mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-05 03:40:01 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add 'settings/' from commit '230545a4a75b0611988fbcea51336a6c316d6a3d'

Browse Source 
git-subtree-dir: settings
git-subtree-mainline: c26f7b390a
git-subtree-split: 230545a4a7
This commit is contained in:
A.Unger
2020-09-18 12:43:43 +02:00
parent c26f7b390a 230545a4a7
commit f725ddaa65
140 changed files with 28757 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
settings/.codacy.yml Normal file
View File

@@ -0,0 +1,10 @@
---
exclude_paths:
- CHANGELOG.md
- changelog/**
- docs/**
- pkg/proto/**
- package.json
- rollup.config.js
...

2
settings/.dockerignore Normal file
View File

@@ -0,0 +1,2 @@
*
!bin/

862
settings/.drone.star Normal file
View File

@@ -0,0 +1,862 @@
def main(ctx):
before = [
testing(ctx),
UITests(ctx, 'master', '1840e805bd1bef2e8ee2935de47076a3f2ca3788', 'master', '2e1af4c27f21439ead1e3358f9690e9ffa7eb75a')
]
stages = [
docker(ctx, 'amd64'),
docker(ctx, 'arm64'),
docker(ctx, 'arm'),
binary(ctx, 'linux'),
binary(ctx, 'darwin'),
binary(ctx, 'windows'),
]
after = [
manifest(ctx),
changelog(ctx),
readme(ctx),
badges(ctx),
website(ctx),
]
return before + stages + after
def testing(ctx):
return {
'kind': 'pipeline',
'type': 'docker',
'name': 'testing',
'platform': {
'os': 'linux',
'arch': 'amd64',
},
'steps': [
{
'name': 'frontend',
'image': 'webhippie/nodejs:latest',
'pull': 'always',
'commands': [
'yarn install --frozen-lockfile',
'yarn lint',
'yarn test',
'yarn build',
],
},
{
'name': 'generate',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'commands': [
'make generate',
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app',
},
],
},
{
'name': 'golangci-lint',
'image': 'golangci/golangci-lint:latest',
'pull': 'always',
'commands': [
'golangci-lint run',
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app',
},
],
},
{
'name': 'build',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'commands': [
'make protobuf build',
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app',
},
],
},
{
'name': 'test',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'commands': [
'make test',
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app',
},
],
},
{
'name': 'codacy',
'image': 'plugins/codacy:1',
'pull': 'always',
'settings': {
'token': {
'from_secret': 'codacy_token',
},
},
},
],
'volumes': [
{
'name': 'gopath',
'temp': {},
},
],
'trigger': {
'ref': [
'refs/heads/master',
'refs/tags/**',
'refs/pull/**',
],
},
}
def docker(ctx, arch):
return {
'kind': 'pipeline',
'type': 'docker',
'name': arch,
'platform': {
'os': 'linux',
'arch': arch,
},
'steps': [
{
'name': 'frontend',
'image': 'webhippie/nodejs:latest',
'pull': 'always',
'commands': [
'yarn install --frozen-lockfile',
'yarn lint',
'yarn test',
'yarn build',
],
},
{
'name': 'generate',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'commands': [
'make generate',
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app',
},
],
},
{
'name': 'build',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'commands': [
'make protobuf build',
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app',
},
],
},
{
'name': 'dryrun',
'image': 'plugins/docker:18.09',
'pull': 'always',
'settings': {
'dry_run': True,
'tags': 'linux-%s' % (arch),
'dockerfile': 'docker/Dockerfile.linux.%s' % (arch),
'repo': ctx.repo.slug,
},
'when': {
'ref': {
'include': [
'refs/pull/**',
],
},
},
},
{
'name': 'docker',
'image': 'plugins/docker:18.09',
'pull': 'always',
'settings': {
'username': {
'from_secret': 'docker_username',
},
'password': {
'from_secret': 'docker_password',
},
'auto_tag': True,
'auto_tag_suffix': 'linux-%s' % (arch),
'dockerfile': 'docker/Dockerfile.linux.%s' % (arch),
'repo': ctx.repo.slug,
},
'when': {
'ref': {
'exclude': [
'refs/pull/**',
],
},
},
},
],
'volumes': [
{
'name': 'gopath',
'temp': {},
},
],
'depends_on': [
'testing',
'UiTests',
],
'trigger': {
'ref': [
'refs/heads/master',
'refs/tags/**',
'refs/pull/**',
],
},
}
def binary(ctx, name):
if ctx.build.event == "tag":
settings = {
'endpoint': {
'from_secret': 's3_endpoint',
},
'access_key': {
'from_secret': 'aws_access_key_id',
},
'secret_key': {
'from_secret': 'aws_secret_access_key',
},
'bucket': {
'from_secret': 's3_bucket',
},
'path_style': True,
'strip_prefix': 'dist/release/',
'source': 'dist/release/*',
'target': '/ocis/%s/%s' % (ctx.repo.name.replace("ocis-", ""), ctx.build.ref.replace("refs/tags/v", "")),
}
else:
settings = {
'endpoint': {
'from_secret': 's3_endpoint',
},
'access_key': {
'from_secret': 'aws_access_key_id',
},
'secret_key': {
'from_secret': 'aws_secret_access_key',
},
'bucket': {
'from_secret': 's3_bucket',
},
'path_style': True,
'strip_prefix': 'dist/release/',
'source': 'dist/release/*',
'target': '/ocis/%s/testing' % (ctx.repo.name.replace("ocis-", "")),
}
return {
'kind': 'pipeline',
'type': 'docker',
'name': name,
'platform': {
'os': 'linux',
'arch': 'amd64',
},
'steps': [
{
'name': 'frontend',
'image': 'webhippie/nodejs:latest',
'pull': 'always',
'commands': [
'yarn install --frozen-lockfile',
'yarn build',
],
},
{
'name': 'generate',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'commands': [
'make generate',
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app',
},
],
},
{
'name': 'build',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'commands': [
'make release-%s' % (name),
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app',
},
],
},
{
'name': 'finish',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'commands': [
'make release-finish',
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app',
},
],
},
{
'name': 'upload',
'image': 'plugins/s3:1',
'pull': 'always',
'settings': settings,
'when': {
'ref': [
'refs/heads/master',
'refs/tags/**',
],
},
},
{
'name': 'changelog',
'image': 'toolhippie/calens:latest',
'pull': 'always',
'commands': [
'calens --version %s -o dist/CHANGELOG.md' % ctx.build.ref.replace("refs/tags/v", "").split("-")[0],
],
'when': {
'ref': [
'refs/tags/**',
],
},
},
{
'name': 'release',
'image': 'plugins/github-release:1',
'pull': 'always',
'settings': {
'api_key': {
'from_secret': 'github_token',
},
'files': [
'dist/release/*',
],
'title': ctx.build.ref.replace("refs/tags/v", ""),
'note': 'dist/CHANGELOG.md',
'overwrite': True,
'prerelease': len(ctx.build.ref.split("-")) > 1,
},
'when': {
'ref': [
'refs/tags/**',
],
},
},
],
'volumes': [
{
'name': 'gopath',
'temp': {},
},
],
'depends_on': [
'testing',
],
'trigger': {
'ref': [
'refs/heads/master',
'refs/tags/**',
'refs/pull/**',
],
},
}
def manifest(ctx):
return {
'kind': 'pipeline',
'type': 'docker',
'name': 'manifest',
'platform': {
'os': 'linux',
'arch': 'amd64',
},
'steps': [
{
'name': 'execute',
'image': 'plugins/manifest:1',
'pull': 'always',
'settings': {
'username': {
'from_secret': 'docker_username',
},
'password': {
'from_secret': 'docker_password',
},
'spec': 'docker/manifest.tmpl',
'auto_tag': True,
'ignore_missing': True,
},
},
],
'depends_on': [
'amd64',
'arm64',
'arm',
'linux',
'darwin',
'windows',
],
'trigger': {
'ref': [
'refs/heads/master',
'refs/tags/**',
],
},
}
def changelog(ctx):
repo_slug = ctx.build.source_repo if ctx.build.source_repo else ctx.repo.slug
return {
'kind': 'pipeline',
'type': 'docker',
'name': 'changelog',
'platform': {
'os': 'linux',
'arch': 'amd64',
},
'clone': {
'disable': True,
},
'steps': [
{
'name': 'clone',
'image': 'plugins/git-action:1',
'pull': 'always',
'settings': {
'actions': [
'clone',
],
'remote': 'https://github.com/%s' % (repo_slug),
'branch': ctx.build.source if ctx.build.event == 'pull_request' else 'master',
'path': '/drone/src',
'netrc_machine': 'github.com',
'netrc_username': {
'from_secret': 'github_username',
},
'netrc_password': {
'from_secret': 'github_token',
},
},
},
{
'name': 'generate',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'commands': [
'make changelog',
],
},
{
'name': 'diff',
'image': 'owncloud/alpine:latest',
'pull': 'always',
'commands': [
'git diff',
],
},
{
'name': 'output',
'image': 'owncloud/alpine:latest',
'pull': 'always',
'commands': [
'cat CHANGELOG.md',
],
},
{
'name': 'publish',
'image': 'plugins/git-action:1',
'pull': 'always',
'settings': {
'actions': [
'commit',
'push',
],
'message': 'Automated changelog update [skip ci]',
'branch': 'master',
'author_email': 'devops@owncloud.com',
'author_name': 'ownClouders',
'netrc_machine': 'github.com',
'netrc_username': {
'from_secret': 'github_username',
},
'netrc_password': {
'from_secret': 'github_token',
},
},
'when': {
'ref': {
'exclude': [
'refs/pull/**',
],
},
},
},
],
'depends_on': [
'manifest',
],
'trigger': {
'ref': [
'refs/heads/master',
'refs/pull/**',
],
},
}
def readme(ctx):
return {
'kind': 'pipeline',
'type': 'docker',
'name': 'readme',
'platform': {
'os': 'linux',
'arch': 'amd64',
},
'steps': [
{
'name': 'execute',
'image': 'sheogorath/readme-to-dockerhub:latest',
'pull': 'always',
'environment': {
'DOCKERHUB_USERNAME': {
'from_secret': 'docker_username',
},
'DOCKERHUB_PASSWORD': {
'from_secret': 'docker_password',
},
'DOCKERHUB_REPO_PREFIX': ctx.repo.namespace,
'DOCKERHUB_REPO_NAME': ctx.repo.name,
'SHORT_DESCRIPTION': 'Docker images for %s' % (ctx.repo.name),
'README_PATH': 'README.md',
},
},
],
'depends_on': [
'changelog',
],
'trigger': {
'ref': [
'refs/heads/master',
'refs/tags/**',
],
},
}
def badges(ctx):
return {
'kind': 'pipeline',
'type': 'docker',
'name': 'badges',
'platform': {
'os': 'linux',
'arch': 'amd64',
},
'steps': [
{
'name': 'execute',
'image': 'plugins/webhook:1',
'pull': 'always',
'settings': {
'urls': {
'from_secret': 'microbadger_url',
},
},
},
],
'depends_on': [
'readme',
],
'trigger': {
'ref': [
'refs/heads/master',
'refs/tags/**',
],
},
}
def website(ctx):
return {
'kind': 'pipeline',
'type': 'docker',
'name': 'website',
'platform': {
'os': 'linux',
'arch': 'amd64',
},
'steps': [
{
'name': 'prepare',
'image': 'owncloudci/alpine:latest',
'commands': [
'make docs-copy'
],
},
{
'name': 'test',
'image': 'webhippie/hugo:latest',
'commands': [
'cd hugo',
'hugo',
],
},
{
'name': 'list',
'image': 'owncloudci/alpine:latest',
'commands': [
'tree hugo/public',
],
},
{
'name': 'publish',
'image': 'plugins/gh-pages:1',
'pull': 'always',
'settings': {
'username': {
'from_secret': 'github_username',
},
'password': {
'from_secret': 'github_token',
},
'pages_directory': 'docs/',
'target_branch': 'docs',
},
'when': {
'ref': {
'exclude': [
'refs/pull/**',
],
},
},
},
{
'name': 'downstream',
'image': 'plugins/downstream',
'settings': {
'server': 'https://cloud.drone.io/',
'token': {
'from_secret': 'drone_token',
},
'repositories': [
'owncloud/owncloud.github.io@source',
],
},
'when': {
'ref': {
'exclude': [
'refs/pull/**',
],
},
},
},
],
'depends_on': [
'badges',
],
'trigger': {
'ref': [
'refs/heads/master',
'refs/pull/**',
],
},
}
def UITests(ctx, ocisBranch, ocisCommitId, phoenixBranch, phoenixCommitId):
return {
'kind': 'pipeline',
'type': 'docker',
'name': 'UiTests',
'platform': {
'os': 'linux',
'arch': 'amd64',
},
'steps': [
{
'name': 'build',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'commands': [
'make protobuf build',
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app',
},
],
},
{
'name': 'build-ocis',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'commands': [
'git clone -b %s --single-branch --no-tags https://github.com/owncloud/ocis /srv/app/ocis' % (ocisBranch),
'cd /srv/app/ocis',
'git checkout %s' % (ocisCommitId),
'make build',
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app'
},
]
},
{
'name': 'ocis-server',
'image': 'webhippie/golang:1.13',
'pull': 'always',
'detach': True,
'environment' : {
'OCIS_LOG_LEVEL': 'debug',
'REVA_STORAGE_HOME_DATA_TEMP_FOLDER': '/srv/app/tmp/',
'REVA_STORAGE_LOCAL_ROOT': '/srv/app/tmp/reva/root',
'REVA_STORAGE_OWNCLOUD_DATADIR': '/srv/app/tmp/reva/data',
'REVA_STORAGE_OC_DATA_TEMP_FOLDER': '/srv/app/tmp/',
'REVA_STORAGE_OWNCLOUD_REDIS_ADDR': 'redis:6379',
'REVA_LDAP_IDP': 'https://ocis-server:9200',
'REVA_OIDC_ISSUER': 'https://ocis-server:9200',
'PROXY_OIDC_ISSUER': 'https://ocis-server:9200',
'REVA_STORAGE_OC_DATA_SERVER_URL': 'http://ocis-server:9164/data',
'REVA_DATAGATEWAY_URL': 'https://ocis-server:9200/data',
'REVA_FRONTEND_URL': 'https://ocis-server:9200',
'PHOENIX_WEB_CONFIG': '/drone/src/ui/tests/config/drone/ocis-config.json',
'KONNECTD_IDENTIFIER_REGISTRATION_CONF': '/drone/src/ui/tests/config/drone/identifier-registration.yml',
'KONNECTD_ISS': 'https://ocis-server:9200',
'KONNECTD_TLS': 'true',
'OCIS_CONFIG_FILE': '/drone/src/ui/tests/config/drone/proxy-config.json',
'SETTINGS_DATA_PATH': '/srv/app/settings-store'
},
'commands': [
'mkdir -p /srv/app/tmp/reva',
# Start ocis settings first
'bin/ocis-settings server &',
# Now run all the ocis services except the settings because it is already running
'/srv/app/ocis/bin/ocis server',
],
'volumes': [
{
'name': 'gopath',
'path': '/srv/app'
},
]
},
{
'name': 'WebUIAcceptanceTests',
'image': 'owncloudci/nodejs:10',
'pull': 'always',
'environment': {
'SERVER_HOST': 'https://ocis-server:9200',
'BACKEND_HOST': 'https://ocis-server:9200',
'RUN_ON_OCIS': 'true',
'OCIS_REVA_DATA_ROOT': '/srv/app/tmp/reva',
'OCIS_SKELETON_DIR': '/srv/app/testing/data/webUISkeleton',
'PHOENIX_CONFIG': '/drone/src/ui/tests/config/drone/ocis-config.json',
'TEST_TAGS': 'not @skipOnOCIS and not @skip',
'LOCAL_UPLOAD_DIR': '/uploads',
'PHOENIX_PATH': '/srv/app/phoenix',
'FEATURE_PATH': 'ui/tests/acceptance/features',
'NODE_TLS_REJECT_UNAUTHORIZED': '0',
'OCIS_SETTINGS_STORE': '/srv/app/settings-store'
},
'commands': [
'git clone --depth=1 https://github.com/owncloud/testing.git /srv/app/testing',
'git clone -b %s --single-branch https://github.com/owncloud/phoenix /srv/app/phoenix' % (phoenixBranch),
'cd /srv/app/phoenix',
'git checkout %s' % (phoenixCommitId),
'cp -r /srv/app/phoenix/tests/acceptance/filesForUpload/* /uploads',
'yarn install-all',
'yarn dist',
'cp -r /drone/src/ui/tests/config/drone/ocis-config.json /srv/app/phoenix/dist/config.json',
'cd /drone/src',
'yarn install --all',
'make test-acceptance-webui',
],
'volumes': [{
'name': 'gopath',
'path': '/srv/app',
},
{
'name': 'uploads',
'path': '/uploads'
}]
},
],
'services': [
{
'name': 'redis',
'image': 'webhippie/redis',
'pull': 'always',
'environment': {
'REDIS_DATABASES': 1
},
},
{
'name': 'selenium',
'image': 'selenium/standalone-chrome-debug:3.141.59-20200326',
'pull': 'always',
'volumes': [{
'name': 'uploads',
'path': '/uploads'
}],
},
],
'volumes': [
{
'name': 'gopath',
'temp': {},
},
{
'name': 'uploads',
'temp': {}
}
],
'trigger': {
'ref': [
'refs/heads/master',
'refs/tags/**',
'refs/pull/**',
],
},
}

35
settings/.editorconfig Normal file
View File

@@ -0,0 +1,35 @@
# http://editorconfig.org
root = true
[*]
charset = utf-8
insert_final_newline = true
trim_trailing_whitespace = true
[Makefile]
indent_style = tab
indent_size = 4
[*.go]
indent_style = tab
indent_size = 4
[*.starlark]
indent_style = space
indent_size = 2
[*.{yml,json}]
indent_style = space
indent_size = 2
[*.{js,vue}]
indent_style = space
indent_size = 2
[*.{css,less}]
indent_style = space
indent_size = 2
[*.md]
trim_trailing_whitespace = true

17
settings/.eslintrc.json Normal file
View File

@@ -0,0 +1,17 @@
{
"env": {
"browser": true,
"es6": true,
"amd": true
},
"extends": [
"standard",
"plugin:vue/essential"
],
"parserOptions": {
"sourceType": "module"
},
"rules": {
}
}

12
settings/.github/config.yml vendored Normal file
View File

@@ -0,0 +1,12 @@
# Configuration for update-docs - https://github.com/behaviorbot/update-docs
# Comment to be posted to on PRs that don't update documentation
updateDocsComment: >
Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a [changelog](https://github.com/owncloud/ocis-settings/blob/master/changelog/README.md) item based on your changes.
updateDocsWhiteList:
- Tests-only
- tests-only
- Tests-Only
updateDocsTargetFiles:
- changelog/unreleased/

98
settings/.github/settings.yml vendored Normal file
View File

@@ -0,0 +1,98 @@
---
repository:
name: ocis-settings
description: ':atom_symbol: Settings Service for oCIS'
homepage: https://owncloud.github.io/extensions/ocis_settings/
topics: reva, ocis
private: false
has_issues: true
has_projects: false
has_wiki: false
has_downloads: false
default_branch: master
allow_squash_merge: true
allow_merge_commit: true
allow_rebase_merge: true
labels:
- name: bug
color: d73a4a
description: Something isn't working
- name: documentation
color: 0075ca
description: Improvements or additions to documentation
- name: duplicate
color: cfd3d7
description: This issue or pull request already exists
- name: enhancement
color: a2eeef
description: New feature or request
- name: good first issue
color: 7057ff
description: Good for newcomers
- name: help wanted
color: 008672
description: Extra attention is needed
- name: invalid
color: e4e669
description: This doesn't seem right
- name: question
color: d876e3
description: Further information is requested
- name: wontfix
color: ffffff
description: This will not be worked on
- name: effort/trivial
color: c2e0c6
description: Required effort to finish task
- name: effort/0.25d
color: c2e0c6
description: Required effort to finish task
- name: effort/0.5d
color: c2e0c6
description: Required effort to finish task
- name: effort/1d
color: c2e0c6
description: Required effort to finish task
- name: effort/2d
color: c2e0c6
description: Required effort to finish task
- name: effort/4d
color: c2e0c6
description: Required effort to finish task
- name: effort/5d
color: c2e0c6
description: Required effort to finish task
- name: effort/10d
color: c2e0c6
description: Required effort to finish task
teams:
- name: ci
permission: admin
- name: employees
permission: push
branches:
- name: master
protection:
required_pull_request_reviews:
required_approving_review_count: 1
dismiss_stale_reviews: false
require_code_owner_reviews: false
dismissal_restrictions: {}
required_status_checks:
strict: true
contexts:
- continuous-integration/drone/pr
enforce_admins: false
restrictions:
users: []
teams:
- ci
- employees
...

11
settings/.gitignore vendored Normal file
View File

@@ -0,0 +1,11 @@
coverage.out
.idea
/bin
/dist
/hugo
/node_modules
/assets
/ocis-settings-store
pkg/proto/v0/ocis-settings-store/

38
settings/.golangci.yml Normal file
View File

@@ -0,0 +1,38 @@
issues:
exclude-rules:
- path: pkg/proto/v0/settings.pb.go
text: "SA1019:"
linters:
- staticcheck
- path: pkg/store/filesystem/io.go
text: "SA1019:"
linters:
- staticcheck
# Exclude scopelint for tests files because of https://github.com/kyoh86/scopelint/issues/4
- path: _test\.go
linters:
- scopelint
linters:
enable:
- bodyclose
- deadcode
- errcheck
- gosimple
- govet
- ineffassign
- staticcheck
- structcheck
- typecheck
- unused
- varcheck
- depguard
- golint
- goimports
- unconvert
- scopelint
- maligned
- misspell
# - gocritic
- prealloc
#- gosec

258
settings/CHANGELOG.md Normal file
View File

@@ -0,0 +1,258 @@
# Changelog for [unreleased] (UNRELEASED)
The following sections list the changes in ocis-settings unreleased.
[unreleased]: https://github.com/owncloud/ocis-settings/compare/v0.3.1...master
## Summary
* Bugfix - Fix loading and saving system scoped values: [#66](https://github.com/owncloud/ocis-settings/pull/66)
* Bugfix - Complete input validation: [#66](https://github.com/owncloud/ocis-settings/pull/66)
* Change - Add filter option for bundle ids in ListBundles and ListRoles: [#59](https://github.com/owncloud/ocis-settings/pull/59)
* Change - Reuse roleIDs from the metadata context: [#69](https://github.com/owncloud/ocis-settings/pull/69)
* Change - Update ocis-pkg/v2: [#72](https://github.com/owncloud/ocis-settings/pull/72)
## Details
* Bugfix - Fix loading and saving system scoped values: [#66](https://github.com/owncloud/ocis-settings/pull/66)
We fixed loading and saving system scoped values. Those are now saved without an account uuid,
so that the value can be loaded by other accounts as well.
https://github.com/owncloud/ocis-settings/pull/66
* Bugfix - Complete input validation: [#66](https://github.com/owncloud/ocis-settings/pull/66)
There was one handler function without input validation. We implemented the input validation
for `ValueService.ReadValueByUniqueIdentifiers`.
https://github.com/owncloud/ocis-settings/pull/66
* Change - Add filter option for bundle ids in ListBundles and ListRoles: [#59](https://github.com/owncloud/ocis-settings/pull/59)
We added bundle ids as filter option for ListBundles and ListRoles and a new endpoint for
fetching a permission by ID.
https://github.com/owncloud/ocis-settings/pull/59
* Change - Reuse roleIDs from the metadata context: [#69](https://github.com/owncloud/ocis-settings/pull/69)
The roleIDs of the authenticated user are coming in from the metadata context. Since we decided
to move the role assignments over to the accounts service we need to start trusting those
roleIDs from the metadata context instead of reloading them from disk on each request.
https://github.com/owncloud/ocis-settings/pull/69
* Change - Update ocis-pkg/v2: [#72](https://github.com/owncloud/ocis-settings/pull/72)
The helper we used from ocis-pkg for extracting roleIDs from the metadata context has moved to
another package, so we needed to update as well.
https://github.com/owncloud/ocis-settings/pull/72
https://github.com/owncloud/ocis-pkg/pull/60
# Changelog for [0.3.1] (2020-08-27)
The following sections list the changes in ocis-settings 0.3.1.
[0.3.1]: https://github.com/owncloud/ocis-settings/compare/v0.3.0...v0.3.1
## Summary
* Bugfix - Fix fetching bundles in settings UI: [#61](https://github.com/owncloud/ocis-settings/pull/61)
## Details
* Bugfix - Fix fetching bundles in settings UI: [#61](https://github.com/owncloud/ocis-settings/pull/61)
We fixed the settings UI to use the changed API endpoint `BundleService.ListBundles`
properly.
https://github.com/owncloud/ocis-settings/pull/61
# Changelog for [0.3.0] (2020-08-26)
The following sections list the changes in ocis-settings 0.3.0.
[0.3.0]: https://github.com/owncloud/ocis-settings/compare/v0.2.0...v0.3.0
## Summary
* Change - Filter settings by permissions: [#99](https://github.com/owncloud/product/issues/99)
## Details
* Change - Filter settings by permissions: [#99](https://github.com/owncloud/product/issues/99)
`BundleService.GetBundle` and `BundleService.ListBundles` are now filtered by READ
permissions in the role of the authenticated user. This prevents settings from being visible
to the user when their role doesn't have appropriate permissions.
https://github.com/owncloud/product/issues/99
https://github.com/owncloud/ocis-settings/pull/48
# Changelog for [0.2.0] (2020-08-20)
The following sections list the changes in ocis-settings 0.2.0.
[0.2.0]: https://github.com/owncloud/ocis-settings/compare/v0.1.0...v0.2.0
## Summary
* Change - Add role service: [#110](https://github.com/owncloud/product/issues/110)
* Change - Rename endpoints and message types: [#36](https://github.com/owncloud/ocis-settings/issues/36)
* Change - Use UUIDs instead of alphanumeric identifiers: [#46](https://github.com/owncloud/ocis-settings/pull/46)
## Details
* Change - Add role service: [#110](https://github.com/owncloud/product/issues/110)
We added service endpoints for registering roles and maintaining permissions.
https://github.com/owncloud/product/issues/110
https://github.com/owncloud/ocis-settings/issues/10
https://github.com/owncloud/ocis-settings/pull/47
* Change - Rename endpoints and message types: [#36](https://github.com/owncloud/ocis-settings/issues/36)
We decided to rename endpoints and message types to be less verbose. Specifically,
`SettingsBundle` became `Bundle`, `Setting` (inside a bundle) kept its name and
`SettingsValue` became `Value`.
https://github.com/owncloud/ocis-settings/issues/36
https://github.com/owncloud/ocis-settings/issues/32
https://github.com/owncloud/ocis-settings/pull/46
* Change - Use UUIDs instead of alphanumeric identifiers: [#46](https://github.com/owncloud/ocis-settings/pull/46)
`Bundles`, `Settings` and `Values` were identified by a set of alphanumeric identifiers so
far. We switched to UUIDs in order to achieve a flat file hierarchy on disk. Referencing the
respective entities by their alphanumeric identifiers (as used in UI code) is still
supported.
https://github.com/owncloud/ocis-settings/pull/46
# Changelog for [0.1.0] (2020-08-17)
The following sections list the changes in ocis-settings 0.1.0.
[0.1.0]: https://github.com/owncloud/ocis-settings/compare/6fdbbd7e8eb39f18ada1a8a3c45a1c925e239889...v0.1.0
## Summary
* Bugfix - Adjust UUID validation to be more tolerant: [#41](https://github.com/owncloud/ocis-settings/issues/41)
* Bugfix - Fix runtime error when type asserting on nil value: [#38](https://github.com/owncloud/ocis-settings/pull/38)
* Bugfix - Fix multiple submits on string and number form elements: [#745](https://github.com/owncloud/owncloud-design-system/issues/745)
* Bugfix - Build docker images with alpine:latest instead of alpine:edge: [#39](https://github.com/owncloud/ocis-settings/pull/39)
* Change - Dynamically add navItems for extensions with settings bundles: [#25](https://github.com/owncloud/ocis-settings/pull/25)
* Change - Introduce input validation: [#22](https://github.com/owncloud/ocis-settings/pull/22)
* Change - Use account uuid from x-access-token: [#14](https://github.com/owncloud/ocis-settings/pull/14)
* Change - Use server config variable from ocis-web: [#34](https://github.com/owncloud/ocis-settings/pull/34)
* Enhancement - Remove paths from Makefile: [#33](https://github.com/owncloud/ocis-settings/pull/33)
* Enhancement - Extend the docs: [#11](https://github.com/owncloud/ocis-settings/issues/11)
* Enhancement - Update ocis-pkg/v2: [#42](https://github.com/owncloud/ocis-settings/pull/42)
## Details
* Bugfix - Adjust UUID validation to be more tolerant: [#41](https://github.com/owncloud/ocis-settings/issues/41)
The UUID now allows any alphanumeric character and "-", "_", ".", "+" and "@" which can also
allow regular user names.
https://github.com/owncloud/ocis-settings/issues/41
* Bugfix - Fix runtime error when type asserting on nil value: [#38](https://github.com/owncloud/ocis-settings/pull/38)
Fixed the case where an account UUID present in the context is nil, and type asserting it as a
string would produce a runtime error.
https://github.com/owncloud/ocis-settings/issues/37
https://github.com/owncloud/ocis-settings/pull/38
* Bugfix - Fix multiple submits on string and number form elements: [#745](https://github.com/owncloud/owncloud-design-system/issues/745)
We had a bug with keyboard event listeners triggering multiple submits on input fields. This
was recently fixed in the ownCloud design system (ODS). We rolled out that bugfix to the
settings ui as well.
https://github.com/owncloud/owncloud-design-system/issues/745
https://github.com/owncloud/owncloud-design-system/pull/768
https://github.com/owncloud/ocis-settings/pulls/31
* Bugfix - Build docker images with alpine:latest instead of alpine:edge: [#39](https://github.com/owncloud/ocis-settings/pull/39)
ARM builds were failing when built on alpine:edge, so we switched to alpine:latest instead.
https://github.com/owncloud/ocis-settings/pull/39
* Change - Dynamically add navItems for extensions with settings bundles: [#25](https://github.com/owncloud/ocis-settings/pull/25)
We now make use of a new feature in ocis-web-core, allowing us to add navItems not only through
configuration, but also after app initialization. With this we now have navItems available
for all extensions within the settings ui, that have at least one settings bundle registered.
https://github.com/owncloud/ocis-settings/pull/25
* Change - Introduce input validation: [#22](https://github.com/owncloud/ocis-settings/pull/22)
We set up input validation, starting with enforcing alphanumeric identifier values and UUID
format on account uuids. As a result, traversal into parent folders is not possible anymore. We
also made sure that get and list requests are side effect free, i.e. not creating any folders.
https://github.com/owncloud/ocis-settings/issues/15
https://github.com/owncloud/ocis-settings/issues/16
https://github.com/owncloud/ocis-settings/issues/19
https://github.com/owncloud/ocis-settings/pull/22
* Change - Use account uuid from x-access-token: [#14](https://github.com/owncloud/ocis-settings/pull/14)
We are now using an ocis-pkg middleware for extracting the account uuid of the authenticated
user from the `x-access-token` of the http request header and inject it into the Identifier
protobuf messages wherever possible. This allows us to use `me` instead of an actual account
uuid, when the request comes through the proxy.
https://github.com/owncloud/ocis-settings/pull/14
* Change - Use server config variable from ocis-web: [#34](https://github.com/owncloud/ocis-settings/pull/34)
We are not providing an api url anymore but use the server url from ocis-web config instead. This
still - as before - requires that ocis-proxy is in place for routing requests to ocis-settings.
https://github.com/owncloud/ocis-settings/pull/34
* Enhancement - Remove paths from Makefile: [#33](https://github.com/owncloud/ocis-settings/pull/33)
We have a variable for the proto files path in our Makefile, but were not using it. Changed the
Makefile to use the PROTO_SRC variable where possible.
https://github.com/owncloud/ocis-settings/pull/33
* Enhancement - Extend the docs: [#11](https://github.com/owncloud/ocis-settings/issues/11)
We have extended the documentation by adding a chapter about settings values.
https://github.com/owncloud/ocis-settings/issues/11
https://github.com/owncloud/ocis-settings/pulls/28
* Enhancement - Update ocis-pkg/v2: [#42](https://github.com/owncloud/ocis-settings/pull/42)
Update to ocis-pkg/v2 v2.2.2-0.20200812103920-db41b5a3d14d
https://github.com/owncloud/ocis-settings/pull/42

202
settings/LICENSE Normal file
View File

@@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

207
settings/Makefile Normal file
View File

@@ -0,0 +1,207 @@
SHELL := bash
NAME := ocis-settings
IMPORT := github.com/owncloud/$(NAME)
BIN := bin
DIST := dist
HUGO := hugo
PROTO_VERSION := v0
PROTO_SRC := pkg/proto/$(PROTO_VERSION)
ifeq ($(OS), Windows_NT)
EXECUTABLE := $(NAME).exe
UNAME := Windows
else
EXECUTABLE := $(NAME)
UNAME := $(shell uname -s)
endif
ifeq ($(UNAME), Darwin)
GOBUILD ?= go build -i
else
GOBUILD ?= go build
endif
PACKAGES ?= $(shell go list ./...)
SOURCES ?= $(shell find . -name "*.go" -type f -not -path "./node_modules/*")
GENERATE ?= $(PACKAGES)
FEATURE_PATH ?= "ui/tests/acceptance/features"
TAGS ?=
ifndef OUTPUT
ifneq ($(DRONE_TAG),)
OUTPUT ?= $(subst v,,$(DRONE_TAG))
else
OUTPUT ?= testing
endif
endif
ifndef VERSION
ifneq ($(DRONE_TAG),)
VERSION ?= $(subst v,,$(DRONE_TAG))
else
VERSION ?= $(shell git rev-parse --short HEAD)
endif
endif
ifndef DATE
DATE := $(shell date -u '+%Y%m%d')
endif
LDFLAGS += -s -w -X "$(IMPORT)/pkg/version.String=$(VERSION)" -X "$(IMPORT)/pkg/version.Date=$(DATE)"
DEBUG_LDFLAGS += -X "$(IMPORT)/pkg/version.String=$(VERSION)" -X "$(IMPORT)/pkg/version.Date=$(DATE)"
GCFLAGS += all=-N -l
.PHONY: all
all: build
.PHONY: sync
sync:
go mod download
.PHONY: clean
clean:
go clean -i ./...
rm -rf $(BIN) $(DIST) $(HUGO)
.PHONY: fmt
fmt:
gofmt -s -w $(SOURCES)
.PHONY: vet
vet:
go vet $(PACKAGES)
# .PHONY: staticcheck
# staticcheck:
# go run honnef.co/go/tools/cmd/staticcheck -tags '$(TAGS)' $(PACKAGES)
.PHONY: lint
lint:
for PKG in $(PACKAGES); do go run golang.org/x/lint/golint -set_exit_status $$PKG || exit 1; done;
.PHONY: generate
generate:
go generate $(GENERATE)
.PHONY: changelog
changelog:
go run github.com/restic/calens >| CHANGELOG.md
.PHONY: test
test:
go run github.com/haya14busa/goverage -v -coverprofile coverage.out $(PACKAGES)
.PHONY: install
install: $(SOURCES)
go install -v -tags '$(TAGS)' -ldflags '$(LDFLAGS)' ./cmd/$(NAME)
.PHONY: build
build: $(BIN)/$(EXECUTABLE) $(BIN)/$(EXECUTABLE)-debug
$(BIN)/$(EXECUTABLE): $(SOURCES)
$(GOBUILD) -v -tags '$(TAGS)' -ldflags '$(LDFLAGS)' -o $@ ./cmd/$(NAME)
$(BIN)/$(EXECUTABLE)-debug: $(SOURCES)
$(GOBUILD) -v -tags '$(TAGS)' -ldflags '$(DEBUG_LDFLAGS)' -gcflags '$(GCFLAGS)' -o $@ ./cmd/$(NAME)
.PHONY: release
release: release-dirs release-linux release-windows release-darwin release-copy release-check
.PHONY: release-dirs
release-dirs:
mkdir -p $(DIST)/binaries $(DIST)/release
.PHONY: release-linux
release-linux: release-dirs
go run github.com/mitchellh/gox -tags 'netgo $(TAGS)' -ldflags '-extldflags "-static" $(LDFLAGS)' -os 'linux' -arch 'amd64 386 arm64 arm' -output '$(DIST)/binaries/$(EXECUTABLE)-$(OUTPUT)-{{.OS}}-{{.Arch}}' ./cmd/$(NAME)
.PHONY: release-windows
release-windows: release-dirs
go run github.com/mitchellh/gox -tags 'netgo $(TAGS)' -ldflags '-extldflags "-static" $(LDFLAGS)' -os 'windows' -arch 'amd64' -output '$(DIST)/binaries/$(EXECUTABLE)-$(OUTPUT)-{{.OS}}-{{.Arch}}' ./cmd/$(NAME)
.PHONY: release-darwin
release-darwin: release-dirs
go run github.com/mitchellh/gox -tags 'netgo $(TAGS)' -ldflags '$(LDFLAGS)' -os 'darwin' -arch 'amd64' -output '$(DIST)/binaries/$(EXECUTABLE)-$(OUTPUT)-{{.OS}}-{{.Arch}}' ./cmd/$(NAME)
.PHONY: release-copy
release-copy:
$(foreach file,$(wildcard $(DIST)/binaries/$(EXECUTABLE)-*),cp $(file) $(DIST)/release/$(notdir $(file));)
.PHONY: release-check
release-check:
cd $(DIST)/release; $(foreach file,$(wildcard $(DIST)/release/$(EXECUTABLE)-*),sha256sum $(notdir $(file)) > $(notdir $(file)).sha256;)
.PHONY: release-finish
release-finish: release-copy release-check
.PHONY: test-acceptance-webui
test-acceptance-webui:
./ui/tests/run-acceptance-test.sh $(FEATURE_PATH)
.PHONY: docs-copy
docs-copy:
mkdir -p $(HUGO); \
mkdir -p $(HUGO)/content/extensions; \
cd $(HUGO); \
git init; \
git remote rm origin; \
git remote add origin https://github.com/owncloud/owncloud.github.io; \
git fetch; \
git checkout origin/source -f; \
rsync --delete -ax ../docs/ content/extensions/$(NAME)
.PHONY: docs-build
docs-build:
cd $(HUGO); hugo
.PHONY: docs
docs: docs-copy docs-build
.PHONY: watch
watch:
go run github.com/cespare/reflex -c reflex.conf
$(GOPATH)/bin/protoc-gen-go:
GO111MODULE=off go get -v github.com/golang/protobuf/protoc-gen-go
$(GOPATH)/bin/protoc-gen-micro:
GO111MODULE=on go get -v github.com/micro/protoc-gen-micro/v2
$(GOPATH)/bin/protoc-gen-microweb:
GO111MODULE=off go get -v github.com/owncloud/protoc-gen-microweb
$(GOPATH)/bin/protoc-gen-swagger:
GO111MODULE=off go get -v github.com/grpc-ecosystem/grpc-gateway/protoc-gen-swagger
$(PROTO_SRC)/settings.pb.go: $(PROTO_SRC)/settings.proto
protoc \
--plugin=protoc-gen-go=$(GOPATH)/bin/protoc-gen-go \
-I=third_party/ \
-I=$(PROTO_SRC)/ \
--go_out=. settings.proto
$(PROTO_SRC)/settings.pb.micro.go: $(PROTO_SRC)/settings.proto
protoc \
--plugin=protoc-gen-micro=$(GOPATH)/bin/protoc-gen-micro \
-I=third_party/ \
-I=$(PROTO_SRC)/ \
--micro_out=. settings.proto
$(PROTO_SRC)/settings.pb.web.go: $(PROTO_SRC)/settings.proto
protoc \
--plugin=protoc-gen-microweb=$(GOPATH)/bin/protoc-gen-microweb \
-I=third_party/ \
-I=$(PROTO_SRC)/ \
--microweb_out=. settings.proto
$(PROTO_SRC)/settings.swagger.json: $(PROTO_SRC)/settings.proto
protoc \
--plugin=protoc-gen-swagger=$(GOPATH)/bin/protoc-gen-swagger \
-I=third_party/ \
-I=$(PROTO_SRC)/ \
--swagger_out=$(PROTO_SRC) settings.proto
.PHONY: protobuf
protobuf: $(GOPATH)/bin/protoc-gen-go $(GOPATH)/bin/protoc-gen-micro $(GOPATH)/bin/protoc-gen-microweb $(GOPATH)/bin/protoc-gen-swagger \
$(PROTO_SRC)/settings.pb.go $(PROTO_SRC)/settings.pb.micro.go $(PROTO_SRC)/settings.pb.web.go $(PROTO_SRC)/settings.swagger.json

44
settings/README.md Normal file
View File

@@ -0,0 +1,44 @@
# ownCloud Infinite Scale: SETTINGS
[![Build Status](https://cloud.drone.io/api/badges/owncloud/ocis-settings/status.svg)](https://cloud.drone.io/owncloud/ocis-settings)
[![Codacy Badge](https://api.codacy.com/project/badge/Grade/4383f209aa904572b415ef5a8f9e379f)](https://www.codacy.com/gh/owncloud/ocis-settings?utm_source=github.com&utm_medium=referral&utm_content=owncloud/ocis-settings&utm_campaign=Badge_Grade)
[![Go Doc](https://godoc.org/github.com/owncloud/ocis-settings?status.svg)](http://godoc.org/github.com/owncloud/ocis-settings)
[![Go Report Card](https://goreportcard.com/badge/github.com/owncloud/ocis-settings)](https://goreportcard.com/report/github.com/owncloud/ocis-settings)
[![](https://images.microbadger.com/badges/image/owncloud/ocis-settings.svg)](https://microbadger.com/images/owncloud/ocis-settings "Get your own image badge on microbadger.com")
**This project is under heavy development, it's not in a working state yet!**
## Install
You can download prebuilt binaries from the GitHub releases or from our [download mirrors](http://download.owncloud.com/ocis/settings/). For instructions how to install this on your platform you should take a look at our [documentation](https://owncloud.github.io/extensions/ocis_settings/)
## Development
Make sure you have a working Go environment, for further reference or a guide take a look at the [install instructions](http://golang.org/doc/install.html). This project requires Go >= v1.13.
```console
git clone https://github.com/owncloud/ocis-settings.git
cd ocis-settings
make generate build
./bin/ocis-settings -h
```
## Security
If you find a security issue please contact security@owncloud.com first.
## Contributing
Fork -> Patch -> Push -> Pull Request
## License
Apache-2.0
## Copyright
```console
Copyright (c) 2020 ownCloud GmbH <https://owncloud.com>
```

25
settings/babel.config.js Normal file
View File

@@ -0,0 +1,25 @@
module.exports = function (api) {
api.cache(true)
const presets = [
[
'@babel/preset-env',
{
useBuiltIns: 'usage',
corejs: '3'
}
]
]
const plugins = [
'@babel/plugin-syntax-dynamic-import',
'@babel/plugin-proposal-class-properties',
'@babel/plugin-proposal-object-rest-spread',
'@babel/plugin-transform-runtime',
'@babel/plugin-proposal-export-default-from'
]
return {
presets,
plugins
}
}

6
settings/changelog/0.1.0_2020-08-17/adjust-uuid-validation.md Normal file
View File

@@ -0,0 +1,6 @@
Bugfix: Adjust UUID validation to be more tolerant
The UUID now allows any alphanumeric character and "-", "_", ".", "+" and "@" which
can also allow regular user names.
https://github.com/owncloud/ocis-settings/issues/41

6
settings/changelog/0.1.0_2020-08-17/cleanup-makefile.md Normal file
View File

@@ -0,0 +1,6 @@
Enhancement: Remove paths from Makefile
We have a variable for the proto files path in our Makefile, but were not using
it. Changed the Makefile to use the PROTO_SRC variable where possible.
https://github.com/owncloud/ocis-settings/pull/33

6
settings/changelog/0.1.0_2020-08-17/docs.md Normal file
View File

@@ -0,0 +1,6 @@
Enhancement: Extend the docs
We have extended the documentation by adding a chapter about settings values.
https://github.com/owncloud/ocis-settings/issues/11
https://github.com/owncloud/ocis-settings/pulls/28

8
settings/changelog/0.1.0_2020-08-17/dynamic-nav-items.md Normal file
View File

@@ -0,0 +1,8 @@
Change: Dynamically add navItems for extensions with settings bundles
We now make use of a new feature in ocis-web-core, allowing us to add
navItems not only through configuration, but also after app initialization.
With this we now have navItems available for all extensions within the
settings ui, that have at least one settings bundle registered.
https://github.com/owncloud/ocis-settings/pull/25

6
settings/changelog/0.1.0_2020-08-17/hardening-type-assertion.md Normal file
View File

@@ -0,0 +1,6 @@
Bugfix: Fix runtime error when type asserting on nil value
Fixed the case where an account UUID present in the context is nil, and type asserting it as a string would produce a runtime error.
https://github.com/owncloud/ocis-settings/pull/38
https://github.com/owncloud/ocis-settings/issues/37

10
settings/changelog/0.1.0_2020-08-17/input-validation.md Normal file
View File

@@ -0,0 +1,10 @@
Change: Introduce input validation
We set up input validation, starting with enforcing alphanumeric identifier values and UUID
format on account uuids. As a result, traversal into parent folders is not possible anymore.
We also made sure that get and list requests are side effect free, i.e. not creating any folders.
https://github.com/owncloud/ocis-settings/pull/22
https://github.com/owncloud/ocis-settings/issues/15
https://github.com/owncloud/ocis-settings/issues/16
https://github.com/owncloud/ocis-settings/issues/19

5
settings/changelog/0.1.0_2020-08-17/update-pkg2.md Normal file
View File

@@ -0,0 +1,5 @@
Enhancement: Update ocis-pkg/v2
Update to ocis-pkg/v2 v2.2.2-0.20200812103920-db41b5a3d14d
https://github.com/owncloud/ocis-settings/pull/42

9
settings/changelog/0.1.0_2020-08-17/upgrade-ods.md Normal file
View File

@@ -0,0 +1,9 @@
Bugfix: Fix multiple submits on string and number form elements
We had a bug with keyboard event listeners triggering multiple submits on input fields.
This was recently fixed in the ownCloud design system (ODS). We rolled out that bugfix
to the settings ui as well.
https://github.com/owncloud/owncloud-design-system/issues/745
https://github.com/owncloud/owncloud-design-system/pull/768
https://github.com/owncloud/ocis-settings/pulls/31

8
settings/changelog/0.1.0_2020-08-17/use-access-token.md Normal file
View File

@@ -0,0 +1,8 @@
Change: Use account uuid from x-access-token
We are now using an ocis-pkg middleware for extracting the account uuid of the
authenticated user from the `x-access-token` of the http request header and inject
it into the Identifier protobuf messages wherever possible. This allows us to use
`me` instead of an actual account uuid, when the request comes through the proxy.
https://github.com/owncloud/ocis-settings/pull/14

5
settings/changelog/0.1.0_2020-08-17/use-alpine-latest.md Normal file
View File

@@ -0,0 +1,5 @@
Bugfix: build docker images with alpine:latest instead of alpine:edge
ARM builds were failing when built on alpine:edge, so we switched to alpine:latest instead.
https://github.com/owncloud/ocis-settings/pull/39

5
settings/changelog/0.1.0_2020-08-17/use-server-config.md Normal file
View File

@@ -0,0 +1,5 @@
Change: Use server config variable from ocis-web
We are not providing an api url anymore but use the server url from ocis-web config instead. This still - as before - requires that ocis-proxy is in place for routing requests to ocis-settings.
https://github.com/owncloud/ocis-settings/pull/34

7
settings/changelog/0.2.0_2020-08-20/add-role-service.md Normal file
View File

@@ -0,0 +1,7 @@
Change: Add role service
We added service endpoints for registering roles and maintaining permissions.
https://github.com/owncloud/product/issues/110
https://github.com/owncloud/ocis-settings/issues/10
https://github.com/owncloud/ocis-settings/pull/47

8
settings/changelog/0.2.0_2020-08-20/refactor-naming.md Normal file
View File

@@ -0,0 +1,8 @@
Change: Rename endpoints and message types
We decided to rename endpoints and message types to be less verbose. Specifically, `SettingsBundle` became `Bundle`,
`Setting` (inside a bundle) kept its name and `SettingsValue` became `Value`.
https://github.com/owncloud/ocis-settings/issues/36
https://github.com/owncloud/ocis-settings/issues/32
https://github.com/owncloud/ocis-settings/pull/46

7
settings/changelog/0.2.0_2020-08-20/switch-to-uuids.md Normal file
View File

@@ -0,0 +1,7 @@
Change: Use UUIDs instead of alphanumeric identifiers
`Bundles`, `Settings` and `Values` were identified by a set of alphanumeric identifiers so far. We switched to UUIDs
in order to achieve a flat file hierarchy on disk. Referencing the respective entities by their alphanumeric
identifiers (as used in UI code) is still supported.
https://github.com/owncloud/ocis-settings/pull/46

6
settings/changelog/0.3.0_2020-08-26/filter-settings.md Normal file
View File

@@ -0,0 +1,6 @@
Change: Filter settings by permissions
`BundleService.GetBundle` and `BundleService.ListBundles` are now filtered by READ permissions in the role of the authenticated user. This prevents settings from being visible to the user when their role doesn't have appropriate permissions.
https://github.com/owncloud/product/issues/99
https://github.com/owncloud/ocis-settings/pull/48

6
settings/changelog/0.3.1_2020-08-27/fix-fetching-bundles.md Normal file
View File

@@ -0,0 +1,6 @@
Bugfix: Fix fetching bundles in settings UI
We fixed the settings UI to use the changed API endpoint `BundleService.ListBundles` properly.
https://github.com/owncloud/ocis-settings/pull/61

53
settings/changelog/CHANGELOG.tmpl Normal file
View File

@@ -0,0 +1,53 @@
{{ $allVersions := . }}
{{- range $index, $changes := . }}{{ with $changes -}}
{{ if gt (len $allVersions) 1 -}}
# Changelog for [{{ .Version }}] ({{ .Date }})
The following sections list the changes in ocis-settings {{ .Version }}.
{{/* creating version compare links */ -}}
{{ $next := add1 $index -}}
{{ if ne (len $allVersions) $next -}}
{{ $previousVersion := (index $allVersions $next).Version -}}
{{ if eq .Version "unreleased" -}}
[{{ .Version }}]: https://github.com/owncloud/ocis-settings/compare/v{{ $previousVersion }}...master
{{ else -}}
[{{ .Version }}]: https://github.com/owncloud/ocis-settings/compare/v{{ $previousVersion }}...v{{ .Version }}
{{ end -}}
{{ end -}}
{{- /* last version managed by calens, end of the loop */ -}}
{{ if eq .Version "0.1.0" -}}
[{{ .Version }}]: https://github.com/owncloud/ocis-settings/compare/6fdbbd7e8eb39f18ada1a8a3c45a1c925e239889...v{{ .Version }}
{{ end -}}
{{ else -}}
# Changes in {{ .Version }}
{{ end -}}
## Summary
{{ range $entry := .Entries }}{{ with $entry }}
* {{ .Type }} - {{ .Title }}: [#{{ .PrimaryID }}]({{ .PrimaryURL }})
{{- end }}{{ end }}
## Details
{{ range $entry := .Entries }}{{ with $entry }}
* {{ .Type }} - {{ .Title }}: [#{{ .PrimaryID }}]({{ .PrimaryURL }})
{{ range $par := .Paragraphs }}
{{ wrapIndent $par 80 3 }}
{{ end -}}
{{ range $url := .IssueURLs }}
{{ $url -}}
{{ end -}}
{{ range $url := .PRURLs }}
{{ $url -}}
{{ end -}}
{{ range $url := .OtherURLs }}
{{ $url -}}
{{ end }}
{{ end }}{{ end -}}
{{ end }}{{ end -}}

6
settings/changelog/README.md Normal file
View File

@@ -0,0 +1,6 @@
# Changelog
We are using [calens](https://github.com/restic/calens) to properly generate a
changelog before we are tagging a new release. To get an idea how this could
look like <https://github.com/restic/restic/tree/master/changelog> would be the
best reference.

11
settings/changelog/TEMPLATE Normal file
View File

@@ -0,0 +1,11 @@
Bugfix: Fix behavior for foobar (in present tense)
We've fixed the behavior for foobar, a long-standing annoyance for users. The
text should be wrapped at 80 characters length.
The text in the paragraphs is written in past tense. The last section is a list
of issue URLs, PR URLs and other URLs. The first issue ID (or the first PR ID,
in case there aren't any issue links) is used as the primary ID.
https://github.com/owncloud/ocis-settings/issues/1234
https://github.com/owncloud/ocis-settings/pull/55555

0
settings/changelog/unreleased/.keep Normal file
View File

6
settings/changelog/unreleased/add-endpoint-permissions.md Normal file
View File

@@ -0,0 +1,6 @@
Change: Add filter option for bundle ids in ListBundles and ListRoles
We added bundle ids as filter option for ListBundles and ListRoles and a new endpoint for fetching a permission by ID.
https://github.com/owncloud/ocis-settings/pull/59

7
settings/changelog/unreleased/fix-system-scope-values.md Normal file
View File

@@ -0,0 +1,7 @@
Bugfix: Fix loading and saving system scoped values
We fixed loading and saving system scoped values. Those are now saved without an account uuid, so that the value
can be loaded by other accounts as well.
https://github.com/owncloud/ocis-settings/pull/66

6
settings/changelog/unreleased/input-validation.md Normal file
View File

@@ -0,0 +1,6 @@
Bugfix: Complete input validation
There was one handler function without input validation. We implemented the input validation for `ValueService.ReadValueByUniqueIdentifiers`.
https://github.com/owncloud/ocis-settings/pull/66

6
settings/changelog/unreleased/role-ids-from-context.md Normal file
View File

@@ -0,0 +1,6 @@
Change: Reuse roleIDs from the metadata context
The roleIDs of the authenticated user are coming in from the metadata context. Since we decided to move the role assignments over to the accounts service we need to start trusting those roleIDs from the metadata context instead of reloading them from disk on each request.
https://github.com/owncloud/ocis-settings/pull/69

7
settings/changelog/unreleased/roleids-helper-moved-package.md Normal file
View File

@@ -0,0 +1,7 @@
Change: Update ocis-pkg/v2
The helper we used from ocis-pkg for extracting roleIDs from the metadata context has moved to another package, so we needed
to update as well.
https://github.com/owncloud/ocis-settings/pull/72
https://github.com/owncloud/ocis-pkg/pull/60

13
settings/cmd/ocis-settings/main.go Normal file
View File

@@ -0,0 +1,13 @@
package main
import (
"os"
"github.com/owncloud/ocis-settings/pkg/command"
)
func main() {
if err := command.Execute(); err != nil {
os.Exit(1)
}
}

18
settings/config/example.json Normal file
View File

@@ -0,0 +1,18 @@
{
"debug": {
"addr": "0.0.0.0:9194",
"token": "",
"pprof": false,
"zpages": false
},
"http": {
"addr": "0.0.0.0:9190"
},
"tracing": {
"enabled": false,
"type": "jaeger",
"endpoint": "localhost:6831",
"collector": "http://localhost:14268/api/traces",
"service": "settings"
}
}

18
settings/config/example.yml Normal file
View File

@@ -0,0 +1,18 @@
---
debug:
addr: 0.0.0.0:9194
token:
pprof: false
zpages: false
http:
addr: 0.0.0.0:9190
tracing:
enabled: false
type: jaeger
endpoint: localhost:6831
collector: http://localhost:14268/api/traces
service: settings
...

19
settings/docker/Dockerfile.linux.amd64 Normal file
View File

@@ -0,0 +1,19 @@
FROM amd64/alpine:latest
RUN apk update && \
apk upgrade && \
apk add ca-certificates mailcap && \
rm -rf /var/cache/apk/* && \
echo 'hosts: files dns' >| /etc/nsswitch.conf
LABEL maintainer="ownCloud GmbH <devops@owncloud.com>" \
org.label-schema.name="oCIS Settings" \
org.label-schema.vendor="ownCloud GmbH" \
org.label-schema.schema-version="1.0"
EXPOSE 9190 9194
ENTRYPOINT ["/usr/bin/ocis-settings"]
CMD ["server"]
COPY bin/ocis-settings /usr/bin/ocis-settings

19
settings/docker/Dockerfile.linux.arm Normal file
View File

@@ -0,0 +1,19 @@
FROM arm32v6/alpine:latest
RUN apk update && \
apk upgrade && \
apk add ca-certificates mailcap && \
rm -rf /var/cache/apk/* && \
echo 'hosts: files dns' >| /etc/nsswitch.conf
LABEL maintainer="ownCloud GmbH <devops@owncloud.com>" \
org.label-schema.name="oCIS Settings" \
org.label-schema.vendor="ownCloud GmbH" \
org.label-schema.schema-version="1.0"
EXPOSE 9190 9194
ENTRYPOINT ["/usr/bin/ocis-settings"]
CMD ["server"]
COPY bin/ocis-settings /usr/bin/ocis-settings

19
settings/docker/Dockerfile.linux.arm64 Normal file
View File

@@ -0,0 +1,19 @@
FROM arm64v8/alpine:latest
RUN apk update && \
apk upgrade && \
apk add ca-certificates mailcap && \
rm -rf /var/cache/apk/* && \
echo 'hosts: files dns' >| /etc/nsswitch.conf
LABEL maintainer="ownCloud GmbH <devops@owncloud.com>" \
org.label-schema.name="oCIS Settings" \
org.label-schema.vendor="ownCloud GmbH" \
org.label-schema.schema-version="1.0"
EXPOSE 9190 9194
ENTRYPOINT ["/usr/bin/ocis-settings"]
CMD ["server"]
COPY bin/ocis-settings /usr/bin/ocis-settings

22
settings/docker/manifest.tmpl Normal file
View File

@@ -0,0 +1,22 @@
image: owncloud/ocis-settings:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
{{#if build.tags}}
tags:
{{#each build.tags}}
- {{this}}
{{/each}}
{{/if}}
manifests:
- image: owncloud/ocis-settings:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
platform:
architecture: amd64
os: linux
- image: owncloud/ocis-settings:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
platform:
architecture: arm64
variant: v8
os: linux
- image: owncloud/ocis-settings:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
platform:
architecture: arm
variant: v6
os: linux

46
settings/docs/_index.md Normal file
View File

@@ -0,0 +1,46 @@
---
title: "Settings"
date: 2018-05-02T00:00:00+00:00
weight: 10
geekdocRepo: https://github.com/owncloud/ocis-settings
geekdocEditPath: edit/master/docs
geekdocFilePath: _index.md
---
## Abstract
When using oCIS, the requirement to store settings arises. This extension provides functionality
for other extensions to register new settings within oCIS. It is responsible for storing the respective
settings values as well.
For ease of use, this extension provides an ocis-web extension which allows users to change their settings values.
Please refer to the [ocis-web extension docs](https://owncloud.github.io/ocis/extensions/#external-phoenix-apps)
for running ocis-web extensions.
{{< mermaid class="text-center">}}
graph TD
subgraph ow[ocis-web]
ows[ocis-web-settings]
owc[ocis-web-core]
end
ows ---|"listSettingsBundles(),<br>saveSettingsValue(value)"| os[ocis-settings]
owc ---|"listSettingsValues()"| sdk[oC SDK]
sdk --- sdks{ocis-settings<br>available?}
sdks ---|"yes"| os
sdks ---|"no"| defaults[Use set of<br>default values]
oa[oCIS extensions<br>e.g. ocis-accounts] ---|"saveSettingsBundle(bundle)"| os
{{< /mermaid >}}
The diagram shows how the settings service integrates into oCIS:
**Settings management:**
- oCIS extensions can register *settings bundles* with the ocis-settings service.
- The settings frontend can be plugged into ocis-web, showing forms for changing *settings values* as a user.
The forms are generated from the registered *settings bundles*.
**Settings usage:**
- Extensions can query ocis-settings for *settings values* of a user.
- The ownCloud SDK, used as a data abstraction layer for ocis-web, will query ocis-settings for *settings values* of a user,
if it's available. The SDK uses sensible defaults when ocis-settings is not part of the setup.
For compatibility with ownCloud 10, a migration of ownCloud 10 settings into the storage of ocis-settings will be available.

28
settings/docs/building.md Normal file
View File

@@ -0,0 +1,28 @@
---
title: "Building"
date: 2018-05-02T00:00:00+00:00
weight: 30
geekdocRepo: https://github.com/owncloud/ocis-settings
geekdocEditPath: edit/master/docs
geekdocFilePath: building.md
---
{{< toc >}}
As this project is built with Go, so you need to install that first. The installation of Go is out of the scope of this document, please follow the official documentation for [Go](https://golang.org/doc/install), to build this project you have to install Go >= v1.12. After the installation of the required tools you need to get the sources:
{{< highlight txt >}}
git clone https://github.com/owncloud/ocis-settings.git
cd ocis-settings
{{< / highlight >}}
All required tool besides Go itself and make are bundled or getting automatically installed within the `GOPATH`. All commands to build this project are part of our `Makefile`.
## Backend
{{< highlight txt >}}
make generate
make build
{{< / highlight >}}
Finally you should have the binary within the `bin/` folder now, give it a try with `./bin/ocis-settings -h` to see all available options.

75
settings/docs/bundles.md Normal file
View File

@@ -0,0 +1,75 @@
---
title: "Settings Bundles"
date: 2020-05-04T00:00:00+00:00
weight: 50
geekdocRepo: https://github.com/owncloud/ocis-settings
geekdocEditPath: edit/master/docs
geekdocFilePath: bundles.md
---
A **Settings Bundle** is a collection of settings, uniquely identified by the key of the
extension registering the bundle and the key of the bundle itself. It's purpose is to let
oCIS extensions define settings and make them available to users. They are dynamically
rendered into forms, available in the frontend.
As of now we support five different types of settings:
- boolean
- integer
- string
- single choice list of integers or strings
- multiple choice list of integers or strings
Each **Setting** is uniquely identified by a key within the bundle. Some attributes
depend on the chosen type of setting. Through the information provided with the
attributes of the setting, the settings frontend dynamically renders form elements,
allowing users to change their settings individually.
## Example
```json
{
"identifier": {
"extension": "ocis-accounts",
"bundleKey": "profile"
},
"displayName": "Profile",
"settings": [
{
"settingKey": "lastname",
"displayName": "Lastname",
"description": "Input for lastname",
"stringValue": {
"placeholder": "Set lastname"
}
},
{
"settingKey": "age",
"displayName": "Age",
"description": "Input for age",
"intValue": {
"min": "16",
"max": "200",
"step": "2",
"placeholder": "Set age"
}
},
{
"settingKey": "timezone",
"displayName": "Timezone",
"description": "User timezone",
"singleChoiceValue": {
"options": [
{
"stringValue": "Europe/Berlin",
"displayValue": "Europe/Berlin"
},
{
"stringValue": "Asia/Kathmandu",
"displayValue": "Asia/Kathmandu"
}
]
}
}
]
}
```

272
settings/docs/getting-started.md Normal file
View File

@@ -0,0 +1,272 @@
---
title: "Getting Started"
date: 2018-05-02T00:00:00+00:00
weight: 25
geekdocRepo: https://github.com/owncloud/ocis-settings
geekdocEditPath: edit/master/docs
geekdocFilePath: getting-started.md
---
{{< toc >}}
## Installation
So far we are offering two different variants for the installation. You can choose between [Docker](https://www.docker.com/) or pre-built binaries which are stored on our download mirrors and GitHub releases. Maybe we will also provide system packages for the major distributions later if we see the need for it.
### Docker
TBD
### Binaries
TBD
## Configuration
We provide overall three different variants of configuration. The variant based on environment variables and commandline flags are split up into global values and command-specific values.
### Envrionment variables
If you prefer to configure the service with environment variables you can see the available variables below.
#### Global
SETTINGS_CONFIG_FILE
: Path to config file, empty default value
SETTINGS_LOG_LEVEL
: Set logging level, defaults to `info`
SETTINGS_LOG_COLOR
: Enable colored logging, defaults to `true`
SETTINGS_LOG_PRETTY
: Enable pretty logging, defaults to `true`
#### Server
SETTINGS_TRACING_ENABLED
: Enable sending traces, defaults to `false`
SETTINGS_TRACING_TYPE
: Tracing backend type, defaults to `jaeger`
SETTINGS_TRACING_ENDPOINT
: Endpoint for the agent, empty default value
SETTINGS_TRACING_COLLECTOR
: Endpoint for the collector, empty default value
SETTINGS_TRACING_SERVICE
: Service name for tracing, defaults to `settings`
SETTINGS_DEBUG_ADDR
: Address to bind debug server, defaults to `0.0.0.0:9194`
SETTINGS_DEBUG_TOKEN
: Token to grant metrics access, empty default value
SETTINGS_DEBUG_PPROF
: Enable pprof debugging, defaults to `false`
SETTINGS_DEBUG_ZPAGES
: Enable zpages debugging, defaults to `false`
SETTINGS_HTTP_ADDR
: Address to bind http server, defaults to `0.0.0.0:9190`
SETTINGS_HTTP_NAMESPACE
: The http namespace
SETTINGS_HTTP_ROOT
: Root path of http server, defaults to `/`
#### Health
SETTINGS_DEBUG_ADDR
: Address to debug endpoint, defaults to `0.0.0.0:9194`
### Commandline flags
If you prefer to configure the service with commandline flags you can see the available variables below.
#### Global
--config-file
: Path to config file, empty default value
--log-level
: Set logging level, defaults to `info`
--log-color
: Enable colored logging, defaults to `true`
--log-pretty
: Enable pretty logging, defaults to `true`
#### Server
--tracing-enabled
: Enable sending traces, defaults to `false`
--tracing-type
: Tracing backend type, defaults to `jaeger`
--tracing-endpoint
: Endpoint for the agent, empty default value
--tracing-collector
: Endpoint for the collector, empty default value
--tracing-service
: Service name for tracing, defaults to `settings`
--debug-addr
: Address to bind debug server, defaults to `0.0.0.0:9194`
--debug-token
: Token to grant metrics access, empty default value
--debug-pprof
: Enable pprof debugging, defaults to `false`
--debug-zpages
: Enable zpages debugging, defaults to `false`
--http-addr
: Address to bind http server, defaults to `0.0.0.0:9190`
--http-namespace
: Namespace for internal services communication, defaults to `com.owncloud.web`
--http-root
: Root path of http server, defaults to `/`
#### Health
--debug-addr
: Address to debug endpoint, defaults to `0.0.0.0:9194`
### Configuration file
So far we support the file formats `JSON` and `YAML`, if you want to get a full example configuration just take a look at [our repository](https://github.com/owncloud/ocis-settings/tree/master/config), there you can always see the latest configuration format. These example configurations include all available options and the default values. The configuration file will be automatically loaded if it's placed at `/etc/ocis/settings.yml`, `${HOME}/.ocis/settings.yml` or `$(pwd)/config/settings.yml`.
## Usage
The program provides a few sub-commands on execution. The available configuration methods have already been mentioned above. Generally you can always see a formated help output if you execute the binary via `ocis-settings --help`.
### Server
The server command is used to start the http and debug server on two addresses within a single process. The http server is serving the general webservice while the debug server is used for health check, readiness check and to server the metrics mentioned below. For further help please execute:
{{< highlight txt >}}
ocis-settings server --help
{{< / highlight >}}
### Health
The health command is used to execute a health check, if the exit code equals zero the service should be up and running, if the exist code is greater than zero the service is not in a healthy state. Generally this command is used within our Docker containers, it could also be used within Kubernetes.
{{< highlight txt >}}
ocis-settings health --help
{{< / highlight >}}
## Metrics
This service provides some [Prometheus](https://prometheus.io/) metrics through the debug endpoint, you can optionally secure the metrics endpoint by some random token, which got to be configured through one of the flag `--debug-token` or the environment variable `SETTINGS_DEBUG_TOKEN` mentioned above. By default the metrics endpoint is bound to `http://0.0.0.0:9194/metrics`.
go_gc_duration_seconds
: A summary of the GC invocation durations
go_gc_duration_seconds_sum
: A summary of the GC invocation durations
go_gc_duration_seconds_count
: A summary of the GC invocation durations
go_goroutines
: Number of goroutines that currently exist
go_info
: Information about the Go environment
go_memstats_alloc_bytes
: Number of bytes allocated and still in use
go_memstats_alloc_bytes_total
: Total number of bytes allocated, even if freed
go_memstats_buck_hash_sys_bytes
: Number of bytes used by the profiling bucket hash table
go_memstats_frees_total
: Total number of frees
go_memstats_gc_cpu_fraction
: The fraction of this program's available CPU time used by the GC since the program started
go_memstats_gc_sys_bytes
: Number of bytes used for garbage collection system metadata
go_memstats_heap_alloc_bytes
: Number of heap bytes allocated and still in use
go_memstats_heap_idle_bytes
: Number of heap bytes waiting to be used
go_memstats_heap_inuse_bytes
: Number of heap bytes that are in use
go_memstats_heap_objects
: Number of allocated objects
go_memstats_heap_released_bytes
: Number of heap bytes released to OS
go_memstats_heap_sys_bytes
: Number of heap bytes obtained from system
go_memstats_last_gc_time_seconds
: Number of seconds since 1970 of last garbage collection
go_memstats_lookups_total
: Total number of pointer lookups
go_memstats_mallocs_total
: Total number of mallocs
go_memstats_mcache_inuse_bytes
: Number of bytes in use by mcache structures
go_memstats_mcache_sys_bytes
: Number of bytes used for mcache structures obtained from system
go_memstats_mspan_inuse_bytes
: Number of bytes in use by mspan structures
go_memstats_mspan_sys_bytes
: Number of bytes used for mspan structures obtained from system
go_memstats_next_gc_bytes
: Number of heap bytes when next garbage collection will take place
go_memstats_other_sys_bytes
: Number of bytes used for other system allocations
go_memstats_stack_inuse_bytes
: Number of bytes in use by the stack allocator
go_memstats_stack_sys_bytes
: Number of bytes obtained from system for stack allocator
go_memstats_sys_bytes
: Number of bytes obtained from system
go_threads
: Number of OS threads created
promhttp_metric_handler_requests_in_flight
: Current number of scrapes being served
promhttp_metric_handler_requests_total
: Total number of scrapes by HTTP status code

42
settings/docs/glossary.md Normal file
View File

@@ -0,0 +1,42 @@
---
title: "Glossary"
date: 2020-05-04T12:35:00+01:00
weight: 80
geekdocRepo: https://github.com/owncloud/ocis-settings
geekdocEditPath: edit/master/docs
geekdocFilePath: glossary.md
---
In the context of this extension and oCIS in general, we are using the following terminology.
### Configuration
- System configuration
- e.g. service host names and ports
- Changes need to be propagated to other services
- Typically modified on the CLI
### Settings
- Application level settings
- e.g. default language
- Can be modified at runtime without restarting the service
- Typically modified in the UI
### Preferences
- User settings
- Subset of "Settings"
- e.g. preferred language of a user
### Settings Bundle
- Collection of related settings
- Registered by an ocis extension
### Settings Value
- Manifestation of a setting for a specific user
- E.g. used for customization (at runtime) in `ocis-web`
- `ocis-web-settings` extension for modifying settings values is provided by this service
- Can be queried and modified by other ocis extensions

10
settings/docs/license.md Normal file
View File

@@ -0,0 +1,10 @@
---
title: "License"
date: 2018-05-02T00:00:00+00:00
weight: 90
geekdocRepo: https://github.com/owncloud/ocis-settings
geekdocEditPath: edit/master/docs
geekdocFilePath: license.md
---
This project is licensed under the [Apache 2.0](https://github.com/owncloud/ocis-settings/blob/master/LICENSE) license. For the license of the used libraries you have to check the respective sources.

75
settings/docs/values.md Normal file
View File

@@ -0,0 +1,75 @@
---
title: "Settings Values"
date: 2020-05-04T00:00:00+00:00
weight: 51
geekdocRepo: https://github.com/owncloud/ocis-settings
geekdocEditPath: edit/master/docs
geekdocFilePath: values.md
---
A **Settings Value** is the value an authenticated user has chosen for a specific setting, defined in a
*settings bundle*. For choosing settings values as a user the sole entry point is the ocis-web extension
provided by this service.
## Identifying settings values
A *settings value* is uniquely identified by four attributes. Three of them are coming from the definition of
the setting within it's settings bundle (see [Settings Bundles](https://owncloud.github.io/extensions/ocis_settings/bundles/)
for an example). The fourth identifies the user.
- extension: Key of the extension that registered the settings bundle,
- bundleKey: Key of the settings bundle,
- settingKey: Key of the setting as defined within the bundle,
- accountUuid: The UUID of the authenticated user who has saved the setting.
{{< hint info >}}
When requests are going through `ocis-proxy`, the accountUuid attribute can be set to the static keyword `me`
instead of using a real UUID. `ocis-proxy` will take care of minting the UUID of the authenticated user into
a JWT, providing it in the HTTP header as `x-access-token`. That UUID is then used in this service, to replace
`me` with the actual UUID of the authenticated user.
{{< /hint >}}
## Example of stored settings values
```json
{
"values": {
"language": {
"identifier": {
"extension": "ocis-accounts",
"bundleKey": "profile",
"settingKey": "language",
"accountUuid": "5681371f-4a6e-43bc-8bb5-9c9237fa9c58"
},
"listValue": {
"values": [
{
"stringValue": "de"
}
]
}
},
"timezone": {
"identifier": {
"extension": "ocis-accounts",
"bundleKey": "profile",
"settingKey": "timezone",
"accountUuid": "5681371f-4a6e-43bc-8bb5-9c9237fa9c58"
},
"listValue": {
"values": [
{
"stringValue": "Europe/Berlin"
}
]
}
}
}
}
```
## gRPC endpoints
The obvious way of modifying settings is the ocis-web extension, as described earlier. However, services can
use the respective gRPC endpoints of the `ValueService` to query and modify *settings values* as well.
The gRPC endpoints require the same identifier attributes as described above, so for making a request to
the `ValueService` you will have to make sure that the accountUuid of the authenticated user is available in
your service at the time of the request.

33
settings/go.mod Normal file
View File

@@ -0,0 +1,33 @@
module github.com/owncloud/ocis-settings
go 1.13
require (
contrib.go.opencensus.io/exporter/jaeger v0.2.1
contrib.go.opencensus.io/exporter/ocagent v0.6.0
contrib.go.opencensus.io/exporter/zipkin v0.1.1
github.com/UnnoTed/fileb0x v1.1.4
github.com/go-chi/chi v4.1.2+incompatible
github.com/go-chi/render v1.0.1
github.com/go-ozzo/ozzo-validation/v4 v4.2.1
github.com/gofrs/uuid v3.3.0+incompatible
github.com/golang/protobuf v1.4.2
github.com/grpc-ecosystem/grpc-gateway v1.14.6
github.com/micro/cli/v2 v2.1.2
github.com/micro/go-micro/v2 v2.9.1
github.com/mitchellh/gox v1.0.1
github.com/oklog/run v1.0.0
github.com/openzipkin/zipkin-go v0.2.2
github.com/owncloud/ocis-pkg/v2 v2.4.1-0.20200902134813-1e87c6173ada
github.com/restic/calens v0.2.0
github.com/spf13/viper v1.6.3
github.com/stretchr/testify v1.6.1
go.opencensus.io v0.22.4
golang.org/x/lint v0.0.0-20200302205851-738671d3881b
golang.org/x/net v0.0.0-20200625001655-4c5254603344
google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884
google.golang.org/protobuf v1.23.0
gotest.tools v2.2.0+incompatible
)
replace google.golang.org/grpc => google.golang.org/grpc v1.26.0

1380
settings/go.sum Normal file
View File

File diff suppressed because it is too large Load Diff

15
settings/nightwatch.conf.js Normal file
View File

@@ -0,0 +1,15 @@
const path = require('path')
const PHOENIX_PATH = process.env.PHOENIX_PATH
const TEST_INFRA_DIRECTORY = process.env.TEST_INFRA_DIRECTORY
const OCIS_SETTINGS_STORE = process.env.OCIS_SETTINGS_STORE || './ocis-settings-store'
const config = require(path.join(PHOENIX_PATH, 'nightwatch.conf.js'))
config.page_objects_path = [TEST_INFRA_DIRECTORY + '/acceptance/pageObjects', 'ui/tests/acceptance/pageobjects']
config.custom_commands_path = TEST_INFRA_DIRECTORY + '/acceptance/customCommands'
config.test_settings.default.globals = { ...config.test_settings.default.globals, settings_store: OCIS_SETTINGS_STORE }
module.exports = {
...config
}

83
settings/package.json Normal file
View File

@@ -0,0 +1,83 @@
{
"private": true,
"name": "ocis-settings",
"version": "0.0.0",
"description": "",
"homepage": "https://github.com/owncloud/ocis-settings#readme",
"license": "Apache-2.0",
"author": "ownCloud GmbH <devops@owncloud.com>",
"repository": "https://github.com/owncloud/ocis-settings.git",
"bugs": {
"url": "https://github.com/owncloud/ocis-settings/issues",
"email": "support@owncloud.com"
},
"scripts": {
"lint": "eslint ui/**/*.vue ui/**/*.js --color --global requirejs --global require",
"build": "rollup -c",
"watch": "rollup -c -w",
"test": "echo 'Not implemented'",
"generate-api": "node node_modules/swagger-vue-generator/bin/generate-api.js --package-version v0 --source pkg/proto/v0/settings.swagger.json --moduleName settings --destination ui/client/settings/index.js",
"acceptance-tests": "cucumber-js --require-module @babel/register --require-module @babel/polyfill --require ${TEST_INFRA_DIRECTORY}/acceptance/setup.js --require ui/tests/acceptance/stepDefinitions --require ${TEST_INFRA_DIRECTORY}/acceptance/stepDefinitions --format node_modules/cucumber-pretty -t \"${TEST_TAGS:-not @skip and not @skipOnOC10}\""
},
"devDependencies": {
"@babel/core": "^7.7.7",
"@babel/polyfill": "^7.10.1",
"@babel/register": "^7.10.1",
"@babel/plugin-proposal-class-properties": "^7.7.4",
"@babel/plugin-proposal-export-default-from": "^7.7.4",
"@babel/plugin-proposal-object-rest-spread": "^7.7.7",
"@babel/plugin-syntax-dynamic-import": "^7.7.4",
"@babel/plugin-transform-runtime": "^7.8.0",
"@babel/preset-env": "^7.7.7",
"@erquhart/rollup-plugin-node-builtins": "^2.1.5",
"@rollup/plugin-commonjs": "^11.0.1",
"@rollup/plugin-json": "^4.0.1",
"@rollup/plugin-replace": "^2.3.0",
"archiver": "^4.0.1",
"axios": "^0.19.0",
"core-js": "3",
"cross-env": "^6.0.3",
"debounce": "^1.2.0",
"easygettext": "^2.7.0",
"eslint": "6.8.0",
"eslint-config-standard": "^14.1.0",
"eslint-plugin-import": "^2.17.3",
"eslint-plugin-node": "11.0.0",
"eslint-plugin-promise": "^4.1.1",
"eslint-plugin-standard": "^4.0.0",
"eslint-plugin-vue": "^6.1.2",
"qs": "^6.9.1",
"rimraf": "^3.0.0",
"rollup": "^1.28.0",
"rollup-plugin-babel": "^4.3.3",
"rollup-plugin-eslint": "^7.0.0",
"rollup-plugin-filesize": "^6.2.1",
"rollup-plugin-node-globals": "^1.4.0",
"rollup-plugin-node-resolve": "^5.2.0",
"rollup-plugin-terser": "^5.1.3",
"rollup-plugin-vue": "^5.1.4",
"swagger-vue-generator": "^1.0.6",
"vue-template-compiler": "^2.6.11",
"fs-extra": "^9.0.1",
"join-path": "^1.1.1",
"ldap": "^0.7.1",
"nightwatch": "^1.3.6",
"nightwatch-api": "^3.0.1",
"node-fetch": "^2.6.1",
"cucumber": "^6.0.5",
"cucumber-pretty": ">=6.0.0",
"xml-js": "^1.6.11",
"url-search-params-polyfill": "^8.1.0"
},
"browserslist": [
"> 1%",
"not dead"
],
"peerDependencies": {
"owncloud-design-system": "^1.7.0"
},
"dependencies": {
"lodash": "^4.17.15",
"vuex": "^3.2.0"
}
}

66
settings/pkg/assets/assets.go Normal file
View File

@@ -0,0 +1,66 @@
package assets
import (
"net/http"
"os"
"path/filepath"
"github.com/owncloud/ocis-pkg/v2/log"
"github.com/owncloud/ocis-settings/pkg/config"
// Fake the import to make the dep tree happy.
_ "golang.org/x/net/context"
// Fake the import to make the dep tree happy.
_ "golang.org/x/net/webdav"
)
//go:generate go run github.com/UnnoTed/fileb0x embed.yml
// assets gets initialized by New and provides the handler.
type assets struct {
logger log.Logger
config *config.Config
}
// Open just implements the HTTP filesystem interface.
func (a assets) Open(original string) (http.File, error) {
if a.config.Asset.Path != "" {
if stat, err := os.Stat(a.config.Asset.Path); err == nil && stat.IsDir() {
custom := filepath.Join(
a.config.Asset.Path,
original,
)
if _, err := os.Stat(custom); !os.IsNotExist(err) {
f, err := os.Open(custom)
if err != nil {
return nil, err
}
return f, nil
}
} else {
a.logger.Warn().
Str("path", a.config.Asset.Path).
Msg("Assets directory doesn't exist")
}
}
return FS.OpenFile(
CTX,
original,
os.O_RDONLY,
0644,
)
}
// New returns a new http filesystem to serve assets.
func New(opts ...Option) http.FileSystem {
options := newOptions(opts...)
return assets{
config: options.Config,
}
}

202
settings/pkg/assets/embed.go Normal file
View File

File diff suppressed because one or more lines are too long

17
settings/pkg/assets/embed.yml Normal file
View File

@@ -0,0 +1,17 @@
---
pkg: "assets"
dest: "."
output: "embed.go"
fmt: true
noprefix: true
compression:
compress: true
custom:
- files:
- "../../assets/"
base: "../../assets/"
prefix: ""
...

40
settings/pkg/assets/option.go Normal file
View File

@@ -0,0 +1,40 @@
package assets
import (
"github.com/owncloud/ocis-pkg/v2/log"
"github.com/owncloud/ocis-settings/pkg/config"
)
// Option defines a single option function.
type Option func(o *Options)
// Options defines the available options for this package.
type Options struct {
Logger log.Logger
Config *config.Config
}
// newOptions initializes the available default options.
func newOptions(opts ...Option) Options {
opt := Options{}
for _, o := range opts {
o(&opt)
}
return opt
}
// Logger provides a function to set the logger option.
func Logger(val log.Logger) Option {
return func(o *Options) {
o.Logger = val
}
}
// Config provides a function to set the config option.
func Config(val *config.Config) Option {
return func(o *Options) {
o.Config = val
}
}

49
settings/pkg/command/health.go Normal file
View File

@@ -0,0 +1,49 @@
package command
import (
"fmt"
"net/http"
"github.com/micro/cli/v2"
"github.com/owncloud/ocis-settings/pkg/config"
"github.com/owncloud/ocis-settings/pkg/flagset"
)
// Health is the entrypoint for the health command.
func Health(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "health",
Usage: "Check health status",
Flags: flagset.HealthWithConfig(cfg),
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
resp, err := http.Get(
fmt.Sprintf(
"http://%s/healthz",
cfg.Debug.Addr,
),
)
if err != nil {
logger.Fatal().
Err(err).
Msg("Failed to request health check")
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
logger.Fatal().
Int("code", resp.StatusCode).
Msg("Health seems to be in bad state")
}
logger.Debug().
Int("code", resp.StatusCode).
Msg("Health got a good state")
return nil
},
}
}

108
settings/pkg/command/root.go Normal file
View File

@@ -0,0 +1,108 @@
package command
import (
"os"
"strings"
"github.com/micro/cli/v2"
"github.com/owncloud/ocis-pkg/v2/log"
"github.com/owncloud/ocis-settings/pkg/config"
"github.com/owncloud/ocis-settings/pkg/flagset"
"github.com/owncloud/ocis-settings/pkg/version"
"github.com/spf13/viper"
)
// Execute is the entry point for the ocis-settings command.
func Execute() error {
cfg := config.New()
app := &cli.App{
Name: "ocis-settings",
Version: version.String,
Usage: "Provide settings and permissions for oCIS",
Compiled: version.Compiled(),
Authors: []*cli.Author{
{
Name: "ownCloud GmbH",
Email: "support@owncloud.com",
},
},
Flags: flagset.RootWithConfig(cfg),
Before: func(c *cli.Context) error {
return ParseConfig(c, cfg)
},
Commands: []*cli.Command{
Server(cfg),
Health(cfg),
},
}
cli.HelpFlag = &cli.BoolFlag{
Name: "help,h",
Usage: "Show the help",
}
cli.VersionFlag = &cli.BoolFlag{
Name: "version,v",
Usage: "Print the version",
}
return app.Run(os.Args)
}
// NewLogger initializes a service-specific logger instance.
func NewLogger(cfg *config.Config) log.Logger {
return log.NewLogger(
log.Name("settings"),
log.Level(cfg.Log.Level),
log.Pretty(cfg.Log.Pretty),
log.Color(cfg.Log.Color),
)
}
// ParseConfig loads settings configuration from Viper known paths.
func ParseConfig(c *cli.Context, cfg *config.Config) error {
logger := NewLogger(cfg)
viper.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
viper.SetEnvPrefix("SETTINGS")
viper.AutomaticEnv()
if c.IsSet("config-file") {
viper.SetConfigFile(c.String("config-file"))
} else {
viper.SetConfigName("settings")
viper.AddConfigPath("/etc/ocis")
viper.AddConfigPath("$HOME/.ocis")
viper.AddConfigPath("./config")
}
if err := viper.ReadInConfig(); err != nil {
switch err.(type) {
case viper.ConfigFileNotFoundError:
logger.Info().
Msg("Continue without config")
case viper.UnsupportedConfigError:
logger.Fatal().
Err(err).
Msg("Unsupported config type")
default:
logger.Fatal().
Err(err).
Msg("Failed to read config")
}
}
if err := viper.Unmarshal(&cfg); err != nil {
logger.Fatal().
Err(err).
Msg("Failed to parse config")
}
return nil
}

224
settings/pkg/command/server.go Normal file
View File

@@ -0,0 +1,224 @@
package command
import (
"context"
"os"
"os/signal"
"strings"
"time"
"contrib.go.opencensus.io/exporter/jaeger"
"contrib.go.opencensus.io/exporter/ocagent"
"contrib.go.opencensus.io/exporter/zipkin"
"github.com/micro/cli/v2"
"github.com/oklog/run"
openzipkin "github.com/openzipkin/zipkin-go"
zipkinhttp "github.com/openzipkin/zipkin-go/reporter/http"
"github.com/owncloud/ocis-settings/pkg/config"
"github.com/owncloud/ocis-settings/pkg/flagset"
"github.com/owncloud/ocis-settings/pkg/server/debug"
"github.com/owncloud/ocis-settings/pkg/server/grpc"
"github.com/owncloud/ocis-settings/pkg/server/http"
"go.opencensus.io/stats/view"
"go.opencensus.io/trace"
)
// Server is the entrypoint for the server command.
func Server(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "server",
Usage: "Start integrated server",
Flags: flagset.ServerWithConfig(cfg),
Before: func(ctx *cli.Context) error {
if cfg.HTTP.Root != "/" {
cfg.HTTP.Root = strings.TrimSuffix(cfg.HTTP.Root, "/")
}
// When running on single binary mode the before hook from the root command won't get called. We manually
// call this before hook from ocis command, so the configuration can be loaded.
return ParseConfig(ctx, cfg)
},
Action: func(c *cli.Context) error {
logger := NewLogger(cfg)
if cfg.Tracing.Enabled {
switch t := cfg.Tracing.Type; t {
case "agent":
exporter, err := ocagent.NewExporter(
ocagent.WithReconnectionPeriod(5*time.Second),
ocagent.WithAddress(cfg.Tracing.Endpoint),
ocagent.WithServiceName(cfg.Tracing.Service),
)
if err != nil {
logger.Error().
Err(err).
Str("endpoint", cfg.Tracing.Endpoint).
Str("collector", cfg.Tracing.Collector).
Msg("Failed to create agent tracing")
return err
}
trace.RegisterExporter(exporter)
view.RegisterExporter(exporter)
case "jaeger":
exporter, err := jaeger.NewExporter(
jaeger.Options{
AgentEndpoint: cfg.Tracing.Endpoint,
CollectorEndpoint: cfg.Tracing.Collector,
ServiceName: cfg.Tracing.Service,
},
)
if err != nil {
logger.Error().
Err(err).
Str("endpoint", cfg.Tracing.Endpoint).
Str("collector", cfg.Tracing.Collector).
Msg("Failed to create jaeger tracing")
return err
}
trace.RegisterExporter(exporter)
case "zipkin":
endpoint, err := openzipkin.NewEndpoint(
cfg.Tracing.Service,
cfg.Tracing.Endpoint,
)
if err != nil {
logger.Error().
Err(err).
Str("endpoint", cfg.Tracing.Endpoint).
Str("collector", cfg.Tracing.Collector).
Msg("Failed to create zipkin tracing")
return err
}
exporter := zipkin.NewExporter(
zipkinhttp.NewReporter(
cfg.Tracing.Collector,
),
endpoint,
)
trace.RegisterExporter(exporter)
default:
logger.Warn().
Str("type", t).
Msg("Unknown tracing backend")
}
trace.ApplyConfig(
trace.Config{
DefaultSampler: trace.AlwaysSample(),
},
)
} else {
logger.Debug().
Msg("Tracing is not enabled")
}
var (
gr = run.Group{}
ctx, cancel = context.WithCancel(context.Background())
)
defer cancel()
{
server := http.Server(
http.Name("settings"),
http.Logger(logger),
http.Context(ctx),
http.Config(cfg),
http.Flags(flagset.RootWithConfig(cfg)),
http.Flags(flagset.ServerWithConfig(cfg)),
)
gr.Add(server.Run, func(_ error) {
logger.Info().
Str("server", "http").
Msg("Shutting down server")
cancel()
})
}
{
server := grpc.Server(
grpc.Name("settings"),
grpc.Logger(logger),
grpc.Context(ctx),
grpc.Config(cfg),
)
gr.Add(server.Run, func(_ error) {
logger.Info().
Str("server", "grpc").
Msg("Shutting down server")
cancel()
})
}
{
server, err := debug.Server(
debug.Logger(logger),
debug.Context(ctx),
debug.Config(cfg),
)
if err != nil {
logger.Error().
Err(err).
Str("server", "debug").
Msg("Failed to initialize server")
return err
}
gr.Add(server.ListenAndServe, func(_ error) {
ctx, timeout := context.WithTimeout(ctx, 5*time.Second)
defer timeout()
defer cancel()
if err := server.Shutdown(ctx); err != nil {
logger.Error().
Err(err).
Str("server", "debug").
Msg("Failed to shutdown server")
} else {
logger.Info().
Str("server", "debug").
Msg("Shutting down server")
}
})
}
{
stop := make(chan os.Signal, 1)
gr.Add(func() error {
signal.Notify(stop, os.Interrupt)
<-stop
return nil
}, func(err error) {
close(stop)
cancel()
})
}
return gr.Run()
},
}
}

71
settings/pkg/config/config.go Normal file
View File

@@ -0,0 +1,71 @@
package config
// Log defines the available logging configuration.
type Log struct {
Level string
Pretty bool
Color bool
}
// Debug defines the available debug configuration.
type Debug struct {
Addr string
Token string
Pprof bool
Zpages bool
}
// HTTP defines the available http configuration.
type HTTP struct {
Addr string
Namespace string
Root string
}
// GRPC defines the available grpc configuration.
type GRPC struct {
Addr string
Namespace string
}
// Tracing defines the available tracing configuration.
type Tracing struct {
Enabled bool
Type string
Endpoint string
Collector string
Service string
}
// Asset undocumented
type Asset struct {
Path string
}
// Storage defines the available storage configuration.
type Storage struct {
DataPath string
}
// TokenManager is the config for using the reva token manager
type TokenManager struct {
JWTSecret string
}
// Config combines all available configuration parts.
type Config struct {
File string
Storage Storage
Log Log
Debug Debug
HTTP HTTP
GRPC GRPC
Tracing Tracing
Asset Asset
TokenManager TokenManager
}
// New initializes a new configuration with or without defaults.
func New() *Config {
return &Config{}
}

175
settings/pkg/flagset/flagset.go Normal file
View File

@@ -0,0 +1,175 @@
package flagset
import (
"github.com/micro/cli/v2"
"github.com/owncloud/ocis-settings/pkg/config"
)
// RootWithConfig applies cfg to the root flagset
func RootWithConfig(cfg *config.Config) []cli.Flag {
return []cli.Flag{
&cli.StringFlag{
Name: "config-file",
Value: "",
Usage: "Path to config file",
EnvVars: []string{"SETTINGS_CONFIG_FILE"},
Destination: &cfg.File,
},
&cli.StringFlag{
Name: "log-level",
Value: "info",
Usage: "Set logging level",
EnvVars: []string{"SETTINGS_LOG_LEVEL"},
Destination: &cfg.Log.Level,
},
&cli.BoolFlag{
Name: "log-pretty",
Value: true,
Usage: "Enable pretty logging",
EnvVars: []string{"SETTINGS_LOG_PRETTY"},
Destination: &cfg.Log.Pretty,
},
&cli.BoolFlag{
Name: "log-color",
Value: true,
Usage: "Enable colored logging",
EnvVars: []string{"SETTINGS_LOG_COLOR"},
Destination: &cfg.Log.Color,
},
}
}
// HealthWithConfig applies cfg to the root flagset
func HealthWithConfig(cfg *config.Config) []cli.Flag {
return []cli.Flag{
&cli.StringFlag{
Name: "debug-addr",
Value: "0.0.0.0:9194",
Usage: "Address to debug endpoint",
EnvVars: []string{"SETTINGS_DEBUG_ADDR"},
Destination: &cfg.Debug.Addr,
},
}
}
// ServerWithConfig applies cfg to the root flagset
func ServerWithConfig(cfg *config.Config) []cli.Flag {
return []cli.Flag{
&cli.BoolFlag{
Name: "tracing-enabled",
Usage: "Enable sending traces",
EnvVars: []string{"SETTINGS_TRACING_ENABLED"},
Destination: &cfg.Tracing.Enabled,
},
&cli.StringFlag{
Name: "tracing-type",
Value: "jaeger",
Usage: "Tracing backend type",
EnvVars: []string{"SETTINGS_TRACING_TYPE"},
Destination: &cfg.Tracing.Type,
},
&cli.StringFlag{
Name: "tracing-endpoint",
Value: "",
Usage: "Endpoint for the agent",
EnvVars: []string{"SETTINGS_TRACING_ENDPOINT"},
Destination: &cfg.Tracing.Endpoint,
},
&cli.StringFlag{
Name: "tracing-collector",
Value: "",
Usage: "Endpoint for the collector",
EnvVars: []string{"SETTINGS_TRACING_COLLECTOR"},
Destination: &cfg.Tracing.Collector,
},
&cli.StringFlag{
Name: "tracing-service",
Value: "settings",
Usage: "Service name for tracing",
EnvVars: []string{"SETTINGS_TRACING_SERVICE"},
Destination: &cfg.Tracing.Service,
},
&cli.StringFlag{
Name: "debug-addr",
Value: "0.0.0.0:9194",
Usage: "Address to bind debug server",
EnvVars: []string{"SETTINGS_DEBUG_ADDR"},
Destination: &cfg.Debug.Addr,
},
&cli.StringFlag{
Name: "debug-token",
Value: "",
Usage: "Token to grant metrics access",
EnvVars: []string{"SETTINGS_DEBUG_TOKEN"},
Destination: &cfg.Debug.Token,
},
&cli.BoolFlag{
Name: "debug-pprof",
Usage: "Enable pprof debugging",
EnvVars: []string{"SETTINGS_DEBUG_PPROF"},
Destination: &cfg.Debug.Pprof,
},
&cli.BoolFlag{
Name: "debug-zpages",
Usage: "Enable zpages debugging",
EnvVars: []string{"SETTINGS_DEBUG_ZPAGES"},
Destination: &cfg.Debug.Zpages,
},
&cli.StringFlag{
Name: "http-addr",
Value: "0.0.0.0:9190",
Usage: "Address to bind http server",
EnvVars: []string{"SETTINGS_HTTP_ADDR"},
Destination: &cfg.HTTP.Addr,
},
&cli.StringFlag{
Name: "http-namespace",
Value: "com.owncloud.web",
Usage: "Set the base namespace for the http namespace",
EnvVars: []string{"SETTINGS_HTTP_NAMESPACE"},
Destination: &cfg.HTTP.Namespace,
},
&cli.StringFlag{
Name: "http-root",
Value: "/",
Usage: "Root path of http server",
EnvVars: []string{"SETTINGS_HTTP_ROOT"},
Destination: &cfg.HTTP.Root,
},
&cli.StringFlag{
Name: "grpc-addr",
Value: "0.0.0.0:9191",
Usage: "Address to bind grpc server",
EnvVars: []string{"SETTINGS_GRPC_ADDR"},
Destination: &cfg.GRPC.Addr,
},
&cli.StringFlag{
Name: "asset-path",
Value: "",
Usage: "Path to custom assets",
EnvVars: []string{"SETTINGS_ASSET_PATH"},
Destination: &cfg.Asset.Path,
},
&cli.StringFlag{
Name: "grpc-namespace",
Value: "com.owncloud.api",
Usage: "Set the base namespace for the grpc namespace",
EnvVars: []string{"SETTINGS_GRPC_NAMESPACE"},
Destination: &cfg.GRPC.Namespace,
},
&cli.StringFlag{
Name: "data-path",
Value: "/var/tmp/ocis-settings",
Usage: "Mount path for the storage",
EnvVars: []string{"SETTINGS_DATA_PATH"},
Destination: &cfg.Storage.DataPath,
},
&cli.StringFlag{
Name: "jwt-secret",
Value: "Pive-Fumkiu4",
Usage: "Used to create JWT to talk to reva, should equal reva's jwt-secret",
EnvVars: []string{"SETTINGS_JWT_SECRET"},
Destination: &cfg.TokenManager.JWTSecret,
},
}
}

32
settings/pkg/metrics/metrics.go Normal file
View File

@@ -0,0 +1,32 @@
package metrics
var (
// Namespace defines the namespace for the defines metrics.
Namespace = "ocis"
// Subsystem defines the subsystem for the defines metrics.
Subsystem = "settings"
)
// Metrics defines the available metrics of this service.
type Metrics struct {
// Counter *prometheus.CounterVec
}
// New initializes the available metrics.
func New() *Metrics {
m := &Metrics{
// Counter: prometheus.NewCounterVec(prometheus.CounterOpts{
// Namespace: Namespace,
// Subsystem: Subsystem,
// Name: "greet_total",
// Help: "How many greeting requests processed",
// }, []string{}),
}
// prometheus.Register(
// m.Counter,
// )
return m
}

186
settings/pkg/proto/v0/settings.mock.go Normal file
View File

@@ -0,0 +1,186 @@
package proto
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/micro/go-micro/v2/client"
)
// MockBundleService can be used to write tests against the bundle service.
/*
To create a mock overwrite the functions of an instance like this:
```go
func mockBundleSvc(returnErr bool) proto.BundleService {
if returnErr {
return &proto.MockBundleService{
ListBundlesFunc: func(ctx context.Context, in *proto.ListBundlesRequest, opts ...client.CallOption) (out *proto.ListBundlesResponse, err error) {
return nil, fmt.Errorf("error returned by mockBundleSvc LIST")
},
}
}
return &proto.MockBundleService{
ListBundlesFunc: func(ctx context.Context, in *proto.ListBundlesRequest, opts ...client.CallOption) (out *proto.ListBundlesResponse, err error) {
return &proto.ListBundlesResponse{
Bundles: []*proto.Bundle{
{
Id: "hello-there",
},
},
}, nil
},
}
}
```
*/
type MockBundleService struct {
ListBundlesFunc func(ctx context.Context, req *ListBundlesRequest, opts ...client.CallOption) (*ListBundlesResponse, error)
GetBundleFunc func(ctx context.Context, req *GetBundleRequest, opts ...client.CallOption) (*GetBundleResponse, error)
SaveBundleFunc func(ctx context.Context, req *SaveBundleRequest, opts ...client.CallOption) (*SaveBundleResponse, error)
AddSettingToBundleFunc func(ctx context.Context, req *AddSettingToBundleRequest, opts ...client.CallOption) (*AddSettingToBundleResponse, error)
RemoveSettingFromBundleFunc func(ctx context.Context, req *RemoveSettingFromBundleRequest, opts ...client.CallOption) (*empty.Empty, error)
}
// ListBundles will panic if the function has been called, but not mocked
func (m MockBundleService) ListBundles(ctx context.Context, req *ListBundlesRequest, opts ...client.CallOption) (*ListBundlesResponse, error) {
if m.ListBundlesFunc != nil {
return m.ListBundlesFunc(ctx, req, opts...)
}
panic("ListBundlesFunc was called in test but not mocked")
}
// GetBundle will panic if the function has been called, but not mocked
func (m MockBundleService) GetBundle(ctx context.Context, req *GetBundleRequest, opts ...client.CallOption) (*GetBundleResponse, error) {
if m.GetBundleFunc != nil {
return m.GetBundleFunc(ctx, req, opts...)
}
panic("GetBundleFunc was called in test but not mocked")
}
// SaveBundle will panic if the function has been called, but not mocked
func (m MockBundleService) SaveBundle(ctx context.Context, req *SaveBundleRequest, opts ...client.CallOption) (*SaveBundleResponse, error) {
if m.SaveBundleFunc != nil {
return m.SaveBundleFunc(ctx, req, opts...)
}
panic("SaveBundleFunc was called in test but not mocked")
}
// AddSettingToBundle will panic if the function has been called, but not mocked
func (m MockBundleService) AddSettingToBundle(ctx context.Context, req *AddSettingToBundleRequest, opts ...client.CallOption) (*AddSettingToBundleResponse, error) {
if m.AddSettingToBundleFunc != nil {
return m.AddSettingToBundleFunc(ctx, req, opts...)
}
panic("AddSettingToBundleFunc was called in test but not mocked")
}
// RemoveSettingFromBundle will panic if the function has been called, but not mocked
func (m MockBundleService) RemoveSettingFromBundle(ctx context.Context, req *RemoveSettingFromBundleRequest, opts ...client.CallOption) (*empty.Empty, error) {
if m.RemoveSettingFromBundleFunc != nil {
return m.RemoveSettingFromBundleFunc(ctx, req, opts...)
}
panic("RemoveSettingFromBundleFunc was called in test but not mocked")
}
// MockValueService can be used to write tests against the value service.
type MockValueService struct {
ListValuesFunc func(ctx context.Context, req *ListValuesRequest, opts ...client.CallOption) (*ListValuesResponse, error)
GetValueFunc func(ctx context.Context, req *GetValueRequest, opts ...client.CallOption) (*GetValueResponse, error)
GetValueByUniqueIdentifiersFunc func(ctx context.Context, req *GetValueByUniqueIdentifiersRequest, opts ...client.CallOption) (*GetValueResponse, error)
SaveValueFunc func(ctx context.Context, req *SaveValueRequest, opts ...client.CallOption) (*SaveValueResponse, error)
}
// ListValues will panic if the function has been called, but not mocked
func (m MockValueService) ListValues(ctx context.Context, req *ListValuesRequest, opts ...client.CallOption) (*ListValuesResponse, error) {
if m.ListValuesFunc != nil {
return m.ListValuesFunc(ctx, req, opts...)
}
panic("ListValuesFunc was called in test but not mocked")
}
// GetValue will panic if the function has been called, but not mocked
func (m MockValueService) GetValue(ctx context.Context, req *GetValueRequest, opts ...client.CallOption) (*GetValueResponse, error) {
if m.GetValueFunc != nil {
return m.GetValueFunc(ctx, req, opts...)
}
panic("GetValueFunc was called in test but not mocked")
}
// GetValueByUniqueIdentifiers will panic if the function has been called, but not mocked
func (m MockValueService) GetValueByUniqueIdentifiers(ctx context.Context, req *GetValueByUniqueIdentifiersRequest, opts ...client.CallOption) (*GetValueResponse, error) {
if m.GetValueByUniqueIdentifiersFunc != nil {
return m.GetValueByUniqueIdentifiersFunc(ctx, req, opts...)
}
panic("GetValueByUniqueIdentifiersFunc was called in test but not mocked")
}
// SaveValue will panic if the function has been called, but not mocked
func (m MockValueService) SaveValue(ctx context.Context, req *SaveValueRequest, opts ...client.CallOption) (*SaveValueResponse, error) {
if m.SaveValueFunc != nil {
return m.SaveValueFunc(ctx, req, opts...)
}
panic("SaveValueFunc was called in test but not mocked")
}
// MockRoleService will panic if the function has been called, but not mocked
type MockRoleService struct {
ListRolesFunc func(ctx context.Context, req *ListBundlesRequest, opts ...client.CallOption) (*ListBundlesResponse, error)
ListRoleAssignmentsFunc func(ctx context.Context, req *ListRoleAssignmentsRequest, opts ...client.CallOption) (*ListRoleAssignmentsResponse, error)
AssignRoleToUserFunc func(ctx context.Context, req *AssignRoleToUserRequest, opts ...client.CallOption) (*AssignRoleToUserResponse, error)
RemoveRoleFromUserFunc func(ctx context.Context, req *RemoveRoleFromUserRequest, opts ...client.CallOption) (*empty.Empty, error)
}
// ListRoles will panic if the function has been called, but not mocked
func (m MockRoleService) ListRoles(ctx context.Context, req *ListBundlesRequest, opts ...client.CallOption) (*ListBundlesResponse, error) {
if m.ListRolesFunc != nil {
return m.ListRolesFunc(ctx, req, opts...)
}
panic("ListRolesFunc was called in test but not mocked")
}
// ListRoleAssignments will panic if the function has been called, but not mocked
func (m MockRoleService) ListRoleAssignments(ctx context.Context, req *ListRoleAssignmentsRequest, opts ...client.CallOption) (*ListRoleAssignmentsResponse, error) {
if m.ListRoleAssignmentsFunc != nil {
return m.ListRoleAssignmentsFunc(ctx, req, opts...)
}
panic("ListRoleAssignmentsFunc was called in test but not mocked")
}
// AssignRoleToUser will panic if the function has been called, but not mocked
func (m MockRoleService) AssignRoleToUser(ctx context.Context, req *AssignRoleToUserRequest, opts ...client.CallOption) (*AssignRoleToUserResponse, error) {
if m.AssignRoleToUserFunc != nil {
return m.AssignRoleToUserFunc(ctx, req, opts...)
}
panic("AssignRoleToUserFunc was called in test but not mocked")
}
// RemoveRoleFromUser will panic if the function has been called, but not mocked
func (m MockRoleService) RemoveRoleFromUser(ctx context.Context, req *RemoveRoleFromUserRequest, opts ...client.CallOption) (*empty.Empty, error) {
if m.RemoveRoleFromUserFunc != nil {
return m.RemoveRoleFromUserFunc(ctx, req, opts...)
}
panic("RemoveRoleFromUserFunc was called in test but not mocked")
}
// MockPermissionService will panic if the function has been called, but not mocked
type MockPermissionService struct {
ListPermissionsByResourceFunc func(ctx context.Context, req *ListPermissionsByResourceRequest, opts ...client.CallOption) (*ListPermissionsByResourceResponse, error)
GetPermissionByIDFunc func(ctx context.Context, req *GetPermissionByIDRequest, opts ...client.CallOption) (*GetPermissionByIDResponse, error)
}
// ListPermissionsByResource will panic if the function has been called, but not mocked
func (m MockPermissionService) ListPermissionsByResource(ctx context.Context, req *ListPermissionsByResourceRequest, opts ...client.CallOption) (*ListPermissionsByResourceResponse, error) {
if m.ListPermissionsByResourceFunc != nil {
return m.ListPermissionsByResourceFunc(ctx, req, opts...)
}
panic("ListPermissionsByResourceFunc was called in test but not mocked")
}
// GetPermissionByID will panic if the function has been called, but not mocked
func (m MockPermissionService) GetPermissionByID(ctx context.Context, req *GetPermissionByIDRequest, opts ...client.CallOption) (*GetPermissionByIDResponse, error) {
if m.GetPermissionByIDFunc != nil {
return m.GetPermissionByIDFunc(ctx, req, opts...)
}
panic("GetPermissionByIDFunc was called in test but not mocked")
}

3805
settings/pkg/proto/v0/settings.pb.go Normal file
View File

File diff suppressed because it is too large Load Diff

674
settings/pkg/proto/v0/settings.pb.micro.go Normal file
View File

@@ -0,0 +1,674 @@
// Code generated by protoc-gen-micro. DO NOT EDIT.
// source: settings.proto
package proto
import (
fmt "fmt"
proto "github.com/golang/protobuf/proto"
empty "github.com/golang/protobuf/ptypes/empty"
_ "github.com/grpc-ecosystem/grpc-gateway/protoc-gen-swagger/options"
_ "google.golang.org/genproto/googleapis/api/annotations"
math "math"
)
import (
context "context"
api "github.com/micro/go-micro/v2/api"
client "github.com/micro/go-micro/v2/client"
server "github.com/micro/go-micro/v2/server"
)
// Reference imports to suppress errors if they are not otherwise used.
var _ = proto.Marshal
var _ = fmt.Errorf
var _ = math.Inf
// This is a compile-time assertion to ensure that this generated file
// is compatible with the proto package it is being compiled against.
// A compilation error at this line likely means your copy of the
// proto package needs to be updated.
const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package
// Reference imports to suppress errors if they are not otherwise used.
var _ api.Endpoint
var _ context.Context
var _ client.Option
var _ server.Option
// Api Endpoints for BundleService service
func NewBundleServiceEndpoints() []*api.Endpoint {
return []*api.Endpoint{
&api.Endpoint{
Name: "BundleService.SaveBundle",
Path: []string{"/api/v0/settings/bundle-save"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
&api.Endpoint{
Name: "BundleService.GetBundle",
Path: []string{"/api/v0/settings/bundle-get"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
&api.Endpoint{
Name: "BundleService.ListBundles",
Path: []string{"/api/v0/settings/bundles-list"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
&api.Endpoint{
Name: "BundleService.AddSettingToBundle",
Path: []string{"/api/v0/settings/bundles-add-setting"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
&api.Endpoint{
Name: "BundleService.RemoveSettingFromBundle",
Path: []string{"/api/v0/settings/bundles-remove-setting"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
}
}
// Client API for BundleService service
type BundleService interface {
SaveBundle(ctx context.Context, in *SaveBundleRequest, opts ...client.CallOption) (*SaveBundleResponse, error)
GetBundle(ctx context.Context, in *GetBundleRequest, opts ...client.CallOption) (*GetBundleResponse, error)
ListBundles(ctx context.Context, in *ListBundlesRequest, opts ...client.CallOption) (*ListBundlesResponse, error)
AddSettingToBundle(ctx context.Context, in *AddSettingToBundleRequest, opts ...client.CallOption) (*AddSettingToBundleResponse, error)
RemoveSettingFromBundle(ctx context.Context, in *RemoveSettingFromBundleRequest, opts ...client.CallOption) (*empty.Empty, error)
}
type bundleService struct {
c client.Client
name string
}
func NewBundleService(name string, c client.Client) BundleService {
return &bundleService{
c: c,
name: name,
}
}
func (c *bundleService) SaveBundle(ctx context.Context, in *SaveBundleRequest, opts ...client.CallOption) (*SaveBundleResponse, error) {
req := c.c.NewRequest(c.name, "BundleService.SaveBundle", in)
out := new(SaveBundleResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *bundleService) GetBundle(ctx context.Context, in *GetBundleRequest, opts ...client.CallOption) (*GetBundleResponse, error) {
req := c.c.NewRequest(c.name, "BundleService.GetBundle", in)
out := new(GetBundleResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *bundleService) ListBundles(ctx context.Context, in *ListBundlesRequest, opts ...client.CallOption) (*ListBundlesResponse, error) {
req := c.c.NewRequest(c.name, "BundleService.ListBundles", in)
out := new(ListBundlesResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *bundleService) AddSettingToBundle(ctx context.Context, in *AddSettingToBundleRequest, opts ...client.CallOption) (*AddSettingToBundleResponse, error) {
req := c.c.NewRequest(c.name, "BundleService.AddSettingToBundle", in)
out := new(AddSettingToBundleResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *bundleService) RemoveSettingFromBundle(ctx context.Context, in *RemoveSettingFromBundleRequest, opts ...client.CallOption) (*empty.Empty, error) {
req := c.c.NewRequest(c.name, "BundleService.RemoveSettingFromBundle", in)
out := new(empty.Empty)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
// Server API for BundleService service
type BundleServiceHandler interface {
SaveBundle(context.Context, *SaveBundleRequest, *SaveBundleResponse) error
GetBundle(context.Context, *GetBundleRequest, *GetBundleResponse) error
ListBundles(context.Context, *ListBundlesRequest, *ListBundlesResponse) error
AddSettingToBundle(context.Context, *AddSettingToBundleRequest, *AddSettingToBundleResponse) error
RemoveSettingFromBundle(context.Context, *RemoveSettingFromBundleRequest, *empty.Empty) error
}
func RegisterBundleServiceHandler(s server.Server, hdlr BundleServiceHandler, opts ...server.HandlerOption) error {
type bundleService interface {
SaveBundle(ctx context.Context, in *SaveBundleRequest, out *SaveBundleResponse) error
GetBundle(ctx context.Context, in *GetBundleRequest, out *GetBundleResponse) error
ListBundles(ctx context.Context, in *ListBundlesRequest, out *ListBundlesResponse) error
AddSettingToBundle(ctx context.Context, in *AddSettingToBundleRequest, out *AddSettingToBundleResponse) error
RemoveSettingFromBundle(ctx context.Context, in *RemoveSettingFromBundleRequest, out *empty.Empty) error
}
type BundleService struct {
bundleService
}
h := &bundleServiceHandler{hdlr}
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "BundleService.SaveBundle",
Path: []string{"/api/v0/settings/bundle-save"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "BundleService.GetBundle",
Path: []string{"/api/v0/settings/bundle-get"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "BundleService.ListBundles",
Path: []string{"/api/v0/settings/bundles-list"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "BundleService.AddSettingToBundle",
Path: []string{"/api/v0/settings/bundles-add-setting"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "BundleService.RemoveSettingFromBundle",
Path: []string{"/api/v0/settings/bundles-remove-setting"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
return s.Handle(s.NewHandler(&BundleService{h}, opts...))
}
type bundleServiceHandler struct {
BundleServiceHandler
}
func (h *bundleServiceHandler) SaveBundle(ctx context.Context, in *SaveBundleRequest, out *SaveBundleResponse) error {
return h.BundleServiceHandler.SaveBundle(ctx, in, out)
}
func (h *bundleServiceHandler) GetBundle(ctx context.Context, in *GetBundleRequest, out *GetBundleResponse) error {
return h.BundleServiceHandler.GetBundle(ctx, in, out)
}
func (h *bundleServiceHandler) ListBundles(ctx context.Context, in *ListBundlesRequest, out *ListBundlesResponse) error {
return h.BundleServiceHandler.ListBundles(ctx, in, out)
}
func (h *bundleServiceHandler) AddSettingToBundle(ctx context.Context, in *AddSettingToBundleRequest, out *AddSettingToBundleResponse) error {
return h.BundleServiceHandler.AddSettingToBundle(ctx, in, out)
}
func (h *bundleServiceHandler) RemoveSettingFromBundle(ctx context.Context, in *RemoveSettingFromBundleRequest, out *empty.Empty) error {
return h.BundleServiceHandler.RemoveSettingFromBundle(ctx, in, out)
}
// Api Endpoints for ValueService service
func NewValueServiceEndpoints() []*api.Endpoint {
return []*api.Endpoint{
&api.Endpoint{
Name: "ValueService.SaveValue",
Path: []string{"/api/v0/settings/values-save"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
&api.Endpoint{
Name: "ValueService.GetValue",
Path: []string{"/api/v0/settings/values-get"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
&api.Endpoint{
Name: "ValueService.ListValues",
Path: []string{"/api/v0/settings/values-list"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
&api.Endpoint{
Name: "ValueService.GetValueByUniqueIdentifiers",
Path: []string{"/api/v0/settings/values-get-by-unique-identifiers"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
}
}
// Client API for ValueService service
type ValueService interface {
SaveValue(ctx context.Context, in *SaveValueRequest, opts ...client.CallOption) (*SaveValueResponse, error)
GetValue(ctx context.Context, in *GetValueRequest, opts ...client.CallOption) (*GetValueResponse, error)
ListValues(ctx context.Context, in *ListValuesRequest, opts ...client.CallOption) (*ListValuesResponse, error)
GetValueByUniqueIdentifiers(ctx context.Context, in *GetValueByUniqueIdentifiersRequest, opts ...client.CallOption) (*GetValueResponse, error)
}
type valueService struct {
c client.Client
name string
}
func NewValueService(name string, c client.Client) ValueService {
return &valueService{
c: c,
name: name,
}
}
func (c *valueService) SaveValue(ctx context.Context, in *SaveValueRequest, opts ...client.CallOption) (*SaveValueResponse, error) {
req := c.c.NewRequest(c.name, "ValueService.SaveValue", in)
out := new(SaveValueResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *valueService) GetValue(ctx context.Context, in *GetValueRequest, opts ...client.CallOption) (*GetValueResponse, error) {
req := c.c.NewRequest(c.name, "ValueService.GetValue", in)
out := new(GetValueResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *valueService) ListValues(ctx context.Context, in *ListValuesRequest, opts ...client.CallOption) (*ListValuesResponse, error) {
req := c.c.NewRequest(c.name, "ValueService.ListValues", in)
out := new(ListValuesResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *valueService) GetValueByUniqueIdentifiers(ctx context.Context, in *GetValueByUniqueIdentifiersRequest, opts ...client.CallOption) (*GetValueResponse, error) {
req := c.c.NewRequest(c.name, "ValueService.GetValueByUniqueIdentifiers", in)
out := new(GetValueResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
// Server API for ValueService service
type ValueServiceHandler interface {
SaveValue(context.Context, *SaveValueRequest, *SaveValueResponse) error
GetValue(context.Context, *GetValueRequest, *GetValueResponse) error
ListValues(context.Context, *ListValuesRequest, *ListValuesResponse) error
GetValueByUniqueIdentifiers(context.Context, *GetValueByUniqueIdentifiersRequest, *GetValueResponse) error
}
func RegisterValueServiceHandler(s server.Server, hdlr ValueServiceHandler, opts ...server.HandlerOption) error {
type valueService interface {
SaveValue(ctx context.Context, in *SaveValueRequest, out *SaveValueResponse) error
GetValue(ctx context.Context, in *GetValueRequest, out *GetValueResponse) error
ListValues(ctx context.Context, in *ListValuesRequest, out *ListValuesResponse) error
GetValueByUniqueIdentifiers(ctx context.Context, in *GetValueByUniqueIdentifiersRequest, out *GetValueResponse) error
}
type ValueService struct {
valueService
}
h := &valueServiceHandler{hdlr}
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "ValueService.SaveValue",
Path: []string{"/api/v0/settings/values-save"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "ValueService.GetValue",
Path: []string{"/api/v0/settings/values-get"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "ValueService.ListValues",
Path: []string{"/api/v0/settings/values-list"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "ValueService.GetValueByUniqueIdentifiers",
Path: []string{"/api/v0/settings/values-get-by-unique-identifiers"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
return s.Handle(s.NewHandler(&ValueService{h}, opts...))
}
type valueServiceHandler struct {
ValueServiceHandler
}
func (h *valueServiceHandler) SaveValue(ctx context.Context, in *SaveValueRequest, out *SaveValueResponse) error {
return h.ValueServiceHandler.SaveValue(ctx, in, out)
}
func (h *valueServiceHandler) GetValue(ctx context.Context, in *GetValueRequest, out *GetValueResponse) error {
return h.ValueServiceHandler.GetValue(ctx, in, out)
}
func (h *valueServiceHandler) ListValues(ctx context.Context, in *ListValuesRequest, out *ListValuesResponse) error {
return h.ValueServiceHandler.ListValues(ctx, in, out)
}
func (h *valueServiceHandler) GetValueByUniqueIdentifiers(ctx context.Context, in *GetValueByUniqueIdentifiersRequest, out *GetValueResponse) error {
return h.ValueServiceHandler.GetValueByUniqueIdentifiers(ctx, in, out)
}
// Api Endpoints for RoleService service
func NewRoleServiceEndpoints() []*api.Endpoint {
return []*api.Endpoint{
&api.Endpoint{
Name: "RoleService.ListRoles",
Path: []string{"/api/v0/settings/roles-list"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
&api.Endpoint{
Name: "RoleService.ListRoleAssignments",
Path: []string{"/api/v0/settings/assignments-list"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
&api.Endpoint{
Name: "RoleService.AssignRoleToUser",
Path: []string{"/api/v0/settings/assignments-add"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
&api.Endpoint{
Name: "RoleService.RemoveRoleFromUser",
Path: []string{"/api/v0/settings/assignments-remove"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
}
}
// Client API for RoleService service
type RoleService interface {
ListRoles(ctx context.Context, in *ListBundlesRequest, opts ...client.CallOption) (*ListBundlesResponse, error)
ListRoleAssignments(ctx context.Context, in *ListRoleAssignmentsRequest, opts ...client.CallOption) (*ListRoleAssignmentsResponse, error)
AssignRoleToUser(ctx context.Context, in *AssignRoleToUserRequest, opts ...client.CallOption) (*AssignRoleToUserResponse, error)
RemoveRoleFromUser(ctx context.Context, in *RemoveRoleFromUserRequest, opts ...client.CallOption) (*empty.Empty, error)
}
type roleService struct {
c client.Client
name string
}
func NewRoleService(name string, c client.Client) RoleService {
return &roleService{
c: c,
name: name,
}
}
func (c *roleService) ListRoles(ctx context.Context, in *ListBundlesRequest, opts ...client.CallOption) (*ListBundlesResponse, error) {
req := c.c.NewRequest(c.name, "RoleService.ListRoles", in)
out := new(ListBundlesResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *roleService) ListRoleAssignments(ctx context.Context, in *ListRoleAssignmentsRequest, opts ...client.CallOption) (*ListRoleAssignmentsResponse, error) {
req := c.c.NewRequest(c.name, "RoleService.ListRoleAssignments", in)
out := new(ListRoleAssignmentsResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *roleService) AssignRoleToUser(ctx context.Context, in *AssignRoleToUserRequest, opts ...client.CallOption) (*AssignRoleToUserResponse, error) {
req := c.c.NewRequest(c.name, "RoleService.AssignRoleToUser", in)
out := new(AssignRoleToUserResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *roleService) RemoveRoleFromUser(ctx context.Context, in *RemoveRoleFromUserRequest, opts ...client.CallOption) (*empty.Empty, error) {
req := c.c.NewRequest(c.name, "RoleService.RemoveRoleFromUser", in)
out := new(empty.Empty)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
// Server API for RoleService service
type RoleServiceHandler interface {
ListRoles(context.Context, *ListBundlesRequest, *ListBundlesResponse) error
ListRoleAssignments(context.Context, *ListRoleAssignmentsRequest, *ListRoleAssignmentsResponse) error
AssignRoleToUser(context.Context, *AssignRoleToUserRequest, *AssignRoleToUserResponse) error
RemoveRoleFromUser(context.Context, *RemoveRoleFromUserRequest, *empty.Empty) error
}
func RegisterRoleServiceHandler(s server.Server, hdlr RoleServiceHandler, opts ...server.HandlerOption) error {
type roleService interface {
ListRoles(ctx context.Context, in *ListBundlesRequest, out *ListBundlesResponse) error
ListRoleAssignments(ctx context.Context, in *ListRoleAssignmentsRequest, out *ListRoleAssignmentsResponse) error
AssignRoleToUser(ctx context.Context, in *AssignRoleToUserRequest, out *AssignRoleToUserResponse) error
RemoveRoleFromUser(ctx context.Context, in *RemoveRoleFromUserRequest, out *empty.Empty) error
}
type RoleService struct {
roleService
}
h := &roleServiceHandler{hdlr}
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "RoleService.ListRoles",
Path: []string{"/api/v0/settings/roles-list"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "RoleService.ListRoleAssignments",
Path: []string{"/api/v0/settings/assignments-list"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "RoleService.AssignRoleToUser",
Path: []string{"/api/v0/settings/assignments-add"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "RoleService.RemoveRoleFromUser",
Path: []string{"/api/v0/settings/assignments-remove"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
return s.Handle(s.NewHandler(&RoleService{h}, opts...))
}
type roleServiceHandler struct {
RoleServiceHandler
}
func (h *roleServiceHandler) ListRoles(ctx context.Context, in *ListBundlesRequest, out *ListBundlesResponse) error {
return h.RoleServiceHandler.ListRoles(ctx, in, out)
}
func (h *roleServiceHandler) ListRoleAssignments(ctx context.Context, in *ListRoleAssignmentsRequest, out *ListRoleAssignmentsResponse) error {
return h.RoleServiceHandler.ListRoleAssignments(ctx, in, out)
}
func (h *roleServiceHandler) AssignRoleToUser(ctx context.Context, in *AssignRoleToUserRequest, out *AssignRoleToUserResponse) error {
return h.RoleServiceHandler.AssignRoleToUser(ctx, in, out)
}
func (h *roleServiceHandler) RemoveRoleFromUser(ctx context.Context, in *RemoveRoleFromUserRequest, out *empty.Empty) error {
return h.RoleServiceHandler.RemoveRoleFromUser(ctx, in, out)
}
// Api Endpoints for PermissionService service
func NewPermissionServiceEndpoints() []*api.Endpoint {
return []*api.Endpoint{
&api.Endpoint{
Name: "PermissionService.ListPermissionsByResource",
Path: []string{"/api/v0/settings/permissions-list-by-resource"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
&api.Endpoint{
Name: "PermissionService.GetPermissionByID",
Path: []string{"/api/v0/settings/permissions-get-by-id"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
},
}
}
// Client API for PermissionService service
type PermissionService interface {
ListPermissionsByResource(ctx context.Context, in *ListPermissionsByResourceRequest, opts ...client.CallOption) (*ListPermissionsByResourceResponse, error)
GetPermissionByID(ctx context.Context, in *GetPermissionByIDRequest, opts ...client.CallOption) (*GetPermissionByIDResponse, error)
}
type permissionService struct {
c client.Client
name string
}
func NewPermissionService(name string, c client.Client) PermissionService {
return &permissionService{
c: c,
name: name,
}
}
func (c *permissionService) ListPermissionsByResource(ctx context.Context, in *ListPermissionsByResourceRequest, opts ...client.CallOption) (*ListPermissionsByResourceResponse, error) {
req := c.c.NewRequest(c.name, "PermissionService.ListPermissionsByResource", in)
out := new(ListPermissionsByResourceResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *permissionService) GetPermissionByID(ctx context.Context, in *GetPermissionByIDRequest, opts ...client.CallOption) (*GetPermissionByIDResponse, error) {
req := c.c.NewRequest(c.name, "PermissionService.GetPermissionByID", in)
out := new(GetPermissionByIDResponse)
err := c.c.Call(ctx, req, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
// Server API for PermissionService service
type PermissionServiceHandler interface {
ListPermissionsByResource(context.Context, *ListPermissionsByResourceRequest, *ListPermissionsByResourceResponse) error
GetPermissionByID(context.Context, *GetPermissionByIDRequest, *GetPermissionByIDResponse) error
}
func RegisterPermissionServiceHandler(s server.Server, hdlr PermissionServiceHandler, opts ...server.HandlerOption) error {
type permissionService interface {
ListPermissionsByResource(ctx context.Context, in *ListPermissionsByResourceRequest, out *ListPermissionsByResourceResponse) error
GetPermissionByID(ctx context.Context, in *GetPermissionByIDRequest, out *GetPermissionByIDResponse) error
}
type PermissionService struct {
permissionService
}
h := &permissionServiceHandler{hdlr}
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "PermissionService.ListPermissionsByResource",
Path: []string{"/api/v0/settings/permissions-list-by-resource"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
opts = append(opts, api.WithEndpoint(&api.Endpoint{
Name: "PermissionService.GetPermissionByID",
Path: []string{"/api/v0/settings/permissions-get-by-id"},
Method: []string{"POST"},
Body: "*",
Handler: "rpc",
}))
return s.Handle(s.NewHandler(&PermissionService{h}, opts...))
}
type permissionServiceHandler struct {
PermissionServiceHandler
}
func (h *permissionServiceHandler) ListPermissionsByResource(ctx context.Context, in *ListPermissionsByResourceRequest, out *ListPermissionsByResourceResponse) error {
return h.PermissionServiceHandler.ListPermissionsByResource(ctx, in, out)
}
func (h *permissionServiceHandler) GetPermissionByID(ctx context.Context, in *GetPermissionByIDRequest, out *GetPermissionByIDResponse) error {
return h.PermissionServiceHandler.GetPermissionByID(ctx, in, out)
}

1684
settings/pkg/proto/v0/settings.pb.micro_test.go Normal file
View File

File diff suppressed because it is too large Load Diff

1933
settings/pkg/proto/v0/settings.pb.web.go Normal file
View File

File diff suppressed because it is too large Load Diff

414
settings/pkg/proto/v0/settings.proto Normal file
View File

@@ -0,0 +1,414 @@
syntax = "proto3";
package proto;
option go_package = "pkg/proto/v0;proto";
import "google/api/annotations.proto";
import "protoc-gen-swagger/options/annotations.proto";
import "google/protobuf/empty.proto";
option (grpc.gateway.protoc_gen_swagger.options.openapiv2_swagger) = {
info: {
title: "Settings";
version: "1.0";
contact: {
name: "ownCloud GmbH";
url: "https://github.com/owncloud/ocis-settings";
email: "support@owncloud.com";
};
license: {
name: "Apache-2.0";
url: "https://github.com/owncloud/ocis-settings/blob/master/LICENSE";
};
};
schemes: HTTP;
schemes: HTTPS;
consumes: "application/json";
produces: "application/json";
external_docs: {
description: "Developer Manual";
url: "http://owncloud.github.io/extensions/ocis_settings/";
};
};
service BundleService {
rpc SaveBundle(SaveBundleRequest) returns (SaveBundleResponse) {
option (google.api.http) = {
post: "/api/v0/settings/bundle-save",
body: "*"
};
}
rpc GetBundle(GetBundleRequest) returns (GetBundleResponse) {
option (google.api.http) = {
post: "/api/v0/settings/bundle-get",
body: "*"
};
}
rpc ListBundles(ListBundlesRequest) returns (ListBundlesResponse) {
option (google.api.http) = {
post: "/api/v0/settings/bundles-list",
body: "*"
};
}
rpc AddSettingToBundle(AddSettingToBundleRequest) returns (AddSettingToBundleResponse) {
option (google.api.http) = {
post: "/api/v0/settings/bundles-add-setting",
body: "*"
};
}
rpc RemoveSettingFromBundle(RemoveSettingFromBundleRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
post: "/api/v0/settings/bundles-remove-setting",
body: "*"
};
}
}
service ValueService {
rpc SaveValue(SaveValueRequest) returns (SaveValueResponse) {
option (google.api.http) = {
post: "/api/v0/settings/values-save",
body: "*"
};
}
rpc GetValue(GetValueRequest) returns (GetValueResponse) {
option (google.api.http) = {
post: "/api/v0/settings/values-get",
body: "*"
};
}
rpc ListValues(ListValuesRequest) returns (ListValuesResponse) {
option (google.api.http) = {
post: "/api/v0/settings/values-list",
body: "*"
};
}
rpc GetValueByUniqueIdentifiers(GetValueByUniqueIdentifiersRequest) returns (GetValueResponse) {
option (google.api.http) = {
post: "/api/v0/settings/values-get-by-unique-identifiers",
body: "*"
};
}
}
service RoleService {
rpc ListRoles(ListBundlesRequest) returns (ListBundlesResponse) {
option (google.api.http) = {
post: "/api/v0/settings/roles-list",
body: "*"
};
}
rpc ListRoleAssignments(ListRoleAssignmentsRequest) returns (ListRoleAssignmentsResponse) {
option (google.api.http) = {
post: "/api/v0/settings/assignments-list",
body: "*"
};
}
rpc AssignRoleToUser(AssignRoleToUserRequest) returns (AssignRoleToUserResponse) {
option (google.api.http) = {
post: "/api/v0/settings/assignments-add",
body: "*"
};
}
rpc RemoveRoleFromUser(RemoveRoleFromUserRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
post: "/api/v0/settings/assignments-remove",
body: "*"
};
}
}
service PermissionService {
rpc ListPermissionsByResource(ListPermissionsByResourceRequest) returns (ListPermissionsByResourceResponse) {
option (google.api.http) = {
post: "/api/v0/settings/permissions-list-by-resource",
body: "*"
};
}
rpc GetPermissionByID(GetPermissionByIDRequest) returns (GetPermissionByIDResponse) {
option (google.api.http) = {
post: "/api/v0/settings/permissions-get-by-id",
body: "*"
};
}
}
// ---
// requests and responses for settings bundles
// ---
message SaveBundleRequest {
Bundle bundle = 1;
}
message SaveBundleResponse {
Bundle bundle = 1;
}
message GetBundleRequest {
string bundle_id = 1;
}
message GetBundleResponse {
Bundle bundle = 1;
}
message ListBundlesRequest {
repeated string bundle_ids = 1;
}
message ListBundlesResponse {
repeated Bundle bundles = 1;
}
message AddSettingToBundleRequest {
string bundle_id = 1;
Setting setting = 2;
}
message AddSettingToBundleResponse {
Setting setting = 1;
}
message RemoveSettingFromBundleRequest {
string bundle_id = 1;
string setting_id = 2;
}
// ---
// requests and responses for settings values
// ---
message SaveValueRequest {
Value value = 1;
}
message SaveValueResponse {
ValueWithIdentifier value = 1;
}
message GetValueRequest {
string id = 1;
}
message GetValueResponse {
ValueWithIdentifier value = 1;
}
message ListValuesRequest {
string bundle_id = 1;
string account_uuid = 2;
}
message ListValuesResponse {
repeated ValueWithIdentifier values = 1;
}
message GetValueByUniqueIdentifiersRequest{
string account_uuid = 1;
string setting_id = 2;
}
message ValueWithIdentifier {
Identifier identifier = 1;
Value value = 2;
}
message Identifier {
string extension = 1;
string bundle = 2;
string setting = 3;
}
// --
// requests and responses for role assignments
// ---
message ListRoleAssignmentsRequest {
string account_uuid = 1;
}
message ListRoleAssignmentsResponse {
repeated UserRoleAssignment assignments = 1;
}
message AssignRoleToUserRequest {
string account_uuid = 1;
// the role_id is a bundle_id internally
string role_id = 2;
}
message AssignRoleToUserResponse {
UserRoleAssignment assignment = 1;
}
message RemoveRoleFromUserRequest {
string id = 1;
}
message UserRoleAssignment {
// id is generated upon saving the assignment
string id = 1;
string account_uuid = 2;
// the role_id is a bundle_id internally
string role_id = 3;
}
// --
// requests and responses for permissions
// ---
message ListPermissionsByResourceRequest {
Resource resource = 1;
}
message ListPermissionsByResourceResponse {
repeated Permission permissions = 1;
}
message GetPermissionByIDRequest {
string permission_id = 1;
}
message GetPermissionByIDResponse {
Permission permission = 1;
}
// ---
// resource payloads
// ---
message Resource {
enum Type {
TYPE_UNKNOWN = 0;
TYPE_SYSTEM = 1;
TYPE_FILE = 2;
TYPE_SHARE = 3;
TYPE_SETTING = 4;
TYPE_BUNDLE = 5;
TYPE_USER = 6;
TYPE_GROUP = 7;
}
Type type = 1;
string id = 2;
}
// ---
// payloads for bundles
// ---
message Bundle {
enum Type {
TYPE_UNKNOWN = 0;
TYPE_DEFAULT = 1;
TYPE_ROLE = 2;
}
string id = 1;
string name = 2;
Type type = 3;
string extension = 4;
string display_name = 5;
repeated Setting settings = 6;
Resource resource = 7;
}
message Setting {
string id = 1;
string name = 2;
string display_name = 3;
string description = 4;
oneof value {
Int int_value = 5;
String string_value = 6;
Bool bool_value = 7;
SingleChoiceList single_choice_value = 8;
MultiChoiceList multi_choice_value = 9;
Permission permission_value = 10;
}
Resource resource = 11;
}
message Int {
int64 default = 1;
int64 min = 2;
int64 max = 3;
int64 step = 4;
string placeholder = 5;
}
message String {
string default = 1;
bool required = 2;
int32 min_length = 3;
int32 max_length = 4;
string placeholder = 5;
}
message Bool {
bool default = 1;
string label = 2;
}
message SingleChoiceList {
repeated ListOption options = 1;
}
message MultiChoiceList {
repeated ListOption options = 1;
}
message ListOption {
ListOptionValue value = 1;
bool default = 2;
string display_value = 3;
}
message Permission {
enum Operation {
OPERATION_UNKNOWN = 0;
OPERATION_CREATE = 1;
OPERATION_READ = 2;
OPERATION_UPDATE = 3;
OPERATION_DELETE = 4;
OPERATION_WRITE = 5;// WRITE is a combination of CREATE and UPDATE
OPERATION_READWRITE = 6;// READWRITE is a combination of READ and WRITE
}
Operation operation = 1;
enum Constraint {
CONSTRAINT_UNKNOWN = 0;
CONSTRAINT_OWN = 1;
CONSTRAINT_SHARED = 2;
CONSTRAINT_ALL = 3;
}
Constraint constraint = 2;
}
// ---
// payloads for values
// ---
message Value {
// id is the id of the Value. It is generated on saving it.
string id = 1;
string bundle_id = 2;
// setting_id is the id of the setting from within its bundle.
string setting_id = 3;
string account_uuid = 4;
Resource resource = 5;
oneof value {
bool bool_value = 6;
int64 int_value = 7;
string string_value = 8;
ListValue list_value = 9;
}
}
message ListValue {
repeated ListOptionValue values = 1;
}
message ListOptionValue {
oneof option {
string string_value = 1;
int64 int_value = 2;
}
}

1113
settings/pkg/proto/v0/settings.swagger.json Normal file
View File

File diff suppressed because it is too large Load Diff

50
settings/pkg/server/debug/option.go Normal file
View File

@@ -0,0 +1,50 @@
package debug
import (
"context"
"github.com/owncloud/ocis-pkg/v2/log"
"github.com/owncloud/ocis-settings/pkg/config"
)
// Option defines a single option function.
type Option func(o *Options)
// Options defines the available options for this package.
type Options struct {
Logger log.Logger
Context context.Context
Config *config.Config
}
// newOptions initializes the available default options.
func newOptions(opts ...Option) Options {
opt := Options{}
for _, o := range opts {
o(&opt)
}
return opt
}
// Logger provides a function to set the logger option.
func Logger(val log.Logger) Option {
return func(o *Options) {
o.Logger = val
}
}
// Context provides a function to set the context option.
func Context(val context.Context) Option {
return func(o *Options) {
o.Context = val
}
}
// Config provides a function to set the config option.
func Config(val *config.Config) Option {
return func(o *Options) {
o.Config = val
}
}

51
settings/pkg/server/debug/server.go Normal file
View File

@@ -0,0 +1,51 @@
package debug
import (
"io"
"net/http"
"github.com/owncloud/ocis-pkg/v2/service/debug"
"github.com/owncloud/ocis-settings/pkg/config"
"github.com/owncloud/ocis-settings/pkg/version"
)
// Server initializes the debug service and server.
func Server(opts ...Option) (*http.Server, error) {
options := newOptions(opts...)
return debug.NewService(
debug.Logger(options.Logger),
debug.Name("settings"),
debug.Version(version.String),
debug.Address(options.Config.Debug.Addr),
debug.Token(options.Config.Debug.Token),
debug.Pprof(options.Config.Debug.Pprof),
debug.Zpages(options.Config.Debug.Zpages),
debug.Health(health(options.Config)),
debug.Ready(ready(options.Config)),
), nil
}
// health implements the health check.
func health(cfg *config.Config) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/plain")
w.WriteHeader(http.StatusOK)
// TODO(tboerger): check if services are up and running
_, _ = io.WriteString(w, http.StatusText(http.StatusOK))
}
}
// ready implements the ready check.
func ready(cfg *config.Config) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/plain")
w.WriteHeader(http.StatusOK)
// TODO(tboerger): check if services are up and running
_, _ = io.WriteString(w, http.StatusText(http.StatusOK))
}
}

76
settings/pkg/server/grpc/option.go Normal file
View File

@@ -0,0 +1,76 @@
package grpc
import (
"context"
"github.com/micro/cli/v2"
"github.com/owncloud/ocis-pkg/v2/log"
"github.com/owncloud/ocis-settings/pkg/config"
"github.com/owncloud/ocis-settings/pkg/metrics"
)
// Option defines a single option function.
type Option func(o *Options)
// Options defines the available options for this package.
type Options struct {
Name string
Logger log.Logger
Context context.Context
Config *config.Config
Metrics *metrics.Metrics
Flags []cli.Flag
}
// newOptions initializes the available default options.
func newOptions(opts ...Option) Options {
opt := Options{}
for _, o := range opts {
o(&opt)
}
return opt
}
// Logger provides a function to set the logger option.
func Logger(val log.Logger) Option {
return func(o *Options) {
o.Logger = val
}
}
// Name provides a name for the service.
func Name(val string) Option {
return func(o *Options) {
o.Name = val
}
}
// Context provides a function to set the context option.
func Context(val context.Context) Option {
return func(o *Options) {
o.Context = val
}
}
// Config provides a function to set the config option.
func Config(val *config.Config) Option {
return func(o *Options) {
o.Config = val
}
}
// Metrics provides a function to set the metrics option.
func Metrics(val *metrics.Metrics) Option {
return func(o *Options) {
o.Metrics = val
}
}
// Flags provides a function to set the flags option.
func Flags(val []cli.Flag) Option {
return func(o *Options) {
o.Flags = append(o.Flags, val...)
}
}

40
settings/pkg/server/grpc/server.go Normal file
View File

@@ -0,0 +1,40 @@
package grpc
import (
"github.com/owncloud/ocis-pkg/v2/service/grpc"
"github.com/owncloud/ocis-settings/pkg/proto/v0"
svc "github.com/owncloud/ocis-settings/pkg/service/v0"
"github.com/owncloud/ocis-settings/pkg/version"
)
// Server initializes a new go-micro service ready to run
func Server(opts ...Option) grpc.Service {
options := newOptions(opts...)
service := grpc.NewService(
grpc.Logger(options.Logger),
grpc.Name(options.Name),
grpc.Version(version.String),
grpc.Address(options.Config.GRPC.Addr),
grpc.Namespace(options.Config.GRPC.Namespace),
grpc.Context(options.Context),
grpc.Flags(options.Flags...),
)
handle := svc.NewService(options.Config, options.Logger)
if err := proto.RegisterBundleServiceHandler(service.Server(), handle); err != nil {
options.Logger.Fatal().Err(err).Msg("could not register Bundle service handler")
}
if err := proto.RegisterValueServiceHandler(service.Server(), handle); err != nil {
options.Logger.Fatal().Err(err).Msg("could not register Value service handler")
}
if err := proto.RegisterRoleServiceHandler(service.Server(), handle); err != nil {
options.Logger.Fatal().Err(err).Msg("could not register Role service handler")
}
if err := proto.RegisterPermissionServiceHandler(service.Server(), handle); err != nil {
options.Logger.Fatal().Err(err).Msg("could not register Permission service handler")
}
service.Init()
return service
}

76
settings/pkg/server/http/option.go Normal file
View File

@@ -0,0 +1,76 @@
package http
import (
"context"
"github.com/micro/cli/v2"
"github.com/owncloud/ocis-pkg/v2/log"
"github.com/owncloud/ocis-settings/pkg/config"
"github.com/owncloud/ocis-settings/pkg/metrics"
)
// Option defines a single option function.
type Option func(o *Options)
// Options defines the available options for this package.
type Options struct {
Name string
Logger log.Logger
Context context.Context
Config *config.Config
Metrics *metrics.Metrics
Flags []cli.Flag
}
// newOptions initializes the available default options.
func newOptions(opts ...Option) Options {
opt := Options{}
for _, o := range opts {
o(&opt)
}
return opt
}
// Logger provides a function to set the logger option.
func Logger(val log.Logger) Option {
return func(o *Options) {
o.Logger = val
}
}
// Name provides a name for the service.
func Name(val string) Option {
return func(o *Options) {
o.Name = val
}
}
// Context provides a function to set the context option.
func Context(val context.Context) Option {
return func(o *Options) {
o.Context = val
}
}
// Config provides a function to set the config option.
func Config(val *config.Config) Option {
return func(o *Options) {
o.Config = val
}
}
// Metrics provides a function to set the metrics option.
func Metrics(val *metrics.Metrics) Option {
return func(o *Options) {
o.Metrics = val
}
}
// Flags provides a function to set the flags option.
func Flags(val []cli.Flag) Option {
return func(o *Options) {
o.Flags = append(o.Flags, val...)
}
}

81
settings/pkg/server/http/server.go Normal file
View File

@@ -0,0 +1,81 @@
package http
import (
"github.com/go-chi/chi"
"github.com/owncloud/ocis-pkg/v2/account"
"github.com/owncloud/ocis-pkg/v2/middleware"
"github.com/owncloud/ocis-pkg/v2/service/http"
"github.com/owncloud/ocis-settings/pkg/assets"
"github.com/owncloud/ocis-settings/pkg/proto/v0"
svc "github.com/owncloud/ocis-settings/pkg/service/v0"
"github.com/owncloud/ocis-settings/pkg/version"
)
// Server initializes the http service and server.
func Server(opts ...Option) http.Service {
options := newOptions(opts...)
service := http.NewService(
http.Logger(options.Logger),
http.Name(options.Name),
http.Version(version.String),
http.Address(options.Config.HTTP.Addr),
http.Namespace(options.Config.HTTP.Namespace),
http.Context(options.Context),
http.Flags(options.Flags...),
)
handle := svc.NewService(options.Config, options.Logger)
{
handle = svc.NewInstrument(handle, options.Metrics)
handle = svc.NewLogging(handle, options.Logger)
handle = svc.NewTracing(handle)
}
mux := chi.NewMux()
mux.Use(middleware.RealIP)
mux.Use(middleware.RequestID)
mux.Use(middleware.Cache)
mux.Use(middleware.Cors)
mux.Use(middleware.Secure)
mux.Use(middleware.ExtractAccountUUID(
account.Logger(options.Logger),
account.JWTSecret(options.Config.TokenManager.JWTSecret)),
)
mux.Use(middleware.Version(
options.Name,
version.String,
))
mux.Use(middleware.Logger(
options.Logger,
))
mux.Use(middleware.Static(
options.Config.HTTP.Root,
assets.New(
assets.Logger(options.Logger),
assets.Config(options.Config),
),
))
mux.Route(options.Config.HTTP.Root, func(r chi.Router) {
proto.RegisterBundleServiceWeb(r, handle)
proto.RegisterValueServiceWeb(r, handle)
proto.RegisterRoleServiceWeb(r, handle)
proto.RegisterPermissionServiceWeb(r, handle)
})
service.Handle(
"/",
mux,
)
if err := service.Init(); err != nil {
panic(err)
}
return service
}

13
settings/pkg/service/v0/instrument.go Normal file
View File

@@ -0,0 +1,13 @@
package svc
import (
"github.com/owncloud/ocis-settings/pkg/metrics"
)
// NewInstrument returns a service that instruments metrics.
func NewInstrument(next Service, metrics *metrics.Metrics) Service {
return Service{
manager: next.manager,
config: next.config,
}
}

13
settings/pkg/service/v0/logging.go Normal file
View File

@@ -0,0 +1,13 @@
package svc
import (
"github.com/owncloud/ocis-pkg/v2/log"
)
// NewLogging returns a service that logs messages.
func NewLogging(next Service, logger log.Logger) Service {
return Service{
manager: next.manager,
config: next.config,
}
}

39
settings/pkg/service/v0/option.go Normal file
View File

@@ -0,0 +1,39 @@
package svc
import (
"net/http"
"github.com/owncloud/ocis-pkg/v2/log"
"github.com/owncloud/ocis-settings/pkg/config"
)
// Option defines a single option function.
type Option func(o *Options)
// Options defines the available options for this package.
type Options struct {
Logger log.Logger
Config *config.Config
Middleware []func(http.Handler) http.Handler
}
// Logger provides a function to set the logger option.
func Logger(val log.Logger) Option {
return func(o *Options) {
o.Logger = val
}
}
// Config provides a function to set the config option.
func Config(val *config.Config) Option {
return func(o *Options) {
o.Config = val
}
}
// Middleware provides a function to set the middleware option.
func Middleware(val ...func(http.Handler) http.Handler) Option {
return func(o *Options) {
o.Middleware = val
}
}

57
settings/pkg/service/v0/permissions.go Normal file
View File

@@ -0,0 +1,57 @@
package svc
import "github.com/owncloud/ocis-settings/pkg/proto/v0"
func (g Service) hasPermission(
roleIDs []string,
resource *proto.Resource,
operations []proto.Permission_Operation,
constraint proto.Permission_Constraint,
) bool {
permissions, err := g.manager.ListPermissionsByResource(resource, roleIDs)
if err != nil {
g.logger.Debug().Err(err).
Str("resource-type", resource.Type.String()).
Str("resource-id", resource.Id).
Msg("permissions could not be loaded for resource")
return false
}
permissions = getFilteredPermissionsByOperations(permissions, operations)
return isConstraintFulfilled(permissions, constraint)
}
// filterPermissionsByOperations returns the subset of the given permissions, where at least one of the given operations is fulfilled.
func getFilteredPermissionsByOperations(permissions []*proto.Permission, operations []proto.Permission_Operation) []*proto.Permission {
var filteredPermissions []*proto.Permission
for _, permission := range permissions {
if isAnyOperationFulfilled(permission, operations) {
filteredPermissions = append(filteredPermissions, permission)
}
}
return filteredPermissions
}
// isAnyOperationFulfilled checks if the permissions is about any of the operations
func isAnyOperationFulfilled(permission *proto.Permission, operations []proto.Permission_Operation) bool {
for _, operation := range operations {
if operation == permission.Operation {
return true
}
}
return false
}
// isConstraintFulfilled checks if one of the permissions has the same or a parent of the constraint.
// this is only a comparison on ENUM level. More sophisticated checks cannot happen here...
func isConstraintFulfilled(permissions []*proto.Permission, constraint proto.Permission_Constraint) bool {
for _, permission := range permissions {
// comparing enum by order is not a feasible solution, because `SHARED` is not a superset of `OWN`.
if permission.Constraint == proto.Permission_CONSTRAINT_ALL {
return true
}
if permission.Constraint != proto.Permission_CONSTRAINT_UNKNOWN && permission.Constraint == constraint {
return true
}
}
return false
}

388
settings/pkg/service/v0/service.go Normal file
View File

@@ -0,0 +1,388 @@
package svc
import (
"context"
"fmt"
"github.com/golang/protobuf/ptypes/empty"
merrors "github.com/micro/go-micro/v2/errors"
"github.com/micro/go-micro/v2/metadata"
"github.com/owncloud/ocis-pkg/v2/log"
"github.com/owncloud/ocis-pkg/v2/middleware"
"github.com/owncloud/ocis-pkg/v2/roles"
"github.com/owncloud/ocis-settings/pkg/config"
"github.com/owncloud/ocis-settings/pkg/proto/v0"
"github.com/owncloud/ocis-settings/pkg/settings"
store "github.com/owncloud/ocis-settings/pkg/store/filesystem"
)
// Service represents a service.
type Service struct {
id string
config *config.Config
logger log.Logger
manager settings.Manager
}
// NewService returns a service implementation for Service.
func NewService(cfg *config.Config, logger log.Logger) Service {
service := Service{
id: "ocis-settings",
config: cfg,
logger: logger,
manager: store.New(cfg),
}
service.RegisterDefaultRoles()
return service
}
// RegisterDefaultRoles composes default roles and saves them. Skipped if the roles already exist.
func (g Service) RegisterDefaultRoles() {
// FIXME: we're writing default roles per service start (i.e. twice at the moment, for http and grpc server). has to happen only once.
for _, role := range generateBundlesDefaultRoles() {
bundleID := role.Extension + "." + role.Id
// check if the role already exists
bundle, _ := g.manager.ReadBundle(role.Id)
if bundle != nil {
g.logger.Debug().Str("bundleID", bundleID).Msg("bundle already exists. skipping.")
continue
}
// create the role
_, err := g.manager.WriteBundle(role)
if err != nil {
g.logger.Error().Err(err).Str("bundleID", bundleID).Msg("failed to register bundle")
}
g.logger.Debug().Str("bundleID", bundleID).Msg("successfully registered bundle")
}
}
// TODO: check permissions on every request
// SaveBundle implements the BundleServiceHandler interface
func (g Service) SaveBundle(c context.Context, req *proto.SaveBundleRequest, res *proto.SaveBundleResponse) error {
cleanUpResource(c, req.Bundle.Resource)
if validationError := validateSaveBundle(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
r, err := g.manager.WriteBundle(req.Bundle)
if err != nil {
return merrors.BadRequest(g.id, "%s", err)
}
res.Bundle = r
return nil
}
// GetBundle implements the BundleServiceHandler interface
func (g Service) GetBundle(c context.Context, req *proto.GetBundleRequest, res *proto.GetBundleResponse) error {
if validationError := validateGetBundle(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
bundle, err := g.manager.ReadBundle(req.BundleId)
if err != nil {
return merrors.NotFound(g.id, "%s", err)
}
filteredBundle := g.getFilteredBundle(g.getRoleIDs(c), bundle)
if len(filteredBundle.Settings) == 0 {
err = fmt.Errorf("could not read bundle: %s", req.BundleId)
return merrors.NotFound(g.id, "%s", err)
}
res.Bundle = filteredBundle
return nil
}
// ListBundles implements the BundleServiceHandler interface
func (g Service) ListBundles(c context.Context, req *proto.ListBundlesRequest, res *proto.ListBundlesResponse) error {
// fetch all bundles
if validationError := validateListBundles(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
bundles, err := g.manager.ListBundles(proto.Bundle_TYPE_DEFAULT, req.BundleIds)
if err != nil {
return merrors.NotFound(g.id, "%s", err)
}
roleIDs := g.getRoleIDs(c)
// filter settings in bundles that are allowed according to roles
var filteredBundles []*proto.Bundle
for _, bundle := range bundles {
filteredBundle := g.getFilteredBundle(roleIDs, bundle)
if len(filteredBundle.Settings) > 0 {
filteredBundles = append(filteredBundles, filteredBundle)
}
}
res.Bundles = filteredBundles
return nil
}
func (g Service) getFilteredBundle(roleIDs []string, bundle *proto.Bundle) *proto.Bundle {
// check if full bundle is whitelisted
bundleResource := &proto.Resource{
Type: proto.Resource_TYPE_BUNDLE,
Id: bundle.Id,
}
if g.hasPermission(
roleIDs,
bundleResource,
[]proto.Permission_Operation{proto.Permission_OPERATION_READ, proto.Permission_OPERATION_READWRITE},
proto.Permission_CONSTRAINT_OWN,
) {
return bundle
}
// filter settings based on permissions
var filteredSettings []*proto.Setting
for _, setting := range bundle.Settings {
settingResource := &proto.Resource{
Type: proto.Resource_TYPE_SETTING,
Id: setting.Id,
}
if g.hasPermission(
roleIDs,
settingResource,
[]proto.Permission_Operation{proto.Permission_OPERATION_READ, proto.Permission_OPERATION_READWRITE},
proto.Permission_CONSTRAINT_OWN,
) {
filteredSettings = append(filteredSettings, setting)
}
}
bundle.Settings = filteredSettings
return bundle
}
// AddSettingToBundle implements the BundleServiceHandler interface
func (g Service) AddSettingToBundle(c context.Context, req *proto.AddSettingToBundleRequest, res *proto.AddSettingToBundleResponse) error {
cleanUpResource(c, req.Setting.Resource)
if validationError := validateAddSettingToBundle(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
r, err := g.manager.AddSettingToBundle(req.BundleId, req.Setting)
if err != nil {
return merrors.BadRequest(g.id, "%s", err)
}
res.Setting = r
return nil
}
// RemoveSettingFromBundle implements the BundleServiceHandler interface
func (g Service) RemoveSettingFromBundle(c context.Context, req *proto.RemoveSettingFromBundleRequest, _ *empty.Empty) error {
if validationError := validateRemoveSettingFromBundle(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
if err := g.manager.RemoveSettingFromBundle(req.BundleId, req.SettingId); err != nil {
return merrors.BadRequest(g.id, "%s", err)
}
return nil
}
// SaveValue implements the ValueServiceHandler interface
func (g Service) SaveValue(c context.Context, req *proto.SaveValueRequest, res *proto.SaveValueResponse) error {
req.Value.AccountUuid = getValidatedAccountUUID(c, req.Value.AccountUuid)
cleanUpResource(c, req.Value.Resource)
// TODO: we need to check, if the authenticated user has permission to write the value for the specified resource (e.g. global, file with id xy, ...)
if validationError := validateSaveValue(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
r, err := g.manager.WriteValue(req.Value)
if err != nil {
return merrors.BadRequest(g.id, "%s", err)
}
valueWithIdentifier, err := g.getValueWithIdentifier(r)
if err != nil {
return merrors.NotFound(g.id, "%s", err)
}
res.Value = valueWithIdentifier
return nil
}
// GetValue implements the ValueServiceHandler interface
func (g Service) GetValue(c context.Context, req *proto.GetValueRequest, res *proto.GetValueResponse) error {
if validationError := validateGetValue(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
r, err := g.manager.ReadValue(req.Id)
if err != nil {
return merrors.NotFound(g.id, "%s", err)
}
valueWithIdentifier, err := g.getValueWithIdentifier(r)
if err != nil {
return merrors.NotFound(g.id, "%s", err)
}
res.Value = valueWithIdentifier
return nil
}
// GetValueByUniqueIdentifiers implements the ValueService interface
func (g Service) GetValueByUniqueIdentifiers(ctx context.Context, req *proto.GetValueByUniqueIdentifiersRequest, res *proto.GetValueResponse) error {
if validationError := validateGetValueByUniqueIdentifiers(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
v, err := g.manager.ReadValueByUniqueIdentifiers(req.AccountUuid, req.SettingId)
if err != nil {
return merrors.NotFound(g.id, "%s", err)
}
if v.BundleId != "" {
valueWithIdentifier, err := g.getValueWithIdentifier(v)
if err != nil {
return merrors.NotFound(g.id, "%s", err)
}
res.Value = valueWithIdentifier
}
return nil
}
// ListValues implements the ValueServiceHandler interface
func (g Service) ListValues(c context.Context, req *proto.ListValuesRequest, res *proto.ListValuesResponse) error {
req.AccountUuid = getValidatedAccountUUID(c, req.AccountUuid)
if validationError := validateListValues(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
r, err := g.manager.ListValues(req.BundleId, req.AccountUuid)
if err != nil {
return merrors.NotFound(g.id, "%s", err)
}
var result []*proto.ValueWithIdentifier
for _, value := range r {
valueWithIdentifier, err := g.getValueWithIdentifier(value)
if err == nil {
result = append(result, valueWithIdentifier)
}
}
res.Values = result
return nil
}
// ListRoles implements the RoleServiceHandler interface
func (g Service) ListRoles(c context.Context, req *proto.ListBundlesRequest, res *proto.ListBundlesResponse) error {
//accountUUID := getValidatedAccountUUID(c, "me")
if validationError := validateListRoles(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
r, err := g.manager.ListBundles(proto.Bundle_TYPE_ROLE, req.BundleIds)
if err != nil {
return merrors.NotFound(g.id, "%s", err)
}
// TODO: only allow to list roles when user has account/role/... management permissions
res.Bundles = r
return nil
}
// ListRoleAssignments implements the RoleServiceHandler interface
func (g Service) ListRoleAssignments(c context.Context, req *proto.ListRoleAssignmentsRequest, res *proto.ListRoleAssignmentsResponse) error {
req.AccountUuid = getValidatedAccountUUID(c, req.AccountUuid)
if validationError := validateListRoleAssignments(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
r, err := g.manager.ListRoleAssignments(req.AccountUuid)
if err != nil {
return merrors.NotFound(g.id, "%s", err)
}
res.Assignments = r
return nil
}
// AssignRoleToUser implements the RoleServiceHandler interface
func (g Service) AssignRoleToUser(c context.Context, req *proto.AssignRoleToUserRequest, res *proto.AssignRoleToUserResponse) error {
req.AccountUuid = getValidatedAccountUUID(c, req.AccountUuid)
if validationError := validateAssignRoleToUser(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
r, err := g.manager.WriteRoleAssignment(req.AccountUuid, req.RoleId)
if err != nil {
return merrors.BadRequest(g.id, "%s", err)
}
res.Assignment = r
return nil
}
// RemoveRoleFromUser implements the RoleServiceHandler interface
func (g Service) RemoveRoleFromUser(c context.Context, req *proto.RemoveRoleFromUserRequest, _ *empty.Empty) error {
if validationError := validateRemoveRoleFromUser(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
if err := g.manager.RemoveRoleAssignment(req.Id); err != nil {
return merrors.BadRequest(g.id, "%s", err)
}
return nil
}
// ListPermissionsByResource implements the PermissionServiceHandler interface
func (g Service) ListPermissionsByResource(c context.Context, req *proto.ListPermissionsByResourceRequest, res *proto.ListPermissionsByResourceResponse) error {
if validationError := validateListPermissionsByResource(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
permissions, err := g.manager.ListPermissionsByResource(req.Resource, g.getRoleIDs(c))
if err != nil {
return merrors.BadRequest(g.id, "%s", err)
}
res.Permissions = permissions
return nil
}
// GetPermissionByID implements the PermissionServiceHandler interface
func (g Service) GetPermissionByID(c context.Context, req *proto.GetPermissionByIDRequest, res *proto.GetPermissionByIDResponse) error {
if validationError := validateGetPermissionByID(req); validationError != nil {
return merrors.BadRequest(g.id, "%s", validationError)
}
permission, err := g.manager.ReadPermissionByID(req.PermissionId, g.getRoleIDs(c))
if err != nil {
return merrors.BadRequest(g.id, "%s", err)
}
if permission == nil {
return merrors.NotFound(g.id, "%s", fmt.Errorf("permission %s not found in roles", req.PermissionId))
}
res.Permission = permission
return nil
}
// cleanUpResource makes sure that the account uuid of the authenticated user is injected if needed.
func cleanUpResource(c context.Context, resource *proto.Resource) {
if resource != nil && resource.Type == proto.Resource_TYPE_USER {
resource.Id = getValidatedAccountUUID(c, resource.Id)
}
}
// getValidatedAccountUUID converts `me` into an actual account uuid from the context, if possible.
// the result of this function will always be a valid lower-case UUID or an empty string.
func getValidatedAccountUUID(c context.Context, accountUUID string) string {
if accountUUID == "me" {
if ownAccountUUID, ok := metadata.Get(c, middleware.AccountID); ok {
accountUUID = ownAccountUUID
}
}
if accountUUID == "me" {
// no matter what happens above, an accountUUID of `me` must not be passed on. Clear it instead.
accountUUID = ""
}
return accountUUID
}
// getRoleIDs extracts the roleIDs of the authenticated user from the context.
func (g Service) getRoleIDs(c context.Context) []string {
if ownRoleIDs, ok := roles.ReadRoleIDsFromContext(c); ok {
return ownRoleIDs
}
return []string{}
}
func (g Service) getValueWithIdentifier(value *proto.Value) (*proto.ValueWithIdentifier, error) {
bundle, err := g.manager.ReadBundle(value.BundleId)
if err != nil {
return nil, err
}
setting, err := g.manager.ReadSetting(value.SettingId)
if err != nil {
return nil, err
}
return &proto.ValueWithIdentifier{
Identifier: &proto.Identifier{
Extension: bundle.Extension,
Bundle: bundle.Name,
Setting: setting.Name,
},
Value: value,
}, nil
}

61
settings/pkg/service/v0/service_test.go Normal file
View File

@@ -0,0 +1,61 @@
package svc
import (
"context"
"testing"
"github.com/micro/go-micro/v2/metadata"
"github.com/owncloud/ocis-pkg/v2/middleware"
"github.com/stretchr/testify/assert"
)
var (
ctxWithUUID = metadata.Set(context.Background(), middleware.AccountID, "61445573-4dbe-4d56-88dc-88ab47aceba7")
ctxWithEmptyUUID = metadata.Set(context.Background(), middleware.AccountID, "")
emptyCtx = context.Background()
scenarios = []struct {
name string
accountUUID string
ctx context.Context
expect string
}{
{
name: "context with UUID; identifier = 'me'",
ctx: ctxWithUUID,
accountUUID: "me",
expect: "61445573-4dbe-4d56-88dc-88ab47aceba7",
},
{
name: "context with empty UUID; identifier = 'me'",
ctx: ctxWithEmptyUUID,
accountUUID: "me",
expect: "",
},
{
name: "context without UUID; identifier = 'me'",
ctx: emptyCtx,
accountUUID: "me",
expect: "",
},
{
name: "context with UUID; identifier not 'me'",
ctx: ctxWithUUID,
accountUUID: "",
expect: "",
},
}
)
func TestGetValidatedAccountUUID(t *testing.T) {
for _, s := range scenarios {
scenario := s
t.Run(scenario.name, func(t *testing.T) {
got := getValidatedAccountUUID(scenario.ctx, scenario.accountUUID)
assert.NotPanics(t, func() {
getValidatedAccountUUID(emptyCtx, scenario.accountUUID)
})
assert.Equal(t, scenario.expect, got)
})
}
}

65
settings/pkg/service/v0/settings.go Normal file
View File

@@ -0,0 +1,65 @@
package svc
import settings "github.com/owncloud/ocis-settings/pkg/proto/v0"
const (
// BundleUUIDRoleAdmin represents the admin role
BundleUUIDRoleAdmin = "71881883-1768-46bd-a24d-a356a2afdf7f"
// BundleUUIDRoleUser represents the user role.
BundleUUIDRoleUser = "d7beeea8-8ff4-406b-8fb6-ab2dd81e6b11"
// BundleUUIDRoleGuest represents the guest role.
BundleUUIDRoleGuest = "38071a68-456a-4553-846a-fa67bf5596cc"
)
// generateBundlesDefaultRoles bootstraps the default roles.
func generateBundlesDefaultRoles() []*settings.Bundle {
return []*settings.Bundle{
generateBundleAdminRole(),
generateBundleUserRole(),
generateBundleGuestRole(),
}
}
func generateBundleAdminRole() *settings.Bundle {
return &settings.Bundle{
Id: BundleUUIDRoleAdmin,
Name: "admin",
Type: settings.Bundle_TYPE_ROLE,
Extension: "ocis-roles",
DisplayName: "Admin",
Resource: &settings.Resource{
Type: settings.Resource_TYPE_SYSTEM,
},
Settings: []*settings.Setting{},
}
}
func generateBundleUserRole() *settings.Bundle {
return &settings.Bundle{
Id: BundleUUIDRoleUser,
Name: "user",
Type: settings.Bundle_TYPE_ROLE,
Extension: "ocis-roles",
DisplayName: "User",
Resource: &settings.Resource{
Type: settings.Resource_TYPE_SYSTEM,
},
Settings: []*settings.Setting{},
}
}
func generateBundleGuestRole() *settings.Bundle {
return &settings.Bundle{
Id: BundleUUIDRoleGuest,
Name: "guest",
Type: settings.Bundle_TYPE_ROLE,
Extension: "ocis-roles",
DisplayName: "Guest",
Resource: &settings.Resource{
Type: settings.Resource_TYPE_SYSTEM,
},
Settings: []*settings.Setting{},
}
}

9
settings/pkg/service/v0/tracing.go Normal file
View File

@@ -0,0 +1,9 @@
package svc
// NewTracing returns a service that instruments traces.
func NewTracing(next Service) Service {
return Service{
manager: next.manager,
config: next.config,
}
}

163
settings/pkg/service/v0/validator.go Normal file
View File

@@ -0,0 +1,163 @@
package svc
import (
"regexp"
validation "github.com/go-ozzo/ozzo-validation/v4"
"github.com/go-ozzo/ozzo-validation/v4/is"
"github.com/owncloud/ocis-settings/pkg/proto/v0"
)
var (
regexForAccountUUID = regexp.MustCompile(`^[A-Za-z0-9\-_.+@]+$`)
requireAccountID = []validation.Rule{
// use rule for validation error message consistency (".. must not be blank" on empty strings)
validation.Required,
validation.Match(regexForAccountUUID),
}
regexForKeys = regexp.MustCompile(`^[A-Za-z0-9\-_]*$`)
requireAlphanumeric = []validation.Rule{
validation.Required,
validation.Match(regexForKeys),
}
)
func validateSaveBundle(req *proto.SaveBundleRequest) error {
if err := validation.ValidateStruct(
req.Bundle,
validation.Field(&req.Bundle.Id, validation.When(req.Bundle.Id != "", is.UUID)),
validation.Field(&req.Bundle.Name, requireAlphanumeric...),
validation.Field(&req.Bundle.Type, validation.NotIn(proto.Bundle_TYPE_UNKNOWN)),
validation.Field(&req.Bundle.Extension, requireAlphanumeric...),
validation.Field(&req.Bundle.DisplayName, validation.Required),
validation.Field(&req.Bundle.Settings, validation.Required),
); err != nil {
return err
}
if err := validateResource(req.Bundle.Resource); err != nil {
return err
}
for i := range req.Bundle.Settings {
if err := validateSetting(req.Bundle.Settings[i]); err != nil {
return err
}
}
return nil
}
func validateGetBundle(req *proto.GetBundleRequest) error {
return validation.Validate(&req.BundleId, is.UUID)
}
func validateListBundles(req *proto.ListBundlesRequest) error {
return nil
}
func validateAddSettingToBundle(req *proto.AddSettingToBundleRequest) error {
if err := validation.ValidateStruct(req, validation.Field(&req.BundleId, is.UUID)); err != nil {
return err
}
return validateSetting(req.Setting)
}
func validateRemoveSettingFromBundle(req *proto.RemoveSettingFromBundleRequest) error {
return validation.ValidateStruct(
req,
validation.Field(&req.BundleId, is.UUID),
validation.Field(&req.SettingId, is.UUID),
)
}
func validateSaveValue(req *proto.SaveValueRequest) error {
if err := validation.ValidateStruct(
req.Value,
validation.Field(&req.Value.Id, validation.When(req.Value.Id != "", is.UUID)),
validation.Field(&req.Value.BundleId, is.UUID),
validation.Field(&req.Value.SettingId, is.UUID),
validation.Field(&req.Value.AccountUuid, requireAccountID...),
); err != nil {
return err
}
if err := validateResource(req.Value.Resource); err != nil {
return err
}
// TODO: validate values against the respective setting. need to check if constraints of the setting are fulfilled.
return nil
}
func validateGetValue(req *proto.GetValueRequest) error {
return validation.Validate(req.Id, is.UUID)
}
func validateGetValueByUniqueIdentifiers(req *proto.GetValueByUniqueIdentifiersRequest) error {
return validation.ValidateStruct(
req,
validation.Field(&req.SettingId, is.UUID),
validation.Field(&req.AccountUuid, requireAccountID...),
)
}
func validateListValues(req *proto.ListValuesRequest) error {
return validation.ValidateStruct(
req,
validation.Field(&req.BundleId, validation.When(req.BundleId != "", is.UUID)),
validation.Field(&req.AccountUuid, validation.When(req.AccountUuid != "", validation.Match(regexForAccountUUID))),
)
}
func validateListRoles(req *proto.ListBundlesRequest) error {
return nil
}
func validateListRoleAssignments(req *proto.ListRoleAssignmentsRequest) error {
return validation.Validate(req.AccountUuid, requireAccountID...)
}
func validateAssignRoleToUser(req *proto.AssignRoleToUserRequest) error {
return validation.ValidateStruct(
req,
validation.Field(&req.AccountUuid, requireAccountID...),
validation.Field(&req.RoleId, is.UUID),
)
}
func validateRemoveRoleFromUser(req *proto.RemoveRoleFromUserRequest) error {
return validation.ValidateStruct(
req,
validation.Field(&req.Id, is.UUID),
)
}
func validateListPermissionsByResource(req *proto.ListPermissionsByResourceRequest) error {
return validateResource(req.Resource)
}
func validateGetPermissionByID(req *proto.GetPermissionByIDRequest) error {
return validation.ValidateStruct(
req,
validation.Field(&req.PermissionId, requireAlphanumeric...),
)
}
// validateResource is an internal helper for validating the content of a resource.
func validateResource(resource *proto.Resource) error {
if err := validation.Validate(&resource, validation.Required); err != nil {
return err
}
return validation.Validate(&resource, validation.NotIn(proto.Resource_TYPE_UNKNOWN))
}
// validateSetting is an internal helper for validating the content of a setting.
func validateSetting(setting *proto.Setting) error {
// TODO: make sanity checks, like for int settings, min <= default <= max.
if err := validation.ValidateStruct(
setting,
validation.Field(&setting.Id, validation.When(setting.Id != "", is.UUID)),
validation.Field(&setting.Name, requireAlphanumeric...),
); err != nil {
return err
}
return validateResource(setting.Resource)
}

53
settings/pkg/settings/settings.go Normal file
View File

@@ -0,0 +1,53 @@
package settings
import (
"github.com/owncloud/ocis-settings/pkg/config"
"github.com/owncloud/ocis-settings/pkg/proto/v0"
)
var (
// Registry uses the strategy pattern as a registry
Registry = map[string]RegisterFunc{}
)
// RegisterFunc stores store constructors
type RegisterFunc func(*config.Config) Manager
// Manager combines service interfaces for abstraction of storage implementations
type Manager interface {
BundleManager
ValueManager
RoleAssignmentManager
PermissionManager
}
// BundleManager is a bundle service interface for abstraction of storage implementations
type BundleManager interface {
ListBundles(bundleType proto.Bundle_Type, bundleIDs []string) ([]*proto.Bundle, error)
ReadBundle(bundleID string) (*proto.Bundle, error)
WriteBundle(bundle *proto.Bundle) (*proto.Bundle, error)
ReadSetting(settingID string) (*proto.Setting, error)
AddSettingToBundle(bundleID string, setting *proto.Setting) (*proto.Setting, error)
RemoveSettingFromBundle(bundleID, settingID string) error
}
// ValueManager is a value service interface for abstraction of storage implementations
type ValueManager interface {
ListValues(bundleID, accountUUID string) ([]*proto.Value, error)
ReadValue(valueID string) (*proto.Value, error)
ReadValueByUniqueIdentifiers(accountUUID, settingID string) (*proto.Value, error)
WriteValue(value *proto.Value) (*proto.Value, error)
}
// RoleAssignmentManager is a role assignment service interface for abstraction of storage implementations
type RoleAssignmentManager interface {
ListRoleAssignments(accountUUID string) ([]*proto.UserRoleAssignment, error)
WriteRoleAssignment(accountUUID, roleID string) (*proto.UserRoleAssignment, error)
RemoveRoleAssignment(assignmentID string) error
}
// PermissionManager is a permissions service interface for abstraction of storage implementations
type PermissionManager interface {
ListPermissionsByResource(resource *proto.Resource, roleIDs []string) ([]*proto.Permission, error)
ReadPermissionByID(permissionID string, roleIDs []string) (*proto.Permission, error)
}

67
settings/pkg/store/filesystem/assignments.go Normal file
View File

@@ -0,0 +1,67 @@
// Package store implements the go-micro store interface
package store
import (
"io/ioutil"
"os"
"path/filepath"
"github.com/gofrs/uuid"
"github.com/owncloud/ocis-settings/pkg/proto/v0"
)
// ListRoleAssignments loads and returns all role assignments matching the given assignment identifier.
func (s Store) ListRoleAssignments(accountUUID string) ([]*proto.UserRoleAssignment, error) {
var records []*proto.UserRoleAssignment
assignmentsFolder := s.buildFolderPathForRoleAssignments(false)
assignmentFiles, err := ioutil.ReadDir(assignmentsFolder)
if err != nil {
return records, nil
}
for _, assignmentFile := range assignmentFiles {
record := proto.UserRoleAssignment{}
err = s.parseRecordFromFile(&record, filepath.Join(assignmentsFolder, assignmentFile.Name()))
if err == nil {
if record.AccountUuid == accountUUID {
records = append(records, &record)
}
}
}
return records, nil
}
// WriteRoleAssignment appends the given role assignment to the existing assignments of the respective account.
func (s Store) WriteRoleAssignment(accountUUID, roleID string) (*proto.UserRoleAssignment, error) {
// as per https://github.com/owncloud/product/issues/103 "Each user can have exactly one role"
list, err := s.ListRoleAssignments(accountUUID)
if err != nil {
return nil, err
}
if len(list) > 0 {
filePath := s.buildFilePathForRoleAssignment(list[0].Id, true)
if err := os.Remove(filePath); err != nil {
return nil, err
}
}
assignment := &proto.UserRoleAssignment{
Id: uuid.Must(uuid.NewV4()).String(),
AccountUuid: accountUUID,
RoleId: roleID,
}
filePath := s.buildFilePathForRoleAssignment(assignment.Id, true)
if err := s.writeRecordToFile(assignment, filePath); err != nil {
return nil, err
}
s.Logger.Debug().Msgf("request contents written to file: %v", filePath)
return assignment, nil
}
// RemoveRoleAssignment deletes the given role assignment from the existing assignments of the respective account.
func (s Store) RemoveRoleAssignment(assignmentID string) error {
filePath := s.buildFilePathForRoleAssignment(assignmentID, false)
return os.Remove(filePath)
}

178
settings/pkg/store/filesystem/assignments_test.go Normal file
View File

@@ -0,0 +1,178 @@
package store
import (
"errors"
"log"
"os"
"path/filepath"
"testing"
olog "github.com/owncloud/ocis-pkg/v2/log"
"github.com/owncloud/ocis-settings/pkg/proto/v0"
"github.com/stretchr/testify/assert"
)
var (
einstein = "a4d07560-a670-4be9-8d60-9b547751a208"
//marie = "3c054db3-eec1-4ca4-b985-bc56dcf560cb"
s = Store{
dataPath: dataRoot,
Logger: logger,
}
logger = olog.NewLogger(
olog.Color(true),
olog.Pretty(true),
olog.Level("info"),
)
bundles = []*proto.Bundle{
{
Id: "f36db5e6-a03c-40df-8413-711c67e40b47",
Type: proto.Bundle_TYPE_ROLE,
DisplayName: "test role - reads | update",
Name: "TEST_ROLE",
Extension: "ocis-settings",
Resource: &proto.Resource{
Type: proto.Resource_TYPE_BUNDLE,
},
Settings: []*proto.Setting{
{
Name: "update",
Value: &proto.Setting_PermissionValue{
PermissionValue: &proto.Permission{
Operation: proto.Permission_OPERATION_UPDATE,
},
},
},
{
Name: "read",
Value: &proto.Setting_PermissionValue{
PermissionValue: &proto.Permission{
Operation: proto.Permission_OPERATION_READ,
},
},
},
},
},
{
Id: "44f1a664-0a7f-461a-b0be-5b59e46bbc7a",
Type: proto.Bundle_TYPE_ROLE,
DisplayName: "another",
Name: "ANOTHER_TEST_ROLE",
Extension: "ocis-settings",
Resource: &proto.Resource{
Type: proto.Resource_TYPE_BUNDLE,
},
Settings: []*proto.Setting{
{
Name: "read",
Value: &proto.Setting_PermissionValue{
PermissionValue: &proto.Permission{
Operation: proto.Permission_OPERATION_READ,
},
},
},
},
},
}
)
func init() {
setupRoles()
}
func setupRoles() {
for i := range bundles {
if _, err := s.WriteBundle(bundles[i]); err != nil {
log.Fatal(err)
}
}
}
func TestAssignmentUniqueness(t *testing.T) {
var scenarios = []struct {
name string
userID string
firstRole string
secondRole string
}{
{
"roles assignments",
einstein,
"f36db5e6-a03c-40df-8413-711c67e40b47",
"44f1a664-0a7f-461a-b0be-5b59e46bbc7a",
},
}
for _, scenario := range scenarios {
scenario := scenario
t.Run(scenario.name, func(t *testing.T) {
firstAssignment, err := s.WriteRoleAssignment(scenario.userID, scenario.firstRole)
assert.NoError(t, err)
assert.Equal(t, firstAssignment.RoleId, scenario.firstRole)
assert.FileExists(t, filepath.Join(dataRoot, "assignments", firstAssignment.Id+".json"))
list, err := s.ListRoleAssignments(scenario.userID)
assert.NoError(t, err)
assert.Equal(t, 1, len(list))
// creating another assignment shouldn't add another entry, as we support max one role per user.
secondAssignment, err := s.WriteRoleAssignment(scenario.userID, scenario.secondRole)
assert.NoError(t, err)
assert.Equal(t, 1, len(list))
// assigning the second role should remove the old file and create a new one.
list, err = s.ListRoleAssignments(scenario.userID)
assert.NoError(t, err)
assert.Equal(t, 1, len(list))
assert.Equal(t, secondAssignment.RoleId, scenario.secondRole)
assert.NoFileExists(t, filepath.Join(dataRoot, "assignments", firstAssignment.Id+".json"))
assert.FileExists(t, filepath.Join(dataRoot, "assignments", secondAssignment.Id+".json"))
})
}
burnRoot()
}
func TestDeleteAssignment(t *testing.T) {
var scenarios = []struct {
name string
userID string
firstRole string
secondRole string
}{
{
"roles assignments",
einstein,
"f36db5e6-a03c-40df-8413-711c67e40b47",
"44f1a664-0a7f-461a-b0be-5b59e46bbc7a",
},
}
for _, scenario := range scenarios {
scenario := scenario
t.Run(scenario.name, func(t *testing.T) {
assignment, err := s.WriteRoleAssignment(scenario.userID, scenario.firstRole)
assert.NoError(t, err)
assert.Equal(t, assignment.RoleId, scenario.firstRole)
assert.FileExists(t, filepath.Join(dataRoot, "assignments", assignment.Id+".json"))
list, err := s.ListRoleAssignments(scenario.userID)
assert.NoError(t, err)
assert.Equal(t, 1, len(list))
err = s.RemoveRoleAssignment(assignment.Id)
assert.NoError(t, err)
list, err = s.ListRoleAssignments(scenario.userID)
assert.NoError(t, err)
assert.Equal(t, 0, len(list))
err = s.RemoveRoleAssignment(assignment.Id)
merr := &os.PathError{}
assert.Equal(t, true, errors.As(err, &merr))
})
}
burnRoot()
}

174
settings/pkg/store/filesystem/bundles.go Normal file
View File

@@ -0,0 +1,174 @@
// Package store implements the go-micro store interface
package store
import (
"fmt"
"io/ioutil"
"path/filepath"
"sync"
"github.com/gofrs/uuid"
"github.com/owncloud/ocis-settings/pkg/proto/v0"
)
var m = &sync.RWMutex{}
// ListBundles returns all bundles in the dataPath folder that match the given type.
func (s Store) ListBundles(bundleType proto.Bundle_Type, bundleIDs []string) ([]*proto.Bundle, error) {
// FIXME: list requests should be ran against a cache, not FS
m.RLock()
defer m.RUnlock()
bundlesFolder := s.buildFolderPathForBundles(false)
bundleFiles, err := ioutil.ReadDir(bundlesFolder)
if err != nil {
return []*proto.Bundle{}, nil
}
records := make([]*proto.Bundle, 0, len(bundleFiles))
for _, bundleFile := range bundleFiles {
record := proto.Bundle{}
err = s.parseRecordFromFile(&record, filepath.Join(bundlesFolder, bundleFile.Name()))
if err != nil {
s.Logger.Warn().Msgf("error reading %v", bundleFile)
continue
}
if record.Type != bundleType {
continue
}
if len(bundleIDs) > 0 && !containsStr(record.Id, bundleIDs) {
continue
}
records = append(records, &record)
}
return records, nil
}
// containsStr checks if the strs slice contains str
func containsStr(str string, strs []string) bool {
for _, s := range strs {
if s == str {
return true
}
}
return false
}
// ReadBundle tries to find a bundle by the given id within the dataPath.
func (s Store) ReadBundle(bundleID string) (*proto.Bundle, error) {
m.RLock()
defer m.RUnlock()
filePath := s.buildFilePathForBundle(bundleID, false)
record := proto.Bundle{}
if err := s.parseRecordFromFile(&record, filePath); err != nil {
return nil, err
}
s.Logger.Debug().Msgf("read contents from file: %v", filePath)
return &record, nil
}
// ReadSetting tries to find a setting by the given id within the dataPath.
func (s Store) ReadSetting(settingID string) (*proto.Setting, error) {
m.RLock()
defer m.RUnlock()
bundles, err := s.ListBundles(proto.Bundle_TYPE_DEFAULT, []string{})
if err != nil {
return nil, err
}
for _, bundle := range bundles {
for _, setting := range bundle.Settings {
if setting.Id == settingID {
return setting, nil
}
}
}
return nil, fmt.Errorf("could not read setting: %v", settingID)
}
// WriteBundle writes the given record into a file within the dataPath.
func (s Store) WriteBundle(record *proto.Bundle) (*proto.Bundle, error) {
// FIXME: locking should happen on the file here, not globally.
m.Lock()
defer m.Unlock()
if record.Id == "" {
record.Id = uuid.Must(uuid.NewV4()).String()
}
filePath := s.buildFilePathForBundle(record.Id, true)
if err := s.writeRecordToFile(record, filePath); err != nil {
return nil, err
}
s.Logger.Debug().Msgf("request contents written to file: %v", filePath)
return record, nil
}
// AddSettingToBundle adds the given setting to the bundle with the given bundleID.
func (s Store) AddSettingToBundle(bundleID string, setting *proto.Setting) (*proto.Setting, error) {
bundle, err := s.ReadBundle(bundleID)
if err != nil {
return nil, err
}
if setting.Id == "" {
setting.Id = uuid.Must(uuid.NewV4()).String()
}
setSetting(bundle, setting)
_, err = s.WriteBundle(bundle)
if err != nil {
return nil, err
}
return setting, nil
}
// RemoveSettingFromBundle removes the setting from the bundle with the given ids.
func (s Store) RemoveSettingFromBundle(bundleID string, settingID string) error {
bundle, err := s.ReadBundle(bundleID)
if err != nil {
return nil
}
if ok := removeSetting(bundle, settingID); ok {
if _, err := s.WriteBundle(bundle); err != nil {
return err
}
}
return nil
}
// indexOfSetting finds the index of the given setting within the given bundle.
// returns -1 if the setting was not found.
func indexOfSetting(bundle *proto.Bundle, settingID string) int {
for index := range bundle.Settings {
s := bundle.Settings[index]
if s.Id == settingID {
return index
}
}
return -1
}
// setSetting will append or overwrite the given setting within the given bundle
func setSetting(bundle *proto.Bundle, setting *proto.Setting) {
m.Lock()
defer m.Unlock()
index := indexOfSetting(bundle, setting.Id)
if index == -1 {
bundle.Settings = append(bundle.Settings, setting)
} else {
bundle.Settings[index] = setting
}
}
// removeSetting will remove the given setting from the given bundle
func removeSetting(bundle *proto.Bundle, settingID string) bool {
m.Lock()
defer m.Unlock()
index := indexOfSetting(bundle, settingID)
if index == -1 {
return false
}
bundle.Settings = append(bundle.Settings[:index], bundle.Settings[index+1:]...)
return true
}

155
settings/pkg/store/filesystem/bundles_test.go Normal file
View File

@@ -0,0 +1,155 @@
package store
import (
"testing"
olog "github.com/owncloud/ocis-pkg/v2/log"
"github.com/owncloud/ocis-settings/pkg/proto/v0"
"github.com/stretchr/testify/assert"
)
var bundleScenarios = []struct {
name string
bundle *proto.Bundle
}{
{
name: "generic-test-file-resource",
bundle: &proto.Bundle{
Id: bundle1,
Type: proto.Bundle_TYPE_DEFAULT,
Extension: extension1,
DisplayName: "test1",
Resource: &proto.Resource{
Type: proto.Resource_TYPE_FILE,
Id: "beep",
},
Settings: []*proto.Setting{
{
Id: setting1,
Description: "test-desc-1",
DisplayName: "test-displayname-1",
Resource: &proto.Resource{
Type: proto.Resource_TYPE_FILE,
Id: "bleep",
},
Value: &proto.Setting_IntValue{
IntValue: &proto.Int{
Min: 0,
Max: 42,
},
},
},
},
},
},
{
name: "generic-test-system-resource",
bundle: &proto.Bundle{
Id: bundle2,
Type: proto.Bundle_TYPE_DEFAULT,
Extension: extension2,
DisplayName: "test1",
Resource: &proto.Resource{
Type: proto.Resource_TYPE_SYSTEM,
},
Settings: []*proto.Setting{
{
Id: setting2,
Description: "test-desc-2",
DisplayName: "test-displayname-2",
Resource: &proto.Resource{
Type: proto.Resource_TYPE_SYSTEM,
},
Value: &proto.Setting_IntValue{
IntValue: &proto.Int{
Min: 0,
Max: 42,
},
},
},
},
},
},
{
name: "generic-test-role-bundle",
bundle: &proto.Bundle{
Id: bundle3,
Type: proto.Bundle_TYPE_ROLE,
Extension: extension1,
DisplayName: "Role1",
Resource: &proto.Resource{
Type: proto.Resource_TYPE_SYSTEM,
},
Settings: []*proto.Setting{
{
Id: setting3,
Description: "test-desc-3",
DisplayName: "test-displayname-3",
Resource: &proto.Resource{
Type: proto.Resource_TYPE_SETTING,
Id: setting1,
},
Value: &proto.Setting_PermissionValue{
PermissionValue: &proto.Permission{
Operation: proto.Permission_OPERATION_READ,
Constraint: proto.Permission_CONSTRAINT_OWN,
},
},
},
},
},
},
}
func TestBundles(t *testing.T) {
s := Store{
dataPath: dataRoot,
Logger: olog.NewLogger(
olog.Color(true),
olog.Pretty(true),
olog.Level("info"),
),
}
// write bundles
for i := range bundleScenarios {
index := i
t.Run(bundleScenarios[index].name, func(t *testing.T) {
filePath := s.buildFilePathForBundle(bundleScenarios[index].bundle.Id, true)
if err := s.writeRecordToFile(bundleScenarios[index].bundle, filePath); err != nil {
t.Error(err)
}
assert.FileExists(t, filePath)
})
}
// check that ListBundles only returns bundles with type DEFAULT
bundles, err := s.ListBundles(proto.Bundle_TYPE_DEFAULT, []string{})
if err != nil {
t.Error(err)
}
for i := range bundles {
assert.Equal(t, proto.Bundle_TYPE_DEFAULT, bundles[i].Type)
}
// check that ListBundles filtered by an id only returns that bundle
filteredBundles, err := s.ListBundles(proto.Bundle_TYPE_DEFAULT, []string{bundle2})
if err != nil {
t.Error(err)
}
assert.Equal(t, 1, len(filteredBundles))
if len(filteredBundles) == 1 {
assert.Equal(t, bundle2, filteredBundles[0].Id)
}
// check that ListRoles only returns bundles with type ROLE
roles, err := s.ListBundles(proto.Bundle_TYPE_ROLE, []string{})
if err != nil {
t.Error(err)
}
for i := range roles {
assert.Equal(t, proto.Bundle_TYPE_ROLE, roles[i].Type)
}
burnRoot()
}

39
settings/pkg/store/filesystem/io.go Normal file
View File

@@ -0,0 +1,39 @@
package store
import (
"os"
"github.com/golang/protobuf/jsonpb"
"github.com/golang/protobuf/proto"
)
// Unmarshal file into record
func (s Store) parseRecordFromFile(record proto.Message, filePath string) error {
file, err := os.Open(filePath)
if err != nil {
return err
}
defer file.Close()
decoder := jsonpb.Unmarshaler{}
if err = decoder.Unmarshal(file, record); err != nil {
return err
}
return nil
}
// Marshal record into file
func (s Store) writeRecordToFile(record proto.Message, filePath string) error {
file, err := os.Create(filePath)
if err != nil {
return err
}
defer file.Close()
encoder := jsonpb.Marshaler{}
if err = encoder.Marshal(file, record); err != nil {
return err
}
return nil
}

65
settings/pkg/store/filesystem/paths.go Normal file
View File

@@ -0,0 +1,65 @@
package store
import (
"os"
"path/filepath"
)
const folderNameBundles = "bundles"
const folderNameValues = "values"
const folderNameAssignments = "assignments"
// buildFolderPathForBundles builds the folder path for storing settings bundles. If mkdir is true, folders in the path will be created if necessary.
func (s Store) buildFolderPathForBundles(mkdir bool) string {
folderPath := filepath.Join(s.dataPath, folderNameBundles)
if mkdir {
s.ensureFolderExists(folderPath)
}
return folderPath
}
// buildFilePathForBundle builds a unique file name from the given params. If mkdir is true, folders in the path will be created if necessary.
func (s Store) buildFilePathForBundle(bundleID string, mkdir bool) string {
extensionFolder := s.buildFolderPathForBundles(mkdir)
return filepath.Join(extensionFolder, bundleID+".json")
}
// buildFolderPathForValues builds the folder path for storing settings values. If mkdir is true, folders in the path will be created if necessary.
func (s Store) buildFolderPathForValues(mkdir bool) string {
folderPath := filepath.Join(s.dataPath, folderNameValues)
if mkdir {
s.ensureFolderExists(folderPath)
}
return folderPath
}
// buildFilePathForValue builds a unique file name from the given params. If mkdir is true, folders in the path will be created if necessary.
func (s Store) buildFilePathForValue(valueID string, mkdir bool) string {
extensionFolder := s.buildFolderPathForValues(mkdir)
return filepath.Join(extensionFolder, valueID+".json")
}
// buildFolderPathForRoleAssignments builds the folder path for storing role assignments. If mkdir is true, folders in the path will be created if necessary.
func (s Store) buildFolderPathForRoleAssignments(mkdir bool) string {
roleAssignmentsFolder := filepath.Join(s.dataPath, folderNameAssignments)
if mkdir {
s.ensureFolderExists(roleAssignmentsFolder)
}
return roleAssignmentsFolder
}
// buildFilePathForRoleAssignment builds a unique file name from the given params. If mkdir is true, folders in the path will be created if necessary.
func (s Store) buildFilePathForRoleAssignment(assignmentID string, mkdir bool) string {
roleAssignmentsFolder := s.buildFolderPathForRoleAssignments(mkdir)
return filepath.Join(roleAssignmentsFolder, assignmentID+".json")
}
// ensureFolderExists checks if the given path is an existing folder and creates one if not existing
func (s Store) ensureFolderExists(path string) {
if _, err := os.Stat(path); os.IsNotExist(err) {
err = os.MkdirAll(path, 0700)
if err != nil {
s.Logger.Err(err).Msgf("Error creating folder %v", path)
}
}
}

52
settings/pkg/store/filesystem/permissions.go Normal file
View File

@@ -0,0 +1,52 @@
package store
import (
"github.com/owncloud/ocis-settings/pkg/proto/v0"
"github.com/owncloud/ocis-settings/pkg/util"
)
// ListPermissionsByResource collects all permissions from the provided roleIDs that match the requested resource
func (s Store) ListPermissionsByResource(resource *proto.Resource, roleIDs []string) ([]*proto.Permission, error) {
records := make([]*proto.Permission, 0)
for _, roleID := range roleIDs {
role, err := s.ReadBundle(roleID)
if err != nil {
s.Logger.Debug().Str("roleID", roleID).Msg("role not found, skipping")
continue
}
records = append(records, extractPermissionsByResource(resource, role)...)
}
return records, nil
}
// ReadPermissionByID finds the permission in the roles, specified by the provided roleIDs
func (s Store) ReadPermissionByID(permissionID string, roleIDs []string) (*proto.Permission, error) {
for _, roleID := range roleIDs {
role, err := s.ReadBundle(roleID)
if err != nil {
s.Logger.Debug().Str("roleID", roleID).Msg("role not found, skipping")
continue
}
for _, permission := range role.Settings {
if permission.Id == permissionID {
if value, ok := permission.Value.(*proto.Setting_PermissionValue); ok {
return value.PermissionValue, nil
}
}
}
}
return nil, nil
}
// extractPermissionsByResource collects all permissions from the provided role that match the requested resource
func extractPermissionsByResource(resource *proto.Resource, role *proto.Bundle) []*proto.Permission {
permissions := make([]*proto.Permission, 0)
for _, setting := range role.Settings {
if value, ok := setting.Value.(*proto.Setting_PermissionValue); ok {
if util.IsResourceMatched(setting.Resource, resource) {
permissions = append(permissions, value.PermissionValue)
}
}
}
return permissions
}

49
settings/pkg/store/filesystem/store.go Normal file
View File

@@ -0,0 +1,49 @@
// Package store implements the go-micro store interface
package store
import (
"os"
olog "github.com/owncloud/ocis-pkg/v2/log"
"github.com/owncloud/ocis-settings/pkg/config"
"github.com/owncloud/ocis-settings/pkg/settings"
)
var (
// Name is the default name for the settings store
Name = "ocis-settings"
managerName = "filesystem"
)
// Store interacts with the filesystem to manage settings information
type Store struct {
dataPath string
Logger olog.Logger
}
// New creates a new store
func New(cfg *config.Config) settings.Manager {
s := Store{
Logger: olog.NewLogger(
olog.Color(cfg.Log.Color),
olog.Pretty(cfg.Log.Pretty),
olog.Level(cfg.Log.Level),
),
}
if _, err := os.Stat(cfg.Storage.DataPath); err != nil {
s.Logger.Info().Msgf("creating container on %v", cfg.Storage.DataPath)
err := os.MkdirAll(cfg.Storage.DataPath, 0700)
if err != nil {
s.Logger.Err(err).Msgf("providing container on %v", cfg.Storage.DataPath)
}
}
s.dataPath = cfg.Storage.DataPath
return &s
}
func init() {
settings.Registry[managerName] = New
}

39
settings/pkg/store/filesystem/store_test.go Normal file
View File

@@ -0,0 +1,39 @@
package store
import (
"os"
"path/filepath"
)
const (
// account UUIDs
accountUUID1 = "c4572da7-6142-4383-8fc6-efde3d463036"
//accountUUID2 = "e11f9769-416a-427d-9441-41a0e51391d7"
//accountUUID3 = "633ecd77-1980-412a-8721-bf598a330bb4"
// extension names
extension1 = "test-extension-1"
extension2 = "test-extension-2"
// bundle ids
bundle1 = "2f06addf-4fd2-49d5-8f71-00fbd3a3ec47"
bundle2 = "2d745744-749c-4286-8e92-74a24d8331c5"
bundle3 = "d8fd27d1-c00b-4794-a658-416b756a72ff"
// setting ids
setting1 = "c7ebbc8b-d15a-4f2e-9d7d-d6a4cf858d1a"
setting2 = "3fd9a3d9-20b7-40d4-9294-b22bb5868c10"
setting3 = "24bb9535-3df4-42f1-a622-7c0562bec99f"
// value ids
value1 = "fd3b6221-dc13-4a22-824d-2480495f1cdb"
value2 = "2a0bd9b0-ca1d-491a-8c56-d2ddfd68ded8"
//value3 = "b42702d2-5e4d-4d73-b133-e1f9e285355e"
dataRoot = "/var/tmp/herecomesthesun"
)
func burnRoot() {
os.RemoveAll(filepath.Join(dataRoot, "values"))
os.RemoveAll(filepath.Join(dataRoot, "bundles"))
}

109
settings/pkg/store/filesystem/values.go Normal file
View File

@@ -0,0 +1,109 @@
// Package store implements the go-micro store interface
package store
import (
"fmt"
"io/ioutil"
"path/filepath"
"github.com/gofrs/uuid"
"github.com/owncloud/ocis-settings/pkg/proto/v0"
)
// ListValues reads all values that match the given bundleId and accountUUID.
// If the bundleId is empty, it's ignored for filtering.
// If the accountUUID is empty, only values with empty accountUUID are returned.
// If the accountUUID is not empty, values with an empty or with a matching accountUUID are returned.
func (s Store) ListValues(bundleID, accountUUID string) ([]*proto.Value, error) {
valuesFolder := s.buildFolderPathForValues(false)
valueFiles, err := ioutil.ReadDir(valuesFolder)
if err != nil {
return []*proto.Value{}, nil
}
records := make([]*proto.Value, 0, len(valueFiles))
for _, valueFile := range valueFiles {
record := proto.Value{}
err := s.parseRecordFromFile(&record, filepath.Join(valuesFolder, valueFile.Name()))
if err != nil {
s.Logger.Warn().Msgf("error reading %v", valueFile)
continue
}
if bundleID != "" && record.BundleId != bundleID {
continue
}
// if requested accountUUID empty -> fetch all system level values
if accountUUID == "" && record.AccountUuid != "" {
continue
}
// if requested accountUUID empty -> fetch all individual + all system level values
if accountUUID != "" && record.AccountUuid != "" && record.AccountUuid != accountUUID {
continue
}
records = append(records, &record)
}
return records, nil
}
// ReadValue tries to find a value by the given valueId within the dataPath
func (s Store) ReadValue(valueID string) (*proto.Value, error) {
filePath := s.buildFilePathForValue(valueID, false)
record := proto.Value{}
if err := s.parseRecordFromFile(&record, filePath); err != nil {
return nil, err
}
s.Logger.Debug().Msgf("read contents from file: %v", filePath)
return &record, nil
}
// ReadValueByUniqueIdentifiers tries to find a value given a set of unique identifiers
func (s Store) ReadValueByUniqueIdentifiers(accountUUID, settingID string) (*proto.Value, error) {
valuesFolder := s.buildFolderPathForValues(false)
files, err := ioutil.ReadDir(valuesFolder)
if err != nil {
return nil, err
}
for i := range files {
if !files[i].IsDir() {
r := proto.Value{}
s.Logger.Debug().Msgf("reading contents from file: %v", filepath.Join(valuesFolder, files[i].Name()))
if err := s.parseRecordFromFile(&r, filepath.Join(valuesFolder, files[i].Name())); err != nil {
s.Logger.Debug().Msgf("match found: %v", filepath.Join(valuesFolder, files[i].Name()))
return &proto.Value{}, nil
}
// if value saved without accountUUID, then it's a global value
if r.AccountUuid == "" && r.SettingId == settingID {
return &r, nil
}
// if value saved with accountUUID, then it's a user specific value
if r.AccountUuid == accountUUID && r.SettingId == settingID {
return &r, nil
}
}
}
return nil, fmt.Errorf("could not read value by settingID=%v and accountID=%v", settingID, accountUUID)
}
// WriteValue writes the given value into a file within the dataPath
func (s Store) WriteValue(value *proto.Value) (*proto.Value, error) {
s.Logger.Debug().Str("value", value.String()).Msg("writing value")
if value.Id == "" {
value.Id = uuid.Must(uuid.NewV4()).String()
}
// modify value depending on associated resource
if value.Resource.Type == proto.Resource_TYPE_SYSTEM {
value.AccountUuid = ""
}
// write the value
filePath := s.buildFilePathForValue(value.Id, true)
if err := s.writeRecordToFile(value, filePath); err != nil {
return nil, err
}
return value, nil
}

Some files were not shown because too many files have changed in this diff Show More