Don't allow download for e2e encrypted files

Forceu · Forceu · commit 701130a1529c · 2025-12-30T15:28:30.000+01:00
diff --git a/internal/webserver/api/Api.go b/internal/webserver/api/Api.go
@@ -463,6 +463,10 @@ func apiDownloadSingle(w http.ResponseWriter, r requestParser, user models.User)
 		sendError(w, http.StatusUnauthorized, "No permission to download file")
 		return
 	}
+	if file.Encryption.IsEndToEndEncrypted {
+		sendError(w, http.StatusBadRequest, "End-to-End encrypted files cannot be downloaded")
+		return
+	}
 	if !request.PresignUrl {
 		storage.ServeFile(file, w, request.WebRequest, true, request.IncreaseCounter)
 		return
@@ -474,8 +478,9 @@ func apiDownloadSingle(w http.ResponseWriter, r requestParser, user models.User)
 	}
 	database.SavePresignedUrl(presignUrl)
 	response := struct {
+		Result      string `json:"Result"`
 		DownloadUrl string `json:"downloadUrl"`
-	}{configuration.Get().ServerUrl + "downloadPresigned?key=" + presignUrl.Id + "&id=" + file.Id}
+	}{"OK", configuration.Get().ServerUrl + "downloadPresigned?key=" + presignUrl.Id + "&id=" + file.Id}
 	result, err := json.Marshal(response)
 	helper.Check(err)
 	_, _ = w.Write(result)
@@ -520,7 +525,7 @@ func apiDuplicateFile(w http.ResponseWriter, r requestParser, user models.User)
 		request.UnlimitedTime,
 		request.UnlimitedDownloads,
 		false, // is not being used by storage.DuplicateFile
-		0)     // is not being used by storage.DuplicateFile
+		0) // is not being used by storage.DuplicateFile
 	newFile, err := storage.DuplicateFile(file, request.RequestedChanges, request.FileName, uploadRequest)
 	if err != nil {
 		sendError(w, http.StatusInternalServerError, err.Error())
diff --git a/internal/webserver/web/static/apidocumentation/openapi.json b/internal/webserver/web/static/apidocumentation/openapi.json
@@ -114,7 +114,7 @@
           "files"
         ],
         "summary": "Downloads file with optionally increasing the download counter",
-        "description": "This API call downloads a file that is not expired and increasing its download counter is disabled by default. Can be set up to return a pre-signed URL instead of the file itself, which is valid for 30 seconds and can be accessed by any registered user. Returns 404 if an invalid/expired ID was passed. Requires API permission DOWNLOAD. To download files that were not uploaded by the user, the user needs to have the user permission LIST",
+        "description": "This API call downloads a file that is not expired and increasing its download counter is disabled by default. Can be set up to return a pre-signed URL instead of the file itself, which is valid for 30 seconds and can be accessed by any registered user. End-to-end encrypted files cannot be downloaded. Returns 404 if an invalid/expired ID was passed. Requires API permission DOWNLOAD. To download files that were not uploaded by the user, the user needs to have the user permission LIST",
         "operationId": "downloadsingle",
         "parameters": [
           {
@@ -142,7 +142,7 @@
             "schema": {
               "type": "boolean"
             },
-            "description": "Return a pre-signed URL instead of the actual file. Valid for 30 seconds and can only be used by logged in users"
+            "description": "Return a pre-signed URL instead of the actual file. Valid for one download within 30 seconds and can only be used by logged in users"
           }
         ],
         "security": [
@@ -176,7 +176,7 @@
             }
           },
           "400": {
-            "description": "Invalid input"
+            "description": "Invalid input or trying to download an end-to-end encrypted file"
           },
           "401": {
             "description": "Invalid API key provided for authentication or API key does not have the required permission"
diff --git a/internal/webserver/web/static/js/admin_ui_upload.js b/internal/webserver/web/static/js/admin_ui_upload.js
@@ -799,6 +799,9 @@ function createButtonGroup(item) {
     btnDownload.type = 'button';
     btnDownload.className = 'btn btn-outline-light btn-sm';
     btnDownload.title = 'Download';
+    if (item.IsEndToEndEncrypted) {
+        btnDownload.classList.add("disabled");
+    }
 
     const downloadIcon = document.createElement('i');
     downloadIcon.className = 'bi bi-download';
diff --git a/internal/webserver/web/static/js/min/admin.min.15.js b/internal/webserver/web/static/js/min/admin.min.15.js
diff --git a/internal/webserver/web/templates/html_admin.tmpl b/internal/webserver/web/templates/html_admin.tmpl
@@ -198,7 +198,7 @@
 			<button
 			    type="button"
 			    title="Download"
-			    class="btn btn-outline-light btn-sm"
+			    class="btn btn-outline-light btn-sm {{if .CurrentFile.IsEndToEndEncrypted}}disabled{{end}}"
 			    onclick="downloadFileWithPresign('{{.CurrentFile.Id }}', false);">
 		   	    <i class="bi bi-download"></i>
 			</button>
diff --git a/openapi.json b/openapi.json
@@ -114,7 +114,7 @@
           "files"
         ],
         "summary": "Downloads file with optionally increasing the download counter",
-        "description": "This API call downloads a file that is not expired and increasing its download counter is disabled by default. Can be set up to return a pre-signed URL instead of the file itself, which is valid for 30 seconds and can be accessed by any registered user. Returns 404 if an invalid/expired ID was passed. Requires API permission DOWNLOAD. To download files that were not uploaded by the user, the user needs to have the user permission LIST",
+        "description": "This API call downloads a file that is not expired and increasing its download counter is disabled by default. Can be set up to return a pre-signed URL instead of the file itself, which is valid for 30 seconds and can be accessed by any registered user. End-to-end encrypted files cannot be downloaded. Returns 404 if an invalid/expired ID was passed. Requires API permission DOWNLOAD. To download files that were not uploaded by the user, the user needs to have the user permission LIST",
         "operationId": "downloadsingle",
         "parameters": [
           {
@@ -142,7 +142,7 @@
             "schema": {
               "type": "boolean"
             },
-            "description": "Return a pre-signed URL instead of the actual file. Valid for 30 seconds and can only be used by logged in users"
+            "description": "Return a pre-signed URL instead of the actual file. Valid for one download within 30 seconds and can only be used by logged in users"
           }
         ],
         "security": [
@@ -176,7 +176,7 @@
             }
           },
           "400": {
-            "description": "Invalid input"
+            "description": "Invalid input or trying to download an end-to-end encrypted file"
           },
           "401": {
             "description": "Invalid API key provided for authentication or API key does not have the required permission"
