[Bug]: replace senseless "allow download" option on shareing options with "hide download"

[Volker-K]

⚠️ This issue respects the following points: ⚠️

• This is a bug, not a question or a configuration/webserver/proxy issue.
• This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
• Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• I agree to follow Nextcloud's Code of Conduct.

Bug description

When sharing with other cloud accounts, I can deactivate the checkbox in front of “allow downloads” in the advanced settings.
As a result, people I share with in this way can only click on and view the images. Both PDF files (see #41686 ) and MD files including the readme.md (see #42250 ) can not be displayed because the browser implementation of Nextcloud wants to make a WebDAV download of the file, which is not allowed. The same happens with Office integrations, draw.io files etc. I can only see the existence of the files in the directory.
Since the function is not working in a way that user would expects and displaying and downloading images ist possible despite the deactivated download this is posted as a bug, that can be fixed by changeing the feature.

Steps to reproduce

1. Share a folder with a PDF, an MD and some various other files with another user
2. open extended settings, uncheck "allow download"
3. Log in as the other user and try to do view the information inside the files

Expected behavior

If I share a folder where I prevent the download of the files, I expect as a user that the file contents can still be viewed. The fact that, as here, only the directory entry is visible except for images is as unexpected as it is pointles.
It is also inconsistent. Images are displayed via an < img > tag and are therefore downloaded to the user's PC; Firefox allows all media downloaded in this way to be saved at this point. This means that images can be downloaded despite the ban.
As with external links, it would be consistent not to prohibit the download, but merely to deactivate the download link.
In the 21st century, users must be aware that all content displayed on the other person's device is also stored there in some way, but it is not expected that forbidding the download will make the share itself - except for images - completely pointless.

Installation method

Community Manual installation with Archive

Nextcloud Server version

28

Operating system

Other

PHP engine version

PHP 8.1

Web server

Apache (supported)

Database engine version

MariaDB

Is this bug present after an update or on a fresh install?

Fresh Nextcloud Server install

Are you using the Nextcloud Server Encryption module?

None

What user-backends are you using?

• Default user-backend (database)
• LDAP/ Active Directory
• SSO - SAML
• Other

Configuration report

No response

List of activated Apps

No response

Nextcloud Signing status

No response

Nextcloud Logs

No response

Additional info

No response

[moritzthecat]

Understand that this is an NC architecture issue and depencency, but wanted to highlight our use case, why we think secure-view disabling download is a strong feature as being implemented.

Delivering preview photos to clients often starts without option for client being able to download the files supported by the read only mode. This is a very needed and appreciated feature also available in other cloud solutions. The Readme.md is used to explain project details. When download is disabled this should still enable clients to see the content in the NC browser view.

Reflecting this discussion
and above issue proposal the secure-view should work consistently across sharing options. So the proposal from @Volker-K to change to hide download functionality is appreciated.