release(v3.7.0): AI chat admin workspace, public share/portal copilots, PDF previews, and WebDAV read-stream hardening

- pro(ai): add core AI API wrappers, admin AI workspace hooks, and public share/portal copilot integration seams
- files(pdf): add opt-in local PDF thumbnails and inline PDF preview support
- mcp(core): extend scoped operation catalog for AI file/folder actions and metadata discovery
- automation(core): expose AI watched-rule and approval actions through ProAutomationApiService
- storage(webdav): switch remote reads to curl-backed streaming with low-speed timeout handling
- security: keep public AI explicitly opt-in per share/portal and preserve scoped public guards

Author: error311

CHANGELOG.md

@@ -1,5 +1,101 @@
 # Changelog
 
+## Changes 03/08/2026 (v3.7.0)
+
+**Demo videos**  
+
+- [FileRise Pro AI Chat: Organize Files By Type](https://youtu.be/zoM7LudY934)
+- [FileRise Pro AI Chat: Extract Invoice Fields to JSON and CSV](https://youtu.be/HhY__X695KM)
+
+`release(v3.7.0): AI chat admin workspace, public share/portal copilots, PDF previews, and WebDAV read-stream hardening`
+
+**Commit message**  
+
+```text
+release(v3.7.0): AI chat admin workspace, public share/portal copilots, PDF previews, and WebDAV read-stream hardening
+
+- pro(ai): add core AI API wrappers, admin AI workspace hooks, and public share/portal copilot integration seams
+- files(pdf): add opt-in local PDF thumbnails and inline PDF preview support
+- mcp(core): extend scoped operation catalog for AI file/folder actions and metadata discovery
+- automation(core): expose AI watched-rule and approval actions through ProAutomationApiService
+- storage(webdav): switch remote reads to curl-backed streaming with low-speed timeout handling
+- security: keep public AI explicitly opt-in per share/portal and preserve scoped public guards
+```
+
+**Added**  
+
+- **Core AI API surface for Pro integration**
+  - Added AI endpoint wrappers under:
+    - `/api/pro/ai/chat.php`
+    - `/api/pro/ai/config/{get,save,public}.php`
+    - `/api/pro/ai/share/chat.php`
+    - `/api/pro/ai/portal/chat.php`
+    - `/api/pro/ai/agents/{list,save,delete}.php`
+    - `/api/pro/ai/recipes/{list,save,delete}.php`
+    - `/api/pro/ai/jobs/queue.php`
+- **Automation AI workflow endpoints**
+  - Added endpoint wrappers under:
+    - `/api/pro/automation/ai-rules/{list,save,delete}.php`
+    - `/api/pro/automation/approvals/{list,decide}.php`
+    - `/api/pro/automation/agent/inbound.php`
+    - `/api/pro/automation/jobs/output.php`
+- **Admin AI workspace UI**
+  - Added the in-app AI chat/admin shell and AI-specific admin controls in:
+    - `public/js/aiChat.js`
+    - `public/js/adminAutomation.js`
+
+**Changed**  
+
+- **Public share + portal AI UX**
+  - Shared-folder and portal public views now expose scoped AI copilot entrypoints, prompt examples, and dedicated styling for public AI interactions.
+  - Share and portal admin/settings flows now support per-link or per-portal AI enablement controls.
+- **PDF preview support**
+  - Gallery cards and desktop hover previews can now show rasterized first-page thumbnails for local PDF files.
+  - Added a Core admin toggle under `Appearance, UI & Indexing` so PDF thumbnails remain opt-in and can be disabled to restore the old icon/no-preview behavior.
+  - PDF files can now open inline in the existing file preview modal when the feature is enabled.
+- **Core MCP operation seam for AI**
+  - Extended `src/FileRise/Domain/McpCoreOpsService.php` with additional scoped operations used by AI flows:
+    - `read_file`
+    - `create_file`
+    - `create_folder`
+    - `copy_files`
+    - `rename_file`
+  - Added operation metadata/catalog helpers so AI/admin surfaces can describe allowed operations without duplicating rules.
+- **Automation API service coverage**
+  - Extended `src/FileRise/Domain/ProAutomationApiService.php` to expose AI watched-rule and approval actions through the existing core service seam.
+- **Share/portal metadata**
+  - Shared-folder and portal records now carry `aiEnabled` metadata so public AI can be explicitly enabled or disabled per surface.
+- **Runtime image**
+  - Updated `Dockerfile` for the AI-enabled runtime prerequisites used by this release branch, including `poppler-utils` for local PDF thumbnailing and AI document workflows.
+
+**Fixed**  
+
+- **Public AI share default regression**
+  - Fixed newly created shares defaulting to `aiEnabled=0` when older or hidden UI paths omitted the field.
+  - The share modal now only sends `aiEnabled` when the control is visible, preserving backward-compatible defaults.
+- **Public AI config endpoint guard**
+  - Fixed `/api/pro/ai/config/public.php` using the authenticated AI guard instead of the public guard, which could block unauthenticated share/portal pages from loading AI availability correctly.
+- **PDF preview regressions**
+  - Fixed authenticated PDF inline viewing so PDFs no longer download instead of rendering in the preview modal.
+  - Fixed the PDF thumbnail toggle save path and disabled-state behavior so the old outside-the-modal PDF behavior is restored when the toggle is off.
+- **WebDAV source streaming**
+  - Updated the WebDAV adapter read path to use the curl-backed read stream helper with clearer low-speed timeout handling and better read-stream failure reporting.
+
+**Security**  
+
+- **Scoped public AI enforcement**
+  - Public share and portal AI routes stay bounded to the current share/portal scope, reuse existing access checks, and continue sending `Cache-Control: no-store` plus `X-Content-Type-Options: nosniff`.
+- **External provider disclosure**
+  - Admin AI Settings and the in-app AI Chat now warn when enabled providers are external, so operators are explicitly reminded that prompts and visible file excerpts may leave the instance.
+- **Admin/API guard consistency**
+  - New authenticated AI and automation wrappers use centralized bootstrap/guard helpers instead of duplicating auth/admin/CSRF logic across endpoints.
+
+**Docs**  
+
+- Added wiki coverage for Pro AI chat/admin features and linked it in the docs sidebar.
+
+---
+
 ## Changes 03/05/2026 (v3.6.1)
 
 `release(v3.6.1): iPad hover preview pointer compatibility + configurable hover delay (refs #105)`

Dockerfile

@@ -37,6 +37,7 @@ ARG INSTALL_CLAMAV=1
 ARG INSTALL_7ZIP=1
 ARG INSTALL_UNAR=1
 ARG INSTALL_SMBCLIENT=1
+ARG INSTALL_POPPLER=1
 
 # Install Apache, PHP, and required extensions
 RUN if [ -f /etc/apt/sources.list.d/ubuntu.sources ]; then \
@@ -50,6 +51,7 @@ RUN if [ -f /etc/apt/sources.list.d/ubuntu.sources ]; then \
     if [ "${INSTALL_7ZIP}" = "1" ]; then extra_pkgs="${extra_pkgs} 7zip"; fi; \
     if [ "${INSTALL_UNAR}" = "1" ]; then extra_pkgs="${extra_pkgs} unar"; fi; \
     if [ "${INSTALL_SMBCLIENT}" = "1" ]; then extra_pkgs="${extra_pkgs} smbclient"; fi; \
+    if [ "${INSTALL_POPPLER}" = "1" ]; then extra_pkgs="${extra_pkgs} poppler-utils"; fi; \
     apt-get install -y --no-install-recommends \
       apache2 \
       php php-json php-curl php-zip php-mbstring php-gd php-xml \

README.md

@@ -14,9 +14,12 @@ Drag & drop uploads, OnlyOffice integration, and **optional folder-level encrypt
 
 Quick links: [Website](https://filerise.net) • [Docs](https://filerise.net/docs/) • [Live demo](https://demo.filerise.net) • [Install](#install-docker--recommended) • [FileRise Pro](https://filerise.net/pro/)
 
-- **Built for:** anyone who wants a fast, self-hosted file manager / storage hub
-- **Core (MIT):** full open-source FileRise feature set (ACLs, sharing, uploads, tags/search, and more), plus multiple local roots and WebDAV sources for storage-hub workflows.
-- **Pro:** adds user groups, client portals, automation, additional source adapters, gateway shares, and  search everywhere/audit tooling.
+- **Built for:** anyone who wants a fast, self-hosted file manager, storage hub, client portal, and AI workflow workspace on their own infrastructure.
+- **Core (MIT):** full open-source FileRise feature set (ACLs, folder and file sharing, uploads, tags/search, PDF previews, and more), plus multiple local roots and WebDAV sources for storage-hub workflows.
+- **Pro:** adds user groups, client portals, automation, additional source adapters, gateway shares, search everywhere/audit tooling, and a permissions-aware AI workspace for structured extraction, organization, approvals, and scoped copilots.
+
+- [FileRise Pro AI Chat: Organize Files By Type](https://youtu.be/zoM7LudY934)
+- [FileRise Pro AI Chat: Extract Invoice Fields to JSON and CSV](https://youtu.be/HhY__X695KM)
 
 [![Sponsor on GitHub](https://img.shields.io/badge/Sponsor-❤-red)](https://github.com/sponsors/error311)
 [![Support on Ko-fi](https://img.shields.io/badge/Ko--fi-Buy%20me%20a%20coffee-orange)](https://ko-fi.com/error311)
@@ -46,7 +49,9 @@ Quick links: [Website](https://filerise.net) • [Docs](https://filerise.net/doc
 - 💾 **Self-hosted “cloud drive”** – Runs anywhere with PHP (or via Docker). No external database required.
 - 🔐 **Granular per-folder ACLs** – Manage View (all/own), Upload, Create, Edit, Rename, Move, Copy, Delete, Extract, Share, and more — all enforced consistently across the UI, API, and WebDAV.
 - 🔗 **Link File (authenticated deep links)** – Generate internal links to specific files, require login + ACL checks, and open directly to the target in the app.
+- 🤝 **Folder and file sharing** – Share folders for browsing or upload-only file requests, protect links with passwords/expiration, and share individual files with generated links.
 - 📥 **File Request links (upload-only)** – Share upload-only links so external users can submit files into a folder without browsing existing files.
+- 📄 **PDF viewing + optional local PDF thumbnails** – View PDFs inline in the preview modal, and optionally enable first-page PDF thumbnails for gallery cards and hover previews using `pdftoppm`.
 - 🔐 **Folder-level encryption at rest (optional)** – Encrypt entire folders (and all descendants) on disk using modern authenticated encryption.
   - Opt-in per folder with inherited protection for subfolders
   - Files are stored encrypted on disk and transparently decrypted on download
@@ -77,6 +82,8 @@ Quick links: [Website](https://filerise.net) • [Docs](https://filerise.net/doc
   Group-based ACLs, brandable client upload portals, **ACL-aware global search across files, folders, users, and permissions**, an ncdu-style storage explorer for identifying large folders/files and reclaiming disk space directly from the UI, and **Pro Audit Logs** (configurable activity logging with filters + CSV export for tracking key actions across web, WebDAV, shares, and portals).
 - ⚙️ **Pro: Automation (Webhooks + Jobs)** –
   Send FileRise events to other apps/services using managed webhook endpoints with async delivery, retries, queue visibility, and job history from Admin.
+- 🤖 **Pro: AI workflows + workspace** –
+  Use a permissions-aware AI workspace for structured extraction, folder organization, watched-folder workflows, approval-gated bulk actions, and scoped share/portal copilots with cited answers and admin controls.
 - 🌐 **Sources (Core + Pro adapters)** –
   Turn FileRise into a storage hub by connecting multiple backends and switching between them in the UI:
   - **Core:** Multiple local roots (additional local paths)

THIRD_PARTY.md

@@ -63,6 +63,11 @@ Additional system packages bundled in the Docker image:
   **Source:** Linux distribution package repositories.  
   **Note:** Installed for video thumbnail generation.
 
+- **Poppler utils (`pdftoppm`)** — GPL-2.0-or-later  
+  **Home:** <https://poppler.freedesktop.org/>  
+  **Source:** Linux distribution package repositories.  
+  **Note:** Installed for optional local PDF thumbnail generation and AI document rasterization workflows.
+
 - **7-Zip (p7zip)** — LGPL-2.1+ with unRAR restriction  
   **Home:** <https://www.7-zip.org/>  
   **Source:** Linux distribution package repositories.

config/config.php

@@ -624,6 +624,16 @@ function fr_mcp_core_ops_dispatch(string $operation, array $payload = [], array
     }
 }
 
+if (!function_exists('fr_mcp_core_ops_describe')) {
+    function fr_mcp_core_ops_describe(): array
+    {
+        if (!class_exists(\FileRise\Domain\McpCoreOpsService::class)) {
+            return [];
+        }
+        return \FileRise\Domain\McpCoreOpsService::describeOperations();
+    }
+}
+
 // ------------------------------------------------------------
 // Early Pro/Core API-level guards for bootstrap-time calls
 // ------------------------------------------------------------
@@ -647,7 +657,6 @@ function fr_pro_api_level_at_least(int $required): bool
     }
 }
 
-// Try to load Pro bootstrap if enabled + present
 $proBootstrap = FR_PRO_BUNDLE_DIR . '/bootstrap_pro.php';
 if (@is_file($proBootstrap)) {
     require_once $proBootstrap;