From 6d8ff8ef47afd115373f6173dfe09fb40217f27b Mon Sep 17 00:00:00 2001
From: Christian Richter <crichter@owncloud.com>
Date: Wed, 3 Apr 2024 13:16:38 +0200
Subject: [PATCH] incorporate requested changes

Signed-off-by: Christian Richter <crichter@owncloud.com>
---
 services/graph/pkg/config/config.go    | 1 +
 services/graph/pkg/config/reva.go      | 3 +--
 services/graph/pkg/service/v0/users.go | 4 ++--
 services/ocs/pkg/config/config.go      | 5 +++++
 services/ocs/pkg/config/reva.go        | 3 +--
 5 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/services/graph/pkg/config/config.go b/services/graph/pkg/config/config.go
index 2198ddcacd..2aeb1a8abf 100644
--- a/services/graph/pkg/config/config.go
+++ b/services/graph/pkg/config/config.go
@@ -114,6 +114,7 @@ type API struct {
 	UsernameMatch           string `yaml:"graph_username_match" env:"GRAPH_USERNAME_MATCH" desc:"Apply restrictions to usernames. Supported values are 'default' and 'none'. When set to 'default', user names must not start with a number and are restricted to ASCII characters. When set to 'none', no restrictions are applied. The default value is 'default'." introductionVersion:"pre5.0"`
 	AssignDefaultUserRole   bool   `yaml:"graph_assign_default_user_role" env:"GRAPH_ASSIGN_DEFAULT_USER_ROLE" desc:"Whether to assign newly created users the default role 'User'. Set this to 'false' if you want to assign roles manually, or if the role assignment should happen at first login. Set this to 'true' (the default) to assign the role 'User' when creating a new user." introductionVersion:"pre5.0"`
 	IdentitySearchMinLength int    `yaml:"graph_identity_search_min_length" env:"GRAPH_IDENTITY_SEARCH_MIN_LENGTH" desc:"The minimum length the search term needs to have for unprivileged users when searching for users or groups." introductionVersion:"5.0"`
+	ShowUserEmailInResults  bool   `yaml:"show_email_in_results" env:"OCIS_SHOW_USER_EMAIL_IN_RESULTS" desc:"Mask user email addresses in responses." introductionVersion:"5.1"`
 }
 
 // Events combines the configuration options for the event bus.
diff --git a/services/graph/pkg/config/reva.go b/services/graph/pkg/config/reva.go
index 50b52f33ad..646c3f36ee 100644
--- a/services/graph/pkg/config/reva.go
+++ b/services/graph/pkg/config/reva.go
@@ -2,6 +2,5 @@ package config
 
 // TokenManager is the config for using the reva token manager
 type TokenManager struct {
-	JWTSecret              string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GRAPH_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"`
-	ShowUserEmailInResults bool   `yaml:"mask_user_email" env:"OCIS_SHOW_USER_EMAIL_IN_RESULTS" desc:"Mask user email addresses in responses." introductionVersion:"5.1"`
+	JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GRAPH_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"`
 }
diff --git a/services/graph/pkg/service/v0/users.go b/services/graph/pkg/service/v0/users.go
index 32fc7554f4..258dc847d0 100644
--- a/services/graph/pkg/service/v0/users.go
+++ b/services/graph/pkg/service/v0/users.go
@@ -282,7 +282,7 @@ func (g Graph) GetUsers(w http.ResponseWriter, r *http.Request) {
 				UserType:    u.UserType,
 			}
 
-			if g.config.TokenManager.ShowUserEmailInResults {
+			if g.config.API.ShowUserEmailInResults {
 				finalUsers[i].Mail = u.Mail
 			}
 		}
@@ -548,7 +548,7 @@ func (g Graph) GetUser(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
-	if !g.config.TokenManager.ShowUserEmailInResults {
+	if !g.config.API.ShowUserEmailInResults {
 		user.Mail = nil
 	}
 
diff --git a/services/ocs/pkg/config/config.go b/services/ocs/pkg/config/config.go
index 4097ff4ef6..1c64050ac6 100644
--- a/services/ocs/pkg/config/config.go
+++ b/services/ocs/pkg/config/config.go
@@ -19,6 +19,7 @@ type Config struct {
 	Debug   Debug    `yaml:"debug"`
 
 	HTTP HTTP `yaml:"http"`
+	API  API  `yaml:"api"`
 
 	GRPCClientTLS *shared.GRPCClientTLS `yaml:"grpc_client_tls"`
 	GrpcClient    client.Client         `yaml:"-"`
@@ -38,3 +39,7 @@ type SigningKeys struct {
 	AuthUsername string        `yaml:"username" env:"OCIS_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"`
 	AuthPassword string        `yaml:"password" env:"OCIS_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"`
 }
+
+type API struct {
+	ShowUserEmailInResults bool `yaml:"show_email_in_results" env:"OCIS_SHOW_USER_EMAIL_IN_RESULTS" desc:"Mask user email addresses in responses." introductionVersion:"5.1"`
+}
diff --git a/services/ocs/pkg/config/reva.go b/services/ocs/pkg/config/reva.go
index 5089f92c68..8413904dab 100644
--- a/services/ocs/pkg/config/reva.go
+++ b/services/ocs/pkg/config/reva.go
@@ -2,6 +2,5 @@ package config
 
 // TokenManager is the config for using the reva token manager
 type TokenManager struct {
-	JWTSecret              string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"`
-	ShowUserEmailInResults bool   `yaml:"mask_user_email" env:"OCIS_SHOW_USER_EMAIL_IN_RESULTS" desc:"Mask user email addresses in responses." introductionVersion:"5.1"`
+	JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"`
 }