owncloud · fschade · Dec 30, 2022 · Dec 30, 2022 · Dec 30, 2022 · Dec 30, 2022
diff --git a/changelog/unreleased/bump-libregraph.md b/changelog/unreleased/bump-libregraph.md
@@ -0,0 +1,10 @@
+Enhancement: Bump libre-graph-api-go
+
+We fixed a couple of issues in libre-graph-api-go package.
+
+* rename drive permission grantedTo to grantedToIdentities tob be ms graph spec compatible.
+* drive.name is a required property now.
+* add group property to the identitySet.
+
+https://github.com/owncloud/ocis/pull/5309
+https://github.com/owncloud/ocis/pull/5312
diff --git a/changelog/unreleased/drive-group-permissions.md b/changelog/unreleased/drive-group-permissions.md
@@ -0,0 +1,5 @@
+Enhancement: Drive group permissions
+
+We've updated the libregraph.Drive response to contain group permissions.
+
+https://github.com/owncloud/ocis/pull/5312
diff --git a/go.mod b/go.mod
@@ -54,7 +54,7 @@ require (
 	github.com/onsi/ginkgo/v2 v2.5.0
 	github.com/onsi/gomega v1.24.1
 	github.com/orcaman/concurrent-map v1.0.0
-	github.com/owncloud/libre-graph-api-go v1.0.1-0.20221220084037-8c6f7ea26400
+	github.com/owncloud/libre-graph-api-go v1.0.1
 	github.com/pkg/errors v0.9.1
 	github.com/prometheus/client_golang v1.14.0
 	github.com/rs/zerolog v1.28.0

diff --git a/go.sum b/go.sum
@@ -1055,8 +1055,8 @@ github.com/oracle/oci-go-sdk v24.3.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35uk
 github.com/orcaman/concurrent-map v1.0.0 h1:I/2A2XPCb4IuQWcQhBhSwGfiuybl/J0ev9HDbW65HOY=
 github.com/orcaman/concurrent-map v1.0.0/go.mod h1:Lu3tH6HLW3feq74c2GC+jIMS/K2CFcDWnWD9XkenwhI=
 github.com/ovh/go-ovh v1.1.0/go.mod h1:AxitLZ5HBRPyUd+Zl60Ajaag+rNTdVXWIkzfrVuTXWA=
-github.com/owncloud/libre-graph-api-go v1.0.1-0.20221220084037-8c6f7ea26400 h1:E8+qYjS2P21dE4gGVep0JAqPleL74wugwnXSHKAoDp4=
-github.com/owncloud/libre-graph-api-go v1.0.1-0.20221220084037-8c6f7ea26400/go.mod h1:579sFrPP7aP24LZXGPopLfvE+hAka/2DYHk0+Ij+w+U=
+github.com/owncloud/libre-graph-api-go v1.0.1 h1:wj3aQQr/yDPoc97ddg7DCadvMx6ui6N7re/oRV9+yNs=
+github.com/owncloud/libre-graph-api-go v1.0.1/go.mod h1:579sFrPP7aP24LZXGPopLfvE+hAka/2DYHk0+Ij+w+U=
 github.com/oxtoacart/bpool v0.0.0-20190530202638-03653db5a59c h1:rp5dCmg/yLR3mgFuSOe4oEnDDmGLROTvMragMUXpTQw=
 github.com/oxtoacart/bpool v0.0.0-20190530202638-03653db5a59c/go.mod h1:X07ZCGwUbLaax7L0S3Tw4hpejzu63ZrrQiUe6W0hcy0=
 github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=

diff --git a/services/graph/pkg/service/v0/drives.go b/services/graph/pkg/service/v0/drives.go
@@ -538,29 +538,51 @@ func (g Graph) cs3StorageSpaceToDrive(ctx context.Context, baseURL *url.URL, spa
 
 	var permissions []libregraph.Permission
 	if space.Opaque != nil {
-		var m map[string]*storageprovider.ResourcePermissions
-		entry, ok := space.Opaque.Map["grants"]
+		var permissionsMap map[string]*storageprovider.ResourcePermissions
+		var groupsMap map[string]struct{}
+
+		opaqueGrants, ok := space.Opaque.Map["grants"]
 		if ok {
-			err := json.Unmarshal(entry.Value, &m)
+			err := json.Unmarshal(opaqueGrants.Value, &permissionsMap)
 			if err != nil {
 				logger.Debug().
 					Err(err).
 					Interface("space", space.Root).
-					Bytes("grants", entry.Value).
+					Bytes("grants", opaqueGrants.Value).
 					Msg("unable to parse space: failed to read spaces grants")
 			}
 		}
-		if len(m) != 0 {
+
+		opaqueGroups, ok := space.Opaque.Map["groups"]
+		if ok {
+			err := json.Unmarshal(opaqueGroups.Value, &groupsMap)
+			if err != nil {
+				logger.Debug().
+					Err(err).
+					Interface("space", space.Root).
+					Bytes("groups", opaqueGroups.Value).
+					Msg("unable to parse space: failed to read spaces groups")
+			}
+		}
+
+		if len(permissionsMap) != 0 {
 			managerIdentities := []libregraph.IdentitySet{}
 			editorIdentities := []libregraph.IdentitySet{}
 			viewerIdentities := []libregraph.IdentitySet{}
 
-			for id, perm := range m {
+			for id, perm := range permissionsMap {
 				// This temporary variable is necessary since we need to pass a pointer to the
 				// libregraph.Identity and if we pass the pointer from the loop every identity
 				// will have the same id.
 				tmp := id
-				identity := libregraph.IdentitySet{User: &libregraph.Identity{Id: &tmp}}
+				var identity libregraph.IdentitySet
+
+				if _, ok := groupsMap[id]; !ok {
+					identity = libregraph.IdentitySet{User: &libregraph.Identity{Id: &tmp}}
+				} else {
+					identity = libregraph.IdentitySet{Group: &libregraph.Identity{Id: &tmp}}
+				}
+
 				// we need to map the permissions to the roles
 				switch {
 				// having RemoveGrant qualifies you as a manager
@@ -578,20 +600,20 @@ func (g Graph) cs3StorageSpaceToDrive(ctx context.Context, baseURL *url.URL, spa
 			permissions = make([]libregraph.Permission, 0, 3)
 			if len(managerIdentities) != 0 {
 				permissions = append(permissions, libregraph.Permission{
-					GrantedTo: managerIdentities,
-					Roles:     []string{"manager"},
+					GrantedToIdentities: managerIdentities,
+					Roles:               []string{"manager"},
 				})
 			}
 			if len(editorIdentities) != 0 {
 				permissions = append(permissions, libregraph.Permission{
-					GrantedTo: editorIdentities,
-					Roles:     []string{"editor"},
+					GrantedToIdentities: editorIdentities,
+					Roles:               []string{"editor"},
 				})
 			}
 			if len(viewerIdentities) != 0 {
 				permissions = append(permissions, libregraph.Permission{
-					GrantedTo: viewerIdentities,
-					Roles:     []string{"viewer"},
+					GrantedToIdentities: viewerIdentities,
+					Roles:               []string{"viewer"},
 				})
 			}
 		}