mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-04-22 11:09:02 -05:00
Merge pull request #9765 from owncloud/federated-user-roles
allow querying federated sharing roles
This commit is contained in:
Jörn Friedrich Dreyer
@@ -43,8 +43,8 @@ Feature: permissions role definitions
|
||||
},
|
||||
"rolePermissions": {
|
||||
"type": "array",
|
||||
"maxItems": 2,
|
||||
"minItems": 2,
|
||||
"maxItems": 4,
|
||||
"minItems": 4,
|
||||
"uniqueItems": true,
|
||||
"items": {
|
||||
"oneOf": [
|
||||
@@ -91,6 +91,50 @@ Feature: permissions role definitions
|
||||
"const": "exists @Resource.Folder"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
},
|
||||
"condition": {
|
||||
"const": "exists @Resource.File \u0026\u0026 @Subject.UserType==\"Federated\""
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
},
|
||||
"condition": {
|
||||
"const": "exists @Resource.Folder \u0026\u0026 @Subject.UserType==\"Federated\""
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@@ -174,35 +218,66 @@ Feature: permissions role definitions
|
||||
},
|
||||
"rolePermissions": {
|
||||
"type": "array",
|
||||
"maxItems": 1,
|
||||
"minItems": 1,
|
||||
"maxItems": 2,
|
||||
"minItems": 2,
|
||||
"uniqueItems": true,
|
||||
"items": {
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/children/create",
|
||||
"libre.graph/driveItem/standard/delete",
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/upload/create",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/path/update",
|
||||
"libre.graph/driveItem/deleted/update",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
"oneOf": [
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/children/create",
|
||||
"libre.graph/driveItem/standard/delete",
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/upload/create",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/path/update",
|
||||
"libre.graph/driveItem/deleted/update",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
},
|
||||
"condition": {
|
||||
"const": "exists @Resource.Folder"
|
||||
}
|
||||
}
|
||||
},
|
||||
"condition": {
|
||||
"const": "exists @Resource.Folder"
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/children/create",
|
||||
"libre.graph/driveItem/standard/delete",
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/upload/create",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/path/update",
|
||||
"libre.graph/driveItem/deleted/update",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
},
|
||||
"condition": {
|
||||
"const": "exists @Resource.Folder \u0026\u0026 @Subject.UserType==\"Federated\""
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -291,32 +366,60 @@ Feature: permissions role definitions
|
||||
},
|
||||
"rolePermissions": {
|
||||
"type": "array",
|
||||
"maxItems": 1,
|
||||
"minItems": 1,
|
||||
"maxItems": 2,
|
||||
"minItems": 2,
|
||||
"uniqueItems": true,
|
||||
"items": {
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/upload/create",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/deleted/update",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
"oneOf": [
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/upload/create",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/deleted/update",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
},
|
||||
"condition": {
|
||||
"const":"exists @Resource.File"
|
||||
}
|
||||
}
|
||||
},
|
||||
"condition": {
|
||||
"const":"exists @Resource.File"
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/upload/create",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/deleted/update",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
},
|
||||
"condition": {
|
||||
"const":"exists @Resource.File \u0026\u0026 @Subject.UserType==\"Federated\""
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -544,60 +647,104 @@ Feature: permissions role definitions
|
||||
"id": {
|
||||
"const": "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5"
|
||||
},
|
||||
"rolePermissions": {
|
||||
"type": "array",
|
||||
"maxItems": 2,
|
||||
"minItems": 2,
|
||||
"uniqueItems": true,
|
||||
"items": {
|
||||
"oneOf": [
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
"rolePermissions": {
|
||||
"type": "array",
|
||||
"maxItems": 4,
|
||||
"minItems": 4,
|
||||
"uniqueItems": true,
|
||||
"items": {
|
||||
"oneOf": [
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
},
|
||||
"condition": {
|
||||
"const": "exists @Resource.File"
|
||||
}
|
||||
}
|
||||
},
|
||||
"condition": {
|
||||
"const": "exists @Resource.File"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
},
|
||||
"condition": {
|
||||
"const": "exists @Resource.Folder"
|
||||
}
|
||||
}
|
||||
},
|
||||
"condition": {
|
||||
"const": "exists @Resource.Folder"
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
},
|
||||
"condition": {
|
||||
"const": "exists @Resource.File \u0026\u0026 @Subject.UserType==\"Federated\""
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"allowedResourceActions",
|
||||
"condition"
|
||||
],
|
||||
"properties": {
|
||||
"allowedResourceActions": {
|
||||
"const": [
|
||||
"libre.graph/driveItem/path/read",
|
||||
"libre.graph/driveItem/quota/read",
|
||||
"libre.graph/driveItem/content/read",
|
||||
"libre.graph/driveItem/children/read",
|
||||
"libre.graph/driveItem/deleted/read",
|
||||
"libre.graph/driveItem/basic/read"
|
||||
]
|
||||
},
|
||||
"condition": {
|
||||
"const": "exists @Resource.Folder \u0026\u0026 @Subject.UserType==\"Federated\""
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
"""
|
||||
|
||||
Reference in New Issue
Block a user