fix(files_sharing): ensure password or date is enabled by default to be enforced

[skjnldsv]

Summary

The same behaviour can be seen for password or date enforce

1. Enable Always ask for a password or Set default expiration date for shares via link or mail
2. Then enable password or date ENFORCE
3. Disable the initial Always ask for a password or Set default expiration date for shares via link or mail checkbox

The ENFORCE setting is still set to true in the DB. Despite the parent checkbox being disabled
That means we need to check for both checkboxes to really ensure the date or password is enforced

Screenshot bug

Checklist

• Code is properly formatted
• Sign-off message is added to all commits
• Tests (unit, integration, api and/or acceptance) are included
• Screenshots before/after for front-end changes
• Documentation (manuals or wiki) has been updated or is not required
• Backports requested where applicable (ex: critical bugfixes)

[skjnldsv]

/backport 627f8ca to stable31

[skjnldsv]

/backport 627f8ca to stable30

[nfebe]

The ENFORCE setting is still set to true in the DB. Despite the parent checkbox being disabled
That means we need to check for both checkboxes to really ensure the date or password is enforced

These new checks solve it on the client side but where are the checks to remove the db from the inconsistent state?

You need add a change that unchecks the sub checkbox when the main is unchecked making sure both requests are sent to the db? (This would fix the original but and the existing fix with be a guardrail)

[skjnldsv]

@nfebe no, it's been like that forever.
Please merge this and we can discuss about improving the backend.

[skjnldsv]

where the checks to remove the db from the inconsistent state?

One could argue you don't remove previously set configs.
We can chat about this code in a followup, but fixing the front is one thing, changing helpers that are used in many places for 10 years is another

server/lib/private/Share20/Manager.php

Lines 1769 to 1782 in 746e591

	$excludedGroups = $this->config->getAppValue('core', 'shareapi_enforce_links_password_excluded_groups', '');
	if ($excludedGroups !== '' && $checkGroupMembership) {
	$excludedGroups = json_decode($excludedGroups);
	$user = $this->userSession->getUser();
	if ($user) {
	$userGroups = $this->groupManager->getUserGroupIds($user);
	if ((bool)array_intersect($excludedGroups, $userGroups)) {
	return false;
	}
	}
	}
	return $this->config->getAppValue('core', 'shareapi_enforce_links_password', 'no') === 'yes';
	}

server/lib/private/legacy/OC_Util.php

Lines 56 to 67 in edf096a

	/**
	* Check if a password is required for each public link
	*
	* @param bool $checkGroupMembership Check group membership exclusion
	* @return bool
	* @deprecated 32.0.0 use OCP\Share\IManager's shareApiLinkEnforcePassword directly
	*/
	public static function isPublicLinkPasswordRequired(bool $checkGroupMembership = true) {
	/** @var IManager $shareManager */
	$shareManager = \OC::$server->get(IManager::class);
	return $shareManager->shareApiLinkEnforcePassword($checkGroupMembership);
	}

server/lib/private/Template/JSConfigHelper.php

Lines 97 to 98 in 03c76d8

	$enableLinkPasswordByDefault = $this->config->getAppValue('core', 'shareapi_enable_link_password_by_default', 'no');
	$enableLinkPasswordByDefault = $enableLinkPasswordByDefault === 'yes';