From 3b63a9cd684c313855c93bf6df2a28f9f34ce185 Mon Sep 17 00:00:00 2001 From: Florian Schade Date: Thu, 29 Dec 2022 15:59:05 +0100 Subject: [PATCH 1/3] add space group grant --- changelog/unreleased/opaque-space-group.md | 5 ++++ pkg/storage/utils/decomposedfs/spaces.go | 34 +++++++++++++++------- 2 files changed, 28 insertions(+), 11 deletions(-) create mode 100644 changelog/unreleased/opaque-space-group.md diff --git a/changelog/unreleased/opaque-space-group.md b/changelog/unreleased/opaque-space-group.md new file mode 100644 index 0000000000..80523f8b51 --- /dev/null +++ b/changelog/unreleased/opaque-space-group.md @@ -0,0 +1,5 @@ +Enhancement: Opaque space group + +extend the opaque map to contain an identifier to see if it is a user or group grant. + +https://github.com/cs3org/reva/pull/3574 diff --git a/pkg/storage/utils/decomposedfs/spaces.go b/pkg/storage/utils/decomposedfs/spaces.go index c8812352f2..973b1c6909 100644 --- a/pkg/storage/utils/decomposedfs/spaces.go +++ b/pkg/storage/utils/decomposedfs/spaces.go @@ -528,7 +528,7 @@ func (fs *Decomposedfs) UpdateStorageSpace(ctx context.Context, req *provider.Up space := req.StorageSpace _, spaceID, _, _ := storagespace.SplitID(space.Id.OpaqueId) - node, err := node.ReadNode(ctx, fs.lu, spaceID, spaceID, true) // permission to read disabled space will be checked later + spaceNode, err := node.ReadNode(ctx, fs.lu, spaceID, spaceID, true) // permission to read disabled space will be checked later if err != nil { return nil, err } @@ -575,7 +575,7 @@ func (fs *Decomposedfs) UpdateStorageSpace(ctx context.Context, req *provider.Up switch { case space.Name != "", mapHasKey(metadata, xattrs.SpaceDescriptionAttr), restore: // these three attributes need manager permissions - err = fs.checkManagerPermission(ctx, node) + err = fs.checkManagerPermission(ctx, spaceNode) if err != nil { if restore { // a disabled space is invisible to non admins @@ -589,7 +589,7 @@ func (fs *Decomposedfs) UpdateStorageSpace(ctx context.Context, req *provider.Up } case mapHasKey(metadata, xattrs.SpaceReadmeAttr), mapHasKey(metadata, xattrs.SpaceAliasAttr), mapHasKey(metadata, xattrs.SpaceImageAttr): // these three attributes need editor permissions - err = fs.checkEditorPermission(ctx, node) + err = fs.checkEditorPermission(ctx, spaceNode) if err != nil { return &provider.UpdateStorageSpaceResponse{ Status: &v1beta11.Status{Code: v1beta11.Code_CODE_PERMISSION_DENIED, Message: err.Error()}, @@ -605,26 +605,26 @@ func (fs *Decomposedfs) UpdateStorageSpace(ctx context.Context, req *provider.Up default: // you may land here when making an update request without changes // check if user has access to the drive before continuing - if err := fs.checkViewerPermission(ctx, node); err != nil { + if err := fs.checkViewerPermission(ctx, spaceNode); err != nil { return &provider.UpdateStorageSpaceResponse{ Status: &v1beta11.Status{Code: v1beta11.Code_CODE_NOT_FOUND}, }, nil } } - err = node.SetXattrs(metadata) + err = spaceNode.SetXattrs(metadata) if err != nil { return nil, err } if restore { - if err := node.SetDTime(nil); err != nil { + if err := spaceNode.SetDTime(nil); err != nil { return nil, err } } // send back the updated data from the storage - updatedSpace, err := fs.storageSpaceFromNode(ctx, node, false) + updatedSpace, err := fs.storageSpaceFromNode(ctx, spaceNode, false) if err != nil { return nil, err } @@ -803,24 +803,32 @@ func (fs *Decomposedfs) storageSpaceFromNode(ctx context.Context, n *node.Node, return nil, err } - m := make(map[string]*provider.ResourcePermissions, len(grants)) + pm := make(map[string]*provider.ResourcePermissions, len(grants)) + gm := make(map[string]struct{}) for _, g := range grants { var id string switch g.Grantee.Type { case provider.GranteeType_GRANTEE_TYPE_GROUP: id = g.Grantee.GetGroupId().OpaqueId + gm[id] = struct{}{} case provider.GranteeType_GRANTEE_TYPE_USER: id = g.Grantee.GetUserId().OpaqueId default: continue } - m[id] = g.Permissions + pm[id] = g.Permissions } - marshalled, err := json.Marshal(m) + marshalledG, err := json.Marshal(gm) if err != nil { return nil, err } + + marshalledP, err := json.Marshal(pm) + if err != nil { + return nil, err + } + ssID, err := storagespace.FormatReference( &provider.Reference{ ResourceId: &provider.ResourceId{ @@ -836,7 +844,11 @@ func (fs *Decomposedfs) storageSpaceFromNode(ctx context.Context, n *node.Node, Map: map[string]*types.OpaqueEntry{ "grants": { Decoder: "json", - Value: marshalled, + Value: marshalledP, + }, + "groups": { + Decoder: "json", + Value: marshalledG, }, }, }, From 920e10e2c3355f6b2e2d7e1f5200a9faba21a8bf Mon Sep 17 00:00:00 2001 From: Florian Schade Date: Thu, 29 Dec 2022 17:26:44 +0100 Subject: [PATCH 2/3] use more clear var naming --- pkg/storage/utils/decomposedfs/spaces.go | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/pkg/storage/utils/decomposedfs/spaces.go b/pkg/storage/utils/decomposedfs/spaces.go index 973b1c6909..db18949f31 100644 --- a/pkg/storage/utils/decomposedfs/spaces.go +++ b/pkg/storage/utils/decomposedfs/spaces.go @@ -803,28 +803,28 @@ func (fs *Decomposedfs) storageSpaceFromNode(ctx context.Context, n *node.Node, return nil, err } - pm := make(map[string]*provider.ResourcePermissions, len(grants)) - gm := make(map[string]struct{}) + grantMap := make(map[string]*provider.ResourcePermissions, len(grants)) + groupMap := make(map[string]struct{}) for _, g := range grants { var id string switch g.Grantee.Type { case provider.GranteeType_GRANTEE_TYPE_GROUP: id = g.Grantee.GetGroupId().OpaqueId - gm[id] = struct{}{} + groupMap[id] = struct{}{} case provider.GranteeType_GRANTEE_TYPE_USER: id = g.Grantee.GetUserId().OpaqueId default: continue } - pm[id] = g.Permissions + grantMap[id] = g.Permissions } - marshalledG, err := json.Marshal(gm) + groupMapJson, err := json.Marshal(groupMap) if err != nil { return nil, err } - marshalledP, err := json.Marshal(pm) + grantMapJson, err := json.Marshal(grantMap) if err != nil { return nil, err } @@ -844,11 +844,11 @@ func (fs *Decomposedfs) storageSpaceFromNode(ctx context.Context, n *node.Node, Map: map[string]*types.OpaqueEntry{ "grants": { Decoder: "json", - Value: marshalledP, + Value: grantMapJson, }, "groups": { Decoder: "json", - Value: marshalledG, + Value: groupMapJson, }, }, }, From 40984ca8bace566bf95dad5b91c9e9a83ab53d19 Mon Sep 17 00:00:00 2001 From: Florian Schade Date: Thu, 29 Dec 2022 17:29:13 +0100 Subject: [PATCH 3/3] update JSON variable naming --- pkg/storage/utils/decomposedfs/spaces.go | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pkg/storage/utils/decomposedfs/spaces.go b/pkg/storage/utils/decomposedfs/spaces.go index db18949f31..3c16908fc9 100644 --- a/pkg/storage/utils/decomposedfs/spaces.go +++ b/pkg/storage/utils/decomposedfs/spaces.go @@ -819,12 +819,13 @@ func (fs *Decomposedfs) storageSpaceFromNode(ctx context.Context, n *node.Node, grantMap[id] = g.Permissions } - groupMapJson, err := json.Marshal(groupMap) + + grantMapJSON, err := json.Marshal(grantMap) if err != nil { return nil, err } - grantMapJson, err := json.Marshal(grantMap) + groupMapJSON, err := json.Marshal(groupMap) if err != nil { return nil, err } @@ -844,11 +845,11 @@ func (fs *Decomposedfs) storageSpaceFromNode(ctx context.Context, n *node.Node, Map: map[string]*types.OpaqueEntry{ "grants": { Decoder: "json", - Value: grantMapJson, + Value: grantMapJSON, }, "groups": { Decoder: "json", - Value: groupMapJson, + Value: groupMapJSON, }, }, },