Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add new user type space owner #187

Merged
merged 2 commits into from
Oct 12, 2022
Merged

add new user type space owner #187

merged 2 commits into from
Oct 12, 2022

Conversation

butonic
Copy link
Contributor

@butonic butonic commented Oct 11, 2022

When accessing public shares in a project space (which has no owner, only managers) we need to be able to pass a userid through the system which permission checks can work with.

Another use case is when trying to index a space on behalf of the space owner.

In both cases the user id MUST be set to the space id to reflect which space is supposed to be indexed.

Signed-off-by: Jörn Friedrich Dreyer [email protected]

@butonic
add new user type space owner
62e8efe 
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
@butonic butonic requested a review from labkode as a code owner October 11, 2022 11:12
aduffeck
aduffeck approved these changes Oct 11, 2022
View reviewed changes
cs3/identity/user/v1beta1/resources.proto Outdated Show resolved Hide resolved
@micbar
Copy link
Member

micbar commented Oct 11, 2022

We are currently using USER_INVALID, why do we need an additional type?

@butonic
Copy link
Contributor Author

butonic commented Oct 11, 2022

@micbar you added it in https://github.com/cs3org/reva/blob/8f35682de6b785c96c215d6af5dea9508cfe3a9a/pkg/auth/manager/publicshares/publicshares.go#L132
and
https://github.com/cs3org/reva/blob/8f35682de6b785c96c215d6af5dea9508cfe3a9a/pkg/storage/utils/decomposedfs/grants.go#L69

for non personal spaces in cs3org/reva#3029 it seems

@glpatcern glpatcern self-requested a review October 12, 2022 09:04
@glpatcern glpatcern merged commit bb7fbfa into cs3org:main Oct 12, 2022
@labkode
Copy link
Member

labkode commented Oct 12, 2022

Hi guys, a space owner looks like an internal type of user.
Let's take CERNBox as example, a space owner can be any of these:

USER_TYPE_PRIMARY = 1;
  // A secondary user for cases with multiple identities.
  USER_TYPE_SECONDARY = 2;
  // A user catering to specific services.
USER_TYPE_SERVICE = 3;

and maybe in the future other types will be guest or federated.

To have an internal type of user, the USER_TYPE_APPLICATION = 4; was created for that.

@micbar
Copy link
Member

micbar commented Oct 12, 2022

Not really. A space owner is not a real user on reva edge. It has no account in the IDP and will never be able to log in. Therefore it is important to have a dedicated user type. I was also happy with USER_INVALID but that makes it clearer.

@glpatcern
Copy link
Member

Yet it is given privileges to do actions. I reckon that the USER_TYPE_APPLICATION would be a good fit here

@glpatcern
Copy link
Member

@micbar @butonic do you use USER_TYPE_APPLICATION anywhere else, and would you need to make a distinction with this specific case? If not, for the sake of keeping the API clean I'd be in favour of using USER_TYPE_APPLICATION and reverting this change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@glpatcern glpatcern glpatcern approved these changes

@micbar micbar micbar approved these changes

@aduffeck aduffeck aduffeck approved these changes

@labkode labkode Awaiting requested review from labkode labkode is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@butonic @micbar @labkode @glpatcern @aduffeck