Skip to content

Commit

Permalink
add readonly interceptor
Browse files Browse the repository at this point in the history
  • Loading branch information
micbar committed Jul 8, 2021
1 parent 66996cb commit 1d1d151
Show file tree
Hide file tree
Showing 13 changed files with 335 additions and 49 deletions.
5 changes: 5 additions & 0 deletions changelog/unreleased/read-only-storageprovider-interceptor.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
Enhancement: Add readonly interceptor

The readonly interceptor could be used to configure a storageprovider in readonly mode. This could be handy in some migration scenarios.

https://github.com/cs3org/reva/pull/1849
6 changes: 5 additions & 1 deletion internal/grpc/interceptors/loader/loader.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,4 +18,8 @@

package loader

// Add your own.
import (
// Load core GRPC services
_ "github.com/cs3org/reva/internal/grpc/interceptors/readonly"
// Add your own service here
)
146 changes: 146 additions & 0 deletions internal/grpc/interceptors/readonly/readonly.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,146 @@
// Copyright 2018-2021 CERN
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// In applying this license, CERN does not waive the privileges and immunities
// granted to it by virtue of its status as an Intergovernmental Organization
// or submit itself to any jurisdiction.

package readonly

import (
"context"

provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
registry "github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1"
"github.com/cs3org/reva/pkg/appctx"
"github.com/cs3org/reva/pkg/rgrpc"
rstatus "github.com/cs3org/reva/pkg/rgrpc/status"
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
)

const (
defaultPriority = 200
)

func init() {
rgrpc.RegisterUnaryInterceptor("readonly", NewUnary)
}

// NewUnary returns a new unary interceptor
// that checks grpc calls and blocks write requests.
func NewUnary(map[string]interface{}) (grpc.UnaryServerInterceptor, int, error) {
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
log := appctx.GetLogger(ctx)

switch req.(type) {
// handle known non-write request types
case *provider.GetHomeRequest,
*provider.GetPathRequest,
*provider.GetQuotaRequest,
*registry.GetStorageProvidersRequest,
*provider.InitiateFileDownloadRequest,
*provider.ListFileVersionsRequest,
*provider.ListGrantsRequest,
*provider.ListRecycleRequest:
return handler(ctx, req)
case *provider.ListContainerRequest:
resp, err := handler(ctx, req)
if listResp, ok := resp.(*provider.ListContainerResponse); ok && listResp.Infos != nil {
for _, info := range listResp.Infos {
// use the existing PermissionsSet and change the writes to false
if info.PermissionSet != nil {
info.PermissionSet.AddGrant = false
info.PermissionSet.CreateContainer = false
info.PermissionSet.Delete = false
info.PermissionSet.InitiateFileUpload = false
info.PermissionSet.Move = false
info.PermissionSet.RemoveGrant = false
info.PermissionSet.PurgeRecycle = false
info.PermissionSet.RestoreFileVersion = false
info.PermissionSet.RestoreRecycleItem = false
info.PermissionSet.UpdateGrant = false
}
}
}
return resp, err
case *provider.StatRequest:
resp, err := handler(ctx, req)
if statResp, ok := resp.(*provider.StatResponse); ok && statResp.Info != nil && statResp.Info.PermissionSet != nil {
// use the existing PermissionsSet and change the writes to false
statResp.Info.PermissionSet.AddGrant = false
statResp.Info.PermissionSet.CreateContainer = false
statResp.Info.PermissionSet.Delete = false
statResp.Info.PermissionSet.InitiateFileUpload = false
statResp.Info.PermissionSet.Move = false
statResp.Info.PermissionSet.RemoveGrant = false
statResp.Info.PermissionSet.PurgeRecycle = false
statResp.Info.PermissionSet.RestoreFileVersion = false
statResp.Info.PermissionSet.RestoreRecycleItem = false
statResp.Info.PermissionSet.UpdateGrant = false
}
return resp, err
// Don't allow the following requests types
case *provider.AddGrantRequest:
return &provider.AddGrantResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to add grant on readonly storage"),
}, nil
case *provider.CreateContainerRequest:
return &provider.CreateContainerResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to create resoure on readonly storage"),
}, nil
case *provider.CreateHomeRequest:
return &provider.CreateHomeResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to create home on readonly storage"),
}, nil
case *provider.DeleteRequest:
return &provider.DeleteResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to delete resource on readonly storage"),
}, nil
case *provider.InitiateFileUploadRequest:
return &provider.InitiateFileUploadResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to upload resource on readonly storage"),
}, nil
case *provider.MoveRequest:
return &provider.MoveResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to move resource on readonly storage"),
}, nil
case *provider.PurgeRecycleRequest:
return &provider.PurgeRecycleResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to purge recycle on readonly storage"),
}, nil
case *provider.RemoveGrantRequest:
return &provider.RemoveGrantResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to remove grant on readonly storage"),
}, nil
case *provider.RestoreRecycleItemRequest:
return &provider.RestoreRecycleItemResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to restore recycle item on readonly storage"),
}, nil
case *provider.SetArbitraryMetadataRequest:
return &provider.SetArbitraryMetadataResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to set arbitrary metadata on readonly storage"),
}, nil
case *provider.UnsetArbitraryMetadataRequest:
return &provider.UnsetArbitraryMetadataResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to unset arbitrary metadata on readonly storage"),
}, nil
// block unknown request types and return error
default:
log.Debug().Msg("storage is readonly")
return nil, status.Errorf(codes.PermissionDenied, "permission denied: tried to execute an unknown operation: %T!", req)
}
}, defaultPriority, nil
}
64 changes: 58 additions & 6 deletions internal/http/services/owncloud/ocdav/copy.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,11 +65,23 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {

if overwrite != "T" && overwrite != "F" {
w.WriteHeader(http.StatusBadRequest)
m := fmt.Sprintf("Overwrite header is set to incorrect value %v", overwrite)
b, err := Marshal(exception{
code: SabredavBadRequest,
message: m,
})
HandleWebdavError(&sublog, w, b, err)
return
}

if depth != "infinity" && depth != "0" {
w.WriteHeader(http.StatusBadRequest)
m := fmt.Sprintf("Depth header is set to incorrect value %v", depth)
b, err := Marshal(exception{
code: SabredavBadRequest,
message: m,
})
HandleWebdavError(&sublog, w, b, err)
return
}

Expand All @@ -91,6 +103,15 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {
}

if srcStatRes.Status.Code != rpc.Code_CODE_OK {
if srcStatRes.Status.Code == rpc.Code_CODE_NOT_FOUND {
w.WriteHeader(http.StatusNotFound)
m := fmt.Sprintf("Resource %v not found", srcStatReq.Ref.Path)
b, err := Marshal(exception{
code: SabredavNotFound,
message: m,
})
HandleWebdavError(&sublog, w, b, err)
}
HandleErrorStatus(&sublog, w, srcStatRes.Status)
return
}
Expand All @@ -115,7 +136,13 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {

if overwrite == "F" {
sublog.Warn().Str("overwrite", overwrite).Msg("dst already exists")
w.WriteHeader(http.StatusPreconditionFailed) // 412, see https://tools.ietf.org/html/rfc4918#section-9.8.5
w.WriteHeader(http.StatusPreconditionFailed)
m := fmt.Sprintf("Could not overwrite Resource %v", dst)
b, err := Marshal(exception{
code: SabredavPreconditionFailed,
message: m,
})
HandleWebdavError(&sublog, w, b, err) // 412, see https://tools.ietf.org/html/rfc4918#section-9.8.5
return
}

Expand Down Expand Up @@ -143,7 +170,7 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {
// TODO what if intermediate is a file?
}

err = s.descend(ctx, client, srcStatRes.Info, dst, depth == "infinity")
err = s.descend(ctx, w, client, srcStatRes.Info, dst, depth == "infinity")
if err != nil {
sublog.Error().Err(err).Str("depth", depth).Msg("error descending directory")
w.WriteHeader(http.StatusInternalServerError)
Expand All @@ -152,7 +179,7 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {
w.WriteHeader(successCode)
}

func (s *svc) descend(ctx context.Context, client gateway.GatewayAPIClient, src *provider.ResourceInfo, dst string, recurse bool) error {
func (s *svc) descend(ctx context.Context, w http.ResponseWriter, client gateway.GatewayAPIClient, src *provider.ResourceInfo, dst string, recurse bool) error {
log := appctx.GetLogger(ctx)
log.Debug().Str("src", src.Path).Str("dst", dst).Msg("descending")
if src.Type == provider.ResourceType_RESOURCE_TYPE_CONTAINER {
Expand All @@ -161,10 +188,25 @@ func (s *svc) descend(ctx context.Context, client gateway.GatewayAPIClient, src
Ref: &provider.Reference{Path: dst},
}
createRes, err := client.CreateContainer(ctx, createReq)
if err != nil || createRes.Status.Code != rpc.Code_CODE_OK {
if err != nil {
log.Error().Err(err).Msg("error performing create container grpc request")
w.WriteHeader(http.StatusInternalServerError)
return err
}

if createRes.Status.Code != rpc.Code_CODE_OK {
if createRes.Status.Code == rpc.Code_CODE_PERMISSION_DENIED {
w.WriteHeader(http.StatusForbidden)
m := fmt.Sprintf("Permission denied to create %v", createReq.Ref.Path)
b, err := Marshal(exception{
code: SabredavPermissionDenied,
message: m,
})
HandleWebdavError(log, w, b, err)
}
return nil
}

// TODO: also copy properties: https://tools.ietf.org/html/rfc4918#section-9.8.2

if !recurse {
Expand All @@ -185,7 +227,7 @@ func (s *svc) descend(ctx context.Context, client gateway.GatewayAPIClient, src

for i := range res.Infos {
childDst := path.Join(dst, path.Base(res.Infos[i].Path))
err := s.descend(ctx, client, res.Infos[i], childDst, recurse)
err := s.descend(ctx, w, client, res.Infos[i], childDst, recurse)
if err != nil {
return err
}
Expand Down Expand Up @@ -237,7 +279,17 @@ func (s *svc) descend(ctx context.Context, client gateway.GatewayAPIClient, src
}

if uRes.Status.Code != rpc.Code_CODE_OK {
return fmt.Errorf("status code %d", uRes.Status.Code)
if uRes.Status.Code == rpc.Code_CODE_PERMISSION_DENIED {
w.WriteHeader(http.StatusForbidden)
m := fmt.Sprintf("Permission denied to create %v", uReq.Ref.Path)
b, err := Marshal(exception{
code: SabredavPermissionDenied,
message: m,
})
HandleWebdavError(log, w, b, err)
}
HandleErrorStatus(log, w, uRes.Status)
return nil
}

var uploadEP, uploadToken string
Expand Down
27 changes: 27 additions & 0 deletions internal/http/services/owncloud/ocdav/delete.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
package ocdav

import (
"fmt"
"net/http"
"path"

Expand Down Expand Up @@ -54,6 +55,32 @@ func (s *svc) handleDelete(w http.ResponseWriter, r *http.Request, ns string) {
}

if res.Status.Code != rpc.Code_CODE_OK {
if res.Status.Code == rpc.Code_CODE_NOT_FOUND {
w.WriteHeader(http.StatusNotFound)
m := fmt.Sprintf("Resource %v not found", fn)
b, err := Marshal(exception{
code: SabredavNotFound,
message: m,
})
HandleWebdavError(&sublog, w, b, err)
}
if res.Status.Code == rpc.Code_CODE_PERMISSION_DENIED {
w.WriteHeader(http.StatusForbidden)
m := fmt.Sprintf("Permission denied to delete %v", fn)
b, err := Marshal(exception{
code: SabredavPermissionDenied,
message: m,
})
HandleWebdavError(&sublog, w, b, err)
}
if res.Status.Code == rpc.Code_CODE_INTERNAL && res.Status.Message == "can't delete mount path" {
w.WriteHeader(http.StatusForbidden)
b, err := Marshal(exception{
code: SabredavPermissionDenied,
message: res.Status.Message,
})
HandleWebdavError(&sublog, w, b, err)
}
HandleErrorStatus(&sublog, w, res.Status)
return
}
Expand Down
23 changes: 22 additions & 1 deletion internal/http/services/owncloud/ocdav/error.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,10 @@ const (
SabredavNotAuthenticated
// SabredavPreconditionFailed maps to HTTP 412
SabredavPreconditionFailed
// SabredavPermissionDenied maps to HTTP 403
SabredavPermissionDenied
// SabredavNotFound maps to HTTP 404
SabredavNotFound
)

var (
Expand All @@ -47,6 +51,8 @@ var (
"Sabre\\DAV\\Exception\\MethodNotAllowed",
"Sabre\\DAV\\Exception\\NotAuthenticated",
"Sabre\\DAV\\Exception\\PreconditionFailed",
"Sabre\\DAV\\Exception\\PermissionDenied",
"Sabre\\DAV\\Exception\\NotFound",
}
)

Expand Down Expand Up @@ -79,7 +85,8 @@ type errorXML struct {
Exception string `xml:"s:exception"`
Message string `xml:"s:message"`
InnerXML []byte `xml:",innerxml"`
Header string `xml:"s:header"`
// Header is used to indicate the conflicting request header
Header string `xml:"s:header,omitempty"`
}

var errInvalidPropfind = errors.New("webdav: invalid propfind")
Expand Down Expand Up @@ -111,3 +118,17 @@ func HandleErrorStatus(log *zerolog.Logger, w http.ResponseWriter, s *rpc.Status
w.WriteHeader(http.StatusInternalServerError)
}
}

// HandleWebdavError checks the status code, logs an error and creates a webdav response body
// if needed
func HandleWebdavError(log *zerolog.Logger, w http.ResponseWriter, b []byte, err error) {
if err != nil {
log.Error().Msgf("error marshaling xml response: %s", b)
w.WriteHeader(http.StatusInternalServerError)
return
}
_, err = w.Write(b)
if err != nil {
log.Err(err).Msg("error writing response")
}
}
Loading

0 comments on commit 1d1d151

Please sign in to comment.