mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-05-03 09:20:50 -05:00
listing drives sould use the user filter (#6103)
* listing drives shsould use the user filter Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * fix status code Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * check correct error Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * Adapt expected failures * Bump reva --------- Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> Co-authored-by: André Duffeck <andre.duffeck@firondu.de>
This commit is contained in:
Jörn Friedrich Dreyer
committed by
GitHub
GitHub
parent
f0cd81f4e1
commit
3489de1c42
@@ -91,6 +91,20 @@ func (g Graph) getDrives(w http.ResponseWriter, r *http.Request, unrestricted bo
|
||||
errorcode.NotSupported.Render(w, r, http.StatusNotImplemented, err.Error())
|
||||
return
|
||||
}
|
||||
if !unrestricted {
|
||||
user, ok := revactx.ContextGetUser(r.Context())
|
||||
if !ok {
|
||||
logger.Debug().Msg("could not create drive: invalid user")
|
||||
errorcode.NotAllowed.Render(w, r, http.StatusUnauthorized, "invalid user")
|
||||
return
|
||||
}
|
||||
filters = append(filters, &storageprovider.ListStorageSpacesRequest_Filter{
|
||||
Type: storageprovider.ListStorageSpacesRequest_Filter_TYPE_USER,
|
||||
Term: &storageprovider.ListStorageSpacesRequest_Filter_User{
|
||||
User: user.GetId(),
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
logger.Debug().
|
||||
Interface("filters", filters).
|
||||
@@ -240,7 +254,7 @@ func (g Graph) CreateDrive(w http.ResponseWriter, r *http.Request) {
|
||||
if !canCreateSpace {
|
||||
logger.Debug().Bool("cancreatespace", canCreateSpace).Msg("could not create drive: insufficient permissions")
|
||||
// if the permission is not existing for the user in context we can assume we don't have it. Return 401.
|
||||
errorcode.NotAllowed.Render(w, r, http.StatusUnauthorized, "insufficient permissions to create a space.")
|
||||
errorcode.NotAllowed.Render(w, r, http.StatusForbidden, "insufficient permissions to create a space.")
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
@@ -90,6 +90,7 @@ var _ = Describe("Graph", func() {
|
||||
}, nil)
|
||||
|
||||
r := httptest.NewRequest(http.MethodGet, "/graph/v1.0/me/drives", nil)
|
||||
r = r.WithContext(ctx)
|
||||
rr := httptest.NewRecorder()
|
||||
svc.GetDrives(rr, r)
|
||||
Expect(rr.Code).To(Equal(http.StatusOK))
|
||||
@@ -102,6 +103,7 @@ var _ = Describe("Graph", func() {
|
||||
}, nil)
|
||||
|
||||
r := httptest.NewRequest(http.MethodGet, "/graph/v1.0/drives", nil)
|
||||
r = r.WithContext(ctx)
|
||||
rr := httptest.NewRecorder()
|
||||
svc.GetAllDrives(rr, r)
|
||||
Expect(rr.Code).To(Equal(http.StatusOK))
|
||||
@@ -131,6 +133,7 @@ var _ = Describe("Graph", func() {
|
||||
}, nil)
|
||||
|
||||
r := httptest.NewRequest(http.MethodGet, "/graph/v1.0/me/drives", nil)
|
||||
r = r.WithContext(ctx)
|
||||
rr := httptest.NewRecorder()
|
||||
svc.GetDrives(rr, r)
|
||||
|
||||
@@ -201,6 +204,7 @@ var _ = Describe("Graph", func() {
|
||||
}, nil)
|
||||
|
||||
r := httptest.NewRequest(http.MethodGet, "/graph/v1.0/me/drives?$orderby=name%20asc", nil)
|
||||
r = r.WithContext(ctx)
|
||||
rr := httptest.NewRecorder()
|
||||
svc.GetDrives(rr, r)
|
||||
|
||||
@@ -281,6 +285,7 @@ var _ = Describe("Graph", func() {
|
||||
}, nil)
|
||||
|
||||
r := httptest.NewRequest(http.MethodGet, "/graph/v1.0/me/drives", nil)
|
||||
r = r.WithContext(ctx)
|
||||
rr := httptest.NewRecorder()
|
||||
svc.GetDrives(rr, r)
|
||||
|
||||
@@ -320,6 +325,7 @@ var _ = Describe("Graph", func() {
|
||||
}, nil)
|
||||
|
||||
r := httptest.NewRequest(http.MethodGet, "/graph/v1.0/me/drives?$orderby=owner%20asc", nil)
|
||||
r = r.WithContext(ctx)
|
||||
rr := httptest.NewRecorder()
|
||||
svc.GetDrives(rr, r)
|
||||
Expect(rr.Code).To(Equal(http.StatusBadRequest))
|
||||
@@ -361,6 +367,7 @@ var _ = Describe("Graph", func() {
|
||||
gatewayClient.On("ListStorageSpaces", mock.Anything, mock.Anything).Return(nil, errors.New("transport error"))
|
||||
|
||||
r := httptest.NewRequest(http.MethodGet, "/graph/v1.0/me/drives)", nil)
|
||||
r = r.WithContext(ctx)
|
||||
rr := httptest.NewRecorder()
|
||||
svc.GetDrives(rr, r)
|
||||
Expect(rr.Code).To(Equal(http.StatusInternalServerError))
|
||||
@@ -378,6 +385,7 @@ var _ = Describe("Graph", func() {
|
||||
StorageSpaces: []*provider.StorageSpace{}}, nil)
|
||||
|
||||
r := httptest.NewRequest(http.MethodGet, "/graph/v1.0/me/drives)", nil)
|
||||
r = r.WithContext(ctx)
|
||||
rr := httptest.NewRecorder()
|
||||
svc.GetDrives(rr, r)
|
||||
Expect(rr.Code).To(Equal(http.StatusInternalServerError))
|
||||
@@ -395,6 +403,7 @@ var _ = Describe("Graph", func() {
|
||||
StorageSpaces: []*provider.StorageSpace{}}, nil)
|
||||
|
||||
r := httptest.NewRequest(http.MethodGet, "/graph/v1.0/me/drives)", nil)
|
||||
r = r.WithContext(ctx)
|
||||
rr := httptest.NewRecorder()
|
||||
svc.GetDrives(rr, r)
|
||||
Expect(rr.Code).To(Equal(http.StatusOK))
|
||||
@@ -430,6 +439,7 @@ var _ = Describe("Graph", func() {
|
||||
}, nil)
|
||||
|
||||
r := httptest.NewRequest(http.MethodGet, "/graph/v1.0/me/drives", nil)
|
||||
r = r.WithContext(ctx)
|
||||
rr := httptest.NewRecorder()
|
||||
svc.GetDrives(rr, r)
|
||||
|
||||
@@ -469,7 +479,7 @@ var _ = Describe("Graph", func() {
|
||||
r := httptest.NewRequest(http.MethodPost, "/graph/v1.0/drives", bytes.NewBuffer(jsonBody)).WithContext(ctx)
|
||||
rr := httptest.NewRecorder()
|
||||
svc.CreateDrive(rr, r)
|
||||
Expect(rr.Code).To(Equal(http.StatusUnauthorized))
|
||||
Expect(rr.Code).To(Equal(http.StatusForbidden))
|
||||
|
||||
body, _ := io.ReadAll(rr.Body)
|
||||
var libreError libregraph.OdataError
|
||||
|
||||
Reference in New Issue
Block a user