Download of multiple files failing on public links #1712
Description
Describe the bug
I have a shared, public link on a folder with "Can edit (View, upload, edit, download, delete)" permissions, and can access and view files & directories in that folder.
I can also download files one by one, however trying to download multiple files at once returns an error 'Failed to download the selected files."
Note that as a logged-in user I have no problems downloading files.
Steps to reproduce
- Create a public link
- Open the public link, select more than one file and click the "download" button
Expected behavior
Downloading of multiple files should work.
Actual behavior
Error message 'Failed to download the selected files'.
In the backend, I can see the the following logs:
{"level":"error","service":"proxy","error":"gateway: grpc failed with code CODE_PERMISSION_DENIED","time":"2025-10-25T13:08:19Z","message":"error when calling Createhome"}
{"level":"error","service":"gateway","host.name":"opencloud-679444ff47-79d4k","pkg":"rgrpc","traceid":"77fc0a08975724beff160a095da08d7d","error":"error: permission denied: access forbidden via public link","ref":{"resource_id":{"storage_id":"9160e783-c388-4f99-9454-670a858b38f7","opaque_id":"82871925-9c76-43c0-86b9-aca5df7f96b3","space_id":"96458d93-d65f-4245-9b42-68751f04ab48"},"path":"."},"scope":"publicshare:snYnZpgdaMikAkP","time":"2025-10-25T13:08:19Z","message":"error resolving reference under scope"}
{"level":"error","service":"gateway","host.name":"opencloud-679444ff47-79d4k","pkg":"rgrpc","traceid":"77fc0a08975724beff160a095da08d7d","error":"error: permission denied: access forbidden via public link","ref":{"resource_id":{"storage_id":"9160e783-c388-4f99-9454-670a858b38f7","opaque_id":"82871925-9c76-43c0-86b9-aca5df7f96b3","space_id":"96458d93-d65f-4245-9b42-68751f04ab48"},"path":"."},"scope":"publicshare:snYnZpgdaMikAkP","time":"2025-10-25T13:08:19Z","message":"error resolving reference under scope"}
{"level":"error","service":"gateway","host.name":"opencloud-679444ff47-79d4k","pkg":"rgrpc","traceid":"77fc0a08975724beff160a095da08d7d","user-agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.6 Safari/605.1.15","from":"tcp://127.0.0.1:41844","uri":"/cs3.storage.registry.v1beta1.RegistryAPI/ListStorageProviders","start":"25/Oct/2025:13:08:19 +0000","end":"25/Oct/2025:13:08:19 +0000","time_ns":4015152,"code":"PermissionDenied","time":"2025-10-25T13:08:19Z","message":"rpc error: code = PermissionDenied desc = auth: core access token is invalid"}
{"level":"error","service":"frontend","host.name":"opencloud-679444ff47-79d4k","pkg":"rhttp","time":"2025-10-25T13:08:19Z","message":"error: not found: gateway could not find space for ref=resource_id:{storage_id:\"9160e783-c388-4f99-9454-670a858b38f7\" opaque_id:\"82871925-9c76-43c0-86b9-aca5df7f96b3\" space_id:\"96458d93-d65f-4245-9b42-68751f04ab48\"} path:\".\""}Setup
Running this in k8s with a HostPath mount for the data directory, but a pretty basic / minimal setup.
Details
apiVersion: apps/v1
kind: Deployment
metadata:
name: opencloud
labels:
app: opencloud
spec:
selector:
matchLabels:
app: opencloud
replicas: 1
template:
metadata:
labels:
app: opencloud
spec:
containers:
- name: opencloud
image: opencloudeu/opencloud-rolling:latest
env:
- name: PROXY_HTTP_ADDR
value: 0.0.0.0:9200
- name: OC_URL
value: https://opencloud.mydomain.com
volumeMounts:
- name: opencloud-config
mountPath: /etc/opencloud
- name: opencloud-data
mountPath: /var/lib/opencloud
volumes:
- name: opencloud-config
persistentVolumeClaim:
claimName: opencloud-config
- name: opencloud-data
hostPath:
path: /mnt/data/opencloud/This is exposed through nginx-ingress, which I know is working because the download for logged-in users work too :-)
If there's anything else I can provide, please let me know!