make group provider config similar to other services

2026-01-02 10:21:07 -06:00 · 2022-04-19 18:06:25 +02:00
parent ed4e9ee866
commit 9e20992c0b
10 changed files with 458 additions and 240 deletions
--- a/extensions/group/pkg/command/command.go
+++ b/extensions/group/pkg/command/command.go
@@ -0,0 +1,218 @@
+package command
+
+import (
+	"context"
+	"flag"
+	"os"
+	"path"
+	"path/filepath"
+
+	"github.com/cs3org/reva/v2/cmd/revad/runtime"
+	"github.com/gofrs/uuid"
+	"github.com/oklog/run"
+	"github.com/owncloud/ocis/extensions/group/pkg/config"
+	"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
+	ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
+	"github.com/owncloud/ocis/ocis-pkg/ldap"
+	"github.com/owncloud/ocis/ocis-pkg/log"
+	"github.com/owncloud/ocis/ocis-pkg/sync"
+	"github.com/owncloud/ocis/ocis-pkg/tracing"
+	"github.com/thejerf/suture/v4"
+	"github.com/urfave/cli/v2"
+)
+
+// Groups is the entrypoint for the sharing command.
+func Groups(cfg *config.Config) *cli.Command {
+	return &cli.Command{
+		Name:  "groups",
+		Usage: "start groups service",
+		// Before: func(c *cli.Context) error {
+		// 	return ParseConfig(c, cfg, "storage-groups")
+		// },
+		Action: func(c *cli.Context) error {
+			logCfg := cfg.Logging
+			logger := log.NewLogger(
+				log.Level(logCfg.Level),
+				log.File(logCfg.File),
+				log.Pretty(logCfg.Pretty),
+				log.Color(logCfg.Color),
+			)
+			tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
+			gr := run.Group{}
+			ctx, cancel := context.WithCancel(context.Background())
+			defer cancel()
+
+			// pre-create folders
+			if cfg.Driver == "json" && cfg.Drivers.JSON.File != "" {
+				if err := os.MkdirAll(filepath.Dir(cfg.Drivers.JSON.File), os.FileMode(0700)); err != nil {
+					return err
+				}
+			}
+
+			cuuid := uuid.Must(uuid.NewV4())
+			pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+cuuid.String()+".pid")
+
+			rcfg := groupsConfigFromStruct(c, cfg)
+
+			if cfg.Driver == "ldap" {
+				if err := ldap.WaitForCA(logger, cfg.Drivers.LDAP.Insecure, cfg.Drivers.LDAP.CACert); err != nil {
+					logger.Error().Err(err).Msg("The configured LDAP CA cert does not exist")
+					return err
+				}
+			}
+
+			gr.Add(func() error {
+				runtime.RunWithOptions(
+					rcfg,
+					pidFile,
+					runtime.WithLogger(&logger.Logger),
+				)
+				return nil
+			}, func(_ error) {
+				logger.Info().
+					Str("server", c.Command.Name).
+					Msg("Shutting down server")
+
+				cancel()
+			})
+
+			debugServer, err := debug.Server(
+				debug.Name(c.Command.Name+"-debug"),
+				debug.Addr(cfg.Debug.Addr),
+				debug.Logger(logger),
+				debug.Context(ctx),
+				debug.Pprof(cfg.Debug.Pprof),
+				debug.Zpages(cfg.Debug.Zpages),
+				debug.Token(cfg.Debug.Token),
+			)
+
+			if err != nil {
+				logger.Info().Err(err).Str("server", c.Command.Name+"-debug").Msg("Failed to initialize server")
+				return err
+			}
+
+			gr.Add(debugServer.ListenAndServe, func(_ error) {
+				cancel()
+			})
+
+			if !cfg.Supervised {
+				sync.Trap(&gr, cancel)
+			}
+
+			return gr.Run()
+		},
+	}
+}
+
+// groupsConfigFromStruct will adapt an oCIS config struct into a reva mapstructure to start a reva service.
+func groupsConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
+	return map[string]interface{}{
+		"core": map[string]interface{}{
+			"tracing_enabled":      cfg.Tracing.Enabled,
+			"tracing_endpoint":     cfg.Tracing.Endpoint,
+			"tracing_collector":    cfg.Tracing.Collector,
+			"tracing_service_name": c.Command.Name,
+		},
+		"shared": map[string]interface{}{
+			"jwt_secret":                cfg.JWTSecret,
+			"gatewaysvc":                cfg.GatewayEndpoint,
+			"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
+		},
+		"grpc": map[string]interface{}{
+			"network": cfg.GRPC.Protocol,
+			"address": cfg.GRPC.Addr,
+			// TODO build services dynamically
+			"services": map[string]interface{}{
+				"groupprovider": map[string]interface{}{
+					"driver": cfg.Driver,
+					"drivers": map[string]interface{}{
+						"json": map[string]interface{}{
+							"groups": cfg.Drivers.JSON.File,
+						},
+						"ldap": ldapConfigFromString(cfg.Drivers.LDAP),
+						"rest": map[string]interface{}{
+							"client_id":                      cfg.Drivers.REST.ClientID,
+							"client_secret":                  cfg.Drivers.REST.ClientSecret,
+							"redis_address":                  cfg.Drivers.REST.RedisAddr,
+							"redis_username":                 cfg.Drivers.REST.RedisUsername,
+							"redis_password":                 cfg.Drivers.REST.RedisPassword,
+							"group_members_cache_expiration": cfg.GroupMembersCacheExpiration,
+							"id_provider":                    cfg.Drivers.REST.IDProvider,
+							"api_base_url":                   cfg.Drivers.REST.APIBaseURL,
+							"oidc_token_endpoint":            cfg.Drivers.REST.OIDCTokenEndpoint,
+							"target_api":                     cfg.Drivers.REST.TargetAPI,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+// GroupSutureService allows for the storage-groupprovider command to be embedded and supervised by a suture supervisor tree.
+type GroupSutureService struct {
+	cfg *config.Config
+}
+
+// NewGroupProviderSutureService creates a new storage.GroupProvider
+func NewGroupProvider(cfg *ociscfg.Config) suture.Service {
+	cfg.Group.Commons = cfg.Commons
+	return GroupSutureService{
+		cfg: cfg.Group,
+	}
+}
+
+func (s GroupSutureService) Serve(ctx context.Context) error {
+	// s.cfg.Reva.Groups.Context = ctx
+	f := &flag.FlagSet{}
+	cmdFlags := Groups(s.cfg).Flags
+	for k := range cmdFlags {
+		if err := cmdFlags[k].Apply(f); err != nil {
+			return err
+		}
+	}
+	cliCtx := cli.NewContext(nil, f, nil)
+	if Groups(s.cfg).Before != nil {
+		if err := Groups(s.cfg).Before(cliCtx); err != nil {
+			return err
+		}
+	}
+	if err := Groups(s.cfg).Action(cliCtx); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func ldapConfigFromString(cfg config.LDAPDriver) map[string]interface{} {
+	return map[string]interface{}{
+		"uri":               cfg.URI,
+		"cacert":            cfg.CACert,
+		"insecure":          cfg.Insecure,
+		"bind_username":     cfg.BindDN,
+		"bind_password":     cfg.BindPassword,
+		"user_base_dn":      cfg.UserBaseDN,
+		"group_base_dn":     cfg.GroupBaseDN,
+		"user_filter":       cfg.UserFilter,
+		"group_filter":      cfg.GroupFilter,
+		"user_objectclass":  cfg.UserObjectClass,
+		"group_objectclass": cfg.GroupObjectClass,
+		"login_attributes":  cfg.LoginAttributes,
+		"idp":               cfg.IDP,
+		"user_schema": map[string]interface{}{
+			"id":              cfg.UserSchema.ID,
+			"idIsOctetString": cfg.UserSchema.IDIsOctetString,
+			"mail":            cfg.UserSchema.Mail,
+			"displayName":     cfg.UserSchema.DisplayName,
+			"userName":        cfg.UserSchema.Username,
+		},
+		"group_schema": map[string]interface{}{
+			"id":              cfg.GroupSchema.ID,
+			"idIsOctetString": cfg.GroupSchema.IDIsOctetString,
+			"mail":            cfg.GroupSchema.Mail,
+			"displayName":     cfg.GroupSchema.DisplayName,
+			"groupName":       cfg.GroupSchema.Groupname,
+			"member":          cfg.GroupSchema.Member,
+		},
+	}
+}
--- a/extensions/group/pkg/config/config.go
+++ b/extensions/group/pkg/config/config.go
@@ -0,0 +1,122 @@
+package config
+
+import "github.com/owncloud/ocis/ocis-pkg/shared"
+
+type Config struct {
+	*shared.Commons `yaml:"-"`
+	Service         Service  `yaml:"-"`
+	Tracing         *Tracing `yaml:"tracing"`
+	Logging         *Logging `yaml:"log"`
+	Debug           Debug    `yaml:"debug"`
+	Supervised      bool
+
+	GRPC GRPCConfig `yaml:"grpc"`
+
+	JWTSecret                   string
+	GatewayEndpoint             string
+	SkipUserGroupsInToken       bool
+	GroupMembersCacheExpiration int
+	Driver                      string
+	Drivers                     Drivers
+}
+type Tracing struct {
+	Enabled   bool   `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED" desc:"Activates tracing."`
+	Type      string `yaml:"type" env:"OCIS_TRACING_TYPE;GROUPS_TRACING_TYPE"`
+	Endpoint  string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;GROUPS_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
+	Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;GROUPS_TRACING_COLLECTOR"`
+}
+
+type Logging struct {
+	Level  string `yaml:"level" env:"OCIS_LOG_LEVEL;GROUPS_LOG_LEVEL" desc:"The log level."`
+	Pretty bool   `yaml:"pretty" env:"OCIS_LOG_PRETTY;GROUPS_LOG_PRETTY" desc:"Activates pretty log output."`
+	Color  bool   `yaml:"color" env:"OCIS_LOG_COLOR;GROUPS_LOG_COLOR" desc:"Activates colorized log output."`
+	File   string `yaml:"file" env:"OCIS_LOG_FILE;GROUPS_LOG_FILE" desc:"The target log file."`
+}
+
+type Service struct {
+	Name string `yaml:"-"`
+}
+
+type Debug struct {
+	Addr   string `yaml:"addr" env:"GROUPS_DEBUG_ADDR"`
+	Token  string `yaml:"token" env:"GROUPS_DEBUG_TOKEN"`
+	Pprof  bool   `yaml:"pprof" env:"GROUPS_DEBUG_PPROF"`
+	Zpages bool   `yaml:"zpages" env:"GROUPS_DEBUG_ZPAGES"`
+}
+
+type GRPCConfig struct {
+	Addr     string `yaml:"addr" env:"GROUPS_GRPC_ADDR" desc:"The address of the grpc service."`
+	Protocol string `yaml:"protocol" env:"GROUPS_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
+}
+
+type Drivers struct {
+	JSON        JSONDriver
+	LDAP        LDAPDriver
+	OwnCloudSQL OwnCloudSQLDriver
+	REST        RESTProvider
+}
+
+type JSONDriver struct {
+	File string
+}
+
+type LDAPDriver struct {
+	URI              string
+	CACert           string
+	Insecure         bool
+	BindDN           string
+	BindPassword     string
+	UserBaseDN       string
+	GroupBaseDN      string
+	UserFilter       string
+	GroupFilter      string
+	UserObjectClass  string
+	GroupObjectClass string
+	LoginAttributes  []string
+	IDP              string // TODO what is this for?
+	GatewayEndpoint  string // TODO do we need this here?
+	UserSchema       LDAPUserSchema
+	GroupSchema      LDAPGroupSchema
+}
+
+type LDAPUserSchema struct {
+	ID              string
+	IDIsOctetString bool
+	Mail            string
+	DisplayName     string
+	Username        string
+}
+
+type LDAPGroupSchema struct {
+	ID              string
+	IDIsOctetString bool
+	Mail            string
+	DisplayName     string
+	Groupname       string
+	Member          string
+}
+
+type OwnCloudSQLDriver struct {
+	DBUsername         string
+	DBPassword         string
+	DBHost             string
+	DBPort             int
+	DBName             string
+	IDP                string // TODO do we need this?
+	Nobody             int64  // TODO what is this?
+	JoinUsername       bool
+	JoinOwnCloudUUID   bool
+	EnableMedialSearch bool
+}
+
+type RESTProvider struct {
+	ClientID          string
+	ClientSecret      string
+	RedisAddr         string
+	RedisUsername     string
+	RedisPassword     string
+	IDProvider        string
+	APIBaseURL        string
+	OIDCTokenEndpoint string
+	TargetAPI         string
+}
--- a/extensions/group/pkg/config/defaults/defaultconfig.go
+++ b/extensions/group/pkg/config/defaults/defaultconfig.go
@@ -0,0 +1,109 @@
+package defaults
+
+import (
+	"path/filepath"
+
+	"github.com/owncloud/ocis/extensions/group/pkg/config"
+	"github.com/owncloud/ocis/ocis-pkg/config/defaults"
+)
+
+func FullDefaultConfig() *config.Config {
+	cfg := DefaultConfig()
+
+	EnsureDefaults(cfg)
+
+	return cfg
+}
+
+func DefaultConfig() *config.Config {
+	return &config.Config{
+		Debug: config.Debug{
+			Addr:   "127.0.0.1:9161",
+			Token:  "",
+			Pprof:  false,
+			Zpages: false,
+		},
+		GRPC: config.GRPCConfig{
+			Addr:     "127.0.0.1:9160",
+			Protocol: "tcp",
+		},
+		Service: config.Service{
+			Name: "user",
+		},
+		GroupMembersCacheExpiration: 5,
+		GatewayEndpoint:             "127.0.0.1:9142",
+		JWTSecret:                   "Pive-Fumkiu4",
+		Driver:                      "ldap",
+		Drivers: config.Drivers{
+			LDAP: config.LDAPDriver{
+				URI:              "ldaps://localhost:9126",
+				CACert:           filepath.Join(defaults.BaseDataPath(), "ldap", "ldap.crt"),
+				Insecure:         false,
+				UserBaseDN:       "dc=ocis,dc=test",
+				GroupBaseDN:      "dc=ocis,dc=test",
+				LoginAttributes:  []string{"cn", "mail"},
+				UserFilter:       "",
+				GroupFilter:      "",
+				UserObjectClass:  "posixAccount",
+				GroupObjectClass: "posixGroup",
+				BindDN:           "cn=reva,ou=sysusers,dc=ocis,dc=test",
+				BindPassword:     "reva",
+				IDP:              "https://localhost:9200",
+				UserSchema: config.LDAPUserSchema{
+					ID:          "ownclouduuid",
+					Mail:        "mail",
+					DisplayName: "displayname",
+					Username:    "cn",
+				},
+				GroupSchema: config.LDAPGroupSchema{
+					ID:          "cn",
+					Mail:        "mail",
+					DisplayName: "cn",
+					Groupname:   "cn",
+					Member:      "cn",
+				},
+			},
+			JSON: config.JSONDriver{},
+			OwnCloudSQL: config.OwnCloudSQLDriver{
+				DBUsername:         "owncloud",
+				DBPassword:         "secret",
+				DBHost:             "mysql",
+				DBPort:             3306,
+				DBName:             "owncloud",
+				IDP:                "https://localhost:9200",
+				Nobody:             90,
+				JoinUsername:       false,
+				JoinOwnCloudUUID:   false,
+				EnableMedialSearch: false,
+			},
+			REST: config.RESTProvider{
+				RedisAddr: "localhost:6379",
+			},
+		},
+	}
+}
+
+func EnsureDefaults(cfg *config.Config) {
+	// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
+	if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
+		cfg.Logging = &config.Logging{
+			Level:  cfg.Commons.Log.Level,
+			Pretty: cfg.Commons.Log.Pretty,
+			Color:  cfg.Commons.Log.Color,
+			File:   cfg.Commons.Log.File,
+		}
+	} else if cfg.Logging == nil {
+		cfg.Logging = &config.Logging{}
+	}
+	// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
+	if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
+		cfg.Tracing = &config.Tracing{
+			Enabled:   cfg.Commons.Tracing.Enabled,
+			Type:      cfg.Commons.Tracing.Type,
+			Endpoint:  cfg.Commons.Tracing.Endpoint,
+			Collector: cfg.Commons.Tracing.Collector,
+		}
+	} else if cfg.Tracing == nil {
+		cfg.Tracing = &config.Tracing{}
+	}
+}
--- a/extensions/storage/pkg/command/groups.go
+++ b/extensions/storage/pkg/command/groups.go
@@ -1,176 +0,0 @@
-package command
-
-import (
-	"context"
-	"flag"
-	"os"
-	"path"
-	"path/filepath"
-
-	"github.com/cs3org/reva/v2/cmd/revad/runtime"
-	"github.com/gofrs/uuid"
-	"github.com/oklog/run"
-	"github.com/owncloud/ocis/extensions/storage/pkg/config"
-	"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
-	"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
-	ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
-	"github.com/owncloud/ocis/ocis-pkg/sync"
-	"github.com/thejerf/suture/v4"
-	"github.com/urfave/cli/v2"
-)
-
-// Groups is the entrypoint for the sharing command.
-func Groups(cfg *config.Config) *cli.Command {
-	return &cli.Command{
-		Name:  "groups",
-		Usage: "start groups service",
-		Before: func(c *cli.Context) error {
-			return ParseConfig(c, cfg, "storage-groups")
-		},
-		Action: func(c *cli.Context) error {
-			logger := NewLogger(cfg)
-			tracing.Configure(cfg, logger)
-			gr := run.Group{}
-			ctx, cancel := context.WithCancel(context.Background())
-			defer cancel()
-
-			// pre-create folders
-			if cfg.Reva.Groups.Driver == "json" && cfg.Reva.Groups.JSON != "" {
-				if err := os.MkdirAll(filepath.Dir(cfg.Reva.Groups.JSON), os.FileMode(0700)); err != nil {
-					return err
-				}
-			}
-
-			cuuid := uuid.Must(uuid.NewV4())
-			pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+cuuid.String()+".pid")
-
-			rcfg := groupsConfigFromStruct(c, cfg)
-
-			if cfg.Reva.Groups.Driver == "ldap" {
-				if err := waitForLDAPCA(logger, &cfg.Reva.LDAP); err != nil {
-					logger.Error().Err(err).Msg("The configured LDAP CA cert does not exist")
-					return err
-				}
-			}
-
-			gr.Add(func() error {
-				runtime.RunWithOptions(
-					rcfg,
-					pidFile,
-					runtime.WithLogger(&logger.Logger),
-				)
-				return nil
-			}, func(_ error) {
-				logger.Info().
-					Str("server", c.Command.Name).
-					Msg("Shutting down server")
-
-				cancel()
-			})
-
-			debugServer, err := debug.Server(
-				debug.Name(c.Command.Name+"-debug"),
-				debug.Addr(cfg.Reva.Groups.DebugAddr),
-				debug.Logger(logger),
-				debug.Context(ctx),
-				debug.Config(cfg),
-			)
-
-			if err != nil {
-				logger.Info().Err(err).Str("server", c.Command.Name+"-debug").Msg("Failed to initialize server")
-				return err
-			}
-
-			gr.Add(debugServer.ListenAndServe, func(_ error) {
-				cancel()
-			})
-
-			if !cfg.Reva.Groups.Supervised {
-				sync.Trap(&gr, cancel)
-			}
-
-			return gr.Run()
-		},
-	}
-}
-
-// groupsConfigFromStruct will adapt an oCIS config struct into a reva mapstructure to start a reva service.
-func groupsConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
-	return map[string]interface{}{
-		"core": map[string]interface{}{
-			"max_cpus":             cfg.Reva.Groups.MaxCPUs,
-			"tracing_enabled":      cfg.Tracing.Enabled,
-			"tracing_endpoint":     cfg.Tracing.Endpoint,
-			"tracing_collector":    cfg.Tracing.Collector,
-			"tracing_service_name": c.Command.Name,
-		},
-		"shared": map[string]interface{}{
-			"jwt_secret":                cfg.Reva.JWTSecret,
-			"gatewaysvc":                cfg.Reva.Gateway.Endpoint,
-			"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
-		},
-		"grpc": map[string]interface{}{
-			"network": cfg.Reva.Groups.GRPCNetwork,
-			"address": cfg.Reva.Groups.GRPCAddr,
-			// TODO build services dynamically
-			"services": map[string]interface{}{
-				"groupprovider": map[string]interface{}{
-					"driver": cfg.Reva.Groups.Driver,
-					"drivers": map[string]interface{}{
-						"json": map[string]interface{}{
-							"groups": cfg.Reva.Groups.JSON,
-						},
-						"ldap": ldapConfigFromString(cfg),
-						"rest": map[string]interface{}{
-							"client_id":                      cfg.Reva.UserGroupRest.ClientID,
-							"client_secret":                  cfg.Reva.UserGroupRest.ClientSecret,
-							"redis_address":                  cfg.Reva.UserGroupRest.RedisAddress,
-							"redis_username":                 cfg.Reva.UserGroupRest.RedisUsername,
-							"redis_password":                 cfg.Reva.UserGroupRest.RedisPassword,
-							"group_members_cache_expiration": cfg.Reva.Groups.GroupMembersCacheExpiration,
-							"id_provider":                    cfg.Reva.UserGroupRest.IDProvider,
-							"api_base_url":                   cfg.Reva.UserGroupRest.APIBaseURL,
-							"oidc_token_endpoint":            cfg.Reva.UserGroupRest.OIDCTokenEndpoint,
-							"target_api":                     cfg.Reva.UserGroupRest.TargetAPI,
-						},
-					},
-				},
-			},
-		},
-	}
-}
-
-// GroupSutureService allows for the storage-groupprovider command to be embedded and supervised by a suture supervisor tree.
-type GroupSutureService struct {
-	cfg *config.Config
-}
-
-// NewGroupProviderSutureService creates a new storage.GroupProvider
-func NewGroupProvider(cfg *ociscfg.Config) suture.Service {
-	cfg.Storage.Commons = cfg.Commons
-	return GroupSutureService{
-		cfg: cfg.Storage,
-	}
-}
-
-func (s GroupSutureService) Serve(ctx context.Context) error {
-	s.cfg.Reva.Groups.Context = ctx
-	f := &flag.FlagSet{}
-	cmdFlags := Groups(s.cfg).Flags
-	for k := range cmdFlags {
-		if err := cmdFlags[k].Apply(f); err != nil {
-			return err
-		}
-	}
-	cliCtx := cli.NewContext(nil, f, nil)
-	if Groups(s.cfg).Before != nil {
-		if err := Groups(s.cfg).Before(cliCtx); err != nil {
-			return err
-		}
-	}
-	if err := Groups(s.cfg).Action(cliCtx); err != nil {
-		return err
-	}
-
-	return nil
-}
--- a/extensions/storage/pkg/command/ldapcfg.go
+++ b/extensions/storage/pkg/command/ldapcfg.go
@@ -1,60 +0,0 @@
-package command
-
-import (
-	"errors"
-	"os"
-	"time"
-
-	"github.com/owncloud/ocis/extensions/storage/pkg/config"
-	"github.com/owncloud/ocis/ocis-pkg/log"
-)
-
-const caTimeout = 5
-
-func ldapConfigFromString(cfg *config.Config) map[string]interface{} {
-	return map[string]interface{}{
-		"uri":               cfg.Reva.LDAP.URI,
-		"cacert":            cfg.Reva.LDAP.CACert,
-		"insecure":          cfg.Reva.LDAP.Insecure,
-		"bind_username":     cfg.Reva.LDAP.BindDN,
-		"bind_password":     cfg.Reva.LDAP.BindPassword,
-		"user_base_dn":      cfg.Reva.LDAP.UserBaseDN,
-		"group_base_dn":     cfg.Reva.LDAP.GroupBaseDN,
-		"user_filter":       cfg.Reva.LDAP.UserFilter,
-		"group_filter":      cfg.Reva.LDAP.GroupFilter,
-		"user_objectclass":  cfg.Reva.LDAP.UserObjectClass,
-		"group_objectclass": cfg.Reva.LDAP.GroupObjectClass,
-		"login_attributes":  cfg.Reva.LDAP.LoginAttributes,
-		"idp":               cfg.Reva.LDAP.IDP,
-		"gatewaysvc":        cfg.Reva.Gateway.Endpoint,
-		"user_schema": map[string]interface{}{
-			"id":              cfg.Reva.LDAP.UserSchema.ID,
-			"idIsOctetString": cfg.Reva.LDAP.UserSchema.IDIsOctetString,
-			"mail":            cfg.Reva.LDAP.UserSchema.Mail,
-			"displayName":     cfg.Reva.LDAP.UserSchema.DisplayName,
-			"userName":        cfg.Reva.LDAP.UserSchema.Username,
-		},
-		"group_schema": map[string]interface{}{
-			"id":              cfg.Reva.LDAP.GroupSchema.ID,
-			"idIsOctetString": cfg.Reva.LDAP.GroupSchema.IDIsOctetString,
-			"mail":            cfg.Reva.LDAP.GroupSchema.Mail,
-			"displayName":     cfg.Reva.LDAP.GroupSchema.DisplayName,
-			"groupName":       cfg.Reva.LDAP.GroupSchema.Groupname,
-			"member":          cfg.Reva.LDAP.GroupSchema.Member,
-		},
-	}
-}
-
-func waitForLDAPCA(log log.Logger, cfg *config.LDAP) error {
-	if !cfg.Insecure && cfg.CACert != "" {
-		if _, err := os.Stat(cfg.CACert); errors.Is(err, os.ErrNotExist) {
-			log.Warn().Str("LDAP CACert", cfg.CACert).Msgf("File does not exist. Waiting %d seconds for it to appear.", caTimeout)
-			time.Sleep(caTimeout * time.Second)
-			if _, err := os.Stat(cfg.CACert); errors.Is(err, os.ErrNotExist) {
-				log.Warn().Str("LDAP CACert", cfg.CACert).Msgf("File does still not exist after Timeout")
-				return err
-			}
-		}
-	}
-	return nil
-}
--- a/extensions/storage/pkg/command/root.go
+++ b/extensions/storage/pkg/command/root.go
@@ -15,7 +15,7 @@ func GetCommands(cfg *config.Config) cli.Commands {
 		Frontend(cfg),
 		Gateway(cfg),
 		// Users(cfg),
-		Groups(cfg),
+		// Groups(cfg),
 		AppProvider(cfg),
 		// AuthBasic(cfg),
 		AuthBearer(cfg),
--- a/ocis-pkg/config/config.go
+++ b/ocis-pkg/config/config.go
@@ -9,6 +9,7 @@ import (
 	glauth "github.com/owncloud/ocis/extensions/glauth/pkg/config"
 	graphExplorer "github.com/owncloud/ocis/extensions/graph-explorer/pkg/config"
 	graph "github.com/owncloud/ocis/extensions/graph/pkg/config"
+	group "github.com/owncloud/ocis/extensions/group/pkg/config"
 	idm "github.com/owncloud/ocis/extensions/idm/pkg/config"
 	idp "github.com/owncloud/ocis/extensions/idp/pkg/config"
 	nats "github.com/owncloud/ocis/extensions/nats/pkg/config"
@@ -77,6 +78,7 @@ type Config struct {
 	Storage       *storage.Config       `yaml:"storage"`
 	AuthBasic     *authbasic.Config     `yaml:"auth_basic"`
 	User          *user.Config          `yaml:"user"`
+	Group         *group.Config         `yaml:"group"`
 	Store         *store.Config         `yaml:"store"`
 	Thumbnails    *thumbnails.Config    `yaml:"thumbnails"`
 	WebDAV        *webdav.Config        `yaml:"webdav"`
--- a/ocis-pkg/config/defaultconfig.go
+++ b/ocis-pkg/config/defaultconfig.go
@@ -7,6 +7,7 @@ import (
 	glauth "github.com/owncloud/ocis/extensions/glauth/pkg/config/defaults"
 	graphExplorer "github.com/owncloud/ocis/extensions/graph-explorer/pkg/config/defaults"
 	graph "github.com/owncloud/ocis/extensions/graph/pkg/config/defaults"
+	group "github.com/owncloud/ocis/extensions/group/pkg/config/defaults"
 	idm "github.com/owncloud/ocis/extensions/idm/pkg/config/defaults"
 	idp "github.com/owncloud/ocis/extensions/idp/pkg/config/defaults"
 	nats "github.com/owncloud/ocis/extensions/nats/pkg/config/defaults"
@@ -50,5 +51,6 @@ func DefaultConfig() *Config {
 		Storage:       storage.DefaultConfig(),
 		AuthBasic:     authbasic.FullDefaultConfig(),
 		User:          user.FullDefaultConfig(),
+		Group:         group.FullDefaultConfig(),
 	}
 }
--- a/ocis/pkg/command/storagegroupprovider.go
+++ b/ocis/pkg/command/storagegroupprovider.go
@@ -1,7 +1,7 @@
 package command

 import (
-	"github.com/owncloud/ocis/extensions/storage/pkg/command"
+	"github.com/owncloud/ocis/extensions/group/pkg/command"
 	"github.com/owncloud/ocis/ocis-pkg/config"
 	"github.com/owncloud/ocis/ocis/pkg/register"
 	"github.com/urfave/cli/v2"
@@ -18,7 +18,7 @@ func StorageGroupProviderCommand(cfg *config.Config) *cli.Command {
 			return ParseStorageCommon(ctx, cfg)
 		},
 		Action: func(c *cli.Context) error {
-			origCmd := command.Groups(cfg.Storage)
+			origCmd := command.Groups(cfg.Group)
 			return handleOriginalAction(c, origCmd)
 		},
 	}
--- a/ocis/pkg/runtime/service/service.go
+++ b/ocis/pkg/runtime/service/service.go
@@ -24,6 +24,7 @@ import (
 	glauth "github.com/owncloud/ocis/extensions/glauth/pkg/command"
 	graphExplorer "github.com/owncloud/ocis/extensions/graph-explorer/pkg/command"
 	graph "github.com/owncloud/ocis/extensions/graph/pkg/command"
+	group "github.com/owncloud/ocis/extensions/group/pkg/command"
 	idm "github.com/owncloud/ocis/extensions/idm/pkg/command"
 	idp "github.com/owncloud/ocis/extensions/idp/pkg/command"
 	nats "github.com/owncloud/ocis/extensions/nats/pkg/command"
@@ -112,7 +113,7 @@ func NewService(options ...Option) (*Service, error) {
 	s.ServicesRegistry["ocdav"] = storage.NewOCDav
 	s.ServicesRegistry["storage-gateway"] = storage.NewGateway
 	s.ServicesRegistry["storage-userprovider"] = user.NewUserProvider
-	s.ServicesRegistry["storage-groupprovider"] = storage.NewGroupProvider
+	s.ServicesRegistry["storage-groupprovider"] = group.NewGroupProvider
 	s.ServicesRegistry["storage-authbasic"] = authbasic.NewAuthBasic
 	s.ServicesRegistry["storage-authbearer"] = storage.NewAuthBearer
 	s.ServicesRegistry["storage-authmachine"] = storage.NewAuthMachine