Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

graph/sharing: Add check for role conditions #8247

Merged
merged 4 commits into from
Jan 24, 2024
Merged

graph/sharing: Add check for role conditions #8247

merged 4 commits into from
Jan 24, 2024

Conversation

rhafer
Copy link
Contributor

@rhafer rhafer commented Jan 18, 2024

Use the condition from the unifiedrole to check if the requested role is actually applicable to the selected resource.

@rhafer rhafer self-assigned this Jan 18, 2024
@update-docs Update Docs
Copy link

update-docs bot commented Jan 18, 2024

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

@rhafer
Copy link
Contributor Author

rhafer commented Jan 18, 2024
edited
Loading

Keep this is draft as we need to bump reva for getting the other part of the fix: cs3org/reva#4462

Also, I am still trying to address the FIXME part about sharing space root (which requires the Owner condition)

@rhafer rhafer force-pushed the issue/8131 branch 2 times, most recently from 920c6f6 to da31038 Compare January 22, 2024 15:12
@micbar micbar mentioned this pull request Jan 22, 2024
Closed
@rhafer rhafer force-pushed the issue/8131 branch 2 times, most recently from 3bc99ad to 26e7dc6 Compare January 23, 2024 16:52
@rhafer rhafer marked this pull request as ready for review January 23, 2024 16:53
@rhafer rhafer requested a review from fschade January 23, 2024 16:53
@saw-jan saw-jan mentioned this pull request Jan 24, 2024
Merged
9 tasks
@rhafer
graph/sharing: Fix role conditions for Space specific sharing roles
fa70d58 
Co-Owner and Manager are space specific roles. They need the UnifiedRoleConditionOwner.
@rhafer rhafer requested a review from micbar January 24, 2024 13:45
rhafer added 3 commits January 24, 2024 16:24
@rhafer
graph/sharing: Add check for role conditions
94eaa02 
Use the condition from the unifiedrole to check if the requested role
is actually applicable to the selected resource.

Fixes: owncloud#8131
@rhafer
graph/sharing: Adjust acceptance tests for latest changes
d0d74c8 
Don't try to assign space specific roles to file or directory shares in
positive tests. The API now forbids those correctly. We might want
to add negative tests for that.
@rhafer
graph/sharing: Fix role condition for space roots
69fa395 
When computing the allowed roles for a spaceroot use the correct conditions.
Spaceroots require '@Subject.objectId Any_of @Resource.owners'.

Note: Updating or deleting the permissions on a spaceroot via
'v1beta1/drives/{driveid}/items/{itemid}/permissions/{permissionid}' does still
not work.
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
73.7% Coverage on New Code
22.4% Duplication on New Code

See analysis details on SonarCloud

micbar
micbar approved these changes Jan 24, 2024
View reviewed changes
Copy link
Contributor

@micbar micbar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@rhafer rhafer merged commit da495fd into owncloud:master Jan 24, 2024
4 checks passed
@rhafer rhafer deleted the issue/8131 branch January 25, 2024 11:05
@micbar micbar mentioned this pull request Jan 26, 2024
Closed
71 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@micbar micbar micbar approved these changes

@fschade fschade Awaiting requested review from fschade

Assignees

@rhafer rhafer

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rhafer @micbar