.0
  - webhooks: 0.2.0

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

No response

Additional info

No response

[MyNameIsRatchet]

In Admin --> Settings --> Share, the Option below "mail-share" (auf Deutsch "Geteilt über eine E-Mail") and then "share password per mail" is active?

[hs7296792]

Yes, it's enabled.

[TheULi]

I expected the same issue updated to 24.0.1 @hs7296792
Both options are set. I also reset these options. The sharing email was sent but the email with password wasn't.

I restore to 23.0.5. There isn't this bug. Password email was sent.

[Dunkelschunkel]

Same here. But I can't roll back to older Version since it is not supported.
Entering a new password in the share details will send a password email.

NC version 24.0.1
Please provide us with a fix.

[kronzo]

All my 24 Nextclouds have this error. Since I am not allowed to install an older version, I would be grateful for a fix.
NC version 24.0.1 | Share by Mail version 1.14.0 | File sharing version 1.16.2

[Dunkelschunkel]

@hs7296792 Another Workaround which I just discovered is the "request password" function presented when accessing a password protected share.

By entering the emailadresss that the link was created with you will get your message with a password.
Albeit very useful indeed it still feels like a workaround.

@kronzo Do you have this option on NC23? I never noticed.

Just to add some further details - using this method changes the password linked with this share and thus overrides a user provided password. It does not create a new share.

[artonge]

Might be fixed in v24.0.2 by #31981

[Dunkelschunkel]

just tested it after updating to 24.0.2 and it is working again. Thanks for fixing this annoying bug

[mjut]

I am still having this bug. Updated to NC 28.0.4 today: passwords are being auto-created when sharing the link. But when using to share with an email-address NC is running into an error, because the password is not being auto-created.