Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Built-in picture viewer not working for folders shared via public link #22174

Closed
BrozzSama opened this issue Aug 10, 2020 · 3 comments
Closed

Built-in picture viewer not working for folders shared via public link #22174

BrozzSama opened this issue Aug 10, 2020 · 3 comments
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap bug needs info

Comments

@BrozzSama
Copy link

Today I shared a folder with around 150 JPEG images inside. If I login with my account, or another nextcloud account with access to the share I can successfully view the images directly from the web browser, however if I share the folder using a public link a guest can only download the pictures but cannot use the built-in viewer.

I ran Nextcloud in debug mode and got the following error:

[webdav] Debug: Sabre\DAV\Exception\NotAuthenticated: at <>

0. /var/www/nextcloud/apps/dav/lib/Connector/Sabre/ServerFactory.php line 148
   {closure}("*** sensitive parameters replaced ***")
1. <<closure>>
   OCA\DAV\Connector\Sabre\ServerFactory->OCA\DAV\Connector\Sabre\{closure}("*** sensitive parameters replaced ***")
2. /var/www/nextcloud/3rdparty/sabre/event/lib/EventEmitterTrait.php line 105
   call_user_func_array(Closure {}, ["*** sensitive  ... "])
3. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php line 466
   Sabre\Event\EventEmitter->emit("beforeMethod", ["*** sensitive  ... "])
4. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php line 254
   Sabre\DAV\Server->invokeMethod("*** sensitive parameter replaced ***", "*** sensitive parameter replaced ***")
5. /var/www/nextcloud/apps/dav/appinfo/v1/publicwebdav.php line 111
   Sabre\DAV\Server->exec()
6. /var/www/nextcloud/public.php line 81
   require_once("/var/www/nextcl ... p")

PROPFIND /public.php/webdav/100_2293.JPG
from 192.168.1.44 at 2020-08-10T14:53:43+00:00

which makes me think that guests are not allowed to look at previews even though they are allowed to do so.

Steps to reproduce

  1. Upload pictures inside a nextcloud folder
  2. Share pictures using public link
  3. Access link without a user account and try to view the pictures using the built-in viewer

Expected behaviour

A guest should be allowed to view the pictures directly from the web browser without having to download them

Actual behaviour

Guests cannot use the built-in viewer

Server configuration

Operating system: Ubuntu 18.04

Web server: Nginx 1.14.0

Database: MariaDB 15.1

PHP version: PHP 7.2.24

Nextcloud version: 18.0.7

Updated from an older Nextcloud/ownCloud or fresh install: Updated

Where did you install Nextcloud from: From the nextcloud website

Signing status:

No errors have been found.

List of activated apps:

App list 
Enabled:
  - accessibility: 1.4.0
  - activity: 2.11.0
  - bruteforcesettings: 1.6.0
  - cloud_federation_api: 1.1.0
  - comments: 1.8.0
  - contacts: 3.3.0
  - dav: 1.14.0
  - federatedfilesharing: 1.8.0
  - federation: 1.8.0
  - files: 1.13.1
  - files_markdown: 2.3.0
  - files_pdfviewer: 1.7.0
  - files_rightclick: 0.15.2
  - files_sharing: 1.10.1
  - files_trashbin: 1.8.0
  - files_versions: 1.11.0
  - files_videoplayer: 1.7.0
  - firstrunwizard: 2.7.0
  - logreader: 2.3.0
  - lookup_server_connector: 1.6.0
  - notifications: 2.6.0
  - oauth2: 1.6.0
  - password_policy: 1.8.0
  - photos: 1.0.0
  - privacy: 1.2.0
  - provisioning_api: 1.8.0
  - recommendations: 0.6.0
  - serverinfo: 1.8.0
  - settings: 1.0.0
  - sharebymail: 1.8.0
  - spreed: 8.0.10
  - support: 1.1.1
  - survey_client: 1.6.0
  - systemtags: 1.8.0
  - text: 2.0.0
  - theming: 1.9.0
  - twofactor_backupcodes: 1.7.0
  - updatenotification: 1.8.0
  - viewer: 1.2.0
  - workflowengine: 2.0.0
Disabled:
  - admin_audit
  - encryption
  - files_external
  - nextcloud_announcements
  - user_ldap

Nextcloud configuration:

Config report 
{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "localhost",
            "***REMOVED SENSITIVE VALUE***"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "version": "18.0.7.1",
        "installed": true,
        "overwrite.cli.url": "http:\/\/localhost",
        "memcache.local": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 0,
            "dbindex": 0,
            "password": "***REMOVED SENSITIVE VALUE***",
            "timeout": 1.5
        },
        "maintenance": false,
        "loglevel": "0",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpmode": "smtp",
        "mail_sendmailmode": "smtp",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpauthtype": "LOGIN",
        "mail_smtpauth": 1,
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpsecure": "ssl",
        "mail_smtpport": "465",
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "preview_max_y": 512,
        "preview_max_x": 512,
        "preview_libreoffice_path": "\/usr\/bin\/libreoffice",
        "enable_previews": true,
        "enabledPreviewProviders": [
            "OC\\Preview\\TXT",
            "OC\\Preview\\MarkDown",
            "OC\\Preview\\OpenDocument",
            "OC\\Preview\\PDF",
            "OC\\Preview\\MSOffice2003",
            "OC\\Preview\\MSOfficeDoc",
            "OC\\Preview\\PDF",
            "OC\\Preview\\Image",
            "OC\\Preview\\Photoshop",
            "OC\\Preview\\TIFF",
            "OC\\Preview\\SVG",
            "OC\\Preview\\Font",
            "OC\\Preview\\MP3",
            "OC\\Preview\\Movie",
            "OC\\Preview\\MKV",
            "OC\\Preview\\MP4",
            "OC\\Preview\\AVI"
        ],
        "theme": "",
        "versions_retention_obligation": "auto, 15",
        "trashbin_expire": "auto, 4"
    }
}```
</details>

**Are you using external storage, if yes which one:** local/smb/sftp/...

**Are you using encryption:** yes/no

**Are you using an external user-backend, if yes which one:** LDAP/ActiveDirectory/Webdav/...


### Client configuration
**Browser: Chromium: 84.0.4147.105 (Official Build) (64-bit)**

**Operating system: Windows 10 64-bit**

### Logs



#### Web server error log
<details>
<summary>Web server error log</summary>

Insert your webserver log here

</details>

#### Nextcloud log (data/nextcloud.log)
<details>
<summary>Nextcloud log</summary>

[webdav] Debug: Sabre\DAV\Exception\NotAuthenticated: at <>

0. /var/www/nextcloud/apps/dav/lib/Connector/Sabre/ServerFactory.php line 148
   {closure}("*** sensitive parameters replaced ***")
1. <<closure>>
   OCA\DAV\Connector\Sabre\ServerFactory->OCA\DAV\Connector\Sabre\{closure}("*** sensitive parameters replaced ***")
2. /var/www/nextcloud/3rdparty/sabre/event/lib/EventEmitterTrait.php line 105
   call_user_func_array(Closure {}, ["*** sensitive  ... "])
3. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php line 466
   Sabre\Event\EventEmitter->emit("beforeMethod", ["*** sensitive  ... "])
4. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php line 254
   Sabre\DAV\Server->invokeMethod("*** sensitive parameter replaced ***", "*** sensitive parameter replaced ***")
5. /var/www/nextcloud/apps/dav/appinfo/v1/publicwebdav.php line 111
   Sabre\DAV\Server->exec()
6. /var/www/nextcloud/public.php line 81
   require_once("/var/www/nextcl ... p")

PROPFIND /public.php/webdav/100_2293.JPG
from 192.168.1.44 at 2020-08-10T14:53:43+00:00


</details>

#### Browser log
<details>
<summary>Browser log</summary>

Opening viewer for file /100_2293.JPG
viewer.js?v=dee034fe-10:39 PROPFIND https://cloud.brozzu.xyz/public.php/webdav/100_2293.JPG 401
(anonymous) @ viewer.js?v=dee034fe-10:39
t.exports @ viewer.js?v=dee034fe-10:39
t.exports @ viewer.js?v=dee034fe-10:260
Promise.then (async)
c.request @ viewer.js?v=dee034fe-10:260
(anonymous) @ viewer.js?v=dee034fe-10:39
(anonymous) @ viewer.js?v=dee034fe-10:260
value @ viewer.js?v=dee034fe-10:260
value @ viewer.js?v=dee034fe-10:260
c @ viewer.js?v=dee034fe-10:260
t.exports @ viewer.js?v=dee034fe-10:260
request @ viewer.js?v=dee034fe-10:14
getStat @ viewer.js?v=dee034fe-10:261
stat @ viewer.js?v=dee034fe-10:260
(anonymous) @ viewer.js?v=dee034fe-10:324
u @ main.js?v=dee034fe-10:565
(anonymous) @ main.js?v=dee034fe-10:565
forEach.e. @ main.js?v=dee034fe-10:565
F @ viewer.js?v=dee034fe-10:303
s @ viewer.js?v=dee034fe-10:303
(anonymous) @ viewer.js?v=dee034fe-10:303
(anonymous) @ viewer.js?v=dee034fe-10:303
$ @ viewer.js?v=dee034fe-10:324
z @ viewer.js?v=dee034fe-10:324
(anonymous) @ viewer.js?v=dee034fe-10:347
u @ main.js?v=dee034fe-10:565
(anonymous) @ main.js?v=dee034fe-10:565
forEach.e. @ main.js?v=dee034fe-10:565
G @ viewer.js?v=dee034fe-10:324
s @ viewer.js?v=dee034fe-10:347
(anonymous) @ viewer.js?v=dee034fe-10:347
(anonymous) @ viewer.js?v=dee034fe-10:347
(anonymous) @ viewer.js?v=dee034fe-10:347
(anonymous) @ viewer.js?v=dee034fe-10:347
u @ main.js?v=dee034fe-10:565
(anonymous) @ main.js?v=dee034fe-10:565
forEach.e. @ main.js?v=dee034fe-10:565
Q @ viewer.js?v=dee034fe-10:347
s @ viewer.js?v=dee034fe-10:347
(anonymous) @ viewer.js?v=dee034fe-10:347
(anonymous) @ viewer.js?v=dee034fe-10:347
openFile @ viewer.js?v=dee034fe-10:347
file @ viewer.js?v=dee034fe-10:347
pn.run @ viewer.js?v=dee034fe-10:14
ln @ viewer.js?v=dee034fe-10:14
(anonymous) @ viewer.js?v=dee034fe-10:14
Xt @ viewer.js?v=dee034fe-10:14
Promise.then (async)
Vt @ viewer.js?v=dee034fe-10:14
ee @ viewer.js?v=dee034fe-10:14
(anonymous) @ viewer.js?v=dee034fe-10:14
pn.update @ viewer.js?v=dee034fe-10:14
lt.notify @ viewer.js?v=dee034fe-10:14
set @ viewer.js?v=dee034fe-10:14
value @ viewer.js?v=dee034fe-10:369
actionHandler @ viewer.js?v=dee034fe-10:347
action @ fileactions.js?v=dee034fe-10:136
_onClickFile @ filelist.js?v=dee034fe-10:901
I @ main.js?v=dee034fe-10:25
(anonymous) @ main.js?v=dee034fe-10:25
(anonymous) @ main.js?v=dee034fe-10:25
dispatch @ main.js?v=dee034fe-10:25
v.handle @ main.js?v=dee034fe-10:25
Show 16 more frames
viewer.js?v=dee034fe-10:347 Error: Request failed with status code 401
at t.exports (viewer.js?v=dee034fe-10:39)
at t.exports (viewer.js?v=dee034fe-10:260)
at XMLHttpRequest.h.onreadystatechange (viewer.js?v=dee034fe-10:39)

</details>
@BrozzSama BrozzSama added 0. Needs triage Pending check for reproducibility or if it fits our roadmap bug labels Aug 10, 2020
@skjnldsv
Copy link
Member

Hi, do you have federated sharing disabled. If so, please enable it again

@skjnldsv skjnldsv reopened this Aug 11, 2020
@BrozzSama
Copy link
Author

I enabled the federated shares as you suggested and it seems like the previews are now working. Is that the expected behavior?

@skjnldsv
Copy link
Member

Yes :)

See #20132

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap bug needs info
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@BrozzSama @skjnldsv