move unwrapping and wrapping of paths to the gateway

temporary change to check CI
cs3org · Oct 13, 2021 · c9835c6 · c9835c6
1 parent 19f83bd
commit c9835c6
Show file tree

Hide file tree

Showing 11 changed files with 254 additions and 362 deletions.
diff --git a/changelog/unreleased/wrap-unwrap-in-gateway.md b/changelog/unreleased/wrap-unwrap-in-gateway.md
@@ -0,0 +1,5 @@
+Change: move wrapping and unwrapping of paths to the storage gateway
+
+We've moved the wrapping and unwrapping of reference paths to the storage gateway so that the storageprovider doesn't have to know its mount path.
+
+https://github.com/cs3org/reva/pull/2016
diff --git a/internal/grpc/interceptors/auth/scope.go b/internal/grpc/interceptors/auth/scope.go
@@ -160,11 +160,25 @@ func checkResourcePath(ctx context.Context, ref *provider.Reference, r *provider
  return false, statuspkg.NewErrorFromCode(statResponse.Status.Code, "auth interceptor")
  }
 
- if strings.HasPrefix(ref.GetPath(), statResponse.Info.Path) {
+ resourcePath := statResponse.Info.Path
+
+ if strings.HasPrefix(ref.GetPath(), resourcePath) {
  // The path corresponds to the resource to which the token has access.
  // We allow access to it.
  return true, nil
  }
+
+ // If we arrived here that could mean that ref.GetPath is not prefixed with the storage mount path but resourcePath is
+ // because it was returned by the gateway which will prefix it. To fix that we remove the mount path from the resourcePath.
+ // resourcePath = "/users/<name>/some/path"
+ // After the split we have [" ", "users", "<name>/some/path"].
+ trimmedPath := "/" + strings.SplitN(resourcePath, "/", 3)[2]
+ if strings.HasPrefix(ref.GetPath(), trimmedPath) {
+ // The path corresponds to the resource to which the token has access.
+ // We allow access to it.
+ return true, nil
+ }
+
  return false, nil
 }
 

diff --git a/internal/grpc/services/gateway/ocmshareprovider.go b/internal/grpc/services/gateway/ocmshareprovider.go
@@ -352,19 +352,25 @@ func (s *svc) createOCMReference(ctx context.Context, share *ocm.Share) (*rpc.St
  }
 
  log.Info().Msg("mount path will be:" + refPath)
- createRefReq := &provider.CreateReferenceRequest{
- Ref: &provider.Reference{Path: refPath},
- TargetUri: targetURI,
- }
 
- c, err := s.findByPath(ctx, refPath)
+ c, p, err := s.findByPath(ctx, refPath)
  if err != nil {
  if _, ok := err.(errtypes.IsNotFound); ok {
  return status.NewNotFound(ctx, "storage provider not found"), nil
  }
  return status.NewInternal(ctx, err, "error finding storage provider"), nil
  }
-
+ pRef, err := unwrap(&provider.Reference{Path: refPath}, p.ProviderPath)
+ if err != nil {
+ log.Err(err).Msg("gateway: error unwrapping")
+ return &rpc.Status{
+ Code: rpc.Code_CODE_INTERNAL,
+ }, nil
+ }
+ createRefReq := &provider.CreateReferenceRequest{
+ Ref: pRef,
+ TargetUri: targetURI,
+ }
  createRefRes, err := c.CreateReference(ctx, createRefReq)
  if err != nil {
  log.Err(err).Msg("gateway: error calling GetHome")