server fix: Filename validation should only forbid `create` and `update`

Resolves: https://github.com/nextcloud/server/issues/44963

Summary

Fix error messages to be consistent and follow the design rules (as they are used by our mobile apps)
isForbidden must only check full filename - this is used for other purposes (backwards compatibility + fix issues)
DAV is directly using the storage and skips their validation, similar other places do, they and the frontend check only the permissions of the node. So we need to adjust the permissions (remove create and update) when the node is places within an invalid node.
The view needs to check also the path for invalid nodes but still needs to allow read-only access on invalid names.

Screen recording

Setup - folder before enabling "Windows support":

Without this ("before")

Bildschirmaufnahme_20240812_182432.webm

With this ("after")

Bildschirmaufnahme_20240812_182149.webm

Checklist

Code is properly formatted
Sign-off message is added to all commits
[ ] Tests (unit, integration, api and/or acceptance) are included
[ ] Screenshots before/after for front-end changes
[ ] Documentation (manuals or wiki) has been updated or is not required
[ ] Backports requested where applicable (ex: critical bugfixes)

Aug 12 '24 16:08 susnux

Hum, so the New button is greyed out because the name of the folder is invalid, but how can the user understand this? There should be an error message somewhere explaining this, no?

Aug 13 '24 06:08 come-nc

Hum, so the New button is greyed out because the name of the folder is invalid, but how can the user understand this?

Its greyed out because the permission does not include "CREATE". Did not change the front end here, could be done in a follow up, but fixing the permissions.

Aug 13 '24 08:08 susnux

/backport to stable30

Aug 14 '24 11:08 susnux

Test failures seem related, looks like it widely fails on install

Aug 19 '24 13:08 juliusknorr

/compile /

Aug 28 '24 13:08 AndyScherzinger

@susnux now the rename action is shown on trashbin :thinking: https://github.com/nextcloud/server/blob/afa48a4e0ed4515aec458db13a07e11a7e0f5981/apps/files_trashbin/lib/Sabre/AbstractTrashFile.php#L19-L21

Isn't there a cleaner way for permissions?

Nov 08 '24 08:11 skjnldsv

I guess we would need the parent folder permissiosn to check for CREATE too ? Maybe we should adjust the api and do something like this?

Nov 08 '24 08:11 skjnldsv

I guess we would need the parent folder permissiosn to check for CREATE too ? Maybe we should adjust the api and do something like this?

https://github.com/nextcloud-libraries/nextcloud-files/pull/1124

Nov 20 '24 08:11 skjnldsv