remove unused system user initialization

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
2026-02-25 15:09:27 -06:00 · 2022-05-02 11:30:36 +00:00
parent 7dd486ba17
commit 161c23976f
6 changed files with 6 additions and 84 deletions
--- a/extensions/idm/ldif/base.ldif.tmpl
+++ b/extensions/idm/ldif/base.ldif.tmpl
@@ -40,17 +40,4 @@ userPassword:: {{ .Password }}

 {{ end -}}

-## Service user for the settings service
-dn: uid=95cb8724-03b2-11eb-a0a6-c33ef8ef53ad,ou=users,o=libregraph-idm
-objectClass: inetOrgPerson
-objectClass: organizationalPerson
-objectClass: ownCloud
-objectClass: person
-objectClass: top
-uid: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad
-givenName: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad
-sn: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad
-cn: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad
-displayName: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad
-ownCloudUUID: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad

--- a/extensions/settings/pkg/config/defaults/defaultconfig.go
+++ b/extensions/settings/pkg/config/defaults/defaultconfig.go
@@ -50,7 +50,7 @@ func DefaultConfig() *config.Config {
 		},

 		Metadata: config.Metadata{
-			GatewayAddress: "127.0.0.1:9215",
+			GatewayAddress: "127.0.0.1:9215", // metadata storage
 			StorageAddress: "127.0.0.1:9215",
 			ServiceUserID:  "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
 			ServiceUserIDP: "internal",
--- a/extensions/settings/pkg/service/v0/settings.go
+++ b/extensions/settings/pkg/service/v0/settings.go
@@ -6,9 +6,6 @@ import (
 )

 const (
-	// BundleUUIDRoleMetadata represents the metadata user role
-	BundleUUIDRoleMetadata = "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad"
-
 	// BundleUUIDRoleAdmin represents the admin role
 	BundleUUIDRoleAdmin = "71881883-1768-46bd-a24d-a356a2afdf7f"

@@ -532,34 +529,11 @@ func generatePermissionRequests() []*settingssvc.AddSettingToBundleRequest {
 				},
 			},
 		},
-		{
-			BundleId: BundleUUIDRoleMetadata,
-			Setting: &settingsmsg.Setting{
-				Id:          CreateSpacePermissionID,
-				Name:        CreateSpacePermissionName,
-				DisplayName: "Create own Space",
-				Description: "This permission allows to create a space owned by the current user.",
-				Resource: &settingsmsg.Resource{
-					Type: settingsmsg.Resource_TYPE_SYSTEM, // TODO resource type space? self? me? own?
-				},
-				Value: &settingsmsg.Setting_PermissionValue{
-					PermissionValue: &settingsmsg.Permission{
-						Operation:  settingsmsg.Permission_OPERATION_CREATE,
-						Constraint: settingsmsg.Permission_CONSTRAINT_OWN,
-					},
-				},
-			},
-		},
 	}
 }

 func defaultRoleAssignments() []*settingsmsg.UserRoleAssignment {
 	return []*settingsmsg.UserRoleAssignment{
-		// accounts service user for the metadata user is allowed to create spaces
-		{
-			AccountUuid: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
-			RoleId:      BundleUUIDRoleAdmin,
-		},
 		// default admin users
 		{
 			AccountUuid: "058bff95-6708-4fe5-91e4-9ea3d377588b",
--- a/extensions/settings/pkg/store/defaults/defaults.go
+++ b/extensions/settings/pkg/store/defaults/defaults.go
@@ -17,9 +17,6 @@ const (
 	// BundleUUIDRoleGuest represents the guest role.
 	BundleUUIDRoleGuest = "38071a68-456a-4553-846a-fa67bf5596cc"

-	// BundleUUIDRoleMetadata represents the metadata user role
-	BundleUUIDRoleMetadata = "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad"
-
 	// RoleManagementPermissionID is the hardcoded setting UUID for the role management permission
 	RoleManagementPermissionID string = "a53e601e-571f-4f86-8fec-d4576ef49c62"
 	// RoleManagementPermissionName is the hardcoded setting name for the role management permission
@@ -68,7 +65,6 @@ func GenerateBundlesDefaultRoles() []*settingsmsg.Bundle {
 		generateBundleUserRole(),
 		generateBundleGuestRole(),
 		generateBundleProfileRequest(),
-		generateBundleMetadataRole(),
 		generateBundleSpaceAdminRole(),
 	}
 }
@@ -434,36 +430,6 @@ func generateBundleProfileRequest() *settingsmsg.Bundle {
 	}
 }

-func generateBundleMetadataRole() *settingsmsg.Bundle {
-	return &settingsmsg.Bundle{
-		Id:          BundleUUIDRoleMetadata,
-		Name:        "metadata",
-		Type:        settingsmsg.Bundle_TYPE_ROLE,
-		Extension:   "ocis-roles",
-		DisplayName: "Metadata",
-		Resource: &settingsmsg.Resource{
-			Type: settingsmsg.Resource_TYPE_SYSTEM,
-		},
-		Settings: []*settingsmsg.Setting{
-			{
-				Id:          CreateSpacePermissionID,
-				Name:        CreateSpacePermissionName,
-				DisplayName: "Create own Space",
-				Description: "This permission allows to create a space owned by the current user.",
-				Resource: &settingsmsg.Resource{
-					Type: settingsmsg.Resource_TYPE_SYSTEM, // TODO resource type space? self? me? own?
-				},
-				Value: &settingsmsg.Setting_PermissionValue{
-					PermissionValue: &settingsmsg.Permission{
-						Operation:  settingsmsg.Permission_OPERATION_CREATE,
-						Constraint: settingsmsg.Permission_CONSTRAINT_OWN,
-					},
-				},
-			},
-		},
-	}
-}
-
 // TODO: languageSetting needed?
 var languageSetting = settingsmsg.Setting_SingleChoiceValue{
 	SingleChoiceValue: &settingsmsg.SingleChoiceList{
@@ -532,11 +498,6 @@ var languageSetting = settingsmsg.Setting_SingleChoiceValue{
 // DefaultRoleAssignments returns (as one might guess) the default role assignments
 func DefaultRoleAssignments() []*settingsmsg.UserRoleAssignment {
 	return []*settingsmsg.UserRoleAssignment{
-		// accounts service user for the metadata user is allowed to create spaces
-		{
-			AccountUuid: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
-			RoleId:      BundleUUIDRoleAdmin,
-		},
 		// default admin users
 		{
 			AccountUuid: "058bff95-6708-4fe5-91e4-9ea3d377588b",
--- a/extensions/settings/pkg/store/metadata/assignments.go
+++ b/extensions/settings/pkg/store/metadata/assignments.go
@@ -13,7 +13,7 @@ import (

 // ListRoleAssignments loads and returns all role assignments matching the given assignment identifier.
 func (s *Store) ListRoleAssignments(accountUUID string) ([]*settingsmsg.UserRoleAssignment, error) {
-	if s.mdc == nil || accountUUID == "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad" {
+	if s.mdc == nil {
 		return defaultRoleAssignments(accountUUID), nil
 	}
 	s.Init()
--- a/extensions/sharing/pkg/config/defaults/defaultconfig.go
+++ b/extensions/sharing/pkg/config/defaults/defaultconfig.go
@@ -48,9 +48,9 @@ func DefaultConfig() *config.Config {
 				JanitorRunInterval:         60,
 			},
 			CS3: config.UserSharingCS3Driver{
-				ProviderAddr:   "127.0.0.1:9215",
+				ProviderAddr:   "127.0.0.1:9215", // metadata storage
 				ServiceUserID:  "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
-				ServiceUserIDP: "https://localhost:9200",
+				ServiceUserIDP: "internal",
 			},
 		},
 		PublicSharingDriver: "json",
@@ -69,9 +69,9 @@ func DefaultConfig() *config.Config {
 				JanitorRunInterval:         60,
 			},
 			CS3: config.PublicSharingCS3Driver{
-				ProviderAddr:   "127.0.0.1:9215",
+				ProviderAddr:   "127.0.0.1:9215", // metadata storage
 				ServiceUserID:  "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
-				ServiceUserIDP: "https://localhost:9200",
+				ServiceUserIDP: "internal",
 			},
 		},
 		Events: config.Events{