fix: use canDownload for permissions on federated shares

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

Author: susnux

apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php

@@ -17,7 +17,6 @@
 use OCP\AppFramework\Http\Attribute\OpenAPI;
 use OCP\AppFramework\Http\Attribute\PublicPage;
 use OCP\AppFramework\Http\JSONResponse;
-use OCP\Constants;
 use OCP\Federation\ICloudIdManager;
 use OCP\HintException;
 use OCP\Http\Client\IClientService;
@@ -107,9 +106,9 @@ public function createFederatedShare($shareWith, $token, $password = '') {
 			return $response;
 		}
 
-		if (($share->getPermissions() & Constants::PERMISSION_READ) === 0) {
+		if (!$share->canDownload()) {
 			$response = new JSONResponse(
-				['message' => 'Mounting file drop not supported'],
+				['message' => 'Mounting download restricted share is not allowed'],
 				Http::STATUS_BAD_REQUEST
 			);
 			$response->throttle();

apps/files_sharing/lib/DefaultPublicShareTemplateProvider.php

@@ -155,7 +155,7 @@ public function renderPage(IShare $share, string $token, string $path): Template
 
 		// Create the header action menu
 		$headerActions = [];
-		if ($view !== 'public-file-drop' && !$share->getHideDownload()) {
+		if ($share->canDownload() && !$share->getHideDownload()) {
 			// The download URL is used for the "download" header action as well as in some cases for the direct link
 			$downloadUrl = $this->urlGenerator->getAbsoluteURL('/public.php/dav/files/' . $token . '/?accept=zip');