Merge pull request #7973 from aduffeck/ocm-access

[full-ci] Ocm access

services/frontend/pkg/config/config.go

@@ -142,6 +142,7 @@ type OCS struct {
 	ListOCMShares                        bool               `yaml:"list_ocm_shares" env:"FRONTEND_OCS_LIST_OCM_SHARES" desc:"Include OCM shares when listing shares. See the OCM service documentation for more details."`
 	PublicShareMustHavePassword          bool               `yaml:"public_sharing_share_must_have_password" env:"OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords on all public shares."`
 	WriteablePublicShareMustHavePassword bool               `yaml:"public_sharing_writeableshare_must_have_password" env:"OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares."`
+	IncludeOCMSharees                    bool               `yaml:"include_ocm_sharees" env:"FRONTEND_OCS_INCLUDE_OCM_SHAREES" desc:"Include OCM sharees when listing sharees."`
 }
 
 type CacheWarmupDrivers struct {

services/frontend/pkg/config/defaults/defaultconfig.go

@@ -117,6 +117,7 @@ func DefaultConfig() *config.Config {
 			StatCacheTTL:                300 * time.Second,
 			ListOCMShares:               true,
 			PublicShareMustHavePassword: true,
+			IncludeOCMSharees:           false,
 		},
 		Middleware: config.Middleware{
 			Auth: config.Auth{

services/frontend/pkg/revaconfig/config.go

@@ -347,6 +347,7 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 							"productversion": version.GetString(),
 						},
 					},
+					"include_ocm_sharees": cfg.OCS.IncludeOCMSharees,
 				},
 			},
 		},

services/gateway/pkg/revaconfig/config.go

@@ -185,6 +185,18 @@ func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[strin
 				},
 			},
 		},
+		cfg.OCMEndpoint: {
+			"providerid": utils.OCMStorageProviderID,
+			"spaces": map[string]interface{}{
+				"grant": map[string]interface{}{
+					"mount_point": ".",
+				},
+				"mountpoint": map[string]interface{}{
+					"mount_point":   "/ocm",
+					"path_template": "/ocm/{{.Space.Root.OpaqueId}}",
+				},
+			},
+		},
 		// medatada storage not part of the global namespace
 	}
 }

services/ocm/pkg/config/config.go

@@ -31,6 +31,7 @@ type Config struct {
 	OCMProviderAuthorizerDrivers OCMProviderAuthorizerDrivers `yaml:"ocm_provider_authorizer_drivers"`
 	OCMShareProvider             OCMShareProvider             `yaml:"ocm_share_provider"`
 	OCMCore                      OCMCore                      `yaml:"ocm_core"`
+	OCMStorageProvider           OCMStorageProvider           `yaml:"ocm_storage_provider"`
 
 	Supervised bool            `yaml:"-"`
 	Context    context.Context `yaml:"-"`
@@ -72,7 +73,8 @@ type GRPCConfig struct {
 }
 
 type ScienceMesh struct {
-	Prefix string `yaml:"prefix" env:"OCM_SCIENCEMESH_PREFIX" desc:"URL path prefix for the ScienceMesh service. Note that the string must not start with '/'."`
+	Prefix           string `yaml:"prefix" env:"OCM_SCIENCEMESH_PREFIX" desc:"URL path prefix for the ScienceMesh service. Note that the string must not start with '/'."`
+	MeshDirectoryURL string `yaml:"science_mesh_directory_url" env:"OCM_MESH_DIRECTORY_URL" desc:"URL of the mesh directory service."`
 }
 
 type OCMD struct {
@@ -107,6 +109,10 @@ type OCMCore struct {
 	Driver  string         `yaml:"driver" env:"OCM_OCM_CORE_DRIVER" desc:"Driver to be used for the OCM core. Supported value is only 'json'."`
 	Drivers OCMCoreDrivers `yaml:"drivers"`
 }
+type OCMStorageProvider struct {
+	Insecure    bool   `yaml:"insecure" env:"OCM_OCM_STORAGE_PROVIDER_INSECURE" desc:"Disable TLS certificate validation for the OCM connections. Do not set this in production environments."`
+	StorageRoot string `yaml:"storage_root" env:"OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT" desc:"Directory where the ocm storage provider persists its data like tus upload info files."`
+}
 
 type OCMCoreDrivers struct {
 	JSON OCMCoreJSONDriver `yaml:"json"`
@@ -117,9 +123,10 @@ type OCMCoreJSONDriver struct {
 }
 
 type OCMShareProvider struct {
-	Driver   string                  `yaml:"driver" env:"OCM_OCM_SHARE_PROVIDER_DRIVER" desc:"Driver to be used for the OCM share provider. Supported value is only 'json'."`
-	Drivers  OCMShareProviderDrivers `yaml:"drivers"`
-	Insecure bool                    `yaml:"insecure" env:"OCM_OCM_SHARE_PROVIDER_INSECURE" desc:"Disable TLS certificate validation for the OCM connections. Do not set this in production environments."`
+	Driver         string                  `yaml:"driver" env:"OCM_OCM_SHARE_PROVIDER_DRIVER" desc:"Driver to be used for the OCM share provider. Supported value is only 'json'."`
+	Drivers        OCMShareProviderDrivers `yaml:"drivers"`
+	Insecure       bool                    `yaml:"insecure" env:"OCM_OCM_SHARE_PROVIDER_INSECURE" desc:"Disable TLS certificate validation for the OCM connections. Do not set this in production environments."`
+	WebappTemplate string                  `yaml:"webapp_template" env:"OCM_WEBAPP_TEMPLATE" desc:"Template for the webapp url."`
 }
 
 type OCMShareProviderDrivers struct {

services/ocm/pkg/config/defaults/defaultconfig.go

@@ -94,7 +94,7 @@ func DefaultConfig() *config.Config {
 			Driver: "json",
 			Drivers: config.OCMInviteManagerDrivers{
 				JSON: config.OCMInviteManagerJSONDriver{
-					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocminvites.json"),
+					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocm", "ocminvites.json"),
 				},
 			},
 			Insecure: false,
@@ -102,14 +102,14 @@ func DefaultConfig() *config.Config {
 		OCMProviderAuthorizerDriver: "json",
 		OCMProviderAuthorizerDrivers: config.OCMProviderAuthorizerDrivers{
 			JSON: config.OCMProviderAuthorizerJSONDriver{
-				Providers: filepath.Join(defaults.BaseDataPath(), "storage", "ocmproviders.json"),
+				Providers: filepath.Join(defaults.BaseDataPath(), "storage", "ocm", "ocmproviders.json"),
 			},
 		},
 		OCMShareProvider: config.OCMShareProvider{
 			Driver: "json",
 			Drivers: config.OCMShareProviderDrivers{
 				JSON: config.OCMShareProviderJSONDriver{
-					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocmshares.json"),
+					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocm", "ocmshares.json"),
 				},
 			},
 			Insecure: false,
@@ -118,10 +118,14 @@ func DefaultConfig() *config.Config {
 			Driver: "json",
 			Drivers: config.OCMCoreDrivers{
 				JSON: config.OCMCoreJSONDriver{
-					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocmshares.json"),
+					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocm", "ocmshares.json"),
 				},
 			},
 		},
+		OCMStorageProvider: config.OCMStorageProvider{
+			Insecure:    false,
+			StorageRoot: filepath.Join(defaults.BaseDataPath(), "storage", "ocm"),
+		},
 	}
 }
 

services/ocm/pkg/revaconfig/config.go

@@ -43,7 +43,7 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 					"prefix":             cfg.ScienceMesh.Prefix,
 					"smtp_credentials":   map[string]string{},
 					"gatewaysvc":         cfg.Reva.Address,
-					"mesh_directory_url": cfg.Commons.OcisURL,
+					"mesh_directory_url": cfg.ScienceMesh.MeshDirectoryURL,
 					"provider_domain":    cfg.Commons.OcisURL,
 				},
 				"ocmd": map[string]interface{}{
@@ -51,6 +51,32 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 					"gatewaysvc":                    cfg.Reva.Address,
 					"expose_recipient_display_name": cfg.OCMD.ExposeRecipientDisplayName,
 				},
+				"dataprovider": map[string]interface{}{
+					"prefix": "data",
+					"driver": "ocmreceived",
+					"drivers": map[string]interface{}{
+						"ocmreceived": map[string]interface{}{
+							"insecure": cfg.OCMStorageProvider.Insecure,
+						},
+					},
+					"data_txs": map[string]interface{}{
+						"simple": map[string]interface{}{
+							"cache_store":    "noop",
+							"cache_database": "system",
+							"cache_table":    "stat",
+						},
+						"spaces": map[string]interface{}{
+							"cache_store":    "noop",
+							"cache_database": "system",
+							"cache_table":    "stat",
+						},
+						"tus": map[string]interface{}{
+							"cache_store":    "noop",
+							"cache_database": "system",
+							"cache_table":    "stat",
+						},
+					},
+				},
 			},
 		},
 		"grpc": map[string]interface{}{
@@ -91,6 +117,7 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 					"gatewaysvc":      cfg.Reva.Address,
 					"provider_domain": cfg.Commons.OcisURL,
 					"webdav_endpoint": cfg.Commons.OcisURL,
+					"webapp_template": cfg.OCMShareProvider.WebappTemplate,
 					"client_insecure": cfg.OCMShareProvider.Insecure,
 				},
 				"ocmcore": map[string]interface{}{
@@ -101,6 +128,16 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 						},
 					},
 				},
+				"storageprovider": map[string]interface{}{
+					"driver": "ocmreceived",
+					"drivers": map[string]interface{}{
+						"ocmreceived": map[string]interface{}{
+							"insecure":     cfg.OCMStorageProvider.Insecure,
+							"storage_root": cfg.OCMStorageProvider.StorageRoot,
+						},
+					},
+					"data_server_url": "http://" + cfg.HTTP.Addr + "/data",
+				},
 				"authprovider": map[string]interface{}{
 					"auth_manager": "ocmshares",
 					"auth_managers": map[string]interface{}{

services/proxy/pkg/middleware/authentication.go

@@ -25,6 +25,7 @@ var (
 
 	_publicPaths = [...]string{
 		"/dav/public-files/",
+		"/remote.php/dav/ocm/",
 		"/dav/ocm/",
 		"/ocm/",
 		"/remote.php/dav/public-files/",