enh(Sharing): backend infrastructre for read-only link shares #2211

blizzz · 2025-12-08T21:56:18Z

contributes to #67

modifies oc_tables_share structure with two columns, token and password
adds ShareOCSController with a route to create link shares
adds a PageController front route to display the link share
adds a ApiPublicColumnsController to retrieve columns for public
links. It was not added to the existing ApiColumnsController, as it
requires the userId of the logged-in user and I did not want to weaken
this detail.
adds an abstract controller for columns with shared functionality and
make ApiColumnsController extend it.
adds a PublicRowOCSController for retrieving rows through link shares
adds a ShareToken value object
adds a ShareControlMiddleware for share token and existance
validation. It comes with the AssertShareToken attribute.
extends Share entity with ShareToken and Password properties
extends ShareMapper to find a share by the share token
extends ShareService with a method to easily create link shares
extends ResponseDefinitions with TablesPublicRow and
TablesPublicColumn specs. Essentially tableIDs are not exposed and
also user ids in lastEditBy and createdBy are not disclosed.
extends RowService and ColumnService with methods to return such ^
formatted result arrays.
extends OpenAPI spec

Curl examples for added API endpoints

Create a share link without password

curl -u user:secret -X POST https://cloud.example.com/ocs/v2.php/apps/tables/api/2/tables/${TABLE_ID}/share -H "OCS-APIRequest: true"

fetch column information

curl -i https://cloud.example.com/ocs/v2.php/apps/tables/api/2/public/${SHARE_TOKEN}/columns -H "OCS-APIRequest: true"

fetch all rows

curl -i https://cloud.example.com/ocs/v2.php/apps/tables/api/2/public/${SHARE_TOKEN}/rows -H "OCS-APIRequest: true"

blizzz · 2025-12-11T12:02:00Z

lib/Controller/PageController.php

+	#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
+	#[FrontpageRoute(verb: 'GET', url: '/s/{token}')]
+	public function linkShare(string $token): TemplateResponse {
+		Util::addScript(Application::APP_ID, 'tables-main');


@enjeck may keep this if new functionality goes into the main script, or otherwise we can change this if course and load a different one.

The share token is being provided via initialState a few lines below.

lib/Controller/PageController.php

lib/Controller/ApiPublicColumnsController.php

lib/Controller/PublicRowOCSController.php

enjeck · 2025-12-28T08:14:16Z

lib/Service/RowService.php

+	public function formatRowsForPublicShare(array $rows): array {
+		return array_map(static function (Row2 $row): array {
+			$rowData = $row->jsonSerialize();
+			unset($rowData['tableId']);


Why do we unset the tableId but not the column/row ids? What makes tableId more riskier

If we can prevent sending the row and column ids, we should do that. IIRC we need the column IDs as column meta data and rows are separate resourced and need to be linked together. Maybe we can hold back the row Id.

But if we allow to have deep/anchor links to the specific table or view row, we have to provide it i think.

The basic idea is to leak as little internal data as possible. Even if table IDs are known, without authentication and access you should not be able to do anything about them. As they are being sequential at the moment, having them withdrawn is not a big protection either.

That said, I am open to leave this item in place and send it along with the payload.

enjeck

we don't seem to have a way to get the title and description of the table/view given the token?

blizzz · 2026-01-05T11:21:45Z

we don't seem to have a way to get the title and description of the table/view given the token?

Indeed, those details… requires another public controller. No biggy. It would return either TablesView or TablesTable. They look similar, but can be kept apart by checking whether an tableId key is present. But since some information should be withdrawn, we need a new response definition anyways and can add a "nodeType" as well.

enjeck · 2026-01-06T03:33:05Z

Indeed, those details… requires another public controller.

We could use initialState too if that's easier?

blizzz · 2026-01-06T11:11:25Z

Indeed, those details… requires another public controller.

We could use initialState too if that's easier?

Indeed 👍 It does not change much for the response type definition, but would save that additional controller, that's right.

blizzz · 2026-01-06T12:25:10Z

@enjeck does this help? 0078f8d

- modifies oc_tables_share structure with two columns, token and password - adds ShareOCSController with a route to create link shares - adds a PageController front route to display the link share - adds a ApiPublicColumnsController to retrieve columns for public links. It was not added to the existing ApiColumnsController, as it requires the userId of the logged-in user and I did not want to weaken this detail. - adds an abstract controller for columns with shared functionality and make ApiColumnsController extend it. - adds a PublicRowOCSController for retrieving rows through link shares - adds a ShareToken value object - adds a ShareControlMiddleware for share token and existance validation. It comes with the AssertShareToken attribute. - extends Share entity with ShareToken and Password properties - extends ShareMapper to find a share by the share token - extends ShareService with a method to easily create link shares - extends ResponseDefinitions with TablesPublicRow and TablesPublicColumn specs. Essentially tableIDs are not exposed and also user ids in lastEditBy and createdBy are not disclosed. - extends RowService and ColumnService with methods to return such ^ formatted result arrays. - extends OpenAPI spec Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

blizzz added enhancement New feature or request 2. developing Work in progress labels Dec 8, 2025

blizzz self-assigned this Dec 8, 2025

blizzz added this to 📝 Office team Dec 8, 2025

github-project-automation bot moved this to 🧭 Planning evaluation (don't pick) in 📝 Office team Dec 8, 2025

blizzz moved this from 🧭 Planning evaluation (don't pick) to 🏗️ In progress in 📝 Office team Dec 8, 2025

blizzz force-pushed the enh/noid/link-share-biz branch 4 times, most recently from c331e92 to ec7bd73 Compare December 11, 2025 12:00

blizzz commented Dec 11, 2025

View reviewed changes

blizzz force-pushed the enh/noid/link-share-biz branch 2 times, most recently from d0a78bc to 63b0a70 Compare December 11, 2025 20:31

blizzz mentioned this pull request Dec 19, 2025

Share table/views with a link #67

Open

blizzz force-pushed the enh/noid/link-share-biz branch from 63b0a70 to 9f86cfc Compare December 20, 2025 00:38

blizzz added 3. to review Waiting for reviews and removed 2. developing Work in progress labels Dec 20, 2025

blizzz marked this pull request as ready for review December 20, 2025 00:39

blizzz requested a review from enjeck as a code owner December 20, 2025 00:39

blizzz requested a review from a team December 20, 2025 00:47