Change to single env variable and list of strings as suggested in review.

services/frontend/README.md

@@ -29,13 +29,5 @@ While the frontend service does not persist any data it does cache `Stat()` resp
 ## Libregraph Service Interactions
 
 A lot of user management is done via a standardized libregraph API. Depending on how the system is configured, there might be some attributes for users that an ocis instance admin user can't change because of properties
-coming from an external LDAP server, or similar. This can be the case when the ocis admin is not the LDAP admin. To make life easier for admin users, there are hints as capabilites telling the frontend which attributes are read-only or not, so they can be shown in the frontend differently. To configure these hints the following environment variables are available:
-
--   FRONTEND_READONLY_ATTRIBUTES_ACCOUNT_ENABLED: Defaults to false
--   FRONTEND_READONLY_ATTRIBUTES_DISPLAY_NAME: Defaults to true
--   FRONTEND_READONLY_ATTRIBUTES_GIVEN_NAME: Defaults to true
--   FRONTEND_READONLY_ATTRIBUTES_ID: Defaults to true
--   FRONTEND_READONLY_ATTRIBUTES_MAIL: Defaults to true
--   FRONTEND_READONLY_ATTRIBUTES_ON_PREMISES_SAM_ACCOUNT_NAME: Defaults to true
--   FRONTEND_READONLY_ATTRIBUTES_SURNAME: Defaults to true
--   FRONTEND_READONLY_ATTRIBUTES_QUOTA: Defaults to false
+coming from an external LDAP server, or similar. This can be the case when the ocis admin is not the LDAP admin. To make life easier for admin users, there are hints as capabilites telling the frontend which attributes are read-only or not, so they can be shown in the frontend differently. To configure these hints we have the environment variable FRONTEND_READONLY_USER_ATTRIBUTES,
+which takes a comma separated list of attributes.

services/frontend/pkg/config/config.go

@@ -39,12 +39,12 @@ type Config struct {
 
 	PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL" desc:"The public facing URL of the oCIS frontend."`
 
-	AppHandler          AppHandler          `yaml:"app_handler"`
-	Archiver            Archiver            `yaml:"archiver"`
-	DataGateway         DataGateway         `yaml:"data_gateway"`
-	OCS                 OCS                 `yaml:"ocs"`
-	Checksums           Checksums           `yaml:"checksums"`
-	ReadyOnlyAttributes ReadyOnlyAttributes `yaml:"read_only_attributes"`
+	AppHandler             AppHandler  `yaml:"app_handler"`
+	Archiver               Archiver    `yaml:"archiver"`
+	DataGateway            DataGateway `yaml:"data_gateway"`
+	OCS                    OCS         `yaml:"ocs"`
+	Checksums              Checksums   `yaml:"checksums"`
+	ReadOnlyUserAttributes string      `yaml:"read_only_user_attributes" env:"FRONTEND_READONLY_USER_ATTRIBUTES" desc:"Comma separated list of user attributes to indicate as read-only."`
 
 	Middleware Middleware `yaml:"middleware"`
 
@@ -161,14 +161,3 @@ type Checksums struct {
 	SupportedTypes      []string `yaml:"supported_types" env:"FRONTEND_CHECKSUMS_SUPPORTED_TYPES" desc:"Define the checksum types that indicate to clients which hashes the server can use to verify upload integrity. You can provide multiple types separated by blank or comma. Supported types are 'sha1', 'md5' and 'adler32'."`
 	PreferredUploadType string   `yaml:"preferred_upload_type" env:"FRONTEND_CHECKSUMS_PREFERRED_UPLOAD_TYPE" desc:"The supported checksum type for uploads that indicates to clients supporting multiple hash algorithms which one is preferred by the server. Must be one out of the defined list of SUPPORTED_TYPES."`
 }
-
-type ReadyOnlyAttributes struct {
-	AccountEnabled           bool `yaml:"account_enabled" env:"FRONTEND_READONLY_ATTRIBUTES_ACCOUNT_ENABLED" desc:"Flag to indicate if account_enabled attribute is read-only. Defaults to false."`
-	DisplayName              bool `yaml:"display_name" env:"FRONTEND_READONLY_ATTRIBUTES_DISPLAY_NAME" desc:"Flag to indicate if display_name attribute is read-only. Defaults to true."`
-	GivenName                bool `yaml:"given_name" env:"FRONTEND_READONLY_ATTRIBUTES_GIVEN_NAME" desc:"Flag to indicate if given_name attribute is read-only. Defaults to true."`
-	ID                       bool `yaml:"id" env:"FRONTEND_READONLY_ATTRIBUTES_ID" desc:"Flag to indicate if id attribute is read-only. Defaults to true."`
-	Mail                     bool `yaml:"mail" env:"FRONTEND_READONLY_ATTRIBUTES_MAIL" desc:"Flag to indicate if mail attribute is read-only. Defaults to true."`
-	OnPremisesSamAccountName bool `yaml:"on_premises_sam_account_name" env:"FRONTEND_READONLY_ATTRIBUTES_ON_PREMISES_SAM_ACCOUNT_NAME" desc:"Flag to indicate if on_premises_sam_account_name attribute is read-only. Defaults to true."`
-	Surname                  bool `yaml:"surname" env:"FRONTEND_READONLY_ATTRIBUTES_SURNAME" desc:"Flag to indicate if surname attribute is read-only.  Defaults to true."`
-	Quota                    bool `yaml:"quota" env:"FRONTEND_READONLY_ATTRIBUTES_QUOTA" desc:"Flag to indicate if quota attribute read-only. Defaults to false."`
-}

services/frontend/pkg/config/defaults/defaultconfig.go

@@ -89,16 +89,6 @@ func DefaultConfig() *config.Config {
 			SupportedTypes:      []string{"sha1", "md5", "adler32"},
 			PreferredUploadType: "sha1",
 		},
-		ReadyOnlyAttributes: config.ReadyOnlyAttributes{
-			AccountEnabled:           false,
-			DisplayName:              true,
-			GivenName:                true,
-			ID:                       true,
-			Mail:                     true,
-			OnPremisesSamAccountName: true,
-			Surname:                  true,
-			Quota:                    false,
-		},
 		AppHandler: config.AppHandler{
 			Prefix: "app",
 		},

services/frontend/pkg/revaconfig/config.go

@@ -4,6 +4,7 @@ import (
 	"net/url"
 	"path"
 	"strconv"
+	"strings"
 
 	"github.com/owncloud/ocis/v2/ocis-pkg/version"
 	"github.com/owncloud/ocis/v2/services/frontend/pkg/config"
@@ -63,23 +64,7 @@ func FrontendConfigFromStruct(cfg *config.Config) (map[string]interface{}, error
 		}
 	}
 
-	read_only_attributes_map := map[string]bool{
-		"account_enabled":              cfg.ReadyOnlyAttributes.AccountEnabled,
-		"display_name":                 cfg.ReadyOnlyAttributes.DisplayName,
-		"given_name":                   cfg.ReadyOnlyAttributes.GivenName,
-		"id":                           cfg.ReadyOnlyAttributes.ID,
-		"mail":                         cfg.ReadyOnlyAttributes.Mail,
-		"on_premises_sam_account_name": cfg.ReadyOnlyAttributes.OnPremisesSamAccountName,
-		"surname":                      cfg.ReadyOnlyAttributes.Surname,
-		"quota":                        cfg.ReadyOnlyAttributes.Quota,
-	}
-
-	var read_only_attributes []string
-	for k, v := range read_only_attributes_map {
-		if v {
-			read_only_attributes = append(read_only_attributes, k)
-		}
-	}
+	ReadOnlyUserAttributes := strings.Split(cfg.ReadOnlyUserAttributes, ",")
 
 	return map[string]interface{}{
 		"core": map[string]interface{}{
@@ -216,8 +201,8 @@ func FrontendConfigFromStruct(cfg *config.Config) (map[string]interface{}, error
 								"support_url_signing": true,
 							},
 							"graph": map[string]interface{}{
-								"personal_data_export": true,
-								"read_only_attributes": read_only_attributes,
+								"personal_data_export":      true,
+								"read_only_user_attributes": ReadOnlyUserAttributes,
 							},
 							"checksums": map[string]interface{}{
 								"supported_types":       cfg.Checksums.SupportedTypes,