mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-01-04 19:29:49 -06:00
jkoberg
2
go.mod
2
go.mod
@@ -13,7 +13,7 @@ require (
|
||||
github.com/coreos/go-oidc v2.2.1+incompatible
|
||||
github.com/coreos/go-oidc/v3 v3.6.0
|
||||
github.com/cs3org/go-cs3apis v0.0.0-20230516150832-730ac860c71d
|
||||
github.com/cs3org/reva/v2 v2.13.4-0.20230526111208-d62d1497abb9
|
||||
github.com/cs3org/reva/v2 v2.13.4-0.20230531095732-bc9a3b635ec3
|
||||
github.com/disintegration/imaging v1.6.2
|
||||
github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e
|
||||
github.com/egirna/icap-client v0.1.1
|
||||
|
||||
4
go.sum
4
go.sum
@@ -629,8 +629,8 @@ github.com/crewjam/httperr v0.2.0 h1:b2BfXR8U3AlIHwNeFFvZ+BV1LFvKLlzMjzaTnZMybNo
|
||||
github.com/crewjam/httperr v0.2.0/go.mod h1:Jlz+Sg/XqBQhyMjdDiC+GNNRzZTD7x39Gu3pglZ5oH4=
|
||||
github.com/crewjam/saml v0.4.13 h1:TYHggH/hwP7eArqiXSJUvtOPNzQDyQ7vwmwEqlFWhMc=
|
||||
github.com/crewjam/saml v0.4.13/go.mod h1:igEejV+fihTIlHXYP8zOec3V5A8y3lws5bQBFsTm4gA=
|
||||
github.com/cs3org/reva/v2 v2.13.4-0.20230526111208-d62d1497abb9 h1:JuZPMzFl6Yr2PIlT7mIYJ+S++AS3PQoRcYyA1tsH2DI=
|
||||
github.com/cs3org/reva/v2 v2.13.4-0.20230526111208-d62d1497abb9/go.mod h1:vMQqSn30fEPHO/GKC2WmGimlOPqvfSy4gdhRSpbvrWc=
|
||||
github.com/cs3org/reva/v2 v2.13.4-0.20230531095732-bc9a3b635ec3 h1:T+W3zPmlPAaHlKhzBcW809PvcGUJJ+v1QF+JzdPRegU=
|
||||
github.com/cs3org/reva/v2 v2.13.4-0.20230531095732-bc9a3b635ec3/go.mod h1:vMQqSn30fEPHO/GKC2WmGimlOPqvfSy4gdhRSpbvrWc=
|
||||
github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI=
|
||||
github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY=
|
||||
github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
|
||||
|
||||
@@ -125,6 +125,33 @@ func (h *Handler) addSpaceMember(w http.ResponseWriter, r *http.Request, info *p
|
||||
Nanos: uint32(expiration.UnixNano() % int64(time.Second)),
|
||||
}
|
||||
}
|
||||
|
||||
if role.Name != conversions.RoleManager {
|
||||
ref := provider.Reference{ResourceId: info.GetId()}
|
||||
p, err := h.findProvider(ctx, &ref)
|
||||
if err != nil {
|
||||
response.WriteOCSError(w, r, response.MetaNotFound.StatusCode, "error getting storage provider", err)
|
||||
return
|
||||
}
|
||||
|
||||
providerClient, err := h.getStorageProviderClient(p)
|
||||
if err != nil {
|
||||
response.WriteOCSError(w, r, response.MetaNotFound.StatusCode, "error getting storage provider client", err)
|
||||
return
|
||||
}
|
||||
|
||||
lgRes, err := providerClient.ListGrants(ctx, &provider.ListGrantsRequest{Ref: &ref})
|
||||
if err != nil || lgRes.Status.Code != rpc.Code_CODE_OK {
|
||||
response.WriteOCSError(w, r, response.MetaServerError.StatusCode, "error listing space grants", err)
|
||||
return
|
||||
}
|
||||
|
||||
if !isSpaceManagerRemaining(lgRes.Grants, grantee) {
|
||||
response.WriteOCSError(w, r, http.StatusForbidden, "the space must have at least one manager", nil)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
createShareRes, err := client.CreateShare(ctx, &collaborationv1beta1.CreateShareRequest{
|
||||
ResourceInfo: info,
|
||||
Grant: &collaborationv1beta1.ShareGrant{
|
||||
|
||||
4
vendor/github.com/cs3org/reva/v2/pkg/permission/permission.go
generated
vendored
4
vendor/github.com/cs3org/reva/v2/pkg/permission/permission.go
generated
vendored
@@ -24,9 +24,9 @@ import (
|
||||
|
||||
const (
|
||||
// ListAllSpaces is the hardcoded name for the list all spaces permission
|
||||
ListAllSpaces string = "list-all-spaces"
|
||||
ListAllSpaces string = "Drives.List"
|
||||
// CreateSpace is the hardcoded name for the create space permission
|
||||
CreateSpace string = "create-space"
|
||||
CreateSpace string = "Drives.Create"
|
||||
// WritePublicLink is the hardcoded name for the PublicLink.Write permission
|
||||
WritePublicLink string = "PublicLink.Write"
|
||||
)
|
||||
|
||||
16
vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/spacepermissions.go
generated
vendored
16
vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/spacepermissions.go
generated
vendored
@@ -41,7 +41,7 @@ func (p Permissions) AssemblePermissions(ctx context.Context, n *node.Node) (pro
|
||||
|
||||
// CreateSpace returns true when the user is allowed to create the space
|
||||
func (p Permissions) CreateSpace(ctx context.Context, spaceid string) bool {
|
||||
return p.checkPermission(ctx, "create-space", spaceRef(spaceid))
|
||||
return p.checkPermission(ctx, "Drives.Create", spaceRef(spaceid))
|
||||
}
|
||||
|
||||
// SetSpaceQuota returns true when the user is allowed to change the spaces quota
|
||||
@@ -50,25 +50,25 @@ func (p Permissions) SetSpaceQuota(ctx context.Context, spaceid string, spaceTyp
|
||||
default:
|
||||
return false // only quotas of personal and project space may be changed
|
||||
case _spaceTypePersonal:
|
||||
return p.checkPermission(ctx, "set-space-quota", spaceRef(spaceid))
|
||||
return p.checkPermission(ctx, "Drives.ReadWritePersonalQuota", spaceRef(spaceid))
|
||||
case _spaceTypeProject:
|
||||
return p.checkPermission(ctx, "Drive.ReadWriteQuota.Project", spaceRef(spaceid))
|
||||
return p.checkPermission(ctx, "Drives.ReadWriteProjectQuota", spaceRef(spaceid))
|
||||
}
|
||||
}
|
||||
|
||||
// ManageSpaceProperties returns true when the user is allowed to change space properties (name/subtitle)
|
||||
func (p Permissions) ManageSpaceProperties(ctx context.Context, spaceid string) bool {
|
||||
return p.checkPermission(ctx, "Drive.ReadWrite", spaceRef(spaceid))
|
||||
return p.checkPermission(ctx, "Drives.ReadWrite", spaceRef(spaceid))
|
||||
}
|
||||
|
||||
// SpaceAbility returns true when the user is allowed to enable/disable the space
|
||||
func (p Permissions) SpaceAbility(ctx context.Context, spaceid string) bool {
|
||||
return p.checkPermission(ctx, "Drive.ReadWriteEnabled", spaceRef(spaceid))
|
||||
return p.checkPermission(ctx, "Drives.ReadWriteEnabled", spaceRef(spaceid))
|
||||
}
|
||||
|
||||
// ListAllSpaces returns true when the user is allowed to list all spaces
|
||||
func (p Permissions) ListAllSpaces(ctx context.Context) bool {
|
||||
return p.checkPermission(ctx, "list-all-spaces", nil)
|
||||
return p.checkPermission(ctx, "Drives.List", nil)
|
||||
}
|
||||
|
||||
// ListSpacesOfUser returns true when the user is allowed to list the spaces of the given user
|
||||
@@ -86,12 +86,12 @@ func (p Permissions) ListSpacesOfUser(ctx context.Context, userid *userv1beta1.U
|
||||
|
||||
// DeleteAllSpaces returns true when the user is allowed to delete all spaces
|
||||
func (p Permissions) DeleteAllSpaces(ctx context.Context) bool {
|
||||
return p.checkPermission(ctx, "delete-all-spaces", nil)
|
||||
return p.checkPermission(ctx, "Drives.DeleteProject", nil)
|
||||
}
|
||||
|
||||
// DeleteAllHomeSpaces returns true when the user is allowed to delete all home spaces
|
||||
func (p Permissions) DeleteAllHomeSpaces(ctx context.Context) bool {
|
||||
return p.checkPermission(ctx, "delete-all-home-spaces", nil)
|
||||
return p.checkPermission(ctx, "Drives.DeletePersonal", nil)
|
||||
}
|
||||
|
||||
// checkPermission is used to check a users space permissions
|
||||
|
||||
2
vendor/modules.txt
vendored
2
vendor/modules.txt
vendored
@@ -352,7 +352,7 @@ github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1
|
||||
github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1
|
||||
github.com/cs3org/go-cs3apis/cs3/tx/v1beta1
|
||||
github.com/cs3org/go-cs3apis/cs3/types/v1beta1
|
||||
# github.com/cs3org/reva/v2 v2.13.4-0.20230526111208-d62d1497abb9
|
||||
# github.com/cs3org/reva/v2 v2.13.4-0.20230531095732-bc9a3b635ec3
|
||||
## explicit; go 1.19
|
||||
github.com/cs3org/reva/v2/cmd/revad/internal/grace
|
||||
github.com/cs3org/reva/v2/cmd/revad/runtime
|
||||
|
||||
Reference in New Issue
Block a user