add delete home space permission to admin role

Signed-off-by: Christian Richter <[email protected]>
owncloud · Aug 26, 2022 · 8c5f610 · 8c5f610
1 parent 05a60fd
commit 8c5f610
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 0 deletions.
diff --git a/services/graph/pkg/service/v0/users.go b/services/graph/pkg/service/v0/users.go
@@ -252,6 +252,9 @@ func (g Graph) DeleteUser(w http.ResponseWriter, r *http.Request) {
 	for _, sp := range lspr.GetStorageSpaces() {
 		if sp.SpaceType == "personal" {
 			if sp.Owner.Id.OpaqueId == userID {
+				// TODO: check if request contains a homespace and if, check if requesting user has the privilege to
+				// delete it and make sure it is not deleting its own homespace
+				// needs modification of the cs3api
 				_, err := g.gatewayClient.DeleteStorageSpace(r.Context(), &storageprovider.DeleteStorageSpaceRequest{
 					Opaque: opaque,
 					Id: &storageprovider.StorageSpaceId{

diff --git a/services/settings/pkg/store/defaults/defaults.go b/services/settings/pkg/store/defaults/defaults.go
@@ -43,6 +43,11 @@ const (
 	// CreateSpacePermissionName is the hardcoded setting name for the create space permission
 	CreateSpacePermissionName string = "create-space"
 
+	// DeleteHomeSpacesPermissionID is the hardcoded setting UUID for the delete home space permission
+	DeleteHomeSpacesPermissionID string = "5de9fe0a-4bc5-4a47-b758-28f370caf169"
+	// DeleteHomeSpacePermissionName is the hardcoded setting name for the delete home space permission
+	DeleteHomeSpacesPermissionName string = "delete-space"
+
 	settingUUIDProfileLanguage = "aa8cfbe5-95d4-4f7e-a032-c3c01f5f062f"
 
 	// AccountManagementPermissionID is the hardcoded setting UUID for the account management permission
@@ -205,6 +210,21 @@ func generateBundleAdminRole() *settingsmsg.Bundle {
 					},
 				},
 			},
+			{
+				Id:          DeleteHomeSpacesPermissionID,
+				Name:        DeleteHomeSpacesPermissionName,
+				DisplayName: "Delete All Space",
+				Description: "This permission allows to delete home spaces.",
+				Resource: &settingsmsg.Resource{
+					Type: settingsmsg.Resource_TYPE_SYSTEM,
+				},
+				Value: &settingsmsg.Setting_PermissionValue{
+					PermissionValue: &settingsmsg.Permission{
+						Operation:  settingsmsg.Permission_OPERATION_DELETE,
+						Constraint: settingsmsg.Permission_CONSTRAINT_ALL,
+					},
+				},
+			},
 		},
 	}
 }