feat: Password protected public share#1922
Merged
FabianDevel merged 22 commits intomainfrom Mar 13, 2026
Merged
Conversation
FabianDevel
added
enhancement
FabianDevel
force-pushed
the
password-protected-public-share
branch
from
58b1095 to
679cc1f
Compare
FabianDevel
force-pushed
the
password-protected-public-share
branch
from
679cc1f to
0482e15
Compare
FabianDevel
force-pushed
the
password-protected-public-share
branch
from
0482e15 to
671e192
Compare
benjaminVadon
force-pushed
the
password-protected-public-share
branch
from
671e192 to
f553c07
Compare
benjaminVadon
force-pushed
the
password-protected-public-share
branch
from
f9bbf83 to
589bca9
Compare
benjaminVadon
force-pushed
the
password-protected-public-share
branch
from
589bca9 to
2b01b20
Compare
FabianDevel
force-pushed
the
password-protected-public-share
branch
from
2b01b20 to
eaec8d5
Compare
github-actions
Bot
force-pushed
the
password-protected-public-share
branch
from
eaec8d5 to
a9b8f4d
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
This PR enables opening password-protected public shares directly in the Android app by adding a password validation flow that retrieves and propagates a share-link auth token across public-share API calls and file operations.
Changes:
- Replace the “not supported” password screen with an in-app password submission/validation flow and navigation into the public share file list.
- Introduce a
PublicShareTokenresponse model and propagatesharelink_tokenthrough public-share API routes (listing, counts, archives, previews/downloads). - Attach public-share auth context (UUID + token) to
Fileobjects so downstream features (thumbnails, previews, downloads, counts) can work for protected shares.
Reviewed changes
Copilot reviewed 19 out of 19 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| app/src/main/res/values/strings.xml | Removes obsolete “password not supported” string. |
| app/src/main/res/values-it/strings.xml | Same string removal + copyright year bump. |
| app/src/main/res/values-fr/strings.xml | Same string removal + copyright year bump. |
| app/src/main/res/values-es/strings.xml | Same string removal + copyright year bump. |
| app/src/main/res/values-de/strings.xml | Same string removal + copyright year bump. |
| app/src/main/res/layout/fragment_public_share_password.xml | Updates UI copy/visibility/button label for password entry & validation. |
| app/src/main/java/com/infomaniak/drive/utils/PreviewUtils.kt | Uses safer query appending for OnlyOffice PDF downloads. |
| app/src/main/java/com/infomaniak/drive/ui/publicShare/PublicShareViewModel.kt | Adds token-aware init/root file fetch/listing/import/archive behavior; tracks rootFileId. |
| app/src/main/java/com/infomaniak/drive/ui/publicShare/PublicSharePasswordFragment.kt | Implements in-app password validation and navigates to list on success. |
| app/src/main/java/com/infomaniak/drive/ui/publicShare/PublicShareMultiSelectActionsBottomSheetDialog.kt | Adds token to public-share archive download URL generation. |
| app/src/main/java/com/infomaniak/drive/ui/publicShare/PublicShareListFragment.kt | Updates navigation and root file handling for password-protected entry flow. |
| app/src/main/java/com/infomaniak/drive/ui/publicShare/PublicShareActivity.kt | Initializes rootFileId from navigation args. |
| app/src/main/java/com/infomaniak/drive/ui/fileList/FileListViewModel.kt | Adds token to public-share file count requests. |
| app/src/main/java/com/infomaniak/drive/ui/LaunchActivity.kt | Copyright year bump only. |
| app/src/main/java/com/infomaniak/drive/data/models/File.kt | Adds publicShareAuthToken field (non-persisted/non-parceled). |
| app/src/main/java/com/infomaniak/drive/data/api/publicshare/PublicShareToken.kt | New parcelable model for password auth response token. |
| app/src/main/java/com/infomaniak/drive/data/api/publicshare/PublicShareApiRepository.kt | Adds token support across public-share endpoints and centralizes URL token injection. |
| app/src/main/java/com/infomaniak/drive/data/api/ApiRoutes.kt | Adds token-aware public-share URL helpers + appendQuery utility. |
| app/src/main/java/com/infomaniak/drive/MatomoDrive.kt | Adds ValidatePassword tracking event and removes unused OpenInBrowser. |
Comments suppressed due to low confidence (1)
app/src/main/java/com/infomaniak/drive/ui/publicShare/PublicSharePasswordFragment.kt:95
observeSubmitPasswordResulttreats any empty token as a wrong password and clears the field. With the current ViewModel behavior, an empty token also happens on network/server errors, so users will get a “wrong password” message in those cases. Consider observing a richer result (token + error) and showing an appropriate error message when the auth call fails for reasons other than an invalid password.
publicShareViewModel.submitPasswordResult.observe(viewLifecycleOwner) { authToken ->
if (authToken.isNotEmpty()) {
publicShareViewModel.hasBeenAuthenticated = true
publicShareViewModel.initPublicShare(authToken)
} else {
passwordValidateButton.hideProgressCatching(R.string.buttonValid)
publicSharePasswordEditText.text = null
publicSharePasswordLayout.error = getString(R.string.errorWrongPassword)
}
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…ymore The problem was because fileId came directly from the activity navargs, but when coming from the password fragment, it was not updated. So the root file download had a bad id
…ate the risk of taking it for the same thing as folderId
…ave the data for the previews/thumbnails
…lScope to avoid structured concurrency violation
FabianDevel
force-pushed
the
password-protected-public-share
branch
from
a9b8f4d to
72648c5
Compare
Contributor
|
The changes implement comprehensive authentication token support for password-protected public shares, replacing the temporary browser-opening workaround with proper password validation and token propagation across API routes. The introduction of the #ai-review-summary |
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
FabianDevel
force-pushed
the
password-protected-public-share
branch
from
72648c5 to
d054932
Compare
|
benjaminVadon
approved these changes
Mar 13, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add the possibility to open a password protected public share directly in the application instead of going to the browser.