From 039a4d1ca79dd6f89bc9cce1d9f0fd42635095f6 Mon Sep 17 00:00:00 2001 From: Ishank Arora Date: Mon, 18 Oct 2021 16:53:31 +0200 Subject: [PATCH] Add config to EOS fs for allowing recycle operations on arbitrary paths --- changelog/unreleased/recycle-bin-arbitrary-paths.md | 3 ++- pkg/cbox/storage/eoshomewrapper/eoshomewrapper.go | 2 +- pkg/cbox/storage/eoswrapper/eoswrapper.go | 7 ++++++- pkg/storage/utils/eosfs/config.go | 6 ++++++ pkg/storage/utils/eosfs/eosfs.go | 4 ++-- 5 files changed, 17 insertions(+), 5 deletions(-) diff --git a/changelog/unreleased/recycle-bin-arbitrary-paths.md b/changelog/unreleased/recycle-bin-arbitrary-paths.md index 27b7a4f51d..5292ba117f 100644 --- a/changelog/unreleased/recycle-bin-arbitrary-paths.md +++ b/changelog/unreleased/recycle-bin-arbitrary-paths.md @@ -1,3 +1,4 @@ Enhancement: Allow access to recycle bin for arbitrary paths outside homes -https://github.com/cs3org/reva/pull/2165 \ No newline at end of file +https://github.com/cs3org/reva/pull/2165 +https://github.com/cs3org/reva/pull/2188 \ No newline at end of file diff --git a/pkg/cbox/storage/eoshomewrapper/eoshomewrapper.go b/pkg/cbox/storage/eoshomewrapper/eoshomewrapper.go index ec09e57eb5..7160967ff8 100644 --- a/pkg/cbox/storage/eoshomewrapper/eoshomewrapper.go +++ b/pkg/cbox/storage/eoshomewrapper/eoshomewrapper.go @@ -16,7 +16,7 @@ // granted to it by virtue of its status as an Intergovernmental Organization // or submit itself to any jurisdiction. -package eoshome +package eoshomewrapper import ( "bytes" diff --git a/pkg/cbox/storage/eoswrapper/eoswrapper.go b/pkg/cbox/storage/eoswrapper/eoswrapper.go index bee697e620..c9e805d8a5 100644 --- a/pkg/cbox/storage/eoswrapper/eoswrapper.go +++ b/pkg/cbox/storage/eoswrapper/eoswrapper.go @@ -16,7 +16,7 @@ // granted to it by virtue of its status as an Intergovernmental Organization // or submit itself to any jurisdiction. -package eoshome +package eoswrapper import ( "bytes" @@ -65,6 +65,11 @@ func parseConfig(m map[string]interface{}) (*eosfs.Config, string, error) { c.VersionInvariant = true } + // allow recycle operations for project spaces + if !c.EnableHome && strings.HasPrefix(c.Namespace, eosProjectsNamespace) { + c.AllowPathRecycleOperations = true + } + t, ok := m["mount_id_template"].(string) if !ok || t == "" { t = "eoshome-{{ trimAll \"/\" .Path | substr 0 1 }}" diff --git a/pkg/storage/utils/eosfs/config.go b/pkg/storage/utils/eosfs/config.go index d86714e924..55798af1ef 100644 --- a/pkg/storage/utils/eosfs/config.go +++ b/pkg/storage/utils/eosfs/config.go @@ -134,6 +134,12 @@ type Config struct { // the HTTP chunked encoding WriteUsesLocalTemp bool `mapstructure:"write_uses_local_temp"` + // Whether to allow recycle operations on base paths. + // If set to true, we'll look up the owner of the passed path and perform + // operations on that user's recycle bin. + // Only considered when EnableHome is false. + AllowPathRecycleOperations bool `mapstructure:"allow_path_recycle_operations"` + // HTTP connections to EOS: max number of idle conns MaxIdleConns int `mapstructure:"max_idle_conns"` diff --git a/pkg/storage/utils/eosfs/eosfs.go b/pkg/storage/utils/eosfs/eosfs.go index a8efcef510..da5012e22e 100644 --- a/pkg/storage/utils/eosfs/eosfs.go +++ b/pkg/storage/utils/eosfs/eosfs.go @@ -1469,7 +1469,7 @@ func (fs *eosfs) EmptyRecycle(ctx context.Context) error { func (fs *eosfs) ListRecycle(ctx context.Context, basePath, key, relativePath string) ([]*provider.RecycleItem, error) { var auth eosclient.Authorization - if !fs.conf.EnableHome && basePath != "/" { + if !fs.conf.EnableHome && fs.conf.AllowPathRecycleOperations && basePath != "/" { // We need to access the recycle bin for a non-home reference. // We'll get the owner of the particular resource and impersonate them // if we have access to it. @@ -1520,7 +1520,7 @@ func (fs *eosfs) ListRecycle(ctx context.Context, basePath, key, relativePath st func (fs *eosfs) RestoreRecycleItem(ctx context.Context, basePath, key, relativePath string, restoreRef *provider.Reference) error { var auth eosclient.Authorization - if !fs.conf.EnableHome && basePath != "/" { + if !fs.conf.EnableHome && fs.conf.AllowPathRecycleOperations && basePath != "/" { // We need to access the recycle bin for a non-home reference. // We'll get the owner of the particular resource and impersonate them // if we have access to it.