enhancement(sharing): Simplify route for accepting shares

In theory creating the driveItem to accepting a shared resource can be done via '/v1beta1/drives/{drive-id}/item/{item-id}/children' but there is also the simplified variant via '/v1beta1/drives/{drive-id}/root/children' (aligned with the example in the spec). For now we'll just implement the latter because accepting a share will always be done via root of the sharejail drive.
2026-03-08 23:09:02 -05:00 · 2024-02-08 11:00:27 +01:00
parent f86bd76e23
commit 0a24f23164
3 changed files with 21 additions and 25 deletions
--- a/services/graph/pkg/service/v0/api_drives_drive_item.go
+++ b/services/graph/pkg/service/v0/api_drives_drive_item.go
@@ -207,17 +207,16 @@ func (api DrivesDriveItemApi) DeleteDriveItem(w http.ResponseWriter, r *http.Req
 // CreateDriveItem creates a drive item
 func (api DrivesDriveItemApi) CreateDriveItem(w http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
-	driveID, itemID, err := GetDriveAndItemIDParam(r, &api.logger)
+	driveID, err := parseIDParam(r, "driveID")
 	if err != nil {
-		msg := "invalid driveID or itemID"
-		api.logger.Debug().Err(err).Msg(msg)
-		errorcode.InvalidRequest.Render(w, r, http.StatusUnprocessableEntity, msg)
+		api.logger.Debug().Err(err).Msg("invlid driveID")
+		errorcode.InvalidRequest.Render(w, r, http.StatusUnprocessableEntity, "invalid driveID")
 		return
 	}

-	if !IsShareJail(driveID) || !IsShareJail(itemID) {
-		msg := "invalid driveID or itemID, must be share jail"
-		api.logger.Debug().Interface("driveID", driveID).Interface("itemID", itemID).Msg(msg)
+	if !IsShareJail(driveID) {
+		msg := "invalid driveID, must be share jail"
+		api.logger.Debug().Interface("driveID", driveID).Msg(msg)
 		errorcode.InvalidRequest.Render(w, r, http.StatusUnprocessableEntity, msg)
 		return
 	}
--- a/services/graph/pkg/service/v0/api_drives_drive_item_test.go
+++ b/services/graph/pkg/service/v0/api_drives_drive_item_test.go
@@ -346,7 +346,6 @@ var _ = Describe("DrivesDriveItemApi", func() {

 		rCTX = chi.NewRouteContext()
 		rCTX.URLParams.Add("driveID", "a0ca6a90-a365-4782-871e-d44447bbc668$a0ca6a90-a365-4782-871e-d44447bbc668")
-		rCTX.URLParams.Add("itemID", "a0ca6a90-a365-4782-871e-d44447bbc668$a0ca6a90-a365-4782-871e-d44447bbc668!a0ca6a90-a365-4782-871e-d44447bbc668")
 	})

 	checkDriveIDAndItemIDValidation := func(handler http.HandlerFunc) {
@@ -367,12 +366,13 @@ var _ = Describe("DrivesDriveItemApi", func() {
 		Expect(jsonData.Get("message").String()).To(Equal("invalid driveID or itemID"))
 	}

-	Describe("CreateDriveItem", func() {
+	Describe("DeleteDriveItem", func() {
 		It("validates the driveID and itemID url param", func() {
 			checkDriveIDAndItemIDValidation(httpAPI.DeleteDriveItem)
 		})

 		It("uses the UnmountShare provider implementation", func() {
+			rCTX.URLParams.Add("itemID", "a0ca6a90-a365-4782-871e-d44447bbc668$a0ca6a90-a365-4782-871e-d44447bbc668!a0ca6a90-a365-4782-871e-d44447bbc668")
 			responseRecorder := httptest.NewRecorder()

 			request := httptest.NewRequest(http.MethodDelete, "/", nil).
@@ -409,13 +409,8 @@ var _ = Describe("DrivesDriveItemApi", func() {
 	})

 	Describe("CreateDriveItem", func() {
-		It("validates the driveID and itemID url param", func() {
-			checkDriveIDAndItemIDValidation(httpAPI.CreateDriveItem)
-		})
-
 		It("checks if the idemID and driveID is in share jail", func() {
 			rCTX.URLParams.Add("driveID", "1$2")
-			rCTX.URLParams.Add("itemID", "1$2!3")

 			responseRecorder := httptest.NewRecorder()
 			request := httptest.NewRequest(http.MethodPost, "/", nil).
--- a/services/graph/pkg/service/v0/service.go
+++ b/services/graph/pkg/service/v0/service.go
@@ -227,19 +227,21 @@ func NewService(opts ...Option) (Graph, error) {
 			})
 			r.Route("/drives", func(r chi.Router) {
 				r.Get("/", svc.GetAllDrives(APIVersion_1_Beta_1))
-				r.Route("/{driveID}/items/{itemID}", func(r chi.Router) {
-					r.Delete("/", drivesDriveItemApi.DeleteDriveItem)
-					r.Post("/children", drivesDriveItemApi.CreateDriveItem)
-					r.Post("/invite", svc.Invite)
-					r.Route("/permissions", func(r chi.Router) {
-						r.Get("/", svc.ListPermissions)
-						r.Route("/{permissionID}", func(r chi.Router) {
-							r.Delete("/", svc.DeletePermission)
-							r.Patch("/", svc.UpdatePermission)
-							r.Post("/setPassword", svc.SetLinkPassword)
+				r.Route("/{driveID}", func(r chi.Router) {
+					r.Post("/root/children", drivesDriveItemApi.CreateDriveItem)
+					r.Route("/items/{itemID}", func(r chi.Router) {
+						r.Delete("/", drivesDriveItemApi.DeleteDriveItem)
+						r.Post("/invite", svc.Invite)
+						r.Route("/permissions", func(r chi.Router) {
+							r.Get("/", svc.ListPermissions)
+							r.Route("/{permissionID}", func(r chi.Router) {
+								r.Delete("/", svc.DeletePermission)
+								r.Patch("/", svc.UpdatePermission)
+								r.Post("/setPassword", svc.SetLinkPassword)
+							})
 						})
+						r.Post("/createLink", svc.CreateLink)
 					})
-					r.Post("/createLink", svc.CreateLink)
 				})
 			})
 			r.Route("/roleManagement/permissions/roleDefinitions", func(r chi.Router) {