Skip to content

Commit

Permalink
determine space members
Browse files Browse the repository at this point in the history
  • Loading branch information
@micbar
micbar committed Jul 25, 2023
1 parent 11fcd4e commit d21247f
Show file tree
Hide file tree
Showing 5 changed files with 55 additions and 10 deletions.
5 changes: 5 additions & 0 deletions changelog/unreleased/fix-webdav-permissions-manager.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
Bugfix: Fix WebDAV permissions for space managers

Sub shares of a space were shown as incoming shares for space manager incorrectly.

https://github.com/cs3org/reva/pull/4076
10 changes: 8 additions & 2 deletions internal/http/services/owncloud/ocdav/net/context.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,16 +22,22 @@ import (
"context"

userv1beta1 "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
ctxpkg "github.com/cs3org/reva/v2/pkg/ctx"
)

// IsCurrentUserOwner returns whether the context user is the given owner or not
func IsCurrentUserOwner(ctx context.Context, owner *userv1beta1.UserId) bool {
// IsCurrentUserOwnerOrManager returns whether the context user is the given owner or not
func IsCurrentUserOwnerOrManager(ctx context.Context, owner *userv1beta1.UserId, md *provider.ResourceInfo) bool {
contextUser, ok := ctxpkg.ContextGetUser(ctx)
// personal spaces have owners
if ok && contextUser.Id != nil && owner != nil &&
contextUser.Id.Idp == owner.Idp &&
contextUser.Id.OpaqueId == owner.OpaqueId {
return true
}
// check if the user is space manager
if md != nil && md.Owner.GetType() == userv1beta1.UserType_USER_TYPE_SPACE_OWNER {
return md.GetPermissionSet().AddGrant
}
return false
}
40 changes: 37 additions & 3 deletions internal/http/services/owncloud/ocdav/net/context_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (
"context"

userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
"github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/net"
ctxpkg "github.com/cs3org/reva/v2/pkg/ctx"

Expand All @@ -43,17 +44,50 @@ var _ = Describe("Net", func() {
},
Username: "bob",
}
spaceManager = &userpb.User{
Id: &userpb.UserId{
OpaqueId: "space-id",
},
Username: "virtual",
}
mdSpaceManager = &provider.ResourceInfo{
Owner: &userpb.UserId{
OpaqueId: "user-1",
Type: userpb.UserType_USER_TYPE_SPACE_OWNER,
},
PermissionSet: &provider.ResourcePermissions{
AddGrant: true,
},
}

mdSpaceViewer = &provider.ResourceInfo{
Owner: &userpb.UserId{
OpaqueId: "user-1",
Type: userpb.UserType_USER_TYPE_SPACE_OWNER,
},
PermissionSet: &provider.ResourcePermissions{
ListContainer: true,
},
}
aliceCtx = ctxpkg.ContextSetUser(context.Background(), alice)
bobCtx = ctxpkg.ContextSetUser(context.Background(), bob)
)

Describe("IsCurrentUserOwner", func() {
Describe("IsCurrentUserOwnerOrManager", func() {
It("returns true", func() {
Expect(net.IsCurrentUserOwner(aliceCtx, alice.Id)).To(BeTrue())
Expect(net.IsCurrentUserOwnerOrManager(aliceCtx, alice.Id, nil)).To(BeTrue())
})

It("returns false", func() {
Expect(net.IsCurrentUserOwner(bobCtx, alice.Id)).To(BeFalse())
Expect(net.IsCurrentUserOwnerOrManager(bobCtx, alice.Id, nil)).To(BeFalse())
})

It("user is space manager", func() {
Expect(net.IsCurrentUserOwnerOrManager(bobCtx, spaceManager.Id, mdSpaceManager)).To(BeTrue())
})

It("user is space viewer", func() {
Expect(net.IsCurrentUserOwnerOrManager(bobCtx, spaceManager.Id, mdSpaceViewer)).To(BeFalse())
})
})
})
8 changes: 4 additions & 4 deletions internal/http/services/owncloud/ocdav/propfind/propfind.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1016,7 +1016,7 @@ func mdToPropResponse(ctx context.Context, pf *XML, md *provider.ResourceInfo, p
}
var wdp string
isPublic := ls != nil
isShared := shareTypes != "" && !net.IsCurrentUserOwner(ctx, md.Owner)
isShared := shareTypes != "" && !net.IsCurrentUserOwnerOrManager(ctx, md.Owner, md)
if md.PermissionSet != nil {
wdp = role.WebDAVPermissions(
md.Type == provider.ResourceType_RESOURCE_TYPE_CONTAINER,
Expand Down Expand Up @@ -1238,7 +1238,7 @@ func mdToPropResponse(ctx context.Context, pf *XML, md *provider.ResourceInfo, p
}
case "public-link-share-owner":
if ls != nil && ls.Owner != nil {
if net.IsCurrentUserOwner(ctx, ls.Owner) {
if net.IsCurrentUserOwnerOrManager(ctx, ls.Owner, nil) {
u := ctxpkg.ContextMustGetUser(ctx)
appendToOK(prop.Escaped("oc:public-link-share-owner", u.Username))
} else {
Expand Down Expand Up @@ -1270,7 +1270,7 @@ func mdToPropResponse(ctx context.Context, pf *XML, md *provider.ResourceInfo, p
}
case "owner-id": // phoenix only
if md.Owner != nil {
if net.IsCurrentUserOwner(ctx, md.Owner) {
if net.IsCurrentUserOwnerOrManager(ctx, md.Owner, md) {
u := ctxpkg.ContextMustGetUser(ctx)
appendToOK(prop.Escaped("oc:owner-id", u.Username))
} else {
Expand Down Expand Up @@ -1360,7 +1360,7 @@ func mdToPropResponse(ctx context.Context, pf *XML, md *provider.ResourceInfo, p
}
case "owner-display-name": // phoenix only
if md.Owner != nil {
if net.IsCurrentUserOwner(ctx, md.Owner) {
if net.IsCurrentUserOwnerOrManager(ctx, md.Owner, md) {
u := ctxpkg.ContextMustGetUser(ctx)
appendToOK(prop.Escaped("oc:owner-display-name", u.DisplayName))
} else {
Expand Down
2 changes: 1 addition & 1 deletion internal/http/services/owncloud/ocdav/tus.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -351,7 +351,7 @@ func (s *svc) handleTusPost(ctx context.Context, w http.ResponseWriter, r *http.
isPublic = ls != nil
}
}
isShared := !net.IsCurrentUserOwner(ctx, info.Owner)
isShared := !net.IsCurrentUserOwnerOrManager(ctx, info.Owner, info)
role := conversions.RoleFromResourcePermissions(info.PermissionSet, isPublic)
permissions := role.WebDAVPermissions(
info.Type == provider.ResourceType_RESOURCE_TYPE_CONTAINER,
Expand Down

0 comments on commit d21247f

Please sign in to comment.