delete user home directory when deleting user

Signed-off-by: David Christofas <dchristofas@owncloud.com>
owncloud · Oct 26, 2020 · 03b937e · 03b937e
1 parent 7352ee4
commit 03b937e
Show file tree

Hide file tree

Showing 8 changed files with 143 additions and 4 deletions.
diff --git a/changelog/unreleased/delete-user-home.md b/changelog/unreleased/delete-user-home.md
@@ -0,0 +1,5 @@
+Enhancement: Delete user home directory
+
+Extended the delete user method to also delete the user home folder on top of deleting the user in the accounts service.
+
+https://github.com/owncloud/ocis/pull/755
diff --git a/ocis/go.sum b/ocis/go.sum
@@ -248,7 +248,6 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng
 github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
-github.com/crewjam/httperr v0.0.0-20190612203328-a946449404da h1:WXnT88cFG2davqSFqvaFfzkSMC0lqh/8/rKZ+z7tYvI=
 github.com/crewjam/httperr v0.0.0-20190612203328-a946449404da/go.mod h1:+rmNIXRvYMqLQeR4DHyTvs6y0MEMymTz4vyFpFkKTPs=
 github.com/crewjam/httperr v0.2.0 h1:b2BfXR8U3AlIHwNeFFvZ+BV1LFvKLlzMjzaTnZMybNo=
 github.com/crewjam/httperr v0.2.0/go.mod h1:Jlz+Sg/XqBQhyMjdDiC+GNNRzZTD7x39Gu3pglZ5oH4=

diff --git a/ocs/pkg/command/server.go b/ocs/pkg/command/server.go
@@ -2,6 +2,8 @@ package command
 
 import (
 	"context"
+	"github.com/cs3org/reva/pkg/rgrpc/todo/pool"
+	"github.com/cs3org/reva/pkg/token/manager/jwt"
 	"os"
 	"os/signal"
 	"strings"
@@ -138,10 +140,31 @@ func Server(cfg *config.Config) *cli.Command {
 			metrics.BuildInfo.WithLabelValues(cfg.Service.Version).Set(1)
 
 			{
+				tm, err := jwt.New(map[string]interface{}{
+					"secret":  cfg.TokenManager.JWTSecret,
+					"expires": int64(60),
+				})
+				if err != nil {
+					logger.Error().
+						Err(err).
+						Msg("could not create token manager")
+					return err
+				}
+
+				gwc, err := pool.GetGatewayServiceClient("localhost:9142")
+				if err != nil {
+					logger.Error().
+						Err(err).
+						Msg("could not create reva gateway client")
+					return err
+				}
+
 				server, err := http.Server(
 					http.Logger(logger),
 					http.Context(ctx),
 					http.Config(cfg),
+					http.TokenManager(tm),
+					http.RevaClient(gwc),
 					http.Metrics(metrics),
 					http.Flags(flagset.RootWithConfig(config.New())),
 					http.Flags(flagset.ServerWithConfig(config.New())),

diff --git a/ocs/pkg/server/http/option.go b/ocs/pkg/server/http/option.go
@@ -2,11 +2,13 @@ package http
 
 import (
 	"context"
+	gatewayv1beta1 "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
+	"github.com/cs3org/reva/pkg/token"
 
 	"github.com/micro/cli/v2"
+	"github.com/owncloud/ocis/ocis-pkg/log"
 	"github.com/owncloud/ocis/ocs/pkg/config"
 	"github.com/owncloud/ocis/ocs/pkg/metrics"
-	"github.com/owncloud/ocis/ocis-pkg/log"
 )
 
 // Option defines a single option function.
@@ -20,6 +22,8 @@ type Options struct {
 	Config    *config.Config
 	Metrics   *metrics.Metrics
 	Flags     []cli.Flag
+	TokenManager token.Manager
+	RevaClient gatewayv1beta1.GatewayAPIClient
 }
 
 // newOptions initializes the available default options.
@@ -74,3 +78,17 @@ func Namespace(val string) Option {
 		o.Namespace = val
 	}
 }
+
+// TokenManager provides a function to set the TokenManager option.
+func TokenManager(tm token.Manager) Option {
+	return func(o *Options) {
+		o.TokenManager = tm
+	}
+}
+
+// RevaClient provides a function to set the RevaClient option.
+func RevaClient(c gatewayv1beta1.GatewayAPIClient) Option {
+	return func(o *Options) {
+		o.RevaClient = c
+	}
+}
diff --git a/ocs/pkg/server/http/server.go b/ocs/pkg/server/http/server.go
@@ -23,6 +23,8 @@ func Server(opts ...Option) (http.Service, error) {
 	handle := svc.NewService(
 		svc.Logger(options.Logger),
 		svc.Config(options.Config),
+		svc.TokenManager(options.TokenManager),
+		svc.RevaClient(options.RevaClient),
 		svc.Middleware(
 			middleware.RealIP,
 			middleware.RequestID,

diff --git a/ocs/pkg/service/v0/option.go b/ocs/pkg/service/v0/option.go
@@ -1,6 +1,8 @@
 package svc
 
 import (
+	gatewayv1beta1 "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
+	"github.com/cs3org/reva/pkg/token"
 	"net/http"
 
 	"github.com/owncloud/ocis/ocs/pkg/config"
@@ -15,6 +17,8 @@ type Options struct {
 	Logger     log.Logger
 	Config     *config.Config
 	Middleware []func(http.Handler) http.Handler
+	TokenManager token.Manager
+	RevaClient gatewayv1beta1.GatewayAPIClient
 }
 
 // newOptions initializes the available default options.
@@ -48,3 +52,17 @@ func Middleware(val ...func(http.Handler) http.Handler) Option {
 		o.Middleware = val
 	}
 }
+
+// TokenManager provides a function to set the TokenManager option.
+func TokenManager(tm token.Manager) Option {
+	return func(o *Options) {
+		o.TokenManager = tm
+	}
+}
+
+// RevaClient provides a function to set the RevaClient option.
+func RevaClient(c gatewayv1beta1.GatewayAPIClient) Option {
+	return func(o *Options) {
+		o.RevaClient = c
+	}
+}
diff --git a/ocs/pkg/service/v0/service.go b/ocs/pkg/service/v0/service.go
@@ -1,6 +1,8 @@
 package svc
 
 import (
+	gatewayv1beta1 "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
+	"github.com/cs3org/reva/pkg/token"
 	"net/http"
 
 	"github.com/go-chi/chi"
@@ -9,11 +11,11 @@ import (
 	"github.com/micro/go-micro/v2/client/grpc"
 
 	accounts "github.com/owncloud/ocis/accounts/pkg/proto/v0"
+	"github.com/owncloud/ocis/ocis-pkg/log"
 	"github.com/owncloud/ocis/ocs/pkg/config"
 	ocsm "github.com/owncloud/ocis/ocs/pkg/middleware"
 	"github.com/owncloud/ocis/ocs/pkg/service/v0/data"
 	"github.com/owncloud/ocis/ocs/pkg/service/v0/response"
-	"github.com/owncloud/ocis/ocis-pkg/log"
 )
 
 var defaultClient = grpc.NewClient()
@@ -35,6 +37,8 @@ func NewService(opts ...Option) Service {
 		config: options.Config,
 		mux:    m,
 		logger: options.Logger,
+		tokenManager: options.TokenManager,
+		revaClient: options.RevaClient,
 	}
 
 	m.Route(options.Config.HTTP.Root, func(r chi.Router) {
@@ -89,6 +93,8 @@ type Ocs struct {
 	config *config.Config
 	logger log.Logger
 	mux    *chi.Mux
+	tokenManager token.Manager
+	revaClient gatewayv1beta1.GatewayAPIClient
 }
 
 // ServeHTTP implements the Service interface.

diff --git a/ocs/pkg/service/v0/users.go b/ocs/pkg/service/v0/users.go
@@ -5,11 +5,17 @@ import (
 	"crypto/rand"
 	"encoding/hex"
 	"fmt"
+	revauser "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
+	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
+	types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1"
+	"github.com/cs3org/reva/pkg/token"
+	"github.com/cs3org/reva/pkg/user"
+	"github.com/pkg/errors"
+	"google.golang.org/grpc/metadata"
 	"net/http"
 	"strconv"
 	"strings"
 
-	"github.com/cs3org/reva/pkg/user"
 	"github.com/go-chi/chi"
 	"github.com/go-chi/render"
 	"google.golang.org/protobuf/types/known/fieldmaskpb"
@@ -267,6 +273,46 @@ func (o Ocs) DeleteUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	t, err := o.mintTokenForUser(r.Context(), account)
+	if err != nil {
+		render.Render(w,r, response.ErrRender(data.MetaServerError.StatusCode, errors.Wrap(err, "could not mint token").Error()))
+		return
+	}
+
+	ctx := metadata.AppendToOutgoingContext(r.Context(), token.TokenHeader, t)
+
+	homeResp, err := o.revaClient.GetHome(ctx, &provider.GetHomeRequest{} )
+	if err != nil {
+		render.Render(w,r, response.ErrRender(data.MetaServerError.StatusCode, errors.Wrap(err, "could not get home").Error()))
+		return
+	}
+
+	statResp, err := o.revaClient.Stat(ctx, &provider.StatRequest{
+		Ref: &provider.Reference {
+			Spec: &provider.Reference_Path{
+				Path: homeResp.Path,
+			},
+		},
+	})
+	if err != nil {
+		render.Render(w,r, response.ErrRender(data.MetaServerError.StatusCode, errors.Wrap(err, "could not stat home").Error()))
+		return
+	}
+
+	delReq := &provider.DeleteRequest{
+		Ref: &provider.Reference {
+			Spec: &provider.Reference_Id{
+				Id: statResp.Info.Id,
+			},
+		},
+	}
+
+	_, err = o.revaClient.Delete(ctx, delReq)
+	if err != nil {
+		render.Render(w,r, response.ErrRender(data.MetaServerError.StatusCode, errors.Wrap(err, "could not delete home").Error()))
+		return
+	}
+
 	req := accounts.DeleteAccountRequest{
 		Id: account.Id,
 	}
@@ -384,6 +430,28 @@ func (o Ocs) ListUsers(w http.ResponseWriter, r *http.Request) {
 	render.Render(w, r, response.DataRender(&data.Users{Users: users}))
 }
 
+func (o Ocs) mintTokenForUser(ctx context.Context, account *accounts.Account) (string, error) {
+	u := &revauser.User{
+		Id: &revauser.UserId{
+			OpaqueId: account.Id,
+		},
+		Groups: []string{},
+		Opaque: &types.Opaque{
+			Map: map[string]*types.OpaqueEntry{
+				"uid": {
+					Decoder: "plain",
+					Value:   []byte(strconv.FormatInt(account.UidNumber, 10)),
+				},
+				"gid": {
+					Decoder: "plain",
+					Value:   []byte(strconv.FormatInt(account.GidNumber, 10)),
+				},
+			},
+		},
+	}
+	return o.tokenManager.MintToken(ctx, u)
+}
+
 // escapeValue escapes all special characters in the value
 func escapeValue(value string) string {
 	return strings.ReplaceAll(value, "'", "''")