shares role mapping

cs3org · Jul 26, 2024 · d4057d4 · d4057d4
1 parent 24e8f9b
commit d4057d4
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 59 deletions.
diff --git a/internal/http/services/owncloud/ocgraph/roles.go b/internal/http/services/owncloud/ocgraph/roles.go
@@ -25,7 +25,6 @@ import (
 	"net/http"
 
 	"github.com/cs3org/reva/pkg/appctx"
-	libregraph "github.com/owncloud/libre-graph-api-go"
 )
 
 func (s *svc) getRoleDefinitions(w http.ResponseWriter, r *http.Request) {
@@ -36,14 +35,3 @@ func (s *svc) getRoleDefinitions(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 }
-
-func GetBuiltinRoleDefinitionList() []*libregraph.UnifiedRoleDefinition {
-	return []*libregraph.UnifiedRoleDefinition{
-		NewViewerUnifiedRole(),
-		NewSpaceViewerUnifiedRole(),
-		NewEditorUnifiedRole(),
-		NewSpaceEditorUnifiedRole(),
-		NewFileEditorUnifiedRole(),
-		NewManagerUnifiedRole(),
-	}
-}
diff --git a/internal/http/services/owncloud/ocgraph/shares.go b/internal/http/services/owncloud/ocgraph/shares.go
@@ -77,7 +77,8 @@ func (s *svc) getSharedWithMe(w http.ResponseWriter, r *http.Request) {
 }
 
 func encodeSpaceIDForShareJail(res *provider.ResourceInfo) string {
-	return spaces.EncodeSpaceID(res.Id.StorageId, res.Path)
+	return spaces.EncodeResourceID(res.Id)
+	//return spaces.EncodeSpaceID(res.Id.StorageId, res.Path)
 }
 
 func (s *svc) cs3ReceivedShareToDriveItem(ctx context.Context, share *gateway.SharedResourceInfo) (*libregraph.DriveItem, error) {
@@ -93,6 +94,12 @@ func (s *svc) cs3ReceivedShareToDriveItem(ctx context.Context, share *gateway.Sh
 		return nil, err
 	}
 
+	roles := make([]string, 0, 1)
+	role := CS3ResourcePermissionsToUnifiedRole(share.ResourceInfo.PermissionSet)
+	if role != nil {
+		roles = append(roles, *role.Id)
+	}
+
 	d := &libregraph.DriveItem{
 		UIHidden:          libregraph.PtrBool(share.Share.Hidden),
 		ClientSynchronize: libregraph.PtrBool(true),
@@ -125,6 +132,7 @@ func (s *svc) cs3ReceivedShareToDriveItem(ctx context.Context, share *gateway.Sh
 			Id:                   libregraph.PtrString(encodeSpaceIDForShareJail(share.ResourceInfo)),
 			LastModifiedDateTime: libregraph.PtrTime(utils.TSToTime(share.ResourceInfo.Mtime)),
 			Name:                 libregraph.PtrString(share.ResourceInfo.Name),
+			Path:                 libregraph.PtrString(relativePathToSpaceID(share.ResourceInfo)),
 			// ParentReference: &libregraph.ItemReference{
 			// 	DriveId:   libregraph.PtrString(spaces.EncodeResourceID(share.ResourceInfo.ParentId)),
 			// 	DriveType: nil, // FIXME: no way to know it unless we hardcode it
@@ -142,11 +150,7 @@ func (s *svc) cs3ReceivedShareToDriveItem(ctx context.Context, share *gateway.Sh
 							},
 						},
 					},
-					Roles: []string{"2d00ce52-1fc2-4dbc-8b95-a73b73395f5a"}, // TODO: find a way to not hardcode it
-					// TODO: roles are missing, but which is the id???
-					// "roles": [
-					//     "2d00ce52-1fc2-4dbc-8b95-a73b73395f5a"
-					// ]
+					Roles: roles,
 				},
 			},
 			Size: libregraph.PtrInt64(int64(share.ResourceInfo.Size)),

diff --git a/internal/http/services/owncloud/ocgraph/unifiedrole.go b/internal/http/services/owncloud/ocgraph/unifiedrole.go
@@ -401,47 +401,10 @@ func GetLegacyName(role libregraph.UnifiedRoleDefinition) string {
 }
 
 // CS3ResourcePermissionsToUnifiedRole tries to find the UnifiedRoleDefinition that matches the supplied
-// CS3 ResourcePermissions and constraints.
-func CS3ResourcePermissionsToUnifiedRole(p *provider.ResourcePermissions, constraints string) *libregraph.UnifiedRoleDefinition {
-	actionSet := map[string]struct{}{}
-	for _, action := range CS3ResourcePermissionsToLibregraphActions(p) {
-		actionSet[action] = struct{}{}
-	}
-
-	var res *libregraph.UnifiedRoleDefinition
-	for _, uRole := range GetBuiltinRoleDefinitionList() {
-		matchFound := false
-		for _, uPerm := range uRole.GetRolePermissions() {
-			if uPerm.GetCondition() != constraints {
-				// the requested constraints don't match, this isn't our role
-				continue
-			}
-
-			// if the actions converted from the ResourcePermissions equal the action the defined for the role, we have match
-			if resourceActionsEqual(actionSet, uPerm.GetAllowedResourceActions()) {
-				matchFound = true
-				break
-			}
-		}
-		if matchFound {
-			res = uRole
-			break
-		}
-	}
-	return res
-}
-
-func resourceActionsEqual(targetActionSet map[string]struct{}, actions []string) bool {
-	if len(targetActionSet) != len(actions) {
-		return false
-	}
-
-	for _, action := range actions {
-		if _, ok := targetActionSet[action]; !ok {
-			return false
-		}
-	}
-	return true
+// CS3 ResourcePermissions.
+func CS3ResourcePermissionsToUnifiedRole(p *provider.ResourcePermissions) *libregraph.UnifiedRoleDefinition {
+	role := conversions.RoleFromResourcePermissions(p)
+	return ocsRoleUnifiedRole[role.Name]
 }
 
 func displayName(role *conversions.Role) *string {
@@ -484,3 +447,23 @@ func GetAllowedResourceActions(role *libregraph.UnifiedRoleDefinition, condition
 	}
 	return []string{}
 }
+
+func GetBuiltinRoleDefinitionList() []*libregraph.UnifiedRoleDefinition {
+	return []*libregraph.UnifiedRoleDefinition{
+		NewViewerUnifiedRole(),
+		NewEditorUnifiedRole(),
+		NewFileEditorUnifiedRole(),
+		NewManagerUnifiedRole(),
+	}
+}
+
+var ocsRoleUnifiedRole = map[string]*libregraph.UnifiedRoleDefinition{
+	conversions.RoleViewer:       NewViewerUnifiedRole(),
+	conversions.RoleReader:       NewViewerUnifiedRole(),
+	conversions.RoleEditor:       NewEditorUnifiedRole(),
+	conversions.RoleFileEditor:   NewFileEditorUnifiedRole(),
+	conversions.RoleCollaborator: NewManagerUnifiedRole(),
+	// FIXME: this is a wrong mapping, but it looks like in ocis has not been defined so far
+	conversions.RoleUploader: NewEditorUnifiedRole(),
+	conversions.RoleManager:  NewManagerUnifiedRole(),
+}