[full-ci] [bump-reva] fix space share update for ocs

2026-01-11 06:39:43 -06:00 · 2024-04-25 17:38:53 +02:00
parent e8c3045391
commit 63533e2b8e
8 changed files with 80 additions and 17 deletions
--- a/go.mod
+++ b/go.mod
@@ -15,7 +15,7 @@ require (
 	github.com/cenkalti/backoff v2.2.1+incompatible
 	github.com/coreos/go-oidc/v3 v3.10.0
 	github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781
-	github.com/cs3org/reva/v2 v2.19.2-0.20240422150349-51ab7655f858
+	github.com/cs3org/reva/v2 v2.19.2-0.20240426071117-7ed0671f9e0b
 	github.com/dhowden/tag v0.0.0-20230630033851-978a0926ee25
 	github.com/disintegration/imaging v1.6.2
 	github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e
--- a/go.sum
+++ b/go.sum
@@ -1026,8 +1026,8 @@ github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c=
 github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME=
 github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781 h1:BUdwkIlf8IS2FasrrPg8gGPHQPOrQ18MS1Oew2tmGtY=
 github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY=
-github.com/cs3org/reva/v2 v2.19.2-0.20240422150349-51ab7655f858 h1:cohKwOI/6UXXYhrjrZMYxw5GlM8wFS5445TZr/jmSzs=
-github.com/cs3org/reva/v2 v2.19.2-0.20240422150349-51ab7655f858/go.mod h1:GRUrOp5HbFVwZTgR9bVrMZ/MvVy+Jhxw1PdMmhhKP9E=
+github.com/cs3org/reva/v2 v2.19.2-0.20240426071117-7ed0671f9e0b h1:lYNsGv/E06cD+p5RLmxBVySV17/OVRBiOhL50FEUrGs=
+github.com/cs3org/reva/v2 v2.19.2-0.20240426071117-7ed0671f9e0b/go.mod h1:GRUrOp5HbFVwZTgR9bVrMZ/MvVy+Jhxw1PdMmhhKP9E=
 github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
 github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
 github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
--- a/vendor/github.com/cs3org/reva/v2/internal/grpc/services/gateway/usershareprovider.go
+++ b/vendor/github.com/cs3org/reva/v2/internal/grpc/services/gateway/usershareprovider.go
@@ -20,6 +20,7 @@ package gateway

 import (
 	"context"
+	"slices"

 	rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
 	collaboration "github.com/cs3org/go-cs3apis/cs3/sharing/collaboration/v1beta1"
@@ -158,6 +159,9 @@ func (s *svc) updateShare(ctx context.Context, req *collaboration.UpdateShareReq
 }

 func (s *svc) updateSpaceShare(ctx context.Context, req *collaboration.UpdateShareRequest) (*collaboration.UpdateShareResponse, error) {
+	if req.GetShare().GetGrantee() == nil {
+		return &collaboration.UpdateShareResponse{Status: status.NewInvalid(ctx, "updating requires a received grantee object")}, nil
+	}
 	// If the share is a denial we call  denyGrant instead.
 	var st *rpc.Status
 	var err error
@@ -169,32 +173,47 @@ func (s *svc) updateSpaceShare(ctx context.Context, req *collaboration.UpdateSha
 	}
 	utils.AppendPlainToOpaque(opaque, "spacetype", utils.ReadPlainFromOpaque(req.Opaque, "spacetype"))

-	creator := ctxpkg.ContextMustGetUser(ctx)
-	grant := &provider.Grant{
-		Grantee:     req.GetShare().GetGrantee(),
-		Permissions: req.GetShare().GetPermissions().GetPermissions(),
-		Expiration:  req.GetShare().GetExpiration(),
-		Creator:     creator.GetId(),
-	}
 	if grants.PermissionsEqual(req.Share.GetPermissions().GetPermissions(), &provider.ResourcePermissions{}) {
 		st, err = s.denyGrant(ctx, req.GetShare().GetResourceId(), req.GetShare().GetGrantee(), opaque)
 		if err != nil {
 			return nil, errors.Wrap(err, "gateway: error denying grant in storage")
 		}
 	} else {
-		if !grant.Permissions.RemoveGrant {
+		listGrantRes, err := s.listGrants(ctx, req.GetShare().GetResourceId())
+		if err != nil {
+			return nil, errors.Wrap(err, "gateway: error getting grant to remove from storage")
+		}
+		existsGrant := s.getGranteeGrant(listGrantRes.GetGrants(), req.GetShare().GetGrantee())
+
+		if !slices.Contains(req.GetUpdateMask().GetPaths(), "permissions") {
+			req.Share.Permissions = &collaboration.SharePermissions{Permissions: existsGrant.GetPermissions()}
+		}
+
+		if !slices.Contains(req.GetUpdateMask().GetPaths(), "expiration") {
+			req.Share.Expiration = existsGrant.GetExpiration()
+		}
+
+		grant := &provider.Grant{
+			Grantee:     req.GetShare().GetGrantee(),
+			Permissions: req.GetShare().GetPermissions().GetPermissions(),
+			Expiration:  req.GetShare().GetExpiration(),
+			Creator:     ctxpkg.ContextMustGetUser(ctx).GetId(),
+		}
+
+		if grant.GetPermissions() == nil {
+			return &collaboration.UpdateShareResponse{Status: status.NewInvalid(ctx, "updating requires a received permission object")}, nil
+		}
+
+		if !grant.GetPermissions().GetRemoveGrant() {
 			// this request might remove Manager Permissions so we need to
 			// check if there is at least one manager remaining of the
 			// resource.
-			listGrantRes, err := s.listGrants(ctx, req.GetShare().GetResourceId())
-			if err != nil {
-				return nil, errors.Wrap(err, "gateway: error getting grant to remove from storage")
-			}
 			if !isSpaceManagerRemaining(listGrantRes.GetGrants(), grant.GetGrantee()) {
 				return &collaboration.UpdateShareResponse{
 					Status: status.NewPermissionDenied(ctx, errtypes.PermissionDenied(""), "can't remove the last manager"),
 				}, nil
 			}
+
 		}
 		st, err = s.updateGrant(ctx, req.GetShare().GetResourceId(), grant, opaque)
 		if err != nil {
@@ -523,6 +542,15 @@ func (s *svc) listGrants(ctx context.Context, id *provider.ResourceId) (*provide
 	return grantRes, nil
 }

+func (s *svc) getGranteeGrant(grants []*provider.Grant, grantee *provider.Grantee) *provider.Grant {
+	for _, g := range grants {
+		if isEqualGrantee(g.Grantee, grantee) {
+			return g
+		}
+	}
+	return nil
+}
+
 func (s *svc) addShare(ctx context.Context, req *collaboration.CreateShareRequest) (*collaboration.CreateShareResponse, error) {
 	c, err := pool.GetUserShareProviderClient(s.c.UserShareProviderEndpoint)
 	if err != nil {
--- a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/spaces.go
+++ b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/spaces.go
@@ -41,6 +41,7 @@ import (
 	"github.com/cs3org/reva/v2/pkg/storagespace"
 	"github.com/cs3org/reva/v2/pkg/utils"
 	"github.com/pkg/errors"
+	"google.golang.org/protobuf/types/known/fieldmaskpb"
 )

 func (h *Handler) getGrantee(ctx context.Context, name string) (provider.Grantee, error) {
@@ -108,8 +109,10 @@ func (h *Handler) addSpaceMember(w http.ResponseWriter, r *http.Request, info *p
 	// The viewer role doesn't have the ListGrants permission so we set it here.
 	permissions.ListGrants = true

+	fieldmask := []string{}
 	expireDate := r.PostFormValue("expireDate")
 	var expirationTs *types.Timestamp
+	fieldmask = append(fieldmask, "expiration")
 	if expireDate != "" {
 		expiration, err := time.Parse(_iso8601, expireDate)
 		if err != nil {
@@ -125,6 +128,7 @@ func (h *Handler) addSpaceMember(w http.ResponseWriter, r *http.Request, info *p
 			Seconds: uint64(expiration.UnixNano() / int64(time.Second)),
 			Nanos:   uint32(expiration.UnixNano() % int64(time.Second)),
 		}
+		fieldmask = append(fieldmask, "expiration")
 	}

 	ref := provider.Reference{ResourceId: info.GetId()}
@@ -154,6 +158,9 @@ func (h *Handler) addSpaceMember(w http.ResponseWriter, r *http.Request, info *p
 	// we have to send the update request to the gateway to give it a chance to invalidate its cache
 	// TODO the gateway no longer should cache stuff because invalidation is to expensive. The decomposedfs already has a better cache.
 	if granteeExists(lgRes.Grants, grantee) {
+		if permissions != nil {
+			fieldmask = append(fieldmask, "permissions")
+		}
 		updateShareReq := &collaborationv1beta1.UpdateShareRequest{
 			// TODO: change CS3 APIs
 			Opaque: &types.Opaque{
@@ -169,6 +176,9 @@ func (h *Handler) addSpaceMember(w http.ResponseWriter, r *http.Request, info *p
 				Grantee:    &grantee,
 				Expiration: expirationTs,
 			},
+			UpdateMask: &fieldmaskpb.FieldMask{
+				Paths: fieldmask,
+			},
 		}
 		updateShareReq.Opaque = utils.AppendPlainToOpaque(updateShareReq.Opaque, "spacetype", info.GetSpace().GetSpaceType())
 		updateShareRes, err := client.UpdateShare(ctx, updateShareReq)
--- a/vendor/github.com/cs3org/reva/v2/pkg/storage/uploads.go
+++ b/vendor/github.com/cs3org/reva/v2/pkg/storage/uploads.go
@@ -76,6 +76,9 @@ type UploadSession interface {

 	// Purge allows completely removing an upload. Should emit a PostprocessingFinished event with a Delete outcome
 	Purge(ctx context.Context) error
+
+	// ScanData returns the scan data for the UploadSession
+	ScanData() (string, time.Time)
 }

 // UploadSessionFilter can be used to filter upload sessions
--- a/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/decomposedfs.go
+++ b/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/decomposedfs.go
@@ -496,6 +496,11 @@ func (fs *Decomposedfs) Postprocessing(ch <-chan events.Event) {
 					continue
 				}
 				sublog = log.With().Str("spaceid", session.SpaceID()).Str("nodeid", session.NodeID()).Logger()
+
+				session.SetScanData(res.Description, res.Scandate)
+				if err := session.Persist(ctx); err != nil {
+					sublog.Error().Err(err).Msg("Failed to persist scan results")
+				}
 			}

 			if err := n.SetScanData(ctx, res.Description, res.Scandate); err != nil {
--- a/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/session.go
+++ b/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/session.go
@@ -298,7 +298,8 @@ func (s *OcisSession) MTime() time.Time {

 // IsProcessing returns true if all bytes have been received. The session then has entered postprocessing state.
 func (s *OcisSession) IsProcessing() bool {
-	return s.info.Size == s.info.Offset
+	// We might need a more sophisticated way to determine processing status soon
+	return s.info.Size == s.info.Offset && s.info.MetaData["scanResult"] == ""
 }

 // binPath returns the path to the file storing the binary data.
@@ -311,6 +312,22 @@ func (s *OcisSession) InitiatorID() string {
 	return s.info.MetaData["initiatorid"]
 }

+// SetScanData sets virus scan data to the upload session
+func (s *OcisSession) SetScanData(result string, date time.Time) {
+	s.info.MetaData["scanResult"] = result
+	s.info.MetaData["scanDate"] = date.Format(time.RFC3339)
+}
+
+// ScanData returns the virus scan data
+func (s *OcisSession) ScanData() (string, time.Time) {
+	date := s.info.MetaData["scanDate"]
+	if date == "" {
+		return "", time.Time{}
+	}
+	d, _ := time.Parse(time.RFC3339, date)
+	return s.info.MetaData["scanResult"], d
+}
+
 // sessionPath returns the path to the .info file storing the file's info.
 func sessionPath(root, id string) string {
 	return filepath.Join(root, "uploads", id+".info")
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -370,7 +370,7 @@ github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1
 github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1
 github.com/cs3org/go-cs3apis/cs3/tx/v1beta1
 github.com/cs3org/go-cs3apis/cs3/types/v1beta1
-# github.com/cs3org/reva/v2 v2.19.2-0.20240422150349-51ab7655f858
+# github.com/cs3org/reva/v2 v2.19.2-0.20240426071117-7ed0671f9e0b
 ## explicit; go 1.21
 github.com/cs3org/reva/v2/cmd/revad/internal/grace
 github.com/cs3org/reva/v2/cmd/revad/runtime