[Bug]: Create share link not possible if default expiry date is set (regression, NC 30.0.3rc2)

[XueSheng-GIT]

⚠️ This issue respects the following points: ⚠️

• This is a bug, not a question or a configuration/webserver/proxy issue.
• This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
• Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• I agree to follow Nextcloud's Code of Conduct.

Bug description

Creation of share links fails if default expiry date is forced in admin settings (see screenshot).
Instead of creating a link, a new item is shown within the share setting (see screenrecording).

Share settings (admin):

Create share link fails:
https://github.com/user-attachments/assets/adaf7204-90e2-4718-a6dd-63bb5fa5dfcd

Steps to reproduce

1. Login as admin
2. Open system settings (Verwaltungseinstellungen)
3. Open share settings (Teilen)
4. Set default share expiry and force a date (e.g. 14 day)
5. Open files app
6. Select share dialog of a file or folder
7. Click on create share (plus symbol)

Expected behavior

A new share link should be created.

Nextcloud Server version

30

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.3

Web server

Apache (supported)

Database engine version

PostgreSQL

Is this bug present after an update or on a fresh install?

Updated from a MINOR version (ex. 28.0.1 to 28.0.2)

Are you using the Nextcloud Server Encryption module?

None

What user-backends are you using?

• Default user-backend (database)
• LDAP/ Active Directory
• SSO - SAML
• Other

Configuration report

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "cloud2.demo.de"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "pgsql",
        "version": "30.0.3.1",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "forcessl": true,
        "forceSSLforSubdomains": true,
        "htaccess.RewriteBase": "\/",
        "overwrite.cli.url": "https:\/\/cloud2.demo.de\/",
        "overwritehost": "cloud2.demo.de",
        "overwriteprotocol": "https",
        "overwritewebroot": "",
        "trusted_proxies": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpmode": "smtp",
        "mail_smtpsecure": "ssl",
        "mail_sendmailmode": "smtp",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpauthtype": "LOGIN",
        "mail_smtpauth": true,
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "465",
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "theme": "",
        "logtimezone": "Europe\/Berlin",
        "loglevel": 0,
        "log_rotate_size": 104857600,
        "maintenance": false,
        "trashbin_retention_obligation": "30, 180",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 0,
            "dbindex": 0,
            "password": "***REMOVED SENSITIVE VALUE***",
            "timeout": 1.5
        },
        "enabledPreviewProviders": [
            "OC\\Preview\\PNG",
            "OC\\Preview\\JPEG",
            "OC\\Preview\\GIF",
            "OC\\Preview\\HEIC",
            "OC\\Preview\\BMP",
            "OC\\Preview\\XBitmap",
            "OC\\Preview\\MP3",
            "OC\\Preview\\TXT",
            "OC\\Preview\\MarkDown",
            "OC\\Preview\\Movie",
            "OC\\Preview\\MKV",
            "OC\\Preview\\MP4",
            "OC\\Preview\\AVI"
        ],
        "preview_max_x": "2048",
        "preview_max_y": "2048",
        "jpeg_quality": "60",
        "updater.release.channel": "beta",
        "app_install_overwrite": [
            "calendar",
            "keeweb",
            "files_retention",
            "bruteforcesettings",
            "previewgenerator",
            "socialsharing_email",
            "fulltextsearch",
            "fulltextsearch_elasticsearch",
            "files_fulltextsearch",
            "groupfolders",
            "files_fulltextsearch_tesseract",
            "emlviewer",
            "files_accesscontrol",
            "files_emailviewer"
        ],
        "default_language": "de",
        "default_locale": "de_DE",
        "default_phone_region": "DE",
        "allow_local_remote_servers": true,
        "activity_use_cached_mountpoints": true,
        "defaultapp": "",
        "maintenance_window_start": 1,
        "skeletondirectory": "\/mnt\/nextcloud\/skeleton",
        "templatedirectory": "\/mnt\/nextcloud\/templates"
    }
}

List of activated Apps

Enabled:
  - activity: 3.0.0
  - admin_audit: 1.20.0
  - app_api: 4.0.3
  - assistant: 2.1.1
  - bookmarks: 15.0.3
  - bruteforcesettings: 3.0.0
  - calendar: 5.0.6
  - circles: 30.0.0
  - cloud_federation_api: 1.13.0
  - collectives: 2.15.1
  - comments: 1.20.1
  - contacts: 6.1.1
  - contactsinteraction: 1.11.0
  - dashboard: 7.10.0
  - dav: 1.31.1
  - deck: 1.14.2
  - drop_account: 2.6.1
  - federatedfilesharing: 1.20.0
  - federation: 1.20.0
  - files: 2.2.0
  - files_automatedtagging: 1.20.0
  - files_downloadlimit: 3.0.0
  - files_emailviewer: 0.1.3
  - files_external: 1.22.0
  - files_fulltextsearch: 30.0.0
  - files_pdfviewer: 3.0.0
  - files_reminders: 1.3.0
  - files_retention: 1.19.0
  - files_sharing: 1.22.0
  - files_trashbin: 1.20.1
  - files_versions: 1.23.0
  - firstrunwizard: 3.0.0
  - fulltextsearch: 30.0.0
  - fulltextsearch_elasticsearch: 30.0.0
  - groupfolders: 18.0.6
  - integration_openai: 3.2.0
  - integration_replicate: 4.0.1
  - keeweb: 0.6.20
  - logreader: 3.0.0
  - lookup_server_connector: 1.18.0
  - mail: 4.1.0-beta.2
  - nextcloud_announcements: 2.0.0
  - notes: 4.11.0
  - notifications: 3.0.0
  - notify_push: 0.7.0
  - oauth2: 1.18.1
  - password_policy: 2.0.0
  - photos: 3.0.2
  - polls: 8.0.0-alpha8
  - previewgenerator: 5.7.0
  - privacy: 2.0.0
  - provisioning_api: 1.20.0
  - recommendations: 3.0.0
  - related_resources: 1.5.0
  - richdocuments: 8.5.2
  - serverinfo: 2.0.0
  - settings: 1.13.0
  - sharebymail: 1.20.0
  - spreed: 20.1.0-rc.3
  - support: 2.0.0
  - survey_client: 2.0.0
  - suspicious_login: 8.0.0
  - systemtags: 1.20.0
  - text: 4.1.0
  - theming: 2.5.0
  - twofactor_backupcodes: 1.19.0
  - twofactor_nextcloud_notification: 4.0.0
  - twofactor_totp: 12.0.0-dev
  - updatenotification: 1.20.0
  - user_status: 1.10.0
  - viewer: 3.0.0
  - weather_status: 1.10.0
  - webhook_listeners: 1.1.0-dev
  - welcome: 1.2.0
  - workflow_ocr: 1.30.1
  - workflow_script: 1.15.0
  - workflowengine: 2.12.0
Disabled:
  - encryption: 2.18.0 (installed 2.8.1)
  - files_accesscontrol: 1.20.1 (installed 1.20.1)
  - files_lock: 30.0.0 (installed 30.0.0)
  - user_ldap: 1.21.0

Nextcloud Signing status

n/a

Nextcloud Logs

n/a

Additional info

No response

[XueSheng-GIT]

@nfebe could this issue be related to your pull in regards to sharing #49115?

[garyx]

This exact behavior is also happening for our setup as seen with the screen recording the OP provided with an upgraded instance to NC 30.0.3.

Though we do not have a "default share expiry and force a date" enabled on our end.

We do have "Always ask for a password" enabled. Disabling that does fix this issue for us, but that's not optimal.

[mwildam]

For the case it helps: I do not have the password enforcing set in administrative settings and made some tests. The problem is even more severe: Although you can create share-Links with password if not enforced in admin settings, when those share links are opened, no password necessary and link is opened!

[mwildam]

I am on MariaDB and not on PostgreSQL btw, so not a DB provider specific issue.

[mwildam]

When the expiration date is enforced the creation of the link popup dialog is not closed and the link is not created. You could click the button several times and it seems to create the link several times. But when you finally click cancel and refresh the page those links are all gone:

[mwildam]

In my opinion when the enforcing of passwords and expiry dates is deactivated there is no further critical issue if the user carefully ready possible error messages before they vanish.

[mwildam]

What is strange: If I enforce password protection and disable in security the 2 password checks against haveibnpwned and common passwords, the same problem with the expiring date occurs although no expiration date enforced.

I have set minimum password length to 8 characters in this test.

[blizzz]

Solved with #49442