dirkeys: add volflag dky (skip keycheck)

README.md

@@ -1852,6 +1852,8 @@ share specific folders in a volume  without giving away full read-access to the
 
 volflag `dk` generates dirkeys (per-directory accesskeys) for all folders, granting read-access to that folder; by default only that folder itself, no subfolders
 
+volflag `dky` disables the actual key-check, meaning anyone can see the contents of a folder where they have `g` access, but not its subdirectories
+
 volflag `dks` lets people enter subfolders as well, and also enables download-as-zip/tar
 
 dirkeys are generated based on another salt (`--dk-salt`) + filesystem-path and have a few limitations:

copyparty/authsrv.py

@@ -1688,8 +1688,15 @@ class AuthSrv(object):
 
             dk = vol.flags.get("dk")
             dks = vol.flags.get("dks")
+            dky = vol.flags.get("dky")
+            if dks is not None and dky is not None:
+                t = "WARNING: volume /%s has both dks and dky enabled; this is too yolo and not permitted"
+                raise Exception(t % (vol.vpath,))
+
             if dks and not dk:
                 dk = dks
+            if dky and not dk:
+                dk = dky
             if dk:
                 vol.flags["dk"] = int(dk) if dk is not True else 8
 

copyparty/httpcli.py

@@ -2879,6 +2879,9 @@ class HttpCli(object):
         if self.can_read or not self.can_get:
             return False
 
+        if self.vn.flags.get("dky"):
+            return True
+
         req = self.uparam.get("k") or ""
         if not req:
             return False
@@ -4234,6 +4237,9 @@ class HttpCli(object):
         add_fk = vf.get("fk")
         fk_alg = 2 if "fka" in vf else 1
         if add_dk:
+            if vf.get("dky"):
+                add_dk = False
+            else:
                 zs = self.gen_fk(2, self.args.dk_salt, abspath, 0, 0)[:add_dk]
                 ls_ret["dk"] = cgv["dk"] = zs