define the constraints of a space id

[wkloucek]

Describe the bug

cs3org/reva#2854 suggests, that a space id could be a one char string. Actually we need a minimum length of 9 characters for the decomposed fs to work.

Steps to reproduce

Steps to reproduce the behavior:

1. set OCIS_ADMIN_USER_ID to something short (eg. "admin")
2. log in as admin

Expected behavior

No error happens, admin can upload stuff into the home space

Actual behavior

Error happens, admin can not upload stuff into the home space

storage-users errors:

{"level":"error","service":"storage-users","pkg":"rgrpc","traceid":"00000000000000000000000000000000","error":"internal error: malformed link","match":"/var/lib/ocis/storage/users/spacetypes/personal/admin","time":"2022-05-17T08:29:47.592776027Z","message":"could not read link, skipping"}

Additional context

We could define a minimum length of a space id. But that implicitly also introduces a minimum length of user ids, since we use the user id as home space id, too.

cc @butonic @rhafer

[micbar]

@butonic I thought that was fixed in reva. Do we need to update reva in ocis for this?

[butonic]

decomposedfs is designed with uuids in mind. cs3org/reva#2854 fixes a case where a client tries to look up a storage space with a shorter space id. decomposedfs panicked because it was trying to access a string offset that did not exist. That was a bug.

The decomposedfs currently segments

• nodeids into: 12/34/56/78/9012345678901234567890123456 requiring at least 9 characters,
• spaceids into 12/3456789012345678901234567890123456 requiring at least 3 characters,

This is always the case for uuids, but when we are trying to provision a personal space for a new user we need to generate and assign a uuid for the user.

We need to update reva anyway to get several fixes into ocis.

[martadinata666]

In my case, im using ldap to login, and prefer uid instead uuid.
Then my OCIS_ADMIN_USER_ID will be OCIS_ADMIN_USER_ID=dedyms. OCIS login fine, with admin but the storage spitting error.

ocis-app-1  | {"level":"error","service":"storage-users","pkg":"rgrpc","traceid":"00000000000000000000000000000000","error":"internal error: malformed link","match":"../../../spaces/de/dyms/nodes/de/dy/ms","time":"2022-10-11T05:22:46.536674815Z","message":"could not read link, skipping"}
ocis-app-1  | {"level":"error","service":"frontend","pkg":"rhttp","traceid":"00000000000000000000000000000000","time":"2022-10-11T05:22:46.538311083Z","message":"list spaces returned empty list"}

In this case how long the uid name needed to prevent errors? 9 chars like first post mentioned? Thanks.

[butonic]

9 chars, yes. you can use uid to login, but please add a uuid like property for you users. I recommend a custom ownclouduuid attribute that you can fill with a uuid.

names change or may be reused. you need a uuid to prevent collisions in those corner cases.

[martadinata666]

yes, thanks for the advice and confirming 9chr limits, im leaning to uid because there is ldap role issue with pre-exist ldap deployment.

[johnstonjs]

This thread has been very helpful in getting ocis to work with an OpenLDAP server. I decided to use then entryUUID, and that has worked flawlessly. It is unique and persistent with each entry, and auto-generated at creation.

LDAP_USER_SCHEMA_ID=entryUUID