From c85584b66a021d5e24654f9f3906bb8e493c276a Mon Sep 17 00:00:00 2001 From: Jesse Geens Date: Thu, 28 Nov 2024 15:38:34 +0100 Subject: [PATCH] Replace usage of root auth with cbox or daemon --- pkg/eosclient/eosgrpc/eosgrpc.go | 13 +- pkg/eosclient/eosgrpc/eoshttp.go | 8 - pkg/storage/utils/eosfs/eosfs.go | 264 ++++++++----------------------- pkg/utils/utils.go | 17 +- 4 files changed, 84 insertions(+), 218 deletions(-) diff --git a/pkg/eosclient/eosgrpc/eosgrpc.go b/pkg/eosclient/eosgrpc/eosgrpc.go index 10f9f1205d..33e52e7aae 100644 --- a/pkg/eosclient/eosgrpc/eosgrpc.go +++ b/pkg/eosclient/eosgrpc/eosgrpc.go @@ -39,6 +39,7 @@ import ( "github.com/cs3org/reva/pkg/eosclient" "github.com/cs3org/reva/pkg/errtypes" "github.com/cs3org/reva/pkg/storage/utils/acl" + "github.com/cs3org/reva/pkg/utils" "github.com/google/uuid" "github.com/pkg/errors" "github.com/rs/zerolog" @@ -230,14 +231,13 @@ func (c *Client) getRespError(rsp *erpc.NSResponse, err error) error { // Common code to create and initialize a NSRequest. func (c *Client) initNSRequest(ctx context.Context, auth eosclient.Authorization, app string) (*erpc.NSRequest, error) { - // Stuff filename, uid, gid into the MDRequest type - log := appctx.GetLogger(ctx) log.Debug().Str("(uid,gid)", "("+auth.Role.UID+","+auth.Role.GID+")").Msg("New grpcNS req") rq := new(erpc.NSRequest) rq.Role = new(erpc.RoleId) + // Let's put in the authentication info if auth.Token != "" { // Map to owner using EOSAUTHZ token // We do not become cbox @@ -261,6 +261,7 @@ func (c *Client) initNSRequest(ctx context.Context, auth eosclient.Authorization } } + // For NS operations, specifically for locking, we also need to provide the app if app != "" { rq.Role.App = app } @@ -737,7 +738,7 @@ func (c *Client) GetFileInfoByPath(ctx context.Context, userAuth eosclient.Autho log := appctx.GetLogger(ctx) log.Debug().Str("func", "GetFileInfoByPath").Str("uid,gid", userAuth.Role.UID+","+userAuth.Role.GID).Str("path", path).Msg("entering") - daemonAuth := getDaemonAuth() + daemonAuth := utils.GetDaemonAuth() // Initialize the common fields of the MDReq // We do this as the daemon account, because the user may not have access to the file @@ -1253,7 +1254,7 @@ func (c *Client) List(ctx context.Context, userAuth eosclient.Authorization, dpa var auth eosclient.Authorization if userAuth.Role.UID == "" || userAuth.Role.GID == "" { - auth = getDaemonAuth() + auth = utils.GetDaemonAuth() } else { auth = userAuth } @@ -1839,7 +1840,3 @@ func aclAttrToAclStruct(aclAttr string) *acl.ACLs { return acl } - -func getDaemonAuth() eosclient.Authorization { - return eosclient.Authorization{Role: eosclient.Role{UID: "2", GID: "2"}} -} diff --git a/pkg/eosclient/eosgrpc/eoshttp.go b/pkg/eosclient/eosgrpc/eoshttp.go index bab34cf5b5..c69c069241 100644 --- a/pkg/eosclient/eosgrpc/eoshttp.go +++ b/pkg/eosclient/eosgrpc/eoshttp.go @@ -429,14 +429,6 @@ func (c *EOSHTTPClient) PUTFile(ctx context.Context, remoteuser string, auth eos log.Debug().Str("func", "PUTFile").Int64("Content-Length", length).Msg("setting header") req.Header.Set("Content-Length", strconv.FormatInt(length, 10)) } - if err != nil { - log.Error().Str("func", "PUTFile").Str("url", loc.String()).Str("err", err.Error()).Msg("can't create redirected request") - return err - } - if length >= 0 { - log.Debug().Str("func", "PUTFile").Int64("Content-Length", length).Msg("setting header") - req.Header.Set("Content-Length", strconv.FormatInt(length, 10)) - } log.Debug().Str("func", "PUTFile").Str("location", loc.String()).Msg("redirection") nredirs++ diff --git a/pkg/storage/utils/eosfs/eosfs.go b/pkg/storage/utils/eosfs/eosfs.go index 13e9ddddbc..ba33b5b82e 100644 --- a/pkg/storage/utils/eosfs/eosfs.go +++ b/pkg/storage/utils/eosfs/eosfs.go @@ -453,10 +453,12 @@ func (fs *eosfs) getPath(ctx context.Context, id *provider.ResourceId) (string, return "", fmt.Errorf("error converting string to int for eos fileid: %s", id.OpaqueId) } - auth, err := fs.getRootAuth(ctx) - if err != nil { - return "", err - } + // auth, err := fs.getRootAuth(ctx) + // if err != nil { + // return "", err + // } + + auth := utils.GetDaemonAuth() eosFileInfo, err := fs.c.GetFileInfoByInode(ctx, auth, fid) if err != nil { @@ -490,13 +492,9 @@ func (fs *eosfs) GetPathByID(ctx context.Context, id *provider.ResourceId) (stri if err != nil { return "", errors.Wrap(err, "eosfs: no user in ctx") } - if u.Id.Type == userpb.UserType_USER_TYPE_LIGHTWEIGHT || u.Id.Type == userpb.UserType_USER_TYPE_FEDERATED { - // TODO switch to daemon - auth, err := fs.getRootAuth(ctx) - if err != nil { - return "", err - } - eosFileInfo, err := fs.c.GetFileInfoByInode(ctx, auth, fid) + if utils.IsLightweightUser(u) { + daemonAuth := utils.GetDaemonAuth() + eosFileInfo, err := fs.c.GetFileInfoByInode(ctx, daemonAuth, fid) if err != nil { return "", errors.Wrap(err, "eosfs: error getting file info by inode") } @@ -506,12 +504,12 @@ func (fs *eosfs) GetPathByID(ctx context.Context, id *provider.ResourceId) (stri return "", errtypes.PermissionDenied("eosfs: getting path for id not allowed") } - auth, err := fs.getUserAuth(ctx, u, "") + userAuth, err := fs.getUserAuth(ctx, u, "") if err != nil { return "", err } - eosFileInfo, err := fs.c.GetFileInfoByInode(ctx, auth, fid) + eosFileInfo, err := fs.c.GetFileInfoByInode(ctx, userAuth, fid) if err != nil { return "", errors.Wrap(err, "eosfs: error getting file info by inode") } @@ -529,10 +527,7 @@ func (fs *eosfs) SetArbitraryMetadata(ctx context.Context, ref *provider.Referen return err } - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return err - } + cboxAuth := utils.GetEmptyAuth() for k, v := range md.Metadata { if k == "" || v == "" { @@ -552,7 +547,7 @@ func (fs *eosfs) SetArbitraryMetadata(ctx context.Context, ref *provider.Referen // TODO(labkode): SetArbitraryMetadata does not have semantics for recursivity. // We set it to false - err := fs.c.SetAttr(ctx, rootAuth, attr, false, false, fn, "") + err := fs.c.SetAttr(ctx, cboxAuth, attr, false, false, fn, "") if err != nil { return errors.Wrap(err, "eosfs: error setting xattr in eos driver") } @@ -570,10 +565,7 @@ func (fs *eosfs) UnsetArbitraryMetadata(ctx context.Context, ref *provider.Refer return err } - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return err - } + cboxAuth := utils.GetEmptyAuth() for _, k := range keys { if k == "" { @@ -585,7 +577,7 @@ func (fs *eosfs) UnsetArbitraryMetadata(ctx context.Context, ref *provider.Refer Key: k, } - err := fs.c.UnsetAttr(ctx, rootAuth, attr, false, fn, "") + err := fs.c.UnsetAttr(ctx, cboxAuth, attr, false, fn, "") if err != nil { if errors.Is(err, eosclient.AttrNotExistsError) { continue @@ -606,16 +598,14 @@ func (fs *eosfs) EncodeAppName(a string) string { func (fs *eosfs) getLockPayloads(ctx context.Context, path string) (string, string, error) { // sys attributes want root auth, buddy - rootauth, err := fs.getRootAuth(ctx) - if err != nil { - return "", "", err - } - data, err := fs.c.GetAttr(ctx, rootauth, "sys."+lockPayloadKey, path) + cboxAuth := utils.GetEmptyAuth() + + data, err := fs.c.GetAttr(ctx, cboxAuth, "sys."+lockPayloadKey, path) if err != nil { return "", "", err } - eoslock, err := fs.c.GetAttr(ctx, rootauth, "sys."+eosLockKey, path) + eoslock, err := fs.c.GetAttr(ctx, cboxAuth, "sys."+eosLockKey, path) if err != nil { return "", "", err } @@ -624,12 +614,9 @@ func (fs *eosfs) getLockPayloads(ctx context.Context, path string) (string, stri } func (fs *eosfs) removeLockAttrs(ctx context.Context, path, app string) error { - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return err - } + cboxAuth := utils.GetEmptyAuth() - err = fs.c.UnsetAttr(ctx, rootAuth, &eosclient.Attribute{ + err := fs.c.UnsetAttr(ctx, cboxAuth, &eosclient.Attribute{ Type: SystemAttr, Key: eosLockKey, }, false, path, app) @@ -637,7 +624,7 @@ func (fs *eosfs) removeLockAttrs(ctx context.Context, path, app string) error { return errors.Wrap(err, "eosfs: error unsetting the eos lock") } - err = fs.c.UnsetAttr(ctx, rootAuth, &eosclient.Attribute{ + err = fs.c.UnsetAttr(ctx, cboxAuth, &eosclient.Attribute{ Type: SystemAttr, Key: lockPayloadKey, }, false, path, app) @@ -709,10 +696,7 @@ func (fs *eosfs) GetLock(ctx context.Context, ref *provider.Reference) (*provide } func (fs *eosfs) setLock(ctx context.Context, lock *provider.Lock, path string) error { - auth, err := fs.getRootAuth(ctx) - if err != nil { - return err - } + cboxAuth := utils.GetEmptyAuth() encodedLock, eosLock, err := fs.encodeLock(lock) if err != nil { @@ -720,7 +704,7 @@ func (fs *eosfs) setLock(ctx context.Context, lock *provider.Lock, path string) } // set eos lock - err = fs.c.SetAttr(ctx, auth, &eosclient.Attribute{ + err = fs.c.SetAttr(ctx, cboxAuth, &eosclient.Attribute{ Type: SystemAttr, Key: eosLockKey, Val: eosLock, @@ -733,7 +717,7 @@ func (fs *eosfs) setLock(ctx context.Context, lock *provider.Lock, path string) } // set payload - err = fs.c.SetAttr(ctx, auth, &eosclient.Attribute{ + err = fs.c.SetAttr(ctx, cboxAuth, &eosclient.Attribute{ Type: SystemAttr, Key: lockPayloadKey, Val: encodedLock, @@ -990,10 +974,7 @@ func (fs *eosfs) AddGrant(ctx context.Context, ref *provider.Reference, g *provi return err } - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return err - } + cboxAuth := utils.GetEmptyAuth() eosACL, err := fs.getEosACL(ctx, g) if err != nil { @@ -1010,13 +991,13 @@ func (fs *eosfs) AddGrant(ctx context.Context, ref *provider.Reference, g *provi Key: fmt.Sprintf("%s.%s", lwShareAttrKey, eosACL.Qualifier), Val: eosACL.Permissions, } - if err := fs.c.SetAttr(ctx, rootAuth, attr, false, true, fn, ""); err != nil { + if err := fs.c.SetAttr(ctx, cboxAuth, attr, false, true, fn, ""); err != nil { return errors.Wrap(err, "eosfs: error adding acl for lightweight account") } return nil } - err = fs.c.AddACL(ctx, auth, rootAuth, fn, eosclient.StartPosition, eosACL) + err = fs.c.AddACL(ctx, auth, cboxAuth, fn, eosclient.StartPosition, eosACL) if err != nil { return errors.Wrap(err, "eosfs: error adding acl") } @@ -1031,10 +1012,7 @@ func (fs *eosfs) DenyGrant(ctx context.Context, ref *provider.Reference, g *prov position := eosclient.EndPosition - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return err - } + cboxAuth := utils.GetEmptyAuth() // empty permissions => deny grant := &provider.Grant{ @@ -1047,7 +1025,7 @@ func (fs *eosfs) DenyGrant(ctx context.Context, ref *provider.Reference, g *prov return err } - err = fs.c.AddACL(ctx, auth, rootAuth, fn, position, eosACL) + err = fs.c.AddACL(ctx, auth, cboxAuth, fn, position, eosACL) if err != nil { return errors.Wrap(err, "eosfs: error adding acl") } @@ -1098,10 +1076,7 @@ func (fs *eosfs) RemoveGrant(ctx context.Context, ref *provider.Reference, g *pr return err } - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return err - } + cboxAuth := utils.GetEmptyAuth() eosACL, err := fs.getEosACL(ctx, g) if err != nil { @@ -1113,13 +1088,13 @@ func (fs *eosfs) RemoveGrant(ctx context.Context, ref *provider.Reference, g *pr Type: SystemAttr, Key: fmt.Sprintf("%s.%s", lwShareAttrKey, eosACL.Qualifier), } - if err := fs.c.UnsetAttr(ctx, rootAuth, attr, true, fn, ""); err != nil { + if err := fs.c.UnsetAttr(ctx, cboxAuth, attr, true, fn, ""); err != nil { return errors.Wrap(err, "eosfs: error removing acl for lightweight account") } return nil } - err = fs.c.RemoveACL(ctx, auth, rootAuth, fn, eosACL) + err = fs.c.RemoveACL(ctx, auth, cboxAuth, fn, eosACL) if err != nil { return errors.Wrap(err, "eosfs: error removing acl") } @@ -1198,11 +1173,10 @@ func (fs *eosfs) ListGrants(ctx context.Context, ref *provider.Reference) ([]*pr } // Now we get the real info, I know, it's ugly - auth, err = fs.getRootAuth(ctx) - if err != nil { - return nil, err - } - attrs, err := fs.c.GetAttrs(ctx, auth, fn) + // TODO(jgeens): use cbox here, or can daemon also read attrs? + cboxAuth := utils.GetEmptyAuth() + + attrs, err := fs.c.GetAttrs(ctx, cboxAuth, fn) if err != nil { return nil, err } @@ -1241,20 +1215,18 @@ func (fs *eosfs) GetMD(ctx context.Context, ref *provider.Reference, mdKeys []st p := ref.Path fn := fs.wrap(ctx, p) - userAuth, err := fs.getUserAuth(ctx, u, fn) - // We use daemon for auth because we need access to the file in order to stat it // We cannot use the current user, because the file may be a shared file // and lightweight accounts don't have a uid - // var auth eosclient.Authorization - // if u.Id.Type == userpb.UserType_USER_TYPE_GUEST || u.Id.Type == userpb.UserType_USER_TYPE_FEDERATED { - // auth, err = fs.getDaemonAuth(ctx) - // } else { - // auth, err = fs.getUserAuth(ctx, u, fn) - // } - // if err != nil { - // return nil, err - // } + var auth eosclient.Authorization + if utils.IsLightweightUser(u) { + auth = utils.GetDaemonAuth() + } else { + auth, err = fs.getUserAuth(ctx, u, fn) + } + if err != nil { + return nil, err + } if ref.ResourceId != nil { fid, err := strconv.ParseUint(ref.ResourceId.OpaqueId, 10, 64) @@ -1262,13 +1234,13 @@ func (fs *eosfs) GetMD(ctx context.Context, ref *provider.Reference, mdKeys []st return nil, fmt.Errorf("error converting string to int for eos fileid: %s", ref.ResourceId.OpaqueId) } - eosFileInfo, err := fs.c.GetFileInfoByInode(ctx, userAuth, fid) + eosFileInfo, err := fs.c.GetFileInfoByInode(ctx, auth, fid) if err != nil { return nil, err } if ref.Path != "" { - eosFileInfo, err = fs.c.GetFileInfoByPath(ctx, userAuth, filepath.Join(eosFileInfo.File, ref.Path)) + eosFileInfo, err = fs.c.GetFileInfoByPath(ctx, auth, filepath.Join(eosFileInfo.File, ref.Path)) if err != nil { return nil, err } @@ -1283,7 +1255,7 @@ func (fs *eosfs) GetMD(ctx context.Context, ref *provider.Reference, mdKeys []st } } - eosFileInfo, err := fs.c.GetFileInfoByPath(ctx, userAuth, fn) + eosFileInfo, err := fs.c.GetFileInfoByPath(ctx, auth, fn) if err != nil { return nil, err } @@ -1294,10 +1266,7 @@ func (fs *eosfs) GetMD(ctx context.Context, ref *provider.Reference, mdKeys []st func (fs *eosfs) getMDShareFolder(ctx context.Context, p string, mdKeys []string) (*provider.ResourceInfo, error) { fn := fs.wrapShadow(ctx, p) - auth, err := fs.getRootAuth(ctx) - if err != nil { - return nil, err - } + auth := utils.GetDaemonAuth() eosFileInfo, err := fs.c.GetFileInfoByPath(ctx, auth, fn) if err != nil { @@ -1426,12 +1395,9 @@ func (fs *eosfs) GetQuota(ctx context.Context, ref *provider.Reference) (uint64, } // TODO(jgeens): empty auth - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return 0, 0, err - } + cboxAuth := utils.GetEmptyAuth() - qi, err := fs.c.GetQuota(ctx, auth.Role.UID, rootAuth, fs.conf.QuotaNode) + qi, err := fs.c.GetQuota(ctx, auth.Role.UID, cboxAuth, fs.conf.QuotaNode) if err != nil { err := errors.Wrap(err, "eosfs: error getting quota") return 0, 0, err @@ -1454,17 +1420,16 @@ func (fs *eosfs) createShadowHome(ctx context.Context) error { if err != nil { return errors.Wrap(err, "eosfs: no user in ctx") } - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return nil - } + + daemonAuth := utils.GetDaemonAuth() + home := fs.wrapShadow(ctx, "/") shadowFolders := []string{fs.conf.ShareFolder} for _, sf := range shadowFolders { fn := path.Join(home, sf) // TODO(jgeens): daemon auth - _, err = fs.c.GetFileInfoByPath(ctx, rootAuth, fn) + _, err = fs.c.GetFileInfoByPath(ctx, daemonAuth, fn) if err != nil { if _, ok := err.(errtypes.IsNotFound); !ok { return errors.Wrap(err, "eosfs: error verifying if shadow directory exists") @@ -1684,10 +1649,7 @@ func (fs *eosfs) CreateReference(ctx context.Context, p string, targetURI *url.U // Current mechanism is: touch to hidden dir, set xattr, rename. dir, base := path.Split(fn) tmp := path.Join(dir, fmt.Sprintf(".sys.reva#.%s", base)) - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return nil - } + cboxAuth := utils.GetEmptyAuth() if err := fs.createUserDir(ctx, u, tmp, false); err != nil { err = errors.Wrapf(err, "eosfs: error creating temporary ref file") @@ -1701,13 +1663,13 @@ func (fs *eosfs) CreateReference(ctx context.Context, p string, targetURI *url.U Val: targetURI.String(), } - if err := fs.c.SetAttr(ctx, rootAuth, attr, false, false, tmp, ""); err != nil { + if err := fs.c.SetAttr(ctx, cboxAuth, attr, false, false, tmp, ""); err != nil { err = errors.Wrapf(err, "eosfs: error setting reva.ref attr on file: %q", tmp) return err } // rename to have the file visible in user space. - if err := fs.c.Rename(ctx, rootAuth, tmp, fn); err != nil { + if err := fs.c.Rename(ctx, cboxAuth, tmp, fn); err != nil { err = errors.Wrapf(err, "eosfs: error renaming from: %q to %q", tmp, fn) return err } @@ -2186,7 +2148,7 @@ func (fs *eosfs) permissionSet(ctx context.Context, eosFileInfo *eosclient.FileI // from the parent folder, as these, when creating a new // file are not inherited - if utils.UserIsLightweight(u) && !eosFileInfo.IsDir { + if utils.IsLightweightUser(u) && !eosFileInfo.IsDir { if parentPath, err := fs.unwrap(ctx, filepath.Dir(eosFileInfo.File)); err == nil { if parent, err := fs.GetMD(ctx, &provider.Reference{Path: parentPath}, nil); err == nil { mergePermissions(&perm, parent.PermissionSet) @@ -2429,8 +2391,7 @@ func (fs *eosfs) getUserAuth(ctx context.Context, u *userpb.User, fn string) (eo return fs.singleUserAuth, err } - if u.Id.Type == userpb.UserType_USER_TYPE_LIGHTWEIGHT || - u.Id.Type == userpb.UserType_USER_TYPE_FEDERATED { + if utils.IsLightweightUser(u) { return fs.getEOSToken(ctx, u, fn) } @@ -2442,12 +2403,8 @@ func (fs *eosfs) getEOSToken(ctx context.Context, u *userpb.User, fn string) (eo return eosclient.Authorization{}, errtypes.BadRequest("eosfs: path cannot be empty") } - // TODO(jgeens): daemon auth - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return eosclient.Authorization{}, err - } - info, err := fs.c.GetFileInfoByPath(ctx, rootAuth, fn) + daemonAuth := utils.GetDaemonAuth() + info, err := fs.c.GetFileInfoByPath(ctx, daemonAuth, fn) if err != nil { return eosclient.Authorization{}, err } @@ -2511,7 +2468,7 @@ func (fs *eosfs) getDaemonAuth(ctx context.Context) (eosclient.Authorization, er fs.singleUserAuth, err = fs.getUIDGateway(ctx, &userpb.UserId{OpaqueId: fs.conf.SingleUsername}) return fs.singleUserAuth, err } - return eosclient.Authorization{Role: eosclient.Role{UID: "2", GID: "2"}}, nil + return utils.GetDaemonAuth(), nil } type eosSysMetadata struct { @@ -2558,96 +2515,3 @@ func parseAndSetFavoriteAttr(ctx context.Context, attrs map[string]string) { // Delete the favorite attr from the response delete(attrs, FavoritesKey) } - -/* - Merge shadow on requests for /home ? - - No - GetHome(ctx context.Context) (string, error) - No -CreateHome(ctx context.Context) error - No - CreateDir(ctx context.Context, fn string) error - No -Delete(ctx context.Context, ref *provider.Reference) error - No -Move(ctx context.Context, oldRef, newRef *provider.Reference) error - No -GetMD(ctx context.Context, ref *provider.Reference) (*provider.ResourceInfo, error) - Yes -ListFolder(ctx context.Context, ref *provider.Reference) ([]*provider.ResourceInfo, error) - No -Upload(ctx context.Context, ref *provider.Reference, r io.ReadCloser) error - No -Download(ctx context.Context, ref *provider.Reference) (io.ReadCloser, error) - No -ListRevisions(ctx context.Context, ref *provider.Reference) ([]*provider.FileVersion, error) - No -DownloadRevision(ctx context.Context, ref *provider.Reference, key string) (io.ReadCloser, error) - No -RestoreRevision(ctx context.Context, ref *provider.Reference, key string) error - No ListRecycle(ctx context.Context) ([]*provider.RecycleItem, error) - No RestoreRecycleItem(ctx context.Context, key string) error - No PurgeRecycleItem(ctx context.Context, key string) error - No EmptyRecycle(ctx context.Context) error - ? GetPathByID(ctx context.Context, id *provider.Reference) (string, error) - No AddGrant(ctx context.Context, ref *provider.Reference, g *provider.Grant) error - No RemoveGrant(ctx context.Context, ref *provider.Reference, g *provider.Grant) error - No UpdateGrant(ctx context.Context, ref *provider.Reference, g *provider.Grant) error - No ListGrants(ctx context.Context, ref *provider.Reference) ([]*provider.Grant, error) - No GetQuota(ctx context.Context) (int, int, error) - No CreateReference(ctx context.Context, path string, targetURI *url.URL) error - No Shutdown(ctx context.Context) error - No SetArbitraryMetadata(ctx context.Context, ref *provider.Reference, md *provider.ArbitraryMetadata) error - No UnsetArbitraryMetadata(ctx context.Context, ref *provider.Reference, keys []string) error -*/ - -/* - Merge shadow on requests for /home/MyShares ? - - No - GetHome(ctx context.Context) (string, error) - No -CreateHome(ctx context.Context) error - No - CreateDir(ctx context.Context, fn string) error - Maybe -Delete(ctx context.Context, ref *provider.Reference) error - No -Move(ctx context.Context, oldRef, newRef *provider.Reference) error - Yes -GetMD(ctx context.Context, ref *provider.Reference) (*provider.ResourceInfo, error) - Yes -ListFolder(ctx context.Context, ref *provider.Reference) ([]*provider.ResourceInfo, error) - No -Upload(ctx context.Context, ref *provider.Reference, r io.ReadCloser) error - No -Download(ctx context.Context, ref *provider.Reference) (io.ReadCloser, error) - No -ListRevisions(ctx context.Context, ref *provider.Reference) ([]*provider.FileVersion, error) - No -DownloadRevision(ctx context.Context, ref *provider.Reference, key string) (io.ReadCloser, error) - No -RestoreRevision(ctx context.Context, ref *provider.Reference, key string) error - No ListRecycle(ctx context.Context) ([]*provider.RecycleItem, error) - No RestoreRecycleItem(ctx context.Context, key string) error - No PurgeRecycleItem(ctx context.Context, key string) error - No EmptyRecycle(ctx context.Context) error - ? GetPathByID(ctx context.Context, id *provider.Reference) (string, error) - No AddGrant(ctx context.Context, ref *provider.Reference, g *provider.Grant) error - No RemoveGrant(ctx context.Context, ref *provider.Reference, g *provider.Grant) error - No UpdateGrant(ctx context.Context, ref *provider.Reference, g *provider.Grant) error - No ListGrants(ctx context.Context, ref *provider.Reference) ([]*provider.Grant, error) - No GetQuota(ctx context.Context) (int, int, error) - No CreateReference(ctx context.Context, path string, targetURI *url.URL) error - No Shutdown(ctx context.Context) error - No SetArbitraryMetadata(ctx context.Context, ref *provider.Reference, md *provider.ArbitraryMetadata) error - No UnsetArbitraryMetadata(ctx context.Context, ref *provider.Reference, keys []string) error -*/ - -/* - Merge shadow on requests for /home/MyShares/file-reference ? - - No - GetHome(ctx context.Context) (string, error) - No -CreateHome(ctx context.Context) error - No - CreateDir(ctx context.Context, fn string) error - Maybe -Delete(ctx context.Context, ref *provider.Reference) error - Yes -Move(ctx context.Context, oldRef, newRef *provider.Reference) error - Yes -GetMD(ctx context.Context, ref *provider.Reference) (*provider.ResourceInfo, error) - No -ListFolder(ctx context.Context, ref *provider.Reference) ([]*provider.ResourceInfo, error) - No -Upload(ctx context.Context, ref *provider.Reference, r io.ReadCloser) error - No -Download(ctx context.Context, ref *provider.Reference) (io.ReadCloser, error) - No -ListRevisions(ctx context.Context, ref *provider.Reference) ([]*provider.FileVersion, error) - No -DownloadRevision(ctx context.Context, ref *provider.Reference, key string) (io.ReadCloser, error) - No -RestoreRevision(ctx context.Context, ref *provider.Reference, key string) error - No ListRecycle(ctx context.Context) ([]*provider.RecycleItem, error) - No RestoreRecycleItem(ctx context.Context, key string) error - No PurgeRecycleItem(ctx context.Context, key string) error - No EmptyRecycle(ctx context.Context) error - ? GetPathByID(ctx context.Context, id *provider.Reference) (string, error) - No AddGrant(ctx context.Context, ref *provider.Reference, g *provider.Grant) error - No RemoveGrant(ctx context.Context, ref *provider.Reference, g *provider.Grant) error - No UpdateGrant(ctx context.Context, ref *provider.Reference, g *provider.Grant) error - No ListGrants(ctx context.Context, ref *provider.Reference) ([]*provider.Grant, error) - No GetQuota(ctx context.Context) (int, int, error) - No CreateReference(ctx context.Context, path string, targetURI *url.URL) error - No Shutdown(ctx context.Context) error - Maybe SetArbitraryMetadata(ctx context.Context, ref *provider.Reference, md *provider.ArbitraryMetadata) error - Maybe UnsetArbitraryMetadata(ctx context.Context, ref *provider.Reference, keys []string) error -*/ diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go index 20b69847c0..9ebd75ccc2 100644 --- a/pkg/utils/utils.go +++ b/pkg/utils/utils.go @@ -37,6 +37,7 @@ import ( userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" + "github.com/cs3org/reva/pkg/eosclient" "github.com/cs3org/reva/pkg/registry" "github.com/cs3org/reva/pkg/registry/memory" "go.step.sm/crypto/randutil" @@ -423,9 +424,9 @@ func HasPermissions(target, toCheck *provider.ResourcePermissions) bool { return true } -// UserIsLightweight returns true if the user is a lightweight +// IsLightweightUser returns true if the user is a lightweight // or federated account. -func UserIsLightweight(u *userpb.User) bool { +func IsLightweightUser(u *userpb.User) bool { return u.Id.Type == userpb.UserType_USER_TYPE_FEDERATED || u.Id.Type == userpb.UserType_USER_TYPE_LIGHTWEIGHT } @@ -443,3 +444,15 @@ func Cast(v any, to any) { toVal = toVal.Elem() toVal.Set(reflect.ValueOf(v)) } + +func GetDaemonAuth() eosclient.Authorization { + return eosclient.Authorization{Role: eosclient.Role{UID: "2", GID: "2"}} +} + +// This function is used when we don't want to pass any additional auth info +// Because we later populate the secret key for gRPC, we will be automatically +// mapped to cbox +// So, in other words, use this function if you want to use the cbox account +func GetEmptyAuth() eosclient.Authorization { + return eosclient.Authorization{} +}