Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Differentiate share types when retrieving received shares in sql driver #2116

Merged
merged 3 commits into from
Oct 7, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions changelog/unreleased/shares-sql-received-fix.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
Bugfix: Differentiate share types when retrieving received shares in sql driver

https://github.com/cs3org/reva/pull/2116
6 changes: 3 additions & 3 deletions internal/grpc/services/gateway/authprovider.go
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ func (s *svc) Authenticate(ctx context.Context, req *gateway.AuthenticateRequest
}, nil
}

u := res.User
u := *res.User
if sharedconf.SkipUserGroupsInToken() {
u.Groups = []string{}
}
Expand All @@ -109,7 +109,7 @@ func (s *svc) Authenticate(ctx context.Context, req *gateway.AuthenticateRequest
// the resources referenced by these. Since the current scope can do that,
// mint a temporary token based on that and expand the scope. Then set the
// token obtained from the updated scope in the context.
token, err := s.tokenmgr.MintToken(ctx, u, res.TokenScope)
token, err := s.tokenmgr.MintToken(ctx, &u, res.TokenScope)
if err != nil {
err = errors.Wrap(err, "authsvc: error in MintToken")
res := &gateway.AuthenticateResponse{
Expand All @@ -129,7 +129,7 @@ func (s *svc) Authenticate(ctx context.Context, req *gateway.AuthenticateRequest
}, nil
}

token, err = s.tokenmgr.MintToken(ctx, u, scope)
token, err = s.tokenmgr.MintToken(ctx, &u, scope)
if err != nil {
err = errors.Wrap(err, "authsvc: error in MintToken")
res := &gateway.AuthenticateResponse{
Expand Down
4 changes: 2 additions & 2 deletions internal/http/services/appprovider/appprovider.go
Original file line number Diff line number Diff line change
Expand Up @@ -332,12 +332,12 @@ func (s *svc) getStatInfo(ctx context.Context, fileID string, client gateway.Gat

decodedID, err := base64.URLEncoding.DecodeString(fileID)
if err != nil {
return nil, ocmd.APIErrorInvalidParameter, errors.Wrap(err, "fileID doesn't follow the required format")
return nil, ocmd.APIErrorInvalidParameter, errors.Wrap(err, fmt.Sprintf("fileID %s doesn't follow the required format", fileID))
}

parts := strings.Split(string(decodedID), idDelimiter)
if !utf8.ValidString(parts[0]) || !utf8.ValidString(parts[1]) {
return nil, ocmd.APIErrorInvalidParameter, errors.New("fileID contains illegal characters")
return nil, ocmd.APIErrorInvalidParameter, errtypes.BadRequest(fmt.Sprintf("fileID %s contains illegal characters", fileID))
}
res := &provider.ResourceId{
StorageId: parts[0],
Expand Down
12 changes: 6 additions & 6 deletions pkg/cbox/share/sql/sql.go
Original file line number Diff line number Diff line change
Expand Up @@ -328,9 +328,9 @@ func (m *mgr) ListReceivedShares(ctx context.Context, filters []*collaboration.F
FROM oc_share ts LEFT JOIN oc_share_acl tr ON (ts.id = tr.id AND tr.rejected_by = ?)
WHERE (orphan = 0 or orphan IS NULL) AND (uid_owner != ? AND uid_initiator != ?)`
if len(user.Groups) > 0 {
query += " AND (share_with=? OR share_with in (?" + strings.Repeat(",?", len(user.Groups)-1) + "))"
query += " AND ((share_with=? AND share_type = 0) OR (share_type = 1 AND share_with in (?" + strings.Repeat(",?", len(user.Groups)-1) + ")))"
} else {
query += " AND (share_with=?)"
query += " AND (share_with=? AND share_type = 0)"
}

for _, f := range filters {
Expand Down Expand Up @@ -375,9 +375,9 @@ func (m *mgr) getReceivedByID(ctx context.Context, id *collaboration.ShareId) (*
s := conversions.DBShare{ID: id.OpaqueId}
query := "select coalesce(uid_owner, '') as uid_owner, coalesce(uid_initiator, '') as uid_initiator, coalesce(share_with, '') as share_with, coalesce(fileid_prefix, '') as fileid_prefix, coalesce(item_source, '') as item_source, stime, permissions, share_type, accepted, coalesce(tr.rejected_by, '') as rejected_by FROM oc_share ts LEFT JOIN oc_share_acl tr ON (ts.id = tr.id AND tr.rejected_by = ?) WHERE (orphan = 0 or orphan IS NULL) AND ts.id=? "
if len(user.Groups) > 0 {
query += "AND (share_with=? OR share_with in (?" + strings.Repeat(",?", len(user.Groups)-1) + "))"
query += "AND ((share_with=? AND share_type = 0) OR (share_type = 1 AND share_with in (?" + strings.Repeat(",?", len(user.Groups)-1) + ")))"
} else {
query += "AND (share_with=?)"
query += "AND (share_with=? AND share_type = 0)"
}
if err := m.db.QueryRow(query, params...).Scan(&s.UIDOwner, &s.UIDInitiator, &s.ShareWith, &s.Prefix, &s.ItemSource, &s.STime, &s.Permissions, &s.ShareType, &s.State, &s.RejectedBy); err != nil {
if err == sql.ErrNoRows {
Expand All @@ -401,9 +401,9 @@ func (m *mgr) getReceivedByKey(ctx context.Context, key *collaboration.ShareKey)
s := conversions.DBShare{}
query := "select coalesce(uid_owner, '') as uid_owner, coalesce(uid_initiator, '') as uid_initiator, coalesce(share_with, '') as share_with, coalesce(fileid_prefix, '') as fileid_prefix, coalesce(item_source, '') as item_source, ts.id, stime, permissions, share_type, accepted, coalesce(tr.rejected_by, '') as rejected_by FROM oc_share ts LEFT JOIN oc_share_acl tr ON (ts.id = tr.id AND tr.rejected_by = ?) WHERE (orphan = 0 or orphan IS NULL) AND uid_owner=? AND fileid_prefix=? AND item_source=? AND share_type=? AND share_with=? "
if len(user.Groups) > 0 {
query += "AND (share_with=? OR share_with in (?" + strings.Repeat(",?", len(user.Groups)-1) + "))"
query += "AND ((share_with=? AND share_type = 0) OR (share_type = 1 AND share_with in (?" + strings.Repeat(",?", len(user.Groups)-1) + ")))"
} else {
query += "AND (share_with=?)"
query += "AND (share_with=? AND share_type = 0)"
}

if err := m.db.QueryRow(query, params...).Scan(&s.UIDOwner, &s.UIDInitiator, &s.ShareWith, &s.Prefix, &s.ItemSource, &s.ID, &s.STime, &s.Permissions, &s.ShareType, &s.State, &s.RejectedBy); err != nil {
Expand Down