diff --git a/services/graph/pkg/identity/cache.go b/services/graph/pkg/identity/cache/cache.go similarity index 92% rename from services/graph/pkg/identity/cache.go rename to services/graph/pkg/identity/cache/cache.go index 5efab1ec0e..04cb7c827f 100644 --- a/services/graph/pkg/identity/cache.go +++ b/services/graph/pkg/identity/cache/cache.go @@ -1,4 +1,4 @@ -package identity +package cache import ( "context" @@ -12,6 +12,7 @@ import ( "github.com/jellydator/ttlcache/v3" libregraph "github.com/opencloud-eu/libre-graph-api-go" "github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode" + "github.com/opencloud-eu/opencloud/services/graph/pkg/identity" "github.com/opencloud-eu/reva/v2/pkg/rgrpc/todo/pool" revautils "github.com/opencloud-eu/reva/v2/pkg/utils" ) @@ -92,9 +93,9 @@ func (cache IdentityCache) GetUser(ctx context.Context, tenantId, userid string) return libregraph.User{}, err } if tenantId != u.GetId().GetTenantId() { - return libregraph.User{}, ErrNotFound + return libregraph.User{}, identity.ErrNotFound } - return *CreateUserModelFromCS3(u), nil + return *identity.CreateUserModelFromCS3(u), nil } func (cache IdentityCache) GetCS3User(ctx context.Context, tenantId, userid string) (*cs3User.User, error) { @@ -110,20 +111,20 @@ func (cache IdentityCache) GetCS3User(ctx context.Context, tenantId, userid stri user, err = revautils.GetUserNoGroups(ctx, cs3UserID, gatewayClient) if err != nil { if revautils.IsErrNotFound(err) { - return nil, ErrNotFound + return nil, identity.ErrNotFound } return nil, errorcode.New(errorcode.GeneralException, err.Error()) } // check if the user is in the correct tenant // if not we need to return before the cache is touched if user.GetId().GetTenantId() != tenantId { - return nil, ErrNotFound + return nil, identity.ErrNotFound } cache.users.Set(userid, user, ttlcache.DefaultTTL) } else { if user.GetId().GetTenantId() != tenantId { - return nil, ErrNotFound + return nil, identity.ErrNotFound } user = item.Value() } @@ -136,7 +137,7 @@ func (cache IdentityCache) GetAcceptedUser(ctx context.Context, userid string) ( if err != nil { return libregraph.User{}, err } - return *CreateUserModelFromCS3(u), nil + return *identity.CreateUserModelFromCS3(u), nil } func (cache IdentityCache) GetAcceptedCS3User(ctx context.Context, userid string) (*cs3User.User, error) { @@ -152,7 +153,7 @@ func (cache IdentityCache) GetAcceptedCS3User(ctx context.Context, userid string user, err = revautils.GetAcceptedUserWithContext(ctx, cs3UserID, gatewayClient) if err != nil { if revautils.IsErrNotFound(err) { - return nil, ErrNotFound + return nil, identity.ErrNotFound } return nil, errorcode.New(errorcode.GeneralException, err.Error()) } @@ -185,10 +186,10 @@ func (cache IdentityCache) GetGroup(ctx context.Context, groupID string) (libreg switch res.Status.Code { case rpc.Code_CODE_OK: g := res.GetGroup() - group = *CreateGroupModelFromCS3(g) + group = *identity.CreateGroupModelFromCS3(g) cache.groups.Set(groupID, group, ttlcache.DefaultTTL) case rpc.Code_CODE_NOT_FOUND: - return group, ErrNotFound + return group, identity.ErrNotFound default: return group, errorcode.New(errorcode.GeneralException, res.Status.Message) } diff --git a/services/graph/pkg/identity/cache/cache_suite_test.go b/services/graph/pkg/identity/cache/cache_suite_test.go new file mode 100644 index 0000000000..f9503ab204 --- /dev/null +++ b/services/graph/pkg/identity/cache/cache_suite_test.go @@ -0,0 +1,13 @@ +package cache_test + +import ( + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +func TestCache(t *testing.T) { + RegisterFailHandler(Fail) + RunSpecs(t, "Cache Suite") +} diff --git a/services/graph/pkg/identity/cache_test.go b/services/graph/pkg/identity/cache/cache_test.go similarity index 67% rename from services/graph/pkg/identity/cache_test.go rename to services/graph/pkg/identity/cache/cache_test.go index e6a054f2a1..03a888d90f 100644 --- a/services/graph/pkg/identity/cache_test.go +++ b/services/graph/pkg/identity/cache/cache_test.go @@ -1,4 +1,4 @@ -package identity +package cache import ( "context" @@ -28,7 +28,7 @@ var _ = Describe("Cache", func() { Describe("GetUser", func() { It("should return not error", func() { // Persist the user to the cache for 1 hour - idc.users.Set(alan.GetId().OpaqueId, &alan, 3600) + idc.users.Set(alan.GetId().GetOpaqueId(), &alan, 3600) ru, err := idc.GetUser(ctx, "", "alan") Expect(err).To(BeNil()) @@ -40,9 +40,18 @@ var _ = Describe("Cache", func() { It("should return an error, if the tenant id does not match", func() { alan.GetId().TenantId = "1234" // Persist the user to the cache for 1 hour - idc.users.Set(alan.GetId().OpaqueId, &alan, 3600) + idc.users.Set(alan.GetId().GetOpaqueId(), &alan, 3600) _, err := idc.GetUser(ctx, "5678", "alan") Expect(err).ToNot(BeNil()) }) + + It("should not return an errorr, if the tenant id does match", func() { + alan.GetId().TenantId = "1234" + // Persist the user to the cache for 1 hour + idc.users.Set(alan.GetId().GetOpaqueId(), &alan, 3600) + ru, err := idc.GetUser(ctx, "1234", "alan") + Expect(err).To(BeNil()) + Expect(ru.GetDisplayName()).To(Equal(alan.GetDisplayName())) + }) }) }) diff --git a/services/graph/pkg/service/v0/api_driveitem_permissions.go b/services/graph/pkg/service/v0/api_driveitem_permissions.go index 258b8c6dde..01218ecf5a 100644 --- a/services/graph/pkg/service/v0/api_driveitem_permissions.go +++ b/services/graph/pkg/service/v0/api_driveitem_permissions.go @@ -38,6 +38,7 @@ import ( "github.com/opencloud-eu/opencloud/services/graph/pkg/config" "github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode" "github.com/opencloud-eu/opencloud/services/graph/pkg/identity" + "github.com/opencloud-eu/opencloud/services/graph/pkg/identity/cache" "github.com/opencloud-eu/opencloud/services/graph/pkg/unifiedrole" "github.com/opencloud-eu/opencloud/services/graph/pkg/validate" ) @@ -89,7 +90,7 @@ type ListPermissionsQueryOptions struct { } // NewDriveItemPermissionsService creates a new DriveItemPermissionsService -func NewDriveItemPermissionsService(logger log.Logger, gatewaySelector pool.Selectable[gateway.GatewayAPIClient], identityCache identity.IdentityCache, config *config.Config) (DriveItemPermissionsService, error) { +func NewDriveItemPermissionsService(logger log.Logger, gatewaySelector pool.Selectable[gateway.GatewayAPIClient], identityCache cache.IdentityCache, config *config.Config) (DriveItemPermissionsService, error) { return DriveItemPermissionsService{ BaseGraphService: BaseGraphService{ logger: &log.Logger{Logger: logger.With().Str("graph api", "DrivesDriveItemService").Logger()}, diff --git a/services/graph/pkg/service/v0/base.go b/services/graph/pkg/service/v0/base.go index 673fcc8944..bb65dc69be 100644 --- a/services/graph/pkg/service/v0/base.go +++ b/services/graph/pkg/service/v0/base.go @@ -29,6 +29,7 @@ import ( "github.com/opencloud-eu/opencloud/services/graph/pkg/config" "github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode" "github.com/opencloud-eu/opencloud/services/graph/pkg/identity" + "github.com/opencloud-eu/opencloud/services/graph/pkg/identity/cache" "github.com/opencloud-eu/opencloud/services/graph/pkg/linktype" "github.com/opencloud-eu/opencloud/services/graph/pkg/unifiedrole" ) @@ -44,7 +45,7 @@ type BaseGraphProvider interface { type BaseGraphService struct { logger *log.Logger gatewaySelector pool.Selectable[gateway.GatewayAPIClient] - identityCache identity.IdentityCache + identityCache cache.IdentityCache config *config.Config availableRoles []*libregraph.UnifiedRoleDefinition } diff --git a/services/graph/pkg/service/v0/service.go b/services/graph/pkg/service/v0/service.go index cee01f6982..f130de6dc1 100644 --- a/services/graph/pkg/service/v0/service.go +++ b/services/graph/pkg/service/v0/service.go @@ -15,6 +15,7 @@ import ( "github.com/go-chi/chi/v5/middleware" ldapv3 "github.com/go-ldap/ldap/v3" "github.com/jellydator/ttlcache/v3" + "github.com/opencloud-eu/opencloud/services/graph/pkg/identity/cache" "github.com/riandyrn/otelchi" microstore "go-micro.dev/v4/store" @@ -147,10 +148,10 @@ func NewService(opts ...Option) (Graph, error) { //nolint:maintidx ) go spacePropertiesCache.Start() - identityCache := identity.NewIdentityCache( - identity.IdentityCacheWithGatewaySelector(options.GatewaySelector), - identity.IdentityCacheWithUsersTTL(time.Duration(options.Config.Spaces.UsersCacheTTL)), - identity.IdentityCacheWithGroupsTTL(time.Duration(options.Config.Spaces.GroupsCacheTTL)), + identityCache := cache.NewIdentityCache( + cache.IdentityCacheWithGatewaySelector(options.GatewaySelector), + cache.IdentityCacheWithUsersTTL(time.Duration(options.Config.Spaces.UsersCacheTTL)), + cache.IdentityCacheWithGroupsTTL(time.Duration(options.Config.Spaces.GroupsCacheTTL)), ) baseGraphService := BaseGraphService{ diff --git a/services/graph/pkg/service/v0/utils.go b/services/graph/pkg/service/v0/utils.go index fd4e56cf2c..86de9919c1 100644 --- a/services/graph/pkg/service/v0/utils.go +++ b/services/graph/pkg/service/v0/utils.go @@ -20,7 +20,7 @@ import ( "github.com/opencloud-eu/opencloud/pkg/log" "github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode" - "github.com/opencloud-eu/opencloud/services/graph/pkg/identity" + "github.com/opencloud-eu/opencloud/services/graph/pkg/identity/cache" "github.com/opencloud-eu/opencloud/services/graph/pkg/unifiedrole" ) @@ -92,7 +92,7 @@ func IsShareJail(id *storageprovider.ResourceId) bool { // userIdToIdentity looks the user for the supplied id using the cache and returns it // as a libregraph.Identity -func userIdToIdentity(ctx context.Context, cache identity.IdentityCache, tennantId, userID string) (libregraph.Identity, error) { +func userIdToIdentity(ctx context.Context, cache cache.IdentityCache, tennantId, userID string) (libregraph.Identity, error) { identity := libregraph.Identity{ Id: libregraph.PtrString(userID), } @@ -106,7 +106,7 @@ func userIdToIdentity(ctx context.Context, cache identity.IdentityCache, tennant // federatedIdToIdentity looks the user for the supplied id using the cache and returns it // as a libregraph.Identity -func federatedIdToIdentity(ctx context.Context, cache identity.IdentityCache, userID string) (libregraph.Identity, error) { +func federatedIdToIdentity(ctx context.Context, cache cache.IdentityCache, userID string) (libregraph.Identity, error) { identity := libregraph.Identity{ Id: libregraph.PtrString(userID), LibreGraphUserType: libregraph.PtrString("Federated"), @@ -121,7 +121,7 @@ func federatedIdToIdentity(ctx context.Context, cache identity.IdentityCache, us // cs3UserIdToIdentity looks up the user for the supplied cs3 userid using the cache and returns it // as a libregraph.Identity. Skips the user lookup if the id type is USER_TYPE_SPACE_OWNER -func cs3UserIdToIdentity(ctx context.Context, cache identity.IdentityCache, cs3UserID *cs3User.UserId) (libregraph.Identity, error) { +func cs3UserIdToIdentity(ctx context.Context, cache cache.IdentityCache, cs3UserID *cs3User.UserId) (libregraph.Identity, error) { if cs3UserID.GetType() == cs3User.UserType_USER_TYPE_FEDERATED { return federatedIdToIdentity(ctx, cache, cs3UserID.GetOpaqueId()) } @@ -133,7 +133,7 @@ func cs3UserIdToIdentity(ctx context.Context, cache identity.IdentityCache, cs3U // groupIdToIdentity looks up the group for the supplied cs3 groupid using the cache and returns it // as a libregraph.Identity. -func groupIdToIdentity(ctx context.Context, cache identity.IdentityCache, groupID string) (libregraph.Identity, error) { +func groupIdToIdentity(ctx context.Context, cache cache.IdentityCache, groupID string) (libregraph.Identity, error) { identity := libregraph.Identity{ Id: libregraph.PtrString(groupID), } @@ -162,7 +162,7 @@ func identitySetToSpacePermissionID(identitySet libregraph.SharePointIdentitySet func cs3ReceivedSharesToDriveItems(ctx context.Context, logger *log.Logger, gatewayClient gateway.GatewayAPIClient, - identityCache identity.IdentityCache, + identityCache cache.IdentityCache, receivedShares []*collaboration.ReceivedShare, availableRoles []*libregraph.UnifiedRoleDefinition, ) ([]libregraph.DriveItem, error) { @@ -341,7 +341,7 @@ func cs3ReceivedSharesToDriveItems(ctx context.Context, } func fillDriveItemPropertiesFromReceivedShare(ctx context.Context, logger *log.Logger, - identityCache identity.IdentityCache, receivedShares []*collaboration.ReceivedShare, + identityCache cache.IdentityCache, receivedShares []*collaboration.ReceivedShare, resourceInfo *storageprovider.ResourceInfo, availableRoles []*libregraph.UnifiedRoleDefinition) (*libregraph.DriveItem, error) { driveItem := libregraph.NewDriveItem() @@ -416,7 +416,7 @@ func fillDriveItemPropertiesFromReceivedShare(ctx context.Context, logger *log.L } func cs3ReceivedShareToLibreGraphPermissions(ctx context.Context, logger *log.Logger, - identityCache identity.IdentityCache, receivedShare *collaboration.ReceivedShare, + identityCache cache.IdentityCache, receivedShare *collaboration.ReceivedShare, resourceInfo *storageprovider.ResourceInfo, availableRoles []*libregraph.UnifiedRoleDefinition) (*libregraph.Permission, error) { permission := libregraph.NewPermission() if id := receivedShare.GetShare().GetId().GetOpaqueId(); id != "" { @@ -510,7 +510,7 @@ func ExtractShareIdFromResourceId(rid *storageprovider.ResourceId) *collaboratio func cs3ReceivedOCMSharesToDriveItems(ctx context.Context, logger *log.Logger, gatewayClient gateway.GatewayAPIClient, - identityCache identity.IdentityCache, + identityCache cache.IdentityCache, receivedShares []*ocm.ReceivedShare, availableRoles []*libregraph.UnifiedRoleDefinition) ([]libregraph.DriveItem, error) { group := new(errgroup.Group) @@ -696,7 +696,7 @@ func cs3ReceivedOCMSharesToDriveItems(ctx context.Context, } func fillDriveItemPropertiesFromReceivedOCMShare(ctx context.Context, logger *log.Logger, - identityCache identity.IdentityCache, receivedShares []*ocm.ReceivedShare, + identityCache cache.IdentityCache, receivedShares []*ocm.ReceivedShare, resourceInfo *storageprovider.ResourceInfo, availableRoles []*libregraph.UnifiedRoleDefinition) (*libregraph.DriveItem, error) { driveItem := libregraph.NewDriveItem() @@ -775,7 +775,7 @@ func fillDriveItemPropertiesFromReceivedOCMShare(ctx context.Context, logger *lo } func cs3ReceivedOCMShareToLibreGraphPermissions(ctx context.Context, logger *log.Logger, - identityCache identity.IdentityCache, receivedShare *ocm.ReceivedShare, + identityCache cache.IdentityCache, receivedShare *ocm.ReceivedShare, resourceInfo *storageprovider.ResourceInfo, availableRoles []*libregraph.UnifiedRoleDefinition) (*libregraph.Permission, error) { permission := libregraph.NewPermission() if id := receivedShare.GetId().GetOpaqueId(); id != "" {