From 29fb315ffcbfb910a36b58ca99cdefb1fe531423 Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Thu, 21 Sep 2017 11:32:22 +0200
Subject: [PATCH 1/6] Allow requesting the max preview

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 lib/private/Preview/Generator.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/private/Preview/Generator.php b/lib/private/Preview/Generator.php
index 5a264c2bbd543..71e9fdb1a2060 100644
--- a/lib/private/Preview/Generator.php
+++ b/lib/private/Preview/Generator.php
@@ -110,6 +110,12 @@ public function getPreview(File $file, $width = -1, $height = -1, $crop = false,
 		$maxPreview = $this->getMaxPreview($previewFolder, $file, $mimeType);
 		list($maxWidth, $maxHeight) = $this->getPreviewSize($maxPreview);
 
+		// If both width and heigth are -1 we just want the max preview
+		if ($width === -1 && $height === -1) {
+			$width = $maxWidth;
+			$height = $maxHeight;
+		}
+
 		// Calculate the preview size
 		list($width, $height) = $this->calculateSize($width, $height, $crop, $mode, $maxWidth, $maxHeight);
 

From 7d8c5f73f551c0d7224bccef6af4b272c124b7e9 Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Thu, 21 Sep 2017 11:37:37 +0200
Subject: [PATCH 2/6] Add direct preview link to single shared image files

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 .../Controller/PublicPreviewController.php    | 46 +++++++++++++++++++
 core/routes.php                               |  8 ++++
 2 files changed, 54 insertions(+)

diff --git a/apps/files_sharing/lib/Controller/PublicPreviewController.php b/apps/files_sharing/lib/Controller/PublicPreviewController.php
index 49e48993f5cc6..b3c1db8e50441 100644
--- a/apps/files_sharing/lib/Controller/PublicPreviewController.php
+++ b/apps/files_sharing/lib/Controller/PublicPreviewController.php
@@ -101,4 +101,50 @@ public function getPreview(
 			return new DataResponse([], Http::STATUS_BAD_REQUEST);
 		}
 	}
+
+	/**
+	 * @PublicPage
+	 * @NoCSRFRequired
+	 *
+	 * @param $token
+	 * @return DataResponse|FileDisplayResponse
+	 */
+	public function directLink($token) {
+		// No token no image
+		if ($token === '') {
+			return new DataResponse([], Http::STATUS_BAD_REQUEST);
+		}
+
+		// No share no image
+		try {
+			$share = $this->shareManager->getShareByToken($token);
+		} catch (ShareNotFound $e) {
+			return new DataResponse([], Http::STATUS_NOT_FOUND);
+		}
+
+		// No permissions no image
+		if (($share->getPermissions() & Constants::PERMISSION_READ) === 0) {
+			return new DataResponse([], Http::STATUS_FORBIDDEN);
+		}
+
+		// Password protected shares have no direct link!
+		if ($share->getPassword() !== null) {
+			return new DataResponse([], Http::STATUS_FORBIDDEN);
+		}
+
+		try {
+			$node = $share->getNode();
+			if ($node instanceof Folder) {
+				// Direct link only works for single files
+				return new DataResponse([], Http::STATUS_BAD_REQUEST);
+			}
+
+			$f = $this->previewManager->getPreview($node, -1, -1, false);
+			return new FileDisplayResponse($f, Http::STATUS_OK, ['Content-Type' => $f->getMimeType()]);
+		} catch (NotFoundException $e) {
+			return new DataResponse([], Http::STATUS_NOT_FOUND);
+		} catch (\InvalidArgumentException $e) {
+			return new DataResponse([], Http::STATUS_BAD_REQUEST);
+		}
+	}
 }
diff --git a/core/routes.php b/core/routes.php
index a572c83d74943..af445d9da8f8c 100644
--- a/core/routes.php
+++ b/core/routes.php
@@ -135,6 +135,14 @@
 		throw new \OC\HintException('App file sharing is not enabled');
 	}
 });
+$this->create('files_sharing.publicpreview.directLink', '/s/{token}/preview')->get()->action(function($urlParams) {
+	if (class_exists(\OCA\Files_Sharing\AppInfo\Application::class, false)) {
+		$app = new \OCA\Files_Sharing\AppInfo\Application($urlParams);
+		$app->dispatch('PublicPreviewController', 'directLink');
+	} else {
+		throw new \OC\HintException('App file sharing is not enabled');
+	}
+});
 
 // used for heartbeat
 $this->create('heartbeat', '/heartbeat')->action(function(){

From 894958e3e217cd89bb7597fc4a8ea04634b137db Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Thu, 21 Sep 2017 11:47:05 +0200
Subject: [PATCH 3/6] For images we have a preview for use the preview link

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 apps/files_sharing/lib/Controller/ShareController.php | 2 ++
 apps/files_sharing/templates/public.php               | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php
index 14fc8d6338109..ec345c4e98490 100644
--- a/apps/files_sharing/lib/Controller/ShareController.php
+++ b/apps/files_sharing/lib/Controller/ShareController.php
@@ -375,8 +375,10 @@ public function showShare($token, $path = '') {
 		if ($shareTmpl['previewSupported']) {
 			$shareTmpl['previewImage'] = $this->urlGenerator->linkToRouteAbsolute( 'files_sharing.PublicPreview.getPreview',
 				['x' => 200, 'y' => 200, 'file' => $shareTmpl['directory_path'], 't' => $shareTmpl['dirToken']]);
+			$shareTmpl['previewURL'] = $this->urlGenerator->linkToRouteAbsolute('files_sharing.publicpreview.directLink', ['token' => $token]);
 		} else {
 			$shareTmpl['previewImage'] = $this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'favicon-fb.png'));
+			$shareTmpl['previewURL'] = $shareTmpl['downloadURL'];
 		}
 
 		// Load files we need
diff --git a/apps/files_sharing/templates/public.php b/apps/files_sharing/templates/public.php
index a593e596dfb53..8bbb53fa4e078 100644
--- a/apps/files_sharing/templates/public.php
+++ b/apps/files_sharing/templates/public.php
@@ -92,7 +92,7 @@
 				</div>
 				<div class="directLink">
 					<label for="directLink"><?php p($l->t('Direct link')) ?></label>
-					<input id="directLink" type="text" readonly value="<?php p($_['downloadURL']); ?>">
+					<input id="directLink" type="text" readonly value="<?php p($_['previewURL']); ?>">
 				</div>
 			<?php endif; ?>
 		</div>

From c3491e3f149ebc66ae986922566fdcdeef03be5b Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Fri, 22 Sep 2017 12:35:02 +0200
Subject: [PATCH 4/6] Add annotation

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 apps/files_sharing/lib/Controller/PublicPreviewController.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apps/files_sharing/lib/Controller/PublicPreviewController.php b/apps/files_sharing/lib/Controller/PublicPreviewController.php
index b3c1db8e50441..56d8d94534f15 100644
--- a/apps/files_sharing/lib/Controller/PublicPreviewController.php
+++ b/apps/files_sharing/lib/Controller/PublicPreviewController.php
@@ -105,6 +105,7 @@ public function getPreview(
 	/**
 	 * @PublicPage
 	 * @NoCSRFRequired
+	 * @NoSameSiteCookieRequired
 	 *
 	 * @param $token
 	 * @return DataResponse|FileDisplayResponse

From 05c37526a75bfa431fc1158404eaad792e17e12d Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Mon, 25 Sep 2017 21:44:42 +0200
Subject: [PATCH 5/6] Fix tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 apps/files_sharing/tests/Controller/ShareControllerTest.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/apps/files_sharing/tests/Controller/ShareControllerTest.php b/apps/files_sharing/tests/Controller/ShareControllerTest.php
index 62adca53f4c3e..7a017b5e3b778 100644
--- a/apps/files_sharing/tests/Controller/ShareControllerTest.php
+++ b/apps/files_sharing/tests/Controller/ShareControllerTest.php
@@ -396,7 +396,8 @@ public function testShowShare() {
 			'shareOwner' => 'ownerDisplay',
 			'disclaimer' => 'My disclaimer text',
 			'shareUrl' => null,
-			'previewImage' => null
+			'previewImage' => null,
+			'previewURL' => null,
 		);
 
 		$csp = new \OCP\AppFramework\Http\ContentSecurityPolicy();

From 4077f684e137774f48cb1f575bc8a7bfd862c78b Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Mon, 25 Sep 2017 21:47:09 +0200
Subject: [PATCH 6/6] Only have direct preview urls for image files

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 apps/files_sharing/lib/Controller/ShareController.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php
index ec345c4e98490..a7cf1a78971b0 100644
--- a/apps/files_sharing/lib/Controller/ShareController.php
+++ b/apps/files_sharing/lib/Controller/ShareController.php
@@ -372,13 +372,16 @@ public function showShare($token, $path = '') {
 		$shareTmpl['previewMaxX'] = $this->config->getSystemValue('preview_max_x', 1024);
 		$shareTmpl['previewMaxY'] = $this->config->getSystemValue('preview_max_y', 1024);
 		$shareTmpl['disclaimer'] = $this->config->getAppValue('core', 'shareapi_public_link_disclaimertext', null);
+		$shareTmpl['previewURL'] = $shareTmpl['downloadURL'];
 		if ($shareTmpl['previewSupported']) {
 			$shareTmpl['previewImage'] = $this->urlGenerator->linkToRouteAbsolute( 'files_sharing.PublicPreview.getPreview',
 				['x' => 200, 'y' => 200, 'file' => $shareTmpl['directory_path'], 't' => $shareTmpl['dirToken']]);
-			$shareTmpl['previewURL'] = $this->urlGenerator->linkToRouteAbsolute('files_sharing.publicpreview.directLink', ['token' => $token]);
+			// We just have direct previews for image files
+			if ($share->getNode()->getMimePart() === 'image') {
+				$shareTmpl['previewURL'] = $this->urlGenerator->linkToRouteAbsolute('files_sharing.publicpreview.directLink', ['token' => $token]);
+			}
 		} else {
 			$shareTmpl['previewImage'] = $this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'favicon-fb.png'));
-			$shareTmpl['previewURL'] = $shareTmpl['downloadURL'];
 		}
 
 		// Load files we need