From 99559f5ea223aa000d3ee9e4c1605d63fe8e6607 Mon Sep 17 00:00:00 2001 From: jkoberg Date: Fri, 16 Jun 2023 14:11:44 +0200 Subject: [PATCH 1/2] add disable wopi chat envaar Signed-off-by: jkoberg --- changelog/unreleased/wopi-disable-chat.md | 5 +++++ services/app-provider/pkg/config/config.go | 1 + services/app-provider/pkg/revaconfig/config.go | 1 + 3 files changed, 7 insertions(+) create mode 100644 changelog/unreleased/wopi-disable-chat.md diff --git a/changelog/unreleased/wopi-disable-chat.md b/changelog/unreleased/wopi-disable-chat.md new file mode 100644 index 00000000000..a015752279a --- /dev/null +++ b/changelog/unreleased/wopi-disable-chat.md @@ -0,0 +1,5 @@ +Enhancement: Allow disabling wopi chat + +Add a configreva for the new reva disable-chat feature + +https://github.com/owncloud/ocis/pull/6544 diff --git a/services/app-provider/pkg/config/config.go b/services/app-provider/pkg/config/config.go index 87234339262..39d4c24a59d 100644 --- a/services/app-provider/pkg/config/config.go +++ b/services/app-provider/pkg/config/config.go @@ -69,6 +69,7 @@ type WOPIDriver struct { AppInternalURL string `yaml:"app_internal_url" env:"APP_PROVIDER_WOPI_APP_INTERNAL_URL" desc:"Internal URL to the app, like in your DMZ."` AppName string `yaml:"app_name" env:"APP_PROVIDER_WOPI_APP_NAME" desc:"Human readable app name."` AppURL string `yaml:"app_url" env:"APP_PROVIDER_WOPI_APP_URL" desc:"URL for end users to access the app."` + AppDisableChat bool `yaml:"app_disable_chat" env:"APP_PROVIDER_WOPI_DISABLE_CHAT" desc:"Disable the chat functionality of the office app."` Insecure bool `yaml:"insecure" env:"APP_PROVIDER_WOPI_INSECURE" desc:"Disable TLS certificate validation for requests to the WOPI server and the web office application. Do not set this in production environments."` IopSecret string `yaml:"wopi_server_iop_secret" env:"APP_PROVIDER_WOPI_WOPI_SERVER_IOP_SECRET" desc:"Shared secret of the CS3org WOPI server."` WopiURL string `yaml:"wopi_server_external_url" env:"APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL" desc:"External url of the CS3org WOPI server."` diff --git a/services/app-provider/pkg/revaconfig/config.go b/services/app-provider/pkg/revaconfig/config.go index d15b825b8de..84e7c814499 100644 --- a/services/app-provider/pkg/revaconfig/config.go +++ b/services/app-provider/pkg/revaconfig/config.go @@ -40,6 +40,7 @@ func AppProviderConfigFromStruct(cfg *config.Config) map[string]interface{} { "app_int_url": cfg.Drivers.WOPI.AppInternalURL, "app_name": cfg.Drivers.WOPI.AppName, "app_url": cfg.Drivers.WOPI.AppURL, + "app_disable_chat": cfg.Drivers.WOPI.AppDisableChat, "insecure_connections": cfg.Drivers.WOPI.Insecure, "iop_secret": cfg.Drivers.WOPI.IopSecret, "jwt_secret": cfg.TokenManager.JWTSecret, From 48325b9991908b10d933f9e245c4cd778d206add Mon Sep 17 00:00:00 2001 From: jkoberg Date: Fri, 16 Jun 2023 14:56:02 +0200 Subject: [PATCH 2/2] bump reva Signed-off-by: jkoberg --- go.mod | 2 +- go.sum | 4 +-- .../reva/v2/pkg/app/provider/wopi/wopi.go | 20 +++++++----- .../jsoncs3/providercache/providercache.go | 18 +++-------- .../receivedsharecache/receivedsharecache.go | 18 +++-------- .../manager/jsoncs3/sharecache/sharecache.go | 18 +++-------- .../storage/utils/decomposedfs/node/node.go | 31 ------------------- vendor/modules.txt | 2 +- 8 files changed, 31 insertions(+), 82 deletions(-) diff --git a/go.mod b/go.mod index ea4e50ab1c0..b3ec4444e98 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/coreos/go-oidc v2.2.1+incompatible github.com/coreos/go-oidc/v3 v3.6.0 github.com/cs3org/go-cs3apis v0.0.0-20230516150832-730ac860c71d - github.com/cs3org/reva/v2 v2.14.1-0.20230615141102-1906a729ee5a + github.com/cs3org/reva/v2 v2.14.1-0.20230616125400-b30fdde17262 github.com/disintegration/imaging v1.6.2 github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e github.com/egirna/icap-client v0.1.1 diff --git a/go.sum b/go.sum index 350e288fffe..b21491f9d85 100644 --- a/go.sum +++ b/go.sum @@ -625,8 +625,8 @@ github.com/crewjam/httperr v0.2.0 h1:b2BfXR8U3AlIHwNeFFvZ+BV1LFvKLlzMjzaTnZMybNo github.com/crewjam/httperr v0.2.0/go.mod h1:Jlz+Sg/XqBQhyMjdDiC+GNNRzZTD7x39Gu3pglZ5oH4= github.com/crewjam/saml v0.4.13 h1:TYHggH/hwP7eArqiXSJUvtOPNzQDyQ7vwmwEqlFWhMc= github.com/crewjam/saml v0.4.13/go.mod h1:igEejV+fihTIlHXYP8zOec3V5A8y3lws5bQBFsTm4gA= -github.com/cs3org/reva/v2 v2.14.1-0.20230615141102-1906a729ee5a h1:T+504loI0dvksiutkzF4ciLfIJD/LJtJFdFJ6d7I7dA= -github.com/cs3org/reva/v2 v2.14.1-0.20230615141102-1906a729ee5a/go.mod h1:E32krZG159YflDSjDWfx/QGIC2529PS5LiPnGNHu3d0= +github.com/cs3org/reva/v2 v2.14.1-0.20230616125400-b30fdde17262 h1:qtK30bpLgJsUha9XbJseTksGXaNQtTteynVZEobL1fw= +github.com/cs3org/reva/v2 v2.14.1-0.20230616125400-b30fdde17262/go.mod h1:E32krZG159YflDSjDWfx/QGIC2529PS5LiPnGNHu3d0= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= diff --git a/vendor/github.com/cs3org/reva/v2/pkg/app/provider/wopi/wopi.go b/vendor/github.com/cs3org/reva/v2/pkg/app/provider/wopi/wopi.go index cf7bd52b5bf..11744154eca 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/app/provider/wopi/wopi.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/app/provider/wopi/wopi.go @@ -69,6 +69,7 @@ type config struct { JWTSecret string `mapstructure:"jwt_secret" docs:";The JWT secret to be used to retrieve the token TTL."` AppDesktopOnly bool `mapstructure:"app_desktop_only" docs:"false;Specifies if the app can be opened only on desktop."` InsecureConnections bool `mapstructure:"insecure_connections"` + AppDisableChat bool `mapstructure:"app_disable_chat"` } func parseConfig(m map[string]interface{}) (*config, error) { @@ -246,20 +247,23 @@ func (p *wopiProvider) GetAppURL(ctx context.Context, resource *provider.Resourc return nil, err } - appFullURL := result["app-url"].(string) + url, err := url.Parse(result["app-url"].(string)) + if err != nil { + return nil, err + } + urlQuery := url.Query() if language != "" { - url, err := url.Parse(appFullURL) - if err != nil { - return nil, err - } - urlQuery := url.Query() urlQuery.Set("ui", language) // OnlyOffice urlQuery.Set("lang", language) // Collabora urlQuery.Set("UI_LLCC", language) // Office365 - url.RawQuery = urlQuery.Encode() - appFullURL = url.String() } + if p.conf.AppDisableChat { + urlQuery.Set("dchat", "1") // OnlyOffice disable chat + } + + url.RawQuery = urlQuery.Encode() + appFullURL := url.String() // Depending on whether wopi server returned any form parameters or not, // we decide whether the request method is POST or GET diff --git a/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/providercache/providercache.go b/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/providercache/providercache.go index a91b517fd52..08cbb06000e 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/providercache/providercache.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/providercache/providercache.go @@ -43,8 +43,7 @@ const tracerName = "providercache" // Cache holds share information structured by provider and space type Cache struct { - lockMapLock sync.Mutex - lockMap map[string]*sync.Mutex + lockMap sync.Map Providers map[string]*Spaces @@ -106,16 +105,9 @@ func (s *Shares) UnmarshalJSON(data []byte) error { // LockSpace locks the cache for a given space and returns an unlock function func (c *Cache) LockSpace(spaceID string) func() { - lock := c.lockMap[spaceID] - if lock == nil { - c.lockMapLock.Lock() - lock = c.lockMap[spaceID] - if lock == nil { - c.lockMap[spaceID] = &sync.Mutex{} - lock = c.lockMap[spaceID] - } - c.lockMapLock.Unlock() - } + v, _ := c.lockMap.LoadOrStore(spaceID, &sync.Mutex{}) + lock := v.(*sync.Mutex) + lock.Lock() return func() { lock.Unlock() } } @@ -126,7 +118,7 @@ func New(s metadata.Storage, ttl time.Duration) Cache { Providers: map[string]*Spaces{}, storage: s, ttl: ttl, - lockMap: map[string]*sync.Mutex{}, + lockMap: sync.Map{}, } } diff --git a/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/receivedsharecache/receivedsharecache.go b/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/receivedsharecache/receivedsharecache.go index faf6d13f494..4810f1ff131 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/receivedsharecache/receivedsharecache.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/receivedsharecache/receivedsharecache.go @@ -44,8 +44,7 @@ const tracerName = "receivedsharecache" // It functions as an in-memory cache with a persistence layer // The storage is sharded by user type Cache struct { - lockMapLock sync.Mutex - lockMap map[string]*sync.Mutex + lockMap sync.Map ReceivedSpaces map[string]*Spaces @@ -79,21 +78,14 @@ func New(s metadata.Storage, ttl time.Duration) Cache { ReceivedSpaces: map[string]*Spaces{}, storage: s, ttl: ttl, - lockMap: map[string]*sync.Mutex{}, + lockMap: sync.Map{}, } } func (c *Cache) lockUser(userID string) func() { - lock := c.lockMap[userID] - if lock == nil { - c.lockMapLock.Lock() - lock = c.lockMap[userID] - if lock == nil { - c.lockMap[userID] = &sync.Mutex{} - lock = c.lockMap[userID] - } - c.lockMapLock.Unlock() - } + v, _ := c.lockMap.LoadOrStore(userID, &sync.Mutex{}) + lock := v.(*sync.Mutex) + lock.Lock() return func() { lock.Unlock() } } diff --git a/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/sharecache/sharecache.go b/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/sharecache/sharecache.go index 649f8dee6f9..f4058d45947 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/sharecache/sharecache.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/share/manager/jsoncs3/sharecache/sharecache.go @@ -43,8 +43,7 @@ const tracerName = "sharecache" // It functions as an in-memory cache with a persistence layer // The storage is sharded by user/group type Cache struct { - lockMapLock sync.Mutex - lockMap map[string]*sync.Mutex + lockMap sync.Map UserShares map[string]*UserShareCache @@ -69,16 +68,9 @@ type SpaceShareIDs struct { } func (c *Cache) lockUser(userID string) func() { - lock := c.lockMap[userID] - if lock == nil { - c.lockMapLock.Lock() - lock = c.lockMap[userID] - if lock == nil { - c.lockMap[userID] = &sync.Mutex{} - lock = c.lockMap[userID] - } - c.lockMapLock.Unlock() - } + v, _ := c.lockMap.LoadOrStore(userID, &sync.Mutex{}) + lock := v.(*sync.Mutex) + lock.Lock() return func() { lock.Unlock() } } @@ -91,7 +83,7 @@ func New(s metadata.Storage, namespace, filename string, ttl time.Duration) Cach namespace: namespace, filename: filename, ttl: ttl, - lockMap: map[string]*sync.Mutex{}, + lockMap: sync.Map{}, } } diff --git a/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node/node.go b/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node/node.go index f154d2db02b..9c52eeeeebd 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node/node.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node/node.go @@ -294,37 +294,6 @@ func ReadNode(ctx context.Context, lu PathLookup, spaceID, nodeID string, canLis } return nil, errtypes.InternalError("Missing parent ID on node") } - // TODO why do we stat the parent? to determine if the current node is in the trash we would need to traverse all parents... - // we need to traverse all parents for permissions anyway ... - // - we can compare to space root owner with the current user - // - we can compare the share permissions on the root for spaces, which would work for managers - // - for non managers / owners we need to traverse all path segments because an intermediate node might have been shared - // - if we want to support negative acls we need to traverse the path for all users (but the owner) - // for trashed items we need to check all parents - // - one of them might have the trash suffix ... - // - options: - // - move deleted nodes in a trash folder that is still part of the tree (aka freedesktop org trash spec) - // - shares should still be removed, which requires traversing all trashed children ... and it should be undoable ... - // - what if a trashed file is restored? will child items be accessible by a share? - // - compare paths of trash root items and the trashed file? - // - to determine the relative path of a file we would need to traverse all intermediate nodes anyway - // - recursively mark all children as trashed ... async ... it is ok when that is not synchronous - // - how do we pick up if an error occurs? write a journal somewhere? activity log / delta? - // - stat requests will not pick up trashed items at all - // - recursively move all children into the trash folder? - // - no need to write an additional trash entry - // - can be made more robust with a journal - // - same recursion mechanism can be used to purge items? sth we still need to do - // - flag the two above options with dtime - if !skipParentCheck { - _, err = os.Stat(n.ParentPath()) - if err != nil { - if errors.Is(err, fs.ErrNotExist) { - return nil, errtypes.NotFound(err.Error()) - } - return nil, err - } - } if revisionSuffix == "" { n.BlobID = attrs.String(prefixes.BlobIDAttr) diff --git a/vendor/modules.txt b/vendor/modules.txt index c8906b155b1..8ad8a49a777 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -352,7 +352,7 @@ github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1 github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1 github.com/cs3org/go-cs3apis/cs3/tx/v1beta1 github.com/cs3org/go-cs3apis/cs3/types/v1beta1 -# github.com/cs3org/reva/v2 v2.14.1-0.20230615141102-1906a729ee5a +# github.com/cs3org/reva/v2 v2.14.1-0.20230616125400-b30fdde17262 ## explicit; go 1.20 github.com/cs3org/reva/v2/cmd/revad/internal/grace github.com/cs3org/reva/v2/cmd/revad/runtime