fix(wopi): anonymous users cannot preview files

pkg/wopi/wopi.go

@@ -18,7 +18,7 @@ import (
 
 type Client interface {
 	// NewSession creates a new document session with access token.
-	NewSession(user *model.User, file *model.File, action ActonType) (*Session, error)
+	NewSession(uid uint, file *model.File, action ActonType) (*Session, error)
 	// AvailableExts returns a list of file extensions that are supported by WOPI.
 	AvailableExts() []string
 }
@@ -116,7 +116,7 @@ func NewClient(endpoint string, cache cache.Driver, http request.Client) (Client
 	}, nil
 }
 
-func (c *client) NewSession(user *model.User, file *model.File, action ActonType) (*Session, error) {
+func (c *client) NewSession(uid uint, file *model.File, action ActonType) (*Session, error) {
 	if err := c.checkDiscovery(); err != nil {
 		return nil, err
 	}
@@ -163,7 +163,7 @@ func (c *client) NewSession(user *model.User, file *model.File, action ActonType
 	session := &SessionCache{
 		AccessToken: fmt.Sprintf("%s.%s", sessionID, token),
 		FileID:      file.ID,
-		UserID:      user.ID,
+		UserID:      uid,
 		Action:      action,
 	}
 	err = c.cache.Set(SessionCachePrefix+sessionID.String(), *session, ttl)

pkg/wopi/wopi_test.go

@@ -55,7 +55,7 @@ func TestNewSession(t *testing.T) {
 		).Return(&request.Response{
 			Err: expectedErr,
 		})
-		res, err := client.NewSession(&model.User{}, &model.File{}, ActionPreview)
+		res, err := client.NewSession(0, &model.File{}, ActionPreview)
 		a.Nil(res)
 		a.ErrorIs(err, expectedErr)
 		mockHttp.AssertExpectations(t)
@@ -65,7 +65,7 @@ func TestNewSession(t *testing.T) {
 	{
 		client.discovery = &WopiDiscovery{}
 		client.actions = make(map[string]map[string]Action)
-		res, err := client.NewSession(&model.User{}, &model.File{}, ActionPreview)
+		res, err := client.NewSession(0, &model.File{}, ActionPreview)
 		a.Nil(res)
 		a.ErrorIs(err, ErrActionNotSupported)
 	}
@@ -76,7 +76,7 @@ func TestNewSession(t *testing.T) {
 		client.actions = map[string]map[string]Action{
 			".doc": {},
 		}
-		res, err := client.NewSession(&model.User{}, &model.File{Name: "1.doc"}, ActionPreview)
+		res, err := client.NewSession(0, &model.File{Name: "1.doc"}, ActionPreview)
 		a.Nil(res)
 		a.ErrorIs(err, ErrActionNotSupported)
 	}
@@ -91,7 +91,7 @@ func TestNewSession(t *testing.T) {
 				},
 			},
 		}
-		res, err := client.NewSession(&model.User{}, &model.File{Name: "1.doc"}, ActionEdit)
+		res, err := client.NewSession(0, &model.File{Name: "1.doc"}, ActionEdit)
 		a.Nil(res)
 		a.ErrorContains(err, "invalid control character in URL")
 	}
@@ -106,7 +106,7 @@ func TestNewSession(t *testing.T) {
 				},
 			},
 		}
-		res, err := client.NewSession(&model.User{}, &model.File{Name: "1.doc"}, ActionEdit)
+		res, err := client.NewSession(0, &model.File{Name: "1.doc"}, ActionEdit)
 		a.NotNil(res)
 		a.NoError(err)
 		resUrl := res.ActionURL.String()
@@ -123,7 +123,7 @@ func TestNewSession(t *testing.T) {
 				},
 			},
 		}
-		res, err := client.NewSession(&model.User{}, &model.File{Name: "1.doc"}, ActionEdit)
+		res, err := client.NewSession(0, &model.File{Name: "1.doc"}, ActionEdit)
 		a.NotNil(res)
 		a.NoError(err)
 		resUrl := res.ActionURL.String()
@@ -147,7 +147,7 @@ func TestNewSession(t *testing.T) {
 			},
 		}
 		mockCache.On("Set", testMock.Anything, testMock.Anything, testMock.Anything).Return(expectedErr)
-		res, err := client.NewSession(&model.User{}, &model.File{Name: "1.doc"}, ActionEdit)
+		res, err := client.NewSession(0, &model.File{Name: "1.doc"}, ActionEdit)
 		a.Nil(res)
 		a.ErrorIs(err, expectedErr)
 	}

service/explorer/file.go

@@ -245,7 +245,7 @@ func (service *FileIDService) CreateDocPreviewSession(ctx context.Context, c *gi
 			action = wopi.ActionEdit
 		}
 
-		session, err := wopi.Default.NewSession(fs.User, &fs.FileTarget[0], action)
+		session, err := wopi.Default.NewSession(fs.FileTarget[0].UserID, &fs.FileTarget[0], action)
 		if err != nil {
 			return serializer.Err(serializer.CodeInternalSetting, "Failed to create WOPI session", err)
 		}