diff --git a/CHANGELOG.md b/CHANGELOG.md index 4935a43ef..359f68572 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,9 @@ The following sections list the changes for unreleased. ## Summary * Change - Remove OnlyOffice extension: [#2433](https://github.com/owncloud/ocis/pull/2433) +* Enhancement - Add app provider and app provider registry: [#2204](https://github.com/owncloud/ocis/pull/2204) +* Enhancement - Add the create space permission: [#2461](https://github.com/owncloud/ocis/pull/2461) +* Enhancement - Add set space quota permission: [#2459](https://github.com/owncloud/ocis/pull/2459) * Enhancement - Update go-chi/chi to version 5.0.3: [#2429](https://github.com/owncloud/ocis/pull/2429) * Enhancement - Upgrade go micro to v3.6.0: [#2451](https://github.com/owncloud/ocis/pull/2451) @@ -23,6 +26,26 @@ The following sections list the changes for unreleased. https://github.com/owncloud/ocis/pull/2433 +* Enhancement - Add app provider and app provider registry: [#2204](https://github.com/owncloud/ocis/pull/2204) + + We added the app provider and app provider registry. Now the CS3org WOPI server can be + registered and OpenInApp requests can be done. + + https://github.com/owncloud/ocis/pull/2204 + https://github.com/cs3org/reva/pull/1785 + +* Enhancement - Add the create space permission: [#2461](https://github.com/owncloud/ocis/pull/2461) + + In preparation for the upcoming spaces features a `Create Space` permission was added. + + https://github.com/owncloud/ocis/pull/2461 + +* Enhancement - Add set space quota permission: [#2459](https://github.com/owncloud/ocis/pull/2459) + + In preparation for the upcoming spaces features a `SetSpaceQuota` permission was added. + + https://github.com/owncloud/ocis/pull/2459 + * Enhancement - Update go-chi/chi to version 5.0.3: [#2429](https://github.com/owncloud/ocis/pull/2429) Updated go-chi/chi to the lastest release diff --git a/changelog/unreleased/app-provider.md b/changelog/unreleased/app-provider.md new file mode 100644 index 000000000..df68eb769 --- /dev/null +++ b/changelog/unreleased/app-provider.md @@ -0,0 +1,6 @@ +Enhancement: Add app provider and app provider registry + +We added the app provider and app provider registry. Now the CS3org WOPI server can be registered and OpenInApp requests can be done. + +https://github.com/owncloud/ocis/pull/2204 +https://github.com/cs3org/reva/pull/1785 diff --git a/changelog/unreleased/create-space-permission.md b/changelog/unreleased/create-space-permission.md new file mode 100644 index 000000000..42b0133f8 --- /dev/null +++ b/changelog/unreleased/create-space-permission.md @@ -0,0 +1,5 @@ +Enhancement: add the create space permission + +In preparation for the upcoming spaces features a `Create Space` permission was added. + +https://github.com/owncloud/ocis/pull/2461 diff --git a/changelog/unreleased/set-quota-permission.md b/changelog/unreleased/set-quota-permission.md new file mode 100644 index 000000000..603f16a8b --- /dev/null +++ b/changelog/unreleased/set-quota-permission.md @@ -0,0 +1,5 @@ +Enhancement: add set space quota permission + +In preparation for the upcoming spaces features a `SetSpaceQuota` permission was added. + +https://github.com/owncloud/ocis/pull/2459 diff --git a/deployments/continuous-deployment-config/cs3_users_ocis/latest.yml b/deployments/continuous-deployment-config/cs3_users_ocis/latest.yml index 505111b8d..fcef5ec52 100644 --- a/deployments/continuous-deployment-config/cs3_users_ocis/latest.yml +++ b/deployments/continuous-deployment-config/cs3_users_ocis/latest.yml @@ -17,6 +17,16 @@ - "*.ocis-cs3-users.latest.owncloud.works" vars: + ssh_authorized_keys: + - https://github.com/butonic.keys + - https://github.com/C0rby.keys + - https://github.com/fschade.keys + - https://github.com/kulmann.keys + - https://github.com/micbar.keys + - https://github.com/pascalwengerter.keys + - https://github.com/paulcod3.keys + - https://github.com/refs.keys + - https://github.com/wkloucek.keys docker_compose_projects: - name: ocis git_url: https://github.com/owncloud/ocis.git diff --git a/deployments/continuous-deployment-config/cs3_users_ocis/released.yml b/deployments/continuous-deployment-config/cs3_users_ocis/released.yml index 2f5ce473f..7f0c1f5d2 100644 --- a/deployments/continuous-deployment-config/cs3_users_ocis/released.yml +++ b/deployments/continuous-deployment-config/cs3_users_ocis/released.yml @@ -17,6 +17,16 @@ - "*.ocis-cs3-users.released.owncloud.works" vars: + ssh_authorized_keys: + - https://github.com/butonic.keys + - https://github.com/C0rby.keys + - https://github.com/fschade.keys + - https://github.com/kulmann.keys + - https://github.com/micbar.keys + - https://github.com/pascalwengerter.keys + - https://github.com/paulcod3.keys + - https://github.com/refs.keys + - https://github.com/wkloucek.keys docker_compose_projects: - name: ocis git_url: https://github.com/owncloud/ocis.git diff --git a/deployments/continuous-deployment-config/ocis_hello/latest.yml b/deployments/continuous-deployment-config/ocis_hello/latest.yml index 94b7603d7..04e58aa14 100644 --- a/deployments/continuous-deployment-config/ocis_hello/latest.yml +++ b/deployments/continuous-deployment-config/ocis_hello/latest.yml @@ -17,6 +17,16 @@ - "*.ocis-s3.latest.owncloud.works" vars: + ssh_authorized_keys: + - https://github.com/butonic.keys + - https://github.com/C0rby.keys + - https://github.com/fschade.keys + - https://github.com/kulmann.keys + - https://github.com/micbar.keys + - https://github.com/pascalwengerter.keys + - https://github.com/paulcod3.keys + - https://github.com/refs.keys + - https://github.com/wkloucek.keys docker_compose_projects: - name: ocis git_url: https://github.com/owncloud/ocis.git diff --git a/deployments/continuous-deployment-config/ocis_keycloak/latest.yml b/deployments/continuous-deployment-config/ocis_keycloak/latest.yml index b8fe94f25..afa3503a1 100644 --- a/deployments/continuous-deployment-config/ocis_keycloak/latest.yml +++ b/deployments/continuous-deployment-config/ocis_keycloak/latest.yml @@ -17,6 +17,16 @@ - "*.ocis-keycloak.latest.owncloud.works" vars: + ssh_authorized_keys: + - https://github.com/butonic.keys + - https://github.com/C0rby.keys + - https://github.com/fschade.keys + - https://github.com/kulmann.keys + - https://github.com/micbar.keys + - https://github.com/pascalwengerter.keys + - https://github.com/paulcod3.keys + - https://github.com/refs.keys + - https://github.com/wkloucek.keys docker_compose_projects: - name: ocis git_url: https://github.com/owncloud/ocis.git diff --git a/deployments/continuous-deployment-config/ocis_keycloak/released.yml b/deployments/continuous-deployment-config/ocis_keycloak/released.yml index 620f3cba6..173063e60 100644 --- a/deployments/continuous-deployment-config/ocis_keycloak/released.yml +++ b/deployments/continuous-deployment-config/ocis_keycloak/released.yml @@ -17,6 +17,16 @@ - "*.ocis-keycloak.released.owncloud.works" vars: + ssh_authorized_keys: + - https://github.com/butonic.keys + - https://github.com/C0rby.keys + - https://github.com/fschade.keys + - https://github.com/kulmann.keys + - https://github.com/micbar.keys + - https://github.com/pascalwengerter.keys + - https://github.com/paulcod3.keys + - https://github.com/refs.keys + - https://github.com/wkloucek.keys docker_compose_projects: - name: ocis git_url: https://github.com/owncloud/ocis.git diff --git a/deployments/continuous-deployment-config/ocis_s3/latest.yml b/deployments/continuous-deployment-config/ocis_s3/latest.yml index 17ece3e8b..f49ad1a48 100644 --- a/deployments/continuous-deployment-config/ocis_s3/latest.yml +++ b/deployments/continuous-deployment-config/ocis_s3/latest.yml @@ -17,6 +17,16 @@ - "*.ocis-hello.latest.owncloud.works" vars: + ssh_authorized_keys: + - https://github.com/butonic.keys + - https://github.com/C0rby.keys + - https://github.com/fschade.keys + - https://github.com/kulmann.keys + - https://github.com/micbar.keys + - https://github.com/pascalwengerter.keys + - https://github.com/paulcod3.keys + - https://github.com/refs.keys + - https://github.com/wkloucek.keys docker_compose_projects: - name: ocis git_url: https://github.com/owncloud/ocis.git diff --git a/deployments/continuous-deployment-config/ocis_traefik/latest.yml b/deployments/continuous-deployment-config/ocis_traefik/latest.yml index 1ad4c6e99..fe5b72938 100644 --- a/deployments/continuous-deployment-config/ocis_traefik/latest.yml +++ b/deployments/continuous-deployment-config/ocis_traefik/latest.yml @@ -17,6 +17,16 @@ - "*.ocis-traefik.latest.owncloud.works" vars: + ssh_authorized_keys: + - https://github.com/butonic.keys + - https://github.com/C0rby.keys + - https://github.com/fschade.keys + - https://github.com/kulmann.keys + - https://github.com/micbar.keys + - https://github.com/pascalwengerter.keys + - https://github.com/paulcod3.keys + - https://github.com/refs.keys + - https://github.com/wkloucek.keys docker_compose_projects: - name: ocis git_url: https://github.com/owncloud/ocis.git diff --git a/deployments/continuous-deployment-config/ocis_traefik/released.yml b/deployments/continuous-deployment-config/ocis_traefik/released.yml index e4e9e8048..999986424 100644 --- a/deployments/continuous-deployment-config/ocis_traefik/released.yml +++ b/deployments/continuous-deployment-config/ocis_traefik/released.yml @@ -17,6 +17,16 @@ - "*.ocis-traefik.released.owncloud.works" vars: + ssh_authorized_keys: + - https://github.com/butonic.keys + - https://github.com/C0rby.keys + - https://github.com/fschade.keys + - https://github.com/kulmann.keys + - https://github.com/micbar.keys + - https://github.com/pascalwengerter.keys + - https://github.com/paulcod3.keys + - https://github.com/refs.keys + - https://github.com/wkloucek.keys docker_compose_projects: - name: ocis git_url: https://github.com/owncloud/ocis.git diff --git a/deployments/continuous-deployment-config/ocis_wopi/latest.yml b/deployments/continuous-deployment-config/ocis_wopi/latest.yml index 955001691..dcee49563 100644 --- a/deployments/continuous-deployment-config/ocis_wopi/latest.yml +++ b/deployments/continuous-deployment-config/ocis_wopi/latest.yml @@ -17,6 +17,16 @@ - "*.ocis-wopi.latest.owncloud.works" vars: + ssh_authorized_keys: + - https://github.com/butonic.keys + - https://github.com/C0rby.keys + - https://github.com/fschade.keys + - https://github.com/kulmann.keys + - https://github.com/micbar.keys + - https://github.com/pascalwengerter.keys + - https://github.com/paulcod3.keys + - https://github.com/refs.keys + - https://github.com/wkloucek.keys docker_compose_projects: - name: ocis git_url: https://github.com/owncloud/ocis.git diff --git a/deployments/continuous-deployment-config/ocis_wopi/released.yml b/deployments/continuous-deployment-config/ocis_wopi/released.yml index f4c6ed83c..a6e17e984 100644 --- a/deployments/continuous-deployment-config/ocis_wopi/released.yml +++ b/deployments/continuous-deployment-config/ocis_wopi/released.yml @@ -17,6 +17,16 @@ - "*.ocis-wopi.released.owncloud.works" vars: + ssh_authorized_keys: + - https://github.com/butonic.keys + - https://github.com/C0rby.keys + - https://github.com/fschade.keys + - https://github.com/kulmann.keys + - https://github.com/micbar.keys + - https://github.com/pascalwengerter.keys + - https://github.com/paulcod3.keys + - https://github.com/refs.keys + - https://github.com/wkloucek.keys docker_compose_projects: - name: ocis git_url: https://github.com/owncloud/ocis.git diff --git a/deployments/examples/ocis_wopi/config/ocis/proxy-config.json b/deployments/examples/ocis_wopi/config/ocis/proxy-config.json index bccf19699..59b0fa28b 100644 --- a/deployments/examples/ocis_wopi/config/ocis/proxy-config.json +++ b/deployments/examples/ocis_wopi/config/ocis/proxy-config.json @@ -32,6 +32,10 @@ "endpoint": "/ocs/v[12].php/cloud/(users?|groups)", "backend": "http://localhost:9110" }, + { + "endpoint": "/app/", + "backend": "http://localhost:9140" + }, { "endpoint": "/ocs/", "backend": "http://localhost:9140" diff --git a/deployments/examples/ocis_wopi/docker-compose.yml b/deployments/examples/ocis_wopi/docker-compose.yml index b595ce9c2..a0f5488b4 100644 --- a/deployments/examples/ocis_wopi/docker-compose.yml +++ b/deployments/examples/ocis_wopi/docker-compose.yml @@ -66,6 +66,13 @@ services: WEB_UI_CONFIG: "/var/tmp/ocis/.config/web-config.json" # proxy PROXY_CONFIG_FILE: "/var/tmp/ocis/.config/proxy-config.json" + # app provider + APP_PROVIDER_DRIVER: wopi + APP_PROVIDER_WOPI_DRIVER_APP_NAME: Collabora + APP_PROVIDER_WOPI_DRIVER_APP_URL: https://${COLLABORA_DOMAIN:-collabora.owncloud.test} + APP_PROVIDER_WOPI_DRIVER_INSECURE: "${INSECURE:-false}" + APP_PROVIDER_WOPI_DRIVER_IOP_SECRET: ${WOPI_IOP_SECRET:-LoremIpsum123} + APP_PROVIDER_WOPI_DRIVER_WOPI_URL: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} volumes: - ./config/ocis/entrypoint-override.sh:/entrypoint-override.sh - ./config/ocis/web-config.dist.json:/config/web-config.dist.json @@ -90,9 +97,6 @@ services: OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-error} # make oCIS less verbose WOPISERVER_REVA_GATEWAY_ADDR: ocis:9142 OCIS_JWT_SECRET: ${OCIS_JWT_SECRET:-Pive-Fumkiu4} - WOPISERVER_WOPI_SERVER_HOST: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} - WOPISERVER_WOPI_SERVER_IOP_SECRET: ${WOPI_IOP_SECRET:-LoremIpsum123} - WOPISERVER_WOPI_SERVER_INSECURE: "${INSECURE:-false}" logging: driver: "local" restart: always diff --git a/docs/extensions/storage/ports.md b/docs/extensions/storage/ports.md index 83ef871b8..2ab34f5dd 100644 --- a/docs/extensions/storage/ports.md +++ b/docs/extensions/storage/ports.md @@ -34,6 +34,8 @@ For now, the storage service uses these ports to preconfigure those services: | 9159 | storage users debug | | 9160 | groups | | 9161 | groups debug | +| 9164 | storage appprovider | +| 9165 | storage appprovider debug | | 9178 | storage public link | | 9179 | storage public link data | | 9215 | storage meta grpc | diff --git a/ocis/pkg/command/storageappprovider.go b/ocis/pkg/command/storageappprovider.go new file mode 100644 index 000000000..883069ab7 --- /dev/null +++ b/ocis/pkg/command/storageappprovider.go @@ -0,0 +1,45 @@ +// +build !simple + +package command + +import ( + "github.com/micro/cli/v2" + "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis/pkg/register" + "github.com/owncloud/ocis/storage/pkg/command" + svcconfig "github.com/owncloud/ocis/storage/pkg/config" + "github.com/owncloud/ocis/storage/pkg/flagset" +) + +// StorageAppProviderCommand is the entrypoint for the reva-app-provider command. +func StorageAppProviderCommand(cfg *config.Config) *cli.Command { + return &cli.Command{ + Name: "storage-app-provider", + Usage: "Start storage app-provider service", + Category: "Extensions", + Flags: flagset.AppProviderWithConfig(cfg.Storage), + Action: func(c *cli.Context) error { + origCmd := command.AppProvider(configureStorageAppProvider(cfg)) + return handleOriginalAction(c, origCmd) + }, + } +} + +func configureStorageAppProvider(cfg *config.Config) *svcconfig.Config { + cfg.Storage.Log.Level = cfg.Log.Level + cfg.Storage.Log.Pretty = cfg.Log.Pretty + cfg.Storage.Log.Color = cfg.Log.Color + + if cfg.Tracing.Enabled { + cfg.Storage.Tracing.Enabled = cfg.Tracing.Enabled + cfg.Storage.Tracing.Type = cfg.Tracing.Type + cfg.Storage.Tracing.Endpoint = cfg.Tracing.Endpoint + cfg.Storage.Tracing.Collector = cfg.Tracing.Collector + } + + return cfg.Storage +} + +func init() { + register.AddCommand(StorageAppProviderCommand) +} diff --git a/ocis/pkg/runtime/service/service.go b/ocis/pkg/runtime/service/service.go index ab4229f65..6ff29a158 100644 --- a/ocis/pkg/runtime/service/service.go +++ b/ocis/pkg/runtime/service/service.go @@ -108,6 +108,7 @@ func NewService(options ...Option) (*Service, error) { s.ServicesRegistry["storage-home"] = storage.NewStorageHome s.ServicesRegistry["storage-users"] = storage.NewStorageUsers s.ServicesRegistry["storage-public-link"] = storage.NewStoragePublicLink + s.ServicesRegistry["storage-appprovider"] = storage.NewAppProvider // populate delayed services s.Delayed["storage-sharing"] = storage.NewSharing diff --git a/proxy/pkg/proxy/proxy.go b/proxy/pkg/proxy/proxy.go index b066e9631..0bd61b761 100644 --- a/proxy/pkg/proxy/proxy.go +++ b/proxy/pkg/proxy/proxy.go @@ -295,6 +295,10 @@ func defaultPolicies() []config.Policy { Endpoint: "/ocs/v[12].php/cloud/(users?|groups)", // we have `user`, `users` and `groups` in ocis-ocs Backend: "http://localhost:9110", }, + { + Endpoint: "/app/", + Backend: "http://localhost:9140", + }, { Endpoint: "/ocs/", Backend: "http://localhost:9140", diff --git a/settings/pkg/service/v0/settings.go b/settings/pkg/service/v0/settings.go index 0c76da8ab..f858395f6 100644 --- a/settings/pkg/service/v0/settings.go +++ b/settings/pkg/service/v0/settings.go @@ -24,6 +24,16 @@ const ( // SettingsManagementPermissionName is the hardcoded setting name for the settings management permission SettingsManagementPermissionName string = "settings-management" + // SetSpaceQuotaPermissionID is the hardcoded setting UUID for the set space quota permission + SetSpaceQuotaPermissionID string = "4e6f9709-f9e7-44f1-95d4-b762d27b7896" + // SetSpaceQuotaPermissionName is the hardcoded setting name for the set space quota permission + SetSpaceQuotaPermissionName string = "set-space-quota" + + // CreateSpacePermissionID is the hardcoded setting UUID for the create space permission + CreateSpacePermissionID string = "79e13b30-3e22-11eb-bc51-0b9f0bad9a58" + // CreateSpacePermissionName is the hardcoded setting name for the create space permission + CreateSpacePermissionName string = "create-space" + settingUUIDProfileLanguage = "aa8cfbe5-95d4-4f7e-a032-c3c01f5f062f" // AccountManagementPermissionID is the hardcoded setting UUID for the account management permission @@ -331,6 +341,42 @@ func generatePermissionRequests() []*settings.AddSettingToBundleRequest { }, }, }, + { + BundleId: BundleUUIDRoleAdmin, + Setting: &settings.Setting{ + Id: SetSpaceQuotaPermissionID, + Name: SetSpaceQuotaPermissionName, + DisplayName: "Set Space Quota", + Description: "This permission allows to manage space quotas.", + Resource: &settings.Resource{ + Type: settings.Resource_TYPE_SYSTEM, + }, + Value: &settings.Setting_PermissionValue{ + PermissionValue: &settings.Permission{ + Operation: settings.Permission_OPERATION_READWRITE, + Constraint: settings.Permission_CONSTRAINT_ALL, + }, + }, + }, + }, + { + BundleId: BundleUUIDRoleAdmin, + Setting: &settings.Setting{ + Id: CreateSpacePermissionID, + Name: CreateSpacePermissionName, + DisplayName: "Create Space", + Description: "This permission allows to create new spaces.", + Resource: &settings.Resource{ + Type: settings.Resource_TYPE_SYSTEM, + }, + Value: &settings.Setting_PermissionValue{ + PermissionValue: &settings.Permission{ + Operation: settings.Permission_OPERATION_READWRITE, + Constraint: settings.Permission_CONSTRAINT_ALL, + }, + }, + }, + }, } } diff --git a/storage/pkg/command/appprovider.go b/storage/pkg/command/appprovider.go new file mode 100644 index 000000000..b45e4a39f --- /dev/null +++ b/storage/pkg/command/appprovider.go @@ -0,0 +1,160 @@ +package command + +import ( + "context" + "flag" + "os" + "path" + + "github.com/cs3org/reva/cmd/revad/runtime" + "github.com/gofrs/uuid" + "github.com/micro/cli/v2" + "github.com/oklog/run" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/sync" + "github.com/owncloud/ocis/storage/pkg/config" + "github.com/owncloud/ocis/storage/pkg/flagset" + "github.com/owncloud/ocis/storage/pkg/server/debug" + "github.com/owncloud/ocis/storage/pkg/tracing" + "github.com/thejerf/suture/v4" +) + +// AppProvider is the entrypoint for the app provider command. +func AppProvider(cfg *config.Config) *cli.Command { + return &cli.Command{ + Name: "app-provider", + Usage: "Start appprovider for providing apps", + Flags: flagset.AppProviderWithConfig(cfg), + Before: func(c *cli.Context) error { + cfg.Reva.AppProvider.Services = c.StringSlice("service") + + return nil + }, + Action: func(c *cli.Context) error { + logger := NewLogger(cfg) + tracing.Configure(cfg, logger) + gr := run.Group{} + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + + uuid := uuid.Must(uuid.NewV4()) + pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+uuid.String()+".pid") + + rcfg := appProviderConfigFromStruct(c, cfg) + + gr.Add(func() error { + runtime.RunWithOptions(rcfg, pidFile, runtime.WithLogger(&logger.Logger)) + return nil + }, func(_ error) { + logger.Info(). + Str("server", c.Command.Name). + Msg("Shutting down server") + + cancel() + }) + + debugServer, err := debug.Server( + debug.Name(c.Command.Name+"-debug"), + debug.Addr(cfg.Reva.AppProvider.DebugAddr), + debug.Logger(logger), + debug.Context(ctx), + debug.Config(cfg), + ) + + if err != nil { + logger.Info().Err(err).Str("server", "debug").Msg("Failed to initialize server") + return err + } + + gr.Add(debugServer.ListenAndServe, func(_ error) { + cancel() + }) + + if !cfg.Reva.AppProvider.Supervised { + sync.Trap(&gr, cancel) + } + + return gr.Run() + }, + } +} + +// appProviderConfigFromStruct will adapt an oCIS config struct into a reva mapstructure to start a reva service. +func appProviderConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} { + + rcfg := map[string]interface{}{ + "core": map[string]interface{}{ + "max_cpus": cfg.Reva.AppProvider.MaxCPUs, + "tracing_enabled": cfg.Tracing.Enabled, + "tracing_endpoint": cfg.Tracing.Endpoint, + "tracing_collector": cfg.Tracing.Collector, + "tracing_service_name": c.Command.Name, + }, + "shared": map[string]interface{}{ + "jwt_secret": cfg.Reva.JWTSecret, + }, + "grpc": map[string]interface{}{ + "network": cfg.Reva.AppProvider.GRPCNetwork, + "address": cfg.Reva.AppProvider.GRPCAddr, + // TODO build services dynamically + "services": map[string]interface{}{ + "appprovider": map[string]interface{}{ + "gatewaysvc": cfg.Reva.Gateway.Endpoint, + "app_provider_url": cfg.Reva.AppProvider.ExternalAddr, + "driver": cfg.Reva.AppProvider.Driver, + "drivers": map[string]interface{}{ + "wopi": map[string]interface{}{ + "app_api_key": cfg.Reva.AppProvider.WopiDriver.AppAPIKey, + "app_desktop_only": cfg.Reva.AppProvider.WopiDriver.AppDesktopOnly, + "app_icon_uri": cfg.Reva.AppProvider.WopiDriver.AppIconURI, + "app_int_url": cfg.Reva.AppProvider.WopiDriver.AppInternalURL, + "app_name": cfg.Reva.AppProvider.WopiDriver.AppName, + "app_url": cfg.Reva.AppProvider.WopiDriver.AppURL, + "insecure_connections": cfg.Reva.AppProvider.WopiDriver.Insecure, + "iop_secret": cfg.Reva.AppProvider.WopiDriver.IopSecret, + "jwt_secret": cfg.Reva.AppProvider.WopiDriver.JWTSecret, + "wopi_url": cfg.Reva.AppProvider.WopiDriver.WopiURL, + }, + }, + }, + }, + }, + } + return rcfg +} + +// AppProviderSutureService allows for the app-provider command to be embedded and supervised by a suture supervisor tree. +type AppProviderSutureService struct { + cfg *config.Config +} + +// NewAppProvider creates a new store.AppProviderSutureService +func NewAppProvider(cfg *ociscfg.Config) suture.Service { + if cfg.Mode == 0 { + cfg.Storage.Reva.AppProvider.Supervised = true + } + return AppProviderSutureService{ + cfg: cfg.Storage, + } +} + +func (s AppProviderSutureService) Serve(ctx context.Context) error { + s.cfg.Reva.AppProvider.Context = ctx + f := &flag.FlagSet{} + for k := range AppProvider(s.cfg).Flags { + if err := AppProvider(s.cfg).Flags[k].Apply(f); err != nil { + return err + } + } + cliCtx := cli.NewContext(nil, f, nil) + if AppProvider(s.cfg).Before != nil { + if err := AppProvider(s.cfg).Before(cliCtx); err != nil { + return err + } + } + if err := AppProvider(s.cfg).Action(cliCtx); err != nil { + return err + } + + return nil +} diff --git a/storage/pkg/command/frontend.go b/storage/pkg/command/frontend.go index 32a2904d2..ef686698b 100644 --- a/storage/pkg/command/frontend.go +++ b/storage/pkg/command/frontend.go @@ -141,6 +141,12 @@ func frontendConfigFromStruct(c *cli.Context, cfg *config.Config, filesCfg map[s }, // TODO build services dynamically "services": map[string]interface{}{ + "appprovider": map[string]interface{}{ + "prefix": cfg.Reva.Frontend.AppProviderPrefix, + "transfer_shared_secret": cfg.Reva.TransferSecret, + "timeout": 86400, + "insecure": true, + }, "datagateway": map[string]interface{}{ "prefix": cfg.Reva.Frontend.DatagatewayPrefix, "transfer_shared_secret": cfg.Reva.TransferSecret, diff --git a/storage/pkg/command/gateway.go b/storage/pkg/command/gateway.go index 50032f2e7..37b7dcdaa 100644 --- a/storage/pkg/command/gateway.go +++ b/storage/pkg/command/gateway.go @@ -160,6 +160,9 @@ func gatewayConfigFromStruct(c *cli.Context, cfg *config.Config, logger log.Logg }, }, }, + "appregistry": map[string]interface{}{ + "driver": "static", + }, "storageregistry": map[string]interface{}{ "driver": cfg.Reva.StorageRegistry.Driver, "drivers": map[string]interface{}{ diff --git a/storage/pkg/command/root.go b/storage/pkg/command/root.go index eb20e0f8d..1c99f2aad 100644 --- a/storage/pkg/command/root.go +++ b/storage/pkg/command/root.go @@ -76,6 +76,7 @@ func Execute(cfg *config.Config) error { Gateway(cfg), Users(cfg), Groups(cfg), + AppProvider(cfg), AuthBasic(cfg), AuthBearer(cfg), Sharing(cfg), diff --git a/storage/pkg/config/config.go b/storage/pkg/config/config.go index e24b21c91..23a3ff23a 100644 --- a/storage/pkg/config/config.go +++ b/storage/pkg/config/config.go @@ -39,6 +39,27 @@ type StorageRegistry struct { JSON string } +// AppProvider defines the available app provider configuration +type AppProvider struct { + Port + ExternalAddr string + Driver string + WopiDriver WopiDriver +} + +type WopiDriver struct { + AppAPIKey string + AppDesktopOnly bool + AppIconURI string + AppInternalURL string + AppName string + AppURL string + Insecure bool + IopSecret string + JWTSecret string + WopiURL string +} + // Sharing defines the available sharing configuration. type Sharing struct { Port @@ -109,6 +130,7 @@ type Groups struct { type FrontendPort struct { Port + AppProviderPrefix string DatagatewayPrefix string OCDavPrefix string OCSPrefix string @@ -390,6 +412,7 @@ type Reva struct { StorageUsers StoragePort StoragePublicLink PublicStorage StorageMetadata StoragePort + AppProvider AppProvider // Configs can be used to configure the reva instance. // Services and Ports will be ignored if this is used Configs map[string]interface{} diff --git a/storage/pkg/flagset/appprovider.go b/storage/pkg/flagset/appprovider.go new file mode 100644 index 000000000..1a8b6e694 --- /dev/null +++ b/storage/pkg/flagset/appprovider.go @@ -0,0 +1,144 @@ +package flagset + +import ( + "github.com/micro/cli/v2" + "github.com/owncloud/ocis/ocis-pkg/flags" + "github.com/owncloud/ocis/storage/pkg/config" +) + +// AppProviderWithConfig applies cfg to the root flagset +func AppProviderWithConfig(cfg *config.Config) []cli.Flag { + flags := []cli.Flag{ + + // debug ports are the odd ports + &cli.StringFlag{ + Name: "debug-addr", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.DebugAddr, "0.0.0.0:9165"), + Usage: "Address to bind debug server", + EnvVars: []string{"APP_PROVIDER_BASIC_DEBUG_ADDR"}, + Destination: &cfg.Reva.AppProvider.DebugAddr, + }, + + // Auth + + // Services + + // AppProvider + + &cli.StringFlag{ + Name: "network", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.GRPCNetwork, "tcp"), + Usage: "Network to use for the storage auth-basic service, can be 'tcp', 'udp' or 'unix'", + EnvVars: []string{"APP_PROVIDER_BASIC_GRPC_NETWORK"}, + Destination: &cfg.Reva.AppProvider.GRPCNetwork, + }, + &cli.StringFlag{ + Name: "addr", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.GRPCAddr, "0.0.0.0:9164"), + Usage: "Address to bind storage service", + EnvVars: []string{"APP_PROVIDER_BASIC_GRPC_ADDR"}, + Destination: &cfg.Reva.AppProvider.GRPCAddr, + }, + &cli.StringFlag{ + Name: "external-addr", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.ExternalAddr, "127.0.0.1:9164"), + Usage: "Address to connect to the storage service for other services", + EnvVars: []string{"APP_PROVIDER_BASIC_EXTERNAL_ADDR"}, + Destination: &cfg.Reva.AppProvider.ExternalAddr, + }, + &cli.StringSliceFlag{ + Name: "service", + Value: cli.NewStringSlice("appprovider"), + Usage: "--service appprovider [--service otherservice]", + EnvVars: []string{"APP_PROVIDER_BASIC_SERVICES"}, + }, + + &cli.StringFlag{ + Name: "driver", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.Driver, ""), + Usage: "Driver to use for app provider", + EnvVars: []string{"APP_PROVIDER_DRIVER"}, + Destination: &cfg.Reva.AppProvider.Driver, + }, + + // WOPI driver + &cli.StringFlag{ + Name: "wopi-driver-app-apikey", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.WopiDriver.AppAPIKey, ""), + Usage: "The API key used by the app, if applicable.", + EnvVars: []string{"APP_PROVIDER_WOPI_DRIVER_APP_API_KEY"}, + Destination: &cfg.Reva.AppProvider.WopiDriver.AppAPIKey, + }, + &cli.BoolFlag{ + Name: "wopi-driver-app-desktop-only", + Value: flags.OverrideDefaultBool(cfg.Reva.AppProvider.WopiDriver.AppDesktopOnly, false), + Usage: "Whether the app can be opened only on desktop", + EnvVars: []string{"APP_PROVIDER_WOPI_DRIVER_APP_DESKTOP_ONLY"}, + Destination: &cfg.Reva.AppProvider.WopiDriver.AppDesktopOnly, + }, + &cli.StringFlag{ + Name: "wopi-driver-app-icon-uri", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.WopiDriver.AppIconURI, ""), + Usage: "IOP Secret (Shared with WOPI server)", + EnvVars: []string{"APP_PROVIDER_WOPI_DRIVER_APP_ICON_URI"}, + Destination: &cfg.Reva.AppProvider.WopiDriver.AppIconURI, + }, + &cli.StringFlag{ + Name: "wopi-driver-app-internal-url", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.WopiDriver.AppInternalURL, ""), + Usage: "The internal app URL in case of dockerized deployments. Defaults to AppURL", + EnvVars: []string{"APP_PROVIDER_WOPI_DRIVER_APP_INTERNAL_URL"}, + Destination: &cfg.Reva.AppProvider.WopiDriver.AppInternalURL, + }, + &cli.StringFlag{ + Name: "wopi-driver-app-name", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.WopiDriver.AppName, ""), + Usage: "The App user-friendly name.", + EnvVars: []string{"APP_PROVIDER_WOPI_DRIVER_APP_NAME"}, + Destination: &cfg.Reva.AppProvider.WopiDriver.AppName, + }, + &cli.StringFlag{ + Name: "wopi-driver-app-url", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.WopiDriver.AppURL, ""), + Usage: "App server URL", + EnvVars: []string{"APP_PROVIDER_WOPI_DRIVER_APP_URL"}, + Destination: &cfg.Reva.AppProvider.WopiDriver.AppURL, + }, + &cli.BoolFlag{ + Name: "wopi-driver-insecure", + Value: flags.OverrideDefaultBool(cfg.Reva.AppProvider.WopiDriver.Insecure, false), + Usage: "Disable SSL certificate verification of WOPI server and WOPI bridge", + EnvVars: []string{"APP_PROVIDER_WOPI_DRIVER_INSECURE"}, + Destination: &cfg.Reva.AppProvider.WopiDriver.Insecure, + }, + &cli.StringFlag{ + Name: "wopi-driver-iopsecret", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.WopiDriver.IopSecret, ""), + Usage: "IOP Secret (Shared with WOPI server)", + EnvVars: []string{"APP_PROVIDER_WOPI_DRIVER_IOP_SECRET"}, + Destination: &cfg.Reva.AppProvider.WopiDriver.IopSecret, + }, + &cli.StringFlag{ + Name: "wopi-driver-wopiurl", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.WopiDriver.WopiURL, ""), + Usage: "WOPI server URL", + EnvVars: []string{"APP_PROVIDER_WOPI_DRIVER_WOPI_URL"}, + Destination: &cfg.Reva.AppProvider.WopiDriver.WopiURL, + }, + + // Gateway + &cli.StringFlag{ + Name: "gateway-url", + Value: flags.OverrideDefaultString(cfg.Reva.Gateway.Endpoint, "localhost:9142"), + Usage: "URL to use for the storage gateway service", + EnvVars: []string{"STORAGE_GATEWAY_ENDPOINT"}, + Destination: &cfg.Reva.Gateway.Endpoint, + }, + } + + flags = append(flags, TracingWithConfig(cfg)...) + flags = append(flags, DebugWithConfig(cfg)...) + flags = append(flags, SecretWithConfig(cfg)...) + + return flags +} diff --git a/storage/pkg/flagset/frontend.go b/storage/pkg/flagset/frontend.go index 335ecfed6..2f7ec6fb1 100644 --- a/storage/pkg/flagset/frontend.go +++ b/storage/pkg/flagset/frontend.go @@ -87,10 +87,17 @@ func FrontendWithConfig(cfg *config.Config) []cli.Flag { }, &cli.StringSliceFlag{ Name: "service", - Value: cli.NewStringSlice("datagateway", "ocdav", "ocs"), + Value: cli.NewStringSlice("datagateway", "ocdav", "ocs", "appprovider"), Usage: "--service ocdav [--service ocs]", EnvVars: []string{"STORAGE_FRONTEND_SERVICES"}, }, + &cli.StringFlag{ + Name: "approvider-prefix", + Value: flags.OverrideDefaultString(cfg.Reva.Frontend.AppProviderPrefix, ""), + Usage: "approvider prefix", + EnvVars: []string{"STORAGE_FRONTEND_APPPROVIDER_PREFIX"}, + Destination: &cfg.Reva.Frontend.AppProviderPrefix, + }, &cli.StringFlag{ Name: "datagateway-prefix", Value: flags.OverrideDefaultString(cfg.Reva.Frontend.DatagatewayPrefix, "data"), diff --git a/storage/pkg/flagset/gateway.go b/storage/pkg/flagset/gateway.go index af603478f..ba0585996 100644 --- a/storage/pkg/flagset/gateway.go +++ b/storage/pkg/flagset/gateway.go @@ -62,7 +62,7 @@ func GatewayWithConfig(cfg *config.Config) []cli.Flag { }, &cli.StringSliceFlag{ Name: "service", - Value: cli.NewStringSlice("gateway", "authregistry", "storageregistry"), // TODO appregistry + Value: cli.NewStringSlice("gateway", "authregistry", "storageregistry", "appregistry"), Usage: "--service gateway [--service authregistry]", EnvVars: []string{"STORAGE_GATEWAY_SERVICES"}, }, @@ -193,6 +193,13 @@ func GatewayWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"STORAGE_SHARING_ENDPOINT"}, Destination: &cfg.Reva.Sharing.Endpoint, }, + &cli.StringFlag{ + Name: "appprovider-endpoint", + Value: flags.OverrideDefaultString(cfg.Reva.AppProvider.Endpoint, "localhost:9164"), + Usage: "endpoint to use for the app provider", + EnvVars: []string{"STORAGE_APPPROVIDER_ENDPOINT"}, + Destination: &cfg.Reva.AppProvider.Endpoint, + }, // register home storage