feat: add more options to reverse shares (#495)

* feat(reverse-share): optional simplified interface for reverse sharing. issue #155.

* chore: Remove useless form validation.

* feat: Share Ready modal adds a prompt that an email has been sent to the reverse share creator.

* fix: Simplified reverse shared interface elements lack spacing when not logged in.

* fix: Share Ready modal prompt contrast is too low in dark mode.

* feat: add public access options to reverse share.

* feat: remember reverse share simplified and publicAccess options in cookies.

* style: npm run format.

* chore(i18n): Improve translation.

Co-authored-by: Elias Schneider <login@eliasschneider.com>

Update frontend/src/i18n/translations/en-US.ts

Co-authored-by: Elias Schneider <login@eliasschneider.com>

Update frontend/src/i18n/translations/en-US.ts

Co-authored-by: Elias Schneider <login@eliasschneider.com>

chore(i18n): Improve translation.

* chore: Improved variable naming.

* chore(i18n): Improve translation. x2.

* fix(backend/shares): Misjudged the permission of the share of the reverse share.

backend/src/share/guard/shareSecurity.guard.ts

@@ -1,5 +1,4 @@
 import {
-  CanActivate,
   ExecutionContext,
   ForbiddenException,
   Injectable,
@@ -9,13 +8,19 @@ import { Request } from "express";
 import * as moment from "moment";
 import { PrismaService } from "src/prisma/prisma.service";
 import { ShareService } from "src/share/share.service";
+import { ConfigService } from "src/config/config.service";
+import { JwtGuard } from "src/auth/guard/jwt.guard";
+import { User } from "@prisma/client";
 
 @Injectable()
-export class ShareSecurityGuard implements CanActivate {
+export class ShareSecurityGuard extends JwtGuard {
   constructor(
     private shareService: ShareService,
     private prisma: PrismaService,
-  ) {}
+    configService: ConfigService,
+  ) {
+    super(configService);
+  }
 
   async canActivate(context: ExecutionContext) {
     const request: Request = context.switchToHttp().getRequest();
@@ -31,7 +36,7 @@ export class ShareSecurityGuard implements CanActivate {
 
     const share = await this.prisma.share.findUnique({
       where: { id: shareId },
-      include: { security: true },
+      include: { security: true, reverseShare: true },
     });
 
     if (
@@ -53,6 +58,19 @@ export class ShareSecurityGuard implements CanActivate {
         "share_token_required",
       );
 
+    // Run the JWTGuard to set the user
+    await super.canActivate(context);
+    const user = request.user as User;
+
+    // Only the creator and reverse share creator can access the reverse share if it's not public
+    if (share.reverseShare && !share.reverseShare.publicAccess
+      && share.creatorId !== user?.id
+      && share.reverseShare.creatorId !== user?.id)
+      throw new ForbiddenException(
+        "Only reverse share creator can access this share",
+        "private_share",
+      );
+
     return true;
   }
 }