diff --git a/apps/dav/lib/Connector/Sabre/ServerFactory.php b/apps/dav/lib/Connector/Sabre/ServerFactory.php index 3aabb828d9c50..7ed8eb2787a6b 100644 --- a/apps/dav/lib/Connector/Sabre/ServerFactory.php +++ b/apps/dav/lib/Connector/Sabre/ServerFactory.php @@ -131,6 +131,7 @@ public function createServer(string $baseUri, // Allow view-only plugin for webdav requests $server->addPlugin(new ViewOnlyPlugin( $userFolder, + $this->config, )); if ($this->userSession->isLoggedIn()) { diff --git a/apps/dav/lib/DAV/ViewOnlyPlugin.php b/apps/dav/lib/DAV/ViewOnlyPlugin.php index d53a74923fe34..7108dc1fa0901 100644 --- a/apps/dav/lib/DAV/ViewOnlyPlugin.php +++ b/apps/dav/lib/DAV/ViewOnlyPlugin.php @@ -14,6 +14,7 @@ use OCP\Files\Folder; use OCP\Files\NotFoundException; use OCP\Files\Storage\ISharedStorage; +use OCP\IConfig; use Sabre\DAV\Exception\NotFound; use Sabre\DAV\Server; use Sabre\DAV\ServerPlugin; @@ -27,6 +28,7 @@ class ViewOnlyPlugin extends ServerPlugin { public function __construct( private ?Folder $userFolder, + private IConfig $config, ) { } @@ -92,6 +94,11 @@ public function checkViewOnly(RequestInterface $request): bool { return true; } + $allowedFileExtensions = $this->config->getSystemValue('allowed_view_extensions', []); + if ($allowedFileExtensions && in_array($node->getExtension(), $allowedFileExtensions, true)) { + return true; + } + // Check if read-only and on whether permission can download is both set and disabled. $canDownload = $attributes->getAttribute('permissions', 'download'); if ($canDownload !== null && !$canDownload) { diff --git a/apps/dav/lib/Server.php b/apps/dav/lib/Server.php index 835a13a45b26e..94f88e586a85a 100644 --- a/apps/dav/lib/Server.php +++ b/apps/dav/lib/Server.php @@ -253,6 +253,7 @@ public function __construct( // Allow view-only plugin for webdav requests $this->server->addPlugin(new ViewOnlyPlugin( \OC::$server->getUserFolder(), + \OCP\Server::get(IConfig::class), )); // custom properties plugin must be the last one