diff --git a/changelog/unreleased/recycle-bin-arbitrary-paths.md b/changelog/unreleased/recycle-bin-arbitrary-paths.md index 27b7a4f51d3..5292ba117f5 100644 --- a/changelog/unreleased/recycle-bin-arbitrary-paths.md +++ b/changelog/unreleased/recycle-bin-arbitrary-paths.md @@ -1,3 +1,4 @@ Enhancement: Allow access to recycle bin for arbitrary paths outside homes -https://github.com/cs3org/reva/pull/2165 \ No newline at end of file +https://github.com/cs3org/reva/pull/2165 +https://github.com/cs3org/reva/pull/2188 \ No newline at end of file diff --git a/pkg/cbox/storage/eoshomewrapper/eoshomewrapper.go b/pkg/cbox/storage/eoshomewrapper/eoshomewrapper.go index ec09e57eb51..7160967ff8e 100644 --- a/pkg/cbox/storage/eoshomewrapper/eoshomewrapper.go +++ b/pkg/cbox/storage/eoshomewrapper/eoshomewrapper.go @@ -16,7 +16,7 @@ // granted to it by virtue of its status as an Intergovernmental Organization // or submit itself to any jurisdiction. -package eoshome +package eoshomewrapper import ( "bytes" diff --git a/pkg/cbox/storage/eoswrapper/eoswrapper.go b/pkg/cbox/storage/eoswrapper/eoswrapper.go index bee697e6207..c9e805d8a5a 100644 --- a/pkg/cbox/storage/eoswrapper/eoswrapper.go +++ b/pkg/cbox/storage/eoswrapper/eoswrapper.go @@ -16,7 +16,7 @@ // granted to it by virtue of its status as an Intergovernmental Organization // or submit itself to any jurisdiction. -package eoshome +package eoswrapper import ( "bytes" @@ -65,6 +65,11 @@ func parseConfig(m map[string]interface{}) (*eosfs.Config, string, error) { c.VersionInvariant = true } + // allow recycle operations for project spaces + if !c.EnableHome && strings.HasPrefix(c.Namespace, eosProjectsNamespace) { + c.AllowPathRecycleOperations = true + } + t, ok := m["mount_id_template"].(string) if !ok || t == "" { t = "eoshome-{{ trimAll \"/\" .Path | substr 0 1 }}" diff --git a/pkg/storage/utils/eosfs/config.go b/pkg/storage/utils/eosfs/config.go index d86714e9241..55798af1ef5 100644 --- a/pkg/storage/utils/eosfs/config.go +++ b/pkg/storage/utils/eosfs/config.go @@ -134,6 +134,12 @@ type Config struct { // the HTTP chunked encoding WriteUsesLocalTemp bool `mapstructure:"write_uses_local_temp"` + // Whether to allow recycle operations on base paths. + // If set to true, we'll look up the owner of the passed path and perform + // operations on that user's recycle bin. + // Only considered when EnableHome is false. + AllowPathRecycleOperations bool `mapstructure:"allow_path_recycle_operations"` + // HTTP connections to EOS: max number of idle conns MaxIdleConns int `mapstructure:"max_idle_conns"` diff --git a/pkg/storage/utils/eosfs/eosfs.go b/pkg/storage/utils/eosfs/eosfs.go index b4ad63f7eb3..14977b3af01 100644 --- a/pkg/storage/utils/eosfs/eosfs.go +++ b/pkg/storage/utils/eosfs/eosfs.go @@ -1426,7 +1426,7 @@ func (fs *eosfs) EmptyRecycle(ctx context.Context) error { func (fs *eosfs) ListRecycle(ctx context.Context, basePath, key, relativePath string) ([]*provider.RecycleItem, error) { var auth eosclient.Authorization - if !fs.conf.EnableHome && basePath != "/" { + if !fs.conf.EnableHome && fs.conf.AllowPathRecycleOperations && basePath != "/" { // We need to access the recycle bin for a non-home reference. // We'll get the owner of the particular resource and impersonate them // if we have access to it. @@ -1477,7 +1477,7 @@ func (fs *eosfs) ListRecycle(ctx context.Context, basePath, key, relativePath st func (fs *eosfs) RestoreRecycleItem(ctx context.Context, basePath, key, relativePath string, restoreRef *provider.Reference) error { var auth eosclient.Authorization - if !fs.conf.EnableHome && basePath != "/" { + if !fs.conf.EnableHome && fs.conf.AllowPathRecycleOperations && basePath != "/" { // We need to access the recycle bin for a non-home reference. // We'll get the owner of the particular resource and impersonate them // if we have access to it.