From f2b8880ab16d5e9fda1a870852dae7c02e8871bf Mon Sep 17 00:00:00 2001
From: David Christofas <dchristofas@owncloud.com>
Date: Fri, 28 Jan 2022 12:01:28 +0100
Subject: [PATCH] improve permission code in settings service

---
 settings/pkg/server/grpc/server.go           | 4 +++-
 settings/pkg/service/v0/service.go           | 9 ++++++---
 settings/pkg/settings/settings.go            | 5 +++++
 settings/pkg/store/filesystem/permissions.go | 3 ++-
 4 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/settings/pkg/server/grpc/server.go b/settings/pkg/server/grpc/server.go
index c313f853d..2b8fde170 100644
--- a/settings/pkg/server/grpc/server.go
+++ b/settings/pkg/server/grpc/server.go
@@ -71,6 +71,8 @@ type permissionsServiceHandler struct {
 
 func (h *permissionsServiceHandler) CheckPermission(ctx context.Context, req *permissions.CheckPermissionRequest, res *permissions.CheckPermissionResponse) error {
 	r, err := h.api.CheckPermission(ctx, req)
-	*res = *r
+	if r != nil {
+		*res = *r
+	}
 	return err
 }
diff --git a/settings/pkg/service/v0/service.go b/settings/pkg/service/v0/service.go
index 43b4b83fc..97f6f222c 100644
--- a/settings/pkg/service/v0/service.go
+++ b/settings/pkg/service/v0/service.go
@@ -2,6 +2,7 @@ package svc
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	permissions "github.com/cs3org/go-cs3apis/cs3/permissions/v1beta1"
@@ -64,9 +65,11 @@ func (g Service) CheckPermission(ctx context.Context, req *permissions.CheckPerm
 
 	permission, err := g.manager.ReadPermissionByName(req.Permission, roleIDs)
 	if err != nil {
-		return &permissions.CheckPermissionResponse{
-			Status: status.NewInternal(ctx, err.Error()),
-		}, nil
+		if !errors.Is(err, settings.ErrPermissionNotFound) {
+			return &permissions.CheckPermissionResponse{
+				Status: status.NewInternal(ctx, err.Error()),
+			}, nil
+		}
 	}
 
 	if permission == nil {
diff --git a/settings/pkg/settings/settings.go b/settings/pkg/settings/settings.go
index 4f78e3e59..da0ff5347 100644
--- a/settings/pkg/settings/settings.go
+++ b/settings/pkg/settings/settings.go
@@ -1,6 +1,8 @@
 package settings
 
 import (
+	"errors"
+
 	"github.com/owncloud/ocis/settings/pkg/config"
 	"github.com/owncloud/ocis/settings/pkg/proto/v0"
 )
@@ -8,6 +10,9 @@ import (
 var (
 	// Registry uses the strategy pattern as a registry
 	Registry = map[string]RegisterFunc{}
+
+	// ErrPermissionNotFound defines a new error for when a permission was not found
+	ErrPermissionNotFound = errors.New("permission not found")
 )
 
 // RegisterFunc stores store constructors
diff --git a/settings/pkg/store/filesystem/permissions.go b/settings/pkg/store/filesystem/permissions.go
index db9f67a6c..ea63c3590 100644
--- a/settings/pkg/store/filesystem/permissions.go
+++ b/settings/pkg/store/filesystem/permissions.go
@@ -2,6 +2,7 @@ package store
 
 import (
 	"github.com/owncloud/ocis/settings/pkg/proto/v0"
+	"github.com/owncloud/ocis/settings/pkg/settings"
 	"github.com/owncloud/ocis/settings/pkg/util"
 )
 
@@ -54,7 +55,7 @@ func (s Store) ReadPermissionByName(name string, roleIDs []string) (*proto.Permi
 			}
 		}
 	}
-	return nil, nil
+	return nil, settings.ErrPermissionNotFound
 }
 
 // extractPermissionsByResource collects all permissions from the provided role that match the requested resource