diff --git a/changelog/unreleased/opaque-space-group.md b/changelog/unreleased/opaque-space-group.md new file mode 100644 index 0000000000..80523f8b51 --- /dev/null +++ b/changelog/unreleased/opaque-space-group.md @@ -0,0 +1,5 @@ +Enhancement: Opaque space group + +extend the opaque map to contain an identifier to see if it is a user or group grant. + +https://github.com/cs3org/reva/pull/3574 diff --git a/pkg/storage/utils/decomposedfs/spaces.go b/pkg/storage/utils/decomposedfs/spaces.go index c8812352f2..3c16908fc9 100644 --- a/pkg/storage/utils/decomposedfs/spaces.go +++ b/pkg/storage/utils/decomposedfs/spaces.go @@ -528,7 +528,7 @@ func (fs *Decomposedfs) UpdateStorageSpace(ctx context.Context, req *provider.Up space := req.StorageSpace _, spaceID, _, _ := storagespace.SplitID(space.Id.OpaqueId) - node, err := node.ReadNode(ctx, fs.lu, spaceID, spaceID, true) // permission to read disabled space will be checked later + spaceNode, err := node.ReadNode(ctx, fs.lu, spaceID, spaceID, true) // permission to read disabled space will be checked later if err != nil { return nil, err } @@ -575,7 +575,7 @@ func (fs *Decomposedfs) UpdateStorageSpace(ctx context.Context, req *provider.Up switch { case space.Name != "", mapHasKey(metadata, xattrs.SpaceDescriptionAttr), restore: // these three attributes need manager permissions - err = fs.checkManagerPermission(ctx, node) + err = fs.checkManagerPermission(ctx, spaceNode) if err != nil { if restore { // a disabled space is invisible to non admins @@ -589,7 +589,7 @@ func (fs *Decomposedfs) UpdateStorageSpace(ctx context.Context, req *provider.Up } case mapHasKey(metadata, xattrs.SpaceReadmeAttr), mapHasKey(metadata, xattrs.SpaceAliasAttr), mapHasKey(metadata, xattrs.SpaceImageAttr): // these three attributes need editor permissions - err = fs.checkEditorPermission(ctx, node) + err = fs.checkEditorPermission(ctx, spaceNode) if err != nil { return &provider.UpdateStorageSpaceResponse{ Status: &v1beta11.Status{Code: v1beta11.Code_CODE_PERMISSION_DENIED, Message: err.Error()}, @@ -605,26 +605,26 @@ func (fs *Decomposedfs) UpdateStorageSpace(ctx context.Context, req *provider.Up default: // you may land here when making an update request without changes // check if user has access to the drive before continuing - if err := fs.checkViewerPermission(ctx, node); err != nil { + if err := fs.checkViewerPermission(ctx, spaceNode); err != nil { return &provider.UpdateStorageSpaceResponse{ Status: &v1beta11.Status{Code: v1beta11.Code_CODE_NOT_FOUND}, }, nil } } - err = node.SetXattrs(metadata) + err = spaceNode.SetXattrs(metadata) if err != nil { return nil, err } if restore { - if err := node.SetDTime(nil); err != nil { + if err := spaceNode.SetDTime(nil); err != nil { return nil, err } } // send back the updated data from the storage - updatedSpace, err := fs.storageSpaceFromNode(ctx, node, false) + updatedSpace, err := fs.storageSpaceFromNode(ctx, spaceNode, false) if err != nil { return nil, err } @@ -803,24 +803,33 @@ func (fs *Decomposedfs) storageSpaceFromNode(ctx context.Context, n *node.Node, return nil, err } - m := make(map[string]*provider.ResourcePermissions, len(grants)) + grantMap := make(map[string]*provider.ResourcePermissions, len(grants)) + groupMap := make(map[string]struct{}) for _, g := range grants { var id string switch g.Grantee.Type { case provider.GranteeType_GRANTEE_TYPE_GROUP: id = g.Grantee.GetGroupId().OpaqueId + groupMap[id] = struct{}{} case provider.GranteeType_GRANTEE_TYPE_USER: id = g.Grantee.GetUserId().OpaqueId default: continue } - m[id] = g.Permissions + grantMap[id] = g.Permissions } - marshalled, err := json.Marshal(m) + + grantMapJSON, err := json.Marshal(grantMap) + if err != nil { + return nil, err + } + + groupMapJSON, err := json.Marshal(groupMap) if err != nil { return nil, err } + ssID, err := storagespace.FormatReference( &provider.Reference{ ResourceId: &provider.ResourceId{ @@ -836,7 +845,11 @@ func (fs *Decomposedfs) storageSpaceFromNode(ctx context.Context, n *node.Node, Map: map[string]*types.OpaqueEntry{ "grants": { Decoder: "json", - Value: marshalled, + Value: grantMapJSON, + }, + "groups": { + Decoder: "json", + Value: groupMapJSON, }, }, },