Allow custom public share tokens for form links#3311
Allow custom public share tokens for form links#3311alexander-rebello wants to merge 13 commits intonextcloud:mainfrom
Conversation
Signed-off-by: Alexander Rebello <me@alexander-rebello.de>
Signed-off-by: Alexander Rebello <me@alexander-rebello.de>
Signed-off-by: Alexander Rebello <me@alexander-rebello.de>
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
Signed-off-by: Alexander Rebello <me@alexander-rebello.de>
Signed-off-by: Alexander Rebello <me@alexander-rebello.de>
Signed-off-by: Alexander Rebello <me@alexander-rebello.de>
Chartman123
left a comment
Chartman123
left a comment
There was a problem hiding this comment.
Added some review comments on the PHP part
| #[NoCSRFRequired()] | ||
| #[PublicPage()] | ||
| #[FrontpageRoute(verb: 'GET', url: '/s/{hash}', requirements: ['hash' => '[a-zA-Z0-9]{24,}'])] | ||
| #[FrontpageRoute(verb: 'GET', url: '/s/{hash}', requirements: ['hash' => self::PUBLIC_SHARE_HASH_REQUIREMENT])] |
There was a problem hiding this comment.
Would probably be good if we can decide here wether custom share tokens are allowed on that instance. But IIRC it's not working with dynamically defined requirements.
There was a problem hiding this comment.
Meaning it would be good, but can't be done in this instance? Or should I try?
Signed-off-by: Alexander Rebello <me@alexander-rebello.de>
Signed-off-by: Alexander Rebello <me@alexander-rebello.de>
Chartman123
added
enhancement
Chartman123
dismissed
their stale review
Accidentally approved the PR instead of just adding the review comments
Signed-off-by: Alexander Rebello <me@alexander-rebello.de>
|
Whats the holdup? Could we check if this version works? |
Co-authored-by: Christian Hartmann <chris-hartmann@gmx.de> Signed-off-by: Alexander Rebello <me@alexander-rebello.de>
Signed-off-by: Alexander Rebello <me@alexander-rebello.de>
|
Please don't merge the |
|
Oh and I just saw it: please use some other branch name for your changes in your forked repository... |
There was a problem hiding this comment.
Please rebase your branch on our current main and adjust this file accordingly to the changes merged into main lately. We had a bug in this file that prevented sending the requests to the server.
|
@alexander-rebello could you please rework the front-end so that it looks/works more like for the file sharing? 
The field should also auto-save upon changes and don't have to rely on clicking a save button in the menu. The button on the right to go back to some auto-generated token is also nice and should be implemented here, too. And I think that we should also hide the token input behind some "customize share token" (instead of the "advanced settings") section. |
|
Hello there, We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process. Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6 Thank you for contributing to Nextcloud and we hope to hear from you soon! (If you believe you should not receive this message, you can add yourself to the blocklist.) |
2 participants
This adds admin-gated custom tokens for public Forms share links. By default the feature is disabled, so existing instances keep the current random-token behavior. When enabled by an admin, form owners can edit the token of an existing public link directly in the sharing sidebar, save it explicitly, and the old URL becomes invalid immediately.
It also adds the necessary backend support for token updates, keeps public-link routing compatible with custom tokens, and includes tests plus API documentation updates.