diff --git a/internal/http/services/owncloud/ocs/conversions/main.go b/internal/http/services/owncloud/ocs/conversions/main.go index f0dbf0027a6..8ab0dceec68 100644 --- a/internal/http/services/owncloud/ocs/conversions/main.go +++ b/internal/http/services/owncloud/ocs/conversions/main.go @@ -28,12 +28,12 @@ import ( "github.com/cs3org/reva/pkg/publicshare" "github.com/cs3org/reva/pkg/user" - "github.com/cs3org/reva/pkg/utils" grouppb "github.com/cs3org/go-cs3apis/cs3/identity/group/v1beta1" userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" collaboration "github.com/cs3org/go-cs3apis/cs3/sharing/collaboration/v1beta1" link "github.com/cs3org/go-cs3apis/cs3/sharing/link/v1beta1" + provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" publicsharemgr "github.com/cs3org/reva/pkg/publicshare/manager/registry" usermgr "github.com/cs3org/reva/pkg/user/manager/registry" @@ -180,13 +180,12 @@ func CS3Share2ShareData(ctx context.Context, share *collaboration.Share) (*Share UIDFileOwner: LocalUserIDToString(share.GetOwner()), } - uid, gid := utils.ExtractGranteeID(share.GetGrantee()) - if uid != nil { + if share.Grantee.Type == provider.GranteeType_GRANTEE_TYPE_USER { sd.ShareType = ShareTypeUser - sd.ShareWith = LocalUserIDToString(uid) - } else if gid != nil { + sd.ShareWith = LocalUserIDToString(share.Grantee.GetUserId()) + } else if share.Grantee.Type == provider.GranteeType_GRANTEE_TYPE_USER { sd.ShareType = ShareTypeGroup - sd.ShareWith = LocalGroupIDToString(gid) + sd.ShareWith = LocalGroupIDToString(share.Grantee.GetGroupId()) } if share.Id != nil { diff --git a/pkg/cbox/share/sql/conversions.go b/pkg/cbox/share/sql/conversions.go index d9c12ef1afd..5e24fdea75c 100644 --- a/pkg/cbox/share/sql/conversions.go +++ b/pkg/cbox/share/sql/conversions.go @@ -27,20 +27,18 @@ import ( collaboration "github.com/cs3org/go-cs3apis/cs3/sharing/collaboration/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" typespb "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/pkg/utils" ) func formatGrantee(g *provider.Grantee) (int, string) { var granteeType int var formattedID string - uid, gid := utils.ExtractGranteeID(g) switch g.Type { case provider.GranteeType_GRANTEE_TYPE_USER: granteeType = 0 - formattedID = formatUserID(uid) + formattedID = formatUserID(g.GetUserId()) case provider.GranteeType_GRANTEE_TYPE_GROUP: granteeType = 1 - formattedID = gid.OpaqueId + formattedID = formatGroupID(g.GetGroupId()) default: granteeType = -1 } @@ -55,7 +53,7 @@ func extractGrantee(t int, g string) *provider.Grantee { grantee.Id = &provider.Grantee_UserId{UserId: extractUserID(g)} case 1: grantee.Type = provider.GranteeType_GRANTEE_TYPE_GROUP - grantee.Id = &provider.Grantee_GroupId{GroupId: &grouppb.GroupId{OpaqueId: g}} + grantee.Id = &provider.Grantee_GroupId{GroupId: extractGroupID(g)} default: grantee.Type = provider.GranteeType_GRANTEE_TYPE_INVALID } @@ -150,6 +148,21 @@ func extractUserID(u string) *userpb.UserId { return &userpb.UserId{OpaqueId: parts[0]} } +func formatGroupID(u *grouppb.GroupId) string { + if u.Idp != "" { + return fmt.Sprintf("%s:%s", u.OpaqueId, u.Idp) + } + return u.OpaqueId +} + +func extractGroupID(u string) *grouppb.GroupId { + parts := strings.Split(u, ":") + if len(parts) > 1 { + return &grouppb.GroupId{OpaqueId: parts[0], Idp: parts[1]} + } + return &grouppb.GroupId{OpaqueId: parts[0]} +} + func convertToCS3Share(s dbShare) *collaboration.Share { ts := &typespb.Timestamp{ Seconds: uint64(s.STime), diff --git a/pkg/share/manager/json/json.go b/pkg/share/manager/json/json.go index 8dc8709da3d..b146428c2ed 100644 --- a/pkg/share/manager/json/json.go +++ b/pkg/share/manager/json/json.go @@ -130,11 +130,10 @@ func (m *shareModel) Save() error { temp.Shares = []*collaboration.Share{} for i := range m.Shares { s := *m.Shares[i] - u, g := utils.ExtractGranteeID(s.Grantee) if s.Grantee.Type == provider.GranteeType_GRANTEE_TYPE_USER { - temp.Grantees = append(temp.Grantees, u) + temp.Grantees = append(temp.Grantees, s.Grantee.GetUserId()) } else if s.Grantee.Type == provider.GranteeType_GRANTEE_TYPE_GROUP { - temp.Grantees = append(temp.Grantees, g) + temp.Grantees = append(temp.Grantees, s.Grantee.GetGroupId()) } s.Grantee = &provider.Grantee{Type: s.Grantee.Type} temp.Shares = append(temp.Shares, &s) diff --git a/pkg/storage/fs/ocis/grants.go b/pkg/storage/fs/ocis/grants.go index 231f9c3d71f..329a4711655 100644 --- a/pkg/storage/fs/ocis/grants.go +++ b/pkg/storage/fs/ocis/grants.go @@ -124,7 +124,7 @@ func (fs *ocisfs) RemoveGrant(ctx context.Context, ref *provider.Reference, g *p var attr string if g.Grantee.Type == provider.GranteeType_GRANTEE_TYPE_GROUP { - attr = grantPrefix + _groupAcePrefix + g.Grantee.GetUserId().OpaqueId + attr = grantPrefix + _groupAcePrefix + g.Grantee.GetGroupId().OpaqueId } else { attr = grantPrefix + _userAcePrefix + g.Grantee.GetUserId().OpaqueId } diff --git a/pkg/storage/fs/owncloud/owncloud.go b/pkg/storage/fs/owncloud/owncloud.go index 0ff35a4ae0b..7625b0ca773 100644 --- a/pkg/storage/fs/owncloud/owncloud.go +++ b/pkg/storage/fs/owncloud/owncloud.go @@ -1064,7 +1064,7 @@ func (fs *ocfs) RemoveGrant(ctx context.Context, ref *provider.Reference, g *pro var attr string if g.Grantee.Type == provider.GranteeType_GRANTEE_TYPE_GROUP { - attr = sharePrefix + "g:" + g.Grantee.GetUserId().OpaqueId + attr = sharePrefix + "g:" + g.Grantee.GetGroupId().OpaqueId } else { attr = sharePrefix + "u:" + g.Grantee.GetUserId().OpaqueId } diff --git a/pkg/storage/fs/s3ng/grants.go b/pkg/storage/fs/s3ng/grants.go index b29682ff98f..f669d8b2111 100644 --- a/pkg/storage/fs/s3ng/grants.go +++ b/pkg/storage/fs/s3ng/grants.go @@ -126,7 +126,7 @@ func (fs *s3ngfs) RemoveGrant(ctx context.Context, ref *provider.Reference, g *p var attr string if g.Grantee.Type == provider.GranteeType_GRANTEE_TYPE_GROUP { - attr = xattrs.GrantPrefix + xattrs.GroupAcePrefix + g.Grantee.GetUserId().OpaqueId + attr = xattrs.GrantPrefix + xattrs.GroupAcePrefix + g.Grantee.GetGroupId().OpaqueId } else { attr = xattrs.GrantPrefix + xattrs.UserAcePrefix + g.Grantee.GetUserId().OpaqueId } diff --git a/pkg/storage/utils/ace/ace.go b/pkg/storage/utils/ace/ace.go index a512cbaaacf..1057abb0827 100644 --- a/pkg/storage/utils/ace/ace.go +++ b/pkg/storage/utils/ace/ace.go @@ -24,6 +24,7 @@ import ( "strconv" "strings" + grouppb "github.com/cs3org/go-cs3apis/cs3/identity/group/v1beta1" userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" ) @@ -132,7 +133,7 @@ func FromGrant(g *provider.Grant) *ACE { } if g.Grantee.Type == provider.GranteeType_GRANTEE_TYPE_GROUP { e.flags = "g" - e.principal = "g:" + g.Grantee.GetUserId().OpaqueId + e.principal = "g:" + g.Grantee.GetGroupId().OpaqueId } else { e.principal = "u:" + g.Grantee.GetUserId().OpaqueId } @@ -180,13 +181,18 @@ func Unmarshal(principal string, v []byte) (e *ACE, err error) { // Grant returns a CS3 grant func (e *ACE) Grant() *provider.Grant { - return &provider.Grant{ + g := &provider.Grant{ Grantee: &provider.Grantee{ - Id: &provider.Grantee_UserId{UserId: &userpb.UserId{OpaqueId: e.principal}}, Type: e.granteeType(), }, Permissions: e.grantPermissionSet(), } + if e.granteeType() == provider.GranteeType_GRANTEE_TYPE_GROUP { + g.Grantee.Id = &provider.Grantee_GroupId{GroupId: &grouppb.GroupId{OpaqueId: e.principal}} + } else if e.granteeType() == provider.GranteeType_GRANTEE_TYPE_USER { + g.Grantee.Id = &provider.Grantee_UserId{UserId: &userpb.UserId{OpaqueId: e.principal}} + } + return g } // granteeType returns the CS3 grantee type diff --git a/pkg/storage/utils/localfs/localfs.go b/pkg/storage/utils/localfs/localfs.go index 5e78473fc91..60921a416cf 100644 --- a/pkg/storage/utils/localfs/localfs.go +++ b/pkg/storage/utils/localfs/localfs.go @@ -31,6 +31,7 @@ import ( "strings" "time" + grouppb "github.com/cs3org/go-cs3apis/cs3/identity/group/v1beta1" userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" @@ -432,7 +433,12 @@ func (fs *localfs) AddGrant(ctx context.Context, ref *provider.Reference, g *pro if err != nil { return errors.Wrap(err, "localfs: error getting grantee type") } - grantee := fmt.Sprintf("%s:%s@%s", granteeType, g.Grantee.GetUserId().OpaqueId, g.Grantee.GetUserId().Idp) + var grantee string + if granteeType == "u" { + grantee = fmt.Sprintf("%s:%s@%s", granteeType, g.Grantee.GetUserId().OpaqueId, g.Grantee.GetUserId().Idp) + } else if granteeType == "g" { + grantee = fmt.Sprintf("%s:%s@%s", granteeType, g.Grantee.GetGroupId().OpaqueId, g.Grantee.GetGroupId().Idp) + } err = fs.addToACLDB(ctx, fn, grantee, role) if err != nil { @@ -461,9 +467,12 @@ func (fs *localfs) ListGrants(ctx context.Context, ref *provider.Reference) ([]* if err != nil { return nil, errors.Wrap(err, "localfs: error scanning db rows") } - grantee := &provider.Grantee{ - Id: &provider.Grantee_UserId{UserId: &userpb.UserId{OpaqueId: granteeID[2:]}}, - Type: grants.GetGranteeType(string(granteeID[0])), + grantee := &provider.Grantee{Type: grants.GetGranteeType(string(granteeID[0]))} + parts := strings.Split(granteeID[2:], "@") + if granteeID[0] == 'u' { + grantee.Id = &provider.Grantee_UserId{UserId: &userpb.UserId{OpaqueId: parts[0], Idp: parts[1]}} + } else if granteeID[0] == 'g' { + grantee.Id = &provider.Grantee_GroupId{GroupId: &grouppb.GroupId{OpaqueId: parts[0], Idp: parts[1]}} } permissions := grants.GetGrantPermissionSet(role) @@ -487,7 +496,12 @@ func (fs *localfs) RemoveGrant(ctx context.Context, ref *provider.Reference, g * if err != nil { return errors.Wrap(err, "localfs: error getting grantee type") } - grantee := fmt.Sprintf("%s:%s@%s", granteeType, g.Grantee.GetUserId().OpaqueId, g.Grantee.GetUserId().Idp) + var grantee string + if granteeType == "u" { + grantee = fmt.Sprintf("%s:%s@%s", granteeType, g.Grantee.GetUserId().OpaqueId, g.Grantee.GetUserId().Idp) + } else if granteeType == "g" { + grantee = fmt.Sprintf("%s:%s@%s", granteeType, g.Grantee.GetGroupId().OpaqueId, g.Grantee.GetGroupId().Idp) + } err = fs.removeFromACLDB(ctx, fn, grantee) if err != nil {