diff --git a/changelog/unreleased/refactor-permissions.md b/changelog/unreleased/refactor-permissions.md new file mode 100644 index 00000000000..eda2767fdb5 --- /dev/null +++ b/changelog/unreleased/refactor-permissions.md @@ -0,0 +1,5 @@ +Enhancement: refactor permissions + +Permissions are now, at least partially, handled and exposed within a single package (which was important for cernboxcop), with conversions between the different types of permissions + +https://github.com/cs3org/reva/pull/5428 diff --git a/cmd/reva/ocm-share-create.go b/cmd/reva/ocm-share-create.go index ddc64ea901c..caf72656420 100644 --- a/cmd/reva/ocm-share-create.go +++ b/cmd/reva/ocm-share-create.go @@ -33,7 +33,7 @@ import ( ocm "github.com/cs3org/go-cs3apis/cs3/sharing/ocm/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" ocmshare "github.com/cs3org/reva/v3/pkg/ocm/share" "github.com/cs3org/reva/v3/pkg/utils" "github.com/jedib0t/go-pretty/table" @@ -215,9 +215,9 @@ func getAccessMethods(webdav, webapp, datatx bool, rol string) ([]*ocm.AccessMet func getOCMSharePerm(p string) (*provider.ResourcePermissions, error) { switch p { case viewerPermission: - return conversions.NewViewerRole().CS3ResourcePermissions(), nil + return permissions.NewViewerRole().CS3ResourcePermissions(), nil case editorPermission: - return conversions.NewEditorRole().CS3ResourcePermissions(), nil + return permissions.NewEditorRole().CS3ResourcePermissions(), nil } return nil, errors.New("invalid rol: " + p) } diff --git a/cmd/reva/share-create.go b/cmd/reva/share-create.go index 13c267d5f07..0b9a7ed5b8d 100644 --- a/cmd/reva/share-create.go +++ b/cmd/reva/share-create.go @@ -28,7 +28,7 @@ import ( rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1" collaboration "github.com/cs3org/go-cs3apis/cs3/sharing/collaboration/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/utils" "github.com/jedib0t/go-pretty/table" "github.com/pkg/errors" @@ -159,11 +159,11 @@ func getGrantType(t string) provider.GranteeType { func getSharePerm(p string) (*provider.ResourcePermissions, error) { switch p { case viewerPermission: - return conversions.NewViewerRole().CS3ResourcePermissions(), nil + return permissions.NewViewerRole().CS3ResourcePermissions(), nil case editorPermission: - return conversions.NewEditorRole().CS3ResourcePermissions(), nil + return permissions.NewEditorRole().CS3ResourcePermissions(), nil case collabPermission: - return conversions.NewManagerRole().CS3ResourcePermissions(), nil + return permissions.NewManagerRole().CS3ResourcePermissions(), nil case denyPermission: return &provider.ResourcePermissions{}, nil default: diff --git a/internal/grpc/services/spacesregistry/spacesregistry.go b/internal/grpc/services/spacesregistry/spacesregistry.go index 0e5d735c8f9..d458cb3ed3c 100644 --- a/internal/grpc/services/spacesregistry/spacesregistry.go +++ b/internal/grpc/services/spacesregistry/spacesregistry.go @@ -31,7 +31,7 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" cachereg "github.com/cs3org/reva/v3/pkg/share/cache/registry" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/errtypes" "github.com/cs3org/reva/v3/pkg/plugin" @@ -410,14 +410,14 @@ func (s *service) userSpace(ctx context.Context, user *userpb.User) (*provider.S Name: user.Username, SpaceType: spaces.SpaceTypeHome.AsString(), RootInfo: &provider.ResourceInfo{ - PermissionSet: conversions.NewManagerRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewManagerRole().CS3ResourcePermissions(), Path: home, }, Quota: &provider.Quota{ QuotaMaxBytes: quota.TotalBytes, RemainingBytes: quota.TotalBytes - quota.UsedBytes, }, - PermissionSet: conversions.NewManagerRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewManagerRole().CS3ResourcePermissions(), }, nil } diff --git a/internal/http/services/owncloud/ocdav/propfind.go b/internal/http/services/owncloud/ocdav/propfind.go index cdc02f95619..7f378e2cd9e 100644 --- a/internal/http/services/owncloud/ocdav/propfind.go +++ b/internal/http/services/owncloud/ocdav/propfind.go @@ -40,10 +40,12 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" "github.com/cs3org/reva/v3/internal/grpc/services/storageprovider" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/spaces" + "github.com/cs3org/reva/v3/pkg/permissions" + "github.com/pkg/errors" + "github.com/cs3org/reva/v3/pkg/publicshare" "github.com/cs3org/reva/v3/pkg/share" @@ -563,7 +565,7 @@ func (s *svc) mdToPropResponse(ctx context.Context, pf *propfindXML, md *provide } } - role := conversions.RoleFromResourcePermissions(md.PermissionSet) + role := permissions.RoleFromResourcePermissions(md.PermissionSet) isShared := !isCurrentUserOwner(ctx, md.Owner) var wdp string @@ -1036,8 +1038,8 @@ func (s *svc) mdToPropResponse(ctx context.Context, pf *propfindXML, md *provide perms := role.OCSPermissions() // shared files cant have the create or delete permission set if md.Type == provider.ResourceType_RESOURCE_TYPE_FILE { - perms &^= conversions.PermissionCreate - perms &^= conversions.PermissionDelete + perms &^= permissions.PermissionCreate + perms &^= permissions.PermissionDelete } propstatOK.Prop = append(propstatOK.Prop, s.newPropNS(pf.Prop[i].Space, pf.Prop[i].Local, strconv.FormatUint(uint64(perms), 10))) } diff --git a/internal/http/services/owncloud/ocdav/tus.go b/internal/http/services/owncloud/ocdav/tus.go index 7fd88253b78..d278f029095 100644 --- a/internal/http/services/owncloud/ocdav/tus.go +++ b/internal/http/services/owncloud/ocdav/tus.go @@ -31,7 +31,7 @@ import ( link "github.com/cs3org/go-cs3apis/cs3/sharing/link/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" typespb "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/utils" "github.com/cs3org/reva/v3/pkg/utils/resourceid" @@ -297,7 +297,7 @@ func (s *svc) handleTusPost(ctx context.Context, w http.ResponseWriter, r *http. } } isShared := !isCurrentUserOwner(ctx, info.Owner) - role := conversions.RoleFromResourcePermissions(info.PermissionSet) + role := permissions.RoleFromResourcePermissions(info.PermissionSet) permissions := role.WebDAVPermissions( info.Type == provider.ResourceType_RESOURCE_TYPE_CONTAINER, isShared, diff --git a/internal/http/services/owncloud/ocgraph/conversions.go b/internal/http/services/owncloud/ocgraph/conversions.go index 55b5895d6e5..44190f25a9c 100644 --- a/internal/http/services/owncloud/ocgraph/conversions.go +++ b/internal/http/services/owncloud/ocgraph/conversions.go @@ -18,7 +18,7 @@ import ( ocm "github.com/cs3org/go-cs3apis/cs3/sharing/ocm/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/spaces" "github.com/cs3org/reva/v3/pkg/utils" @@ -253,7 +253,7 @@ func LinkTypeToPermissions(lt libregraph.SharingLinkType, resourceType provider. case libregraph.INTERNAL: fallthrough default: - return conversions.NewDeniedRole().CS3ResourcePermissions() + return permissions.NewDeniedRole().CS3ResourcePermissions() } } diff --git a/internal/http/services/owncloud/ocgraph/drive_permissions.go b/internal/http/services/owncloud/ocgraph/drive_permissions.go index 0af52edd703..4f6084b82ce 100644 --- a/internal/http/services/owncloud/ocgraph/drive_permissions.go +++ b/internal/http/services/owncloud/ocgraph/drive_permissions.go @@ -17,7 +17,7 @@ import ( ocm "github.com/cs3org/go-cs3apis/cs3/sharing/ocm/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" typesv1beta1 "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/errtypes" "github.com/cs3org/reva/v3/pkg/spaces" @@ -808,7 +808,7 @@ func (s *svc) getLinkUpdates(ctx context.Context, link *linkv1beta1.PublicShare, if permission.Link != nil && permission.Link.Type != nil { isEditorLink = permission.Link.GetType() == libregraph.EDIT } else if link.Permissions != nil { - isEditorLink = conversions.RoleFromResourcePermissions(link.Permissions.Permissions).Name == conversions.RoleEditor + isEditorLink = permissions.RoleFromResourcePermissions(link.Permissions.Permissions).Name == permissions.RoleEditor } // Check for update of expiration diff --git a/internal/http/services/owncloud/ocgraph/linktype.go b/internal/http/services/owncloud/ocgraph/linktype.go index 4875121427c..7abf284c5cb 100644 --- a/internal/http/services/owncloud/ocgraph/linktype.go +++ b/internal/http/services/owncloud/ocgraph/linktype.go @@ -26,7 +26,7 @@ import ( linkv1beta1 "github.com/cs3org/go-cs3apis/cs3/sharing/link/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/storage/utils/grants" libregraph "github.com/owncloud/libre-graph-api-go" ) @@ -114,7 +114,7 @@ func NewInternalLinkPermissionSet() *LinkType { // NewViewLinkPermissionSet creates cs3 permissions for the view link type func NewViewLinkPermissionSet() *LinkType { return &LinkType{ - Permissions: conversions.NewViewerRole().CS3ResourcePermissions(), + Permissions: permissions.NewViewerRole().CS3ResourcePermissions(), linkType: libregraph.VIEW, } } @@ -122,7 +122,7 @@ func NewViewLinkPermissionSet() *LinkType { // NewFileEditLinkPermissionSet creates cs3 permissions for the file edit link type func NewFileEditLinkPermissionSet() *LinkType { return &LinkType{ - Permissions: conversions.NewFileEditorRole().CS3ResourcePermissions(), + Permissions: permissions.NewFileEditorRole().CS3ResourcePermissions(), linkType: libregraph.EDIT, } } @@ -130,7 +130,7 @@ func NewFileEditLinkPermissionSet() *LinkType { // NewFolderEditLinkPermissionSet creates cs3 permissions for the folder edit link type func NewFolderEditLinkPermissionSet() *LinkType { return &LinkType{ - Permissions: conversions.NewEditorRole().CS3ResourcePermissions(), + Permissions: permissions.NewEditorRole().CS3ResourcePermissions(), linkType: libregraph.EDIT, } } @@ -138,7 +138,7 @@ func NewFolderEditLinkPermissionSet() *LinkType { // NewFolderDropLinkPermissionSet creates cs3 permissions for the folder createOnly link type func NewFolderDropLinkPermissionSet() *LinkType { return &LinkType{ - Permissions: conversions.NewUploaderRole().CS3ResourcePermissions(), + Permissions: permissions.NewUploaderRole().CS3ResourcePermissions(), linkType: libregraph.CREATE_ONLY, } } diff --git a/internal/http/services/owncloud/ocgraph/shares.go b/internal/http/services/owncloud/ocgraph/shares.go index ec94d1b88cc..9e09b09f9fa 100644 --- a/internal/http/services/owncloud/ocgraph/shares.go +++ b/internal/http/services/owncloud/ocgraph/shares.go @@ -43,7 +43,7 @@ import ( link "github.com/cs3org/go-cs3apis/cs3/sharing/link/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" "github.com/cs3org/reva/v3/internal/http/services/opencloudmesh/ocmd" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/ocm/share" "github.com/cs3org/reva/v3/pkg/spaces" @@ -272,7 +272,7 @@ func (s *svc) share(w http.ResponseWriter, r *http.Request) { } // Check that the user has share permissions - if !conversions.RoleFromResourcePermissions(statRes.Info.PermissionSet).OCSPermissions().Contain(conversions.PermissionShare) { + if !permissions.RoleFromResourcePermissions(statRes.Info.PermissionSet).OCSPermissions().Contain(permissions.PermissionShare) { handleCustomError(ctx, errors.New("user does not have share permissions"), http.StatusUnauthorized, w) return } @@ -411,7 +411,7 @@ func (s *svc) createLink(w http.ResponseWriter, r *http.Request) { } // Check that the user has share permissions - if !conversions.RoleFromResourcePermissions(statRes.Info.PermissionSet).OCSPermissions().Contain(conversions.PermissionShare) { + if !permissions.RoleFromResourcePermissions(statRes.Info.PermissionSet).OCSPermissions().Contain(permissions.PermissionShare) { handleCustomError(ctx, errors.New("user does not have the necessary permissions"), http.StatusUnauthorized, w) return } diff --git a/internal/http/services/owncloud/ocgraph/unifiedrole.go b/internal/http/services/owncloud/ocgraph/unifiedrole.go index e621b286376..f8ce9745790 100644 --- a/internal/http/services/owncloud/ocgraph/unifiedrole.go +++ b/internal/http/services/owncloud/ocgraph/unifiedrole.go @@ -27,7 +27,7 @@ import ( appprovider "github.com/cs3org/go-cs3apis/cs3/app/provider/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/spaces" libregraph "github.com/owncloud/libre-graph-api-go" @@ -85,20 +85,20 @@ const ( ) var legacyNames map[string]string = map[string]string{ - UnifiedRoleViewerID: conversions.RoleViewer, + UnifiedRoleViewerID: permissions.RoleViewer, // in the V1 api the "spaceviewer" role was call "viewer" and the "spaceeditor" was "editor", // we need to stay compatible with that UnifiedRoleSpaceViewerID: "viewer", UnifiedRoleSpaceEditorID: "editor", - UnifiedRoleEditorID: conversions.RoleEditor, - UnifiedRoleFileEditorID: conversions.RoleFileEditor, - // UnifiedRoleEditorLiteID: conversions.RoleEditorLite, - UnifiedRoleManagerID: conversions.RoleManager, + UnifiedRoleEditorID: permissions.RoleEditor, + UnifiedRoleFileEditorID: permissions.RoleFileEditor, + // UnifiedRoleEditorLiteID: permissions.RoleEditorLite, + UnifiedRoleManagerID: permissions.RoleManager, } // NewViewerUnifiedRole creates a viewer role. func NewViewerUnifiedRole() *libregraph.UnifiedRoleDefinition { - r := conversions.NewViewerRole() + r := permissions.NewViewerRole() return &libregraph.UnifiedRoleDefinition{ Id: proto.String(UnifiedRoleViewerID), Description: proto.String("View and download."), @@ -119,7 +119,7 @@ func NewViewerUnifiedRole() *libregraph.UnifiedRoleDefinition { // NewSpaceViewerUnifiedRole creates a spaceviewer role func NewSpaceViewerUnifiedRole() *libregraph.UnifiedRoleDefinition { - r := conversions.NewViewerRole() + r := permissions.NewViewerRole() return &libregraph.UnifiedRoleDefinition{ Id: proto.String(UnifiedRoleSpaceViewerID), Description: proto.String("View and download."), @@ -136,7 +136,7 @@ func NewSpaceViewerUnifiedRole() *libregraph.UnifiedRoleDefinition { // NewEditorUnifiedRole creates an editor role. func NewEditorUnifiedRole() *libregraph.UnifiedRoleDefinition { - r := conversions.NewEditorRole() + r := permissions.NewEditorRole() return &libregraph.UnifiedRoleDefinition{ Id: proto.String(UnifiedRoleEditorID), Description: proto.String("View, download, upload, edit, add and delete."), @@ -153,7 +153,7 @@ func NewEditorUnifiedRole() *libregraph.UnifiedRoleDefinition { // NewSpaceEditorUnifiedRole creates an editor role func NewSpaceEditorUnifiedRole() *libregraph.UnifiedRoleDefinition { - r := conversions.NewEditorRole() + r := permissions.NewEditorRole() return &libregraph.UnifiedRoleDefinition{ Id: proto.String(UnifiedRoleSpaceEditorID), Description: proto.String("View, download, upload, edit, add and delete."), @@ -170,7 +170,7 @@ func NewSpaceEditorUnifiedRole() *libregraph.UnifiedRoleDefinition { // NewFileEditorUnifiedRole creates a file-editor role func NewFileEditorUnifiedRole() *libregraph.UnifiedRoleDefinition { - r := conversions.NewFileEditorRole() + r := permissions.NewFileEditorRole() return &libregraph.UnifiedRoleDefinition{ Id: proto.String(UnifiedRoleFileEditorID), Description: proto.String("View, download and edit."), @@ -187,7 +187,7 @@ func NewFileEditorUnifiedRole() *libregraph.UnifiedRoleDefinition { // NewManagerUnifiedRole creates a manager role func NewManagerUnifiedRole() *libregraph.UnifiedRoleDefinition { - r := conversions.NewManagerRole() + r := permissions.NewManagerRole() return &libregraph.UnifiedRoleDefinition{ Id: proto.String(UnifiedRoleManagerID), Description: proto.String("View, download, upload, edit, add, delete and manage members."), @@ -204,7 +204,7 @@ func NewManagerUnifiedRole() *libregraph.UnifiedRoleDefinition { // NewUploaderUnifiedRole creates an uploader role func NewUploaderUnifiedRole() *libregraph.UnifiedRoleDefinition { - r := conversions.NewUploaderRole() + r := permissions.NewUploaderRole() return &libregraph.UnifiedRoleDefinition{ Id: proto.String(UnifiedRoleUploaderID), Description: proto.String("Upload only."), @@ -220,7 +220,7 @@ func NewUploaderUnifiedRole() *libregraph.UnifiedRoleDefinition { } func NewAccessDeniedUnifiedRole() *libregraph.UnifiedRoleDefinition { - r := conversions.NewDeniedRole() + r := permissions.NewDeniedRole() return &libregraph.UnifiedRoleDefinition{ Id: proto.String(UnifiedRoleDenyAccessID), Description: proto.String("Remove all permissions."), @@ -437,12 +437,12 @@ func GetLegacyName(role libregraph.UnifiedRoleDefinition) string { // CS3 ResourcePermissions. func CS3ResourcePermissionsToUnifiedRole(ctx context.Context, p *provider.ResourcePermissions) *libregraph.UnifiedRoleDefinition { log := appctx.GetLogger(ctx) - role := conversions.RoleFromResourcePermissions(p) + role := permissions.RoleFromResourcePermissions(p) log.Debug().Interface("role", role).Interface("perms", p).Msg("Converting cs3 resource permissions to unified role") return ocsRoleUnifiedRole[role.Name] } -func displayName(role *conversions.Role) *string { +func displayName(role *permissions.Role) *string { if role == nil { return nil } @@ -452,15 +452,15 @@ func displayName(role *conversions.Role) *string { var displayName string switch role.Name { - case conversions.RoleViewer: + case permissions.RoleViewer: displayName = "Can view" - case conversions.RoleEditor: + case permissions.RoleEditor: displayName = canEdit - case conversions.RoleFileEditor: + case permissions.RoleFileEditor: displayName = canEdit - case conversions.RoleManager: + case permissions.RoleManager: displayName = "Can manage" - case conversions.RoleDenied: + case permissions.RoleDenied: displayName = "Deny access" default: return nil @@ -468,7 +468,7 @@ func displayName(role *conversions.Role) *string { return proto.String(displayName) } -func convert(role *conversions.Role) []string { +func convert(role *permissions.Role) []string { actions := make([]string, 0, 8) if role == nil && role.CS3ResourcePermissions() == nil { return actions @@ -498,13 +498,13 @@ func GetBuiltinRoleDefinitionList() []*libregraph.UnifiedRoleDefinition { } var ocsRoleUnifiedRole = map[string]*libregraph.UnifiedRoleDefinition{ - conversions.RoleViewer: NewViewerUnifiedRole(), - conversions.RoleReader: NewViewerUnifiedRole(), - conversions.RoleEditor: NewEditorUnifiedRole(), - conversions.RoleFileEditor: NewFileEditorUnifiedRole(), - conversions.RoleUploader: NewUploaderUnifiedRole(), - conversions.RoleManager: NewManagerUnifiedRole(), - conversions.RoleDenied: NewAccessDeniedUnifiedRole(), + permissions.RoleViewer: NewViewerUnifiedRole(), + permissions.RoleReader: NewViewerUnifiedRole(), + permissions.RoleEditor: NewEditorUnifiedRole(), + permissions.RoleFileEditor: NewFileEditorUnifiedRole(), + permissions.RoleUploader: NewUploaderUnifiedRole(), + permissions.RoleManager: NewManagerUnifiedRole(), + permissions.RoleDenied: NewAccessDeniedUnifiedRole(), } func UnifiedRoleIDToDefinition(unifiedRoleID string) (*libregraph.UnifiedRoleDefinition, bool) { diff --git a/internal/http/services/owncloud/ocs/conversions/main.go b/internal/http/services/owncloud/ocs/conversions/main.go index d6e58520c92..968f3093f31 100644 --- a/internal/http/services/owncloud/ocs/conversions/main.go +++ b/internal/http/services/owncloud/ocs/conversions/main.go @@ -39,6 +39,8 @@ import ( publicsharemgr "github.com/cs3org/reva/v3/pkg/publicshare/manager/registry" "github.com/cs3org/reva/v3/pkg/user" usermgr "github.com/cs3org/reva/v3/pkg/user/manager/registry" + "github.com/cs3org/reva/v3/pkg/permissions" + ) const ( @@ -94,7 +96,7 @@ type ShareData struct { AdditionalInfoOwner string `json:"additional_info_owner" xml:"additional_info_owner"` // The permission attribute set on the file. // TODO(jfd) change the default to read only - Permissions Permissions `json:"permissions" xml:"permissions"` + Permissions permissions.OcsPermissions `json:"permissions" xml:"permissions"` // The UNIX timestamp when the share was created. STime uint64 `json:"stime" xml:"stime"` // ? @@ -205,7 +207,7 @@ func CS3Share2ShareData(ctx context.Context, share *collaboration.Share) (*Share sd.ID = share.Id.OpaqueId } if share.GetPermissions() != nil && share.GetPermissions().GetPermissions() != nil { - sd.Permissions = RoleFromResourcePermissions(share.GetPermissions().GetPermissions()).OCSPermissions() + sd.Permissions = permissions.RoleFromResourcePermissions(share.GetPermissions().GetPermissions()).OCSPermissions() } if share.Ctime != nil { sd.STime = share.Ctime.Seconds // TODO CS3 api birth time = btime @@ -234,7 +236,7 @@ func PublicShare2ShareData(share *link.PublicShare, r *http.Request, publicURL s sd.ID = share.Id.OpaqueId } if share.GetPermissions() != nil && share.GetPermissions().GetPermissions() != nil { - sd.Permissions = RoleFromResourcePermissions(share.GetPermissions().GetPermissions()).OCSPermissions() + sd.Permissions = permissions.RoleFromResourcePermissions(share.GetPermissions().GetPermissions()).OCSPermissions() } if share.Expiration != nil { sd.Expiration = timestampToExpiration(share.Expiration) @@ -280,7 +282,7 @@ func ReceivedOCMShare2ShareData(share *ocm.ReceivedShare, path string) (*ShareDa UIDOwner: formatRemoteUser(share.Creator), UIDFileOwner: formatRemoteUser(share.Owner), ShareWith: share.Grantee.GetUserId().OpaqueId, - Permissions: RoleFromResourcePermissions(webdav.Permissions.Permissions).OCSPermissions(), + Permissions: permissions.RoleFromResourcePermissions(webdav.Permissions.Permissions).OCSPermissions(), ShareType: ShareTypeFederatedCloudShare, Path: path, FileTarget: path, @@ -318,7 +320,7 @@ func OCMShare2ShareData(share *ocm.Share) (*ShareData, error) { UIDOwner: share.Creator.OpaqueId, UIDFileOwner: share.Owner.OpaqueId, ShareWith: formatRemoteUser(share.Grantee.GetUserId()), - Permissions: RoleFromResourcePermissions(webdav.Permissions).OCSPermissions(), + Permissions: permissions.RoleFromResourcePermissions(webdav.Permissions).OCSPermissions(), ShareType: ShareTypeFederatedCloudShare, STime: share.Ctime.Seconds, Name: share.Name, diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/group.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/group.go index 8816cc67e14..6ebed6287f8 100644 --- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/group.go +++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/group.go @@ -29,13 +29,14 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/response" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/rgrpc/todo/pool" ) -func (h *Handler) createGroupShare(w http.ResponseWriter, r *http.Request, statInfo *provider.ResourceInfo, role *conversions.Role, roleVal []byte) { +func (h *Handler) createGroupShare(w http.ResponseWriter, r *http.Request, statInfo *provider.ResourceInfo, role *permissions.Role, roleVal []byte) { ctx := r.Context() c, err := pool.GetGatewayServiceClient(pool.Endpoint(h.gatewayAddr)) if err != nil { diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/public.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/public.go index e4813e33df4..c46ef228bbb 100644 --- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/public.go +++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/public.go @@ -33,6 +33,8 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" + "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/response" "github.com/cs3org/reva/v3/pkg/appctx" @@ -106,11 +108,11 @@ func (h *Handler) createPublicLinkShare(w http.ResponseWriter, r *http.Request, if statInfo != nil && statInfo.Type == provider.ResourceType_RESOURCE_TYPE_FILE { // Single file shares should never have delete or create permissions - role := conversions.RoleFromResourcePermissions(newPermissions) - permissions := role.OCSPermissions() - permissions &^= conversions.PermissionCreate - permissions &^= conversions.PermissionDelete - newPermissions = conversions.RoleFromOCSPermissions(permissions).CS3ResourcePermissions() + role := permissions.RoleFromResourcePermissions(newPermissions) + perms := role.OCSPermissions() + perms &^= permissions.PermissionCreate + perms &^= permissions.PermissionDelete + newPermissions = permissions.RoleFromOCSPermissions(perms).CS3ResourcePermissions() } internal, _ := strconv.ParseBool(r.FormValue("internal")) @@ -588,7 +590,7 @@ func (h *Handler) removePublicShare(w http.ResponseWriter, r *http.Request, shar } func ocPublicPermToCs3(permKey int, h *Handler) (*provider.ResourcePermissions, error) { - // TODO refactor this ocPublicPermToRole[permKey] check into a conversions.NewPublicSharePermissions? + // TODO refactor this ocPublicPermToRole[permKey] check into a permissions.NewPublicSharePermissions? // not all permissions are possible for public shares _, ok := ocPublicPermToRole[permKey] if !ok { @@ -596,12 +598,12 @@ func ocPublicPermToCs3(permKey int, h *Handler) (*provider.ResourcePermissions, return nil, fmt.Errorf("invalid public share permission: %d", permKey) } - perm, err := conversions.NewPermissions(permKey) + perm, err := permissions.NewPermissions(permKey) if err != nil { return nil, err } - return conversions.RoleFromOCSPermissions(perm).CS3ResourcePermissions(), nil + return permissions.RoleFromOCSPermissions(perm).CS3ResourcePermissions(), nil } func permissionFromRequest(r *http.Request, h *Handler) (*provider.ResourcePermissions, error) { @@ -647,26 +649,26 @@ func permissionFromRequest(r *http.Request, h *Handler) (*provider.ResourcePermi return p, err } -func isPermissionUploader(permissions *provider.ResourcePermissions) bool { - if permissions == nil { +func isPermissionUploader(perms *provider.ResourcePermissions) bool { + if perms == nil { return false } publicSharePermissions := &link.PublicSharePermissions{ - Permissions: permissions, + Permissions: perms, } - return conversions.RoleFromResourcePermissions(publicSharePermissions.Permissions).Name == conversions.RoleUploader + return permissions.RoleFromResourcePermissions(publicSharePermissions.Permissions).Name == permissions.RoleUploader } -func isPermissionEditor(permissions *provider.ResourcePermissions) bool { - if permissions == nil { +func isPermissionEditor(perms *provider.ResourcePermissions) bool { + if perms == nil { return false } publicSharePermissions := &link.PublicSharePermissions{ - Permissions: permissions, + Permissions: perms, } - return conversions.RoleFromResourcePermissions(publicSharePermissions.Permissions).Name == conversions.RoleEditor + return permissions.RoleFromResourcePermissions(publicSharePermissions.Permissions).Name == permissions.RoleEditor } func permissionsStayUploader(before *link.GetPublicShareResponse, newPermissions *provider.ResourcePermissions) bool { diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/remote.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/remote.go index 9427b00030b..2b79a5ba216 100644 --- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/remote.go +++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/remote.go @@ -34,6 +34,7 @@ import ( types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" ocmd "github.com/cs3org/reva/v3/internal/http/services/opencloudmesh/ocmd" "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/response" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/ocm/share" @@ -43,7 +44,7 @@ import ( "github.com/pkg/errors" ) -func (h *Handler) createFederatedCloudShare(w http.ResponseWriter, r *http.Request, resource *provider.ResourceInfo, role *conversions.Role, roleVal []byte) { +func (h *Handler) createFederatedCloudShare(w http.ResponseWriter, r *http.Request, resource *provider.ResourceInfo, role *permissions.Role, roleVal []byte) { ctx := r.Context() c, err := pool.GetGatewayServiceClient(pool.Endpoint(h.gatewayAddr)) @@ -155,11 +156,11 @@ func (h *Handler) createFederatedCloudShare(w http.ResponseWriter, r *http.Reque response.WriteOCSSuccess(w, r, data) } -func getViewModeFromRole(role *conversions.Role) providerv1beta1.ViewMode { +func getViewModeFromRole(role *permissions.Role) providerv1beta1.ViewMode { switch role.Name { - case conversions.RoleViewer: + case permissions.RoleViewer: return providerv1beta1.ViewMode_VIEW_MODE_READ_ONLY - case conversions.RoleEditor: + case permissions.RoleEditor: return providerv1beta1.ViewMode_VIEW_MODE_READ_WRITE } return providerv1beta1.ViewMode_VIEW_MODE_INVALID diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go index d69d61633a9..3a0f924a20f 100644 --- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go +++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go @@ -49,6 +49,8 @@ import ( "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/response" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/spaces" + "github.com/cs3org/reva/v3/pkg/permissions" + "github.com/cs3org/reva/v3/pkg/notification" "github.com/cs3org/reva/v3/pkg/notification/notificationhelper" @@ -241,7 +243,7 @@ func (h *Handler) CreateShare(w http.ResponseWriter, r *http.Request) { } // check user has share permissions - if !conversions.RoleFromResourcePermissions(statRes.Info.PermissionSet).OCSPermissions().Contain(conversions.PermissionShare) { + if !permissions.RoleFromResourcePermissions(statRes.Info.PermissionSet).OCSPermissions().Contain(permissions.PermissionShare) { response.WriteOCSError(w, r, http.StatusNotFound, "No share permission", nil) return } @@ -249,28 +251,28 @@ func (h *Handler) CreateShare(w http.ResponseWriter, r *http.Request) { switch shareType { case int(conversions.ShareTypeUser): // user collaborations default to collab - if role, val, err := h.extractPermissions(w, r, statRes.Info, conversions.NewManagerRole()); err == nil { + if role, val, err := h.extractPermissions(w, r, statRes.Info, permissions.NewManagerRole()); err == nil { h.createUserShare(w, r, statRes.Info, role, val) } case int(conversions.ShareTypeGroup): // group collaborations default to collab - if role, val, err := h.extractPermissions(w, r, statRes.Info, conversions.NewManagerRole()); err == nil { + if role, val, err := h.extractPermissions(w, r, statRes.Info, permissions.NewManagerRole()); err == nil { h.createGroupShare(w, r, statRes.Info, role, val) } case int(conversions.ShareTypePublicLink): // public links default to read only - if _, _, err := h.extractPermissions(w, r, statRes.Info, conversions.NewViewerRole()); err == nil { + if _, _, err := h.extractPermissions(w, r, statRes.Info, permissions.NewViewerRole()); err == nil { h.createPublicLinkShare(w, r, statRes.Info) } case int(conversions.ShareTypeFederatedCloudShare): // federated shares default to read only - if role, val, err := h.extractPermissions(w, r, statRes.Info, conversions.NewViewerRole()); err == nil { + if role, val, err := h.extractPermissions(w, r, statRes.Info, permissions.NewViewerRole()); err == nil { h.createFederatedCloudShare(w, r, statRes.Info, role, val) } case int(conversions.ShareTypeSpaceMembership): - if role, val, err := h.extractPermissions(w, r, statRes.Info, conversions.NewViewerRole()); err == nil { + if role, val, err := h.extractPermissions(w, r, statRes.Info, permissions.NewViewerRole()); err == nil { switch role.Name { - case conversions.RoleManager, conversions.RoleEditor, conversions.RoleViewer: + case permissions.RoleManager, permissions.RoleEditor, permissions.RoleViewer: h.addSpaceMember(w, r, statRes.Info, role, val) default: response.WriteOCSError(w, r, response.MetaBadRequest.StatusCode, "invalid role for space member", nil) @@ -404,13 +406,13 @@ func (h *Handler) SendShareNotification(opaqueID string, granter *userpb.User, g return recipient } -func (h *Handler) extractPermissions(w http.ResponseWriter, r *http.Request, ri *provider.ResourceInfo, defaultPermissions *conversions.Role) (*conversions.Role, []byte, error) { +func (h *Handler) extractPermissions(w http.ResponseWriter, r *http.Request, ri *provider.ResourceInfo, defaultPermissions *permissions.Role) (*permissions.Role, []byte, error) { reqRole, reqPermissions := r.FormValue("role"), r.FormValue("permissions") - var role *conversions.Role + var role *permissions.Role // the share role overrides the requested permissions if reqRole != "" { - role = conversions.RoleFromName(reqRole) + role = permissions.RoleFromName(reqRole) } else { // map requested permissions if reqPermissions == "" { @@ -422,44 +424,44 @@ func (h *Handler) extractPermissions(w http.ResponseWriter, r *http.Request, ri response.WriteOCSError(w, r, response.MetaBadRequest.StatusCode, "permissions must be an integer", nil) return nil, nil, err } - perm, err := conversions.NewPermissions(pint) + perm, err := permissions.NewPermissions(pint) if err != nil { - if err == conversions.ErrPermissionNotInRange { + if err == permissions.ErrPermissionNotInRange { response.WriteOCSError(w, r, http.StatusNotFound, err.Error(), nil) } else { response.WriteOCSError(w, r, response.MetaBadRequest.StatusCode, err.Error(), nil) } return nil, nil, err } - role = conversions.RoleFromOCSPermissions(perm) + role = permissions.RoleFromOCSPermissions(perm) } } - permissions := role.OCSPermissions() + perms := role.OCSPermissions() if ri != nil && ri.Type == provider.ResourceType_RESOURCE_TYPE_FILE { // Single file shares should never have delete or create permissions - permissions &^= conversions.PermissionCreate - permissions &^= conversions.PermissionDelete - if permissions == conversions.PermissionInvalid { + perms &^= permissions.PermissionCreate + perms &^= permissions.PermissionDelete + if perms == permissions.PermissionInvalid { response.WriteOCSError(w, r, response.MetaBadRequest.StatusCode, "Cannot set the requested share permissions", nil) return nil, nil, errors.New("cannot set the requested share permissions") } } // add a deny permission only if the user has the grant to deny (ResourcePermissions.DenyGrant == true) - if permissions == conversions.PermissionNone { + if perms == permissions.PermissionNone { if !ri.PermissionSet.DenyGrant { response.WriteOCSError(w, r, http.StatusNotFound, "Cannot set the requested share permissions: no deny grant on resource", nil) } } else { - existingPermissions := conversions.RoleFromResourcePermissions(ri.PermissionSet).OCSPermissions() - if permissions == conversions.PermissionInvalid || !existingPermissions.Contain(permissions) { + existingPermissions := permissions.RoleFromResourcePermissions(ri.PermissionSet).OCSPermissions() + if perms == permissions.PermissionInvalid || !existingPermissions.Contain(perms) { response.WriteOCSError(w, r, http.StatusNotFound, "Cannot set the requested share permissions", nil) return nil, nil, errors.New("cannot set the requested share permissions") } } - role = conversions.RoleFromOCSPermissions(permissions) + role = permissions.RoleFromOCSPermissions(perms) roleMap := map[string]string{"name": role.Name} val, err := json.Marshal(roleMap) if err != nil { @@ -619,7 +621,7 @@ func (h *Handler) updateShare(w http.ResponseWriter, r *http.Request, shareID st response.WriteOCSError(w, r, response.MetaBadRequest.StatusCode, "permissions must be an integer", nil) return } - permissions, err := conversions.NewPermissions(pint) + perms, err := permissions.NewPermissions(pint) if err != nil { response.WriteOCSError(w, r, response.MetaBadRequest.StatusCode, err.Error(), nil) return @@ -643,7 +645,7 @@ func (h *Handler) updateShare(w http.ResponseWriter, r *http.Request, shareID st Field: &collaboration.UpdateShareRequest_UpdateField_Permissions{ Permissions: &collaboration.SharePermissions{ // this completely overwrites the permissions for this user - Permissions: conversions.RoleFromOCSPermissions(permissions).CS3ResourcePermissions(), + Permissions: permissions.RoleFromOCSPermissions(perms).CS3ResourcePermissions(), }, }, }, @@ -721,7 +723,7 @@ func (h *Handler) updateFederatedShare(w http.ResponseWriter, r *http.Request, s response.WriteOCSError(w, r, response.MetaBadRequest.StatusCode, "permissions must be an integer", nil) return } - permissions, err := conversions.NewPermissions(pint) + perms, err := permissions.NewPermissions(pint) if err != nil { response.WriteOCSError(w, r, response.MetaBadRequest.StatusCode, err.Error(), nil) return @@ -747,7 +749,7 @@ func (h *Handler) updateFederatedShare(w http.ResponseWriter, r *http.Request, s AccessMethods: &ocmv1beta1.AccessMethod{ Term: &ocmv1beta1.AccessMethod_WebdavOptions{ WebdavOptions: &ocmv1beta1.WebDAVAccessMethod{ - Permissions: conversions.RoleFromOCSPermissions(permissions).CS3ResourcePermissions(), + Permissions: permissions.RoleFromOCSPermissions(perms).CS3ResourcePermissions(), }, }, }, diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/spaces.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/spaces.go index d02e5761dc3..9c08cd3e3c8 100644 --- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/spaces.go +++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/spaces.go @@ -28,7 +28,7 @@ import ( rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" registry "github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/response" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/errtypes" @@ -71,7 +71,7 @@ func (h *Handler) getGrantee(ctx context.Context, name string) (provider.Grantee return provider.Grantee{}, fmt.Errorf("no grantee found with name %s", name) } -func (h *Handler) addSpaceMember(w http.ResponseWriter, r *http.Request, info *provider.ResourceInfo, role *conversions.Role, roleVal []byte) { +func (h *Handler) addSpaceMember(w http.ResponseWriter, r *http.Request, info *provider.ResourceInfo, role *permissions.Role, roleVal []byte) { ctx := r.Context() shareWith := r.FormValue("shareWith") diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/user.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/user.go index b7095e29dc4..8cfb860b437 100644 --- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/user.go +++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/user.go @@ -35,11 +35,12 @@ import ( "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/response" "github.com/cs3org/reva/v3/pkg/appctx" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/rgrpc/todo/pool" ) -func (h *Handler) createUserShare(w http.ResponseWriter, r *http.Request, statInfo *provider.ResourceInfo, role *conversions.Role, roleVal []byte) { +func (h *Handler) createUserShare(w http.ResponseWriter, r *http.Request, statInfo *provider.ResourceInfo, role *permissions.Role, roleVal []byte) { ctx := r.Context() c, err := pool.GetGatewayServiceClient(pool.Endpoint(h.gatewayAddr)) if err != nil { diff --git a/pkg/cbox/utils/conversions.go b/pkg/cbox/utils/conversions.go index ab3f18e2cd2..80f424271bc 100644 --- a/pkg/cbox/utils/conversions.go +++ b/pkg/cbox/utils/conversions.go @@ -28,7 +28,7 @@ import ( link "github.com/cs3org/go-cs3apis/cs3/sharing/link/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" typespb "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" ) // DBShare stores information about user and public shares. @@ -42,7 +42,7 @@ type DBShare struct { ShareWith string Token string Expiration string - Permissions int + Permissions permissions.OcsPermissions ShareType int ShareName string STime int @@ -121,39 +121,6 @@ func ResourceTypeToItemInt(r provider.ResourceType) int { } } -// SharePermToInt maps read/write permissions to an integer. -func SharePermToInt(p *provider.ResourcePermissions) int { - var perm int - switch { - case p.InitiateFileUpload && !p.InitiateFileDownload: - perm = 4 - case p.InitiateFileUpload: - perm = 15 - case p.InitiateFileDownload: - perm = 1 - } - // TODO map denials and resharing; currently, denials are mapped to 0 - return perm -} - -// IntTosharePerm retrieves read/write permissions from an integer. -func IntTosharePerm(p int, itemType string) *provider.ResourcePermissions { - switch p { - case 1: - return conversions.NewViewerRole().CS3ResourcePermissions() - case 15: - if itemType == "folder" { - return conversions.NewEditorRole().CS3ResourcePermissions() - } - return conversions.NewFileEditorRole().CS3ResourcePermissions() - case 4: - return conversions.NewUploaderRole().CS3ResourcePermissions() - default: - // TODO we may have other options, for now this is a denial - return &provider.ResourcePermissions{} - } -} - // IntToShareState retrieves the received share state from an integer. func IntToShareState(g int) collaboration.ShareState { switch g { @@ -183,38 +150,6 @@ func MakeUserID(u string) *userpb.UserId { return &userpb.UserId{OpaqueId: u, Type: userpb.UserType_USER_TYPE_PRIMARY} } -// ConvertToCS3Share converts a DBShare and a grantee userType to a CS3API collaboration share. -// Here we take the shortcut that the Owner's and Creator's user type is PRIMARY. -func ConvertToCS3Share(s DBShare, gtype userpb.UserType) *collaboration.Share { - ts := &typespb.Timestamp{ - Seconds: uint64(s.STime), - } - return &collaboration.Share{ - Id: &collaboration.ShareId{ - OpaqueId: s.ID, - }, - //ResourceId: &provider.Reference{StorageId: s.Prefix, NodeId: s.ItemSource}, - ResourceId: &provider.ResourceId{ - StorageId: s.Prefix, - OpaqueId: s.ItemSource, - }, - Permissions: &collaboration.SharePermissions{Permissions: IntTosharePerm(s.Permissions, s.ItemType)}, - Grantee: ExtractGrantee(s.ShareType, s.ShareWith, gtype), - Owner: MakeUserID(s.UIDOwner), - Creator: MakeUserID(s.UIDInitiator), - Ctime: ts, - Mtime: ts, - } -} - -// ConvertToCS3ReceivedShare converts a DBShare and a grantee userType to a CS3API collaboration received share. -func ConvertToCS3ReceivedShare(s DBShare, gtype userpb.UserType) *collaboration.ReceivedShare { - return &collaboration.ReceivedShare{ - Share: ConvertToCS3Share(s, gtype), - State: IntToShareState(s.State), - } -} - // ConvertToCS3PublicShare converts a DBShare to a CS3API public share. // Here we take the shortcut that the Owner's and Creator's user type is PRIMARY. func ConvertToCS3PublicShare(s DBShare) *link.PublicShare { @@ -242,7 +177,7 @@ func ConvertToCS3PublicShare(s DBShare) *link.PublicShare { StorageId: s.Prefix, OpaqueId: s.ItemSource, }, - Permissions: &link.PublicSharePermissions{Permissions: IntTosharePerm(s.Permissions, s.ItemType)}, + Permissions: &link.PublicSharePermissions{Permissions: s.Permissions.AsCS3Permissions()}, Owner: MakeUserID(s.UIDOwner), Creator: MakeUserID(s.UIDInitiator), Token: s.Token, diff --git a/pkg/ocm/share/repository/nextcloud/nextcloud.go b/pkg/ocm/share/repository/nextcloud/nextcloud.go index a0af879edb4..56ff7858a16 100644 --- a/pkg/ocm/share/repository/nextcloud/nextcloud.go +++ b/pkg/ocm/share/repository/nextcloud/nextcloud.go @@ -33,7 +33,7 @@ import ( ocm "github.com/cs3org/go-cs3apis/cs3/sharing/ocm/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" typespb "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/errtypes" "github.com/cs3org/reva/v3/pkg/ocm/share" @@ -180,8 +180,8 @@ func (sm *Manager) efssShareToOcm(resp *EfssShare) *ocm.Share { // first generate the map of access methods, assuming WebDAV is always present var am = make([]*ocm.AccessMethod, 0, 3) - am = append(am, share.NewWebDavAccessMethod(conversions.RoleFromOCSPermissions( - conversions.Permissions(resp.Protocols.WebDAV.Permissions)).CS3ResourcePermissions(), []string{})) + am = append(am, share.NewWebDavAccessMethod(permissions.RoleFromOCSPermissions( + permissions.OcsPermissions(resp.Protocols.WebDAV.Permissions)).CS3ResourcePermissions(), []string{})) if resp.Protocols.WebApp.ViewMode != "" { am = append(am, share.NewWebappAccessMethod(utils.GetAppViewMode(resp.Protocols.WebApp.ViewMode))) } @@ -325,7 +325,7 @@ func efssReceivedShareToOcm(resp *ReceivedEfssShare) *ocm.ReceivedShare { // first generate the map of protocols, assuming WebDAV is always present var proto = make([]*ocm.Protocol, 0, 3) proto = append(proto, share.NewWebDAVProtocol(resp.Share.Protocols.WebDAV.URI, resp.Share.Token, &ocm.SharePermissions{ - Permissions: conversions.RoleFromOCSPermissions(conversions.Permissions(resp.Share.Protocols.WebDAV.Permissions)).CS3ResourcePermissions(), + Permissions: permissions.RoleFromOCSPermissions(permissions.OcsPermissions(resp.Share.Protocols.WebDAV.Permissions)).CS3ResourcePermissions(), }, []string{})) if resp.Share.Protocols.WebApp.ViewMode != "" { proto = append(proto, share.NewWebappProtocol(resp.Share.Protocols.WebApp.URI, utils.GetAppViewMode(resp.Share.Protocols.WebApp.ViewMode))) diff --git a/pkg/ocm/share/repository/nextcloud/nextcloud_test.go b/pkg/ocm/share/repository/nextcloud/nextcloud_test.go index c883c3986a0..36f7764e2de 100644 --- a/pkg/ocm/share/repository/nextcloud/nextcloud_test.go +++ b/pkg/ocm/share/repository/nextcloud/nextcloud_test.go @@ -27,7 +27,7 @@ import ( ocm "github.com/cs3org/go-cs3apis/cs3/sharing/ocm/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/auth/scope" @@ -283,7 +283,7 @@ var _ = Describe("Nextcloud", func() { OpaqueId: "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c", }, AccessMethods: []*ocm.AccessMethod{ - ocmshare.NewWebDavAccessMethod(conversions.NewEditorRole().CS3ResourcePermissions(), []string{}), + ocmshare.NewWebDavAccessMethod(permissions.NewEditorRole().CS3ResourcePermissions(), []string{}), ocmshare.NewWebappAccessMethod(appprovider.ViewMode_VIEW_MODE_READ_WRITE), ocmshare.NewTransferAccessMethod(), }, @@ -422,7 +422,7 @@ var _ = Describe("Nextcloud", func() { }, ShareType: ocm.ShareType_SHARE_TYPE_USER, AccessMethods: []*ocm.AccessMethod{ - ocmshare.NewWebDavAccessMethod(conversions.NewEditorRole().CS3ResourcePermissions(), []string{}), + ocmshare.NewWebDavAccessMethod(permissions.NewEditorRole().CS3ResourcePermissions(), []string{}), ocmshare.NewWebappAccessMethod(appprovider.ViewMode_VIEW_MODE_READ_WRITE), ocmshare.NewTransferAccessMethod(), }, @@ -474,7 +474,7 @@ var _ = Describe("Nextcloud", func() { ResourceType: provider.ResourceType_RESOURCE_TYPE_FILE, Protocols: []*ocm.Protocol{ ocmshare.NewWebDAVProtocol("webdav-uri", "some-token", &ocm.SharePermissions{ - Permissions: conversions.NewEditorRole().CS3ResourcePermissions(), + Permissions: permissions.NewEditorRole().CS3ResourcePermissions(), }, []string{}), ocmshare.NewWebappProtocol("app-uri-template", appprovider.ViewMode_VIEW_MODE_READ_WRITE), ocmshare.NewTransferProtocol("source-uri", "some-token", 1), @@ -532,7 +532,7 @@ var _ = Describe("Nextcloud", func() { ResourceType: provider.ResourceType_RESOURCE_TYPE_FILE, Protocols: []*ocm.Protocol{ ocmshare.NewWebDAVProtocol("webdav-uri", "some-token", &ocm.SharePermissions{ - Permissions: conversions.NewEditorRole().CS3ResourcePermissions(), + Permissions: permissions.NewEditorRole().CS3ResourcePermissions(), }, []string{}), ocmshare.NewWebappProtocol("app-uri-template", appprovider.ViewMode_VIEW_MODE_READ_WRITE), ocmshare.NewTransferProtocol("source-uri", "some-token", 1), @@ -621,7 +621,7 @@ var _ = Describe("Nextcloud", func() { ResourceType: provider.ResourceType_RESOURCE_TYPE_FILE, Protocols: []*ocm.Protocol{ ocmshare.NewWebDAVProtocol("webdav-uri", "some-token", &ocm.SharePermissions{ - Permissions: conversions.NewEditorRole().CS3ResourcePermissions(), + Permissions: permissions.NewEditorRole().CS3ResourcePermissions(), }, []string{}), ocmshare.NewWebappProtocol("app-uri-template", appprovider.ViewMode_VIEW_MODE_READ_WRITE), ocmshare.NewTransferProtocol("source-uri", "some-token", 1), diff --git a/pkg/ocm/storage/outcoming/ocm.go b/pkg/ocm/storage/outcoming/ocm.go index d2f14b34854..daa24b890e5 100644 --- a/pkg/ocm/storage/outcoming/ocm.go +++ b/pkg/ocm/storage/outcoming/ocm.go @@ -36,7 +36,7 @@ import ( typespb "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" "github.com/cs3org/reva/v3/internal/http/services/datagateway" "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocdav" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/errtypes" @@ -312,9 +312,9 @@ func getPermissionsFromShare(share *ocmv1beta1.Share) *provider.ResourcePermissi case *ocmv1beta1.AccessMethod_WebappOptions: mode := v.WebappOptions.ViewMode if mode == providerv1beta1.ViewMode_VIEW_MODE_READ_WRITE { - return conversions.NewEditorRole().CS3ResourcePermissions() + return permissions.NewEditorRole().CS3ResourcePermissions() } - return conversions.NewViewerRole().CS3ResourcePermissions() + return permissions.NewViewerRole().CS3ResourcePermissions() } } return nil diff --git a/internal/http/services/owncloud/ocs/conversions/permissions.go b/pkg/permissions/ocs.go similarity index 73% rename from internal/http/services/owncloud/ocs/conversions/permissions.go rename to pkg/permissions/ocs.go index 9b54d7f59c1..96ee1bf37e2 100644 --- a/internal/http/services/owncloud/ocs/conversions/permissions.go +++ b/pkg/permissions/ocs.go @@ -16,20 +16,22 @@ // granted to it by virtue of its status as an Intergovernmental Organization // or submit itself to any jurisdiction. -package conversions +package permissions import ( "fmt" + provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" + ) -// Permissions reflects the CRUD permissions used in the OCS sharing API. -type Permissions uint +// OcsPermissions reflects the CRUD permissions used in the OCS sharing API. +type OcsPermissions uint const ( // PermissionInvalid grants no permissions on a resource. - PermissionInvalid Permissions = 0 + PermissionInvalid OcsPermissions = 0 // PermissionRead grants read permissions on a resource. - PermissionRead Permissions = 1 << (iota - 1) + PermissionRead OcsPermissions = 1 << (iota - 1) // PermissionWrite grants write permissions on a resource. PermissionWrite // PermissionCreate grants create permissions on a resource. @@ -44,7 +46,7 @@ const ( // PermissionNone grants no permissions on a resource. PermissionNone // PermissionMax is to be used within value range checks. - PermissionMax Permissions = (1 << (iota - 1)) - 1 + PermissionMax OcsPermissions = (1 << (iota - 1)) - 1 // PermissionAll grants all permissions on a resource. PermissionAll = PermissionMax - PermissionNone // PermissionMin is to be used within value range checks. @@ -58,16 +60,32 @@ var ( // NewPermissions creates a new Permissions instance. // The value must be in the valid range. -func NewPermissions(val int) (Permissions, error) { +func NewPermissions(val int) (OcsPermissions, error) { if val == int(PermissionInvalid) { return PermissionInvalid, fmt.Errorf("permissions %d out of range %d - %d", val, PermissionMin, PermissionMax) } else if val < int(PermissionInvalid) || int(PermissionMax) < val { return PermissionInvalid, ErrPermissionNotInRange } - return Permissions(val), nil + return OcsPermissions(val), nil } // Contain tests if the permissions contain another one. -func (p Permissions) Contain(other Permissions) bool { +func (p OcsPermissions) Contain(other OcsPermissions) bool { return p&other == other } + +func (p OcsPermissions) AsCS3Permissions() *provider.ResourcePermissions { + return RoleFromOCSPermissions(p).CS3ResourcePermissions() +} + +func OCSFromCS3Permission(p *provider.ResourcePermissions) OcsPermissions { + switch { + case p.InitiateFileUpload && !p.InitiateFileDownload: + return 4 + case p.InitiateFileUpload: + return 15 + case p.InitiateFileDownload: + return 1 + } + return 0 +} diff --git a/internal/http/services/owncloud/ocs/conversions/permissions_test.go b/pkg/permissions/ocs_test.go similarity index 95% rename from internal/http/services/owncloud/ocs/conversions/permissions_test.go rename to pkg/permissions/ocs_test.go index 4d21e45f463..3f3c20ee1d2 100644 --- a/internal/http/services/owncloud/ocs/conversions/permissions_test.go +++ b/pkg/permissions/ocs_test.go @@ -16,7 +16,7 @@ // granted to it by virtue of its status as an Intergovernmental Organization // or submit itself to any jurisdiction. -package conversions +package permissions import ( "testing" @@ -46,7 +46,7 @@ func TestNewPermissionsWithInvalidValueShouldFail(t *testing.T) { } func TestContainPermissionAll(t *testing.T) { - table := map[int]Permissions{ + table := map[int]OcsPermissions{ 1: PermissionRead, 2: PermissionWrite, 4: PermissionCreate, @@ -63,7 +63,7 @@ func TestContainPermissionAll(t *testing.T) { } } func TestContainPermissionRead(t *testing.T) { - table := map[int]Permissions{ + table := map[int]OcsPermissions{ 2: PermissionWrite, 4: PermissionCreate, 8: PermissionDelete, @@ -83,7 +83,7 @@ func TestContainPermissionRead(t *testing.T) { } func TestContainPermissionCustom(t *testing.T) { - table := map[int]Permissions{ + table := map[int]OcsPermissions{ 2: PermissionWrite, 8: PermissionDelete, 31: PermissionAll, @@ -107,7 +107,7 @@ func TestContainPermissionCustom(t *testing.T) { } func TestContainWithMultiplePermissions(t *testing.T) { - table := map[int][]Permissions{ + table := map[int][]OcsPermissions{ 3: { PermissionRead, PermissionWrite, @@ -142,7 +142,7 @@ func TestPermissions2Role(t *testing.T) { } } - table := map[Permissions]string{ + table := map[OcsPermissions]string{ PermissionRead: RoleViewer, PermissionRead | PermissionWrite | PermissionCreate | PermissionDelete: RoleEditor, PermissionAll: RoleManager, diff --git a/internal/http/services/owncloud/ocs/conversions/role.go b/pkg/permissions/role.go similarity index 98% rename from internal/http/services/owncloud/ocs/conversions/role.go rename to pkg/permissions/role.go index 8dd1c62b116..05fbf729a7a 100644 --- a/internal/http/services/owncloud/ocs/conversions/role.go +++ b/pkg/permissions/role.go @@ -17,7 +17,7 @@ // or submit itself to any jurisdiction. // Package conversions sits between CS3 type definitions and OCS API Responses -package conversions +package permissions import ( "fmt" @@ -31,7 +31,7 @@ import ( type Role struct { Name string cS3ResourcePermissions *provider.ResourcePermissions - ocsPermissions Permissions + ocsPermissions OcsPermissions } const ( @@ -61,7 +61,7 @@ func (r *Role) CS3ResourcePermissions() *provider.ResourcePermissions { } // OCSPermissions for the role. -func (r *Role) OCSPermissions() Permissions { +func (r *Role) OCSPermissions() OcsPermissions { return r.ocsPermissions } @@ -254,7 +254,7 @@ func NewManagerRole() *Role { } // RoleFromOCSPermissions tries to map ocs permissions to a role. -func RoleFromOCSPermissions(p Permissions) *Role { +func RoleFromOCSPermissions(p OcsPermissions) *Role { if p.Contain(PermissionNone) { return NewDeniedRole() } diff --git a/pkg/projects/manager/memory/memory.go b/pkg/projects/manager/memory/memory.go index 3d059a135ed..ab0a85cef97 100644 --- a/pkg/projects/manager/memory/memory.go +++ b/pkg/projects/manager/memory/memory.go @@ -27,12 +27,12 @@ import ( "github.com/cs3org/reva/v3/pkg/projects" "github.com/cs3org/reva/v3/pkg/projects/manager/registry" "github.com/cs3org/reva/v3/pkg/spaces" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/utils/cfg" userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" rpcv1beta1 "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" - conversions "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" ) func init() { @@ -122,16 +122,16 @@ func (s *service) DeleteStorageSpace(ctx context.Context, req *provider.DeleteSt func projectBelongToUser(user *userpb.User, project *SpaceDescription) (*provider.ResourcePermissions, bool) { if user.Id.OpaqueId == project.Owner { - return conversions.NewManagerRole().CS3ResourcePermissions(), true + return permissions.NewManagerRole().CS3ResourcePermissions(), true } if slices.Contains(user.Groups, project.Admins) { - return conversions.NewManagerRole().CS3ResourcePermissions(), true + return permissions.NewManagerRole().CS3ResourcePermissions(), true } if slices.Contains(user.Groups, project.Writers) { - return conversions.NewEditorRole().CS3ResourcePermissions(), true + return permissions.NewEditorRole().CS3ResourcePermissions(), true } if slices.Contains(user.Groups, project.Readers) { - return conversions.NewViewerRole().CS3ResourcePermissions(), true + return permissions.NewViewerRole().CS3ResourcePermissions(), true } return nil, false } diff --git a/pkg/projects/manager/sql/sql.go b/pkg/projects/manager/sql/sql.go index 20fd0e51a1e..724d1ae8d14 100644 --- a/pkg/projects/manager/sql/sql.go +++ b/pkg/projects/manager/sql/sql.go @@ -30,7 +30,7 @@ import ( rpcv1beta1 "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" "github.com/cs3org/reva/v3/cmd/revad/pkg/config" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/projects" "github.com/cs3org/reva/v3/pkg/projects/manager/registry" @@ -302,16 +302,16 @@ func (m *ProjectsManager) GetProject(ctx context.Context, name string) (*Project func projectBelongsToUser(user *userpb.User, p *Project) (*provider.ResourcePermissions, bool) { if user.Id.OpaqueId == p.Owner { - return conversions.NewManagerRole().CS3ResourcePermissions(), true + return permissions.NewManagerRole().CS3ResourcePermissions(), true } if slices.Contains(user.Groups, p.Admins) { - return conversions.NewManagerRole().CS3ResourcePermissions(), true + return permissions.NewManagerRole().CS3ResourcePermissions(), true } if slices.Contains(user.Groups, p.Writers) { - return conversions.NewEditorRole().CS3ResourcePermissions(), true + return permissions.NewEditorRole().CS3ResourcePermissions(), true } if slices.Contains(user.Groups, p.Readers) { - return conversions.NewViewerRole().CS3ResourcePermissions(), true + return permissions.NewViewerRole().CS3ResourcePermissions(), true } return nil, false } diff --git a/pkg/projects/manager/sql/sql_test.go b/pkg/projects/manager/sql/sql_test.go index 1ded24fc12a..170a0eceb5e 100644 --- a/pkg/projects/manager/sql/sql_test.go +++ b/pkg/projects/manager/sql/sql_test.go @@ -27,7 +27,7 @@ import ( userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" projects_catalogue "github.com/cs3org/reva/v3/pkg/projects" "github.com/cs3org/reva/v3/pkg/spaces" @@ -95,9 +95,9 @@ func TestListProjects(t *testing.T) { SpaceType: spaces.SpaceTypeProject.AsString(), RootInfo: &provider.ResourceInfo{ Path: "/path/to/project", - PermissionSet: conversions.NewManagerRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewManagerRole().CS3ResourcePermissions(), }, - PermissionSet: conversions.NewManagerRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewManagerRole().CS3ResourcePermissions(), }, }, }, @@ -129,9 +129,9 @@ func TestListProjects(t *testing.T) { SpaceType: spaces.SpaceTypeProject.AsString(), RootInfo: &provider.ResourceInfo{ Path: "/path/to/project", - PermissionSet: conversions.NewViewerRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewViewerRole().CS3ResourcePermissions(), }, - PermissionSet: conversions.NewViewerRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewViewerRole().CS3ResourcePermissions(), }, }, }, @@ -163,9 +163,9 @@ func TestListProjects(t *testing.T) { SpaceType: spaces.SpaceTypeProject.AsString(), RootInfo: &provider.ResourceInfo{ Path: "/path/to/project", - PermissionSet: conversions.NewEditorRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewEditorRole().CS3ResourcePermissions(), }, - PermissionSet: conversions.NewEditorRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewEditorRole().CS3ResourcePermissions(), }, }, }, @@ -197,9 +197,9 @@ func TestListProjects(t *testing.T) { SpaceType: spaces.SpaceTypeProject.AsString(), RootInfo: &provider.ResourceInfo{ Path: "/path/to/project", - PermissionSet: conversions.NewManagerRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewManagerRole().CS3ResourcePermissions(), }, - PermissionSet: conversions.NewManagerRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewManagerRole().CS3ResourcePermissions(), }, }, }, @@ -231,9 +231,9 @@ func TestListProjects(t *testing.T) { SpaceType: spaces.SpaceTypeProject.AsString(), RootInfo: &provider.ResourceInfo{ Path: "/path/to/project", - PermissionSet: conversions.NewManagerRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewManagerRole().CS3ResourcePermissions(), }, - PermissionSet: conversions.NewManagerRole().CS3ResourcePermissions(), + PermissionSet: permissions.NewManagerRole().CS3ResourcePermissions(), }, }, }, diff --git a/pkg/share/manager/sql/conversions.go b/pkg/share/manager/sql/conversions.go index 209c285874d..2c53b81812d 100644 --- a/pkg/share/manager/sql/conversions.go +++ b/pkg/share/manager/sql/conversions.go @@ -27,7 +27,7 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" "github.com/cs3org/reva/v3/internal/http/services/opencloudmesh/ocmd" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/ocm/share" model "github.com/cs3org/reva/v3/pkg/share/manager/sql/model" ) @@ -175,7 +175,7 @@ func convertToCS3AccessMethod(m *model.OcmShareProtocol) *ocm.AccessMethod { switch m.Type { case model.WebDAVProtocol: return share.NewWebDavAccessMethod( - conversions.RoleFromOCSPermissions(conversions.Permissions(m.Permissions)).CS3ResourcePermissions(), + permissions.RoleFromOCSPermissions(permissions.OcsPermissions(m.Permissions)).CS3ResourcePermissions(), []string{}) // TODO persist requirements case model.WebappProtocol: return share.NewWebappAccessMethod(appprovider.ViewMode(m.Permissions)) @@ -189,7 +189,7 @@ func convertToCS3Protocol(p *model.OcmReceivedShareProtocol) *ocm.Protocol { switch p.Type { case model.WebDAVProtocol: return share.NewWebDAVProtocol(p.Uri, p.SharedSecret, &ocm.SharePermissions{ - Permissions: conversions.RoleFromOCSPermissions(conversions.Permissions(p.Permissions)).CS3ResourcePermissions(), + Permissions: permissions.RoleFromOCSPermissions(permissions.OcsPermissions(p.Permissions)).CS3ResourcePermissions(), }, []string{}) // TODO persist requirements case model.WebappProtocol: return share.NewWebappProtocol(p.Uri, appprovider.ViewMode(p.Permissions)) diff --git a/pkg/share/manager/sql/model/model.go b/pkg/share/manager/sql/model/model.go index 2d170563bb3..e4efc851972 100644 --- a/pkg/share/manager/sql/model/model.go +++ b/pkg/share/manager/sql/model/model.go @@ -30,6 +30,7 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" conversions "github.com/cs3org/reva/v3/pkg/cbox/utils" + "github.com/cs3org/reva/v3/pkg/permissions" "gorm.io/datatypes" "gorm.io/gorm" @@ -230,7 +231,7 @@ func (s *Share) AsCS3Share(granteeType userpb.UserType) *collaboration.Share { StorageId: s.Instance, OpaqueId: s.Inode, }, - Permissions: &collaboration.SharePermissions{Permissions: conversions.IntTosharePerm(int(s.Permissions), s.ItemType.String())}, + Permissions: &collaboration.SharePermissions{Permissions: permissions.OcsPermissions(s.Permissions).AsCS3Permissions()}, Grantee: extractGrantee(s.SharedWithIsGroup, s.ShareWith, granteeType), Owner: conversions.MakeUserID(s.UIDOwner), Creator: conversions.MakeUserID(s.UIDInitiator), @@ -290,7 +291,7 @@ func (p *PublicLink) AsCS3PublicShare() *link.PublicShare { StorageId: p.Instance, OpaqueId: p.Inode, }, - Permissions: &link.PublicSharePermissions{Permissions: conversions.IntTosharePerm(int(p.Permissions), p.ItemType.String())}, + Permissions: &link.PublicSharePermissions{Permissions: permissions.OcsPermissions(p.Permissions).AsCS3Permissions()}, Owner: conversions.MakeUserID(p.UIDOwner), Creator: conversions.MakeUserID(p.UIDInitiator), Token: p.Token, diff --git a/pkg/share/manager/sql/ocm_shares.go b/pkg/share/manager/sql/ocm_shares.go index 0c7c899d944..a972cedbd36 100644 --- a/pkg/share/manager/sql/ocm_shares.go +++ b/pkg/share/manager/sql/ocm_shares.go @@ -28,9 +28,8 @@ import ( userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" ocm "github.com/cs3org/go-cs3apis/cs3/sharing/ocm/v1beta1" typesv1beta1 "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" - "github.com/cs3org/reva/v3/pkg/cbox/utils" "github.com/cs3org/reva/v3/pkg/errtypes" "github.com/cs3org/reva/v3/pkg/ocm/share" model "github.com/cs3org/reva/v3/pkg/share/manager/sql/model" @@ -141,7 +140,7 @@ func storeWebDAVAccessMethod(tx *gorm.DB, shareID uint, o *ocm.AccessMethod_Webd accessMethod := &model.OcmShareProtocol{ OcmShareID: uint(shareID), Type: model.WebDAVProtocol, - Permissions: utils.SharePermToInt(o.WebdavOptions.Permissions), + Permissions: int(permissions.OCSFromCS3Permission(o.WebdavOptions.Permissions)), } err := tx.Create(accessMethod).Error @@ -324,7 +323,7 @@ func storeWebDAVProtocol(tx *gorm.DB, shareID int64, o *ocm.Protocol_WebdavOptio Type: model.WebDAVProtocol, Uri: o.WebdavOptions.Uri, SharedSecret: o.WebdavOptions.SharedSecret, - Permissions: utils.SharePermToInt(o.WebdavOptions.Permissions.Permissions), + Permissions: int(permissions.OCSFromCS3Permission(o.WebdavOptions.Permissions.Permissions)), } if err := tx.Create(protocol).Error; err != nil { @@ -597,7 +596,7 @@ func (m *mgr) queriesUpdatesOnShare(ctx context.Context, id *ocm.ShareId, f ...* accessMethodUpdates = append(accessMethodUpdates, func(tx *gorm.DB) error { return tx.Model(&model.OcmShareProtocol{}). Where("ocm_share_id = ? AND type = ?", id.OpaqueId, model.WebDAVProtocol). - Update("permissions", int(conversions.RoleFromResourcePermissions(t.WebdavOptions.Permissions).OCSPermissions())).Error + Update("permissions", int(permissions.RoleFromResourcePermissions(t.WebdavOptions.Permissions).OCSPermissions())).Error }) case *ocm.AccessMethod_WebappOptions: accessMethodUpdates = append(accessMethodUpdates, func(tx *gorm.DB) error { diff --git a/pkg/share/manager/sql/ocm_shares_test.go b/pkg/share/manager/sql/ocm_shares_test.go index 9ffad036a34..c90bfe14f7e 100644 --- a/pkg/share/manager/sql/ocm_shares_test.go +++ b/pkg/share/manager/sql/ocm_shares_test.go @@ -12,8 +12,8 @@ import ( ocm "github.com/cs3org/go-cs3apis/cs3/sharing/ocm/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" typesv1beta1 "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - ocsconversions "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" - conversions "github.com/cs3org/reva/v3/pkg/cbox/utils" + //permissions "github.com/cs3org/reva/v3/pkg/cbox/utils" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/ocm/share" @@ -87,9 +87,9 @@ func getWebAppProtocol(appURL string, role string) *ocm.Protocol { return nil } -func getProtocols(permissions int, resource_type string, role string) []*ocm.Protocol { +func getProtocols(ocsPermissions permissions.OcsPermissions, resource_type string, role string) []*ocm.Protocol { perms := &ocm.SharePermissions{ - Permissions: conversions.IntTosharePerm(permissions, resource_type), + Permissions: permissions.RoleFromOCSPermissions(ocsPermissions).CS3ResourcePermissions(), //conversions.IntTosharePerm(permissions, resource_type), } protocols := []*ocm.Protocol{ getWebDavProtocol("https://webdav.example.com/remote.php/dav/shares/someid", "sharedsecret", perms, role), @@ -141,12 +141,12 @@ func getOcmAccessMethods(role string) []*ocm.AccessMethod { switch role { case "viewer": return []*ocm.AccessMethod{ - share.NewWebDavAccessMethod(ocsconversions.NewViewerRole().CS3ResourcePermissions(), []string{}), + share.NewWebDavAccessMethod(permissions.NewViewerRole().CS3ResourcePermissions(), []string{}), share.NewWebappAccessMethod(appprovider.ViewMode_VIEW_MODE_READ_ONLY), } case "editor": return []*ocm.AccessMethod{ - share.NewWebDavAccessMethod(ocsconversions.NewEditorRole().CS3ResourcePermissions(), []string{}), + share.NewWebDavAccessMethod(permissions.NewEditorRole().CS3ResourcePermissions(), []string{}), share.NewWebappAccessMethod(appprovider.ViewMode_VIEW_MODE_READ_WRITE), } } diff --git a/pkg/share/manager/sql/public_link.go b/pkg/share/manager/sql/public_link.go index 94f107843ea..aa8dc31350b 100644 --- a/pkg/share/manager/sql/public_link.go +++ b/pkg/share/manager/sql/public_link.go @@ -34,6 +34,7 @@ import ( "github.com/cs3org/reva/v3/pkg/publicshare" "github.com/cs3org/reva/v3/pkg/share/manager/sql/model" "github.com/cs3org/reva/v3/pkg/utils" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/utils/cfg" "github.com/pkg/errors" "golang.org/x/crypto/bcrypt" @@ -117,7 +118,7 @@ func (m *PublicShareMgr) CreatePublicShare(ctx context.Context, u *user.User, md publiclink.ItemType = model.ItemType(conversions.ResourceTypeToItem(md.Type)) publiclink.Inode = md.Id.OpaqueId publiclink.Instance = md.Id.StorageId - publiclink.Permissions = uint8(conversions.SharePermToInt(g.Permissions.Permissions)) + publiclink.Permissions = uint8(permissions.OCSFromCS3Permission(g.Permissions.Permissions)) publiclink.Orphan = false if g.Password != "" { @@ -156,10 +157,10 @@ func (m *PublicShareMgr) UpdatePublicShare(ctx context.Context, u *user.User, re Where("id = ?", publiclink.Id). Update("link_name", req.Update.GetDisplayName()) case link.UpdatePublicShareRequest_Update_TYPE_PERMISSIONS: - permissions := conversions.SharePermToInt(req.Update.GetGrant().GetPermissions().Permissions) + perms := uint8(permissions.OCSFromCS3Permission(g.Permissions.Permissions)) res = m.db.Model(&publiclink). Where("id = ?", publiclink.Id). - Update("permissions", uint8(permissions)) + Update("permissions", perms) case link.UpdatePublicShareRequest_Update_TYPE_EXPIRATION: if req.Update.GetGrant().Expiration == nil { res = m.db.Model(&publiclink). diff --git a/pkg/share/manager/sql/public_link_test.go b/pkg/share/manager/sql/public_link_test.go index 466c2e5919f..00d6b5c093c 100644 --- a/pkg/share/manager/sql/public_link_test.go +++ b/pkg/share/manager/sql/public_link_test.go @@ -11,7 +11,7 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" typespb "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" "github.com/cs3org/reva/v3/pkg/appctx" - conversions "github.com/cs3org/reva/v3/pkg/cbox/utils" + "github.com/cs3org/reva/v3/pkg/permissions" publicshare "github.com/cs3org/reva/v3/pkg/publicshare" ) @@ -38,7 +38,7 @@ func setupSuiteLinks(tb testing.TB) (publicshare.Manager, error, func(tb testing func getTestPublicLinkGrant(password string) *link.Grant { return &link.Grant{ Permissions: &link.PublicSharePermissions{ - Permissions: conversions.IntTosharePerm(1, "file"), + Permissions: permissions.OcsPermissions(1).AsCS3Permissions(), }, Password: password, Expiration: &typespb.Timestamp{ diff --git a/pkg/share/manager/sql/share.go b/pkg/share/manager/sql/share.go index 794789d9f6e..84a9413c503 100644 --- a/pkg/share/manager/sql/share.go +++ b/pkg/share/manager/sql/share.go @@ -38,6 +38,7 @@ import ( revashare "github.com/cs3org/reva/v3/pkg/share" "github.com/cs3org/reva/v3/pkg/share/manager/sql/model" "github.com/cs3org/reva/v3/pkg/utils" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/utils/cfg" "google.golang.org/genproto/protobuf/field_mask" @@ -130,7 +131,7 @@ func (m *ShareMgr) Share(ctx context.Context, md *provider.ResourceInfo, g *coll share.ItemType = model.ItemType(conversions.ResourceTypeToItem(md.Type)) share.Inode = md.Id.OpaqueId share.Instance = md.Id.StorageId - share.Permissions = uint8(conversions.SharePermToInt(g.Permissions.Permissions)) + share.Permissions = uint8(permissions.OCSFromCS3Permission(g.Permissions.Permissions)) share.Orphan = false if g.Expiration != nil { @@ -175,8 +176,8 @@ func (m *ShareMgr) UpdateShare(ctx context.Context, ref *collaboration.ShareRefe switch req.Field.GetField().(type) { case *collaboration.UpdateShareRequest_UpdateField_Permissions: - permissions := conversions.SharePermToInt(req.Field.GetPermissions().Permissions) - res := m.db.Model(&share).Where("id = ?", share.Id).Update("permissions", uint8(permissions)) + perms := uint8(permissions.OCSFromCS3Permission(req.Field.GetPermissions().Permissions)) + res := m.db.Model(&share).Where("id = ?", share.Id).Update("permissions", perms) if res.Error != nil { return nil, res.Error } diff --git a/pkg/share/manager/sql/share_test.go b/pkg/share/manager/sql/share_test.go index 918282f10f9..69bfee385da 100644 --- a/pkg/share/manager/sql/share_test.go +++ b/pkg/share/manager/sql/share_test.go @@ -13,7 +13,7 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" typesv1beta1 "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" "github.com/cs3org/reva/v3/pkg/appctx" - conversions "github.com/cs3org/reva/v3/pkg/cbox/utils" + "github.com/cs3org/reva/v3/pkg/permissions" revashare "github.com/cs3org/reva/v3/pkg/share" "google.golang.org/genproto/protobuf/field_mask" ) @@ -84,7 +84,7 @@ func getUserShareGrant(shareeId, resourcetype string) *collaboration.ShareGrant sharegrant := &collaboration.ShareGrant{ Grantee: sharee, Permissions: &collaboration.SharePermissions{ - Permissions: conversions.IntTosharePerm(1, resourcetype), + Permissions: permissions.OcsPermissions(1).AsCS3Permissions(), //conversions.IntTosharePerm(1, resourcetype), }, } return sharegrant @@ -102,7 +102,7 @@ func getGroupShareGrant(shareeId, resourcetype string) *collaboration.ShareGrant return &collaboration.ShareGrant{ Grantee: sharee, Permissions: &collaboration.SharePermissions{ - Permissions: conversions.IntTosharePerm(1, resourcetype), + Permissions: permissions.OcsPermissions(1).AsCS3Permissions(), }, } } @@ -280,7 +280,7 @@ func TestDoNotCreateSameShareTwice(t *testing.T) { sharegrant := &collaboration.ShareGrant{ Grantee: sharee, Permissions: &collaboration.SharePermissions{ - Permissions: conversions.IntTosharePerm(1, "file"), + Permissions: permissions.OcsPermissions(1).AsCS3Permissions(), }, } userctx := getUserContext("123456") @@ -485,7 +485,7 @@ func TestUpdateShare(t *testing.T) { Field: &collaboration.UpdateShareRequest_UpdateField{ Field: &collaboration.UpdateShareRequest_UpdateField_Permissions{ Permissions: &collaboration.SharePermissions{ - Permissions: conversions.IntTosharePerm(newPermissions, "file"), + Permissions: permissions.OcsPermissions(newPermissions).AsCS3Permissions(), }, }, }, @@ -495,7 +495,7 @@ func TestUpdateShare(t *testing.T) { t.FailNow() } - retrievedPerms := conversions.SharePermToInt(updatedShare.Permissions.Permissions) + retrievedPerms := int(permissions.OCSFromCS3Permission(updatedShare.Permissions.Permissions)) if retrievedPerms != newPermissions { t.Errorf("Expected share permissions to be updated, but they were not: got %d instead of %d", retrievedPerms, newPermissions) } diff --git a/pkg/storage/fs/nextcloud/nextcloud.go b/pkg/storage/fs/nextcloud/nextcloud.go index 4ee4de6582f..47466c88dde 100644 --- a/pkg/storage/fs/nextcloud/nextcloud.go +++ b/pkg/storage/fs/nextcloud/nextcloud.go @@ -31,7 +31,7 @@ import ( user "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/errtypes" @@ -267,8 +267,8 @@ func resInfoFromEFSS(respObj *MDFromEFSS) *provider.ResourceInfo { Seconds: uint64(respObj.Mtime.Seconds), }, Path: respObj.Path, - PermissionSet: conversions.RoleFromOCSPermissions( - conversions.Permissions(respObj.Permissions)).CS3ResourcePermissions(), + PermissionSet: permissions.RoleFromOCSPermissions( + permissions.OcsPermissions(respObj.Permissions)).CS3ResourcePermissions(), Size: uint64(respObj.Size), Owner: &user.UserId{ Idp: respObj.Owner.Idp, diff --git a/pkg/storage/fs/nextcloud/nextcloud_test.go b/pkg/storage/fs/nextcloud/nextcloud_test.go index ee0e783f121..114a750022d 100644 --- a/pkg/storage/fs/nextcloud/nextcloud_test.go +++ b/pkg/storage/fs/nextcloud/nextcloud_test.go @@ -29,7 +29,7 @@ import ( userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/auth/scope" @@ -231,7 +231,7 @@ var _ = Describe("Nextcloud", func() { Nanos: 0, }, Path: "/some/path", - PermissionSet: conversions.RoleFromOCSPermissions(conversions.Permissions(0)).CS3ResourcePermissions(), + PermissionSet: permissions.RoleFromOCSPermissions(permissions.OcsPermissions(0)).CS3ResourcePermissions(), Size: 12345, Owner: &userpb.UserId{ Idp: "", @@ -281,7 +281,7 @@ var _ = Describe("Nextcloud", func() { Nanos: 0, }, Path: "/some/path", - PermissionSet: conversions.RoleFromOCSPermissions(conversions.Permissions(0)).CS3ResourcePermissions(), + PermissionSet: permissions.RoleFromOCSPermissions(permissions.OcsPermissions(0)).CS3ResourcePermissions(), Size: 12345, Owner: &userpb.UserId{ Idp: "", diff --git a/pkg/storage/utils/eosfs/eosfs.go b/pkg/storage/utils/eosfs/eosfs.go index d7a7a7a2b9a..10f190bbaa9 100644 --- a/pkg/storage/utils/eosfs/eosfs.go +++ b/pkg/storage/utils/eosfs/eosfs.go @@ -41,7 +41,7 @@ import ( rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/appctx" "github.com/cs3org/reva/v3/pkg/spaces" @@ -1723,22 +1723,22 @@ func (fs *Eosfs) permissionSet(ctx context.Context, eosFileInfo *eosclient.FileI if role, ok := utils.HasPublicShareRole(u); ok { switch role { case "editor": - return conversions.NewEditorRole().CS3ResourcePermissions() + return permissions.NewEditorRole().CS3ResourcePermissions() case "uploader": - return conversions.NewUploaderRole().CS3ResourcePermissions() + return permissions.NewUploaderRole().CS3ResourcePermissions() } - return conversions.NewViewerRole().CS3ResourcePermissions() + return permissions.NewViewerRole().CS3ResourcePermissions() } if role, ok := utils.HasOCMShareRole(u); ok { if role == "editor" { - return conversions.NewEditorRole().CS3ResourcePermissions() + return permissions.NewEditorRole().CS3ResourcePermissions() } - return conversions.NewViewerRole().CS3ResourcePermissions() + return permissions.NewViewerRole().CS3ResourcePermissions() } if utils.UserEqual(u.Id, owner) { - return conversions.NewManagerRole().CS3ResourcePermissions() + return permissions.NewManagerRole().CS3ResourcePermissions() } auth, err := fs.getUserAuth(ctx, u, eosFileInfo.File) diff --git a/tests/integration/grpc/ocm_share_test.go b/tests/integration/grpc/ocm_share_test.go index 653cd45ae5d..dd36b65c49d 100644 --- a/tests/integration/grpc/ocm_share_test.go +++ b/tests/integration/grpc/ocm_share_test.go @@ -37,7 +37,7 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" "github.com/cs3org/reva/v3/internal/http/services/datagateway" "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocdav" - "github.com/cs3org/reva/v3/internal/http/services/owncloud/ocs/conversions" + "github.com/cs3org/reva/v3/pkg/permissions" "github.com/cs3org/reva/v3/pkg/httpclient" "github.com/cs3org/reva/v3/pkg/ocm/share" "github.com/cs3org/reva/v3/pkg/rgrpc/todo/pool" @@ -200,7 +200,7 @@ var _ = Describe("ocm share", func() { }, }, AccessMethods: []*ocmv1beta1.AccessMethod{ - share.NewWebDavAccessMethod(conversions.NewViewerRole().CS3ResourcePermissions(), []string{}), + share.NewWebDavAccessMethod(permissions.NewViewerRole().CS3ResourcePermissions(), []string{}), }, RecipientMeshProvider: cesnet.ProviderInfo, }) @@ -293,7 +293,7 @@ var _ = Describe("ocm share", func() { }, }, AccessMethods: []*ocmv1beta1.AccessMethod{ - share.NewWebDavAccessMethod(conversions.NewEditorRole().CS3ResourcePermissions(), []string{}), + share.NewWebDavAccessMethod(permissions.NewEditorRole().CS3ResourcePermissions(), []string{}), }, RecipientMeshProvider: cesnet.ProviderInfo, }) @@ -389,7 +389,7 @@ var _ = Describe("ocm share", func() { }, }, AccessMethods: []*ocmv1beta1.AccessMethod{ - share.NewWebDavAccessMethod(conversions.NewViewerRole().CS3ResourcePermissions(), []string{}), + share.NewWebDavAccessMethod(permissions.NewViewerRole().CS3ResourcePermissions(), []string{}), }, RecipientMeshProvider: cesnet.ProviderInfo, }) @@ -492,7 +492,7 @@ var _ = Describe("ocm share", func() { }, }, AccessMethods: []*ocmv1beta1.AccessMethod{ - share.NewWebDavAccessMethod(conversions.NewEditorRole().CS3ResourcePermissions(), []string{}), + share.NewWebDavAccessMethod(permissions.NewEditorRole().CS3ResourcePermissions(), []string{}), }, RecipientMeshProvider: cesnet.ProviderInfo, }) @@ -641,7 +641,7 @@ var _ = Describe("ocm share", func() { }, }, AccessMethods: []*ocmv1beta1.AccessMethod{ - share.NewWebDavAccessMethod(conversions.NewEditorRole().CS3ResourcePermissions(), []string{}), + share.NewWebDavAccessMethod(permissions.NewEditorRole().CS3ResourcePermissions(), []string{}), }, RecipientMeshProvider: cesnet.ProviderInfo, }) @@ -658,7 +658,7 @@ var _ = Describe("ocm share", func() { }, }, AccessMethods: []*ocmv1beta1.AccessMethod{ - share.NewWebDavAccessMethod(conversions.NewEditorRole().CS3ResourcePermissions(), []string{}), + share.NewWebDavAccessMethod(permissions.NewEditorRole().CS3ResourcePermissions(), []string{}), }, RecipientMeshProvider: cesnet.ProviderInfo, }) @@ -683,7 +683,7 @@ var _ = Describe("ocm share", func() { }, }, AccessMethods: []*ocmv1beta1.AccessMethod{ - share.NewWebDavAccessMethod(conversions.NewEditorRole().CS3ResourcePermissions(), []string{}), + share.NewWebDavAccessMethod(permissions.NewEditorRole().CS3ResourcePermissions(), []string{}), }, RecipientMeshProvider: cesnet.ProviderInfo, }) @@ -718,7 +718,7 @@ var _ = Describe("ocm share", func() { }, }, AccessMethods: []*ocmv1beta1.AccessMethod{ - share.NewWebDavAccessMethod(conversions.NewEditorRole().CS3ResourcePermissions(), []string{"unsupported-requirement"}), + share.NewWebDavAccessMethod(permissions.NewEditorRole().CS3ResourcePermissions(), []string{"unsupported-requirement"}), }, RecipientMeshProvider: cesnet.ProviderInfo, })