shares: add get perm (closes #1264);

option was available in ui but never implemented serverside

copyparty/authsrv.py

@@ -1965,6 +1965,7 @@ class AuthSrv(object):
                     [sun] if "w" in s_pr else [],
                     [sun] if "m" in s_pr else [],
                     [sun] if "d" in s_pr else [],
+                    [sun] if "g" in s_pr else [],
                 )
 
                 # don't know the abspath yet + wanna ensure the user

copyparty/httpcli.py

@@ -6355,8 +6355,11 @@ class HttpCli(object):
         s_wr = "write" in req["perms"]
         s_mv = "move" in req["perms"]
         s_del = "delete" in req["perms"]
+        s_get = "get" in req["perms"]
+        s_axs = [s_rd, s_wr, s_mv, s_del, s_get]
+
         try:
-            vfs, rem = self.asrv.vfs.get(vp, self.uname, s_rd, s_wr, s_mv, s_del)
+            vfs, rem = self.asrv.vfs.get(vp, self.uname, s_rd, s_wr, s_mv, s_del, s_get)
         except:
             raise Pebkac(400, "you dont have all the perms you tried to grant")
 
@@ -6368,9 +6371,7 @@ class HttpCli(object):
         else:
             raise Pebkac(400, "you dont have perms to create shares from this volume")
 
-        ap, reals, _ = vfs.ls(
-            rem, self.uname, not self.args.no_scandir, [[s_rd, s_wr, s_mv, s_del]]
-        )
+        ap, reals, _ = vfs.ls(rem, self.uname, not self.args.no_scandir, [s_axs])
         rfns = set([x[0] for x in reals])
         for fn in fns:
             if fn not in rfns:
@@ -6382,7 +6383,7 @@ class HttpCli(object):
         sexp = req["exp"]
         exp = int(sexp) if sexp else 0
         exp = now + exp * 60 if exp else 0
-        pr = "".join(zc for zc, zb in zip("rwmd", (s_rd, s_wr, s_mv, s_del)) if zb)
+        pr = "".join(zc for zc, zb in zip("rwmdg", s_axs) if zb)
 
         q = "insert into sh values (?,?,?,?,?,?,?,?)"
         cur.execute(q, (skey, pw, vp, pr, len(fns), self.uname, now, exp))
@@ -6808,9 +6809,14 @@ class HttpCli(object):
                 fk_pass = True
 
         if not is_dir and (self.can_read or self.can_get):
-            if not self.can_read and not fk_pass and "fk" in vn.flags:
-                if not use_filekey:
-                    return self.tx_404(True)
+            if (
+                not self.can_read
+                and not fk_pass
+                and "fk" in vn.flags
+                and not use_filekey
+                and not self.vpath.startswith(self.args.shr1 or "\n")
+            ):
+                return self.tx_404(True)
 
             is_md = abspath.lower().endswith(".md")
             if add_og and not is_md:

tests/util.py

@@ -164,7 +164,7 @@ class Cfg(Namespace):
         ex = "ctl_re db_act forget_ip idp_cookie idp_store k304 loris no304 nosubtle qr_pin qr_wait re_maxage rproxy rsp_jtr rsp_slp s_wr_slp snap_wri theme themes turbo u2ow zipmaxn zipmaxs"
         ka.update(**{k: 0 for k in ex.split()})
 
-        ex = "ah_alg bname chdir chmod_f chpw_db db_xattr doctitle df epilogues exit favico ipa ipar html_head html_head_d html_head_s idp_login idp_logout lg_sba lg_sbf log_date log_fk md_sba md_sbf name og_desc og_site og_th og_title og_title_a og_title_v og_title_i opds_exts preadmes prologues readmes shr shr_site site smsg tcolor textfiles txt_eol ufavico ufavico_h unlist up_site vname xff_src zipmaxt R RS SR"
+        ex = "ah_alg bname chdir chmod_f chpw_db db_xattr doctitle df epilogues exit favico ipa ipar html_head html_head_d html_head_s idp_login idp_logout lg_sba lg_sbf log_date log_fk md_sba md_sbf name og_desc og_site og_th og_title og_title_a og_title_v og_title_i opds_exts preadmes prologues readmes shr shr1 shr_site site smsg tcolor textfiles txt_eol ufavico ufavico_h unlist up_site vname xff_src zipmaxt R RS SR"
         ka.update(**{k: "" for k in ex.split()})
 
         ex = "apnd_who ban_403 ban_404 ban_422 ban_pw ban_pwc ban_url dont_ban cachectl http_vary rcm rss_fmt_d rss_fmt_t spinner"