From c463559ee730808a7243a352e41b0f2f08d4c9f3 Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Thu, 7 Nov 2024 16:50:52 +0100 Subject: [PATCH] fix(graph/ocm): Fix ocm share creation when user is in cache Federated users are sharing the cache with regular users. So can't we need to check the user type to determine if the user is federated. Fixes #10488 --- services/graph/pkg/service/v0/api_driveitem_permissions.go | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/services/graph/pkg/service/v0/api_driveitem_permissions.go b/services/graph/pkg/service/v0/api_driveitem_permissions.go index a015ee6479..ed2d4874e5 100644 --- a/services/graph/pkg/service/v0/api_driveitem_permissions.go +++ b/services/graph/pkg/service/v0/api_driveitem_permissions.go @@ -168,11 +168,9 @@ func (s DriveItemPermissionsService) Invite(ctx context.Context, resourceId *sto shareid = createShareResponse.GetShare().GetId().GetOpaqueId() expiration = createShareResponse.GetShare().GetExpiration() default: - federated := false user, err := s.identityCache.GetUser(ctx, objectID) if errors.Is(err, identity.ErrNotFound) && s.config.IncludeOCMSharees { user, err = s.identityCache.GetAcceptedUser(ctx, objectID) - federated = true if err == nil && IsSpaceRoot(statResponse.GetInfo().GetId()) { return libregraph.Permission{}, errorcode.New(errorcode.InvalidRequest, "federated user can not become a space member") } @@ -189,7 +187,7 @@ func (s DriveItemPermissionsService) Invite(ctx context.Context, resourceId *sto }, } - if federated { + if user.GetUserType() == identity.UserTypeFederated { if len(user.Identities) < 1 { return libregraph.Permission{}, errorcode.New(errorcode.InvalidRequest, "user has no federated identity") }