From 4458eddb052988c0ad3430a77dfdf740ad0e3b1d Mon Sep 17 00:00:00 2001 From: jkoberg Date: Tue, 20 Aug 2024 16:27:53 +0200 Subject: [PATCH] feat(reva): Bump Reva Signed-off-by: jkoberg --- changelog/unreleased/bump-reva.md | 5 ++++ go.mod | 2 +- go.sum | 4 +-- .../handlers/apps/sharing/shares/shares.go | 30 +++++++++++++++++-- .../tusd/v2/pkg/handler/unrouted_handler.go | 20 +++++++++++++ vendor/modules.txt | 2 +- 6 files changed, 57 insertions(+), 6 deletions(-) create mode 100644 changelog/unreleased/bump-reva.md diff --git a/changelog/unreleased/bump-reva.md b/changelog/unreleased/bump-reva.md new file mode 100644 index 00000000000..ae9219216d3 --- /dev/null +++ b/changelog/unreleased/bump-reva.md @@ -0,0 +1,5 @@ +Enhancement: Bump reva + +Bumps reva version + +https://github.com/owncloud/ocis/pull/9860 diff --git a/go.mod b/go.mod index bbeec9d440b..a797cf59477 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/cenkalti/backoff v2.2.1+incompatible github.com/coreos/go-oidc/v3 v3.11.0 github.com/cs3org/go-cs3apis v0.0.0-20240724121416-062c4e3046cb - github.com/cs3org/reva/v2 v2.23.0 + github.com/cs3org/reva/v2 v2.23.1-0.20240823074930-ff4b71b50b7d github.com/dhowden/tag v0.0.0-20230630033851-978a0926ee25 github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e github.com/egirna/icap-client v0.1.1 diff --git a/go.sum b/go.sum index 48c8967751f..22327967aa0 100644 --- a/go.sum +++ b/go.sum @@ -255,8 +255,8 @@ github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c= github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME= github.com/cs3org/go-cs3apis v0.0.0-20240724121416-062c4e3046cb h1:KmYZDReplv/yfwc1LNYpDcVhVujC3Pasv6WjXx1haSU= github.com/cs3org/go-cs3apis v0.0.0-20240724121416-062c4e3046cb/go.mod h1:yyP8PRo0EZou3nSH7H4qjlzQwaydPeIRNgX50npQHpE= -github.com/cs3org/reva/v2 v2.23.0 h1:tRa+q6usndTQ6LbaxtfEub3UsKVruJ1l7HY6K+ZKS9s= -github.com/cs3org/reva/v2 v2.23.0/go.mod h1:p7CHBXcg6sSqB+0JMNDfC1S7TSh9FghXkw1kTV3KcJI= +github.com/cs3org/reva/v2 v2.23.1-0.20240823074930-ff4b71b50b7d h1:fnb2A+ClZjlwMTPCBXQ3+NoSf7e5zBWK1XJsIaj0834= +github.com/cs3org/reva/v2 v2.23.1-0.20240823074930-ff4b71b50b7d/go.mod h1:p7CHBXcg6sSqB+0JMNDfC1S7TSh9FghXkw1kTV3KcJI= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= diff --git a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go index 1136ded122b..1ec0b325e43 100644 --- a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go +++ b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go @@ -282,8 +282,34 @@ func (h *Handler) CreateShare(w http.ResponseWriter, r *http.Request) { reqRole, reqPermissions := r.FormValue("role"), r.FormValue("permissions") switch shareType { case int(conversions.ShareTypeUser), int(conversions.ShareTypeGroup): - // user collaborations default to Manager (=all permissions) - role, val, ocsErr := h.extractPermissions(reqRole, reqPermissions, statRes.Info, conversions.NewManagerRole()) + // NOTE: clients tend to send "31" as permissions but they mean "15". + // This is because it adds the "16" for sharing , but that is now no longer allowed. + // We could now have some fancy mechanism that casts the string to an int, subtracts 16 and casts it back to a string. + // Or we could change the role later and hope everything works out. + // Or: + if reqRole == "" { + switch reqPermissions { + case "31": + reqPermissions = "15" + case "29": + reqPermissions = "13" + case "27": + reqPermissions = "11" + case "23": + reqPermissions = "7" + case "22": + reqPermissions = "6" + case "21": + reqPermissions = "5" + case "19": + reqPermissions = "3" + case "17": + reqPermissions = "1" + } + } + + // user collaborations default to Viewer. Sane Default. + role, val, ocsErr := h.extractPermissions(reqRole, reqPermissions, statRes.Info, conversions.NewViewerRole()) if ocsErr != nil { response.WriteOCSError(w, r, ocsErr.Code, ocsErr.Message, ocsErr.Error) return diff --git a/vendor/github.com/tus/tusd/v2/pkg/handler/unrouted_handler.go b/vendor/github.com/tus/tusd/v2/pkg/handler/unrouted_handler.go index 73be46437e6..385bf1c3f1b 100644 --- a/vendor/github.com/tus/tusd/v2/pkg/handler/unrouted_handler.go +++ b/vendor/github.com/tus/tusd/v2/pkg/handler/unrouted_handler.go @@ -199,6 +199,7 @@ func (handler *UnroutedHandler) Middleware(h http.Handler) http.Handler { if origin := r.Header.Get("Origin"); !cors.Disable && origin != "" { originIsAllowed := cors.AllowOrigin.MatchString(origin) if !originIsAllowed { + fmt.Println("ORIGIN IS NOT ALLOWED", origin) handler.sendError(c, ErrOriginNotAllowed) return } @@ -691,12 +692,14 @@ func (handler *UnroutedHandler) HeadFile(w http.ResponseWriter, r *http.Request) // PatchFile adds a chunk to an upload. This operation is only allowed // if enough space in the upload is left. func (handler *UnroutedHandler) PatchFile(w http.ResponseWriter, r *http.Request) { + fmt.Println("PATCH FILE") c := handler.getContext(w, r) isTusV1 := !handler.usesIETFDraft(r) // Check for presence of application/offset+octet-stream if isTusV1 && r.Header.Get("Content-Type") != "application/offset+octet-stream" { + fmt.Println("WRONG CONTENT TYPE") handler.sendError(c, ErrInvalidContentType) return } @@ -704,12 +707,14 @@ func (handler *UnroutedHandler) PatchFile(w http.ResponseWriter, r *http.Request // Check for presence of a valid Upload-Offset Header offset, err := strconv.ParseInt(r.Header.Get("Upload-Offset"), 10, 64) if err != nil || offset < 0 { + fmt.Println("WRONG OFFSET") handler.sendError(c, ErrInvalidOffset) return } id, err := extractIDFromPath(r.URL.Path) if err != nil { + fmt.Println("WRONG ID") handler.sendError(c, err) return } @@ -718,6 +723,7 @@ func (handler *UnroutedHandler) PatchFile(w http.ResponseWriter, r *http.Request if handler.composer.UsesLocker { lock, err := handler.lockUpload(c, id) if err != nil { + fmt.Println("WRONG LOCK") handler.sendError(c, err) return } @@ -727,23 +733,27 @@ func (handler *UnroutedHandler) PatchFile(w http.ResponseWriter, r *http.Request upload, err := handler.composer.Core.GetUpload(c, id) if err != nil { + fmt.Println("WRONG UPLOAD") handler.sendError(c, err) return } info, err := upload.GetInfo(c) if err != nil { + fmt.Println("WRONG INFO") handler.sendError(c, err) return } // Modifying a final upload is not allowed if info.IsFinal { + fmt.Println("WRONG FINAL") handler.sendError(c, ErrModifyFinal) return } if offset != info.Offset { + fmt.Println("WRONG INFO OFFSET") handler.sendError(c, ErrMismatchOffset) return } @@ -760,27 +770,32 @@ func (handler *UnroutedHandler) PatchFile(w http.ResponseWriter, r *http.Request // Do not proxy the call to the data store if the upload is already completed if !info.SizeIsDeferred && info.Offset == info.Size { resp.Header["Upload-Offset"] = strconv.FormatInt(offset, 10) + fmt.Println("UPLOAD ALREADY COMPLETED") handler.sendResp(c, resp) return } if r.Header.Get("Upload-Length") != "" { if !handler.composer.UsesLengthDeferrer { + fmt.Println("UPLOAD LENGTH DEFERRER") handler.sendError(c, ErrNotImplemented) return } if !info.SizeIsDeferred { + fmt.Println("UPLOAD LENGTH NOT DEFERED") handler.sendError(c, ErrInvalidUploadLength) return } uploadLength, err := strconv.ParseInt(r.Header.Get("Upload-Length"), 10, 64) if err != nil || uploadLength < 0 || uploadLength < info.Offset || (handler.config.MaxSize > 0 && uploadLength > handler.config.MaxSize) { + fmt.Println("UPLOAD LENGTH INVALID") handler.sendError(c, ErrInvalidUploadLength) return } lengthDeclarableUpload := handler.composer.LengthDeferrer.AsLengthDeclarableUpload(upload) if err := lengthDeclarableUpload.DeclareLength(c, uploadLength); err != nil { + fmt.Println("UPLOAD LENGTH DECLARED") handler.sendError(c, err) return } @@ -791,6 +806,7 @@ func (handler *UnroutedHandler) PatchFile(w http.ResponseWriter, r *http.Request resp, err = handler.writeChunk(c, resp, upload, info) if err != nil { + fmt.Println("CANT WRITE CHUNK") handler.sendError(c, err) return } @@ -799,6 +815,7 @@ func (handler *UnroutedHandler) PatchFile(w http.ResponseWriter, r *http.Request if willCompleteUpload && info.SizeIsDeferred { info, err = upload.GetInfo(c) if err != nil { + fmt.Println("CANT GET INFO") handler.sendError(c, err) return } @@ -807,6 +824,7 @@ func (handler *UnroutedHandler) PatchFile(w http.ResponseWriter, r *http.Request lengthDeclarableUpload := handler.composer.LengthDeferrer.AsLengthDeclarableUpload(upload) if err := lengthDeclarableUpload.DeclareLength(c, uploadLength); err != nil { + fmt.Println("CANT UPLOAD LENGTH") handler.sendError(c, err) return } @@ -816,12 +834,14 @@ func (handler *UnroutedHandler) PatchFile(w http.ResponseWriter, r *http.Request resp, err = handler.finishUploadIfComplete(c, resp, upload, info) if err != nil { + fmt.Println("CANT COMPLETE") handler.sendError(c, err) return } } handler.sendResp(c, resp) + fmt.Println("PATCH COMPLETE") } // writeChunk reads the body from the requests r and appends it to the upload diff --git a/vendor/modules.txt b/vendor/modules.txt index f0cb12bbdf8..54638f2bb1a 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -367,7 +367,7 @@ github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1 github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1 github.com/cs3org/go-cs3apis/cs3/tx/v1beta1 github.com/cs3org/go-cs3apis/cs3/types/v1beta1 -# github.com/cs3org/reva/v2 v2.23.0 +# github.com/cs3org/reva/v2 v2.23.1-0.20240823074930-ff4b71b50b7d ## explicit; go 1.21 github.com/cs3org/reva/v2/cmd/revad/internal/grace github.com/cs3org/reva/v2/cmd/revad/runtime