fix(attachments): Uploading of attachments from public shares

The session middleware expects the share token as param `token`. Fixes: #6206 Signed-off-by: Jonas <[email protected]>
nextcloud · juliusknorr · Aug 28, 2024 · Aug 14, 2024 · Aug 14, 2024 · Aug 28, 2024
commit eac32b4b99776b3cc9e233d6d39b28936e27ae35
diff --git a/lib/Controller/AttachmentController.php b/lib/Controller/AttachmentController.php
@@ -126,7 +126,7 @@ public function insertAttachmentFile(string $filePath): DataResponse {
 	#[NoAdminRequired]
 	#[PublicPage]
 	#[RequireDocumentSession]
-	public function uploadAttachment(?string $shareToken = null): DataResponse {
+	public function uploadAttachment(?string $token = null): DataResponse {
 		$documentId = $this->getSession()->getDocumentId();
 
 		try {
@@ -137,8 +137,8 @@ public function uploadAttachment(?string $shareToken = null): DataResponse {
 					throw new Exception('Could not read file');
 				}
 				$newFileName = $file['name'];
-				if ($shareToken) {
-					$uploadResult = $this->attachmentService->uploadAttachmentPublic($documentId, $newFileName, $newFileResource, $shareToken);
+				if ($token) {
+					$uploadResult = $this->attachmentService->uploadAttachmentPublic($documentId, $newFileName, $newFileResource, $token);
 				} else {
 					$userId = $this->getSession()->getUserId();
 					$uploadResult = $this->attachmentService->uploadAttachment($documentId, $newFileName, $newFileResource, $userId);

diff --git a/src/services/SessionApi.js b/src/services/SessionApi.js
@@ -164,7 +164,7 @@ export class Connection {
 			+ '?documentId=' + encodeURIComponent(this.#document.id)
 			+ '&sessionId=' + encodeURIComponent(this.#session.id)
 			+ '&sessionToken=' + encodeURIComponent(this.#session.token)
-			+ '&shareToken=' + encodeURIComponent(this.#options.shareToken || '')
+			+ '&token=' + encodeURIComponent(this.#options.shareToken || '')
 		return this.#post(url, formData, {
 			headers: {
 				'Content-Type': 'multipart/form-data',