Skip to main content

ocm_types/share/protocols/
webapp.rs

1// SPDX-FileCopyrightText: 2026 Matthias Kraus <info@opengeomesh.org>
2//
3// SPDX-License-Identifier: LGPL-3.0-or-later
4
5use serde::{Deserialize, Serialize};
6
7
8#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
9#[serde(rename_all = "camelCase")]
10pub struct WebAppProperties {
11    /// An URI to a client-browsable view of the remote resource,
12    /// such that
13    /// users may use a web application available at the sender site.
14    /// The URI SHOULD be relative, such as a key or a UUID, in which case
15    /// the prefix exposed by the `/.well-known/ocm` endpoint MUST be used
16    /// to access the resource, or it MAY be absolute, including a hostname.
17    /// The latter is NOT recommended because of security concerns.
18    /// In all cases, for a `folder` resource, the composed URI acts
19    /// as the root path, such that other files located within SHOULD
20    /// be accessible by appending their relative path to that URI.
21    pub uri: String,
22    /// The permissions granted to the sharee.
23    pub view_mode: WebAppViewMode,
24    /// An optional secret to be used to access the remote web
25    /// app, such as
26    /// a bearer token. To prevent leaking it in logs it MUST NOT appear
27    /// in any URI. If a `code` is provided, then the sending host MUST
28    /// accept the short-lived bearer token when serving the web app,
29    /// which can be exchanged in the code flow interaction. The exchange
30    /// MAY already have happened if the recipient accessed the underlying
31    /// resource via WebDAV, in a multi-protocol scenario. In this case,
32    /// the `sharedSecret` SHOULD be omitted.
33    #[serde(skip_serializing_if = "Option::is_none", default)]
34    pub shared_secret: Option<String>,
35}
36
37#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
38#[serde(rename_all = "kebab-case")]
39pub enum WebAppViewMode {
40    /// `read` allows read-only access including download of a copy.
41    Read,
42    /// `write` allows create, update, and delete rights on the resource.
43    Write,
44    /// `share` allows re-sharing rights on the resource.
45    Share,
46}
47