Merge remote-tracking branch 'upstream/main' into move-mod-notes-to-los

README.md

@@ -210,10 +210,11 @@ It returns a JSON dictonary like this:
 
 `{"0":15,"1":4,"2":3}`
 
-The key is a user ID and the value is the amount of currently open connections. User ID
-`0` is the anonymous user. It the example above, the anonymous user has 15 open
-connections, the user with the ID 1 has 4 open connections and the user with the
-ID 2 has 3 open connection.
+The key is a user ID and the value is the amount of currently open connections.
+User ID `0` is for connections, that are not logged in (public access). It the
+example above, there are 15 open connections from public access, the user with
+the ID 1 has 4 open connections and the user with the ID 2 has 3 open
+connection.
 
 Users can only access this page if they have the organization management level
 or higher.
@@ -228,15 +229,15 @@ The logged metric is a json dictonary like:
 
 ```json
 {
-    "connections_longpolling_connected_users_anonymous_connections": 0,
+    "connections_longpolling_connected_connections_public_access": 0,
     "connections_longpolling_connected_users_average_connections": 3,
     "connections_longpolling_connected_users_current": 1,
     "connections_longpolling_connected_users_current_local": 1,
     "connections_longpolling_connected_users_total": 1,
     "connections_longpolling_connected_users_total_local": 1,
     "connections_longpolling_current_connections": 3,
     "connections_longpolling_current_connections_local": 3,
-    "connections_stream_connected_users_anonymous_connections": 0,
+    "connections_stream_connected_connections_public_access": 0,
     "connections_stream_connected_users_average_connections": 6,
     "connections_stream_connected_users_current": 2,
     "connections_stream_connected_users_current_local": 2,
@@ -255,11 +256,10 @@ The prefix `connections_stream` are for "normal" connections.
 fallback.
 
 
-
-* `connections_stream_connected_users_anonymous_connections`: Number of
-  connections from the anonymous users from all autoupdate instances.
+* `connections_stream_connected_connections_public_access`: Number of
+  connections from non logged in users (public access) from all autoupdate instances.
 * `connections_stream_connected_users_average_connections`: Average connection
-  count for each user except for anonymous user.
+  count for each logged in user (no public access).
 * `connections_stream_connected_users_current`: Amount of connected users that
   have at least one open connection.
 * `connections_stream_connected_users_current_local`: Amount of connected users

environment.md

@@ -8,7 +8,7 @@ The Service uses the following environment variables:
 * `AUTOUPDATE_PORT`: Port on which the service listen on. The default is `9012`.
 * `MESSAGE_BUS_HOST`: Host of the redis server. The default is `localhost`.
 * `MESSAGE_BUS_PORT`: Port of the redis server. The default is `6379`.
-* `ANONYMOUS_ONLY`: Start for only anonymous users. Does not write to redis or connect to the vote-service. The default is `false`.
+* `OPENSLIDES_PUBLIC_ACCESS_ONLY`: Start for only public access. Does not write to redis or connect to the vote-service. The default is `false`.
 * `OPENSLIDES_DEVELOPMENT`: If set, the service uses the default secrets. The default is `false`.
 * `DATABASE_PASSWORD_FILE`: Postgres Password. The default is `/run/secrets/postgres_password`.
 * `DATABASE_USER`: Postgres Database. The default is `openslides`.

internal/http/connection_count.go

@@ -163,7 +163,7 @@ func (c *ConnectionCount) Metric(con metric.Container) {
 		con.Add(c.name+"_connected_users_current", currentConnectedUsers)
 		con.Add(c.name+"_connected_users_total", len(data))
 		con.Add(c.name+"_connected_users_average_connections", average)
-		con.Add(c.name+"_connected_users_anonymous_connections", data[0])
+		con.Add(c.name+"_connections_public_access", data[0])
 		con.Add(c.name+"_current_connections", currentConnections)
 	}
 

internal/http/interfaces.go

@@ -5,7 +5,7 @@ import (
 	"net/http"
 )
 
-// Authenticater gives an user id for an request. Returns 0 for anonymous.
+// Authenticater gives an user id for an request. Returns 0 for public access.
 type Authenticater interface {
 	Authenticate(http.ResponseWriter, *http.Request) (context.Context, error)
 	FromContext(context.Context) int

internal/restrict/collection/group_test.go

@@ -22,7 +22,7 @@ func TestGroupModeA(t *testing.T) {
 	)
 
 	testCase(
-		"anonymous enabled",
+		"public access enabled",
 		t,
 		g.Modes("A"),
 		true,

internal/restrict/collection/mediafile_test.go

@@ -41,7 +41,7 @@ func TestMediafileModeA(t *testing.T) {
 	)
 
 	testCase(
-		"Anonymous organization",
+		"Public access organization",
 		t,
 		m.Modes("A"),
 		false,
@@ -53,7 +53,7 @@ func TestMediafileModeA(t *testing.T) {
 	)
 
 	testCase(
-		"Anonymous published organization",
+		"Public access published organization",
 		t,
 		m.Modes("A"),
 		true,
@@ -78,7 +78,7 @@ func TestMediafileModeA(t *testing.T) {
 	)
 
 	testCase(
-		"Anonymous access published organization not public with token",
+		"Public access published organization not public with token",
 		t,
 		m.Modes("A"),
 		true,

internal/restrict/collection/meeting.go

@@ -76,12 +76,12 @@ func (m Meeting) see(ctx context.Context, ds *dsfetch.Fetch, meetingIDs ...int)
 	}
 
 	lockedMeetings := make([]bool, len(meetingIDs))
-	enabledMeetingAnonymous := make([]bool, len(meetingIDs))
-	var enabledOrgaAnonymous bool
-	ds.Organization_EnableAnonymous(1).Lazy(&enabledOrgaAnonymous)
+	enabledMeetingPublicAccess := make([]bool, len(meetingIDs))
+	var enabledOrgaPublicAccess bool
+	ds.Organization_EnableAnonymous(1).Lazy(&enabledOrgaPublicAccess)
 	for i, id := range meetingIDs {
 		ds.Meeting_LockedFromInside(id).Lazy(&lockedMeetings[i])
-		ds.Meeting_EnableAnonymous(id).Lazy(&enabledMeetingAnonymous[i])
+		ds.Meeting_EnableAnonymous(id).Lazy(&enabledMeetingPublicAccess[i])
 	}
 
 	if err := ds.Execute(ctx); err != nil {
@@ -138,7 +138,7 @@ LOOP_MEETINGS:
 			continue
 		}
 
-		if (enabledOrgaAnonymous && enabledMeetingAnonymous[i]) || oml {
+		if (enabledOrgaPublicAccess && enabledMeetingPublicAccess[i]) || oml {
 			allowed = append(allowed, meetingID)
 			continue
 		}

internal/restrict/collection/meeting_mediafile_test.go

@@ -26,7 +26,7 @@ func TestMeetingMediafileModeA(t *testing.T) {
 	)
 
 	testCase(
-		"Anonymous",
+		"Public Access",
 		t,
 		m.Modes("A"),
 		true,

internal/restrict/collection/meeting_test.go

@@ -36,7 +36,7 @@ func TestMeetingModeB(t *testing.T) {
 	)
 
 	testCase(
-		"anonymous enabled",
+		"Public Access enabled",
 		t,
 		m.Modes("B"),
 		true,
@@ -48,7 +48,7 @@ func TestMeetingModeB(t *testing.T) {
 	)
 
 	testCase(
-		"anonymous enabled only in organization",
+		"Public access enabled only in organization",
 		t,
 		m.Modes("B"),
 		false,
@@ -61,7 +61,7 @@ func TestMeetingModeB(t *testing.T) {
 	)
 
 	testCase(
-		"anonymous enabled only in meeting",
+		"Public Access enabled only in meeting",
 		t,
 		m.Modes("B"),
 		false,
@@ -74,7 +74,7 @@ func TestMeetingModeB(t *testing.T) {
 	)
 
 	testCase(
-		"anonymous enabled, as locked in user that was locked out",
+		"Public access enabled, as locked in user that was locked out",
 		t,
 		m.Modes("B"),
 		false,
@@ -246,7 +246,7 @@ func TestMeetingModeB(t *testing.T) {
 	)
 
 	testCase(
-		"Request with anonymous",
+		"Request from public access",
 		t,
 		m.Modes("B"),
 		false,

internal/restrict/collection/meeting_user_test.go

@@ -24,7 +24,7 @@ func TestMeetingUserModeA(t *testing.T) {
 	)
 
 	testCase(
-		"With anonymous",
+		"With public access enabled",
 		t,
 		f,
 		false,

internal/restrict/collection/organization.go

@@ -14,7 +14,7 @@ import (
 //
 // Mode A: The user can see the organization (always).
 //
-// Mode B: The user must be logged in (no anonymous).
+// Mode B: The user must be logged in (no public access).
 //
 // Mode C: The user has the OML can_manage_users or higher.
 //

internal/restrict/collection/organization_tag_test.go

@@ -10,7 +10,7 @@ func TestOrganizationTagModeA(t *testing.T) {
 	f := collection.OrganizationTag{}.Modes("A")
 
 	testCase(
-		"anonymous",
+		"Public access",
 		t,
 		f,
 		false,

internal/restrict/collection/organization_test.go

@@ -22,7 +22,7 @@ func TestOrganizationModeB(t *testing.T) {
 	f := collection.Organization{}.Modes("B")
 
 	testCase(
-		"anonymous",
+		"Public access",
 		t,
 		f,
 		false,
@@ -44,7 +44,7 @@ func TestOrganizationModeC(t *testing.T) {
 	f := collection.Organization{}.Modes("C")
 
 	testCase(
-		"anonymous",
+		"Public access",
 		t,
 		f,
 		false,
@@ -77,7 +77,7 @@ func TestOrganizationModeE(t *testing.T) {
 	f := collection.Organization{}.Modes("E")
 
 	testCase(
-		"anonymous",
+		"Public access",
 		t,
 		f,
 		false,

internal/restrict/collection/personal_note_test.go

@@ -10,7 +10,7 @@ func TestPersonalNoteModeA(t *testing.T) {
 	var p collection.PersonalNote
 
 	testCase(
-		"as anonymous",
+		"From public access",
 		t,
 		p.Modes("A"),
 		false,

internal/restrict/collection/user_test.go

@@ -21,7 +21,7 @@ func TestUserModeA(t *testing.T) {
 	)
 
 	testCase(
-		"With anonymous",
+		"From public access",
 		t,
 		f,
 		false,
@@ -370,7 +370,7 @@ func TestUserModeB(t *testing.T) {
 	)
 
 	testCase(
-		"With anonymous",
+		"From public access",
 		t,
 		f,
 		false,
@@ -782,7 +782,7 @@ func TestUserModeE(t *testing.T) {
 	)
 
 	testCase(
-		"With anonymous",
+		"From public access",
 		t,
 		u.Modes("E"),
 		false,
@@ -1065,7 +1065,7 @@ func TestUserModeH(t *testing.T) {
 	)
 
 	testCase(
-		"As anonymous",
+		"From public access",
 		t,
 		f,
 		false,

internal/restrict/perm/perm.go

@@ -21,7 +21,7 @@ type Permission struct {
 // If the user is not a member of the meeting, nil is returned.
 func New(ctx context.Context, ds *dsfetch.Fetch, userID, meetingID int) (*Permission, error) {
 	if userID == 0 {
-		return newAnonymous(ctx, ds, meetingID)
+		return newPublicAccess(ctx, ds, meetingID)
 	}
 
 	isSuperAdmin, err := HasOrganizationManagementLevel(ctx, ds, userID, OMLSuperadmin)
@@ -84,35 +84,35 @@ func New(ctx context.Context, ds *dsfetch.Fetch, userID, meetingID int) (*Permis
 	return &Permission{groupIDs: groupIDs, permissions: perms}, nil
 }
 
-func newAnonymous(ctx context.Context, ds *dsfetch.Fetch, meetingID int) (*Permission, error) {
-	enabledOrgaAnonymous, err := ds.Organization_EnableAnonymous(1).Value(ctx)
+func newPublicAccess(ctx context.Context, ds *dsfetch.Fetch, meetingID int) (*Permission, error) {
+	enabledOrgaPublicAccess, err := ds.Organization_EnableAnonymous(1).Value(ctx)
 	if err != nil {
-		return nil, fmt.Errorf("checking orga meeting enabled: %w", err)
+		return nil, fmt.Errorf("checking orga public access enabled: %w", err)
 	}
-	enableMeetingAnonymous, err := ds.Meeting_EnableAnonymous(meetingID).Value(ctx)
+	enableMeetingPublicAccess, err := ds.Meeting_EnableAnonymous(meetingID).Value(ctx)
 	if err != nil {
-		return nil, fmt.Errorf("checking anonymous meeting enabled: %w", err)
+		return nil, fmt.Errorf("checking meeting public access enabled: %w", err)
 	}
-	if !(enableMeetingAnonymous && enabledOrgaAnonymous) {
+	if !(enableMeetingPublicAccess && enabledOrgaPublicAccess) {
 		return nil, nil
 	}
 
-	maybeAnonymousGroupID, err := ds.Meeting_AnonymousGroupID(meetingID).Value(ctx)
+	maybePublicAccessGroupID, err := ds.Meeting_AnonymousGroupID(meetingID).Value(ctx)
 	if err != nil {
-		return nil, fmt.Errorf("getting anonymous group: %w", err)
+		return nil, fmt.Errorf("getting public access group: %w", err)
 	}
 
-	anonymousGroupID, hasAnonymousGroup := maybeAnonymousGroupID.Value()
-	if !hasAnonymousGroup {
-		return nil, fmt.Errorf("anonymous group id not set")
+	publicAccessGroupID, hasPublicAccessGroup := maybePublicAccessGroupID.Value()
+	if !hasPublicAccessGroup {
+		return nil, fmt.Errorf("public access group id not set")
 	}
 
-	perms, err := permissionsFromGroups(ctx, ds, anonymousGroupID)
+	perms, err := permissionsFromGroups(ctx, ds, publicAccessGroupID)
 	if err != nil {
-		return nil, fmt.Errorf("getting permissions for anonymous group: %w", err)
+		return nil, fmt.Errorf("getting permissions for public access group: %w", err)
 	}
 
-	return &Permission{groupIDs: []int{anonymousGroupID}, permissions: perms}, nil
+	return &Permission{groupIDs: []int{publicAccessGroupID}, permissions: perms}, nil
 }
 
 func isAdmin(ctx context.Context, ds *dsfetch.Fetch, meetingID int, groupIDs []int) (bool, error) {

main.go

@@ -28,7 +28,7 @@ var (
 	envMetricInterval         = environment.NewVariable("METRIC_INTERVAL", "5m", "Time in how often the metrics are gathered. Zero disables the metrics.")
 	envMetricSaveInterval     = environment.NewVariable("METRIC_SAVE_INTERVAL", "5m", "Interval, how often the metric should be saved to redis. Redis will ignore entries, that are twice at old then the save interval.")
 	envDisableConnectionCount = environment.NewVariable("DISABLE_CONNECTION_COUNT", "false", "Do not count connections.")
-	envAnonymousOnly          = environment.NewVariable("ANONYMOUS_ONLY", "false", "Start for only anonymous users. Does not write to redis or connect to the vote-service.")
+	envPublicAccessOnly       = environment.NewVariable("OPENSLIDES_PUBLIC_ACCESS_ONLY", "false", "Start for only public access. Does not write to redis or connect to the vote-service.")
 )
 
 var cli struct {
@@ -134,10 +134,10 @@ func initService(lookup environment.Environmenter) (func(context.Context) error,
 	// Redis as message bus for datastore and logout events.
 	messageBus := redis.New(lookup)
 
-	anonymousOnly, _ := strconv.ParseBool(envAnonymousOnly.Value(lookup))
+	publicAccessOnly, _ := strconv.ParseBool(envPublicAccessOnly.Value(lookup))
 
 	// Autoupdate data flow.
-	flow, flowBackground, err := autoupdate.NewFlow(lookup, messageBus, anonymousOnly)
+	flow, flowBackground, err := autoupdate.NewFlow(lookup, messageBus, publicAccessOnly)
 	if err != nil {
 		return nil, fmt.Errorf("init autoupdate data flow: %w", err)
 	}
@@ -177,7 +177,7 @@ func initService(lookup environment.Environmenter) (func(context.Context) error,
 	}
 
 	metricStorage := messageBus
-	if disable, _ := strconv.ParseBool(envDisableConnectionCount.Value(lookup)); disable || anonymousOnly {
+	if disable, _ := strconv.ParseBool(envDisableConnectionCount.Value(lookup)); disable || publicAccessOnly {
 		metricStorage = nil
 	}
 

pkg/auth/auth.go

@@ -175,7 +175,7 @@ func (a *Auth) AuthenticatedContext(ctx context.Context, userID int) context.Con
 
 // FromContext returnes the user id from a context returned by Authenticate().
 //
-// If the user is an anonymous user 0 is returned.
+// If the user is not logged in (public access) user 0 is returned.
 //
 // Panics, if the context was not returned from Authenticate
 func (a *Auth) FromContext(ctx context.Context) int {
@@ -240,7 +240,7 @@ func (a *Auth) loadToken(w http.ResponseWriter, r *http.Request, payload jwt.Cla
 	encodedToken := strings.TrimPrefix(header, "bearer ")
 
 	if cookie == nil && header == encodedToken {
-		// No token and no auth cookie. Handle the request as anonymous requst.
+		// No token and no auth cookie. Handle the request as public access requst.
 		return nil
 	}