15159: Hide "open in new tab" if unsafe and TrustAllContent is false

[arvados-workbench2.git] / src / views-components / context-menu / actions / collection-file-viewer-action.tsx

diff --git a/src/views-components/context-menu/actions/collection-file-viewer-action.tsx b/src/views-components/context-menu/actions/collection-file-viewer-action.tsx
index 27a6501876d7185731847005cd1beb6fb888bfd3..f736f0bf2705bf8d3481eb974cfdb93a3a1cc23f 100644 (file)
--- a/src/views-components/context-menu/actions/collection-file-viewer-action.tsx
+++ b/src/views-components/context-menu/actions/collection-file-viewer-action.tsx
@@ -7,7 +7,7 @@ import { RootState } from "../../../store/store";
 import { FileViewerAction } from 'views-components/context-menu/actions/file-viewer-action';
 import { getNodeValue } from "models/tree";
 import { ContextMenuKind } from 'views-components/context-menu/context-menu';
-import { getInlineFileUrl, sanitizeToken } from "./helpers";
+import { getInlineFileUrl, sanitizeToken, isInlineFileUrlSafe } from "./helpers";
 
 const mapStateToProps = (state: RootState) => {
     const { resource } = state.contextMenu;
@@ -18,7 +18,12 @@ const mapStateToProps = (state: RootState) => {
         ContextMenuKind.COLLECTION_DIRECTORY_ITEM,
         ContextMenuKind.READONLY_COLLECTION_DIRECTORY_ITEM ].indexOf(resource.menuKind as ContextMenuKind) > -1) {
         const file = getNodeValue(resource.uuid)(state.collectionPanelFiles);
-        if (file) {
+        const shouldShowInlineUrl = isInlineFileUrlSafe(
+                                file ? file.url : "",
+                                state.auth.config.keepWebServiceUrl,
+                                state.auth.config.keepWebInlineServiceUrl
+                              ) || state.auth.config.clusterConfig.Collections.TrustAllContent;
+        if (file && shouldShowInlineUrl) {
             const fileUrl = sanitizeToken(getInlineFileUrl(
                 file.url,
                 state.auth.config.keepWebServiceUrl,