Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add read-only interceptor to use on storage providers #1849

Merged
merged 1 commit into from
Jul 9, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
Enhancement: Add readonly interceptor

The readonly interceptor could be used to configure a storageprovider in readonly mode. This could be handy in some migration scenarios.

https://github.com/cs3org/reva/pull/1849
6 changes: 5 additions & 1 deletion internal/grpc/interceptors/loader/loader.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,4 +18,8 @@

package loader

// Add your own.
import (
// Load core GRPC services
_ "github.com/cs3org/reva/internal/grpc/interceptors/readonly"
// Add your own service here
)
146 changes: 146 additions & 0 deletions internal/grpc/interceptors/readonly/readonly.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,146 @@
// Copyright 2018-2021 CERN
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// In applying this license, CERN does not waive the privileges and immunities
// granted to it by virtue of its status as an Intergovernmental Organization
// or submit itself to any jurisdiction.

package readonly

import (
"context"

provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
registry "github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1"
"github.com/cs3org/reva/pkg/appctx"
"github.com/cs3org/reva/pkg/rgrpc"
rstatus "github.com/cs3org/reva/pkg/rgrpc/status"
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
)

const (
defaultPriority = 200
)

func init() {
rgrpc.RegisterUnaryInterceptor("readonly", NewUnary)
}

// NewUnary returns a new unary interceptor
// that checks grpc calls and blocks write requests.
func NewUnary(map[string]interface{}) (grpc.UnaryServerInterceptor, int, error) {
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
log := appctx.GetLogger(ctx)

switch req.(type) {
// handle known non-write request types
case *provider.GetHomeRequest,
*provider.GetPathRequest,
*provider.GetQuotaRequest,
*registry.GetStorageProvidersRequest,
*provider.InitiateFileDownloadRequest,
*provider.ListFileVersionsRequest,
*provider.ListGrantsRequest,
*provider.ListRecycleRequest:
return handler(ctx, req)
case *provider.ListContainerRequest:
resp, err := handler(ctx, req)
if listResp, ok := resp.(*provider.ListContainerResponse); ok && listResp.Infos != nil {
for _, info := range listResp.Infos {
// use the existing PermissionsSet and change the writes to false
if info.PermissionSet != nil {
info.PermissionSet.AddGrant = false
info.PermissionSet.CreateContainer = false
info.PermissionSet.Delete = false
info.PermissionSet.InitiateFileUpload = false
info.PermissionSet.Move = false
info.PermissionSet.RemoveGrant = false
info.PermissionSet.PurgeRecycle = false
info.PermissionSet.RestoreFileVersion = false
info.PermissionSet.RestoreRecycleItem = false
info.PermissionSet.UpdateGrant = false
}
}
}
return resp, err
case *provider.StatRequest:
resp, err := handler(ctx, req)
if statResp, ok := resp.(*provider.StatResponse); ok && statResp.Info != nil && statResp.Info.PermissionSet != nil {
// use the existing PermissionsSet and change the writes to false
statResp.Info.PermissionSet.AddGrant = false
statResp.Info.PermissionSet.CreateContainer = false
statResp.Info.PermissionSet.Delete = false
statResp.Info.PermissionSet.InitiateFileUpload = false
statResp.Info.PermissionSet.Move = false
statResp.Info.PermissionSet.RemoveGrant = false
statResp.Info.PermissionSet.PurgeRecycle = false
statResp.Info.PermissionSet.RestoreFileVersion = false
statResp.Info.PermissionSet.RestoreRecycleItem = false
statResp.Info.PermissionSet.UpdateGrant = false
}
return resp, err
// Don't allow the following requests types
case *provider.AddGrantRequest:
return &provider.AddGrantResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to add grant on readonly storage"),
}, nil
case *provider.CreateContainerRequest:
return &provider.CreateContainerResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to create resoure on readonly storage"),
}, nil
case *provider.CreateHomeRequest:
return &provider.CreateHomeResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to create home on readonly storage"),
}, nil
case *provider.DeleteRequest:
return &provider.DeleteResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to delete resource on readonly storage"),
}, nil
case *provider.InitiateFileUploadRequest:
return &provider.InitiateFileUploadResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to upload resource on readonly storage"),
}, nil
case *provider.MoveRequest:
return &provider.MoveResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to move resource on readonly storage"),
}, nil
case *provider.PurgeRecycleRequest:
return &provider.PurgeRecycleResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to purge recycle on readonly storage"),
}, nil
case *provider.RemoveGrantRequest:
return &provider.RemoveGrantResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to remove grant on readonly storage"),
}, nil
case *provider.RestoreRecycleItemRequest:
return &provider.RestoreRecycleItemResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to restore recycle item on readonly storage"),
}, nil
case *provider.SetArbitraryMetadataRequest:
return &provider.SetArbitraryMetadataResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to set arbitrary metadata on readonly storage"),
}, nil
case *provider.UnsetArbitraryMetadataRequest:
return &provider.UnsetArbitraryMetadataResponse{
Status: rstatus.NewPermissionDenied(ctx, nil, "permission denied: tried to unset arbitrary metadata on readonly storage"),
}, nil
// block unknown request types and return error
default:
log.Debug().Msg("storage is readonly")
return nil, status.Errorf(codes.PermissionDenied, "permission denied: tried to execute an unknown operation: %T!", req)
}
}, defaultPriority, nil
}
64 changes: 58 additions & 6 deletions internal/http/services/owncloud/ocdav/copy.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,11 +65,23 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {

if overwrite != "T" && overwrite != "F" {
w.WriteHeader(http.StatusBadRequest)
m := fmt.Sprintf("Overwrite header is set to incorrect value %v", overwrite)
b, err := Marshal(exception{
code: SabredavBadRequest,
message: m,
})
HandleWebdavError(&sublog, w, b, err)
return
}

if depth != "infinity" && depth != "0" {
w.WriteHeader(http.StatusBadRequest)
m := fmt.Sprintf("Depth header is set to incorrect value %v", depth)
b, err := Marshal(exception{
code: SabredavBadRequest,
message: m,
})
HandleWebdavError(&sublog, w, b, err)
return
}

Expand All @@ -91,6 +103,15 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {
}

if srcStatRes.Status.Code != rpc.Code_CODE_OK {
if srcStatRes.Status.Code == rpc.Code_CODE_NOT_FOUND {
w.WriteHeader(http.StatusNotFound)
m := fmt.Sprintf("Resource %v not found", srcStatReq.Ref.Path)
b, err := Marshal(exception{
code: SabredavNotFound,
message: m,
})
HandleWebdavError(&sublog, w, b, err)
}
HandleErrorStatus(&sublog, w, srcStatRes.Status)
return
}
Expand All @@ -115,7 +136,13 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {

if overwrite == "F" {
sublog.Warn().Str("overwrite", overwrite).Msg("dst already exists")
w.WriteHeader(http.StatusPreconditionFailed) // 412, see https://tools.ietf.org/html/rfc4918#section-9.8.5
w.WriteHeader(http.StatusPreconditionFailed)
m := fmt.Sprintf("Could not overwrite Resource %v", dst)
b, err := Marshal(exception{
code: SabredavPreconditionFailed,
message: m,
})
HandleWebdavError(&sublog, w, b, err) // 412, see https://tools.ietf.org/html/rfc4918#section-9.8.5
return
}

Expand Down Expand Up @@ -143,7 +170,7 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {
// TODO what if intermediate is a file?
}

err = s.descend(ctx, client, srcStatRes.Info, dst, depth == "infinity")
err = s.descend(ctx, w, client, srcStatRes.Info, dst, depth == "infinity")
if err != nil {
sublog.Error().Err(err).Str("depth", depth).Msg("error descending directory")
w.WriteHeader(http.StatusInternalServerError)
Expand All @@ -152,7 +179,7 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {
w.WriteHeader(successCode)
}

func (s *svc) descend(ctx context.Context, client gateway.GatewayAPIClient, src *provider.ResourceInfo, dst string, recurse bool) error {
func (s *svc) descend(ctx context.Context, w http.ResponseWriter, client gateway.GatewayAPIClient, src *provider.ResourceInfo, dst string, recurse bool) error {
log := appctx.GetLogger(ctx)
log.Debug().Str("src", src.Path).Str("dst", dst).Msg("descending")
if src.Type == provider.ResourceType_RESOURCE_TYPE_CONTAINER {
Expand All @@ -161,10 +188,25 @@ func (s *svc) descend(ctx context.Context, client gateway.GatewayAPIClient, src
Ref: &provider.Reference{Path: dst},
}
createRes, err := client.CreateContainer(ctx, createReq)
if err != nil || createRes.Status.Code != rpc.Code_CODE_OK {
if err != nil {
log.Error().Err(err).Msg("error performing create container grpc request")
w.WriteHeader(http.StatusInternalServerError)
return err
}

if createRes.Status.Code != rpc.Code_CODE_OK {
if createRes.Status.Code == rpc.Code_CODE_PERMISSION_DENIED {
w.WriteHeader(http.StatusForbidden)
m := fmt.Sprintf("Permission denied to create %v", createReq.Ref.Path)
b, err := Marshal(exception{
code: SabredavPermissionDenied,
message: m,
})
HandleWebdavError(log, w, b, err)
}
return nil
}

// TODO: also copy properties: https://tools.ietf.org/html/rfc4918#section-9.8.2

if !recurse {
Expand All @@ -185,7 +227,7 @@ func (s *svc) descend(ctx context.Context, client gateway.GatewayAPIClient, src

for i := range res.Infos {
childDst := path.Join(dst, path.Base(res.Infos[i].Path))
err := s.descend(ctx, client, res.Infos[i], childDst, recurse)
err := s.descend(ctx, w, client, res.Infos[i], childDst, recurse)
if err != nil {
return err
}
Expand Down Expand Up @@ -237,7 +279,17 @@ func (s *svc) descend(ctx context.Context, client gateway.GatewayAPIClient, src
}

if uRes.Status.Code != rpc.Code_CODE_OK {
return fmt.Errorf("status code %d", uRes.Status.Code)
if uRes.Status.Code == rpc.Code_CODE_PERMISSION_DENIED {
w.WriteHeader(http.StatusForbidden)
m := fmt.Sprintf("Permission denied to create %v", uReq.Ref.Path)
b, err := Marshal(exception{
code: SabredavPermissionDenied,
message: m,
})
HandleWebdavError(log, w, b, err)
}
HandleErrorStatus(log, w, uRes.Status)
return nil
}

var uploadEP, uploadToken string
Expand Down
27 changes: 27 additions & 0 deletions internal/http/services/owncloud/ocdav/delete.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
package ocdav

import (
"fmt"
"net/http"
"path"

Expand Down Expand Up @@ -54,6 +55,32 @@ func (s *svc) handleDelete(w http.ResponseWriter, r *http.Request, ns string) {
}

if res.Status.Code != rpc.Code_CODE_OK {
if res.Status.Code == rpc.Code_CODE_NOT_FOUND {
w.WriteHeader(http.StatusNotFound)
m := fmt.Sprintf("Resource %v not found", fn)
b, err := Marshal(exception{
code: SabredavNotFound,
message: m,
})
HandleWebdavError(&sublog, w, b, err)
}
if res.Status.Code == rpc.Code_CODE_PERMISSION_DENIED {
w.WriteHeader(http.StatusForbidden)
m := fmt.Sprintf("Permission denied to delete %v", fn)
b, err := Marshal(exception{
code: SabredavPermissionDenied,
message: m,
})
HandleWebdavError(&sublog, w, b, err)
}
if res.Status.Code == rpc.Code_CODE_INTERNAL && res.Status.Message == "can't delete mount path" {
w.WriteHeader(http.StatusForbidden)
b, err := Marshal(exception{
code: SabredavPermissionDenied,
message: res.Status.Message,
})
HandleWebdavError(&sublog, w, b, err)
}
HandleErrorStatus(&sublog, w, res.Status)
return
}
Expand Down
23 changes: 22 additions & 1 deletion internal/http/services/owncloud/ocdav/error.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,10 @@ const (
SabredavNotAuthenticated
// SabredavPreconditionFailed maps to HTTP 412
SabredavPreconditionFailed
// SabredavPermissionDenied maps to HTTP 403
SabredavPermissionDenied
// SabredavNotFound maps to HTTP 404
SabredavNotFound
)

var (
Expand All @@ -47,6 +51,8 @@ var (
"Sabre\\DAV\\Exception\\MethodNotAllowed",
"Sabre\\DAV\\Exception\\NotAuthenticated",
"Sabre\\DAV\\Exception\\PreconditionFailed",
"Sabre\\DAV\\Exception\\PermissionDenied",
"Sabre\\DAV\\Exception\\NotFound",
}
)

Expand Down Expand Up @@ -79,7 +85,8 @@ type errorXML struct {
Exception string `xml:"s:exception"`
Message string `xml:"s:message"`
InnerXML []byte `xml:",innerxml"`
Header string `xml:"s:header"`
// Header is used to indicate the conflicting request header
Header string `xml:"s:header,omitempty"`
}

var errInvalidPropfind = errors.New("webdav: invalid propfind")
Expand Down Expand Up @@ -111,3 +118,17 @@ func HandleErrorStatus(log *zerolog.Logger, w http.ResponseWriter, s *rpc.Status
w.WriteHeader(http.StatusInternalServerError)
}
}

// HandleWebdavError checks the status code, logs an error and creates a webdav response body
// if needed
func HandleWebdavError(log *zerolog.Logger, w http.ResponseWriter, b []byte, err error) {
if err != nil {
log.Error().Msgf("error marshaling xml response: %s", b)
w.WriteHeader(http.StatusInternalServerError)
return
}
_, err = w.Write(b)
if err != nil {
log.Err(err).Msg("error writing response")
}
}
Loading