I think there is a issue about privacy in the way shared links are dispoalyed in the admin interface
If an admin can see all links shared by other users here :
He can potentially access all files shared by others, such as :
https://seafile.domain.fr/f/[token]` (also for /d/)
As far as there is an option in seahub settings
ENABLE_SYS_ADMIN_VIEW_REPO = False
I think that when this option is set to False it should also mask the tokens displayed in sysadmin wiew, in order to prevent the admin of accessing all files shared by users.
This could be a bonus for GDPR compliancy