feat: preview link as

[yashsharma999]

Fixes #696

Description

Quickly view the document/dataroom without going through access form, nda, verification etc.

Screenshots

[vercel]

@yashsharma999 is attempting to deploy a commit to the mftsio Team on Vercel.

A member of the Team first needs to authorize it.

[mfts]

I like it. But it's potentially exploitable because it's just a url query param.

Instead we need to verify it server-side and only allow it if previewToken passes

[yashsharma999]

alright, but essentially we need to somehow bypass isProtected prop if i'm not wrong ?

isProtected={
            viewAs === "QUICK_PREVIEW"
              ? false
              : !!(emailProtected || linkPassword || enableAgreement)
          }

[mfts]

but essentially we need to somehow bypass isProtected prop if i'm not wrong ?

@yashsharma999 yes that's correct. but right now with your current implementation, you could add ?viewAs=QUICK_VIEW to any normal link and it would bypass the isProtected.

Also as I'm writing it, we double check server-side actually if the link is protected again, so you'd need to pass something to the api function to get around the protection