Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update reva to include decomposedfs nodes-per-space #3228

Merged
merged 8 commits into from
Mar 2, 2022
Merged
Show file tree
Hide file tree
Changes from 7 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ require (
github.com/blevesearch/bleve/v2 v2.3.1
github.com/coreos/go-oidc/v3 v3.1.0
github.com/cs3org/go-cs3apis v0.0.0-20220126114148-64c025ccdd19
github.com/cs3org/reva v1.16.1-0.20220224115936-e17c65a48a5a
github.com/cs3org/reva v1.16.1-0.20220301071903-1fd81b097801
github.com/disintegration/imaging v1.6.2
github.com/glauth/glauth/v2 v2.0.0-20211021011345-ef3151c28733
github.com/go-chi/chi/v5 v5.0.7
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -342,8 +342,8 @@ github.com/crewjam/saml v0.4.5/go.mod h1:qCJQpUtZte9R1ZjUBcW8qtCNlinbO363ooNl02S
github.com/cs3org/cato v0.0.0-20200828125504-e418fc54dd5e/go.mod h1:XJEZ3/EQuI3BXTp/6DUzFr850vlxq11I6satRtz0YQ4=
github.com/cs3org/go-cs3apis v0.0.0-20220126114148-64c025ccdd19 h1:1jqPH58jCxvbaJ9WLIJ7W2/m622bWS6ChptzljSG6IQ=
github.com/cs3org/go-cs3apis v0.0.0-20220126114148-64c025ccdd19/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY=
github.com/cs3org/reva v1.16.1-0.20220224115936-e17c65a48a5a h1:LgwfJ4N+ekLRFOK2vwVKbgtnQYYcrNiMtu5kekJvJ54=
github.com/cs3org/reva v1.16.1-0.20220224115936-e17c65a48a5a/go.mod h1:M+Nausi93NaMDoinwiUX/Ekgrp/RrYv715FG5KrIarY=
github.com/cs3org/reva v1.16.1-0.20220301071903-1fd81b097801 h1:FOjP9FbcvD48as7Q7TjOtnaNHlQ5va2IEIed1GWqEag=
github.com/cs3org/reva v1.16.1-0.20220301071903-1fd81b097801/go.mod h1:fdlrnZ0f+UtAdpZfLG+4LM0ZrhT5V8tPEQt6ycYm82c=
github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI=
github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY=
github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
Expand Down
28 changes: 22 additions & 6 deletions graph/pkg/service/v0/drives.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ import (
libregraph "github.com/owncloud/libre-graph-api-go"
"github.com/owncloud/ocis/graph/pkg/service/v0/errorcode"
"github.com/owncloud/ocis/ocis-pkg/service/grpc"
v0 "github.com/owncloud/ocis/protogen/gen/ocis/messages/settings/v0"
settingssvc "github.com/owncloud/ocis/protogen/gen/ocis/services/settings/v0"
settingsServiceExt "github.com/owncloud/ocis/settings/pkg/service/v0"
merrors "go-micro.dev/v4/errors"
Expand Down Expand Up @@ -151,6 +152,22 @@ func (g Graph) GetSingleDrive(w http.ResponseWriter, r *http.Request) {
}
}

func canCreateSpace(ctx context.Context, ownPersonalHome bool) bool {
s := settingssvc.NewPermissionService("com.owncloud.api.settings", grpc.DefaultClient)

pr, err := s.GetPermissionByID(ctx, &settingssvc.GetPermissionByIDRequest{
PermissionId: settingsServiceExt.CreateSpacePermissionID,
})
if err != nil || pr.Permission == nil {
return false
}
// TODO @C0rby shouldn't the permissions service check this? aka shouldn't we call CheckPermission?
fschade marked this conversation as resolved.
Show resolved Hide resolved
if pr.Permission.Constraint == v0.Permission_CONSTRAINT_OWN && !ownPersonalHome {
return false
}
return true
}

// CreateDrive creates a storage drive (space).
func (g Graph) CreateDrive(w http.ResponseWriter, r *http.Request) {
us, ok := ctxpkg.ContextGetUser(r.Context())
Expand All @@ -159,12 +176,8 @@ func (g Graph) CreateDrive(w http.ResponseWriter, r *http.Request) {
return
}

s := settingssvc.NewPermissionService("com.owncloud.api.settings", grpc.DefaultClient)

_, err := s.GetPermissionByID(r.Context(), &settingssvc.GetPermissionByIDRequest{
PermissionId: settingsServiceExt.CreateSpacePermissionID,
})
if err != nil {
// TODO determine if the user tries to create his own personal space and pass that as a boolean
butonic marked this conversation as resolved.
Show resolved Hide resolved
if !canCreateSpace(r.Context(), false) {
// if the permission is not existing for the user in context we can assume we don't have it. Return 401.
errorcode.GeneralException.Render(w, r, http.StatusUnauthorized, "insufficient permissions to create a space.")
return
Expand Down Expand Up @@ -418,6 +431,9 @@ func (g Graph) ListStorageSpacesWithFilters(ctx context.Context, filters []*stor
}

func (g Graph) cs3StorageSpaceToDrive(baseURL *url.URL, space *storageprovider.StorageSpace) (*libregraph.Drive, error) {
if space.Root == nil {
return nil, fmt.Errorf("space has no root")
}
rootID := resourceid.OwnCloudResourceIDWrap(space.Root)

var permissions []libregraph.Permission
Expand Down
3 changes: 3 additions & 0 deletions ocis-pkg/metadata_storage/metadata_storage.go
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,9 @@ func (ms MetadataStorage) SimpleUpload(ctx context.Context, uploadpath string, c
if err != nil {
return err
}
if res.Status.Code != v1beta11.Code_CODE_OK {
return errtypes.NewErrtypeFromStatus(res.Status)
}

var endpoint string

Expand Down
45 changes: 45 additions & 0 deletions settings/pkg/service/v0/settings.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@ import (
)

const (
// BundleUUIDRoleMetadata represents the metadata user role
BundleUUIDRoleMetadata = "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad"

// BundleUUIDRoleAdmin represents the admin role
BundleUUIDRoleAdmin = "71881883-1768-46bd-a24d-a356a2afdf7f"

Expand Down Expand Up @@ -366,6 +369,24 @@ func generatePermissionRequests() []*settingssvc.AddSettingToBundleRequest {
},
},
},
{
BundleId: BundleUUIDRoleUser,
Setting: &settingsmsg.Setting{
Id: CreateSpacePermissionID,
Name: CreateSpacePermissionName,
DisplayName: "Create own Space",
Description: "This permission allows to create a space owned by the current user.",
Resource: &settingsmsg.Resource{
Type: settingsmsg.Resource_TYPE_SYSTEM, // TODO resource type space? self? me? own?
butonic marked this conversation as resolved.
Show resolved Hide resolved
},
Value: &settingsmsg.Setting_PermissionValue{
PermissionValue: &settingsmsg.Permission{
Operation: settingsmsg.Permission_OPERATION_CREATE,
Constraint: settingsmsg.Permission_CONSTRAINT_OWN,
},
},
},
},
{
BundleId: BundleUUIDRoleAdmin,
Setting: &settingsmsg.Setting{
Expand Down Expand Up @@ -402,11 +423,35 @@ func generatePermissionRequests() []*settingssvc.AddSettingToBundleRequest {
},
},
},
{
BundleId: BundleUUIDRoleMetadata,
Setting: &settingsmsg.Setting{
Id: CreateSpacePermissionID,
Name: CreateSpacePermissionName,
DisplayName: "Create own Space",
Description: "This permission allows to create a space owned by the current user.",
Resource: &settingsmsg.Resource{
Type: settingsmsg.Resource_TYPE_SYSTEM, // TODO resource type space? self? me? own?
butonic marked this conversation as resolved.
Show resolved Hide resolved
},
Value: &settingsmsg.Setting_PermissionValue{
PermissionValue: &settingsmsg.Permission{
Operation: settingsmsg.Permission_OPERATION_CREATE,
Constraint: settingsmsg.Permission_CONSTRAINT_OWN,
},
},
},
},
}
}

func defaultRoleAssignments() []*settingsmsg.UserRoleAssignment {
return []*settingsmsg.UserRoleAssignment{
// accounts service user for the metadata user is allowed to create spaces

{
AccountUuid: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
RoleId: BundleUUIDRoleAdmin,
},
// default admin users
{
AccountUuid: "058bff95-6708-4fe5-91e4-9ea3d377588b",
Expand Down
5 changes: 2 additions & 3 deletions storage/pkg/command/storagedrivers/metadata.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,11 +50,10 @@ func MetadataDrivers(cfg *config.Config) map[string]interface{} {
},
"ocis": map[string]interface{}{
"root": cfg.Reva.MetadataStorage.OCIS.Root,
"enable_home": false,
"user_layout": cfg.Reva.MetadataStorage.OCIS.UserLayout,
"treetime_accounting": false,
"treesize_accounting": false,
"owner": cfg.Reva.MetadataStorage.OCIS.ServiceUserUUID, // the accounts service system account uuid
"permissionssvc": cfg.Reva.Permissions.Endpoint,
},
"s3": map[string]interface{}{
"region": cfg.Reva.MetadataStorage.S3.Region,
Expand All @@ -69,7 +68,7 @@ func MetadataDrivers(cfg *config.Config) map[string]interface{} {
"user_layout": cfg.Reva.MetadataStorage.S3NG.UserLayout,
"treetime_accounting": false,
"treesize_accounting": false,
"owner": cfg.Reva.MetadataStorage.S3NG.ServiceUserUUID, // the accounts service system account uuid
"permissionssvc": cfg.Reva.Permissions.Endpoint,
"s3.region": cfg.Reva.MetadataStorage.S3NG.Region,
"s3.access_key": cfg.Reva.MetadataStorage.S3NG.AccessKey,
"s3.secret_key": cfg.Reva.MetadataStorage.S3NG.SecretKey,
Expand Down
6 changes: 2 additions & 4 deletions storage/pkg/command/storagedrivers/user.go
Original file line number Diff line number Diff line change
Expand Up @@ -90,12 +90,11 @@ func UserDrivers(cfg *config.Config) map[string]interface{} {
},
"ocis": map[string]interface{}{
"root": cfg.Reva.UserStorage.OCIS.Root,
"enable_home": false,
"user_layout": cfg.Reva.UserStorage.OCIS.UserLayout,
"share_folder": cfg.Reva.UserStorage.OCIS.ShareFolder,
"treetime_accounting": true,
"treesize_accounting": true,
"owner": cfg.Reva.UserStorage.OCIS.ServiceUserUUID, // the accounts service system account uuid
"permissionssvc": cfg.Reva.Permissions.Endpoint,
},
"s3": map[string]interface{}{
"enable_home": false,
Expand All @@ -108,12 +107,11 @@ func UserDrivers(cfg *config.Config) map[string]interface{} {
},
"s3ng": map[string]interface{}{
"root": cfg.Reva.UserStorage.S3NG.Root,
"enable_home": false,
"user_layout": cfg.Reva.UserStorage.S3NG.UserLayout,
"share_folder": cfg.Reva.UserStorage.S3NG.ShareFolder,
"treetime_accounting": true,
"treesize_accounting": true,
"owner": cfg.Reva.UserStorage.S3NG.ServiceUserUUID, // the accounts service system account uuid
"permissionssvc": cfg.Reva.Permissions.Endpoint,
"s3.region": cfg.Reva.UserStorage.S3NG.Region,
"s3.access_key": cfg.Reva.UserStorage.S3NG.AccessKey,
"s3.secret_key": cfg.Reva.UserStorage.S3NG.SecretKey,
Expand Down
29 changes: 5 additions & 24 deletions storage/pkg/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -307,8 +307,6 @@ type DriverEOS struct {
// DriverOCIS defines the available oCIS storage driver configuration.
type DriverOCIS struct {
DriverCommon

ServiceUserUUID string `ocisConfig:"service_user_uuid"`
}

// DriverOwnCloudSQL defines the available ownCloudSQL storage driver configuration.
Expand Down Expand Up @@ -338,12 +336,11 @@ type DriverS3 struct {
type DriverS3NG struct {
DriverCommon

ServiceUserUUID string `ocisConfig:"service_user_uuid"`
Region string `ocisConfig:"region"`
AccessKey string `ocisConfig:"access_key"`
SecretKey string `ocisConfig:"secret_key"`
Endpoint string `ocisConfig:"endpoint"`
Bucket string `ocisConfig:"bucket"`
Region string `ocisConfig:"region"`
AccessKey string `ocisConfig:"access_key"`
SecretKey string `ocisConfig:"secret_key"`
Endpoint string `ocisConfig:"endpoint"`
Bucket string `ocisConfig:"bucket"`
}

// OIDC defines the available OpenID Connect configuration.
Expand Down Expand Up @@ -1531,10 +1528,6 @@ func structMappings(cfg *Config) []shared.EnvBinding {
EnvVars: []string{"STORAGE_USERS_DRIVER_OCIS_SHARE_FOLDER"},
Destination: &cfg.Reva.UserStorage.OCIS.ShareFolder,
},
{
EnvVars: []string{"STORAGE_USERS_DRIVER_OCIS_SERVICE_USER_UUID"},
Destination: &cfg.Reva.UserStorage.OCIS.ServiceUserUUID,
},
// driver owncloud sql
{
EnvVars: []string{"STORAGE_USERS_DRIVER_OWNCLOUDSQL_DATADIR"},
Expand Down Expand Up @@ -1604,10 +1597,6 @@ func structMappings(cfg *Config) []shared.EnvBinding {
EnvVars: []string{"STORAGE_USERS_DRIVER_S3NG_LAYOUT"},
Destination: &cfg.Reva.UserStorage.S3NG.UserLayout,
},
{
EnvVars: []string{"STORAGE_USERS_DRIVER_S3NG_SERVICE_USER_UUID"},
Destination: &cfg.Reva.UserStorage.S3NG.ServiceUserUUID,
},
{
EnvVars: []string{"STORAGE_USERS_DRIVER_S3NG_SHARE_FOLDER"},
Destination: &cfg.Reva.UserStorage.S3NG.ShareFolder,
Expand Down Expand Up @@ -1718,10 +1707,6 @@ func structMappings(cfg *Config) []shared.EnvBinding {
EnvVars: []string{"STORAGE_METADATA_DRIVER_OCIS_LAYOUT"},
Destination: &cfg.Reva.MetadataStorage.OCIS.UserLayout,
},
{
EnvVars: []string{"STORAGE_METADATA_DRIVER_OCIS_SERVICE_USER_UUID"},
Destination: &cfg.Reva.MetadataStorage.OCIS.ServiceUserUUID,
},

// metadata driver s3
{
Expand Down Expand Up @@ -1754,10 +1739,6 @@ func structMappings(cfg *Config) []shared.EnvBinding {
EnvVars: []string{"STORAGE_METADATA_DRIVER_S3NG_LAYOUT"},
Destination: &cfg.Reva.MetadataStorage.S3NG.UserLayout,
},
{
EnvVars: []string{"STORAGE_METADATA_DRIVER_S3NG_SERVICE_USER_UUID"},
Destination: &cfg.Reva.MetadataStorage.S3NG.ServiceUserUUID,
},
{
EnvVars: []string{"STORAGE_METADATA_DRIVER_S3NG_REGION"},
Destination: &cfg.Reva.MetadataStorage.S3NG.Region,
Expand Down
25 changes: 10 additions & 15 deletions storage/pkg/config/defaultconfig.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@ const (
defaultStorageNamespace = "/users/{{.Id.OpaqueId}}"
defaultGatewayAddr = "127.0.0.1:9142"
defaultUserLayout = "{{.Id.OpaqueId}}"
defaultServiceUserUUID = "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad"
)

func DefaultConfig() *Config {
Expand Down Expand Up @@ -141,20 +140,18 @@ func DefaultConfig() *Config {
UserLayout: defaultUserLayout,
EnableHome: false,
},
ServiceUserUUID: defaultServiceUserUUID,
Region: "default",
AccessKey: "",
SecretKey: "",
Endpoint: "",
Bucket: "",
Region: "default",
AccessKey: "",
SecretKey: "",
Endpoint: "",
Bucket: "",
},
OCIS: DriverOCIS{
DriverCommon: DriverCommon{
Root: path.Join(defaults.BaseDataPath(), "storage", "users"),
ShareFolder: defaultShareFolder,
UserLayout: defaultUserLayout,
},
ServiceUserUUID: defaultServiceUserUUID,
},
},
MetadataStorage: StorageConfig{
Expand Down Expand Up @@ -197,12 +194,11 @@ func DefaultConfig() *Config {
UserLayout: defaultUserLayout,
EnableHome: false,
},
ServiceUserUUID: defaultServiceUserUUID,
Region: "default",
AccessKey: "",
SecretKey: "",
Endpoint: "",
Bucket: "",
Region: "default",
AccessKey: "",
SecretKey: "",
Endpoint: "",
Bucket: "",
},
OCIS: DriverOCIS{
DriverCommon: DriverCommon{
Expand All @@ -211,7 +207,6 @@ func DefaultConfig() *Config {
UserLayout: defaultUserLayout,
EnableHome: false,
},
ServiceUserUUID: defaultServiceUserUUID,
},
},
Frontend: FrontendPort{
Expand Down
Loading