Skip to content

Commit

Permalink
allow deletion of federated shares
Browse files Browse the repository at this point in the history
Signed-off-by: Christian Richter <[email protected]>
  • Loading branch information
dragonchaser committed Sep 4, 2024
1 parent ec9df39 commit e68663d
Show file tree
Hide file tree
Showing 2 changed files with 93 additions and 18 deletions.
10 changes: 10 additions & 0 deletions services/graph/pkg/service/v0/api_driveitem_permissions.go
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ const (
Public
User
Space
OCM
)

// NewDriveItemPermissionsService creates a new DriveItemPermissionsService
Expand Down Expand Up @@ -463,6 +464,13 @@ func (s DriveItemPermissionsService) DeletePermission(ctx context.Context, itemI
}
}

if sharedResourceID == nil && s.config.IncludeOCMSharees {
sharedResourceID, err = s.getOCMPermissionResourceID(ctx, permissionID)
if err == nil {
permissionType = OCM
}
}

switch {
case err != nil:
return err
Expand All @@ -486,6 +494,8 @@ func (s DriveItemPermissionsService) DeletePermission(ctx context.Context, itemI
return s.removePublicShare(ctx, permissionID)
case Space:
return s.removeSpacePermission(ctx, permissionID, sharedResourceID)
case OCM:
return s.removeOCMPermission(ctx, permissionID)
}

// This should never be reached
Expand Down
101 changes: 83 additions & 18 deletions services/graph/pkg/service/v0/base.go
Original file line number Diff line number Diff line change
Expand Up @@ -154,17 +154,17 @@ func (g BaseGraphService) cs3SpacePermissionsToLibreGraph(ctx context.Context, s
// will have the same id.
tmp := id
isGroup := false
var identity libregraph.Identity
var cs3Identity libregraph.Identity
var err error
var p libregraph.Permission
if _, ok := groupsMap[id]; ok {
identity, err = groupIdToIdentity(ctx, g.identityCache, tmp)
cs3Identity, err = groupIdToIdentity(ctx, g.identityCache, tmp)
if err != nil {
g.logger.Warn().Str("groupid", tmp).Msg("Group not found by id")
}
isGroup = true
} else {
identity, err = userIdToIdentity(ctx, g.identityCache, tmp)
cs3Identity, err = userIdToIdentity(ctx, g.identityCache, tmp)
if err != nil {
g.logger.Warn().Str("userid", tmp).Msg("User not found by id")
}
Expand All @@ -173,17 +173,19 @@ func (g BaseGraphService) cs3SpacePermissionsToLibreGraph(ctx context.Context, s
case APIVersion_1:
var identitySet libregraph.IdentitySet
if isGroup {
identitySet.SetGroup(identity)
identitySet.SetGroup(cs3Identity)
} else {
identitySet.SetUser(identity)
identitySet.SetUser(cs3Identity)
}
p.SetGrantedToV2(libregraph.SharePointIdentitySet{User: identitySet.User, Group: identitySet.Group})
// FIXME: needs to be removed
p.SetGrantedToIdentities([]libregraph.IdentitySet{identitySet})
case APIVersion_1_Beta_1:
var identitySet libregraph.SharePointIdentitySet
if isGroup {
identitySet.SetGroup(identity)
identitySet.SetGroup(cs3Identity)
} else {
identitySet.SetUser(identity)
identitySet.SetUser(cs3Identity)
}
p.SetId(identitySetToSpacePermissionID(identitySet))
p.SetGrantedToV2(identitySet)
Expand Down Expand Up @@ -485,14 +487,14 @@ func (g BaseGraphService) cs3UserShareToPermission(ctx context.Context, share *c
}
perm.SetGrantedToV2(grantedTo)
if share.GetCreator() != nil {
identity, err := cs3UserIdToIdentity(ctx, g.identityCache, share.GetCreator())
cs3Identity, err := cs3UserIdToIdentity(ctx, g.identityCache, share.GetCreator())
if err != nil {
return nil, errorcode.New(errorcode.GeneralException, err.Error())
}
perm.SetInvitation(
libregraph.SharingInvitation{
InvitedBy: &libregraph.IdentitySet{
User: &identity,
User: &cs3Identity,
},
},
)
Expand Down Expand Up @@ -571,14 +573,14 @@ func (g BaseGraphService) cs3OCMShareToPermission(ctx context.Context, share *oc
}
perm.SetGrantedToV2(grantedTo)
if share.GetCreator() != nil {
identity, err := cs3UserIdToIdentity(ctx, g.identityCache, share.GetCreator())
cs3Identity, err := cs3UserIdToIdentity(ctx, g.identityCache, share.GetCreator())
if err != nil {
return nil, errorcode.New(errorcode.GeneralException, err.Error())
}
perm.SetInvitation(
libregraph.SharingInvitation{
InvitedBy: &libregraph.IdentitySet{
User: &identity,
User: &cs3Identity,
},
},
)
Expand Down Expand Up @@ -613,11 +615,11 @@ func (g BaseGraphService) cs3PublicSharesToDriveItems(ctx context.Context, share
}

func (g BaseGraphService) getLinkPermissionResourceID(ctx context.Context, permissionID string) (*storageprovider.ResourceId, error) {
share, err := g.getCS3PublicShareByID(ctx, permissionID)
cs3Share, err := g.getCS3PublicShareByID(ctx, permissionID)
if err != nil {
return nil, err
}
return share.GetResourceId(), nil
return cs3Share.GetResourceId(), nil
}

func (g BaseGraphService) getCS3PublicShareByID(ctx context.Context, permissionID string) (*link.PublicShare, error) {
Expand Down Expand Up @@ -648,6 +650,34 @@ func (g BaseGraphService) getCS3PublicShareByID(ctx context.Context, permissionI
return getPublicShareResp.GetShare(), nil
}

func (g BaseGraphService) removeOCMPermission(ctx context.Context, permissionID string) error {
gatewayClient, err := g.gatewaySelector.Next()
if err != nil {
g.logger.Debug().Err(err).Msg("selecting gatewaySelector failed")
return err
}

removePublicShareResp, err := gatewayClient.RemoveOCMShare(ctx,
&ocm.RemoveOCMShareRequest{
Ref: &ocm.ShareReference{
Spec: &ocm.ShareReference_Id{
Id: &ocm.ShareId{
OpaqueId: permissionID,
},
},
},
})
if err != nil {
return err
}

if err := errorcode.FromCS3Status(removePublicShareResp.GetStatus(), err); err != nil {
return err
}
// We need to return an untyped nil here otherwise the error==nil check won't work
return nil
}

func (g BaseGraphService) removePublicShare(ctx context.Context, permissionID string) error {
gatewayClient, err := g.gatewaySelector.Next()
if err != nil {
Expand Down Expand Up @@ -736,12 +766,47 @@ func (g BaseGraphService) removeSpacePermission(ctx context.Context, permissionI
return nil
}

func (g BaseGraphService) getOCMPermissionResourceID(ctx context.Context, permissionID string) (*storageprovider.ResourceId, error) {
cs3Share, err := g.getCS3OCMShareByID(ctx, permissionID)
if err != nil {
return nil, err
}
return cs3Share.GetResourceId(), nil
}

func (g BaseGraphService) getCS3OCMShareByID(ctx context.Context, permissionID string) (*ocm.Share, error) {
gatewayClient, err := g.gatewaySelector.Next()
if err != nil {
g.logger.Debug().Err(err).Msg("selecting gatewaySelector failed")
return nil, err
}

getShareResp, err := gatewayClient.GetOCMShare(ctx,
&ocm.GetOCMShareRequest{
Ref: &ocm.ShareReference{
Spec: &ocm.ShareReference_Id{
Id: &ocm.ShareId{
OpaqueId: permissionID,
},
},
},
})
if err != nil {
return nil, err
}

if err := errorcode.FromCS3Status(getShareResp.GetStatus(), err); err != nil {
return nil, err
}
return getShareResp.GetShare(), nil
}

func (g BaseGraphService) getUserPermissionResourceID(ctx context.Context, permissionID string) (*storageprovider.ResourceId, error) {
share, err := g.getCS3UserShareByID(ctx, permissionID)
cs3Share, err := g.getCS3UserShareByID(ctx, permissionID)
if err != nil {
return nil, err
}
return share.GetResourceId(), nil
return cs3Share.GetResourceId(), nil
}

func (g BaseGraphService) getCS3UserShareByID(ctx context.Context, permissionID string) (*collaboration.Share, error) {
Expand Down Expand Up @@ -806,7 +871,7 @@ func (g BaseGraphService) getPermissionByID(ctx context.Context, permissionID st
}
case errors.As(err, &errcode) && errcode.GetCode() == errorcode.ItemNotFound:
// there is no public link with that id, check if this is a user share
share, err := g.getCS3UserShareByID(ctx, permissionID)
cs3Share, err := g.getCS3UserShareByID(ctx, permissionID)
if err != nil {
return nil, nil, err
}
Expand All @@ -818,11 +883,11 @@ func (g BaseGraphService) getPermissionByID(ctx context.Context, permissionID st
if err != nil {
return nil, nil, err
}
permission, err := g.cs3UserShareToPermission(ctx, share, condition)
permission, err := g.cs3UserShareToPermission(ctx, cs3Share, condition)
if err != nil {
return nil, nil, err
}
return permission, share.GetResourceId(), nil
return permission, cs3Share.GetResourceId(), nil
}

return nil, nil, err
Expand Down

0 comments on commit e68663d

Please sign in to comment.