got writable Collabora shares working

api/src/Link/Sharing.php

@@ -57,9 +57,9 @@ class Sharing extends \EGroupware\Api\Sharing
 	 * The anonymous user probably doesn't have the needed permissions to access
 	 * the record, so we should set that up to avoid permission errors
 	 */
-	protected function after_login()
+	protected static function after_login(array $share)
 	{
-		list($app) = explode('::', $this->share['share_path']);
+		list($app) = explode('::', $share['share_path']);
 
 		// allow app (gets overwritten by session::create)
 		$GLOBALS['egw_info']['flags']['currentapp'] = $app;

api/src/Sharing.php

@@ -264,7 +264,7 @@ class Sharing
 	 * Sub-class specific things needed to be done to the share (or session)
 	 * after we login but before we start actually doing anything
 	 */
-	protected function after_login() {}
+	protected static function after_login() {}
 
 
 	protected static function login($keep_session, &$share)
@@ -285,7 +285,7 @@ class Sharing
 		{
 			$sessionid = static::create_new_session();
 
-			$GLOBALS['egw']->sharing->after_login();
+			static::after_login($share);
 		}
 		// we have a session we want to keep, but share owner is different from current user and we dont need filemanager UI
 		// --> we dont need session and close it, to not modifiy it
@@ -507,7 +507,7 @@ class Sharing
 	public function ServeRequest()
 	{
 		// sharing is for a different share, change to current share
-		if ($this->share['share_token'] !== self::get_token())
+		if (empty($this->share['skip_validate_token']) && $this->share['share_token'] !== self::get_token())
 		{
 			// to keep the session we require the regular user flag "N" AND a user-name not equal to "anonymous"
 			self::create_session($GLOBALS['egw']->session->session_flags === 'N' &&

api/src/Vfs/Sharing.php

@@ -15,6 +15,7 @@ namespace EGroupware\Api\Vfs;
 
 use EGroupware\Api;
 use EGroupware\Api\Vfs;
+use EGroupware\Collabora\Wopi;
 use filemanager_ui;
 
 /**
@@ -209,14 +210,14 @@ class Sharing extends \EGroupware\Api\Sharing
 		);
 	}
 
-	protected function after_login()
+	protected static function after_login($share)
 	{
 		// only allow filemanager app (gets overwritten by session::create)
 		$GLOBALS['egw_info']['user']['apps'] = array(
 			'filemanager' => $GLOBALS['egw_info']['apps']['filemanager']
 		);
 		// check if sharee has Collabora run rights --> give is to share too
-		$apps = $GLOBALS['egw']->acl->get_user_applications($this->share['share_owner']);
+		$apps = $GLOBALS['egw']->acl->get_user_applications($share['share_owner']);
 		if (!empty($apps['collabora']))
 		{
 			$GLOBALS['egw_info']['user']['apps']['collabora'] = $GLOBALS['egw_info']['apps']['collabora'];

api/src/Vfs/StreamWrapper.php

@@ -703,7 +703,7 @@ class StreamWrapper extends Base implements StreamWrapperIface
 
 		// we need to make sure the mount-point is readable eg. if something is mounted into an other users home-directory
 		if (!isset($mount_point)) Vfs::mount_url($url, $mount_point);	// resolve_url only returns mount-point for pathes or vfs urls
-		if (!in_array($mount_point, ['/', '/apps', '/home']) &&	// they all are public readable
+		if (!($mount_point === '/' || Vfs::dirname($mount_point) === '/') &&	// they all are public readable
 			($class = self::scheme2class(Vfs::parse_url($url, PHP_URL_SCHEME))) &&
 			!is_a($class, Vfs\Sqlfs\StreamWrapper::class) &&	// decendents of SqlFS stream-wrapper always check traversal right to /
 			!$this->check_access(Vfs::dirname($mount_point), Vfs::READABLE))