The federation app is not always installed, causing QueryException when
`OCA\Federation\TrustedServers` is injected as a hard dependency.
Signed-off-by: nfebe <fenn25.fn@gmail.com>
When `show_federated_shares_to_trusted_servers_as_internal` is enabled
but `show_federated_shares_as_internal` is not, filter federated share
suggestions to only include trusted servers. Previously, searching for
an email address would suggest non-trusted federated servers.
Resolved: #54511
Signed-off-by: nfebe <fenn25.fn@gmail.com>
When `show_federated_shares_to_trusted_servers_as_internal` is enabled,
lookup server results were being filtered out because they lacked the
`isTrustedServer` flag. This adds the flag to lookup results by:
- Injecting TrustedServers service into LookupPlugin
- Adding `server` and `isTrustedServer` fields to each lookup result
- Updating tests to reflect new structure
This ensures lookup results from trusted servers appear in internal
sharing while non-trusted servers are correctly filtered out.
Signed-off-by: nfebe <fenn25.fn@gmail.com>
The MailPlugin collaborator returned results for both user and mail
collaborators, but it was registered only for mail collaborators. While
it might make sense to move the user results to the UserPlugin instead
that change would be more complex and riskier, so for now the MailPlugin
is now registered for both user and mail collaborators and the results
are limited only to the registered type.
As the plugins are registered only with their class and then resolved
when needed using dependency injection it is not possible (as far as I
know) to provide an explicit parameter in the constructor to
differentiate whether the MailPlugin should return user or mail
collaborators. To overcome this two subclasses are introduced,
MailByMailPlugin and UserByMailPlugin, which just hardcode in their
constructor the collaborator type that their parent MailPlugin must use,
and those subclasses are the ones registered instead of the MailPlugin
(which still contains all the logic).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When searching we need to:
1. check if sharing is limited to groups
- if yes only include those
- otherwise continue
2. check if there are restrictions to groups or phonebook
3. check if full match is included
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
UniqueConstraintViolationException is no longer throw directly but
instead is now wrapped inside a \OCP\DB\Exception. So check the
exception reason.
Signed-off-by: Carl Schwan <carl.schwan@nextclound.com>
Calling the public API endpoints will check for matching registered
reference providers that implement `IPublicReferenceProvider` and call
their respective functions. If no matching provider is found, the
default `LinkReferenceProvider` will be used to provide open graph data.
The frontend reference widget components will call these endpoints from
unauthorized sessions, e.g. in public shares.
If present, the sharing token of the origin URL is passed to
`resolveReferencePublic()` as additional information for the reference
provider to determine the access scope. This allows the respective
reference providers to determine whether the origin share has access to
the linked resource.
`getCacheKeyPublic` also gets the sharing token so it can scope the cached
entry to it.
Contributes to #45978
Signed-off-by: Jonas <jonas@freesources.org>
This would be useful to eleminate the need for using this OC class
when an app dev wants to implement a custom reference provider
for the web client but wants to fall back on opengraph for mobile
clients.
Signed-off-by: Anupam Kumar <kyteinsky@gmail.com>
