Allow unauthenticated users to view links

[pauldraper]

My links aren't private.

I'd like anyone at my organization to be able to use them without logging in.

   """Returns (shortlink_object, actual_destination)."""
   perfect_match = models.ShortLink.query(
-      models.ShortLink.organization == organization,
       models.ShortLink.shortpath == shortpath).get()

-      self.render_login_selector_page(redirect_to_after_oauth=self.request.path_url)
-      return
+      #self.render_login_selector_page(redirect_to_after_oauth=self.request.path_url)
+      #return

[itsojon]

@pauldraper thank you for creating this issue! So would you 1) want anonymous users to be able to use any go link in your instance or 2) want anonymous users to be able to use just the go links you yourself create? If the former, the quickest way to hack this in would be to populate the user email/org in the redirect logic if none is otherwise set: 92f2aa7

[pauldraper]

Yes (1)

[itsojon]

Got it, thank you! We'll consider adding a config option to allow anyone to follow the go links in an instance.

[flancian]

Ahoy! I'd like the same thing and would be willing to take a look, if you think this could be a good starter project for a new contributor.

[itsojon]

@flancian awesome! We'd welcome a contribution that makes this configurable.

Since Trotto by default is a multi-tenant application, go links stored in Trotto are associated with an "organization". Authenticated users are also associated with an organization, which is of course what controls which go links they can access and what organization the go links they create are associated with.

If unauthenticated users are to be able to use go links, there needs to be some mechanism for determining what organization to look up the link in. I suspect that in the great majority of cases, people managing their own instance of Trotto who want to allow open access only care about one organization (their own), so I think for the first cut of this, there can simply be a way to specify a single organization that should support open redirects. The configurations entry could be something like this:

In server/src/config/dev/config.yaml or server/src/config/prod/config.yaml:

open_redirects: example.com

where example.com is your org. (Note that for consumer email addresses like gmail.com addresses, the user's full email is their "organization". The logic for deriving an organization from an email address is here.)

So to add this feature, I'd suggest a cleaner version of the hack I shared before:

1. If routing/handlers.py finds no user is logged in, use shared_helpers.configs.get_config to check if there's an open_redirects configuration
2. If there is such a configuration, set self.user_org to that org
3. Update this check to instead check self.user_org. That shouldn't affect existing behavior, and there are tests to protect you.
4. Add tests for this new behavior to server/src/modules/routing/tests/handlers_tests.py

If the link doesn't exist, I believe the unauthenticated user will be redirected to create the link and then redirected to the signin page, which I think is fine behavior for a start.

Of course, feel free to suggest a better implementation!

[pauldraper]

I suspect that in the great majority of cases, people managing their own instance of Trotto who want to allow open access only care about one organization (their own)

Yes.

Thank you for your suggestions.

[itsojon]

@pauldraper thank you for affirming that, and you're welcome!

[flancian]

Thank you for the thorough description! ETA for tackling this: next weekend (June 6-7).

Feel free to grab if you need this sooner, but I'm happy to give it a shot.

[itsojon]

@flancian you're welcome, and the ETA sounds great! Don't hesitate to ask for help.

[stet]

Hi! I am looking to do an open resolver as well. Was this implemented already?
Thanks!

[itsojon]

Hi @stet! This hasn't been implemented, but as a quick way to make it work, you could update the go link router to always set current_user via the get_or_create_user function. You'd just need to be sure the current_user you set has the same email domain as whatever user(s) you're using to create links, since go links are siloed by user domain.

Trotto is focused on private shortlinks for teams, so this isn't a priority use case to support, but happy to help you hack it in.

[isviridov]

@itsojon Can you elaborate/provide code snippet analogous to
92f2aa7
for current version of handlers.py?

I've failed to make it work so far :(
Thanks!

[itsojon]

@isviridov sure thing, check out 4c5a3e8.

You'd replace DEFAULT_USER with whatever email address you're using to sign into your instance.
Let me know if that works for you!

[isviridov]

Thank you, that works!

I think ideal (but more involved) behaviour would be to to mimic Google Short Links - that is to have a per-link "public" flag;
if set it would allow unauthenticated users to view link; otherwise regular permissions would be enforced.

[itsojon]

@isviridov glad it's working for you! Agreed: If we add this feature, it will be along those lines.