Merge pull request #3232 from kobergj/StoreSettingsViaMetadata

[full-ci] Store settings via metadata
owncloud · Mar 15, 2022 · 5a67a20 · 5a67a20
2 parents b0ea1de + d54f75d
commit 5a67a20
Show file tree

Hide file tree

Showing 21 changed files with 1,864 additions and 38 deletions.
diff --git a/accounts/pkg/config/defaults/defaultconfig.go b/accounts/pkg/config/defaults/defaultconfig.go
@@ -71,7 +71,7 @@ func DefaultConfig() *config.Config {
  },
  ServiceUser: config.ServiceUser{
  UUID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
- Username: "",
+ Username: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
  UID: 0,
  GID: 0,
  },

diff --git a/accounts/pkg/service/v0/accounts.go b/accounts/pkg/service/v0/accounts.go
@@ -99,33 +99,6 @@ func (s Service) hasSelfManagementPermissions(ctx context.Context) bool {
  return s.RoleManager.FindPermissionByID(ctx, roleIDs, SelfManagementPermissionID) != nil
 }
 
-// serviceUserToIndex temporarily adds a service user to the index, which is supposed to be removed before the lock on the handler function is released
-func (s Service) serviceUserToIndex() (teardownServiceUser func()) {
- if s.Config.ServiceUser.Username != "" && s.Config.ServiceUser.UUID != "" {
- _, err := s.index.Add(s.getInMemoryServiceUser())
- if err != nil {
- s.log.Logger.Err(err).Msg("service user was configured but failed to be added to the index")
- } else {
- return func() {
- _ = s.index.Delete(s.getInMemoryServiceUser())
- }
- }
- }
- return func() {}
-}
-
-func (s Service) getInMemoryServiceUser() accountsmsg.Account {
- return accountsmsg.Account{
- AccountEnabled: true,
- Id: s.Config.ServiceUser.UUID,
- PreferredName: s.Config.ServiceUser.Username,
- OnPremisesSamAccountName: s.Config.ServiceUser.Username,
- DisplayName: s.Config.ServiceUser.Username,
- UidNumber: s.Config.ServiceUser.UID,
- GidNumber: s.Config.ServiceUser.GID,
- }
-}
-
 // ListAccounts implements the AccountsServiceHandler interface
 // the query contains account properties
 func (s Service) ListAccounts(ctx context.Context, in *accountssvc.ListAccountsRequest, out *accountssvc.ListAccountsResponse) (err error) {
@@ -145,8 +118,6 @@ func (s Service) ListAccounts(ctx context.Context, in *accountssvc.ListAccountsR
  }
  onlySelf := hasSelf && !hasManagement
 
- teardownServiceUser := s.serviceUserToIndex()
- defer teardownServiceUser()
  match, authRequest := getAuthQueryMatch(in.Query)
  if authRequest {
  password := match[2]

diff --git a/accounts/pkg/service/v0/service.go b/accounts/pkg/service/v0/service.go
@@ -86,9 +86,33 @@ func New(opts ...Option) (s *Service, err error) {
  if err = s.createDefaultGroups(cfg.DemoUsersAndGroups); err != nil {
  return nil, err
  }
+
+ s.serviceUserToIndex()
  return
 }
 
+// serviceUserToIndex temporarily adds a service user to the index, which is supposed to be removed before the lock on the handler function is released
+func (s Service) serviceUserToIndex() {
+ if s.Config.ServiceUser.Username != "" && s.Config.ServiceUser.UUID != "" {
+ _, err := s.index.Add(s.getInMemoryServiceUser())
+ if err != nil {
+ s.log.Logger.Err(err).Msg("service user was configured but failed to be added to the index")
+ }
+ }
+}
+
+func (s Service) getInMemoryServiceUser() accountsmsg.Account {
+ return accountsmsg.Account{
+ AccountEnabled: true,
+ Id: s.Config.ServiceUser.UUID,
+ PreferredName: s.Config.ServiceUser.Username,
+ OnPremisesSamAccountName: s.Config.ServiceUser.Username,
+ DisplayName: s.Config.ServiceUser.Username,
+ UidNumber: s.Config.ServiceUser.UID,
+ GidNumber: s.Config.ServiceUser.GID,
+ }
+}
+
 func (s Service) buildIndex() (*indexer.Indexer, error) {
  var indexcfg *idxcfg.Config
 

diff --git a/changelog/unreleased/store-settings-in-metadata-service.md b/changelog/unreleased/store-settings-in-metadata-service.md
@@ -0,0 +1,5 @@
+Change: settings service now stores its data via metadata service
+
+Instead of writing files to disk it will use metadata service to do so
+
+https://github.com/owncloud/ocis/pull/3232
diff --git a/ocis-pkg/roles/manager.go b/ocis-pkg/roles/manager.go
@@ -46,6 +46,7 @@ func (m *Manager) List(ctx context.Context, roleIDs []string) []*settingsmsg.Bun
  res, err := m.roleService.ListRoles(ctx, request)
  if err != nil {
  m.logger.Debug().Err(err).Msg("failed to fetch roles by roleIDs")
+ return nil
  }
  for _, role := range res.Bundles {
  m.cache.set(role.Id, role)

diff --git a/settings/pkg/config/config.go b/settings/pkg/config/config.go
@@ -19,7 +19,10 @@ type Config struct {
  HTTP HTTP `ocisConfig:"http"`
  GRPC GRPC `ocisConfig:"grpc"`
 
- DataPath string `ocisConfig:"data_path" env:"SETTINGS_DATA_PATH"`
+ StoreType string `ocisConfig:"store_type" env:"SETTINGS_STORE_TYPE"`
+ DataPath string `ocisConfig:"data_path" env:"SETTINGS_DATA_PATH"`
+ Metadata Metadata `ocisConfig:"metadata_config"`
+
  Asset Asset `ocisConfig:"asset"`
  TokenManager TokenManager `ocisConfig:"token_manager"`
 
@@ -30,3 +33,13 @@ type Config struct {
 type Asset struct {
  Path string `ocisConfig:"path" env:"SETTINGS_ASSET_PATH"`
 }
+
+// Metadata configures the metadata store to use
+type Metadata struct {
+ GatewayAddress string `ocisConfig:"gateway_addr" env:"STORAGE_GATEWAY_GRPC_ADDR"`
+ StorageAddress string `ocisConfig:"storage_addr" env:"STORAGE_GRPC_ADDR"`
+
+ ServiceUserID string `ocisConfig:"service_user_id" env:"METADATA_SERVICE_USER_UUID"`
+ ServiceUserIDP string `ocisConfig:"service_user_idp" env:"OCIS_URL;METADATA_SERVICE_USER_IDP"`
+ MachineAuthAPIKey string `ocisConfig:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"`
+}
diff --git a/settings/pkg/config/defaults/defaultconfig.go b/settings/pkg/config/defaults/defaultconfig.go
@@ -17,6 +17,7 @@ func FullDefaultConfig() *config.Config {
  return cfg
 }
 
+// DefaultConfig returns the default config
 func DefaultConfig() *config.Config {
  return &config.Config{
  Service: config.Service{
@@ -44,13 +45,22 @@ func DefaultConfig() *config.Config {
  Addr: "127.0.0.1:9191",
  Namespace: "com.owncloud.api",
  },
- DataPath: path.Join(defaults.BaseDataPath(), "settings"),
+ StoreType: "metadata", // use metadata or filesystem
+ DataPath: path.Join(defaults.BaseDataPath(), "settings"),
  Asset: config.Asset{
  Path: "",
  },
  TokenManager: config.TokenManager{
  JWTSecret: "Pive-Fumkiu4",
  },
+
+ Metadata: config.Metadata{
+ GatewayAddress: "127.0.0.1:9142",
+ StorageAddress: "127.0.0.1:9215",
+ ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
+ ServiceUserIDP: "https://localhost:9200",
+ MachineAuthAPIKey: "change-me-please",
+ },
  }
 }
 

diff --git a/settings/pkg/service/v0/service.go b/settings/pkg/service/v0/service.go
@@ -15,7 +15,8 @@ import (
  settingssvc "github.com/owncloud/ocis/protogen/gen/ocis/services/settings/v0"
  "github.com/owncloud/ocis/settings/pkg/config"
  "github.com/owncloud/ocis/settings/pkg/settings"
- store "github.com/owncloud/ocis/settings/pkg/store/filesystem"
+ filestore "github.com/owncloud/ocis/settings/pkg/store/filesystem"
+ metastore "github.com/owncloud/ocis/settings/pkg/store/metadata"
  merrors "go-micro.dev/v4/errors"
  "go-micro.dev/v4/metadata"
  "google.golang.org/protobuf/types/known/emptypb"
@@ -32,12 +33,21 @@ type Service struct {
 // NewService returns a service implementation for Service.
 func NewService(cfg *config.Config, logger log.Logger) Service {
  service := Service{
- id: "ocis-settings",
- config: cfg,
- logger: logger,
- manager: store.New(cfg),
+ id: "ocis-settings",
+ config: cfg,
+ logger: logger,
+ }
+
+ switch cfg.StoreType {
+ default:
+ fallthrough
+ case "metadata":
+ service.manager = metastore.New(cfg)
+ case "filesystem":
+ service.manager = filestore.New(cfg)
+ // TODO: if we want to further support filesystem store it should use default permissions from store/defaults/defaults.go instead using this duplicate
+ service.RegisterDefaultRoles()
  }
- service.RegisterDefaultRoles()
  return service
 }