mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-05-02 00:44:53 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: l10n make path, validation context key type and available role env

Browse Source
This commit is contained in:
Florian Schade
2024-08-23 11:57:43 +02:00
parent 43ba95190f
commit 803a0a5c38
5 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.drone.star
+1 -1
View File
@@ -2104,7 +2104,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on =
"NATS_NATS_PORT": 9233,
"OCIS_JWT_SECRET": "some-ocis-jwt-secret",
"EVENTHISTORY_STORE": "memory",
"UNIFIED_ROLES_AVAILABLE_ROLES": "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5,a8d5fe5e-96e3-418d-825b-534dbdf22b99,fb6c3e19-e378-47e5-b277-9732f9de6e21,58c63c02-1d89-4572-916a-870abc5a1b7d,2d00ce52-1fc2-4dbc-8b95-a73b73395f5a,1c996275-f1c9-4e71-abdf-a42f6495e960,312c0871-5ef7-4b3a-85b6-0e4074c64049,aa97fe03-7980-45ac-9e50-b325749fd7e6",
"GRAPH_AVAILABLE_ROLES": "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5,a8d5fe5e-96e3-418d-825b-534dbdf22b99,fb6c3e19-e378-47e5-b277-9732f9de6e21,58c63c02-1d89-4572-916a-870abc5a1b7d,2d00ce52-1fc2-4dbc-8b95-a73b73395f5a,1c996275-f1c9-4e71-abdf-a42f6495e960,312c0871-5ef7-4b3a-85b6-0e4074c64049,aa97fe03-7980-45ac-9e50-b325749fd7e6",
}
if deploy_type == "":
changelog/unreleased/enhancement-unified-roles-management.md
+1 -1
View File
@@ -20,7 +20,7 @@ The following roles are now disabled by default:
To enable the UnifiedRoleSecureViewer role, you must provide a list of all available roles through one of the following methods:
- Using the UNIFIED_ROLES_AVAILABLE_ROLES environment variable.
- Using the GRAPH_AVAILABLE_ROLES environment variable.
- Setting the available_roles configuration value.
To enable a role, include the UID of the role in the list of available roles.
services/graph/Makefile
+1 -1
View File
@@ -45,7 +45,7 @@ l10n-push:
.PHONY: l10n-read
l10n-read: $(GO_XGETTEXT)
go-xgettext -o $(OUTPUT_DIR)/graph.pot --keyword=l10n.Template --add-comments -s pkg/service/v0/spacetemplates.go -s pkg/unifiedrole/unifiedrole.go
go-xgettext -o $(OUTPUT_DIR)/graph.pot --keyword=l10n.Template --add-comments -s pkg/service/v0/spacetemplates.go -s pkg/unifiedrole/roles.go
.PHONY: l10n-write
l10n-write:
services/graph/pkg/config/unified_roles.go
+1 -1
View File
@@ -2,5 +2,5 @@ package config
// UnifiedRoles contains all settings related to unified roles.
type UnifiedRoles struct {
AvailableRoles []string `yaml:"available_roles" env:"UNIFIED_ROLES_AVAILABLE_ROLES" desc:"A list of roles that are available for assignment." introductionVersion:"%%NEXT%%"`
AvailableRoles []string `yaml:"available_roles" env:"GRAPH_AVAILABLE_ROLES" desc:"A list of roles that are available for assignment." introductionVersion:"%%NEXT%%"`
}
services/graph/pkg/validate/libregraph.go
+6 -4
View File
@@ -10,8 +10,10 @@ import (
"github.com/owncloud/ocis/v2/services/graph/pkg/unifiedrole"
)
var (
_contextRoleIDsValueKey = "roleFilterIDs"
type contextKey int
const (
ContextKeyRoleIDsValueKey contextKey = iota
)
// initLibregraph initializes libregraph validation
@@ -88,7 +90,7 @@ func rolesAndActions(ctx context.Context, sl validator.StructLevel, roles, actio
var availableActions []string
var definitions []*libregraph.UnifiedRoleDefinition
switch roles, ok := ctx.Value(_contextRoleIDsValueKey).([]string); {
switch roles, ok := ctx.Value(ContextKeyRoleIDsValueKey).([]string); {
case ok:
definitions = unifiedrole.GetRoles(unifiedrole.RoleFilterIDs(roles...))
default:
@@ -133,5 +135,5 @@ func rolesAndActions(ctx context.Context, sl validator.StructLevel, roles, actio
// ContextWithAllowedRoleIDs returns a new context which includes the allowed role IDs.
func ContextWithAllowedRoleIDs(ctx context.Context, rolesIds []string) context.Context {
return context.WithValue(ctx, _contextRoleIDsValueKey, rolesIds)
return context.WithValue(ctx, ContextKeyRoleIDsValueKey, rolesIds)
}