From 229465f08832f9f1e3c8add4f0ded637c348de1d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20M=C3=BCller?= Date: Thu, 23 Mar 2023 11:25:48 +0100 Subject: [PATCH 1/5] Expose service states --- pkg/mentix/connectors/gocdb.go | 20 +++++++++++++------- pkg/mentix/connectors/gocdb/types.go | 14 ++++++++------ pkg/mentix/meshdata/service.go | 14 ++++++++------ 3 files changed, 29 insertions(+), 19 deletions(-) diff --git a/pkg/mentix/connectors/gocdb.go b/pkg/mentix/connectors/gocdb.go index bee88d25a9..0cfca00f36 100644 --- a/pkg/mentix/connectors/gocdb.go +++ b/pkg/mentix/connectors/gocdb.go @@ -230,7 +230,7 @@ func (connector *GOCDBConnector) queryServices(meshData *meshdata.MeshData, site Name: endpoint.Name, RawURL: endpoint.URL, URL: getServiceURLString(service, endpoint, host), - IsMonitored: strings.EqualFold(endpoint.IsMonitored, "Y"), + IsMonitored: connector.convertStringToBool(endpoint.IsMonitored), Properties: connector.extensionsToMap(&endpoint.Extensions), }) } @@ -238,12 +238,14 @@ func (connector *GOCDBConnector) queryServices(meshData *meshdata.MeshData, site // Add the service to the site site.Services = append(site.Services, &meshdata.Service{ ServiceEndpoint: &meshdata.ServiceEndpoint{ - Type: connector.findServiceType(meshData, service.Type), - Name: service.Type, - RawURL: service.URL, - URL: getServiceURLString(service, nil, host), - IsMonitored: strings.EqualFold(service.IsMonitored, "Y"), - Properties: connector.extensionsToMap(&service.Extensions), + Type: connector.findServiceType(meshData, service.Type), + Name: service.Type, + RawURL: service.URL, + URL: getServiceURLString(service, nil, host), + IsInProduction: connector.convertStringToBool(service.IsInProduction), + IsBeta: connector.convertStringToBool(service.IsBeta), + IsMonitored: connector.convertStringToBool(service.IsMonitored), + Properties: connector.extensionsToMap(&service.Extensions), }, Host: host, AdditionalEndpoints: endpoints, @@ -332,6 +334,10 @@ func (connector *GOCDBConnector) getServiceURL(service *gocdb.Service, endpoint return svcURL, nil } +func (connector *GOCDBConnector) convertStringToBool(s string) bool { + return strings.EqualFold(s, "Y") +} + // GetID returns the ID of the connector. func (connector *GOCDBConnector) GetID() string { return config.ConnectorIDGOCDB diff --git a/pkg/mentix/connectors/gocdb/types.go b/pkg/mentix/connectors/gocdb/types.go index c5b37c7528..291272c1dc 100755 --- a/pkg/mentix/connectors/gocdb/types.go +++ b/pkg/mentix/connectors/gocdb/types.go @@ -89,12 +89,14 @@ type ServiceEndpoints struct { // Service represents a service in GOCDB. type Service struct { - Host string `xml:"HOSTNAME"` - Type string `xml:"SERVICE_TYPE"` - IsMonitored string `xml:"NODE_MONITORED"` - URL string `xml:"URL"` - Endpoints ServiceEndpoints `xml:"ENDPOINTS"` - Extensions Extensions `xml:"EXTENSIONS"` + Host string `xml:"HOSTNAME"` + Type string `xml:"SERVICE_TYPE"` + IsInProduction string `xml:"IN_PRODUCTION"` + IsBeta string `xml:"BETA"` + IsMonitored string `xml:"NODE_MONITORED"` + URL string `xml:"URL"` + Endpoints ServiceEndpoints `xml:"ENDPOINTS"` + Extensions Extensions `xml:"EXTENSIONS"` } // Services is a list of Service objects. diff --git a/pkg/mentix/meshdata/service.go b/pkg/mentix/meshdata/service.go index 3310f6dad2..29471bde80 100644 --- a/pkg/mentix/meshdata/service.go +++ b/pkg/mentix/meshdata/service.go @@ -92,12 +92,14 @@ func (serviceType *ServiceType) Verify() error { // ServiceEndpoint represents a service endpoint managed by Mentix. type ServiceEndpoint struct { - Type *ServiceType - Name string - RawURL string - URL string - IsMonitored bool - Properties map[string]string + Type *ServiceType + Name string + RawURL string + URL string + IsInProduction bool + IsBeta bool + IsMonitored bool + Properties map[string]string } // InferMissingData infers missing data from other data where possible. From 4b2c6a7e95cf43a627060e4a26452919621067b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20M=C3=BCller?= Date: Thu, 23 Mar 2023 11:52:29 +0100 Subject: [PATCH 2/5] Expose new flags through cs3 endpoint --- pkg/mentix/connectors/gocdb.go | 32 ++++++++++--------- pkg/mentix/connectors/gocdb/types.go | 24 +++++++------- .../exchangers/exporters/cs3api/query.go | 21 ++++++++++-- pkg/mentix/meshdata/properties.go | 9 ++++++ pkg/mentix/meshdata/site.go | 28 ++++++++-------- 5 files changed, 73 insertions(+), 41 deletions(-) diff --git a/pkg/mentix/connectors/gocdb.go b/pkg/mentix/connectors/gocdb.go index 0cfca00f36..1d1ecf0f05 100644 --- a/pkg/mentix/connectors/gocdb.go +++ b/pkg/mentix/connectors/gocdb.go @@ -172,21 +172,23 @@ func (connector *GOCDBConnector) querySites(meshData *meshdata.MeshData, op *mes organization := meshdata.GetPropertyValue(properties, meshdata.PropertyOrganization, site.OfficialName) meshsite := &meshdata.Site{ - ID: siteID, - Name: site.ShortName, - FullName: site.OfficialName, - Organization: organization, - Domain: site.Domain, - Homepage: site.Homepage, - Email: site.Email, - Description: site.Description, - Country: site.Country, - CountryCode: site.CountryCode, - Longitude: site.Longitude, - Latitude: site.Latitude, - Services: nil, - Properties: properties, - Downtimes: meshdata.Downtimes{}, + ID: siteID, + Name: site.ShortName, + FullName: site.OfficialName, + Organization: organization, + Domain: site.Domain, + Infrastructure: site.Infrastructure, + Certification: site.Certification, + Homepage: site.Homepage, + Email: site.Email, + Description: site.Description, + Country: site.Country, + CountryCode: site.CountryCode, + Longitude: site.Longitude, + Latitude: site.Latitude, + Services: nil, + Properties: properties, + Downtimes: meshdata.Downtimes{}, } op.Sites = append(op.Sites, meshsite) } diff --git a/pkg/mentix/connectors/gocdb/types.go b/pkg/mentix/connectors/gocdb/types.go index 291272c1dc..73bb3a6e8c 100755 --- a/pkg/mentix/connectors/gocdb/types.go +++ b/pkg/mentix/connectors/gocdb/types.go @@ -55,17 +55,19 @@ type NGIs struct { // Site represents a site in GOCDB. type Site struct { - ShortName string `xml:"SHORT_NAME"` - OfficialName string `xml:"OFFICIAL_NAME"` - Description string `xml:"SITE_DESCRIPTION"` - Homepage string `xml:"HOME_URL"` - Email string `xml:"CONTACT_EMAIL"` - Domain string `xml:"DOMAIN>DOMAIN_NAME"` - Country string `xml:"COUNTRY"` - CountryCode string `xml:"COUNTRY_CODE"` - Latitude float32 `xml:"LATITUDE"` - Longitude float32 `xml:"LONGITUDE"` - Extensions Extensions `xml:"EXTENSIONS"` + ShortName string `xml:"SHORT_NAME"` + OfficialName string `xml:"OFFICIAL_NAME"` + Description string `xml:"SITE_DESCRIPTION"` + Homepage string `xml:"HOME_URL"` + Email string `xml:"CONTACT_EMAIL"` + Domain string `xml:"DOMAIN>DOMAIN_NAME"` + Infrastructure string `xml:"PRODUCTION_INFRASTRUCTURE"` + Certification string `xml:"CERTIFICATION_STATUS"` + Country string `xml:"COUNTRY"` + CountryCode string `xml:"COUNTRY_CODE"` + Latitude float32 `xml:"LATITUDE"` + Longitude float32 `xml:"LONGITUDE"` + Extensions Extensions `xml:"EXTENSIONS"` } // Sites is a list of Site objects. diff --git a/pkg/mentix/exchangers/exporters/cs3api/query.go b/pkg/mentix/exchangers/exporters/cs3api/query.go index e8652aa7d0..9736a58a95 100644 --- a/pkg/mentix/exchangers/exporters/cs3api/query.go +++ b/pkg/mentix/exchangers/exporters/cs3api/query.go @@ -23,6 +23,7 @@ import ( "fmt" "net/http" "net/url" + "strconv" "strings" ocmprovider "github.com/cs3org/go-cs3apis/cs3/ocm/provider/v1beta1" @@ -95,7 +96,11 @@ func convertMeshDataToOCMData(meshData *meshdata.MeshData, elevatedServiceTypes Services: services, Properties: site.Properties, } - provider.Properties[strings.ToUpper(meshdata.PropertyOperator)] = op.ID // Propagate the operator ID as a property + // Propagate the operator ID as a property + setPropertyValue(provider.Properties, meshdata.PropertyOperator, op.ID) + // Expose additional site details as properties + setPropertyValue(provider.Properties, meshdata.PropertyInfrastructure, site.Infrastructure) + setPropertyValue(provider.Properties, meshdata.PropertyCertification, site.Certification) providers = append(providers, provider) } } @@ -103,6 +108,14 @@ func convertMeshDataToOCMData(meshData *meshdata.MeshData, elevatedServiceTypes } func convertServiceEndpointToOCMData(endpoint *meshdata.ServiceEndpoint, log *zerolog.Logger) *ocmprovider.ServiceEndpoint { + properties := make(map[string]string, 10) + for k, v := range endpoint.Properties { + properties[k] = v + } + // Expose additional service details as properties + setPropertyValue(properties, meshdata.PropertyIsInProduction, strconv.FormatBool(endpoint.IsInProduction)) + setPropertyValue(properties, meshdata.PropertyIsBeta, strconv.FormatBool(endpoint.IsBeta)) + return &ocmprovider.ServiceEndpoint{ Type: &ocmprovider.ServiceType{ Name: endpoint.Type.Name, @@ -111,6 +124,10 @@ func convertServiceEndpointToOCMData(endpoint *meshdata.ServiceEndpoint, log *ze Name: endpoint.Name, Path: normalizeURLPath(endpoint.URL, log), IsMonitored: endpoint.IsMonitored, - Properties: endpoint.Properties, + Properties: properties, } } + +func setPropertyValue(properties map[string]string, key string, value string) { + properties[strings.ToUpper(key)] = value +} diff --git a/pkg/mentix/meshdata/properties.go b/pkg/mentix/meshdata/properties.go index 3e04bd193f..a2cc6e282b 100644 --- a/pkg/mentix/meshdata/properties.go +++ b/pkg/mentix/meshdata/properties.go @@ -30,6 +30,15 @@ const ( // PropertyAPIVersion identifies the API version property. PropertyAPIVersion = "api_version" + + // PropertyInfrastructure identifies the infrastructure type of a site. + PropertyInfrastructure = "infrastructure" + // PropertyCertification identifies the certification status of a site. + PropertyCertification = "certification" + // PropertyIsInProduction identifies if a service is in production. + PropertyIsInProduction = "in_production" + // PropertyIsBeta identifies if a service is in beta. + PropertyIsBeta = "beta" ) // GetPropertyValue performs a case-insensitive search for the given property. diff --git a/pkg/mentix/meshdata/site.go b/pkg/mentix/meshdata/site.go index 1a7459a232..7840e2b17d 100644 --- a/pkg/mentix/meshdata/site.go +++ b/pkg/mentix/meshdata/site.go @@ -28,19 +28,21 @@ import ( // Site represents a single site managed by Mentix. type Site struct { - ID string - Name string - FullName string - Organization string - Domain string - Homepage string - Email string - Description string - Country string - CountryCode string - Location string - Latitude float32 - Longitude float32 + ID string + Name string + FullName string + Organization string + Domain string + Infrastructure string + Certification string + Homepage string + Email string + Description string + Country string + CountryCode string + Location string + Latitude float32 + Longitude float32 Services []*Service Properties map[string]string From a15dc1b32def75b9d40e982d978024f0c203140c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20M=C3=BCller?= Date: Fri, 24 Mar 2023 14:16:24 +0100 Subject: [PATCH 3/5] Add changelog --- changelog/unreleased/mentix-prodflags.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 changelog/unreleased/mentix-prodflags.md diff --git a/changelog/unreleased/mentix-prodflags.md b/changelog/unreleased/mentix-prodflags.md new file mode 100644 index 0000000000..89d3c898be --- /dev/null +++ b/changelog/unreleased/mentix-prodflags.md @@ -0,0 +1,5 @@ +Enhancement: New metadata flags + +Several new flags, like site infrastructure and service status, are now gathered and exposed by Mentix. + +https://github.com/cs3org/reva/pull/3750 From fe16fd97def18e6ff9126799075ce10874c8a9c3 Mon Sep 17 00:00:00 2001 From: Gianmaria Del Monte <39946305+gmgigi96@users.noreply.github.com> Date: Mon, 17 Apr 2023 12:29:04 +0200 Subject: [PATCH 4/5] Fix unshare for EOS storage driver (#3794) --- changelog/unreleased/fix-unshare-eos.md | 9 +++++++++ pkg/eosclient/eosbinary/eosbinary.go | 1 + 2 files changed, 10 insertions(+) create mode 100644 changelog/unreleased/fix-unshare-eos.md diff --git a/changelog/unreleased/fix-unshare-eos.md b/changelog/unreleased/fix-unshare-eos.md new file mode 100644 index 0000000000..bf8df7dc4e --- /dev/null +++ b/changelog/unreleased/fix-unshare-eos.md @@ -0,0 +1,9 @@ +Bugfix: Fix unshare for EOS storage driver + +In the EOS storage driver, the remove acl operation was a no-op. +After removing a share, the recipient of the share was still able +to operate on the shared resource. +Now this has been fixed, removing correctly the ACL from the shared +resource. + +https://github.com/cs3org/reva/pull/3794 diff --git a/pkg/eosclient/eosbinary/eosbinary.go b/pkg/eosclient/eosbinary/eosbinary.go index fca2194f32..b120719363 100644 --- a/pkg/eosclient/eosbinary/eosbinary.go +++ b/pkg/eosclient/eosbinary/eosbinary.go @@ -314,6 +314,7 @@ func (c *Client) RemoveACL(ctx context.Context, auth, rootAuth eosclient.Authori return err } + a.Permissions = "" sysACL := a.CitrineSerialize() args := []string{"acl", "--sys"} if finfo.IsDir { From debf6a1eacb8fec21700b0225bb2359bf214a9bd Mon Sep 17 00:00:00 2001 From: Giuseppe Lo Presti Date: Thu, 20 Apr 2023 17:24:46 +0200 Subject: [PATCH 5/5] apps: fixed viewMode resolution by making permissions override user's choices (#3805) --- changelog/unreleased/apps-viewmode.md | 6 ++++++ internal/http/services/appprovider/appprovider.go | 14 +++++++++----- 2 files changed, 15 insertions(+), 5 deletions(-) create mode 100644 changelog/unreleased/apps-viewmode.md diff --git a/changelog/unreleased/apps-viewmode.md b/changelog/unreleased/apps-viewmode.md new file mode 100644 index 0000000000..634c08d3f7 --- /dev/null +++ b/changelog/unreleased/apps-viewmode.md @@ -0,0 +1,6 @@ +Bugfix: Apps: fixed viewMode resolution + +Currently, the viewMode passed on /app/open is taken without validating +the actual user's permissions. This PR fixes this. + +https://github.com/cs3org/reva/pull/3805 diff --git a/internal/http/services/appprovider/appprovider.go b/internal/http/services/appprovider/appprovider.go index c4366dc148..c57d9fbc78 100644 --- a/internal/http/services/appprovider/appprovider.go +++ b/internal/http/services/appprovider/appprovider.go @@ -449,19 +449,23 @@ func filterAppsByUserAgent(mimeTypes []*appregistry.MimeTypeInfo, userAgent stri } func resolveViewMode(res *provider.ResourceInfo, vm string) gateway.OpenInAppRequest_ViewMode { + var viewMode gateway.OpenInAppRequest_ViewMode if vm != "" { - return utils.GetViewMode(vm) + viewMode = utils.GetViewMode(vm) + } else { + viewMode = gateway.OpenInAppRequest_VIEW_MODE_READ_WRITE } - - var viewMode gateway.OpenInAppRequest_ViewMode canEdit := res.PermissionSet.InitiateFileUpload canView := res.PermissionSet.InitiateFileDownload switch { case canEdit && canView: - viewMode = gateway.OpenInAppRequest_VIEW_MODE_READ_WRITE + // ok case canView: - viewMode = gateway.OpenInAppRequest_VIEW_MODE_READ_ONLY + if viewMode == gateway.OpenInAppRequest_VIEW_MODE_READ_WRITE || viewMode == gateway.OpenInAppRequest_VIEW_MODE_PREVIEW { + // downgrade to the maximum permitted viewmode + viewMode = gateway.OpenInAppRequest_VIEW_MODE_READ_ONLY + } default: // no permissions, will return access denied viewMode = gateway.OpenInAppRequest_VIEW_MODE_INVALID