v2.106.0

Release Date: 09/03/2024

Overview

In this release, changes are made to , the , the and the . This enables entities to be reliably shared via SharedItem links.

In addition, changes will be made to enable new features in the future.

SharedItems

In future, SharedItems will always require a targetable entity and redirect to the URL of this entity. The sharing is enabled by a grant token, which is appended to the URL during forwarding.

The following changes also apply:

• The id column is renamed to uuid.

• The generic type is removed.

• The targetable_type and targetable_id fields are now mandatory when creating a SharedItem.

• The authorization_type column is renamed to redirect_type.

  • New types:

    • none -> Prevents the user from being redirected to the targetable URL.

    • redirect -> Redirects to the targetable URL without grant token. This means that there is no sharing and only the permissions of the entity are taken into account.

    • redirectWithGrantToken -> Redirects to the targetable URL with grant token. The token grants access if the user does not have the entity's permissions.

  • Migration of the old types to the new:

    • none -> none

    • public -> redirectWithGrantToken.

    • targetable -> redirect.

    • authorizedFor -> redirectWithGrantToken.

    • entityPermissions -> redirectWithGrantToken.

• The authorized_for_type and authorized_for_id columns are omitted and thus also the authorizedFor relation, as these are no longer needed.

• When redirecting to the targetable URL, a sharedItem URL parameter is appended which has the uuid of the SharedItem as its value in order to be able to trace which SharedItem was used for the redirection.

• The Create, Update and Delete actions are moved to the /api/administration/ scope. There are also new List and Show actions in the /api/administration/ scope which follow the administration permissions.

UrlContext

The UrlContext gets a new internal type to be able to identify internal URLs and output the context for them. There will also be a new fileContentEntity type to get context for file content URLs for FilemanagerFiles and ChatFiles.

For the linkableEntity type, the id is now output in addition to the type in the data key.

The sharedItem type now outputs the targetable_type, targetable_id, and targetable_deleted values in the data key.

Files-API

In future, the Files-API will always check the permissions of the requested file. This was not done previously, as the file path was given in encrypted form and the file was therefore shared.

For sharing files, only SharedItems should be used in the future.

It will also be possible to retrieve a file using its id or hash via the following API route:

GET /files/{idOrHash}

Text Editor Markup

Show UrlContext for links

The data-show-url-context attribute for links is converted from a boolean value to string based types. The following types are then available:

• inline -> Outputs the information about the URL in continuous text.

• card -> Provides detailed information about the URL in a block element.

If the data-show-url-context is not present, the link is displayed as normal.

Affected Entities