Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User in multiple groups only sees shares of one of the groups #4671

Closed
willmackay opened this issue Sep 26, 2022 · 8 comments · Fixed by cs3org/reva#3741
Closed

User in multiple groups only sees shares of one of the groups #4671

willmackay opened this issue Sep 26, 2022 · 8 comments · Fixed by cs3org/reva#3741
Assignees
@butonic
Labels
Type:Bug

Comments

@willmackay
Copy link

Describe the bug

A user who belongs to multiple groups only has the permissions of a single one of these groups.

Steps to reproduce

Steps to reproduce the behavior:

  1. I created two groups (KFQwWJSl and xZjCGDhi).

  2. As the admin user, I created a new folder (AmUZWyXITXUqwBzQ) and shared it with the first group (KFQwWJSl ).

  3. I created a new user (ePxUovIhybXazegI) and added them to both groups.

  4. I logged out and logged back in, and the new user (ePxUovIhybXazegI) does not see the folder (AmUZWyXITXUqwBzQ).

  5. I logged back in as admin and removed the user from the second group (xZjCGDhi).

  6. I logged back in as the new user and now I can see the share.

Expected behavior

The user should have seen the shared folder while in both groups.

Actual behavior

No share was visible.

Setup

I'm running ocis 2.0.0-beta8 on Debian 11, no containers.

PROXY_HTTP_ADDR=127.0.0.1:9200
OCIS_URL=https://ocis.alyrica.net
OCIS_BASE_DATA_PATH=/var/lib/ocis
OCIS_LOG_PRETTY=true
@willmackay
Copy link
Author

Here's some screenshots of the bug
1 - groups
2 - share
3 - user
4 - no shares
5 - removed
6 - visible

@phil-davis
Copy link
Contributor

@saw-jan @amrita-shrestha please get someone to try and find a test scenario that checks access to shares for a user who is a member of multiple groups. If there is no automated test scenario, then create one - it should go in the core test suites, because we want to also verify that this works properly in oC10 core.

And then report if this is a problem with the oCIS back-end or with web.

@SagarGi
Copy link
Member

SagarGi commented Sep 27, 2022

@phil-davis i treid the above mentioned issue in latest docker image, building locally latest master ocis, and also tried checking out to ocis 2.0.0-beta8.

Latest Docker : Could not reproduce (may be fixed)
Latest master ocis : Could not reproduce (may be fixed)
ocis 2.0.0-beta8: Yes reproducable.

I will be adding up acceptance tests for this on core.

@SagarGi SagarGi mentioned this issue Sep 28, 2022
Merged
11 tasks
@SagarGi
Copy link
Member

SagarGi commented Sep 30, 2022

The above following acceptance has been added so moving this to Done.

@SwikritiT SwikritiT mentioned this issue Oct 11, 2022
Merged
11 tasks
@SagarGi SagarGi removed their assignment Oct 18, 2022
@butonic
Copy link
Member

butonic commented Mar 21, 2023

@SagarGi hm I can reproduce this with ocis master and the demo accounts. create two folders with admin, share one with polonium-lovers, the other with physics-lovers. than marie will only see one share in the list of available shares.

@butonic
Copy link
Member

butonic commented Mar 21, 2023

found the bug. in https://github.com/cs3org/reva/blob/edge/pkg/share/manager/jsoncs3/jsoncs3.go#L719-L729 we are overwriting the previous result.

fix incoming

@butonic butonic self-assigned this Mar 21, 2023
@butonic butonic mentioned this issue Mar 21, 2023
Merged
@micbar
Copy link
Contributor

micbar commented Mar 21, 2023

@willmackay the fix will be in ocis master after the next reva update.

@rhafer
Copy link
Contributor

rhafer commented Apr 5, 2023

Fixed

@rhafer rhafer closed this as completed Apr 5, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@butonic butonic

Labels
Type:Bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix listing shares to multiple groups butonic/reva
6 participants
@rhafer @butonic @phil-davis @micbar @willmackay @SagarGi