From 1c9f85e5194e916cab024dd28ee9aa489df0f5be Mon Sep 17 00:00:00 2001 From: root Date: Wed, 17 Apr 2024 12:05:26 +0200 Subject: [PATCH] more fixes --- pkg/auth/manager/ldap/ldap.go | 10 +- pkg/storage/fs/cephfs/cephfs.go | 156 +++++++------------------------- pkg/storage/fs/cephfs/user.go | 8 +- pkg/storage/fs/cephfs/utils.go | 127 -------------------------- pkg/user/manager/ldap/ldap.go | 3 + 5 files changed, 44 insertions(+), 260 deletions(-) diff --git a/pkg/auth/manager/ldap/ldap.go b/pkg/auth/manager/ldap/ldap.go index 16374226e0..7bfe436564 100644 --- a/pkg/auth/manager/ldap/ldap.go +++ b/pkg/auth/manager/ldap/ldap.go @@ -124,7 +124,7 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string) log := appctx.GetLogger(ctx) l, err := utils.GetLDAPConnection(&am.c.LDAPConn) if err != nil { - return nil, nil, err + return nil, nil, errors.Wrap(err, "error creating ldap connection") } defer l.Close() @@ -139,10 +139,10 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string) sr, err := l.Search(searchRequest) if err != nil { - return nil, nil, err + return nil, nil, errors.Wrapf(err, "error searching. seachrequest = %+v", searchRequest) } - log.Trace().Interface("entries", sr.Entries).Send() + log.Debug().Interface("entries", sr.Entries).Send() if len(sr.Entries) != 1 { return nil, nil, errtypes.NotFound(clientID) } @@ -153,7 +153,7 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string) err = l.Bind(userdn, clientSecret) if err != nil { log.Debug().Err(err).Interface("userdn", userdn).Msg("bind with user credentials failed") - return nil, nil, err + return nil, nil, errors.Wrapf(err, "error binding with user credentials for user %s", userdn) } userID := &user.UserId{ @@ -193,7 +193,7 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string) u := &user.User{ Id: userID, // TODO add more claims from the StandardClaims, eg EmailVerified - Username: sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.CN), + Username: sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.UID), // TODO groups Groups: getGroupsResp.Groups, Mail: sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.Mail), diff --git a/pkg/storage/fs/cephfs/cephfs.go b/pkg/storage/fs/cephfs/cephfs.go index f6ac1a1855..c20a4cc632 100644 --- a/pkg/storage/fs/cephfs/cephfs.go +++ b/pkg/storage/fs/cephfs/cephfs.go @@ -45,17 +45,12 @@ import ( "github.com/cs3org/reva/pkg/utils" "github.com/cs3org/reva/pkg/utils/cfg" "github.com/pkg/errors" + "go-micro.dev/v4/util/log" ) const ( - xattrTrustedNs = "trusted." - xattrEID = xattrTrustedNs + "eid" - xattrMd5 = xattrTrustedNs + "checksum" - xattrMd5ts = xattrTrustedNs + "checksumTS" - xattrRef = xattrTrustedNs + "ref" - xattrUserNs = "user." - snap = ".snap" - xattrLock = xattrUserNs + "reva.lockpayload" + xattrUserNs = "user." + xattrLock = xattrUserNs + "reva.lockpayload" ) type cephfs struct { @@ -84,7 +79,7 @@ func New(ctx context.Context, m map[string]interface{}) (fs storage.FS, err erro adminConn, err := newAdminConn(&o) if err != nil { - return nil, errors.Wrap(err, "cephfs: Couldn't create admin connections") + return nil, errors.Wrap(err, "cephfs: couldn't create admin connections") } return &cephfs{ @@ -96,28 +91,36 @@ func New(ctx context.Context, m map[string]interface{}) (fs storage.FS, err erro func (fs *cephfs) GetHome(ctx context.Context) (string, error) { if fs.conf.DisableHome { - return "", errtypes.NotSupported("cephfs: GetHome() home supported disabled") + return "", errtypes.NotSupported("cephfs: GetHome disabled by config") } + log := appctx.GetLogger(ctx) user := fs.makeUser(ctx) + log.Debug().Interface("user", user).Msg("GetHome for user") return user.home, nil } func (fs *cephfs) CreateHome(ctx context.Context) (err error) { - //if fs.conf.DisableHome { - // return errtypes.NotSupported("cephfs: GetHome() home supported disabled") - //} + if fs.conf.DisableHome { + return errtypes.NotSupported("cephfs: CreateHome disabled by config") + } + + log := appctx.GetLogger(ctx) user := fs.makeUser(ctx) - fmt.Println("debugging user hugo", user) + log.Debug().Interface("user", user).Msg("CreateHome for user") - // Stop createhome from running the whole thing because it is called multiple times + // Skip home creation if the directory already exists. + // We do not check for all necessary attributes, only for the existence of the directory. stat, err := fs.adminConn.adminMount.Statx(user.home, goceph.StatxMode, 0) if err != nil { - return err + return errors.Wrap(err, "error stating user home when trying to create it") } - fmt.Println("debugging stat", stat) + + log.Debug().Interface("stat", stat).Msgf("home is %s") + + // TODO: create home only on: no such file or directory error return nil /* @@ -219,6 +222,10 @@ func (fs *cephfs) Move(ctx context.Context, oldRef, newRef *provider.Reference) } func (fs *cephfs) GetMD(ctx context.Context, ref *provider.Reference, mdKeys []string) (ri *provider.ResourceInfo, err error) { + if ref == nil { + return nil, errors.New("error: ref is nil") + } + var path string user := fs.makeUser(ctx) @@ -239,8 +246,10 @@ func (fs *cephfs) GetMD(ctx context.Context, ref *provider.Reference, mdKeys []s func (fs *cephfs) ListFolder(ctx context.Context, ref *provider.Reference, mdKeys []string) (files []*provider.ResourceInfo, err error) { if ref == nil { - ref = &provider.Reference{Path: "/"} + return nil, errors.New("error: ref is nil") } + + log.Debug().Interface("ref", ref) fmt.Println("debugging: listing folder", ref) user := fs.makeUser(ctx) fmt.Println("debugging: user", user) @@ -318,104 +327,20 @@ func (fs *cephfs) Download(ctx context.Context, ref *provider.Reference) (rc io. } func (fs *cephfs) ListRevisions(ctx context.Context, ref *provider.Reference) (fvs []*provider.FileVersion, err error) { - //TODO(tmourati): Fix entry id logic - var path string - user := fs.makeUser(ctx) - if path, err = user.resolveRef(ref); err != nil { - return nil, errors.Wrap(err, "cephfs: error resolving ref") - } - - user.op(func(cv *cacheVal) { - if strings.HasPrefix(path, removeLeadingSlash(fs.conf.ShareFolder)) { - err = errtypes.PermissionDenied("cephfs: cannot download under the virtual share folder") - return - } - var dir *goceph.Directory - if dir, err = cv.mount.OpenDir(".snap"); err != nil { - return - } - defer closeDir(dir) - - for d, _ := dir.ReadDir(); d != nil; d, _ = dir.ReadDir() { - var revPath string - var stat Statx - var e error - - if strings.HasPrefix(d.Name(), ".") { - continue - } - - revPath, e = resolveRevRef(cv.mount, ref, d.Name()) - if e != nil { - continue - } - stat, e = cv.mount.Statx(revPath, goceph.StatxMtime|goceph.StatxSize, 0) - if e != nil { - continue - } - fvs = append(fvs, &provider.FileVersion{ - Key: d.Name(), - Size: stat.Size, - Mtime: uint64(stat.Mtime.Sec), - }) - } - }) - - return fvs, getRevaError(err) + return nil, errtypes.NotSupported("cephfs: RestoreRevision not supported") } func (fs *cephfs) DownloadRevision(ctx context.Context, ref *provider.Reference, key string) (file io.ReadCloser, err error) { - //TODO(tmourati): Fix entry id logic - user := fs.makeUser(ctx) - - user.op(func(cv *cacheVal) { - var revPath string - revPath, err = resolveRevRef(cv.mount, ref, key) - if err != nil { - return - } - - file, err = cv.mount.Open(revPath, os.O_RDONLY, 0) - }) - - return file, getRevaError(err) + return nil, errtypes.NotSupported("cephfs: RestoreRevision not supported") } func (fs *cephfs) RestoreRevision(ctx context.Context, ref *provider.Reference, key string) (err error) { - //TODO(tmourati): Fix entry id logic - var path string - user := fs.makeUser(ctx) - if path, err = user.resolveRef(ref); err != nil { - return errors.Wrap(err, "cephfs: error resolving ref") - } - - user.op(func(cv *cacheVal) { - var revPath string - if revPath, err = resolveRevRef(cv.mount, ref, key); err != nil { - err = errors.Wrap(err, "cephfs: error resolving revision ref "+ref.String()) - return - } - - var src, dst *goceph.File - if src, err = cv.mount.Open(revPath, os.O_RDONLY, 0); err != nil { - return - } - defer closeFile(src) - - if dst, err = cv.mount.Open(path, os.O_WRONLY|os.O_TRUNC, 0); err != nil { - return - } - defer closeFile(dst) - - _, err = io.Copy(dst, src) - }) - - return getRevaError(err) + return errtypes.NotSupported("cephfs: RestoreRevision not supported") } func (fs *cephfs) GetPathByID(ctx context.Context, id *provider.ResourceId) (str string, err error) { //TODO(tmourati): Add entry id logic - return "", errtypes.NotSupported("cephfs: entry IDs currently not supported") + return "", errtypes.NotSupported("cephfs: ids currently not supported") } func (fs *cephfs) AddGrant(ctx context.Context, ref *provider.Reference, g *provider.Grant) (err error) { @@ -517,24 +442,7 @@ func (fs *cephfs) GetQuota(ctx context.Context, ref *provider.Reference) (total } func (fs *cephfs) CreateReference(ctx context.Context, path string, targetURI *url.URL) (err error) { - user := fs.makeUser(ctx) - - user.op(func(cv *cacheVal) { - if !strings.HasPrefix(strings.TrimPrefix(path, user.home), fs.conf.ShareFolder) { - err = errors.New("cephfs: can't create reference outside a share folder") - } else { - err = cv.mount.MakeDir(path, fs.conf.DirPerms) - } - }) - if err != nil { - return getRevaError(err) - } - - user.op(func(cv *cacheVal) { - err = cv.mount.SetXattr(path, xattrRef, []byte(targetURI.String()), 0) - }) - - return getRevaError(err) + return errors.New("error: CreateReference not implemented") } func (fs *cephfs) Shutdown(ctx context.Context) (err error) { diff --git a/pkg/storage/fs/cephfs/user.go b/pkg/storage/fs/cephfs/user.go index 3837ee43fb..52dbd59237 100644 --- a/pkg/storage/fs/cephfs/user.go +++ b/pkg/storage/fs/cephfs/user.go @@ -203,13 +203,13 @@ func (user *User) fileAsResourceInfo(cv *cacheVal, path string, stat *goceph.Cep return } -func (user *User) resolveRef(ref *provider.Reference) (str string, err error) { +func (user *User) resolveRef(ref *provider.Reference) (string, error) { if ref == nil { - return "", fmt.Errorf("cephfs: nil reference") + return "", fmt.Errorf("cephfs: nil reference provided") } - if str = ref.GetPath(); str == "" { - return "", errtypes.NotSupported("cephfs: entry IDs not currently supported") + if ref.GetPath() == "" { + return "", errtypes.NotSupported("cephfs: path not provided, id based refs are not supported") } return } diff --git a/pkg/storage/fs/cephfs/utils.go b/pkg/storage/fs/cephfs/utils.go index 8649e5323b..e49f066b42 100644 --- a/pkg/storage/fs/cephfs/utils.go +++ b/pkg/storage/fs/cephfs/utils.go @@ -22,13 +22,7 @@ package cephfs import ( - "crypto/md5" - "encoding/hex" - "fmt" - "io" - "os" "path/filepath" - "strconv" goceph "github.com/ceph/go-ceph/cephfs" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" @@ -74,75 +68,6 @@ func isDir(t provider.ResourceType) bool { return t == provider.ResourceType_RESOURCE_TYPE_CONTAINER } -// TODO: Use when fileids are available -/* -func (fs *cephfs) makeFIDPath(fid string) string { - return "" // filepath.Join(fs.conf.EIDFolder, fid) EIDFolder does not exist -} - -func (fs *cephfs) makeFID(absolutePath string, inode string) (rid *provider.ResourceId, err error) { - sum := md5.New() - sum.Write([]byte(absolutePath)) - fid := fmt.Sprintf("%s-%s", hex.EncodeToString(sum.Sum(nil)), inode) - rid = &provider.ResourceId{OpaqueId: fid} - - _ = fs.adminConn.adminMount.Link(absolutePath, fs.makeFIDPath(fid)) - _ = fs.adminConn.adminMount.SetXattr(absolutePath, xattrEID, []byte(fid), 0) - - return -} - -func (fs *cephfs) getFIDPath(cv *cacheVal, path string) (fid string, err error) { - var buffer []byte - if buffer, err = cv.mount.GetXattr(path, xattrEID); err != nil { - return - } - - return fs.makeFIDPath(string(buffer)), err -} -*/ - -func calcChecksum(filepath string, mt Mount, stat Statx) (checksum string, err error) { - file, err := mt.Open(filepath, os.O_RDONLY, 0) - defer closeFile(file) - if err != nil { - return - } - hash := md5.New() - if _, err = io.Copy(hash, file); err != nil { - return - } - checksum = hex.EncodeToString(hash.Sum(nil)) - // we don't care if they fail, the checksum will just be recalculated if an error happens - _ = mt.SetXattr(filepath, xattrMd5ts, []byte(strconv.FormatInt(stat.Mtime.Sec, 10)), 0) - _ = mt.SetXattr(filepath, xattrMd5, []byte(checksum), 0) - - return -} - -func resolveRevRef(mt Mount, ref *provider.Reference, revKey string) (str string, err error) { - var buf []byte - if ref.GetResourceId() != nil { - str, err = mt.Readlink(filepath.Join(snap, revKey, ref.ResourceId.OpaqueId)) - if err != nil { - return "", fmt.Errorf("cephfs: invalid reference %+v", ref) - } - } else if str = ref.GetPath(); str != "" { - buf, err = mt.GetXattr(str, xattrEID) - if err != nil { - return - } - str, err = mt.Readlink(filepath.Join(snap, revKey, string(buf))) - if err != nil { - return - } - } else { - return "", fmt.Errorf("cephfs: empty reference %+v", ref) - } - - return filepath.Join(snap, revKey, str), err -} - func removeLeadingSlash(path string) string { return filepath.Join(".", path) } @@ -196,55 +121,3 @@ func walkPath(path string, f func(string) error, reverse bool) (err error) { return } - -// TODO: Use when fileids are available -/* -func (fs *cephfs) writeIndex(oid string, value string) (err error) { - return fs.adminConn.radosIO.WriteFull(oid, []byte(value)) -} - -func (fs *cephfs) removeIndex(oid string) error { - return fs.adminConn.radosIO.Delete(oid) -} - -func (fs *cephfs) resolveIndex(oid string) (fullPath string, err error) { - var i int - var currPath strings.Builder - root := string(filepath.Separator) - offset := uint64(0) - io := fs.adminConn.radosIO - bsize := 4096 - buffer := make([]byte, bsize) - for { - for { //read object - i, err = io.Read(oid, buffer, offset) - offset += uint64(bsize) - currPath.Write(buffer) - if err == nil && i >= bsize { - buffer = buffer[:0] - continue - } else { - offset = 0 - break - } - } - if err != nil { - return - } - - ss := strings.SplitN(currPath.String(), string(filepath.Separator), 2) - if len(ss) != 2 { - if currPath.String() == root { - return - } - - return "", fmt.Errorf("cephfs: entry id is not in the form of \"parentID/entryname\"") - } - parentOID := ss[0] - entryName := ss[1] - fullPath = filepath.Join(entryName, fullPath) - oid = parentOID - currPath.Reset() - } -} -*/ diff --git a/pkg/user/manager/ldap/ldap.go b/pkg/user/manager/ldap/ldap.go index 31dbf8d2af..0973f0a99e 100644 --- a/pkg/user/manager/ldap/ldap.go +++ b/pkg/user/manager/ldap/ldap.go @@ -374,6 +374,9 @@ func (m *manager) FindUsers(ctx context.Context, query string, skipFetchingGroup } func (m *manager) GetUserGroups(ctx context.Context, uid *userpb.UserId) ([]string, error) { + if m.c.GroupFilter == "" { + return []string{}, nil + } l, err := utils.GetLDAPConnection(&m.c.LDAPConn) if err != nil { return []string{}, err