-
Notifications
You must be signed in to change notification settings - Fork 113
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ocfs: lookup user to render template properly #1033
Conversation
Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes. |
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
d4ae2ec
to
7b3be9c
Compare
@butonic I think for EOS should be similar, @ishank011 was working on that. In our case, we use usernames as unique Ids in the EOS layout, so probably we are not finding this problem. Our paths are /eos/user/p/peter and not /eos/user/u-u-i-d/ |
yes, you can get around a lot of problems when using the username as the userid. Unfortunately, we have too many cases where u username changed, so we need to solve this properly. The good thing is reva allows us to implment this properly! But it is some work, especially the testsuite needs to be tought a few tricks ... |
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
7b3be9c
to
d4a46c5
Compare
two of the failures are related to versioning. this PR changes some path building so it is likely related:
one is about accessing another users files, which might this PR might actually have fixed ... or at least improved ... or made less wrong ...
|
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
these three tests:
pass for me locally when run on owncloud/ocis#409 which contains this reva PR here and other fixes. |
resent as separate PR #1052 as I'll need it to continue working |
@butonic @PVince81 I think one issue is that the files versions are not working correctly |
ok, I managed to setup a reva close enough to CI and the issue is reproducible locally (no OCIS involved) |
@individual-it I could not reproduce your issue. I've logged everything I can locally in getUser() and when running the test "tests/acceptance/features/apiVersions/fileVersions.feature:149" I always get a user in there. However what's strange is that I don't get Brian at all there, so getUser is never called with Brian. |
okay, seems I had troubles with Redis. now I get something similar:
|
so even though the user provider (users service?) is running, it doesn't find its endpoint |
it looks like the client service is being resolved, endpoint being localhost:19000 but then the returned instance fails when calling also strange is that the IDP of Brian is "localhost:18000", unless that's the higher level service |
on the other hand I'm wondering whether having to do that user lookup is really what we want and maybe for Brian the code shouldn't reach the part that does the lookup at all. |
no, it looks correct. We're logged in as "Brian" since we're querying the versions, but we want to |
Maybe going straight to the pool for querying that user provider isn't the correct way. Maybe we should go through the gateway instead ? |
So this is another setting we're missing: https://github.com/owncloud/ocis-reva/pull/420/files#diff-6e8d2a450c60708713085d20c0ce273eR342 I've pushed it to my PR: #1052 |
closing in favor of #1052 which contains further iterations and fixes |
Currently, the username is used to construct paths, which breaks when mounting the owncloud storage driver at /oc and then expecting paths that use the username like
/oc/einstein/foo
to work, because they will mismatch the path that is used from propagation which uses/oc/u-u-i-d
as the root, giving ainternal path outside root
error like this:To fix this we need to lookup the user at the user provider. using the username as the opaqueid works when the ldap filter is configured to allow lookup by both eg:
(&(objectclass=posixAccount)(|(ownclouduuid={{.OpaqueId}})(cn={{.OpaqueId}})))
An annoying thing is that this makes the storage driver depend on the user provider... I am using the
sharedconf
package to make this default to the gateway.We can save the trip to the user provider if the currently logged in user happens to match the requested user.
@labkode the eos driver should do a similar thing eg when parsing back the acls into a user. I can look into that after fixing our update branch, because it requires a lot of attenrtion right now, because we need to fix the testsuite to deal with the userid / username split.