diff --git a/go.mod b/go.mod index 4091b81b9..e1ff0d72a 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/cenkalti/backoff v2.2.1+incompatible github.com/coreos/go-oidc/v3 v3.10.0 github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781 - github.com/cs3org/reva/v2 v2.19.2-0.20240415154646-5c2c9831a2b7 + github.com/cs3org/reva/v2 v2.19.2-0.20240416121921-56d2be7011cf github.com/dhowden/tag v0.0.0-20230630033851-978a0926ee25 github.com/disintegration/imaging v1.6.2 github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e diff --git a/go.sum b/go.sum index aa4692d1a..2f9037290 100644 --- a/go.sum +++ b/go.sum @@ -1022,8 +1022,8 @@ github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c= github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME= github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781 h1:BUdwkIlf8IS2FasrrPg8gGPHQPOrQ18MS1Oew2tmGtY= github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY= -github.com/cs3org/reva/v2 v2.19.2-0.20240415154646-5c2c9831a2b7 h1:7oBqhyPUyWSRNMKG5wLYDm9TSc0gfKj+LeVaUhjm+hQ= -github.com/cs3org/reva/v2 v2.19.2-0.20240415154646-5c2c9831a2b7/go.mod h1:GRUrOp5HbFVwZTgR9bVrMZ/MvVy+Jhxw1PdMmhhKP9E= +github.com/cs3org/reva/v2 v2.19.2-0.20240416121921-56d2be7011cf h1:RSuahP/PhMCVB/SHCkiXolJ8xGvGKjkhINcda21A+gY= +github.com/cs3org/reva/v2 v2.19.2-0.20240416121921-56d2be7011cf/go.mod h1:GRUrOp5HbFVwZTgR9bVrMZ/MvVy+Jhxw1PdMmhhKP9E= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= diff --git a/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/scope.go b/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/scope.go index 1b5edd9f2..5cb6183c6 100644 --- a/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/scope.go +++ b/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/scope.go @@ -264,7 +264,15 @@ func checkIfNestedResource(ctx context.Context, ref *provider.Reference, parent if statResponse.Status.Code != rpc.Code_CODE_OK { return false, statuspkg.NewErrorFromCode(statResponse.Status.Code, "auth interceptor") } - parentPath := statResponse.Info.Path + + pathResp, err := client.GetPath(ctx, &provider.GetPathRequest{ResourceId: statResponse.GetInfo().GetId()}) + if err != nil { + return false, err + } + if pathResp.Status.Code != rpc.Code_CODE_OK { + return false, statuspkg.NewErrorFromCode(pathResp.Status.Code, "auth interceptor") + } + parentPath := pathResp.Path childPath := ref.GetPath() if childPath != "" && childPath != "." && strings.HasPrefix(childPath, parentPath) { @@ -308,7 +316,7 @@ func checkIfNestedResource(ctx context.Context, ref *provider.Reference, parent if childStat.Status.Code != rpc.Code_CODE_OK { return false, statuspkg.NewErrorFromCode(childStat.Status.Code, "auth interceptor") } - pathResp, err := client.GetPath(ctx, &provider.GetPathRequest{ResourceId: childStat.GetInfo().GetId()}) + pathResp, err = client.GetPath(ctx, &provider.GetPathRequest{ResourceId: childStat.GetInfo().GetId()}) if err != nil { return false, err } diff --git a/vendor/github.com/cs3org/reva/v2/internal/http/services/archiver/manager/archiver.go b/vendor/github.com/cs3org/reva/v2/internal/http/services/archiver/manager/archiver.go index 803606665..ecb3c20bc 100644 --- a/vendor/github.com/cs3org/reva/v2/internal/http/services/archiver/manager/archiver.go +++ b/vendor/github.com/cs3org/reva/v2/internal/http/services/archiver/manager/archiver.go @@ -29,6 +29,7 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" "github.com/cs3org/reva/v2/pkg/storage/utils/downloader" "github.com/cs3org/reva/v2/pkg/storage/utils/walker" + "github.com/cs3org/reva/v2/pkg/utils" ) // Config is the config for the Archiver @@ -77,7 +78,7 @@ func (a *Archiver) CreateTar(ctx context.Context, dst io.Writer) (func(), error) } // when archiving a space we can omit the spaceroot - if isSpaceRoot(info) { + if utils.IsSpaceRoot(info) { return nil } @@ -152,7 +153,7 @@ func (a *Archiver) CreateZip(ctx context.Context, dst io.Writer) (func(), error) } // when archiving a space we can omit the spaceroot - if isSpaceRoot(info) { + if utils.IsSpaceRoot(info) { return nil } @@ -205,9 +206,3 @@ func (a *Archiver) CreateZip(ctx context.Context, dst io.Writer) (func(), error) } return closer, nil } - -func isSpaceRoot(info *provider.ResourceInfo) bool { - f := info.GetId() - s := info.GetSpace().GetRoot() - return f.GetOpaqueId() == s.GetOpaqueId() && f.GetSpaceId() == s.GetSpaceId() -} diff --git a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/copy.go b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/copy.go index 995279ee0..010b2615c 100644 --- a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/copy.go +++ b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/copy.go @@ -641,7 +641,7 @@ func (s *svc) prepareCopy(ctx context.Context, w http.ResponseWriter, r *http.Re errors.HandleErrorStatus(log, w, srcStatRes.Status) return nil } - if isSpaceRoot(srcStatRes.GetInfo()) { + if utils.IsSpaceRoot(srcStatRes.GetInfo()) { log.Error().Msg("the source is disallowed") w.WriteHeader(http.StatusBadRequest) return nil @@ -663,7 +663,7 @@ func (s *svc) prepareCopy(ctx context.Context, w http.ResponseWriter, r *http.Re if dstStatRes.Status.Code == rpc.Code_CODE_OK { successCode = http.StatusNoContent // 204 if target already existed, see https://tools.ietf.org/html/rfc4918#section-9.8.5 - if isSpaceRoot(dstStatRes.GetInfo()) { + if utils.IsSpaceRoot(dstStatRes.GetInfo()) { log.Error().Msg("overwriting is not allowed") w.WriteHeader(http.StatusBadRequest) return nil diff --git a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/move.go b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/move.go index 6d1a523be..ca203a19a 100644 --- a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/move.go +++ b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/move.go @@ -219,7 +219,7 @@ func (s *svc) handleMove(ctx context.Context, w http.ResponseWriter, r *http.Req errors.HandleErrorStatus(&log, w, srcStatRes.Status) return } - if isSpaceRoot(srcStatRes.GetInfo()) { + if utils.IsSpaceRoot(srcStatRes.GetInfo()) { log.Error().Msg("the source is disallowed") w.WriteHeader(http.StatusBadRequest) return @@ -242,7 +242,7 @@ func (s *svc) handleMove(ctx context.Context, w http.ResponseWriter, r *http.Req if dstStatRes.Status.Code == rpc.Code_CODE_OK { successCode = http.StatusNoContent // 204 if target already existed, see https://tools.ietf.org/html/rfc4918#section-9.9.4 - if isSpaceRoot(dstStatRes.GetInfo()) { + if utils.IsSpaceRoot(dstStatRes.GetInfo()) { log.Error().Msg("overwriting is not allowed") w.WriteHeader(http.StatusBadRequest) return diff --git a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/ocdav.go b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/ocdav.go index 509a6ea63..d3cab17be 100644 --- a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/ocdav.go +++ b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/ocdav.go @@ -418,9 +418,3 @@ func (s *svc) referenceIsChildOf(ctx context.Context, selector pool.Selectable[g pp := path.Join(parentPathRes.Path, parent.Path) + "/" return strings.HasPrefix(cp, pp), nil } - -func isSpaceRoot(info *provider.ResourceInfo) bool { - f := info.GetId() - s := info.GetSpace().GetRoot() - return f.GetOpaqueId() == s.GetOpaqueId() && f.GetSpaceId() == s.GetSpaceId() -} diff --git a/vendor/github.com/cs3org/reva/v2/pkg/utils/grpc.go b/vendor/github.com/cs3org/reva/v2/pkg/utils/grpc.go index d363d9f2d..075aee212 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/utils/grpc.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/utils/grpc.go @@ -201,6 +201,13 @@ func IsStatusCodeError(err error, code rpc.Code) bool { return sce.code == code } +// IsSpaceRoot checks if the given resource info is referring to a space root +func IsSpaceRoot(ri *storageprovider.ResourceInfo) bool { + f := ri.GetId() + s := ri.GetSpace().GetRoot() + return f.GetOpaqueId() == s.GetOpaqueId() && f.GetSpaceId() == s.GetSpaceId() +} + func checkStatusCode(reason string, code rpc.Code) error { if code == rpc.Code_CODE_OK { return nil diff --git a/vendor/modules.txt b/vendor/modules.txt index 7046c0481..a7165f81e 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -366,7 +366,7 @@ github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1 github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1 github.com/cs3org/go-cs3apis/cs3/tx/v1beta1 github.com/cs3org/go-cs3apis/cs3/types/v1beta1 -# github.com/cs3org/reva/v2 v2.19.2-0.20240415154646-5c2c9831a2b7 +# github.com/cs3org/reva/v2 v2.19.2-0.20240416121921-56d2be7011cf ## explicit; go 1.21 github.com/cs3org/reva/v2/cmd/revad/internal/grace github.com/cs3org/reva/v2/cmd/revad/runtime