8.0.2: password protected Upload link

erikb · January 12, 2021, 5:50pm

I get “permission denied” when trying to upload via a password protected upload link. I get to the right page, press “Upload>”, choose a file and then the message “Permission denied” appears. Do you have an idea how I can debug this behavior?

Thanks,

dani · January 13, 2021, 4:38pm

Same thing here. When trying to upload, the response of the server is

{"error_msg":"Upload link 62cb2b6aed03409dbf86 is encrypted."}

Martin · January 14, 2021, 1:07pm

Can confirm the issue.

Manuel · January 19, 2021, 5:46pm

Can confirm here as well.
Seafile 8.0.2 (upgraded fromm 7.1.5) - Debian 11, Python 3.9

XHR GET https://<url>/seafile/api/v2.1/upload-links/bcd901afd4d345c088d3/upload/
HTTP/2 403 Forbidden
	
error_msg	"Upload link bcd901afd4d345c088d3 is encrypted."

Upload shares without password protection work fine.

Semmelbroesel24 · January 29, 2021, 7:54am

HI,

same problem here Ubuntu 18.04 LTS Mysql + nginx seafile 8.0.2
Without password works fine with password “permission denied”.

Greetins Mario

92lleo · January 29, 2021, 6:19pm

Has anyone tried this with 8.0.3?

Semmelbroesel24 · January 29, 2021, 7:50pm

Same problem, permission denied.

92lleo · January 30, 2021, 8:48pm

@daniel.pan can you confirm/give feedback pls?

daniel.pan · January 31, 2021, 2:48am

It seems to be a bug. We will fix it soon.

powUpYM · February 1, 2021, 9:10am

An error is raised from seahub/api2/endpoints/upload_links.py: “Upload link […] is encrypted.”

The check in line 324 (uls.is_encrypted) seems to be wrong, because is_enrypted is true, if the upload link is protected by a password.
The comment on line 323 “currently not support encrypted upload link” implies, that “is_encrypted” should check an upload link for an encrypted repo.

# currently not support encrypted upload link
# if uls.is_encrypted():
#    error_msg = 'Upload link %s is encrypted.' % token
#    return api_error(status.HTTP_403_FORBIDDEN, error_msg)

Commenting out lines 324-326 leads to working upload links. I am not sure, if this has any side effects.

92lleo · February 1, 2021, 4:18pm

 # currently not support encrypted upload link
 # if uls.is_encrypted():
 #    error_msg = 'Upload link %s is encrypted.' % token
 #    return api_error(status.HTTP_403_FORBIDDEN, error_msg)

Direct link this section in the github project

92lleo · March 12, 2021, 5:16pm

Hi @daniel.pan,
any ETA on this? Should be a rather small change, right?

BR,
Leo

daniel.pan · March 13, 2021, 2:23am

It should have already been fixed in the latest release.

92lleo · March 14, 2021, 12:49pm

@daniel.pan above you wrote it will be fixed soon 3 days after 8.0.3 was published. Thats still the latest release, correct? Also above, Semmelbroesel24 stated it’s the same problem on 8.0.3

I can’t verify it myself currently as we’re waiting for that fix before upgrading

edit:
this seems to be the fix commit: https://github.com/haiwen/seahub/commit/632e98ccd657d6c312480768a7942ab50cae12e7
From the seahub release page it’s only included in 8.0.0-pro, but not server/CE yet

erikb · March 15, 2021, 10:44am

I can’t verify it myself currently as we’re waiting for that fix before upgrading

I can confirm, that the problem still exists in 8.0.3 (consumer edition)

Martin · March 25, 2021, 8:02pm

Fixed in 8.0.4 CE.