feat(collaboration): add UserExtraInfo with avatar and mail to CheckFileInfo

services/collaboration/pkg/connector/fileconnector.go

@@ -1137,7 +1137,7 @@
 //
 // If the operation is successful, a "FileInfo" instance will be returned,
 // otherwise the "FileInfo" will be empty and an error will be returned.
 func (f *FileConnector) CheckFileInfo(ctx context.Context) (*ConnectorResponse, error) {
 	wopiContext, err := middleware.WopiContextFromCtx(ctx)
 	if err != nil {
 		return nil, err
@@ -1302,6 +1302,17 @@
 		}
 	}
 
+	if !isPublicShare && !isAnonymousUser {
+		infoMap[fileinfo.KeyUserExtraInfo] = &fileinfo.UserExtraInfo{
+			Avatar: (&url.URL{
+				Scheme: ocURL.Scheme,
+				Host:   ocURL.Host,
+				Path:   path.Join(ocURL.Path, "graph/v1.0/users", user.GetId().GetOpaqueId(), "photo/$value"),
+			}).String(),
+			Mail: user.GetMail(),
+		}
+	}
+
 	// if the file content is empty and a template reference is set, add the template source URL
 	if wopiContext.TemplateReference != nil && statRes.GetInfo().GetSize() == 0 {
 		if tu, err := f.createDownloadURL(wopiContext, collaborationURL); err == nil {

services/collaboration/pkg/connector/fileconnector_test.go

@@ -1994,6 +1994,10 @@ var _ = Describe("FileConnector", func() {
 				PostMessageOrigin:       "https://cloud.opencloud.test",
 				EnableInsertRemoteImage: true,
 				IsAdminUser:             true,
+				UserExtraInfo: &fileinfo.UserExtraInfo{
+					Avatar: "https://cloud.opencloud.test/graph/v1.0/users/aabbcc/photo/$value",
+					Mail:   "shaft@example.com",
+				},
 			}
 
 			response, err := fc.CheckFileInfo(ctx)

services/collaboration/pkg/connector/fileinfo/collabora.go

@@ -1,5 +1,13 @@
 package fileinfo
 
+// UserExtraInfo contains additional user info shared across collaborative
+// editing views, such as the user's avatar image and email.
+// https://sdk.collaboraonline.com/docs/advanced_integration.html#userextrainfo
+type UserExtraInfo struct {
+	Avatar string `json:"avatar,omitempty"`
+	Mail   string `json:"mail,omitempty"`
+}
+
 // Collabora fileInfo properties
 //
 // Collabora WOPI check file info specification:
@@ -62,7 +70,8 @@
 	IsAnonymousUser bool `json:"IsAnonymousUser,omitempty"`
 
 	// JSON object that contains additional info about the user, namely the avatar image.
-	//UserExtraInfo -> requires definition, currently not used
+	// Shared among all views in collaborative editing sessions.
+	UserExtraInfo *UserExtraInfo `json:"UserExtraInfo,omitempty"`
 	// JSON object that contains additional info about the user, but unlike the UserExtraInfo it is not shared among the views in collaborative editing sessions.
 	//UserPrivateInfo -> requires definition, currently not used
 
@@ -87,7 +96,7 @@
 // SetProperties will set the file properties for the Collabora implementation.
 func (cinfo *Collabora) SetProperties(props map[string]interface{}) {
 	for key, value := range props {
 		switch key {
 		case KeyBaseFileName:
 			cinfo.BaseFileName = value.(string)
 		case KeyDisablePrint:
@@ -131,7 +140,8 @@
 			cinfo.SaveAsPostmessage = value.(bool)
 		case KeyEnableOwnerTermination:
 			cinfo.EnableOwnerTermination = value.(bool)
-		//UserExtraInfo -> requires definition, currently not used
+		case KeyUserExtraInfo:
+			cinfo.UserExtraInfo = value.(*UserExtraInfo)
 		//UserPrivateInfo -> requires definition, currently not used
 		case KeyWatermarkText:
 			cinfo.WatermarkText = value.(string)

services/collaboration/pkg/connector/fileinfo/fileinfo.go

@@ -113,7 +113,7 @@ const (
 	KeyDownloadAsPostMessage   = "DownloadAsPostMessage"
 	KeySaveAsPostmessage       = "SaveAsPostmessage"
 	KeyEnableOwnerTermination  = "EnableOwnerTermination"
-	//KeyUserExtraInfo -> requires definition, currently not used
+	KeyUserExtraInfo = "UserExtraInfo"
 	//KeyUserPrivateInfo -> requires definition, currently not used
 	KeyWatermarkText = "WatermarkText"
 

services/graph/pkg/middleware/auth.go

@@ -2,6 +2,7 @@
 
 import (
 	"net/http"
+	"strings"
 
 	gmmetadata "go-micro.dev/v4/metadata"
 	"google.golang.org/grpc/metadata"
@@ -28,7 +29,7 @@
 
 // Auth provides a middleware to authenticate requests using the x-access-token header value
 // and write it to the context. If there is no x-access-token the middleware prevents access and renders a json document.
 func Auth(opts ...account.Option) func(http.Handler) http.Handler {
 	// Note: This largely duplicates what pkg/middleware/account.go already does (apart from a slightly different error
 	// handling). Ideally we should merge both middlewares.
 	opt := authOptions(opts...)
@@ -41,6 +42,11 @@
 	}
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			if isPublicProfilePhotoRequest(r) {
+				next.ServeHTTP(w, r)
+				return
+			}
+
 			ctx := r.Context()
 			t := r.Header.Get(revactx.TokenHeader)
 			if t == "" {
@@ -93,3 +99,12 @@
 		})
 	}
 }
+
+// isPublicProfilePhotoRequest returns true for unauthenticated GET requests
+// to user profile photo endpoints. These serve avatar images used by
+// integrations like Collabora Online during collaborative editing.
+func isPublicProfilePhotoRequest(r *http.Request) bool {
+	return r.Method == http.MethodGet &&
+		strings.Contains(r.URL.Path, "/users/") &&
+		strings.HasSuffix(r.URL.Path, "/photo/$value")
+}

services/proxy/pkg/config/defaults/defaultconfig.go

@@ -273,6 +273,13 @@ func DefaultPolicies() []config.Policy {
 					Endpoint: "/graph/v1.0/invitations",
 					Service:  "eu.opencloud.web.invitations",
 				},
+				{
+					Type:        config.RegexRoute,
+					Method:      "GET",
+					Endpoint:    `/graph/v1\.0/users/[^/]+/photo/\$value`,
+					Service:     "eu.opencloud.web.graph",
+					Unprotected: true,
+				},
 				{
 					Endpoint: "/graph/",
 					Service:  "eu.opencloud.web.graph",