Hi Community,
I was asked, if you share a link with an expiration date, that this link is valid until the date / day AND 23:59h, or not?
Or is there an option/plugin to also set a time when the link will be blocked?
Thanks for your input.
Expiry dates for Nextcloud shares are not actually a security feature. Nextcloud links are 15 characters long and cannot be guessed. They can only be used by unauthorised third parties if they have obtained them illegally. Users with authorisation may have copied the data long ago.
The question of controlling expiry dates in even more detail is completely absurd.
But you can add a password. Another nice feature is to set the share to the folder and not file and allow “download” and “delete” in the additional settings. Then the recipient can download and delete the files on his own directly. That is real security.
However, it is even better if you set up separate users for these people on your Nextcloud to make access even more secure.
Hi,
my question was about the expiry date or the time when the link is no longer accessible? That would mean for me, as an example, that the link for tomorrow would remain open until 14.03.2024, time: 23:59h, right?
The users who receive the link may only access it until the expiration date (23:59H) and not before (close) or longer.
Or is there an option/plugin to also set a time when the link will be blocked?
Thanks
To be honest, I’ve never tried it before. But if, as with Nextcloud, you only specify a day and no time, then I assume that the time is irrelevant. “Expiration date” e.g. “14.03.2024” / “2024-03-14” is for me next night at 00:00:00.
“not before (close)” ??? The share belongs to the owner of the files and not to the recipient. The share is not closed. It is cancelled by the owner, extended by the owner or expires at some point.
Then the recipient can do something. But the share is also not deleted.
“… or expires at some point.”
And I wanted to have this point “2024-03-14, 00:00:00” (or 23:59:00 
) confirmed or answer the colleague who asked me about it.
Because I have never asked so explicitly, but the colleague is probably concerned that the data can no longer be accessed after that. It’s not about deleting. It’s just that the link is dead afterwards and nobody can access it anymore.
Of course, he can also delete the data, but who gets up for that (or stays awake that long)
Sorry i am not a programmer but maybe this are the correct sections in the code. If I have understood correctly from the last entry, the time is set to 00:00:00 for the expiration date. In my opinion, the comparison <= in function isExpired() means that access is no longer possible at 00:00:00 because of = from <=. A programmer will be happy to confirm or refute this.
/lib/private/Share20/Share.php
/** @var \DateTime */
private $expireDate;
[…]
public function setExpirationDate($expireDate) {
//TODO checks
$this->expireDate = $expireDate;
return $this;
[…]
public function getExpirationDate() {
return $this->expireDate;
}
[…]
public function isExpired() {
return $this->getExpirationDate() !== null &&
$this->getExpirationDate() <= new \DateTime();
}
||/**|
|---|---|
|| * Set the expiration date|
|| *|
|| * @param null|\DateTime $expireDate|
|| * @return \OCP\Share\IShare The modified object|
|| * @since 9.0.0|
|| */|
||public function setExpirationDate($expireDate);|
/lib/private/Share20/Share.php
protected function validateExpirationDateLink(IShare $share) {
$expirationDate = $share->getExpirationDate();
if ($expirationDate !== null) {
$expirationDate->setTimezone($this->dateTimeZone->getTimeZone());
$expirationDate->setTime(0, 0, 0);
$date = new \DateTime('now', $this->dateTimeZone->getTimeZone());
$date->setTime(0, 0, 0);
Ok, that was good again.
Because, as we understand it - I spoke to someone who understands the code - if the account closes at 00:00:00 and the access should be available until 14.03.24, then the expiration date must be 15.03.24, 00:00.
Because then it is no longer possible to access from 00:01 on 15.03.24. The date 14.03.24 is therefore not sufficient.