Skip to content

Commit

Permalink
shares role mapping
Browse files Browse the repository at this point in the history
  • Loading branch information
gmgigi96 committed Jul 26, 2024
1 parent 24e8f9b commit d4057d4
Show file tree
Hide file tree
Showing 3 changed files with 34 additions and 59 deletions.
12 changes: 0 additions & 12 deletions internal/http/services/owncloud/ocgraph/roles.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ import (
"net/http"

"github.com/cs3org/reva/pkg/appctx"
libregraph "github.com/owncloud/libre-graph-api-go"
)

func (s *svc) getRoleDefinitions(w http.ResponseWriter, r *http.Request) {
Expand All @@ -36,14 +35,3 @@ func (s *svc) getRoleDefinitions(w http.ResponseWriter, r *http.Request) {
return
}
}

func GetBuiltinRoleDefinitionList() []*libregraph.UnifiedRoleDefinition {
return []*libregraph.UnifiedRoleDefinition{
NewViewerUnifiedRole(),
NewSpaceViewerUnifiedRole(),
NewEditorUnifiedRole(),
NewSpaceEditorUnifiedRole(),
NewFileEditorUnifiedRole(),
NewManagerUnifiedRole(),
}
}
16 changes: 10 additions & 6 deletions internal/http/services/owncloud/ocgraph/shares.go
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,8 @@ func (s *svc) getSharedWithMe(w http.ResponseWriter, r *http.Request) {
}

func encodeSpaceIDForShareJail(res *provider.ResourceInfo) string {
return spaces.EncodeSpaceID(res.Id.StorageId, res.Path)
return spaces.EncodeResourceID(res.Id)
//return spaces.EncodeSpaceID(res.Id.StorageId, res.Path)
}

func (s *svc) cs3ReceivedShareToDriveItem(ctx context.Context, share *gateway.SharedResourceInfo) (*libregraph.DriveItem, error) {
Expand All @@ -93,6 +94,12 @@ func (s *svc) cs3ReceivedShareToDriveItem(ctx context.Context, share *gateway.Sh
return nil, err
}

roles := make([]string, 0, 1)
role := CS3ResourcePermissionsToUnifiedRole(share.ResourceInfo.PermissionSet)
if role != nil {
roles = append(roles, *role.Id)
}

d := &libregraph.DriveItem{
UIHidden: libregraph.PtrBool(share.Share.Hidden),
ClientSynchronize: libregraph.PtrBool(true),
Expand Down Expand Up @@ -125,6 +132,7 @@ func (s *svc) cs3ReceivedShareToDriveItem(ctx context.Context, share *gateway.Sh
Id: libregraph.PtrString(encodeSpaceIDForShareJail(share.ResourceInfo)),
LastModifiedDateTime: libregraph.PtrTime(utils.TSToTime(share.ResourceInfo.Mtime)),
Name: libregraph.PtrString(share.ResourceInfo.Name),
Path: libregraph.PtrString(relativePathToSpaceID(share.ResourceInfo)),
// ParentReference: &libregraph.ItemReference{
// DriveId: libregraph.PtrString(spaces.EncodeResourceID(share.ResourceInfo.ParentId)),
// DriveType: nil, // FIXME: no way to know it unless we hardcode it
Expand All @@ -142,11 +150,7 @@ func (s *svc) cs3ReceivedShareToDriveItem(ctx context.Context, share *gateway.Sh
},
},
},
Roles: []string{"2d00ce52-1fc2-4dbc-8b95-a73b73395f5a"}, // TODO: find a way to not hardcode it
// TODO: roles are missing, but which is the id???
// "roles": [
// "2d00ce52-1fc2-4dbc-8b95-a73b73395f5a"
// ]
Roles: roles,
},
},
Size: libregraph.PtrInt64(int64(share.ResourceInfo.Size)),
Expand Down
65 changes: 24 additions & 41 deletions internal/http/services/owncloud/ocgraph/unifiedrole.go
Original file line number Diff line number Diff line change
Expand Up @@ -401,47 +401,10 @@ func GetLegacyName(role libregraph.UnifiedRoleDefinition) string {
}

// CS3ResourcePermissionsToUnifiedRole tries to find the UnifiedRoleDefinition that matches the supplied
// CS3 ResourcePermissions and constraints.
func CS3ResourcePermissionsToUnifiedRole(p *provider.ResourcePermissions, constraints string) *libregraph.UnifiedRoleDefinition {
actionSet := map[string]struct{}{}
for _, action := range CS3ResourcePermissionsToLibregraphActions(p) {
actionSet[action] = struct{}{}
}

var res *libregraph.UnifiedRoleDefinition
for _, uRole := range GetBuiltinRoleDefinitionList() {
matchFound := false
for _, uPerm := range uRole.GetRolePermissions() {
if uPerm.GetCondition() != constraints {
// the requested constraints don't match, this isn't our role
continue
}

// if the actions converted from the ResourcePermissions equal the action the defined for the role, we have match
if resourceActionsEqual(actionSet, uPerm.GetAllowedResourceActions()) {
matchFound = true
break
}
}
if matchFound {
res = uRole
break
}
}
return res
}

func resourceActionsEqual(targetActionSet map[string]struct{}, actions []string) bool {
if len(targetActionSet) != len(actions) {
return false
}

for _, action := range actions {
if _, ok := targetActionSet[action]; !ok {
return false
}
}
return true
// CS3 ResourcePermissions.
func CS3ResourcePermissionsToUnifiedRole(p *provider.ResourcePermissions) *libregraph.UnifiedRoleDefinition {
role := conversions.RoleFromResourcePermissions(p)
return ocsRoleUnifiedRole[role.Name]
}

func displayName(role *conversions.Role) *string {
Expand Down Expand Up @@ -484,3 +447,23 @@ func GetAllowedResourceActions(role *libregraph.UnifiedRoleDefinition, condition
}
return []string{}
}

func GetBuiltinRoleDefinitionList() []*libregraph.UnifiedRoleDefinition {
return []*libregraph.UnifiedRoleDefinition{
NewViewerUnifiedRole(),
NewEditorUnifiedRole(),
NewFileEditorUnifiedRole(),
NewManagerUnifiedRole(),
}
}

var ocsRoleUnifiedRole = map[string]*libregraph.UnifiedRoleDefinition{
conversions.RoleViewer: NewViewerUnifiedRole(),
conversions.RoleReader: NewViewerUnifiedRole(),
conversions.RoleEditor: NewEditorUnifiedRole(),
conversions.RoleFileEditor: NewFileEditorUnifiedRole(),
conversions.RoleCollaborator: NewManagerUnifiedRole(),
// FIXME: this is a wrong mapping, but it looks like in ocis has not been defined so far
conversions.RoleUploader: NewEditorUnifiedRole(),
conversions.RoleManager: NewManagerUnifiedRole(),
}

0 comments on commit d4057d4

Please sign in to comment.