From 286b293c9401be61ca729013691a27a6b59388c9 Mon Sep 17 00:00:00 2001 From: Roman Perekhod Date: Thu, 19 Sep 2024 09:40:29 +0200 Subject: [PATCH 1/3] Fixed an issue when the collaboration service registers apps also for binary and unknown mime types. --- changelog/unreleased/fix-registers-app.md | 6 + go.mod | 2 +- go.sum | 4 +- .../collaboration/pkg/helpers/registration.go | 4 + .../eventsmiddleware/conversion.go | 197 ++++++++++-------- .../interceptors/eventsmiddleware/events.go | 62 +++--- .../http/services/appprovider/appprovider.go | 13 +- .../pkg/auth/manager/ocmshares/ocmshares.go | 2 + .../auth/manager/publicshares/publicshares.go | 7 +- .../cs3org/reva/v2/pkg/events/files.go | 125 ++++++----- .../reva/v2/pkg/events/postprocessing.go | 54 ++--- .../cs3org/reva/v2/pkg/mime/mime.go | 1 + .../utils/decomposedfs/decomposedfs.go | 7 +- .../utils/decomposedfs/upload/session.go | 11 +- .../utils/decomposedfs/upload/upload.go | 25 ++- vendor/modules.txt | 2 +- 16 files changed, 299 insertions(+), 223 deletions(-) create mode 100644 changelog/unreleased/fix-registers-app.md diff --git a/changelog/unreleased/fix-registers-app.md b/changelog/unreleased/fix-registers-app.md new file mode 100644 index 00000000000..8f281b3b757 --- /dev/null +++ b/changelog/unreleased/fix-registers-app.md @@ -0,0 +1,6 @@ +Bugfix: Fixed the collaboration service registration + +Fixed an issue when the collaboration service registers apps also for binary and unknown mime types. + +https://github.com/owncloud/ocis/pull/10107 +https://github.com/owncloud/ocis/issues/10086 diff --git a/go.mod b/go.mod index e7687ebb191..11ceeab1a21 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/cenkalti/backoff v2.2.1+incompatible github.com/coreos/go-oidc/v3 v3.11.0 github.com/cs3org/go-cs3apis v0.0.0-20240724121416-062c4e3046cb - github.com/cs3org/reva/v2 v2.24.2-0.20240919151635-556263192484 + github.com/cs3org/reva/v2 v2.24.2-0.20240924091626-9635c6d8234e github.com/dhowden/tag v0.0.0-20230630033851-978a0926ee25 github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e github.com/egirna/icap-client v0.1.1 diff --git a/go.sum b/go.sum index fa6b0f215dd..d897fab4448 100644 --- a/go.sum +++ b/go.sum @@ -255,8 +255,8 @@ github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c= github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME= github.com/cs3org/go-cs3apis v0.0.0-20240724121416-062c4e3046cb h1:KmYZDReplv/yfwc1LNYpDcVhVujC3Pasv6WjXx1haSU= github.com/cs3org/go-cs3apis v0.0.0-20240724121416-062c4e3046cb/go.mod h1:yyP8PRo0EZou3nSH7H4qjlzQwaydPeIRNgX50npQHpE= -github.com/cs3org/reva/v2 v2.24.2-0.20240919151635-556263192484 h1:MeHzCFCh5WttP2hz7UTCHgV6WQXrucQXSyQs5+aIrcY= -github.com/cs3org/reva/v2 v2.24.2-0.20240919151635-556263192484/go.mod h1:p7CHBXcg6sSqB+0JMNDfC1S7TSh9FghXkw1kTV3KcJI= +github.com/cs3org/reva/v2 v2.24.2-0.20240924091626-9635c6d8234e h1:4K3F/kwEaTANja+d15FF4e10PHYtHAfk6y2uWqg/1NM= +github.com/cs3org/reva/v2 v2.24.2-0.20240924091626-9635c6d8234e/go.mod h1:p7CHBXcg6sSqB+0JMNDfC1S7TSh9FghXkw1kTV3KcJI= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= diff --git a/services/collaboration/pkg/helpers/registration.go b/services/collaboration/pkg/helpers/registration.go index 85a15fadea2..0fa416bd4be 100644 --- a/services/collaboration/pkg/helpers/registration.go +++ b/services/collaboration/pkg/helpers/registration.go @@ -40,6 +40,10 @@ func RegisterAppProvider( for _, extensions := range appUrls { for ext := range extensions { m := mime.Detect(false, ext) + // skip the default + if m == "application/octet-stream" { + continue + } mimeTypesMap[m] = true } } diff --git a/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/eventsmiddleware/conversion.go b/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/eventsmiddleware/conversion.go index 9e5a739e0fa..0bdedfe4ce6 100644 --- a/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/eventsmiddleware/conversion.go +++ b/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/eventsmiddleware/conversion.go @@ -32,20 +32,21 @@ import ( ) // ContainerCreated converts the response to an event -func ContainerCreated(r *provider.CreateContainerResponse, req *provider.CreateContainerRequest, spaceOwner, executant *user.UserId) events.ContainerCreated { +func ContainerCreated(r *provider.CreateContainerResponse, req *provider.CreateContainerRequest, spaceOwner *user.UserId, executant *user.User) events.ContainerCreated { return events.ContainerCreated{ - SpaceOwner: spaceOwner, - Executant: executant, - Ref: req.Ref, - Timestamp: utils.TSNow(), + SpaceOwner: spaceOwner, + Executant: executant.GetId(), + Ref: req.Ref, + Timestamp: utils.TSNow(), + ImpersonatingUser: extractImpersonator(executant), } } // ShareCreated converts the response to an event -func ShareCreated(r *collaboration.CreateShareResponse, executant *user.UserId) events.ShareCreated { +func ShareCreated(r *collaboration.CreateShareResponse, executant *user.User) events.ShareCreated { return events.ShareCreated{ ShareID: r.Share.GetId(), - Executant: executant, + Executant: executant.GetId(), Sharer: r.Share.Creator, GranteeUserID: r.Share.GetGrantee().GetUserId(), GranteeGroupID: r.Share.GetGrantee().GetGroupId(), @@ -56,7 +57,7 @@ func ShareCreated(r *collaboration.CreateShareResponse, executant *user.UserId) } // ShareRemoved converts the response to an event -func ShareRemoved(r *collaboration.RemoveShareResponse, req *collaboration.RemoveShareRequest, executant *user.UserId) events.ShareRemoved { +func ShareRemoved(r *collaboration.RemoveShareResponse, req *collaboration.RemoveShareRequest, executant *user.User) events.ShareRemoved { var ( userid *user.UserId groupid *group.GroupId @@ -66,7 +67,7 @@ func ShareRemoved(r *collaboration.RemoveShareResponse, req *collaboration.Remov _ = utils.ReadJSONFromOpaque(r.Opaque, "granteegroupid", &userid) _ = utils.ReadJSONFromOpaque(r.Opaque, "resourceid", &rid) return events.ShareRemoved{ - Executant: executant, + Executant: executant.GetId(), ShareID: req.Ref.GetId(), ShareKey: req.Ref.GetKey(), GranteeUserID: userid, @@ -77,9 +78,9 @@ func ShareRemoved(r *collaboration.RemoveShareResponse, req *collaboration.Remov } // ShareUpdated converts the response to an event -func ShareUpdated(r *collaboration.UpdateShareResponse, req *collaboration.UpdateShareRequest, executant *user.UserId) events.ShareUpdated { +func ShareUpdated(r *collaboration.UpdateShareResponse, req *collaboration.UpdateShareRequest, executant *user.User) events.ShareUpdated { return events.ShareUpdated{ - Executant: executant, + Executant: executant.GetId(), ShareID: r.Share.Id, ItemID: r.Share.ResourceId, Permissions: r.Share.Permissions, @@ -92,9 +93,9 @@ func ShareUpdated(r *collaboration.UpdateShareResponse, req *collaboration.Updat } // ReceivedShareUpdated converts the response to an event -func ReceivedShareUpdated(r *collaboration.UpdateReceivedShareResponse, executant *user.UserId) events.ReceivedShareUpdated { +func ReceivedShareUpdated(r *collaboration.UpdateReceivedShareResponse, executant *user.User) events.ReceivedShareUpdated { return events.ReceivedShareUpdated{ - Executant: executant, + Executant: executant.GetId(), ShareID: r.Share.Share.Id, ItemID: r.Share.Share.ResourceId, Permissions: r.Share.Share.Permissions, @@ -107,9 +108,9 @@ func ReceivedShareUpdated(r *collaboration.UpdateReceivedShareResponse, executan } // LinkCreated converts the response to an event -func LinkCreated(r *link.CreatePublicShareResponse, executant *user.UserId) events.LinkCreated { +func LinkCreated(r *link.CreatePublicShareResponse, executant *user.User) events.LinkCreated { return events.LinkCreated{ - Executant: executant, + Executant: executant.GetId(), ShareID: r.Share.Id, Sharer: r.Share.Creator, ItemID: r.Share.ResourceId, @@ -123,9 +124,9 @@ func LinkCreated(r *link.CreatePublicShareResponse, executant *user.UserId) even } // LinkUpdated converts the response to an event -func LinkUpdated(r *link.UpdatePublicShareResponse, req *link.UpdatePublicShareRequest, executant *user.UserId) events.LinkUpdated { +func LinkUpdated(r *link.UpdatePublicShareResponse, req *link.UpdatePublicShareRequest, executant *user.User) events.LinkUpdated { return events.LinkUpdated{ - Executant: executant, + Executant: executant.GetId(), ShareID: r.Share.Id, Sharer: r.Share.Creator, ItemID: r.Share.ResourceId, @@ -140,9 +141,9 @@ func LinkUpdated(r *link.UpdatePublicShareResponse, req *link.UpdatePublicShareR } // LinkAccessed converts the response to an event -func LinkAccessed(r *link.GetPublicShareByTokenResponse, executant *user.UserId) events.LinkAccessed { +func LinkAccessed(r *link.GetPublicShareByTokenResponse, executant *user.User) events.LinkAccessed { return events.LinkAccessed{ - Executant: executant, + Executant: executant.GetId(), ShareID: r.Share.Id, Sharer: r.Share.Creator, ItemID: r.Share.ResourceId, @@ -156,9 +157,9 @@ func LinkAccessed(r *link.GetPublicShareByTokenResponse, executant *user.UserId) } // LinkAccessFailed converts the response to an event -func LinkAccessFailed(r *link.GetPublicShareByTokenResponse, req *link.GetPublicShareByTokenRequest, executant *user.UserId) events.LinkAccessFailed { +func LinkAccessFailed(r *link.GetPublicShareByTokenResponse, req *link.GetPublicShareByTokenRequest, executant *user.User) events.LinkAccessFailed { e := events.LinkAccessFailed{ - Executant: executant, + Executant: executant.GetId(), Status: r.Status.Code, Message: r.Status.Message, Timestamp: utils.TSNow(), @@ -172,11 +173,11 @@ func LinkAccessFailed(r *link.GetPublicShareByTokenResponse, req *link.GetPublic } // LinkRemoved converts the response to an event -func LinkRemoved(r *link.RemovePublicShareResponse, req *link.RemovePublicShareRequest, executant *user.UserId) events.LinkRemoved { +func LinkRemoved(r *link.RemovePublicShareResponse, req *link.RemovePublicShareRequest, executant *user.User) events.LinkRemoved { var rid *provider.ResourceId _ = utils.ReadJSONFromOpaque(r.Opaque, "resourceid", &rid) return events.LinkRemoved{ - Executant: executant, + Executant: executant.GetId(), ShareID: req.Ref.GetId(), ShareToken: req.Ref.GetToken(), Timestamp: utils.TSNow(), @@ -185,119 +186,129 @@ func LinkRemoved(r *link.RemovePublicShareResponse, req *link.RemovePublicShareR } // FileTouched converts the response to an event -func FileTouched(r *provider.TouchFileResponse, req *provider.TouchFileRequest, spaceOwner, executant *user.UserId) events.FileTouched { +func FileTouched(r *provider.TouchFileResponse, req *provider.TouchFileRequest, spaceOwner *user.UserId, executant *user.User) events.FileTouched { return events.FileTouched{ - SpaceOwner: spaceOwner, - Executant: executant, - Ref: req.Ref, - Timestamp: utils.TSNow(), + SpaceOwner: spaceOwner, + Executant: executant.GetId(), + Ref: req.Ref, + Timestamp: utils.TSNow(), + ImpersonatingUser: extractImpersonator(executant), } } // FileUploaded converts the response to an event -func FileUploaded(r *provider.InitiateFileUploadResponse, req *provider.InitiateFileUploadRequest, spaceOwner, executant *user.UserId) events.FileUploaded { +func FileUploaded(r *provider.InitiateFileUploadResponse, req *provider.InitiateFileUploadRequest, spaceOwner *user.UserId, executant *user.User) events.FileUploaded { return events.FileUploaded{ - SpaceOwner: spaceOwner, - Executant: executant, - Ref: req.Ref, - Timestamp: utils.TSNow(), + SpaceOwner: spaceOwner, + Executant: executant.GetId(), + Ref: req.Ref, + Timestamp: utils.TSNow(), + ImpersonatingUser: extractImpersonator(executant), } } // FileDownloaded converts the response to an event -func FileDownloaded(r *provider.InitiateFileDownloadResponse, req *provider.InitiateFileDownloadRequest, executant *user.UserId) events.FileDownloaded { +func FileDownloaded(r *provider.InitiateFileDownloadResponse, req *provider.InitiateFileDownloadRequest, executant *user.User) events.FileDownloaded { return events.FileDownloaded{ - Executant: executant, - Ref: req.Ref, - Timestamp: utils.TSNow(), + Executant: executant.GetId(), + Ref: req.Ref, + Timestamp: utils.TSNow(), + ImpersonatingUser: extractImpersonator(executant), } } // FileLocked converts the response to an events -func FileLocked(r *provider.SetLockResponse, req *provider.SetLockRequest, owner, executant *user.UserId) events.FileLocked { +func FileLocked(r *provider.SetLockResponse, req *provider.SetLockRequest, owner *user.UserId, executant *user.User) events.FileLocked { return events.FileLocked{ - Executant: executant, - Ref: req.Ref, - Timestamp: utils.TSNow(), + Executant: executant.GetId(), + Ref: req.Ref, + Timestamp: utils.TSNow(), + ImpersonatingUser: extractImpersonator(executant), } } // FileUnlocked converts the response to an event -func FileUnlocked(r *provider.UnlockResponse, req *provider.UnlockRequest, owner, executant *user.UserId) events.FileUnlocked { +func FileUnlocked(r *provider.UnlockResponse, req *provider.UnlockRequest, owner *user.UserId, executant *user.User) events.FileUnlocked { return events.FileUnlocked{ - Executant: executant, - Ref: req.Ref, - Timestamp: utils.TSNow(), + Executant: executant.GetId(), + Ref: req.Ref, + Timestamp: utils.TSNow(), + ImpersonatingUser: extractImpersonator(executant), } } // ItemTrashed converts the response to an event -func ItemTrashed(r *provider.DeleteResponse, req *provider.DeleteRequest, spaceOwner, executant *user.UserId) events.ItemTrashed { +func ItemTrashed(r *provider.DeleteResponse, req *provider.DeleteRequest, spaceOwner *user.UserId, executant *user.User) events.ItemTrashed { opaqueID := utils.ReadPlainFromOpaque(r.Opaque, "opaque_id") return events.ItemTrashed{ SpaceOwner: spaceOwner, - Executant: executant, + Executant: executant.GetId(), Ref: req.Ref, ID: &provider.ResourceId{ StorageId: req.Ref.GetResourceId().GetStorageId(), SpaceId: req.Ref.GetResourceId().GetSpaceId(), OpaqueId: opaqueID, }, - Timestamp: utils.TSNow(), + Timestamp: utils.TSNow(), + ImpersonatingUser: extractImpersonator(executant), } } // ItemMoved converts the response to an event -func ItemMoved(r *provider.MoveResponse, req *provider.MoveRequest, spaceOwner, executant *user.UserId) events.ItemMoved { +func ItemMoved(r *provider.MoveResponse, req *provider.MoveRequest, spaceOwner *user.UserId, executant *user.User) events.ItemMoved { return events.ItemMoved{ - SpaceOwner: spaceOwner, - Executant: executant, - Ref: req.Destination, - OldReference: req.Source, - Timestamp: utils.TSNow(), + SpaceOwner: spaceOwner, + Executant: executant.GetId(), + Ref: req.Destination, + OldReference: req.Source, + Timestamp: utils.TSNow(), + ImpersonatingUser: extractImpersonator(executant), } } // ItemPurged converts the response to an event -func ItemPurged(r *provider.PurgeRecycleResponse, req *provider.PurgeRecycleRequest, executant *user.UserId) events.ItemPurged { +func ItemPurged(r *provider.PurgeRecycleResponse, req *provider.PurgeRecycleRequest, executant *user.User) events.ItemPurged { return events.ItemPurged{ - Executant: executant, - Ref: req.Ref, - Timestamp: utils.TSNow(), + Executant: executant.GetId(), + Ref: req.Ref, + Timestamp: utils.TSNow(), + ImpersonatingUser: extractImpersonator(executant), } } // ItemRestored converts the response to an event -func ItemRestored(r *provider.RestoreRecycleItemResponse, req *provider.RestoreRecycleItemRequest, spaceOwner, executant *user.UserId) events.ItemRestored { +func ItemRestored(r *provider.RestoreRecycleItemResponse, req *provider.RestoreRecycleItemRequest, spaceOwner *user.UserId, executant *user.User) events.ItemRestored { ref := req.Ref if req.RestoreRef != nil { ref = req.RestoreRef } return events.ItemRestored{ - SpaceOwner: spaceOwner, - Executant: executant, - Ref: ref, - OldReference: req.Ref, - Key: req.Key, - Timestamp: utils.TSNow(), + SpaceOwner: spaceOwner, + Executant: executant.GetId(), + Ref: ref, + OldReference: req.Ref, + Key: req.Key, + Timestamp: utils.TSNow(), + ImpersonatingUser: extractImpersonator(executant), } } // FileVersionRestored converts the response to an event -func FileVersionRestored(r *provider.RestoreFileVersionResponse, req *provider.RestoreFileVersionRequest, spaceOwner, executant *user.UserId) events.FileVersionRestored { +func FileVersionRestored(r *provider.RestoreFileVersionResponse, req *provider.RestoreFileVersionRequest, spaceOwner *user.UserId, executant *user.User) events.FileVersionRestored { return events.FileVersionRestored{ - SpaceOwner: spaceOwner, - Executant: executant, - Ref: req.Ref, - Key: req.Key, - Timestamp: utils.TSNow(), + SpaceOwner: spaceOwner, + Executant: executant.GetId(), + Ref: req.Ref, + Key: req.Key, + Timestamp: utils.TSNow(), + ImpersonatingUser: extractImpersonator(executant), } } // SpaceCreated converts the response to an event -func SpaceCreated(r *provider.CreateStorageSpaceResponse, executant *user.UserId) events.SpaceCreated { +func SpaceCreated(r *provider.CreateStorageSpaceResponse, executant *user.User) events.SpaceCreated { return events.SpaceCreated{ - Executant: executant, + Executant: executant.GetId(), ID: r.StorageSpace.Id, Owner: extractOwner(r.StorageSpace.Owner), Root: r.StorageSpace.Root, @@ -309,9 +320,9 @@ func SpaceCreated(r *provider.CreateStorageSpaceResponse, executant *user.UserId } // SpaceRenamed converts the response to an event -func SpaceRenamed(r *provider.UpdateStorageSpaceResponse, req *provider.UpdateStorageSpaceRequest, executant *user.UserId) events.SpaceRenamed { +func SpaceRenamed(r *provider.UpdateStorageSpaceResponse, req *provider.UpdateStorageSpaceRequest, executant *user.User) events.SpaceRenamed { return events.SpaceRenamed{ - Executant: executant, + Executant: executant.GetId(), ID: r.StorageSpace.Id, Owner: extractOwner(r.StorageSpace.Owner), Name: r.StorageSpace.Name, @@ -320,9 +331,9 @@ func SpaceRenamed(r *provider.UpdateStorageSpaceResponse, req *provider.UpdateSt } // SpaceUpdated converts the response to an event -func SpaceUpdated(r *provider.UpdateStorageSpaceResponse, req *provider.UpdateStorageSpaceRequest, executant *user.UserId) events.SpaceUpdated { +func SpaceUpdated(r *provider.UpdateStorageSpaceResponse, req *provider.UpdateStorageSpaceRequest, executant *user.User) events.SpaceUpdated { return events.SpaceUpdated{ - Executant: executant, + Executant: executant.GetId(), ID: r.StorageSpace.Id, Space: r.StorageSpace, Timestamp: utils.TSNow(), @@ -330,9 +341,9 @@ func SpaceUpdated(r *provider.UpdateStorageSpaceResponse, req *provider.UpdateSt } // SpaceEnabled converts the response to an event -func SpaceEnabled(r *provider.UpdateStorageSpaceResponse, req *provider.UpdateStorageSpaceRequest, executant *user.UserId) events.SpaceEnabled { +func SpaceEnabled(r *provider.UpdateStorageSpaceResponse, req *provider.UpdateStorageSpaceRequest, executant *user.User) events.SpaceEnabled { return events.SpaceEnabled{ - Executant: executant, + Executant: executant.GetId(), ID: r.StorageSpace.Id, Owner: extractOwner(r.StorageSpace.Owner), Timestamp: utils.TSNow(), @@ -341,10 +352,10 @@ func SpaceEnabled(r *provider.UpdateStorageSpaceResponse, req *provider.UpdateSt // SpaceShared converts the response to an event // func SpaceShared(req *provider.AddGrantRequest, executant, sharer *user.UserId, grantee *provider.Grantee) events.SpaceShared { -func SpaceShared(r *provider.AddGrantResponse, req *provider.AddGrantRequest, executant *user.UserId) events.SpaceShared { +func SpaceShared(r *provider.AddGrantResponse, req *provider.AddGrantRequest, executant *user.User) events.SpaceShared { id := storagespace.FormatStorageID(req.Ref.ResourceId.StorageId, req.Ref.ResourceId.SpaceId) return events.SpaceShared{ - Executant: executant, + Executant: executant.GetId(), Creator: req.Grant.Creator, GranteeUserID: req.Grant.GetGrantee().GetUserId(), GranteeGroupID: req.Grant.GetGrantee().GetGroupId(), @@ -354,10 +365,10 @@ func SpaceShared(r *provider.AddGrantResponse, req *provider.AddGrantRequest, ex } // SpaceShareUpdated converts the response to an events -func SpaceShareUpdated(r *provider.UpdateGrantResponse, req *provider.UpdateGrantRequest, executant *user.UserId) events.SpaceShareUpdated { +func SpaceShareUpdated(r *provider.UpdateGrantResponse, req *provider.UpdateGrantRequest, executant *user.User) events.SpaceShareUpdated { id := storagespace.FormatStorageID(req.Ref.ResourceId.StorageId, req.Ref.ResourceId.SpaceId) return events.SpaceShareUpdated{ - Executant: executant, + Executant: executant.GetId(), GranteeUserID: req.Grant.GetGrantee().GetUserId(), GranteeGroupID: req.Grant.GetGrantee().GetGroupId(), ID: &provider.StorageSpaceId{OpaqueId: id}, @@ -366,10 +377,10 @@ func SpaceShareUpdated(r *provider.UpdateGrantResponse, req *provider.UpdateGran } // SpaceUnshared converts the response to an event -func SpaceUnshared(r *provider.RemoveGrantResponse, req *provider.RemoveGrantRequest, executant *user.UserId) events.SpaceUnshared { +func SpaceUnshared(r *provider.RemoveGrantResponse, req *provider.RemoveGrantRequest, executant *user.User) events.SpaceUnshared { id := storagespace.FormatStorageID(req.Ref.ResourceId.StorageId, req.Ref.ResourceId.SpaceId) return events.SpaceUnshared{ - Executant: executant, + Executant: executant.GetId(), GranteeUserID: req.Grant.GetGrantee().GetUserId(), GranteeGroupID: req.Grant.GetGrantee().GetGroupId(), ID: &provider.StorageSpaceId{OpaqueId: id}, @@ -378,20 +389,20 @@ func SpaceUnshared(r *provider.RemoveGrantResponse, req *provider.RemoveGrantReq } // SpaceDisabled converts the response to an event -func SpaceDisabled(r *provider.DeleteStorageSpaceResponse, req *provider.DeleteStorageSpaceRequest, executant *user.UserId) events.SpaceDisabled { +func SpaceDisabled(r *provider.DeleteStorageSpaceResponse, req *provider.DeleteStorageSpaceRequest, executant *user.User) events.SpaceDisabled { return events.SpaceDisabled{ - Executant: executant, + Executant: executant.GetId(), ID: req.Id, Timestamp: time.Now(), } } // SpaceDeleted converts the response to an event -func SpaceDeleted(r *provider.DeleteStorageSpaceResponse, req *provider.DeleteStorageSpaceRequest, executant *user.UserId) events.SpaceDeleted { +func SpaceDeleted(r *provider.DeleteStorageSpaceResponse, req *provider.DeleteStorageSpaceRequest, executant *user.User) events.SpaceDeleted { var final map[string]provider.ResourcePermissions _ = utils.ReadJSONFromOpaque(r.GetOpaque(), "grants", &final) return events.SpaceDeleted{ - Executant: executant, + Executant: executant.GetId(), ID: req.Id, SpaceName: utils.ReadPlainFromOpaque(r.GetOpaque(), "spacename"), FinalMembers: final, @@ -405,3 +416,11 @@ func extractOwner(u *user.User) *user.UserId { } return nil } + +func extractImpersonator(u *user.User) *user.User { + var impersonator user.User + if err := utils.ReadJSONFromOpaque(u.Opaque, "impersonating-user", &impersonator); err != nil { + return nil + } + return &impersonator +} diff --git a/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/eventsmiddleware/events.go b/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/eventsmiddleware/events.go index ca4086bfb29..961cd42920c 100644 --- a/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/eventsmiddleware/events.go +++ b/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/eventsmiddleware/events.go @@ -73,47 +73,43 @@ func NewUnary(m map[string]interface{}) (grpc.UnaryServerInterceptor, int, error default: } - var executantID *user.UserId - u, ok := revactx.ContextGetUser(ctx) - if ok { - executantID = u.Id - } + executant, _ := revactx.ContextGetUser(ctx) var ev interface{} switch v := res.(type) { case *collaboration.CreateShareResponse: if isSuccess(v) { - ev = ShareCreated(v, executantID) + ev = ShareCreated(v, executant) } case *collaboration.RemoveShareResponse: if isSuccess(v) { - ev = ShareRemoved(v, req.(*collaboration.RemoveShareRequest), executantID) + ev = ShareRemoved(v, req.(*collaboration.RemoveShareRequest), executant) } case *collaboration.UpdateShareResponse: if isSuccess(v) { - ev = ShareUpdated(v, req.(*collaboration.UpdateShareRequest), executantID) + ev = ShareUpdated(v, req.(*collaboration.UpdateShareRequest), executant) } case *collaboration.UpdateReceivedShareResponse: if isSuccess(v) { - ev = ReceivedShareUpdated(v, executantID) + ev = ReceivedShareUpdated(v, executant) } case *link.CreatePublicShareResponse: if isSuccess(v) { - ev = LinkCreated(v, executantID) + ev = LinkCreated(v, executant) } case *link.UpdatePublicShareResponse: if isSuccess(v) { - ev = LinkUpdated(v, req.(*link.UpdatePublicShareRequest), executantID) + ev = LinkUpdated(v, req.(*link.UpdatePublicShareRequest), executant) } case *link.RemovePublicShareResponse: if isSuccess(v) { - ev = LinkRemoved(v, req.(*link.RemovePublicShareRequest), executantID) + ev = LinkRemoved(v, req.(*link.RemovePublicShareRequest), executant) } case *link.GetPublicShareByTokenResponse: if isSuccess(v) { - ev = LinkAccessed(v, executantID) + ev = LinkAccessed(v, executant) } else { - ev = LinkAccessFailed(v, req.(*link.GetPublicShareByTokenRequest), executantID) + ev = LinkAccessFailed(v, req.(*link.GetPublicShareByTokenRequest), executant) } case *provider.AddGrantResponse: // TODO: update CS3 APIs @@ -121,81 +117,81 @@ func NewUnary(m map[string]interface{}) (grpc.UnaryServerInterceptor, int, error // https://github.com/owncloud/ocis/issues/4312 r := req.(*provider.AddGrantRequest) if isSuccess(v) && utils.ExistsInOpaque(r.Opaque, "spacegrant") { - ev = SpaceShared(v, r, executantID) + ev = SpaceShared(v, r, executant) } case *provider.UpdateGrantResponse: r := req.(*provider.UpdateGrantRequest) if isSuccess(v) && utils.ExistsInOpaque(r.Opaque, "spacegrant") { - ev = SpaceShareUpdated(v, r, executantID) + ev = SpaceShareUpdated(v, r, executant) } case *provider.RemoveGrantResponse: r := req.(*provider.RemoveGrantRequest) if isSuccess(v) && utils.ExistsInOpaque(r.Opaque, "spacegrant") { - ev = SpaceUnshared(v, req.(*provider.RemoveGrantRequest), executantID) + ev = SpaceUnshared(v, req.(*provider.RemoveGrantRequest), executant) } case *provider.CreateContainerResponse: if isSuccess(v) { - ev = ContainerCreated(v, req.(*provider.CreateContainerRequest), ownerID, executantID) + ev = ContainerCreated(v, req.(*provider.CreateContainerRequest), ownerID, executant) } case *provider.InitiateFileDownloadResponse: if isSuccess(v) { - ev = FileDownloaded(v, req.(*provider.InitiateFileDownloadRequest), executantID) + ev = FileDownloaded(v, req.(*provider.InitiateFileDownloadRequest), executant) } case *provider.DeleteResponse: if isSuccess(v) { - ev = ItemTrashed(v, req.(*provider.DeleteRequest), ownerID, executantID) + ev = ItemTrashed(v, req.(*provider.DeleteRequest), ownerID, executant) } case *provider.MoveResponse: if isSuccess(v) { - ev = ItemMoved(v, req.(*provider.MoveRequest), ownerID, executantID) + ev = ItemMoved(v, req.(*provider.MoveRequest), ownerID, executant) } case *provider.PurgeRecycleResponse: if isSuccess(v) { - ev = ItemPurged(v, req.(*provider.PurgeRecycleRequest), executantID) + ev = ItemPurged(v, req.(*provider.PurgeRecycleRequest), executant) } case *provider.RestoreRecycleItemResponse: if isSuccess(v) { - ev = ItemRestored(v, req.(*provider.RestoreRecycleItemRequest), ownerID, executantID) + ev = ItemRestored(v, req.(*provider.RestoreRecycleItemRequest), ownerID, executant) } case *provider.RestoreFileVersionResponse: if isSuccess(v) { - ev = FileVersionRestored(v, req.(*provider.RestoreFileVersionRequest), ownerID, executantID) + ev = FileVersionRestored(v, req.(*provider.RestoreFileVersionRequest), ownerID, executant) } case *provider.CreateStorageSpaceResponse: if isSuccess(v) && v.StorageSpace != nil { // TODO: Why are there CreateStorageSpaceResponses with nil StorageSpace? - ev = SpaceCreated(v, executantID) + ev = SpaceCreated(v, executant) } case *provider.UpdateStorageSpaceResponse: if isSuccess(v) { r := req.(*provider.UpdateStorageSpaceRequest) if r.StorageSpace.Name != "" { - ev = SpaceRenamed(v, r, executantID) + ev = SpaceRenamed(v, r, executant) } else if utils.ExistsInOpaque(r.Opaque, "restore") { - ev = SpaceEnabled(v, r, executantID) + ev = SpaceEnabled(v, r, executant) } else { - ev = SpaceUpdated(v, r, executantID) + ev = SpaceUpdated(v, r, executant) } } case *provider.DeleteStorageSpaceResponse: if isSuccess(v) { r := req.(*provider.DeleteStorageSpaceRequest) if utils.ExistsInOpaque(r.Opaque, "purge") { - ev = SpaceDeleted(v, r, executantID) + ev = SpaceDeleted(v, r, executant) } else { - ev = SpaceDisabled(v, r, executantID) + ev = SpaceDisabled(v, r, executant) } } case *provider.TouchFileResponse: if isSuccess(v) { - ev = FileTouched(v, req.(*provider.TouchFileRequest), ownerID, executantID) + ev = FileTouched(v, req.(*provider.TouchFileRequest), ownerID, executant) } case *provider.SetLockResponse: if isSuccess(v) { - ev = FileLocked(v, req.(*provider.SetLockRequest), ownerID, executantID) + ev = FileLocked(v, req.(*provider.SetLockRequest), ownerID, executant) } case *provider.UnlockResponse: if isSuccess(v) { - ev = FileUnlocked(v, req.(*provider.UnlockRequest), ownerID, executantID) + ev = FileUnlocked(v, req.(*provider.UnlockRequest), ownerID, executant) } } diff --git a/vendor/github.com/cs3org/reva/v2/internal/http/services/appprovider/appprovider.go b/vendor/github.com/cs3org/reva/v2/internal/http/services/appprovider/appprovider.go index bf7154e5866..75d9e7ac9c6 100644 --- a/vendor/github.com/cs3org/reva/v2/internal/http/services/appprovider/appprovider.go +++ b/vendor/github.com/cs3org/reva/v2/internal/http/services/appprovider/appprovider.go @@ -251,8 +251,17 @@ func (s *svc) handleNew(w http.ResponseWriter, r *http.Request) { return } if createRes.Status.Code != rpc.Code_CODE_OK { - writeError(w, r, appErrorServerError, "error calling InitiateFileUpload", nil) - return + switch createRes.Status.Code { + case rpc.Code_CODE_PERMISSION_DENIED: + writeError(w, r, appErrorPermissionDenied, "permission denied to create the file", nil) + return + case rpc.Code_CODE_NOT_FOUND: + writeError(w, r, appErrorNotFound, "parent container does not exist", nil) + return + default: + writeError(w, r, appErrorServerError, "error calling InitiateFileUpload", nil) + return + } } // Do a HTTP PUT with an empty body diff --git a/vendor/github.com/cs3org/reva/v2/pkg/auth/manager/ocmshares/ocmshares.go b/vendor/github.com/cs3org/reva/v2/pkg/auth/manager/ocmshares/ocmshares.go index 2cd14b9a249..80dc2279f5c 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/auth/manager/ocmshares/ocmshares.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/auth/manager/ocmshares/ocmshares.go @@ -159,6 +159,8 @@ func (m *manager) Authenticate(ctx context.Context, ocmshare, sharedSecret strin }, } + user.Opaque = utils.AppendJSONToOpaque(user.Opaque, "impersonating-user", userRes.RemoteUser) + return user, scope, nil } diff --git a/vendor/github.com/cs3org/reva/v2/pkg/auth/manager/publicshares/publicshares.go b/vendor/github.com/cs3org/reva/v2/pkg/auth/manager/publicshares/publicshares.go index d7a513362d5..c47f80a896e 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/auth/manager/publicshares/publicshares.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/auth/manager/publicshares/publicshares.go @@ -25,7 +25,6 @@ import ( authpb "github.com/cs3org/go-cs3apis/cs3/auth/provider/v1beta1" user "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" - userprovider "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" rpcv1beta1 "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1" link "github.com/cs3org/go-cs3apis/cs3/sharing/link/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" @@ -34,6 +33,7 @@ import ( "github.com/cs3org/reva/v2/pkg/auth/scope" "github.com/cs3org/reva/v2/pkg/errtypes" "github.com/cs3org/reva/v2/pkg/rgrpc/todo/pool" + "github.com/cs3org/reva/v2/pkg/utils" "github.com/mitchellh/mapstructure" "github.com/pkg/errors" ) @@ -132,7 +132,7 @@ func (m *manager) Authenticate(ctx context.Context, token, secret string) (*user if publicShareResponse.GetShare().GetOwner().GetType() == 8 { owner = &user.User{Id: publicShareResponse.GetShare().GetOwner(), DisplayName: "Public", Username: "public"} } else { - getUserResponse, err := gwConn.GetUser(ctx, &userprovider.GetUserRequest{ + getUserResponse, err := gwConn.GetUser(ctx, &user.GetUserRequest{ UserId: publicShareResponse.GetShare().GetCreator(), }) switch { @@ -173,6 +173,9 @@ func (m *manager) Authenticate(ctx context.Context, token, secret string) (*user }, } + u := &user.User{Id: &user.UserId{OpaqueId: token, Idp: "public", Type: user.UserType_USER_TYPE_GUEST}, DisplayName: "Public", Username: "public"} + owner.Opaque = utils.AppendJSONToOpaque(owner.Opaque, "impersonating-user", u) + return owner, scope, nil } diff --git a/vendor/github.com/cs3org/reva/v2/pkg/events/files.go b/vendor/github.com/cs3org/reva/v2/pkg/events/files.go index e4b1017fd23..0fb60d563d5 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/events/files.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/events/files.go @@ -28,11 +28,12 @@ import ( // ContainerCreated is emitted when a directory has been created type ContainerCreated struct { - SpaceOwner *user.UserId - Executant *user.UserId - Ref *provider.Reference - Owner *user.UserId - Timestamp *types.Timestamp + SpaceOwner *user.UserId + Executant *user.UserId + Ref *provider.Reference + Owner *user.UserId + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -44,11 +45,12 @@ func (ContainerCreated) Unmarshal(v []byte) (interface{}, error) { // FileUploaded is emitted when a file is uploaded type FileUploaded struct { - SpaceOwner *user.UserId - Executant *user.UserId - Ref *provider.Reference - Owner *user.UserId - Timestamp *types.Timestamp + SpaceOwner *user.UserId + Executant *user.UserId + Ref *provider.Reference + Owner *user.UserId + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -60,10 +62,11 @@ func (FileUploaded) Unmarshal(v []byte) (interface{}, error) { // FileTouched is emitted when a file is uploaded type FileTouched struct { - SpaceOwner *user.UserId - Executant *user.UserId - Ref *provider.Reference - Timestamp *types.Timestamp + SpaceOwner *user.UserId + Executant *user.UserId + Ref *provider.Reference + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -75,10 +78,11 @@ func (FileTouched) Unmarshal(v []byte) (interface{}, error) { // FileDownloaded is emitted when a file is downloaded type FileDownloaded struct { - Executant *user.UserId - Ref *provider.Reference - Owner *user.UserId - Timestamp *types.Timestamp + Executant *user.UserId + Ref *provider.Reference + Owner *user.UserId + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -90,10 +94,11 @@ func (FileDownloaded) Unmarshal(v []byte) (interface{}, error) { // FileLocked is emitted when a file is locked type FileLocked struct { - Executant *user.UserId - Ref *provider.Reference - Owner *user.UserId - Timestamp *types.Timestamp + Executant *user.UserId + Ref *provider.Reference + Owner *user.UserId + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -105,10 +110,11 @@ func (FileLocked) Unmarshal(v []byte) (interface{}, error) { // FileUnlocked is emitted when a file is unlocked type FileUnlocked struct { - Executant *user.UserId - Ref *provider.Reference - Owner *user.UserId - Timestamp *types.Timestamp + Executant *user.UserId + Ref *provider.Reference + Owner *user.UserId + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -120,12 +126,13 @@ func (FileUnlocked) Unmarshal(v []byte) (interface{}, error) { // ItemTrashed is emitted when a file or folder is trashed type ItemTrashed struct { - SpaceOwner *user.UserId - Executant *user.UserId - ID *provider.ResourceId - Ref *provider.Reference - Owner *user.UserId - Timestamp *types.Timestamp + SpaceOwner *user.UserId + Executant *user.UserId + ID *provider.ResourceId + Ref *provider.Reference + Owner *user.UserId + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -137,12 +144,13 @@ func (ItemTrashed) Unmarshal(v []byte) (interface{}, error) { // ItemMoved is emitted when a file or folder is moved type ItemMoved struct { - SpaceOwner *user.UserId - Executant *user.UserId - Ref *provider.Reference - Owner *user.UserId - OldReference *provider.Reference - Timestamp *types.Timestamp + SpaceOwner *user.UserId + Executant *user.UserId + Ref *provider.Reference + Owner *user.UserId + OldReference *provider.Reference + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -154,11 +162,12 @@ func (ItemMoved) Unmarshal(v []byte) (interface{}, error) { // ItemPurged is emitted when a file or folder is removed from trashbin type ItemPurged struct { - Executant *user.UserId - ID *provider.ResourceId - Ref *provider.Reference - Owner *user.UserId - Timestamp *types.Timestamp + Executant *user.UserId + ID *provider.ResourceId + Ref *provider.Reference + Owner *user.UserId + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -170,14 +179,15 @@ func (ItemPurged) Unmarshal(v []byte) (interface{}, error) { // ItemRestored is emitted when a file or folder is restored from trashbin type ItemRestored struct { - SpaceOwner *user.UserId - Executant *user.UserId - ID *provider.ResourceId - Ref *provider.Reference - Owner *user.UserId - OldReference *provider.Reference - Key string - Timestamp *types.Timestamp + SpaceOwner *user.UserId + Executant *user.UserId + ID *provider.ResourceId + Ref *provider.Reference + Owner *user.UserId + OldReference *provider.Reference + Key string + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -189,12 +199,13 @@ func (ItemRestored) Unmarshal(v []byte) (interface{}, error) { // FileVersionRestored is emitted when a file version is restored type FileVersionRestored struct { - SpaceOwner *user.UserId - Executant *user.UserId - Ref *provider.Reference - Owner *user.UserId - Key string - Timestamp *types.Timestamp + SpaceOwner *user.UserId + Executant *user.UserId + Ref *provider.Reference + Owner *user.UserId + Key string + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface diff --git a/vendor/github.com/cs3org/reva/v2/pkg/events/postprocessing.go b/vendor/github.com/cs3org/reva/v2/pkg/events/postprocessing.go index c28b8cc5a50..3921095eb06 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/events/postprocessing.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/events/postprocessing.go @@ -57,14 +57,15 @@ var ( // BytesReceived is emitted by the server when it received all bytes of an upload type BytesReceived struct { - UploadID string - SpaceOwner *user.UserId - ExecutingUser *user.User - ResourceID *provider.ResourceId - Filename string - Filesize uint64 - URL string - Timestamp *types.Timestamp + UploadID string + SpaceOwner *user.UserId + ExecutingUser *user.User + ResourceID *provider.ResourceId + Filename string + Filesize uint64 + URL string + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -85,8 +86,9 @@ type StartPostprocessingStep struct { ResourceID *provider.ResourceId // for file retrieval in after upload case RevaToken string // for file retrieval in after upload case - StepToStart Postprocessingstep - Timestamp *types.Timestamp + StepToStart Postprocessingstep + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -141,13 +143,14 @@ type VirusscanResult struct { // PostprocessingFinished is emitted by *some* service which can decide that type PostprocessingFinished struct { - UploadID string - Filename string - SpaceOwner *user.UserId - ExecutingUser *user.User - Result map[Postprocessingstep]interface{} // it is a map[step]Event - Outcome PostprocessingOutcome - Timestamp *types.Timestamp + UploadID string + Filename string + SpaceOwner *user.UserId + ExecutingUser *user.User + Result map[Postprocessingstep]interface{} // it is a map[step]Event + Outcome PostprocessingOutcome + Timestamp *types.Timestamp + ImpersonatingUser *user.User } // Unmarshal to fulfill umarshaller interface @@ -175,14 +178,15 @@ func (PostprocessingRetry) Unmarshal(v []byte) (interface{}, error) { // UploadReady is emitted by the storage provider when postprocessing is finished type UploadReady struct { - UploadID string - Filename string - SpaceOwner *user.UserId - ExecutingUser *user.User - FileRef *provider.Reference - Timestamp *types.Timestamp - Failed bool - IsVersion bool + UploadID string + Filename string + SpaceOwner *user.UserId + ExecutingUser *user.User + ImpersonatingUser *user.User + FileRef *provider.Reference + Timestamp *types.Timestamp + Failed bool + IsVersion bool // add reference here? We could use it to inform client pp is finished } diff --git a/vendor/github.com/cs3org/reva/v2/pkg/mime/mime.go b/vendor/github.com/cs3org/reva/v2/pkg/mime/mime.go index a6feda944fd..74207c01371 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/mime/mime.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/mime/mime.go @@ -1054,6 +1054,7 @@ var mimeTypes = map[string]string{ "wmz": "application/x-msmetafile", "woff": "font/woff", "woff2": "font/woff2", + "wopitest": "text/plain", // The dummy extension for the WOPI validator https://learn.microsoft.com/en-us/microsoft-365/cloud-storage-partner-program/online/build-test-ship/validator "wpd": "application/vnd.wordperfect", "wpl": "application/vnd.ms-wpl", "wps": "application/vnd.ms-works", diff --git a/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/decomposedfs.go b/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/decomposedfs.go index 1456f3574a4..fdd9557c489 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/decomposedfs.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/decomposedfs.go @@ -382,9 +382,10 @@ func (fs *Decomposedfs) Postprocessing(ch <-chan events.Event) { }, Path: utils.MakeRelativePath(filepath.Join(session.Dir(), session.Filename())), }, - Timestamp: utils.TimeToTS(now), - SpaceOwner: n.SpaceOwnerOrManager(ctx), - IsVersion: isVersion, + Timestamp: utils.TimeToTS(now), + SpaceOwner: n.SpaceOwnerOrManager(ctx), + IsVersion: isVersion, + ImpersonatingUser: ev.ImpersonatingUser, }, ); err != nil { sublog.Error().Err(err).Msg("Failed to publish UploadReady event") diff --git a/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/session.go b/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/session.go index 60adc4cf3a1..a83d5f46b55 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/session.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/session.go @@ -32,6 +32,7 @@ import ( userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" + typespb "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" "github.com/cs3org/reva/v2/pkg/appctx" ctxpkg "github.com/cs3org/reva/v2/pkg/ctx" "github.com/cs3org/reva/v2/pkg/logger" @@ -64,13 +65,17 @@ func (s *OcisSession) lockID() string { return s.info.MetaData["lockid"] } func (s *OcisSession) executantUser() *userpb.User { + var o *typespb.Opaque + _ = json.Unmarshal([]byte(s.info.Storage["UserOpaque"]), &o) return &userpb.User{ Id: &userpb.UserId{ Type: userpb.UserType(userpb.UserType_value[s.info.Storage["UserType"]]), Idp: s.info.Storage["Idp"], OpaqueId: s.info.Storage["UserId"], }, - Username: s.info.Storage["UserName"], + Username: s.info.Storage["UserName"], + DisplayName: s.info.Storage["UserDisplayName"], + Opaque: o, } } @@ -277,6 +282,10 @@ func (s *OcisSession) SetExecutant(u *userpb.User) { s.info.Storage["UserId"] = u.GetId().GetOpaqueId() s.info.Storage["UserType"] = utils.UserTypeToString(u.GetId().Type) s.info.Storage["UserName"] = u.GetUsername() + s.info.Storage["UserDisplayName"] = u.GetDisplayName() + + b, _ := json.Marshal(u.GetOpaque()) + s.info.Storage["UserOpaque"] = string(b) } // Offset returns the current upload offset diff --git a/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/upload.go b/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/upload.go index 4a3bfc61c22..ae56604290f 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/upload.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/upload.go @@ -30,6 +30,7 @@ import ( "strings" "time" + userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" "github.com/cs3org/reva/v2/pkg/appctx" ctxpkg "github.com/cs3org/reva/v2/pkg/ctx" @@ -38,6 +39,7 @@ import ( "github.com/cs3org/reva/v2/pkg/rhttp/datatx/metrics" "github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/metadata/prefixes" "github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node" + "github.com/cs3org/reva/v2/pkg/utils" "github.com/golang-jwt/jwt" "github.com/pkg/errors" tusd "github.com/tus/tusd/v2/pkg/handler" @@ -178,14 +180,23 @@ func (session *OcisSession) FinishUpload(ctx context.Context) error { return err } + var iu *userpb.User + if utils.ExistsInOpaque(u.Opaque, "impersonating-user") { + iu = &userpb.User{} + if err := utils.ReadJSONFromOpaque(u.Opaque, "impersonating-user", iu); err != nil { + return err + } + } + if err := events.Publish(ctx, session.store.pub, events.BytesReceived{ - UploadID: session.ID(), - URL: s, - SpaceOwner: n.SpaceOwnerOrManager(session.Context(ctx)), - ExecutingUser: u, - ResourceID: &provider.ResourceId{SpaceId: n.SpaceID, OpaqueId: n.ID}, - Filename: session.Filename(), - Filesize: uint64(session.Size()), + UploadID: session.ID(), + URL: s, + SpaceOwner: n.SpaceOwnerOrManager(session.Context(ctx)), + ExecutingUser: u, + ResourceID: &provider.ResourceId{SpaceId: n.SpaceID, OpaqueId: n.ID}, + Filename: session.Filename(), + Filesize: uint64(session.Size()), + ImpersonatingUser: iu, }); err != nil { return err } diff --git a/vendor/modules.txt b/vendor/modules.txt index e065f58bbe6..210b6550242 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -367,7 +367,7 @@ github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1 github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1 github.com/cs3org/go-cs3apis/cs3/tx/v1beta1 github.com/cs3org/go-cs3apis/cs3/types/v1beta1 -# github.com/cs3org/reva/v2 v2.24.2-0.20240919151635-556263192484 +# github.com/cs3org/reva/v2 v2.24.2-0.20240924091626-9635c6d8234e ## explicit; go 1.21 github.com/cs3org/reva/v2/cmd/revad/internal/grace github.com/cs3org/reva/v2/cmd/revad/runtime From 41124c6df1487ec957b673eb905b24a0cab015a5 Mon Sep 17 00:00:00 2001 From: Viktor Scharf Date: Tue, 24 Sep 2024 12:41:44 +0200 Subject: [PATCH 2/3] fix tests --- .../features/apiCollaboration/wopi.feature | 37 +++++++++---------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/tests/acceptance/features/apiCollaboration/wopi.feature b/tests/acceptance/features/apiCollaboration/wopi.feature index 79e9263f81d..94fb67e80c0 100644 --- a/tests/acceptance/features/apiCollaboration/wopi.feature +++ b/tests/acceptance/features/apiCollaboration/wopi.feature @@ -618,8 +618,7 @@ Feature: collaboration (wopi) | shareType | user | | permissionsRole | Viewer | When user "Brian" tries to create a file "testFile.txt" inside folder "testFolder" in space "Shares" using wopi endpoint - Then the HTTP status code should be "500" - And the JSON data of the response should match + Then the HTTP status code should be "403" """ { "type": "object", @@ -629,10 +628,10 @@ Feature: collaboration (wopi) ], "properties": { "code": { - "const": "SERVER_ERROR" + "const": "PERMISSION_DENIED" }, "message": { - "const": "error calling InitiateFileUpload" + "const": "permission denied to create the file" } } } @@ -715,7 +714,7 @@ Feature: collaboration (wopi) | shareType | user | | permissionsRole | Space Viewer | When user "Brian" tries to create a file "testFile.txt" inside folder "testFolder" in space "new-space" using wopi endpoint - Then the HTTP status code should be "500" + Then the HTTP status code should be "403" And the JSON data of the response should match """ { @@ -726,10 +725,10 @@ Feature: collaboration (wopi) ], "properties": { "code": { - "const": "SERVER_ERROR" + "const": "PERMISSION_DENIED" }, "message": { - "const": "error calling InitiateFileUpload" + "const": "permission denied to create the file" } } } @@ -836,7 +835,7 @@ Feature: collaboration (wopi) | shareType | user | | permissionsRole | Space Viewer | When user "Brian" tries to create a file "simple.odt" inside folder "testFolder" in space "new-space" using wopi endpoint - Then the HTTP status code should be "500" + Then the HTTP status code should be "403" And the JSON data of the response should match """ { @@ -847,10 +846,10 @@ Feature: collaboration (wopi) ], "properties": { "code": { - "const": "SERVER_ERROR" + "const": "PERMISSION_DENIED" }, "message": { - "const": "error calling InitiateFileUpload" + "const": "permission denied to create the file" } } } @@ -903,7 +902,7 @@ Feature: collaboration (wopi) | shareType | user | | permissionsRole | Viewer | When user "Brian" tries to create a file "simple.odt" inside folder "testFolder" in space "Shares" using wopi endpoint - Then the HTTP status code should be "500" + Then the HTTP status code should be "403" And the JSON data of the response should match """ { @@ -914,10 +913,10 @@ Feature: collaboration (wopi) ], "properties": { "code": { - "const": "SERVER_ERROR" + "const": "PERMISSION_DENIED" }, "message": { - "const": "error calling InitiateFileUpload" + "const": "permission denied to create the file" } } } @@ -966,7 +965,7 @@ Feature: collaboration (wopi) | permissionsRole | view | | password | %public% | When the public tries to create a file "simple.odt" inside the last shared public link folder with password "%public%" using wopi endpoint - Then the HTTP status code should be "500" + Then the HTTP status code should be "403" And the JSON data of the response should match """ { @@ -977,10 +976,10 @@ Feature: collaboration (wopi) ], "properties": { "code": { - "const": "SERVER_ERROR" + "const": "PERMISSION_DENIED" }, "message": { - "const": "error calling InitiateFileUpload" + "const": "permission denied to create the file" } } } @@ -1059,7 +1058,7 @@ Feature: collaboration (wopi) | permissionsRole | view | | password | %public% | When the public tries to create a file "simple.odt" inside folder "testFolder" in the last shared public link space with password "%public%" using wopi endpoint - Then the HTTP status code should be "500" + Then the HTTP status code should be "403" And the JSON data of the response should match """ { @@ -1070,10 +1069,10 @@ Feature: collaboration (wopi) ], "properties": { "code": { - "const": "SERVER_ERROR" + "const": "PERMISSION_DENIED" }, "message": { - "const": "error calling InitiateFileUpload" + "const": "permission denied to create the file" } } } From 870846fa62924a1aecf2bf9c526f1d66ca85feae Mon Sep 17 00:00:00 2001 From: Saw-jan Date: Tue, 24 Sep 2024 18:29:43 +0545 Subject: [PATCH 3/3] test: fix activity test expectation --- tests/acceptance/features/apiActivities/activities.feature | 2 +- .../acceptance/features/apiActivities/shareActivities.feature | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/acceptance/features/apiActivities/activities.feature b/tests/acceptance/features/apiActivities/activities.feature index 71ab6550ca6..d2bbeec280c 100644 --- a/tests/acceptance/features/apiActivities/activities.feature +++ b/tests/acceptance/features/apiActivities/activities.feature @@ -76,7 +76,7 @@ Feature: check activities "pattern": "%user_id_pattern%" }, "displayName": { - "const": "Alice" + "const": "Alice Hansen" } } } diff --git a/tests/acceptance/features/apiActivities/shareActivities.feature b/tests/acceptance/features/apiActivities/shareActivities.feature index 9fc5c7ef547..c1022d1b86d 100644 --- a/tests/acceptance/features/apiActivities/shareActivities.feature +++ b/tests/acceptance/features/apiActivities/shareActivities.feature @@ -655,7 +655,7 @@ Feature: check share activity "pattern": "%user_id_pattern%" }, "displayName": { - "const": "Brian" + "const": "Brian Murphy" } } } @@ -715,7 +715,7 @@ Feature: check share activity "pattern": "%user_id_pattern%" }, "displayName": { - "const": "Brian" + "const": "Brian Murphy" } } }