From 5dcf372ec2b56b24ea1df8854cd710dcbd43eb5b Mon Sep 17 00:00:00 2001 From: David Christofas Date: Fri, 29 Apr 2022 12:16:50 +0200 Subject: [PATCH] reduce drives in listing of graph /me/drives API --- changelog/unreleased/graph-me-drives.md | 6 ++ extensions/graph/pkg/service/v0/drives.go | 71 +++++++++++++++++++++- extensions/graph/pkg/service/v0/service.go | 2 +- go.mod | 2 + go.sum | 6 +- 5 files changed, 79 insertions(+), 8 deletions(-) create mode 100644 changelog/unreleased/graph-me-drives.md diff --git a/changelog/unreleased/graph-me-drives.md b/changelog/unreleased/graph-me-drives.md new file mode 100644 index 00000000000..3104450cd94 --- /dev/null +++ b/changelog/unreleased/graph-me-drives.md @@ -0,0 +1,6 @@ +Change: Reduce drives in graph /me/drives API + +Reduced the drives in the graph `/me/drives` API to only the drives the user has access to. +The endpoint `/drives` will list all drives when the user has the permission. + +https://github.com/owncloud/ocis/pull/3629 diff --git a/extensions/graph/pkg/service/v0/drives.go b/extensions/graph/pkg/service/v0/drives.go index 673f246fa57..01f9459b5c1 100644 --- a/extensions/graph/pkg/service/v0/drives.go +++ b/extensions/graph/pkg/service/v0/drives.go @@ -50,7 +50,68 @@ func (g Graph) GetDrives(w http.ResponseWriter, r *http.Request) { errorcode.NotSupported.Render(w, r, http.StatusNotImplemented, err.Error()) return } - res, err := g.ListStorageSpacesWithFilters(ctx, filters) + res, err := g.ListStorageSpacesWithFilters(ctx, filters, false) + switch { + case err != nil: + g.logger.Error().Err(err).Msg(ListStorageSpacesTransportErr) + errorcode.GeneralException.Render(w, r, http.StatusInternalServerError, err.Error()) + return + case res.Status.Code != cs3rpc.Code_CODE_OK: + if res.Status.Code == cs3rpc.Code_CODE_NOT_FOUND { + // return an empty list + render.Status(r, http.StatusOK) + render.JSON(w, r, &listResponse{}) + return + } + g.logger.Error().Err(err).Msg(ListStorageSpacesReturnsErr) + errorcode.GeneralException.Render(w, r, http.StatusInternalServerError, res.Status.Message) + return + } + + wdu, err := url.Parse(g.config.Spaces.WebDavBase + g.config.Spaces.WebDavPath) + if err != nil { + g.logger.Error().Err(err).Msg("error parsing url") + errorcode.GeneralException.Render(w, r, http.StatusInternalServerError, err.Error()) + return + } + spaces, err := g.formatDrives(ctx, wdu, res.StorageSpaces) + if err != nil { + g.logger.Error().Err(err).Msg("error encoding response as json") + errorcode.GeneralException.Render(w, r, http.StatusInternalServerError, err.Error()) + return + } + + spaces, err = sortSpaces(odataReq, spaces) + if err != nil { + g.logger.Error().Err(err).Msg("error sorting the spaces list") + errorcode.InvalidRequest.Render(w, r, http.StatusBadRequest, err.Error()) + return + } + + render.Status(r, http.StatusOK) + render.JSON(w, r, &listResponse{Value: spaces}) +} + +// GetDrives implements the Service interface. +func (g Graph) GetAllDrives(w http.ResponseWriter, r *http.Request) { + sanitizedPath := strings.TrimPrefix(r.URL.Path, "/graph/v1.0/") + // Parse the request with odata parser + odataReq, err := godata.ParseRequest(r.Context(), sanitizedPath, r.URL.Query()) + if err != nil { + g.logger.Err(err).Interface("query", r.URL.Query()).Msg("query error") + errorcode.InvalidRequest.Render(w, r, http.StatusBadRequest, err.Error()) + return + } + g.logger.Info().Interface("query", r.URL.Query()).Msg("Calling GetDrives") + ctx := r.Context() + + filters, err := generateCs3Filters(odataReq) + if err != nil { + g.logger.Err(err).Interface("query", r.URL.Query()).Msg("query error") + errorcode.NotSupported.Render(w, r, http.StatusNotImplemented, err.Error()) + return + } + res, err := g.ListStorageSpacesWithFilters(ctx, filters, true) switch { case err != nil: g.logger.Error().Err(err).Msg(ListStorageSpacesTransportErr) @@ -106,7 +167,7 @@ func (g Graph) GetSingleDrive(w http.ResponseWriter, r *http.Request) { ctx := r.Context() filters := []*storageprovider.ListStorageSpacesRequest_Filter{listStorageSpacesIDFilter(driveID)} - res, err := g.ListStorageSpacesWithFilters(ctx, filters) + res, err := g.ListStorageSpacesWithFilters(ctx, filters, true) switch { case err != nil: g.logger.Error().Err(err).Msg(ListStorageSpacesTransportErr) @@ -398,7 +459,7 @@ func (g Graph) formatDrives(ctx context.Context, baseURL *url.URL, storageSpaces } // ListStorageSpacesWithFilters List Storage Spaces using filters -func (g Graph) ListStorageSpacesWithFilters(ctx context.Context, filters []*storageprovider.ListStorageSpacesRequest_Filter) (*storageprovider.ListStorageSpacesResponse, error) { +func (g Graph) ListStorageSpacesWithFilters(ctx context.Context, filters []*storageprovider.ListStorageSpacesRequest_Filter, unrestricted bool) (*storageprovider.ListStorageSpacesResponse, error) { client := g.GetGatewayClient() permissions := make(map[string]struct{}, 1) @@ -423,6 +484,10 @@ func (g Graph) ListStorageSpacesWithFilters(ctx context.Context, filters []*stor Decoder: "json", Value: value, }, + "unrestricted": { + Decoder: "plain", + Value: []byte(strconv.FormatBool(unrestricted)), + }, }}, Filters: filters, }) diff --git a/extensions/graph/pkg/service/v0/service.go b/extensions/graph/pkg/service/v0/service.go index 11fe37c2fe0..5c9b6fdaf02 100644 --- a/extensions/graph/pkg/service/v0/service.go +++ b/extensions/graph/pkg/service/v0/service.go @@ -173,7 +173,7 @@ func NewService(opts ...Option) Service { account.JWTSecret(options.Config.TokenManager.JWTSecret)), ) r.Route("/drives", func(r chi.Router) { - r.Get("/", svc.GetDrives) + r.Get("/", svc.GetAllDrives) r.Post("/", svc.CreateDrive) r.Route("/{driveID}", func(r chi.Router) { r.Patch("/", svc.UpdateDrive) diff --git a/go.mod b/go.mod index abb9d949f2f..85c84ed1a76 100644 --- a/go.mod +++ b/go.mod @@ -274,3 +274,5 @@ require ( // we need to use a fork to make the windows build pass replace github.com/pkg/xattr => github.com/micbar/xattr v0.4.6-0.20220215112335-88e74d648fb7 + +replace github.com/cs3org/reva/v2 => github.com/c0rby/reva/v2 v2.0.0-20220429095703-bbac276f2cb4 diff --git a/go.sum b/go.sum index 97e90625a25..dbe08ce2f62 100644 --- a/go.sum +++ b/go.sum @@ -236,6 +236,8 @@ github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBW github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs= github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/c-bata/go-prompt v0.2.5/go.mod h1:vFnjEGDIIA/Lib7giyE4E9c50Lvl8j0S+7FVlAwDAVw= +github.com/c0rby/reva/v2 v2.0.0-20220429095703-bbac276f2cb4 h1:NAAz/6zTxFa0RBui856DKPIi4cF5jU7FHcbX+n25DM0= +github.com/c0rby/reva/v2 v2.0.0-20220429095703-bbac276f2cb4/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4= github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= github.com/cenkalti/backoff/v4 v4.1.0/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= @@ -318,10 +320,6 @@ github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde h1:WrD9O8ZaWvsm0 github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY= github.com/cs3org/reva v1.18.0 h1:MbPS5ZAa8RzKcTxAVeSDdISB3XXqLIxqB03BTN5ReBY= github.com/cs3org/reva v1.18.0/go.mod h1:e5VDUDu4vVWIeVkZcW//n6UZzhGGMa+Tz/whCiX3N6o= -github.com/cs3org/reva/v2 v2.0.0-20220427133111-618964eed515 h1:8pPCLxNXVz/q7PMM6Zq1lff3P8SFAu8/CXwB2eA21xc= -github.com/cs3org/reva/v2 v2.0.0-20220427133111-618964eed515/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= -github.com/cs3org/reva/v2 v2.0.0-20220427203355-0164880ac7d3 h1:6sKjGI0AUW5tBXWBduaBoc+9sNYZWQR894G0oFCbus0= -github.com/cs3org/reva/v2 v2.0.0-20220427203355-0164880ac7d3/go.mod h1:2e/4HcIy54Mic3V7Ow0bz4n5dkZU0dHIZSWomFe5vng= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=