From 9e20992c0bb5feaa59927da04ea40b8f3015ecd6 Mon Sep 17 00:00:00 2001 From: David Christofas Date: Tue, 19 Apr 2022 18:06:25 +0200 Subject: [PATCH] make group provider config similar to other services --- extensions/group/pkg/command/command.go | 218 ++++++++++++++++++ extensions/group/pkg/config/config.go | 122 ++++++++++ .../pkg/config/defaults/defaultconfig.go | 109 +++++++++ extensions/storage/pkg/command/groups.go | 176 -------------- extensions/storage/pkg/command/ldapcfg.go | 60 ----- extensions/storage/pkg/command/root.go | 2 +- ocis-pkg/config/config.go | 2 + ocis-pkg/config/defaultconfig.go | 2 + ocis/pkg/command/storagegroupprovider.go | 4 +- ocis/pkg/runtime/service/service.go | 3 +- 10 files changed, 458 insertions(+), 240 deletions(-) create mode 100644 extensions/group/pkg/command/command.go create mode 100644 extensions/group/pkg/config/config.go create mode 100644 extensions/group/pkg/config/defaults/defaultconfig.go delete mode 100644 extensions/storage/pkg/command/groups.go delete mode 100644 extensions/storage/pkg/command/ldapcfg.go diff --git a/extensions/group/pkg/command/command.go b/extensions/group/pkg/command/command.go new file mode 100644 index 000000000..9e5d6d3d1 --- /dev/null +++ b/extensions/group/pkg/command/command.go @@ -0,0 +1,218 @@ +package command + +import ( + "context" + "flag" + "os" + "path" + "path/filepath" + + "github.com/cs3org/reva/v2/cmd/revad/runtime" + "github.com/gofrs/uuid" + "github.com/oklog/run" + "github.com/owncloud/ocis/extensions/group/pkg/config" + "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" + ociscfg "github.com/owncloud/ocis/ocis-pkg/config" + "github.com/owncloud/ocis/ocis-pkg/ldap" + "github.com/owncloud/ocis/ocis-pkg/log" + "github.com/owncloud/ocis/ocis-pkg/sync" + "github.com/owncloud/ocis/ocis-pkg/tracing" + "github.com/thejerf/suture/v4" + "github.com/urfave/cli/v2" +) + +// Groups is the entrypoint for the sharing command. +func Groups(cfg *config.Config) *cli.Command { + return &cli.Command{ + Name: "groups", + Usage: "start groups service", + // Before: func(c *cli.Context) error { + // return ParseConfig(c, cfg, "storage-groups") + // }, + Action: func(c *cli.Context) error { + logCfg := cfg.Logging + logger := log.NewLogger( + log.Level(logCfg.Level), + log.File(logCfg.File), + log.Pretty(logCfg.Pretty), + log.Color(logCfg.Color), + ) + tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger) + gr := run.Group{} + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + + // pre-create folders + if cfg.Driver == "json" && cfg.Drivers.JSON.File != "" { + if err := os.MkdirAll(filepath.Dir(cfg.Drivers.JSON.File), os.FileMode(0700)); err != nil { + return err + } + } + + cuuid := uuid.Must(uuid.NewV4()) + pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+cuuid.String()+".pid") + + rcfg := groupsConfigFromStruct(c, cfg) + + if cfg.Driver == "ldap" { + if err := ldap.WaitForCA(logger, cfg.Drivers.LDAP.Insecure, cfg.Drivers.LDAP.CACert); err != nil { + logger.Error().Err(err).Msg("The configured LDAP CA cert does not exist") + return err + } + } + + gr.Add(func() error { + runtime.RunWithOptions( + rcfg, + pidFile, + runtime.WithLogger(&logger.Logger), + ) + return nil + }, func(_ error) { + logger.Info(). + Str("server", c.Command.Name). + Msg("Shutting down server") + + cancel() + }) + + debugServer, err := debug.Server( + debug.Name(c.Command.Name+"-debug"), + debug.Addr(cfg.Debug.Addr), + debug.Logger(logger), + debug.Context(ctx), + debug.Pprof(cfg.Debug.Pprof), + debug.Zpages(cfg.Debug.Zpages), + debug.Token(cfg.Debug.Token), + ) + + if err != nil { + logger.Info().Err(err).Str("server", c.Command.Name+"-debug").Msg("Failed to initialize server") + return err + } + + gr.Add(debugServer.ListenAndServe, func(_ error) { + cancel() + }) + + if !cfg.Supervised { + sync.Trap(&gr, cancel) + } + + return gr.Run() + }, + } +} + +// groupsConfigFromStruct will adapt an oCIS config struct into a reva mapstructure to start a reva service. +func groupsConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} { + return map[string]interface{}{ + "core": map[string]interface{}{ + "tracing_enabled": cfg.Tracing.Enabled, + "tracing_endpoint": cfg.Tracing.Endpoint, + "tracing_collector": cfg.Tracing.Collector, + "tracing_service_name": c.Command.Name, + }, + "shared": map[string]interface{}{ + "jwt_secret": cfg.JWTSecret, + "gatewaysvc": cfg.GatewayEndpoint, + "skip_user_groups_in_token": cfg.SkipUserGroupsInToken, + }, + "grpc": map[string]interface{}{ + "network": cfg.GRPC.Protocol, + "address": cfg.GRPC.Addr, + // TODO build services dynamically + "services": map[string]interface{}{ + "groupprovider": map[string]interface{}{ + "driver": cfg.Driver, + "drivers": map[string]interface{}{ + "json": map[string]interface{}{ + "groups": cfg.Drivers.JSON.File, + }, + "ldap": ldapConfigFromString(cfg.Drivers.LDAP), + "rest": map[string]interface{}{ + "client_id": cfg.Drivers.REST.ClientID, + "client_secret": cfg.Drivers.REST.ClientSecret, + "redis_address": cfg.Drivers.REST.RedisAddr, + "redis_username": cfg.Drivers.REST.RedisUsername, + "redis_password": cfg.Drivers.REST.RedisPassword, + "group_members_cache_expiration": cfg.GroupMembersCacheExpiration, + "id_provider": cfg.Drivers.REST.IDProvider, + "api_base_url": cfg.Drivers.REST.APIBaseURL, + "oidc_token_endpoint": cfg.Drivers.REST.OIDCTokenEndpoint, + "target_api": cfg.Drivers.REST.TargetAPI, + }, + }, + }, + }, + }, + } +} + +// GroupSutureService allows for the storage-groupprovider command to be embedded and supervised by a suture supervisor tree. +type GroupSutureService struct { + cfg *config.Config +} + +// NewGroupProviderSutureService creates a new storage.GroupProvider +func NewGroupProvider(cfg *ociscfg.Config) suture.Service { + cfg.Group.Commons = cfg.Commons + return GroupSutureService{ + cfg: cfg.Group, + } +} + +func (s GroupSutureService) Serve(ctx context.Context) error { + // s.cfg.Reva.Groups.Context = ctx + f := &flag.FlagSet{} + cmdFlags := Groups(s.cfg).Flags + for k := range cmdFlags { + if err := cmdFlags[k].Apply(f); err != nil { + return err + } + } + cliCtx := cli.NewContext(nil, f, nil) + if Groups(s.cfg).Before != nil { + if err := Groups(s.cfg).Before(cliCtx); err != nil { + return err + } + } + if err := Groups(s.cfg).Action(cliCtx); err != nil { + return err + } + + return nil +} + +func ldapConfigFromString(cfg config.LDAPDriver) map[string]interface{} { + return map[string]interface{}{ + "uri": cfg.URI, + "cacert": cfg.CACert, + "insecure": cfg.Insecure, + "bind_username": cfg.BindDN, + "bind_password": cfg.BindPassword, + "user_base_dn": cfg.UserBaseDN, + "group_base_dn": cfg.GroupBaseDN, + "user_filter": cfg.UserFilter, + "group_filter": cfg.GroupFilter, + "user_objectclass": cfg.UserObjectClass, + "group_objectclass": cfg.GroupObjectClass, + "login_attributes": cfg.LoginAttributes, + "idp": cfg.IDP, + "user_schema": map[string]interface{}{ + "id": cfg.UserSchema.ID, + "idIsOctetString": cfg.UserSchema.IDIsOctetString, + "mail": cfg.UserSchema.Mail, + "displayName": cfg.UserSchema.DisplayName, + "userName": cfg.UserSchema.Username, + }, + "group_schema": map[string]interface{}{ + "id": cfg.GroupSchema.ID, + "idIsOctetString": cfg.GroupSchema.IDIsOctetString, + "mail": cfg.GroupSchema.Mail, + "displayName": cfg.GroupSchema.DisplayName, + "groupName": cfg.GroupSchema.Groupname, + "member": cfg.GroupSchema.Member, + }, + } +} diff --git a/extensions/group/pkg/config/config.go b/extensions/group/pkg/config/config.go new file mode 100644 index 000000000..4e3d70804 --- /dev/null +++ b/extensions/group/pkg/config/config.go @@ -0,0 +1,122 @@ +package config + +import "github.com/owncloud/ocis/ocis-pkg/shared" + +type Config struct { + *shared.Commons `yaml:"-"` + Service Service `yaml:"-"` + Tracing *Tracing `yaml:"tracing"` + Logging *Logging `yaml:"log"` + Debug Debug `yaml:"debug"` + Supervised bool + + GRPC GRPCConfig `yaml:"grpc"` + + JWTSecret string + GatewayEndpoint string + SkipUserGroupsInToken bool + GroupMembersCacheExpiration int + Driver string + Drivers Drivers +} +type Tracing struct { + Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED" desc:"Activates tracing."` + Type string `yaml:"type" env:"OCIS_TRACING_TYPE;GROUPS_TRACING_TYPE"` + Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;GROUPS_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."` + Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;GROUPS_TRACING_COLLECTOR"` +} + +type Logging struct { + Level string `yaml:"level" env:"OCIS_LOG_LEVEL;GROUPS_LOG_LEVEL" desc:"The log level."` + Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;GROUPS_LOG_PRETTY" desc:"Activates pretty log output."` + Color bool `yaml:"color" env:"OCIS_LOG_COLOR;GROUPS_LOG_COLOR" desc:"Activates colorized log output."` + File string `yaml:"file" env:"OCIS_LOG_FILE;GROUPS_LOG_FILE" desc:"The target log file."` +} + +type Service struct { + Name string `yaml:"-"` +} + +type Debug struct { + Addr string `yaml:"addr" env:"GROUPS_DEBUG_ADDR"` + Token string `yaml:"token" env:"GROUPS_DEBUG_TOKEN"` + Pprof bool `yaml:"pprof" env:"GROUPS_DEBUG_PPROF"` + Zpages bool `yaml:"zpages" env:"GROUPS_DEBUG_ZPAGES"` +} + +type GRPCConfig struct { + Addr string `yaml:"addr" env:"GROUPS_GRPC_ADDR" desc:"The address of the grpc service."` + Protocol string `yaml:"protocol" env:"GROUPS_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."` +} + +type Drivers struct { + JSON JSONDriver + LDAP LDAPDriver + OwnCloudSQL OwnCloudSQLDriver + REST RESTProvider +} + +type JSONDriver struct { + File string +} + +type LDAPDriver struct { + URI string + CACert string + Insecure bool + BindDN string + BindPassword string + UserBaseDN string + GroupBaseDN string + UserFilter string + GroupFilter string + UserObjectClass string + GroupObjectClass string + LoginAttributes []string + IDP string // TODO what is this for? + GatewayEndpoint string // TODO do we need this here? + UserSchema LDAPUserSchema + GroupSchema LDAPGroupSchema +} + +type LDAPUserSchema struct { + ID string + IDIsOctetString bool + Mail string + DisplayName string + Username string +} + +type LDAPGroupSchema struct { + ID string + IDIsOctetString bool + Mail string + DisplayName string + Groupname string + Member string +} + +type OwnCloudSQLDriver struct { + DBUsername string + DBPassword string + DBHost string + DBPort int + DBName string + IDP string // TODO do we need this? + Nobody int64 // TODO what is this? + JoinUsername bool + JoinOwnCloudUUID bool + EnableMedialSearch bool +} + +type RESTProvider struct { + ClientID string + ClientSecret string + RedisAddr string + RedisUsername string + RedisPassword string + IDProvider string + APIBaseURL string + OIDCTokenEndpoint string + TargetAPI string +} diff --git a/extensions/group/pkg/config/defaults/defaultconfig.go b/extensions/group/pkg/config/defaults/defaultconfig.go new file mode 100644 index 000000000..ce967628e --- /dev/null +++ b/extensions/group/pkg/config/defaults/defaultconfig.go @@ -0,0 +1,109 @@ +package defaults + +import ( + "path/filepath" + + "github.com/owncloud/ocis/extensions/group/pkg/config" + "github.com/owncloud/ocis/ocis-pkg/config/defaults" +) + +func FullDefaultConfig() *config.Config { + cfg := DefaultConfig() + + EnsureDefaults(cfg) + + return cfg +} + +func DefaultConfig() *config.Config { + return &config.Config{ + Debug: config.Debug{ + Addr: "127.0.0.1:9161", + Token: "", + Pprof: false, + Zpages: false, + }, + GRPC: config.GRPCConfig{ + Addr: "127.0.0.1:9160", + Protocol: "tcp", + }, + Service: config.Service{ + Name: "user", + }, + GroupMembersCacheExpiration: 5, + GatewayEndpoint: "127.0.0.1:9142", + JWTSecret: "Pive-Fumkiu4", + Driver: "ldap", + Drivers: config.Drivers{ + LDAP: config.LDAPDriver{ + URI: "ldaps://localhost:9126", + CACert: filepath.Join(defaults.BaseDataPath(), "ldap", "ldap.crt"), + Insecure: false, + UserBaseDN: "dc=ocis,dc=test", + GroupBaseDN: "dc=ocis,dc=test", + LoginAttributes: []string{"cn", "mail"}, + UserFilter: "", + GroupFilter: "", + UserObjectClass: "posixAccount", + GroupObjectClass: "posixGroup", + BindDN: "cn=reva,ou=sysusers,dc=ocis,dc=test", + BindPassword: "reva", + IDP: "https://localhost:9200", + UserSchema: config.LDAPUserSchema{ + ID: "ownclouduuid", + Mail: "mail", + DisplayName: "displayname", + Username: "cn", + }, + GroupSchema: config.LDAPGroupSchema{ + ID: "cn", + Mail: "mail", + DisplayName: "cn", + Groupname: "cn", + Member: "cn", + }, + }, + JSON: config.JSONDriver{}, + OwnCloudSQL: config.OwnCloudSQLDriver{ + DBUsername: "owncloud", + DBPassword: "secret", + DBHost: "mysql", + DBPort: 3306, + DBName: "owncloud", + IDP: "https://localhost:9200", + Nobody: 90, + JoinUsername: false, + JoinOwnCloudUUID: false, + EnableMedialSearch: false, + }, + REST: config.RESTProvider{ + RedisAddr: "localhost:6379", + }, + }, + } +} + +func EnsureDefaults(cfg *config.Config) { + // provide with defaults for shared logging, since we need a valid destination address for BindEnv. + if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil { + cfg.Logging = &config.Logging{ + Level: cfg.Commons.Log.Level, + Pretty: cfg.Commons.Log.Pretty, + Color: cfg.Commons.Log.Color, + File: cfg.Commons.Log.File, + } + } else if cfg.Logging == nil { + cfg.Logging = &config.Logging{} + } + // provide with defaults for shared tracing, since we need a valid destination address for BindEnv. + if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil { + cfg.Tracing = &config.Tracing{ + Enabled: cfg.Commons.Tracing.Enabled, + Type: cfg.Commons.Tracing.Type, + Endpoint: cfg.Commons.Tracing.Endpoint, + Collector: cfg.Commons.Tracing.Collector, + } + } else if cfg.Tracing == nil { + cfg.Tracing = &config.Tracing{} + } +} diff --git a/extensions/storage/pkg/command/groups.go b/extensions/storage/pkg/command/groups.go deleted file mode 100644 index e2e0747aa..000000000 --- a/extensions/storage/pkg/command/groups.go +++ /dev/null @@ -1,176 +0,0 @@ -package command - -import ( - "context" - "flag" - "os" - "path" - "path/filepath" - - "github.com/cs3org/reva/v2/cmd/revad/runtime" - "github.com/gofrs/uuid" - "github.com/oklog/run" - "github.com/owncloud/ocis/extensions/storage/pkg/config" - "github.com/owncloud/ocis/extensions/storage/pkg/server/debug" - "github.com/owncloud/ocis/extensions/storage/pkg/tracing" - ociscfg "github.com/owncloud/ocis/ocis-pkg/config" - "github.com/owncloud/ocis/ocis-pkg/sync" - "github.com/thejerf/suture/v4" - "github.com/urfave/cli/v2" -) - -// Groups is the entrypoint for the sharing command. -func Groups(cfg *config.Config) *cli.Command { - return &cli.Command{ - Name: "groups", - Usage: "start groups service", - Before: func(c *cli.Context) error { - return ParseConfig(c, cfg, "storage-groups") - }, - Action: func(c *cli.Context) error { - logger := NewLogger(cfg) - tracing.Configure(cfg, logger) - gr := run.Group{} - ctx, cancel := context.WithCancel(context.Background()) - defer cancel() - - // pre-create folders - if cfg.Reva.Groups.Driver == "json" && cfg.Reva.Groups.JSON != "" { - if err := os.MkdirAll(filepath.Dir(cfg.Reva.Groups.JSON), os.FileMode(0700)); err != nil { - return err - } - } - - cuuid := uuid.Must(uuid.NewV4()) - pidFile := path.Join(os.TempDir(), "revad-"+c.Command.Name+"-"+cuuid.String()+".pid") - - rcfg := groupsConfigFromStruct(c, cfg) - - if cfg.Reva.Groups.Driver == "ldap" { - if err := waitForLDAPCA(logger, &cfg.Reva.LDAP); err != nil { - logger.Error().Err(err).Msg("The configured LDAP CA cert does not exist") - return err - } - } - - gr.Add(func() error { - runtime.RunWithOptions( - rcfg, - pidFile, - runtime.WithLogger(&logger.Logger), - ) - return nil - }, func(_ error) { - logger.Info(). - Str("server", c.Command.Name). - Msg("Shutting down server") - - cancel() - }) - - debugServer, err := debug.Server( - debug.Name(c.Command.Name+"-debug"), - debug.Addr(cfg.Reva.Groups.DebugAddr), - debug.Logger(logger), - debug.Context(ctx), - debug.Config(cfg), - ) - - if err != nil { - logger.Info().Err(err).Str("server", c.Command.Name+"-debug").Msg("Failed to initialize server") - return err - } - - gr.Add(debugServer.ListenAndServe, func(_ error) { - cancel() - }) - - if !cfg.Reva.Groups.Supervised { - sync.Trap(&gr, cancel) - } - - return gr.Run() - }, - } -} - -// groupsConfigFromStruct will adapt an oCIS config struct into a reva mapstructure to start a reva service. -func groupsConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} { - return map[string]interface{}{ - "core": map[string]interface{}{ - "max_cpus": cfg.Reva.Groups.MaxCPUs, - "tracing_enabled": cfg.Tracing.Enabled, - "tracing_endpoint": cfg.Tracing.Endpoint, - "tracing_collector": cfg.Tracing.Collector, - "tracing_service_name": c.Command.Name, - }, - "shared": map[string]interface{}{ - "jwt_secret": cfg.Reva.JWTSecret, - "gatewaysvc": cfg.Reva.Gateway.Endpoint, - "skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken, - }, - "grpc": map[string]interface{}{ - "network": cfg.Reva.Groups.GRPCNetwork, - "address": cfg.Reva.Groups.GRPCAddr, - // TODO build services dynamically - "services": map[string]interface{}{ - "groupprovider": map[string]interface{}{ - "driver": cfg.Reva.Groups.Driver, - "drivers": map[string]interface{}{ - "json": map[string]interface{}{ - "groups": cfg.Reva.Groups.JSON, - }, - "ldap": ldapConfigFromString(cfg), - "rest": map[string]interface{}{ - "client_id": cfg.Reva.UserGroupRest.ClientID, - "client_secret": cfg.Reva.UserGroupRest.ClientSecret, - "redis_address": cfg.Reva.UserGroupRest.RedisAddress, - "redis_username": cfg.Reva.UserGroupRest.RedisUsername, - "redis_password": cfg.Reva.UserGroupRest.RedisPassword, - "group_members_cache_expiration": cfg.Reva.Groups.GroupMembersCacheExpiration, - "id_provider": cfg.Reva.UserGroupRest.IDProvider, - "api_base_url": cfg.Reva.UserGroupRest.APIBaseURL, - "oidc_token_endpoint": cfg.Reva.UserGroupRest.OIDCTokenEndpoint, - "target_api": cfg.Reva.UserGroupRest.TargetAPI, - }, - }, - }, - }, - }, - } -} - -// GroupSutureService allows for the storage-groupprovider command to be embedded and supervised by a suture supervisor tree. -type GroupSutureService struct { - cfg *config.Config -} - -// NewGroupProviderSutureService creates a new storage.GroupProvider -func NewGroupProvider(cfg *ociscfg.Config) suture.Service { - cfg.Storage.Commons = cfg.Commons - return GroupSutureService{ - cfg: cfg.Storage, - } -} - -func (s GroupSutureService) Serve(ctx context.Context) error { - s.cfg.Reva.Groups.Context = ctx - f := &flag.FlagSet{} - cmdFlags := Groups(s.cfg).Flags - for k := range cmdFlags { - if err := cmdFlags[k].Apply(f); err != nil { - return err - } - } - cliCtx := cli.NewContext(nil, f, nil) - if Groups(s.cfg).Before != nil { - if err := Groups(s.cfg).Before(cliCtx); err != nil { - return err - } - } - if err := Groups(s.cfg).Action(cliCtx); err != nil { - return err - } - - return nil -} diff --git a/extensions/storage/pkg/command/ldapcfg.go b/extensions/storage/pkg/command/ldapcfg.go deleted file mode 100644 index 054cb023a..000000000 --- a/extensions/storage/pkg/command/ldapcfg.go +++ /dev/null @@ -1,60 +0,0 @@ -package command - -import ( - "errors" - "os" - "time" - - "github.com/owncloud/ocis/extensions/storage/pkg/config" - "github.com/owncloud/ocis/ocis-pkg/log" -) - -const caTimeout = 5 - -func ldapConfigFromString(cfg *config.Config) map[string]interface{} { - return map[string]interface{}{ - "uri": cfg.Reva.LDAP.URI, - "cacert": cfg.Reva.LDAP.CACert, - "insecure": cfg.Reva.LDAP.Insecure, - "bind_username": cfg.Reva.LDAP.BindDN, - "bind_password": cfg.Reva.LDAP.BindPassword, - "user_base_dn": cfg.Reva.LDAP.UserBaseDN, - "group_base_dn": cfg.Reva.LDAP.GroupBaseDN, - "user_filter": cfg.Reva.LDAP.UserFilter, - "group_filter": cfg.Reva.LDAP.GroupFilter, - "user_objectclass": cfg.Reva.LDAP.UserObjectClass, - "group_objectclass": cfg.Reva.LDAP.GroupObjectClass, - "login_attributes": cfg.Reva.LDAP.LoginAttributes, - "idp": cfg.Reva.LDAP.IDP, - "gatewaysvc": cfg.Reva.Gateway.Endpoint, - "user_schema": map[string]interface{}{ - "id": cfg.Reva.LDAP.UserSchema.ID, - "idIsOctetString": cfg.Reva.LDAP.UserSchema.IDIsOctetString, - "mail": cfg.Reva.LDAP.UserSchema.Mail, - "displayName": cfg.Reva.LDAP.UserSchema.DisplayName, - "userName": cfg.Reva.LDAP.UserSchema.Username, - }, - "group_schema": map[string]interface{}{ - "id": cfg.Reva.LDAP.GroupSchema.ID, - "idIsOctetString": cfg.Reva.LDAP.GroupSchema.IDIsOctetString, - "mail": cfg.Reva.LDAP.GroupSchema.Mail, - "displayName": cfg.Reva.LDAP.GroupSchema.DisplayName, - "groupName": cfg.Reva.LDAP.GroupSchema.Groupname, - "member": cfg.Reva.LDAP.GroupSchema.Member, - }, - } -} - -func waitForLDAPCA(log log.Logger, cfg *config.LDAP) error { - if !cfg.Insecure && cfg.CACert != "" { - if _, err := os.Stat(cfg.CACert); errors.Is(err, os.ErrNotExist) { - log.Warn().Str("LDAP CACert", cfg.CACert).Msgf("File does not exist. Waiting %d seconds for it to appear.", caTimeout) - time.Sleep(caTimeout * time.Second) - if _, err := os.Stat(cfg.CACert); errors.Is(err, os.ErrNotExist) { - log.Warn().Str("LDAP CACert", cfg.CACert).Msgf("File does still not exist after Timeout") - return err - } - } - } - return nil -} diff --git a/extensions/storage/pkg/command/root.go b/extensions/storage/pkg/command/root.go index 91bd7b6ce..a0ea7559f 100644 --- a/extensions/storage/pkg/command/root.go +++ b/extensions/storage/pkg/command/root.go @@ -15,7 +15,7 @@ func GetCommands(cfg *config.Config) cli.Commands { Frontend(cfg), Gateway(cfg), // Users(cfg), - Groups(cfg), + // Groups(cfg), AppProvider(cfg), // AuthBasic(cfg), AuthBearer(cfg), diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 2ad148d6f..b3e239eba 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -9,6 +9,7 @@ import ( glauth "github.com/owncloud/ocis/extensions/glauth/pkg/config" graphExplorer "github.com/owncloud/ocis/extensions/graph-explorer/pkg/config" graph "github.com/owncloud/ocis/extensions/graph/pkg/config" + group "github.com/owncloud/ocis/extensions/group/pkg/config" idm "github.com/owncloud/ocis/extensions/idm/pkg/config" idp "github.com/owncloud/ocis/extensions/idp/pkg/config" nats "github.com/owncloud/ocis/extensions/nats/pkg/config" @@ -77,6 +78,7 @@ type Config struct { Storage *storage.Config `yaml:"storage"` AuthBasic *authbasic.Config `yaml:"auth_basic"` User *user.Config `yaml:"user"` + Group *group.Config `yaml:"group"` Store *store.Config `yaml:"store"` Thumbnails *thumbnails.Config `yaml:"thumbnails"` WebDAV *webdav.Config `yaml:"webdav"` diff --git a/ocis-pkg/config/defaultconfig.go b/ocis-pkg/config/defaultconfig.go index 4eaa93f6c..2e21b19d4 100644 --- a/ocis-pkg/config/defaultconfig.go +++ b/ocis-pkg/config/defaultconfig.go @@ -7,6 +7,7 @@ import ( glauth "github.com/owncloud/ocis/extensions/glauth/pkg/config/defaults" graphExplorer "github.com/owncloud/ocis/extensions/graph-explorer/pkg/config/defaults" graph "github.com/owncloud/ocis/extensions/graph/pkg/config/defaults" + group "github.com/owncloud/ocis/extensions/group/pkg/config/defaults" idm "github.com/owncloud/ocis/extensions/idm/pkg/config/defaults" idp "github.com/owncloud/ocis/extensions/idp/pkg/config/defaults" nats "github.com/owncloud/ocis/extensions/nats/pkg/config/defaults" @@ -50,5 +51,6 @@ func DefaultConfig() *Config { Storage: storage.DefaultConfig(), AuthBasic: authbasic.FullDefaultConfig(), User: user.FullDefaultConfig(), + Group: group.FullDefaultConfig(), } } diff --git a/ocis/pkg/command/storagegroupprovider.go b/ocis/pkg/command/storagegroupprovider.go index a3703ac79..c2340fede 100644 --- a/ocis/pkg/command/storagegroupprovider.go +++ b/ocis/pkg/command/storagegroupprovider.go @@ -1,7 +1,7 @@ package command import ( - "github.com/owncloud/ocis/extensions/storage/pkg/command" + "github.com/owncloud/ocis/extensions/group/pkg/command" "github.com/owncloud/ocis/ocis-pkg/config" "github.com/owncloud/ocis/ocis/pkg/register" "github.com/urfave/cli/v2" @@ -18,7 +18,7 @@ func StorageGroupProviderCommand(cfg *config.Config) *cli.Command { return ParseStorageCommon(ctx, cfg) }, Action: func(c *cli.Context) error { - origCmd := command.Groups(cfg.Storage) + origCmd := command.Groups(cfg.Group) return handleOriginalAction(c, origCmd) }, } diff --git a/ocis/pkg/runtime/service/service.go b/ocis/pkg/runtime/service/service.go index 4ce9bba8f..d37642f5a 100644 --- a/ocis/pkg/runtime/service/service.go +++ b/ocis/pkg/runtime/service/service.go @@ -24,6 +24,7 @@ import ( glauth "github.com/owncloud/ocis/extensions/glauth/pkg/command" graphExplorer "github.com/owncloud/ocis/extensions/graph-explorer/pkg/command" graph "github.com/owncloud/ocis/extensions/graph/pkg/command" + group "github.com/owncloud/ocis/extensions/group/pkg/command" idm "github.com/owncloud/ocis/extensions/idm/pkg/command" idp "github.com/owncloud/ocis/extensions/idp/pkg/command" nats "github.com/owncloud/ocis/extensions/nats/pkg/command" @@ -112,7 +113,7 @@ func NewService(options ...Option) (*Service, error) { s.ServicesRegistry["ocdav"] = storage.NewOCDav s.ServicesRegistry["storage-gateway"] = storage.NewGateway s.ServicesRegistry["storage-userprovider"] = user.NewUserProvider - s.ServicesRegistry["storage-groupprovider"] = storage.NewGroupProvider + s.ServicesRegistry["storage-groupprovider"] = group.NewGroupProvider s.ServicesRegistry["storage-authbasic"] = authbasic.NewAuthBasic s.ServicesRegistry["storage-authbearer"] = storage.NewAuthBearer s.ServicesRegistry["storage-authmachine"] = storage.NewAuthMachine